Apache Site and Adminer Setup
second adminer.conf /var/www/adminer
on aws ec2 ubuntu
we want site open in root domain
adminer in
/adminer
### Step 1: Create Apache Configuration Files
1. **Main Site Configuration (`site.conf`)**:
– Location: `/etc/apache2/sites-available/site.conf`
– This configuration will point to `/var/www/site` and make it accessible from your root domain.
<VirtualHost *:80>
ServerName your-domain.com
DocumentRoot /var/www/site
<Directory /var/www/site>
AllowOverride All
Require all granted
</Directory>
ErrorLog ${APACHE_LOG_DIR}/site_error.log
CustomLog ${APACHE_LOG_DIR}/site_access.log combined
</VirtualHost>2. **Adminer Configuration (`adminer.conf`)**:
– Location: `/etc/apache2/sites-available/adminer.conf`
– This configuration will point to `/var/www/adminer` and make it accessible via `/adminer` on your root domain.
<VirtualHost *:80>
ServerName your-domain.com
# Main Site
DocumentRoot /var/www/site
<Directory /var/www/site>
AllowOverride All
Require all granted
</Directory>
# Adminer Configuration
Alias /adminer /var/www/adminer
<Directory /var/www/adminer>
AllowOverride All
Options Indexes FollowSymLinks
Require all granted
</Directory>
ErrorLog ${APACHE_LOG_DIR}/adminer_error.log
CustomLog ${APACHE_LOG_DIR}/adminer_access.log combined
</VirtualHost>### Step 2: Enable the Configurations
– Enable your sites:
sudo a2ensite site.conf
sudo a2ensite adminer.conf– Disable the default Apache site (if enabled):
sudo a2dissite 000-default.conf### Step 3: Enable Apache Modules
Ensure that the necessary Apache modules are enabled:
sudo a2enmod rewrite### Step 4: Restart Apache
– Restart Apache to apply your changes:
sudo systemctl restart apache2### Step 5: Update File Permissions
Ensure that your directories have the correct permissions:
sudo chown -R www-data:www-data /var/www/site
sudo chown -R www-data:www-data /var/www/adminer
sudo chmod -R 755 /var/www### Step 6: Testing
– Access your main site: `http://your-domain.com`
– Access Adminer: `http://your-domain.com/adminer`
### Step 7: Configure Firewall (if applicable)
If you have a firewall enabled, allow HTTP traffic:
sudo ufw allow 'Apache'
sudo ufw reload### Optional: SSL Configuration (Let's Encrypt)
If you want to secure your site with HTTPS, you can use Let's Encrypt:
sudo apt install certbot python3-certbot-apache
sudo certbot --apache -d your-domain.comThis setup should allow your main site to be accessed via the root domain (`http://your-domain.com`) and Adminer via the `/adminer` path (`http://your-domain.com/adminer`).
### Adminer Login Credentials
When you access Adminer (e.g., `http://your-domain.com/adminer`), you'll be prompted to enter the following information:
1. **System**: Select your database system from the dropdown (e.g., `MySQL`, `MariaDB`, `PostgreSQL`, etc.).
2. **Server**: Enter the server address (e.g., `localhost`, `127.0.0.1`, or your RDS endpoint if using AWS RDS).
3. **Username**: Your database username (e.g., `root`, `admin`, or a specific user you created).
4. **Password**: The password associated with the above username.
5. **Database** (optional): If you want to log directly into a specific database, enter its name here. Otherwise, leave it blank to list all available databases.
### Example:
If you're using MySQL or MariaDB on the same EC2 instance:
– **System**: MySQL
– **Server**: `localhost` (or `127.0.0.1`)
– **Username**: `root` (or your MySQL user)
– **Password**: The password you set for your MySQL user
– **Database**: (leave empty to see all databases)
### How to Find or Create Database Credentials
If you're unsure of your credentials, here are some steps you can take:
1. **Check Existing MySQL Users**:
sudo mysql -u root -pAfter entering the root password:
SELECT user, host FROM mysql.user;2. **Create a New Database User (Optional)**:
If you don't have a user or want to create a specific one for Adminer:
CREATE USER 'adminer_user'@'localhost' IDENTIFIED BY 'securepassword';
GRANT ALL PRIVILEGES ON *.* TO 'adminer_user'@'localhost' WITH GRANT OPTION;
FLUSH PRIVILEGES;Replace `'adminer_user'` and `'securepassword'` with your preferred username and password.
3. **Exit MySQL**:
EXIT;Now you can use the newly created credentials in Adminer.
### Note:
– Ensure that the MySQL server is running:
sudo systemctl start mysql– If you're accessing Adminer remotely, ensure that your database allows remote connections and that your AWS security group allows inbound traffic on the relevant port (e.g., 3306 for MySQL).
### Step 1: Connect to Your EC2 Instance
Use SSH to connect to your EC2 instance:
ssh -i /path/to/your-key.pem ubuntu@your-ec2-ip### Step 2: Access MySQL as the `root` User
First, check if MySQL is already installed. If not, install it:
sudo apt update
sudo apt install mysql-server -yAfter installation, MySQL typically has a `root` user with no password set, or it uses the `auth_socket` plugin. To access MySQL, run:
sudo mysql### Step 3: Set or Reset the Root Password
Once inside the MySQL prompt, you can set or reset the `root` password:
1. **For MySQL 5.7 and newer**:
ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY 'YourNewPassword';
FLUSH PRIVILEGES;2. **For MySQL 8.0 and newer**:
ALTER USER 'root'@'localhost' IDENTIFIED WITH 'caching_sha2_password' BY 'YourNewPassword';
FLUSH PRIVILEGES;3. **If `ALTER USER` fails, try using `UPDATE`**:
UPDATE mysql.user SET authentication_string = PASSWORD('YourNewPassword') WHERE User = 'root';
FLUSH PRIVILEGES;Replace `'YourNewPassword'` with your desired password.
### Step 4: Exit MySQL
EXIT;### Step 5: Test the New Root Password
mysql -u root -pEnter the new password when prompted to confirm it works.
### Step 6: Secure MySQL Installation (Optional)
It's recommended to run the `mysql_secure_installation` script to further secure your MySQL server:
sudo mysql_secure_installationYou'll be prompted to answer several security-related questions, such as:
– Set a root password? (You can skip if already set)
– Remove anonymous users? (Yes)
– Disallow root login remotely? (Yes, for better security)
– Remove test database and access to it? (Yes)
– Reload privilege tables now? (Yes)
### Step 7: Restart MySQL (if needed)
sudo systemctl restart mysql### Troubleshooting Tips
– If MySQL doesn't start, check its status:
sudo systemctl status mysql– Check MySQL logs for errors:
sudo tail -f /var/log/mysql/error.logThis setup should securely set or reset your MySQL root password on an AWS EC2 Ubuntu instance.
### Step 1: Connect to Your EC2 Instance
Use SSH to connect to your EC2 instance:
ssh -i /path/to/your-key.pem ubuntu@your-ec2-ip### Step 2: Change Ownership
It's generally a good practice to set the ownership of the `/var/www/site` directory to the Apache web server user (`www-data`), especially if you want your web server to have write access.
1. **Set Ownership to `www-data`**:
sudo chown -R www-data:www-data /var/www/site2. **Verify Ownership**:
ls -la /var/www### Step 3: Set Permissions
1. **Set Directory Permissions**:
sudo find /var/www/site -type d -exec chmod 755 {} ;This command sets the permissions of all directories to `755` (rwxr-xr-x).
2. **Set File Permissions**:
sudo find /var/www/site -type f -exec chmod 644 {} ;This command sets the permissions of all files to `644` (rw-r–r–).
### Step 4: (Optional) Allow Write Access for Apache
If you want to allow Apache (`www-data`) to write to the `/var/www/site` directory (e.g., for file uploads, cache, etc.), you can set it like this:
sudo chmod -R 775 /var/www/siteThis gives write permission to the owner and group (`www-data`), while others can only read and execute.
### Step 5: Add Your User to the `www-data` Group (Optional)
If you want your current user (e.g., `ubuntu`) to also have write access, you can add it to the `www-data` group:
sudo usermod -aG www-data ubuntuThen, log out and log back in for the changes to take effect.
### Step 6: Verify Permissions
ls -la /var/www/siteYou should see `www-data` as the owner and group, with the correct permissions set.
### Step 7: Restart Apache (if needed)
If you made changes to permissions or configurations, it’s a good idea to restart Apache:
sudo systemctl restart apache2Now, the `/var/www/site` directory should have write permissions for the Apache user, and your application should be able to read/write files as needed.
To add an exception for this directory, call:
fatal: detected dubious ownership in repository at '/var/www/shareyourthoughts'This typically happens when Git detects a mismatch between the ownership of the repository and the user running the Git command, especially when using `sudo` or when the repository is located in a directory that is owned by a different user (like `www-data` for Apache).
Git introduced this security measure to prevent possible security issues in multi-user environments. To resolve this, you have a couple of options:
### Option 1: Set `safe.directory` in Git Config
You can configure Git to mark this specific directory as safe:
git config --global --add safe.directory /var/www/shareyourthoughtsOr, if you want to set it only for the current repository:
git config --add safe.directory /var/www/shareyourthoughts### Option 2: Use `–global` to Trust All Repositories (Not Recommended)
If you frequently encounter this issue and are okay with trusting all repositories, you can disable this check globally:
git config --global safe.directory '*'**⚠️ Warning**: This is not recommended in a shared or production environment as it lowers Git's security.
### Option 3: Change Ownership of the Repository
If you want to align the ownership of the repository with the current user (e.g., `ubuntu`), you can change the ownership of the directory:
sudo chown -R ubuntu:ubuntu /var/www/shareyourthoughtsOr, if the web server needs to access it, you can use:
sudo chown -R www-data:www-data /var/www/shareyourthoughts### Option 4: Run Git Commands with `sudo`
If your repository is owned by `www-data`, you can run Git commands using `sudo`:
sudo git pullHowever, this may lead to permission issues later if you frequently switch between users. It's generally better to align ownership as shown in Option 3.
Choose the option that best fits your use case and security needs.