Ubuntu : Install Piwigo Server

Piwigo is an Open Source Photo Management Server, it allows you to self-host your very own photo management, organizing and share your photo easily on the web.

More information about Piwigo can be found at (https://piwigo.org)

Let's get started.....

1. As always, ensure that your Ubuntu Server is up-to-date.

sudo apt update && sudo apt upgrade -y

2. Next is to install the Web Server, Database Server and some utilities.

sudo apt install apache2 libapache2-mod-php mariadb-server unzip curl imagemagick -y

3. We also need to install the following dependencies.

sudo apt install php php-common php-intl php-mysql php-gd php-xml php-ldap php-zip php-mbstring php-xmlrpc php-cli php-curl -y

4. After installation completed, we need to modify the PHP Configurations.

sudo nano /etc/php/8.1/apache2/php.ini

Inside the "php.ini" configuration file, look for the following settings and modify it accordingly.

memory_limit = 256M upload_max_filesize = 200M post_max_size = 200M

5. Then restart the Apache2 Server.

sudo systemctl restart apache2

6. Now, we need to create the Database for Piwigo to work, just press [ENTER] key when prompted for password.

sudo mysql -u root -p

Follow the below to create the database.

CREATE DATABASE piwigo_db; CREATE USER 'piwigo_user'@'localhost' IDENTIFIED BY 'password'; GRANT ALL PRIVILEGES ON piwigo_db.* TO 'piwigo_user'@'localhost' IDENTIFIED BY 'password' WITH GRANT OPTION; FLUSH PRIVILEGES; QUIT;

7. Download the latest Piwigo version.

sudo curl -o piwigo.zip https://piwigo.org/download/dlcounter.php?code=latest

8, After download complete, extract the zip file to the web server.

sudo unzip piwigo.zip -d /var/www/html

9. Next is allow the appropriate credentials for the Piwigo folder.

sudo chown -R www-data:www-data /var/www/html/piwigo/

sudo chomod -R 755 /var/www/html/piwigo/

10. Next is to create the Apache configuration file.

sudo nano /etc/apache2/sites-available/piwigo.conf

Create the configuration file as per below.

<VirtualHost *:80>    ServerAdmin webmaster@localhost    ServerName piwigo.localhost    DocumentRoot /var/www/html/piwigo    ErrorLog ${APACHE_LOG_DIR}/error.log    CustomLog ${APACHE_LOG_DIR}/access.log combined    <Directory /var/www/html/piwigo/>        Options FollowSymlinks        AllowOverride All        Require all granted    <\Directory> <\VirtualHost>

11. Then we need to enable the newly created site.

sudo a2ensite piwigo.conf

12. We also need to enable Apache module as below.

sudo a2enmod rewrite

13. Finally we need to restart Apache Server.

sudo systemctl restart apache2

14. Once done, open any preferred browser and browse to Piwigo site.

http://[IP Address]/piwigo

15. You will need to perform initial configurations of piwigo, enter all the relevant information as required. This includes the Database Name and Credentials, also you will need to create an administrator user (to manage the Piwigo) which are not "Root".

16. Once everything are successfully configured, you will be able to login to the Piwigo site and you can start to create your first album and start uploading photos.

Note : It is recommended to install a Plugin called "Community" which allows your "Users" to create their own albums and upload photos.

!!! HAPPY COMPUTING !!!

ProjectSend : Self-Hosted Large File Sharing Server

Most companies now days needs a way to share large file(s), whether the intended recipient is a Customer, Supplier or among the Employees itself.

Most have known that there is a limitation on Email's attachment, the file size solely depends on which Email Provider you are using. The most common would be Microsoft Exchange, Exchange Online, Microsoft 365, Google Enterprise (aka Workspace) and many more. All these services have a limitation of email attachment, for example; Exchange Online have a limit of a maximum of 150MB size only.

What if you wanted to send larger file size, let's say an AutoCAD or Photoshop file ? These file can be very large depending on the contents.

While there are so called "FREE" large file sharing services available, but these services also have some limitations. These includes the lacks of tracking, security and reporting, some may also needs you to register for an account before using.

Do you really trust them with your information ??? 😏

Furthermore there is also limit on the storage of how many file(s) or folder(s) you wanted to share and for how long you can to keep it.

Thus it make sense that we need to self-host a file sharing server with the following conditions :-

• The sharing have custom expiry date.
• Only intended recipient(s) able to download or access it.
• Able to notify the recipient(s) via email.
• Able to track how many times the file(s) was downloaded.
• Able to track who is the sharer or uploader.
• And lastly, the ability to have logs for auditing purposes.

So, today I will be showing you the installation of yet another Open Source Software, called ProjectSend. If you find this software useful, please donate to them. Your donation will ensure they are able to continue to develop the software.

Let's start ...

1. As always, ensure you have Ubuntu Server v.22.04.3 installed and updated.

sudo apt update && sudo apt upgrade -y

2. Next is to install a Web Server and a Database Server.

sudo apt install apache2 mariadb-server -y

3. We also need to install other pre-requisites.

sudo apt install imagemagick php libapache2-mod-php php-imagick php-common php-mysql php-gd php-json php-curl php-zip php-xml php-mbstring php-bz2 php-intl php-bcmath php-gmp unzip -y

4. Next is to modify the PHP configuration.

sudo nano /etc/php/8.1/apache2/php.ini

Modify the following accordingly, as per your needs in "RED" text below.

memory_limit = 512M upload_max_filesize = 10240M max_execution_time = 600 post_max_size = 512M date.timezone = Asia/Kuala_Lumpur

5. Now we need to secure our database server first.

sudo mysql_secure_installation

You will be prompted with the following questions, please answer as per your needs in "RED" text below.

Enter current password for root (enter for none): [PRESS ENTER] Set root password? [Y/n]: Y New password: [Key-In Password] Re-enter new password: [Repeat password] Remove anonymous users? [Y/n]: Y Disallow root login remotely? [Y/n]: Y Remove test database and access to it? [Y/n]: Y Reload privilege tables now? [Y/n]: Y

6. Then we can create the database for this software.

sudo mysql -u root -p

You will be prompted to login, type-in the password you have created earlier. And follow the below commands to continue. You may replace the "RED" text as you deemed fits.

CREATE DATABASE projectsend; CREATE USER 'projectsenduser'@'localhost' IDENTIFIED BY 'password'; GRANT ALL PRIVILEGES ON projectsend.* TO projectsenduser@localhost; FLUSH PRIVILEGES; QUIT;

7. Now, we need to download the latest ProjectSend file, as at time of writing the latest version was located in sub-folder "614", as such the newer version may have new sub-folder. Always check their website for the latest version and requirements.

sudo wget -O projectsend.zip https://www.projectsend.org/download/614/

8. Once download completed, unpack the file accordingly.

sudo unzip projectsend.zip -d /var/www/html/projectsend

9. Next is make a backup copy of ProjectSend's configuration file.

cd /var/www/html/projectsend/includes/

sudo cp sys.config.sample.php sys.config.php

10. Modify the configuration file accordingly, replace "RED" text according to you database created earlier.

define('DB_DRIVER', 'mysql'); /** Database name */ define('DB_NAME', 'projectsend'); /** Database host (in most cases it's localhost) */ define('DB_HOST', 'localhost'); /** Database username (must be assigned to the database) */ define('DB_USER', 'projectsenduser'); /** Database password */ define('DB_PASSWORD', 'password'); /** Define a maximum size (in mb.) that is allowed on each file to be uploaded. define('MAX_FILESIZE',1024);

11. Assign to correct permissions accordingly.

sudo chown -R www-data:www-data /var/www/html/projectsend

sudo chmod -R 775 /var/www/html/projectsend

sudo chmod 644 /var/www/html/projectsend/includes/sys.config.php

12. Now we need to create configurations for Apache2.

sudo nano /etc/apache2/sites-available/projectsend.conf

Modify the configurations accordingly as per "RED" text below.

<VirtualHost *:80>     ServerAdmin webmaster@localhost     ServerName projectsend.demo.com.my     ServerAlias www.projectsend.demo.com.my     DocumentRoot /var/www/html/projectsend/     ErrorLog ${APACHE_LOG_DIR}/error.log     CustomLog ${APACHE_LOG_DIR}/access.log combined     <Directory /var/www/html/projectsend/>         Options FollowSymLinks         AllowOverride All         Order allow,deny         Allow from all     </Directory> </VirtualHost>

13. Next is to enable Apache2's Rewrite module.

sudo a2enmod rewrite

14. Now we need to enable the new projectsend site.

sudo a2ensite projectsend.conf

15. Restart Apache2 server.

sudo systemctl restart apache2

16. On another computer, open any preferred browser (eg. Google Chrome) and browse to the following URL.

http://projectsend.demo.com.my

OR

http://[IP Address]

You will now be automatically prompted to create the "Administrator" credentials, proceed to key-in your preferred administrator's name and password accordingly. Click on the "INSTALL" button when done.

This may take a while, depending on your server's hardware specifications.

17. Since this server will be access from the Internet, it is recommended to secure the server. You might also want to consider installing "Fail2Ban" for extra security measures.

sudo ufw enable

sudo ufw allow http

sudo ufw allow https

18. Now we need to install Let's Encrypt certificate to make it more secure.

sudo apt install certbot python3-certbot-apache -y

sudo certbot --apache

You will be prompted for some information and selections, for SSL to works you need a valid email address. Also ensure that your Firewall or Router's Port Forwarding is configured correctly. The required port is 80 (HTTP) and 443 (HTTPS).

Enter email address (used for urgent renewal and security notices)   (Enter 'c' to cancel): [Your Email Address]

Please read the Terms of Service at https://letsencrypt.org/LE-SA-v1.3-September-21-2022.pdf. You must agree in order to register with ACME server. Do you agree? (Y)es/(N)0: Y

Would you be willing, once your first certificate is successfully issued, to share your email address with the Electronic Frontier Foundation, a founding partner of the Let's Encrypt project and the non-profit organization that develops Certbot ? We'd like to send you email about our work encrypting the web, EFF news, campaigns, and ways to support freedom. (Y)es/(N)o: N

When prompted for domain selection, you can select according to your needs. In this case I would select all domains by just pressing [ENTER] key to leave it blank.

Which names would you like to activate for HTTPS for? ---------------------------------------------------------------------------------------------------------------- 1: projectsend.demo.com.my 2: www.projectsend.demo.com.my ---------------------------------------------------------------------------------------------------------------- Select the appropriate numbers separated by commas and/or spaces, or leave input blank to select all options shown (Enter 'c' to cancel): [Press Enter]

19. Finally, another restart of Apache2 server and your ProjectSend site is now with SSL.

sudo systemctl restart apache2

Edit : 18-Nov-2024, Uploaded Youtube Video.

!!! HAPPY COMPUTING !!!

Ubuntu : Apache 2 WebDAV with Directory List

At times, we need to serve some sort of file sharing over the Internet but instead of just grant the access anonymously, we need also to control who can access it. And also some SSL encryptions along the way.

The instructions herein are based on Ubuntu Server v.22.04.3 system, a TrueNAS Scale and all in the same VLAN.

The TrueNAS Scale server already have Samba Service (SMB) enabled with all the necessary credentials and folders permissions created.

1. As always, ensure the Ubuntu repositories are up-to-date. If there are "Kernel" update, a system restart is required.

sudo apt update && sudo apt upgrade -y

2. Next is to install Apache2 server.

sudo apt install apache2 -y

3. Now we need to create a folder to hold the website. Replace "demo.com.my" with your domain name. You can also a Dynamic DNS, ensure the DDNS is updated.

sudo mkdir /var/www/demo.com.my

4. Next is to assign the proper ownership and access to the new folder. Replaced the text in "Red" accordingly.

sudo chown -R $USER:$USER /var/www/demo.com.my

sudo chmod -R 755 /var/www/demo.com.my

5. For testing purposes, we need to create a temporary "index.html" file so that we can be sure the website is working as expected. Replaced the text in "Red" accordingly.

sudo nano /var/www/demo.com.my/index.html

6. Type-in the following scripts.

<html>     <head>         <title>WELCOME TO MY WEBSITE</title>     </head>     <body>         <h1>MY WEBSITE IS WORKING !</h1>     </body> </html>

7. Next is to create apache's configuration file that correspond to the website. Replaced the text in "Red" accordingly.

sudo nano /etc/apache2/sites-available/demo.com.my.conf

8. Type-in the following configuration scripts. Replace text in "Red" accordingly.

<VirtualHost *:80>     ServerAdmin webmaster@localhost     ServerName demo.com.my     ServerAlias www.demo.com.my     DocumentRoot /var/www/demo.com.my     ErrorLog ${APACHE_LOG_DIR}/error.log     CustomLog ${APACHE_LOG_DIR}/access.log combined </VirtualHost>

9. Then we need to enable the new site. Replaced the text in "Red" accordingly.

sudo a2ensite demo.com.my.conf

10. Next is to disabled the "Default" site.

sudo a2dissite 000-default.conf

11. To ensure the configuration file is error free, perform a simple test. The result of the test return back should have "Syntax OK" displayed on the screen.

sudo apache2ctl configtest

12. Now, restart apache2 services.

sudo systemctl restart apache2

13. Next is to test whether the apache server is running correctly or not, open any preferred browser and browse to the URL. You will see the simple text word created earlier in the "index.html" file. Replaced the text in "Red" accordingly.

http://demo.com.my

In case, that the DNS is not up-to-date; you can use IP Address instead. Replaced the text in "Red" accordingly.

http://[IP Address]

13. In order for the server to access the TrueNAS Scale's SMB service, we need to install CIFS Utility.

sudo apt install cifs-utils -y

14. After installation complete, we now need to create a "Mount Point" or folder in the server first. Replaced the text in "Red" accordingly.

sudo mkdir /mnt/samba_share

15. Now, assuming that my TrueNAS Scale's IP Address is "192.168.0.2", where the intended share folder name is "Public", we need to manually mount the share to our local mount point. Replaced the text in "Red" accordingly.

sudo mount -t cifs //192.168.0.2/public -o username=demo_user /mnt/samba_share

You will be prompted for the password, type-in the password that corresponds to the credentials in TrueNAS Scale.

16. Next is to enabled the "WebDAV" module in Apache2 and restart the service.

sudo a2enmod dav

sudo a2enmod dav_fs

sudo systemctl restart apache2

17. Grant the proper access permissions for apache to that folder. Replaced the text in "Red" accordingly.

sudo chown www-data:www-data /mnt/samba_share

18. We need to create a folder location to store WedDAV's database file for storing username and password that have access to the webdav services.

sudo mkdir -p /usr/local/apache/var

19. Now, we need to modify the configuration of the website to work with webdav. Replaced the text in "Red" accordingly.

DavLockDB /usr/local/apache/var/DavLock <VirtualHost *:80>     ServerAdmin webmaster@localhost     ServerName demo.com.my     ServerAlias www.demo.com.my     DocumentRoot /var/www/demo.com.my     ErrorLog ${APACHE_LOG_DIR}/error.log     CustomLog ${APACHE_LOG_DIR}/access.log combined     Alias /samba_share /mnt/samba_share     <Directory /mnt/samba_share>         Options Indexes         DAV ON         AuthType Digest         AuthName "webdav"         AuthUserFile /usr/local/apache/var/users.password         Require valid-user     </Directory> </VirtualHost>

20. Verify the configurations and restart apache2 service.

sudo apache2ctl configtest

sudo systemctl restart apache2

21. Next is to create the WebDAV's database file for storing the username and password, the password is encrypted in the file.

sudo touch /usr/local/apache/var/users.password

22. Assign the proper ownership to the file.

sudo chown www-data:www-data /usr/local/apache/var/users.password

23. Next is to create the first user into the database. Replaced the text in "Red" accordingly

sudo htdigest -c /usr/local/apache/var/users.password webdav demo_user

Note :

(1) "webdav"     = Realm

You will be prompted to key-in a password for this username and re-confirm the password again. Ensure that both password matches exactly the same.

24. Now, we need to enable the Authentication Digest module in apache and restart the service.

sudo a2enmod auth_digest

sudo systemctl restart apache2

25. Once all done, we can test whether the WebDAV services is configured directly or not. Open any preferred browser and type-in the following URL. Replaced the text in "Red" accordingly

http://demo.com.my/samba_share

You should be prompted for a username and password, key-in the credentials we have created earlier for WebDAV services.

26. You might also want to configure the auto-mount for the samba services, after every-time the server restart. This step is OPTIONAL.

sudo nano /etc/fstab

Type-in the following configurations. Replaced the text in "Red" accordingly

//192.168.0.1/public /mnt/samba_share cifs username=demo_user,password=demo123 0 0

27. If you want to allow access from External Internet, it is advised to have SSL Certificate (Let's Encrypt) installed. Also ensure that your "Router" or "Firewall" have the appropriate port "Whitelisted" or enabled "Port Forwarding" accordingly. (eg. 443/TCP)

sudo apt install certbot python3-certbot-apache -y

28. Now request for a new SSL Certificate from Let's Encrypt.

sudo certbot --apache

29. You will be prompted for an email address, please ensure the email address you type-in is "VALID", this is to ensure you will receive email notification about the renewal of the SSL Certificate.

Also you must agreed to Let's Encrypt's Terms and Conditions of use, type-in "Y" to accept it.

You can also opt-in to their newsletter and marketing materials, but as this is a demo I have chosen "N" for this tutorials.

30. Next, you will prompted to select which domain you want to have the SSL certificate installed, in this case I will just select "demo.com.my" domain, but you can also do the same steps for "www.demo.com.my" too.

31. Once everything is completed, we need to restart apache2 services again.

sudo systemctl restart apache2

32. Now we can test the new SSL certificate, open your preferred browser and type-in the following URL. Take note now we are using "HTTPS" instead. Replaced the text in "Red" accordingly

https://demo.com.my/samba_share

And as expected, you should be prompted for a username and password to access the content.

!!! HAPPY COMPUTING !!!

Ubuntu : Add/Change Apache 2 Ports

Add or Change Apache 2 server ports in Ubuntu.

1. sudo nano /etc/apache2/sites-enabled/intranet.gob.com.my.conf

2. Add line --> <VirtualHost *:80 *:8888>

3. sudo nano /etc/apache2/ports.conf

4. Add line --> Listen 80

                         Listen 8888

5. sudo systemctl restart apache2

!!! HAPPY COMPUTING !!!

Ubuntu : Install Let's Encrypt SSL in Apache 2

Install Let's Encrypt SSL Certificate in Apache 2 Server.

1. sudo apt install certbot python3-certbot-apache
2. sudo certbot --apache
3. Type-in a valid email address.
4. Terms and Conditions, type --> Y
5. Marketing, type --> N
6. Select domain.

Test Certbot Auto Renewal

1. sudo certbot renew --dry-run

Check Certbot Auto Renewal Status

1. sudo systemctl status certbot.timer

!!! HAPPY COMPUTING !!!

Ubuntu : Apache2's Module - WebDAV

WebDAV (Web Distributed Authoring and Versioning) is a set of extensions to the HTTP (HyperText Transfer Protocol) which allows Users to collaboratively author contents directly in HTTP web server by providing facilities for concurrency control and namespace operations.

In this tutorial, we will focus on the Installation and Configuration of WebDAV via Ubuntu Server v.22.04.2 and Apache2 Web Server.

For more information on How-To install Ubuntu Server, please refer here (https://danielcheah.blogspot.com/2023/03/linux-install-ubuntu-server-v22041.html)

For more information on How-To install Apache2 Server, please refer here (https://danielcheah.blogspot.com/search/label/Apache)

1) Enabled Apache2's WebDAV module:

sudo a2enmod dav

sudo a2enmod dav_fs

2) Restart Apache2 service:

sudo systemctl restart apache2

3) Create a new folder in Apache2:

sudo mkdir /var/www/webdav

4) Change ownership for that new folder:

sudo chown www-data:www-data /var/www/webdav

5) Create another new folder to store the WebDAV's DB file and change the ownership:

sudo mkdir -p /usr/local/apache/var

sudo chown www-data:www-data /usr/local/apache/var

6) Modify the Virtual Host file for the domain (eg. demo.gob.com.my):

sudo nano /etc/apache2/sites-enabled/demo.gob.com.my.conf

* The file name depends on your domain name created during installation of Apache2.

7) Add the following content into the Virtual Host file as below, as per in "RED" text:

DavLockDB /usr/local/apache/var/DavLock <VirtualHost *:80>     ServerAdmin demo@localhost     ServerName demo.gob.com.my     ServerAlias www.demo.gob.com.my     DocumentRoot /var/www/demo.gob.com.my     ErrorLog ${APACHE_LOG_DIR}/error.log     CustomLog ${APACHE_LOG_DIR}/access.log combined     Alias /webdav /var/www/webdav     <Directory /var/www/webdav>         DAV ON         AuthType Digest         AuthName "webdav"         AuthUserFile /usr/local/apache/var/users.password         Require valid-user     </Directory> </VirtualHost>

8) Check the Apache2 configuration and restart the service:

sudo apache2 configtest

sudo systemctl restart apache2

9) Now we need to create a file to store all Username and change the ownership of the file:

sudo touch /usr/local/apache/var/users.password

sudo chown www-data:www-data /usr/local/apache/var/users.password

10) Create the first Username and its corresponding password:

sudo htdigest -c /usr/local/apache/var/users.password webdav demo

* webdav --> Realm

* demo --> Username

* It will automatically prompt you to key-in the password for the new user.

11) Enable Apache2's Digest Authentication module:

sudo a2enmod auth_digest

12) Restart Apache2 service:

sudo systemctl restart apache2

13) Now create a dummy file for testing purposes and assign the appropriate ownership:

sudo nano /var/www/webdav/testfile.txt

* Type some text into that file.

sudo chown www-data:www-data /var/www/webdav/testfile.txt

14) To verify the connection, open any inter browser (eg. Google Chrome) and browse to (eg. http://demo.gob.com.my/webdav)

You should be prompted with a username and password, continue to key-in the username (eg. demo) and the password.

Upon successful login, you will able to view the dummy file created earlier and able to download/access the file accordingly as per below screenshot.

15) You can also map a network drive by using the same URL / Path and with the same username and password.

!!! HAPPY COMPUTING !!!

Apache 2 Server : Installation in Ubuntu Server v.22.04.2

 Apache 2 Server Installation in Ubuntu Server v.22.04.2

1. Ensure Ubuntu repository is up-to-date.

sudo apt update && sudo apt upgrade -y

 

2. Install Apache 2 server.

sudo apt install apache2 -y

 

3. Double check UFW settings and configure to allow. Below is to list all "Allow" apps:-

sudo ufw app list

 This is to show UFW status.

sudo ufw status

 This command is to add "Apache2" into allow list

sudo ufw allow ‘Apache’

 

4. Create a virtual directory for Apache 2 server. Replace [Domain Name] with your actual domain name (eg. intranet.company.com)

sudo mkdir /var/www/[Domain Name]

 

5. Change the ownership of that folder.

sudo chown -R $USER:$USER /var/www/[Domain Name]

 

6. Change the mode of that folder.

sudo chmod -R 755 /var/www/[Domain Name]

 

7. Now create a temporary "index.html" file for testing of the new virtual directory.

sudo nano /var/www/[Domain Name]/index.html

 Copy the below code as an example then Save and Exit.

<html>     <head>         <title>WELCOME TO [DOMAIN NAME] !</title>     </head>     <body>         <h1>SUCCESS ! THE [DOMAIN NAME] VIRTUAL HOST IS WORKING !</h1>     </body> </html>

 

8. Create a configuration for your virtual host.

sudo nano /etc/apache2/sites-available/[Domain Name].conf

 Copy the following code and then Save and Exit.

<VirtualHost *:80>     ServerAdmin webmaster@localhost     ServerName [Domain Name]     ServerAlias www. [Domain Name]     DocumentRoot /var/www/[Domain Name]     ErrorLog ${APACHE_LOG_DIR}/error.log     CustomLog ${APACHE_LOG_DIR}/access.log combined </VirtualHost>

 

9. Enable the newly created site.

sudo a2ensite [Domain Name].conf

 

10. Disable the "Default" site.

sudo a2dissite 000-default.conf

 

11. Now test the configuration of the new site.

sudo apache2ctl configtest

 It should return --> "Syntax OK" message.

12. Restart the Apache service to take effect.

sudo systemctl restart apache2

 

13. Now open any browser and browse to the new site (eg. http://[Domain Name])

Edit: Added video for easy references.

!!! HAPPY COMPUTING !!!