EC2 Setup: Apache, PHP 8.2, Node.js Guide
Embarking on a new web project often begins with setting up a robust server environment. For EduSense, this involves configuring an Amazon EC2 instance to host a Laravel 12 backend API and a React frontend. This comprehensive guide outlines the steps to install and configure Apache, PHP 8.2, Node.js, and other essential components, ensuring a smooth deployment process. Let's dive into the details and get your server ready for action!
Objectives: Laying the Foundation for Success
Before we begin, it's important to understand the key objectives. Our goal is to create a secure, efficient, and well-organized server environment. This involves several crucial steps, each designed to contribute to the overall stability and performance of the EduSense application.
Firstly, we must update the operating system and install security updates. This is a fundamental step in securing your server against potential threats. Keeping your system up-to-date ensures that you have the latest security patches and bug fixes, reducing the risk of vulnerabilities. This process typically involves running commands specific to your Linux distribution, such as sudo apt update and sudo apt upgrade on Ubuntu.
Next, we will install and configure the Apache 2.4 web server. Apache is a widely used, powerful web server that will handle incoming HTTP requests and serve your application's content. The configuration process involves setting up virtual hosts, which allow you to host multiple websites on a single server. You'll also need to configure Apache to work seamlessly with PHP and Node.js.
Installing PHP 8.2 with the required extensions is another critical step. PHP is the backbone of the Laravel backend, and specific extensions are needed for various functionalities. These extensions include mysql for database interactions, mbstring for handling multi-byte strings, xml for XML processing, bcmath for arbitrary precision mathematics, curl for making HTTP requests, zip for handling ZIP archives, gd for image manipulation, and intl for internationalization. Each extension plays a vital role in the application's performance and functionality. Ensuring these extensions are correctly installed and configured is crucial for a smooth-running backend.
Composer, the dependency manager for PHP, will be installed globally. Composer simplifies the process of managing project dependencies, ensuring that all required libraries and packages are installed and updated correctly. This is particularly important for Laravel projects, which rely on a variety of third-party packages. By installing Composer globally, you can easily manage dependencies for any PHP project on your server.
For the frontend, we need to install Node.js 20 LTS. Node.js is a JavaScript runtime environment that allows you to run JavaScript code on the server. It's essential for building and serving the React frontend. The LTS (Long Term Support) version ensures that you have a stable and well-supported environment for your application. Node.js also comes with npm (Node Package Manager), which is used to manage JavaScript packages and libraries.
Enabling required Apache modules, such as rewrite, ssl, headers, and proxy, is vital for the proper functioning of the application. The rewrite module allows you to create user-friendly URLs, ssl enables secure HTTPS connections, headers allows you to control HTTP headers, and proxy enables Apache to act as a reverse proxy, forwarding requests to the backend server. These modules enhance the performance, security, and functionality of your web server.
We will also create a directory structure for /var/www/edusense, separating the frontend and backend code. This organizational structure helps maintain a clean and manageable codebase. Typically, you'll have separate directories for the frontend (React) and backend (Laravel) applications within the /var/www/edusense directory. This separation simplifies deployment, maintenance, and updates.
Installing Git is crucial for version control. Git allows you to track changes to your code, collaborate with other developers, and easily revert to previous versions if needed. It's an indispensable tool for modern software development. By installing Git on your server, you can easily deploy updates from your Git repository to your EC2 instance.
Setting correct permissions for application directories is essential for security. Incorrect permissions can lead to vulnerabilities and unauthorized access to your application's files. You'll need to ensure that the web server user (usually www-data or apache) has the necessary permissions to read and write files in the application directories, while also restricting access from other users. This can be achieved using the chown and chmod commands.
Finally, we will configure the firewall (UFW) for ports 80, 443, and 22. A firewall acts as a barrier between your server and the outside world, preventing unauthorized access. Ports 80 (HTTP) and 443 (HTTPS) are essential for web traffic, while port 22 (SSH) is used for remote access. By configuring UFW, you can ensure that only necessary traffic is allowed to your server, enhancing its security.
Initial Server Setup Script (/home/ubuntu/apache-setup.sh)
This script forms the core of our server setup process. It automates the installation and configuration of Apache, PHP, Node.js, and other essential components. Let's break down the key sections of this script.
System Updates and Security
The script begins by updating the package lists and upgrading existing packages. This ensures that our system has the latest security patches and bug fixes. These commands are crucial for maintaining a secure and stable server environment.
sudo apt update
sudo apt upgrade -y
The -y flag automatically answers "yes" to any prompts, allowing the script to run non-interactively. This is essential for automation.
Apache Installation and Configuration
Next, we install Apache and configure it to work with our application. This involves installing the Apache package, enabling necessary modules, and setting up virtual hosts.
sudo apt install apache2 -y
We enable modules like rewrite, ssl, headers, and proxy to support various functionalities, such as URL rewriting, HTTPS connections, and reverse proxying.
sudo a2enmod rewrite ssl headers proxy
PHP 8.2 Installation and Extensions
PHP 8.2 is installed along with essential extensions. This step ensures that our Laravel application has the necessary components to run efficiently.
sudo apt install php8.2 libapache2-mod-php8.2 php8.2-cli php8.2-mysql php8.2-mbstring php8.2-xml php8.2-bcmath php8.2-curl php8.2-zip php8.2-gd php8.2-intl -y
The extensions included are mysql, mbstring, xml, bcmath, curl, zip, gd, and intl, each serving a specific purpose in our application.
Composer Installation
Composer, the PHP dependency manager, is installed globally. This allows us to easily manage project dependencies.
curl -sS https://getcomposer.org/installer | sudo php -- --install-dir=/usr/local/bin --filename=composer
This command downloads the Composer installer and moves the executable to /usr/local/bin, making it accessible globally.
Node.js Installation
Node.js 20 LTS is installed for building the React frontend. This ensures that we have a stable and supported environment for our JavaScript code.
curl -fsSL https://deb.nodesource.com/setup_20.x | sudo -E bash -
sudo apt-get install -y nodejs
These commands add the NodeSource repository to our system and install Node.js along with npm.
Directory Structure Setup
We create the directory structure for /var/www/edusense, separating the frontend and backend code. This helps maintain a clean and organized project.
sudo mkdir -p /var/www/edusense/backend
sudo mkdir -p /var/www/edusense/frontend
Git Installation
Git is installed for version control. This allows us to track changes to our code and collaborate with others.
sudo apt install git -y
Correct Permissions
Setting correct permissions for application directories is crucial for security. We ensure that the web server user has the necessary permissions while restricting access from others.
sudo chown -R www-data:www-data /var/www/edusense
sudo chmod -R 755 /var/www/edusense
Enabling Apache Virtual Hosts (/home/ubuntu/enable-sites.sh)
This script simplifies the process of enabling Apache virtual hosts. Virtual hosts allow you to host multiple websites on a single server.
Script Structure
The script takes the site name as an argument and creates symbolic links in the sites-enabled directory.
#!/bin/bash
SITE_NAME=$1
if [ -z "$SITE_NAME" ]; then
echo "Usage: $0 <site_name>"
exit 1
fi
sudo a2ensite $SITE_NAME
sudo systemctl restart apache2
echo "Site $SITE_NAME enabled."
Usage
To enable a site, you would run the script with the site name as an argument:
sudo /home/ubuntu/enable-sites.sh edusense
This command enables the edusense virtual host and restarts Apache to apply the changes.
Firewall Configuration (/home/ubuntu/setup-firewall.sh)
Configuring the firewall is essential for securing your server. This script sets up UFW to allow traffic on ports 80, 443, and 22.
Script Structure
The script first enables UFW, then allows traffic on the necessary ports, and finally enables the firewall.
#!/bin/bash
sudo ufw allow OpenSSH
sudo ufw allow 'Apache Full'
sudo ufw enable
echo "Firewall configured."
Explanation
sudo ufw allow OpenSSH: Allows SSH traffic on port 22.sudo ufw allow 'Apache Full': Allows HTTP and HTTPS traffic on ports 80 and 443.sudo ufw enable: Enables the firewall.
File Permissions Script (/home/ubuntu/fix-permissions.sh)
This script ensures that the correct permissions are set for the application directories. This is crucial for both security and functionality.
Script Structure
The script sets the ownership of the directories to the web server user and sets the appropriate permissions.
#!/bin/bash
sudo chown -R www-data:www-data /var/www/edusense
sudo chmod -R 755 /var/www/edusense
echo "Permissions fixed."
Explanation
sudo chown -R www-data:www-data /var/www/edusense: Sets the owner and group of the/var/www/edusensedirectory and its contents towww-data.sudo chmod -R 755 /var/www/edusense: Sets the permissions to 755, allowing the owner to read, write, and execute, and others to read and execute.
Acceptance Criteria: Ensuring Success
To ensure that our setup is successful, we need to verify that all components are installed and configured correctly. The acceptance criteria include:
- EC2 instance, Apache, PHP, Composer, Node.js, and Git are installed and verified: We can verify this by checking the versions of each component using the command line. For example,
apache2 -v,php -v,composer -V,node -v, andgit --version. - Directory structure is prepared and permissions are correct: We can verify this by listing the contents of the
/var/www/edusensedirectory and checking the permissions usingls -l /var/www/edusense. - Apache modules are enabled: We can verify this by checking the Apache configuration using
apache2ctl -M. - Firewall allows traffic to required ports: We can verify this by checking the UFW status using
sudo ufw status. - Setup scripts are written in UK English and commented clearly: This ensures that the scripts are easy to understand and maintain.
By meeting these acceptance criteria, we can be confident that our server is properly set up for the EduSense application.
Conclusion
Setting up an EC2 server with Apache, PHP 8.2, and Node.js is a multifaceted process. By following this guide, you can ensure that your server is properly configured to support your Laravel 12 backend API and React frontend. Each step, from updating the OS to configuring the firewall, contributes to a secure and efficient server environment. Remember to document your setup process clearly, making it easier to maintain and troubleshoot your server in the future. With a solid foundation, you're well-prepared to deploy and run your EduSense application successfully. For more information on server security best practices, visit OWASP.
