Installing the Webserver, Webhosting and ViMP on Ubuntu 20.04

In this article we will install all server software (NGINX, MySQL, php7, php-cli, postfix etc.) for ViMP and configure the web hosting.

First we install some basic packages. Already existing packages will be updated or remain untouched:

apt update
apt install nginx mysql-server php-fpm php-mysql php7.4 php7.4-gd php7.4-cli php7.4-xsl php7.4-curl php7.4-json php7.4-mbstring php7.4-zip php7.4-xmlrpc php-imagick libimage-exiftool-perl ffmpeg nano openssl time

As MTA (Mail Transport Agent) we use postfix. Other MTAs like Sendmail and Exim can of course also be used. Make sure here that the MTA is configured so that PHP can send emails.

apt update
apt install postfix

NGINX Configuration:

We create our own server block for ViMP (similar to virtual host in Apache).

nano /etc/nginx/sites-available/vimp

And paste the following ViMP configuration (please correct the paths for root and the logs according to your configuration and enter the correct server name):

server {
  rewrite_log off;
 
  listen 80;
  listen [::]:80 ipv6only=on;

  # replace /var/www/vimp/ with your actual ViMP installation folder path in the following line
  root /var/www/vimp/web;

  # replace your_servername with your actual server name in the following line
  server_name your_servername;

  # replace /var/www/vimp/ with your actual ViMP installation folder path in the following lines
  access_log /var/www/logs/vimp_nginx_access.log;
  error_log /var/www/logs/vimp_nginx_error.log warn;

  index index.php frontend.php webtv.php backend.php frontend_dev.php webtv_dev.php backend_dev.php index.html;

  charset utf-8;
  server_tokens off;

  client_max_body_size 500M;

  # Disable access log for favicon.ico
  location = /favicon.ico {
    log_not_found off;
    access_log off;
  }

  # Disable access log for robots.txt
  location = /robots.txt {
    allow all;
    log_not_found off;
    access_log off;
  }

  # Prevent access to files/folders which starts with a dot
  location ~ /\. {
    deny all;
    access_log off;
    log_not_found off;
  }

  # Directive for dynamic JS files which are processed by PHP
  location ~ ^/(.+)\.js\.php(/|$) {
    error_page 417 = @appwebtv;
    error_page 418 = @appfrontend;
    error_page 419 = @appbackend;
    if ( $query_string ~ "app=webtv" ) { return 417; }
    if ( $query_string ~ "app=frontend" ) { return 418; }
    if ( $query_string ~ "app=backend" ) { return 419; }
  }

  # Directive for dynamic JS files which are processed by PHP
  location @appfrontend {
    index index.php;
    #include snippets/fastcgi-php.conf;
    fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
    #fastcgi_pass 127.0.0.1:9000;
    fastcgi_split_path_info ^(.+\.php)(/.*)$;
    include fastcgi_params;
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    fastcgi_param HTTPS off;
    try_files $uri $uri/ /index.php;
  }

  # Directive for dynamic JS files which are processed by PHP
  location @appwebtv {
    index webtv.php;
    #include snippets/fastcgi-php.conf;
    fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
    #fastcgi_pass 127.0.0.1:9000;
    fastcgi_split_path_info ^(.+\.php)(/.*)$;
    include fastcgi_params;
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    fastcgi_param HTTPS on;
    try_files $uri $uri/ /webtv.php;
  }

  # Directive for dynamic JS files which are processed by PHP
  location @appbackend {
    index backend.php;
    #include snippets/fastcgi-php.conf;
    fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
    #fastcgi_pass 127.0.0.1:9000;
    fastcgi_split_path_info ^(.+\.php)(/.*)$;
    include fastcgi_params;
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    fastcgi_param HTTPS off;
    try_files $uri $uri/ /backend.php;
  }

  # All front controllers for symfony
  location ~ ^/(index|frontend_dev|frontend_cache|backend|backend_dev|backend_cache|getMedia|health|webtv|webtv_dev|webtv_cache)\.php(/|$) {
    #include snippets/fastcgi-php.conf;
    fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
    #fastcgi_pass 127.0.0.1:9000;
    fastcgi_split_path_info ^(.+\.php)(/.*)$;
    include fastcgi_params;
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    fastcgi_param HTTPS off;
  }

  # Try to serve file directly, fallback to rewrite to default frontend controller
  location / {
    index index.php;
    try_files $uri $uri/ @rewriteapp;
  }

  # Rewrite fallback to index.php
  location @rewriteapp {
    rewrite ^(.*)$ /index.php$1 last;
  }
}

Now we activate the configuration by creating the following shortcut:

ln -s /etc/nginx/sites-available/vimp /etc/nginx/sites-enabled/

Test it briefly:

nginx -t

And restart NGINX, if everything is ok:

service nginx restart

Configure PHP

There are two php.ini files that are interesting for us. One is for the FPM PHP module, the other for the PHP CLI (CLI=Command Line Interface).

We first edit the php.ini for the FPM module:

nano /etc/php/7.4/fpm/php.ini

and adjust the following lines:

upload_max_filesize = 4096M
post_max_size = 4096M
register_argc_argv On
memory_limit = 1024M
max_execution_time = 60
max_input_time = 120

Then save the file and restart NGINX (for larger upload limits increase the two 4096M values accordingly):

# service nginx restart

We proceed in the same way with the php.ini for php-cli. A restart of NGINX is not necessary afterwards.

nano /etc/php/7.4/cli/php.ini

Create database and database user:

# mysql

The MySQL client answers with the mysql> prompt:

mysql> create database DATENBANKNAME default character set utf8 collate utf8_unicode_ci;
mysql> create user 'DATENBANKBENUTZER'@'%' identified by 'PASSWORT';
mysql> grant all privileges on DATENBANKNAME.* to 'DATENBANKBENUTZER'@'%' with grant option;
mysql> flush privileges;
mysql> exit;

After the preparations we install ViMP:

If you install ViMP Light, ViMP Ultimate [Standard], ViMP Corporate Campus or ViMP Corporate Enterprise, you need to install the SourceGuardian PHP extension at this point. Instructions for doing so can be found here.

The upload and installation of the ViMP installer is described in this article.

Basic usage

The installation is now complete. Now call up your portal in the browser.

During installation, three users are created to represent the three user roles:

• "admin" (password: "admin") as administrator
• "moderator" (password: "moderator") as moderator
• "user" (password: "user") as standard user

Please change all passwords as soon as possible. If you don't need a user anymore, you can delete him in the admin area. Just be sure to keep the admin user!