Installing the Webserver, Webhosting and ViMP on Ubuntu 20.04

In this article we will install all server software (Apache2 or NGINX, MySQL or MariaDB, PHP, FFmpeg, Postfix etc.) for ViMP and configure the web hosting.

Installing the basic packages:

First, we update the package sources:

apt update

Depending on which database you want to use, install either MySQL or MariaDB after that.

For MySQL, run the following command:

apt install mysql-server

For MariaDB, run the following command:

apt install mariadb-server

After that we install the rest of the packages:

apt install php-mysql php7.4 php7.4-gd php7.4-cli php7.4-xsl php7.4-curl php7.4-json php7.4-mbstring php7.4-zip php7.4-xmlrpc php7.4-ldap php-imagick libimage-exiftool-perl ffmpeg nano openssl time

For the ViMP Corporate editions please also install the following packages:

apt install php7.4-ldap php7.4-sqlite3

If you want to use NGINX, install the following packages afterwards:

apt install nginx php-fpm 

If you want to use Apache2, install these packages instead:

apt install apache2 libapache2-mod-php7.4

As MTA (Mail Transport Agent) we use postfix. Other MTAs like Sendmail and Exim can of course also be used. Make sure that the MTA is configured so that PHP can send emails.

apt update
apt install postfix

Next, we create the required folders on the server:

mkdir -p /var/www/vimp/web
mkdir /var/www/logs

NGINX Configuration:

If you are using NGINX, we will first create a separate server block for ViMP. If you are using Apache2, please skip this section.

nano /etc/nginx/sites-available/vimp

And paste the following ViMP configuration (please correct the paths for root and the logs according to your configuration and enter the correct server name):

server {
  rewrite_log off;
 
  listen 80;
  listen [::]:80 ipv6only=on;

  # replace /var/www/vimp/ with your actual ViMP installation folder path in the following line
  root /var/www/vimp/web;

  # replace your_servername with your actual server name in the following line
  server_name your_servername;

  # replace /var/www/vimp/ with your actual ViMP installation folder path in the following lines
  access_log /var/www/logs/vimp_nginx_access.log;
  error_log /var/www/logs/vimp_nginx_error.log warn;

  index index.php frontend.php webtv.php backend.php frontend_dev.php webtv_dev.php backend_dev.php index.html;

  charset utf-8;
  server_tokens off;

  client_max_body_size 500M;

  # Disable access log for favicon.ico
  location = /favicon.ico {
    log_not_found off;
    access_log off;
  }

  # Disable access log for robots.txt
  location = /robots.txt {
    allow all;
    log_not_found off;
    access_log off;
  }

  # Prevent access to files/folders which starts with a dot
  location ~ /\. {
    deny all;
    access_log off;
    log_not_found off;
  }

  # Directive for dynamic JS files which are processed by PHP
  location ~ ^/(.+)\.js\.php(/|$) {
    error_page 417 = @appwebtv;
    error_page 418 = @appfrontend;
    error_page 419 = @appbackend;
    if ( $query_string ~ "app=webtv" ) { return 417; }
    if ( $query_string ~ "app=frontend" ) { return 418; }
    if ( $query_string ~ "app=backend" ) { return 419; }
  }

  # Directive for dynamic JS files which are processed by PHP
  location @appfrontend {
    index index.php;
    #include snippets/fastcgi-php.conf;
    fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
    #fastcgi_pass 127.0.0.1:9000;
    fastcgi_split_path_info ^(.+\.php)(/.*)$;
    include fastcgi_params;
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    fastcgi_param HTTPS off;
    try_files $uri $uri/ /index.php;
  }

  # Directive for dynamic JS files which are processed by PHP
  location @appwebtv {
    index webtv.php;
    #include snippets/fastcgi-php.conf;
    fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
    #fastcgi_pass 127.0.0.1:9000;
    fastcgi_split_path_info ^(.+\.php)(/.*)$;
    include fastcgi_params;
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    fastcgi_param HTTPS on;
    try_files $uri $uri/ /webtv.php;
  }

  # Directive for dynamic JS files which are processed by PHP
  location @appbackend {
    index backend.php;
    #include snippets/fastcgi-php.conf;
    fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
    #fastcgi_pass 127.0.0.1:9000;
    fastcgi_split_path_info ^(.+\.php)(/.*)$;
    include fastcgi_params;
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    fastcgi_param HTTPS off;
    try_files $uri $uri/ /backend.php;
  }

  # All front controllers for symfony
  location ~ ^/(index|frontend_dev|frontend_cache|backend|backend_dev|backend_cache|getMedia|health|webtv|webtv_dev|webtv_cache)\.php(/|$) {
    #include snippets/fastcgi-php.conf;
    fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
    #fastcgi_pass 127.0.0.1:9000;
    fastcgi_split_path_info ^(.+\.php)(/.*)$;
    include fastcgi_params;
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    fastcgi_param HTTPS off;
  }

  # Try to serve file directly, fallback to rewrite to default frontend controller
  location / {
    index index.php;
    try_files $uri $uri/ @rewriteapp;
  }

  # Rewrite fallback to index.php
  location @rewriteapp {
    rewrite ^(.*)$ /index.php$1 last;
  }
}

Now we activate the configuration by creating the following shortcut:

ln -s /etc/nginx/sites-available/vimp /etc/nginx/sites-enabled/

Test it briefly:

nginx -t

And restart NGINX, if everything is ok:

service nginx restart

Note: When using an SSL certificate, the configuration looks slightly different, as two server blocks are then created (depending on the certificate provider in detail). In any case, however, make sure that you change all occurrences of

fastcgi_param HTTPS off;

to 

fastcgi_param HTTPS on;

after including the certificate, so that the scripts can be delivered over HTTPS.

Apache2 Configuration:

If you are using Apache2, we will create a custom vHost for ViMP. If you are using NGINX, please skip this section.

nano /etc/apache2/sites-available/vimp.conf

In the created configuration file we paste the following code and adjust the server name, email address and DocumentRoot path if necessary:

<VirtualHost *:80>
   
   # enter your server name/domain in the following line
   ServerName my.vimp.domain
   # enter your webmaster's e-mail address in the following line
   ServerAdmin my@email.address

   # replace /var/www/vimp/ with your actual ViMP installation folder path in the following line
   DocumentRoot /var/www/vimp/web

   <Directory />
        Options FollowSymLinks
        AllowOverride None
   </Directory>
 
   # replace /var/www/vimp/ with your actual ViMP installation folder path in the following line
   <Directory "/var/www/html/web/">
      Options -Indexes +FollowSymLinks -MultiViews
      AllowOverride all
      <IfVersion < 2.3>
        Order allow,deny
        allow from all
      </IfVersion>
      <IfVersion >= 2.4>
        Require all granted
      </IfVersion>
   </Directory>

   ErrorLog ${APACHE_LOG_DIR}/error.log
   CustomLog ${APACHE_LOG_DIR}/access.log combined

</VirtualHost>

Then we activate the module "rewrite" and the new vHost:

a2enmod rewrite
a2ensite vimp

We restart Apache later so that the new configuration is activated.

Configure PHP

There are 2 php.ini files interesting for us. One is for the FPM or Apache2 PHP module, the other is for the PHP CLI (CLI=Command Line Interface).

We first edit the php.ini for the module. Under NGNIX, edit the following file:

nano /etc/php/7.4/fpm/php.ini

and under Apache2 this one:

nano /etc/php/7.4/apache2/php.ini

and adjust the following lines as follows:

upload_max_filesize = 4096M
post_max_size = 4096M
register_argc_argv On
memory_limit = 1024M
max_execution_time = 60
max_input_time = 120

Save the file and restart NGINX or Apache2 (for larger upload limits, increase both 4096M values accordingly):

service nginx restart

resp.

service apache2 restart

We proceed in the same way with the php.ini for php-cli. A restart of NGINX or Apache2 is not necessary afterwards.

nano /etc/php/7.4/cli/php.ini

Adjust the directives like follows (please note the difference in memory_limit):

upload_max_filesize = 4096M
post_max_size = 4096M
register_argc_argv On
memory_limit = -1
max_execution_time = 60
max_input_time = 120

Create database and database user:

For MySQL 8 or MariaDB 10.3 we have to set the sql_mode first. Let's create a separate configuration file for ViMP for this purpose:

cd /etc/mysql/mysql.conf.d
nano vimp.cnf

In this file we copy the following lines:

[mysqld]
sql_mode = IGNORE_SPACE,NO_ZERO_IN_DATE,NO_ZERO_DATE,ERROR_FOR_DIVISION_BY_ZERO

And restart the MySQL service after saving:

service mysql restart

After that we create the database for ViMP:

# mysql

The MySQL client answers with the mysql> prompt:

mysql> create database DATENBANKNAME default character set utf8 collate utf8_unicode_ci;
mysql> create user 'DATENBANKBENUTZER'@'%' identified by 'PASSWORT';
mysql> grant all privileges on DATENBANKNAME.* to 'DATENBANKBENUTZER'@'%' with grant option;
mysql> flush privileges;
mysql> exit;

After the preparations we install ViMP:

If you install ViMP Light, ViMP Ultimate [Standard], ViMP Corporate Campus or ViMP Corporate Enterprise, you need to install the SourceGuardian PHP extension at this point. You can find instructions on how to do this for NGINX here and for Apache2 here.

The upload and installation of the ViMP installer is described in this article.

Basic usage

The installation is now complete. Now call up your portal in the browser.

During installation, three users are created to represent the three user roles:

• "admin" (password: "admin") as administrator
• "moderator" (password: "moderator") as moderator
• "user" (password: "user") as standard user

Please change all passwords as soon as possible. If you don't need a user anymore, you can delete him in the admin area. Just be sure to keep the admin user!