LiteSpeed+PHP Installing and Upgrading Notes

Another day, another note post. 🙂

NOTE: These originally come from these notes. http://blog.toonormal.com/2015/09/07/digital-ocean-notes/

1. Installing OpenLiteSpeed

EDIT: Updated March 2016.

1b. Upgrading OpenLiteSpeed

Identical to installing, but packages are likely already installed.

Your updated PHP versions will persist, since the configuration files persist. However, you may lose any installed plugigns for PHP.

2. Installing Lets Encrypt’s CertBot

EDIT: Added June 2016.

As of Ubuntu 16.04, Lets Encrypt’s CertBot is packaged and part of the main repos, but it’s an old out-of-date version (4.1). It can be installed like so.

Unfortunately, this version is too old for helpful commands like --pre-hook and --post-hook. So you’ll have to install it the sloppy way.

The commands certbot, certbot-auto, letsencrypt, and letsencrypt-auto are all interchangeable. The auto versions are smart scripts that also download dependencies.

When using an auto script in a cron job, be sure to include these additional parameters.

This only applies to auto scripts.

2b. Fetching SSL Certificates

After LSWS installation, port 80 isn’t being mapped yet, so we can get a certificate for our domain URL.

Once we have a real configuration though (i.e. we use port 80), we’ll need to stop and start LiteSpeed any time we refresh certificates.

NOTE: Alternatively the CertBot webroot plugin can be used. It’s not ideal, because you need to specify the public directory. That said, it means you don’t need to take the server down at all.

Here’s a script. I call it certbot-register:

NOTE: pre-hook and post-hook use smarts, only shutting down the server temporarily if a certificate needs to be refreshed. Also, we need to use the http-01 (port 80) and not tls-sni-01 (port 443) because of the way CloudFlare wraps SSL for you.

Usage:

If configured correctly, the server will temporarily take the LiteSpeed server down, and acquire an SSL certificate.

2c. Renewing SSL Certificates

To renew, do…

2d. Renewing SSL Certificates in a CRON job

moo

2e. Configuring Webroot for LSWS Admin

WebAdmin Settings -> Listeners -> View “adminListener” -> SSL

Adjust my.domain.com accordingly.

Restart the server, then refresh the page (wont kick in until you do).

3. Installing PHP 7

Now, build PHP 7 inside the UI.

You may need to add (for proper GD library support):

NOTE: php.ini may not be copied, so you can acquire the file as follows:

3b. PHP 7 Extensions

To use PHPiz, you need autoconf.

GD: already installed (built-in)

APCu (branch): https://github.com/krakjoe/apcu/tree/seven

Imagick (branch) or Gmagick: https://github.com/mkoppanen/imagick/tree/phpseven

4. Upgrading PHP 7

Because we build PHP from tarballs, we need to repeat the entire install procedure (minus packages).

That said, due to one of the upgrades (LiteSpeed or PHP, I foget), you’ll need to reinstall your PHP plugins.

4b. Upgrading PHP 7 Plugins

The plugins are installed from Github repos.

5. Redis Sessions

For improved PHP Session speed and reliability, one can install Redis.

Grab the PHPRedis package from here.

https://github.com/phpredis/phpredis

Unzip it (assuming you grabbed a release).

Navigate to the folder. Setup is identical to apcu.

Restart the server.

Before moving on, check that there are no keys.

Edit PHP.ini

That’s it. Reboot the server.

Do some stuff that would create sessions. Now check for keys.

Reference (and how to configure it remotely): https://www.digitalocean.com/community/tutorials/how-to-set-up-a-redis-server-as-a-session-handler-for-php-on-ubuntu-14-04