Web presence step by step Chapter 6: Configuring an Ubuntu Linux cloud server to create a Linux Apache MySQL PHP (LAMP) web server, Part 2

Previous step: Chapter 5: Configuring an Ubuntu Linux cloud server to create a Linux Apache MySQL PHP (LAMP) web server, Part 1
Next step: Chapter 7: Configuring the SSH server on an Ubuntu Linux cloud server to limit SFTP directory visibility within chroot jail directories

Web presence step by step is a series of posts that show you to how to build a web presence.

In this post, we do advanced configuration on an Ubuntu Linux cloud server to create a Linux Apache MySQL PHP (LAMP) web server.

A note re MySQL and MariaDB

A few years ago, the company that owned MySQL was purchased by Oracle. The open source code was legally “forked” into a project called MariaDB. When this document refers to “MySQL,” it is actually referring to the MariaDB descendant of the MySQL database engine, made possible by the terms of the GPLv2 open source software license. Notice that to maintain compatibility with existing software, the command to invoke MariaDB on the command line is “mysql.”

This post assumes that you have performed the steps described in Chapter 5: Configuring an Ubuntu Linux cloud server to create a Linux Apache MySQL PHP (LAMP) web server, Part 1.

Configuring the Linux Apache MySQL PHP (LAMP) web server

In the previous chapter, Chapter 5: Configuring an Ubuntu Linux cloud server to create a Linux Apache MySQL PHP (LAMP) web server, Part 1, we used apt to install the meta-package “lamp-server,” which installs the components for a basic Linux Apache MySQL PHP (LAMP) web server. In this chapter we configure the components.

Installing MPM-ITK

We need to install MPM-ITK, which allows the web server to execute programs under different usernames. This means that if a website has a security issue, the damage is limited to that website’s directory: other websites and the host server should remain unaffected.

Enter the command:

apt install libapache2-mpm-itk

Configuring MySQL

The MySQL database server has been installed, but must be configured.

Enter the command:

mysql_secure_installation

Testing the MySQL server

Let’s test the MySQL server. Enter the command:

mysql -u root -p

enter the password you specified during the MySQL configuration step.

enter the command:

show databases;

You will see a list similar to the following. Enter the command:

exit

Testing that the web server is able to run PHP scripts

Let’s test that the web server is able to run PHP scripts.

Enter the commands:

cd /var/www/html
nano phpinfo.php

Enter the following text in the nano editor. Save and exit the file:

<?PHP

phpinfo();

Use a web browser to load your domain name, followed by /phpinfo.php, as in:

linuxstepbystep.com/phpinfo.php

If you are successful, a page similar to the following should appear:

Configuring the Apache web server

Enter the commands:

cd /etc/apache2
cp apache2.conf apache2.conf.factory
nano apache2.conf

Use the control-w command to search for the text “<directory”:

This is what it looks like when you find the section:

Insert a block with the following text:

<Directory /usr/web/>
        AllowOverride All
        Require all granted
</Directory>

Creating the users, directories, and documents for the websites

Enter the commands:

adduser --home /usr/web/comingsoon comingsoon

Enter and confirm a password for the user. Answer the prompts for additional information. When asked: “Is the information correct?” enter “y” for yes:

Enter the commands:

mkdir -p /usr/web/comingsoon/comingsoon
cd /usr/web/comingsoon/comingsoon
nano index.php

Enter the following text in the nano editor. Save and exit the file:

<?PHP

echo "<p>coming soon</p>\n";

Enter these commands, note that each “chown” and “chmod” command should be its own line:

chown -R root:root /usr/web/comingsoon
chown -R comingsoon:comingsoon /usr/web/comingsoon/comingsoon
chmod -R 755 /usr/web/comingsoon/comingsoon

A note about the example domain and a reminder that you should use your domain name in its place

Note: for clarity and narrative flow we are using the example domain linuxstepbystep.com but you should substitute your domain name as appropriate.

Enter this command (all on the same line):

adduser --home /usr/web/linuxstepbystep_com linuxstepbystep_com

Enter the commands:

mkdir -p /usr/web/linuxstepbystep_com/linuxstepbystep.com
cd /usr/web/linuxstepbystep_com/linuxstepbystep.com
nano index.php

Enter the following text in the nano editor. Save and exit the file:

<?PHP

echo "<p>linuxstepbystep.com</p>";

Enter these commands, note that each “chown” and “chmod” command should be its own line:

chown -R root:root /usr/web/linuxstepbystep_com
chown -R linuxstepbystep_com:linuxstepbystep_com /usr/web/linuxstepbystep_com/linuxstepbystep.com
chmod -R 755 /usr/web/linuxstepbystep_com/linuxstepbystep.com

Creating the virtual hosts for the websites

cd /etc/apache2
mv sites-available sites-available.factory
mkdir -p /etc/apache2/sites-available
cd /etc/apache2/sites-available

Enter the command:

nano 000.comingsoon.conf

Enter the following text in the nano editor. Save and exit the file:

<VirtualHost *:80>
<IfModule mpm_itk_module>
        AssignUserID comingsoon comingsoon
</IfModule>
ServerName comingsoon
DocumentRoot /usr/web/comingsoon/comingsoon
ServerAdmin info@linuxstepbystep.com
CustomLog /var/log/apache2/comingsoon-access_log combined
ErrorLog /var/log/apache2/comingsoon-error_log
</VirtualHost>

Enter the commands:

a2ensite 000.comingsoon.conf
nano 004.linuxstepbystep.com.conf

Enter the following text in the nano editor. Note the screen capture: the line starting with “AssignUserID” should be all on the same line. Save and exit the file:

<VirtualHost *:80>
<IfModule mpm_itk_module>
        AssignUserID linuxstepbystep_com linuxstepbystep_com
</IfModule>
ServerName linuxstepbystep.com
ServerAlias www.linuxstepbystep.com
DocumentRoot /usr/web/linuxstepbystep_com/linuxstepbystep.com
ServerAdmin info@linuxstepbystep.com
CustomLog /var/log/apache2/linuxstepbystep.com-access_log combined
ErrorLog /var/log/apache2/linuxstepbystep.com-error_log
</VirtualHost>

Enter the command:

a2ensite 004.linuxstepbystep.com.conf

Enter the command:

systemctl restart apache2

Testing the web server to see whether it can host separate virtual hosts (multiple websites)

The objective of this test is to display different text for each host name we enter in the web browser’s address bar.

Enter your domain name in a web browser’s address bar:

Enter the IP address of your cloud server in the web server’s address bar. This is to test whether the default “park page” is active. This page will be displayed if a host name is pointed at the IP address of the cloud server, but the cloud server’s web server has not yet been configured with a virtual host profile for that host name.

Installing SSL Encryption with Let’s Encrypt

Enter the following command:

apt install certbot python3-certbot-apache

Do you want to continue?

Enter “y” for yes:

Enter the command:

certbot --apache

Enter an email address:

Please read the Terms of Service at

Enter “a” for agree

Would you be willing to share your email address

Enter “no” for no

Which names would you like to activate HTTPS for?

leave input blank, press Enter:

Please choose whether or not to redirect HTTP traffic to HTTPS

Enter “2” then press Enter:

Enter the command:

systemctl restart apache2

Enter your domain name in a web browser’s address bar.

Notice the little lock symbol to the left of the host name. Click on the lock symbol, Click on Certificate. View the certificate’s details:

Previous step: Chapter 5: Configuring an Ubuntu Linux cloud server to create a Linux Apache MySQL PHP (LAMP) web server, Part 1
Next step: Chapter 7: Configuring the SSH server on an Ubuntu Linux cloud server to limit SFTP directory visibility within chroot jail directories

Web presence step by step Chapter 5: Configuring an Ubuntu Linux cloud server to create a Linux Apache MySQL PHP (LAMP) web server, Part 1

Previous step: Chapter 4: Using an SSH terminal program to connect to an Ubuntu Linux Cloud Server
Next step: Chapter 6: Configuring an Ubuntu Linux cloud server to create a Linux Apache MySQL PHP (LAMP) web server, Part 2

Web presence step by step is a series of posts that show you to how to build a web presence.

In this post, we configure a basic Linux Apache MySQL PHP (LAMP) web server and test the IP address for reputation.

A note re MySQL and MariaDB

A few years ago, the company that owned MySQL was purchased by Oracle. The open source code was legally “forked” into a project called MariaDB. When this document refers to “MySQL,” it is actually referring to the MariaDB descendant of the MySQL database engine, made possible by the terms of the GPLv2 open source software license. Notice that to maintain compatibility with existing software, the command to invoke MariaDB on the command line is “mysql.”

Installing a basic web server to test the reputation of the IP address

Sometimes, a cloud service provider will recycle an IP address with a troubled history and give you a server that has a “dirty” IP address that is blacklisted. In order to test the server’s IP address to make sure it is not blacklisted, we have to do a basic web server setup.

In order to do a basic web server setup, we will have to connect to the Ubuntu Linux cloud server with an SSH terminal program.

We will use an SSH terminal server to connect to the cloud server, and create a basic web server to test the IP address. If the IP address is blacklisted, we will simply destroy the cloud server and try again, getting a new IP address which we will test. Once we have a successful test, we can proceed to advanced web server setup in Chapter 6: Configuring an Ubuntu Linux cloud server to create a Linux Apache MySQL PHP (LAMP) web server, Part 2.

Connecting to the Ubuntu Linux cloud server with an SSH terminal program

(Note: this post assumes that you have read the preceding Chapter 4: Using an SSH terminal program to connect to an Ubuntu Linux Cloud Server, or you are familiar with SSH terminal programs.)

Use an SSH terminal program to connect to the IP address of the cloud server that you created in Chapter 3: Buying an Ubuntu Linux cloud server from Digital Ocean:

This is what a successful login looks like:

While we are here, we will add a second user to the server. Enter the command:

adduser desktop

Add the user to the sudo group. Enter the commands:

cd /etc
nano group

go to the line starting with sudo, add the desktop user after the colon:

Enter the commands:

apt clean
apt update

Enter the command:

apt upgrade

When prompted, enter y for yes, and press Enter:

If you see a question like this, accept the default. In this case, n for no and press Enter:

Enter the commands:

ufw allow 80/tcp
ufw allow 443/tcp
apt install net-tools iptraf-ng

Enter the command:

reboot

Use an SSH terminal program to connect to the Ubuntu Linux cloud server. Enter the command:

apt-get install lamp-server^

When prompted, enter y for yes, and press Enter:

This is what it looks like when the install finishes:

Testing the IP address of the Ubuntu Linux cloud server

Use a web browser to visit the IP address of the Ubuntu Linux cloud server.

If you get a warning like this, the IP address you have been assigned has a bad reputation. If this happens for you, use the Digital Ocean control panel to destroy the cloud server, then try again.

If you get a message like this, it means that the IP address you have been assigned has a good reputation. This means that we can proceed with the rest of the build:

Associating a host name with an IP address in DNS

Visit the Digital Ocean site. Click on the IP address of the cloud server to copy it to the clipboard:

Visit the GoDaddy site. Click on “Manage All”:

Click on “DNS”:

Click on “Manage Zones”:

search for your domain name:

This is the DNS Zone file for your domain name. It tells the Internet where to point requests for email and your website:

Click on the edit icon for the A record for the Name “@”

Enter the IP address for your Ubuntu Linux cloud server.
Specify a TTL of 1/2 hour.
Click save.

Note the CNAME record:

CNAME www @ 1 Hour

a CNAME, or “canonical name” is a nickname for a host. It means that www.yourdomainname.com will point to the IP address set for yourdomainname.com

GoDaddy populates a DNS zone file with this CNAME record by default. We are discussing this because you need to know this much about DNS zone files and domain names if you want to run a web server.

Previous step: Chapter 4: Using an SSH terminal program to connect to an Ubuntu Linux Cloud Server
Next step: Chapter 6: Configuring an Ubuntu Linux cloud server to create a Linux Apache MySQL PHP (LAMP) web server, Part 2

Web presence step by step Chapter 4: Using an SSH terminal program to connect to an Ubuntu Linux cloud server

Previous step: Chapter 3: Buying an Ubuntu Linux cloud server from Digital Ocean
Next step: Chapter 5: Configuring an Ubuntu Linux cloud server to create a Linux Apache MySQL PHP (LAMP) web server, Part 1

Web presence step by step is a series of posts that show you how to build a web presence.

In this post, we learn how to use an SSH terminal program to connect to an Ubuntu Linux cloud server.

Windows

Visit this link to download the KiTTY SSH terminal program for Windows:

https://fosshub.com/KiTTY.html

Click on “Got it!” to remove the message at the bottom. Click on “DOWNLOAD KiTTY Windows classic”:

In the lower-left of your browser, right-click on the name of the downloaded file. Select “Show in folder”:

Right-click on kitty program. Click “Open”:

Un-check the box “Always ask before opening this file.” Click “Run”:

Host Name (or IP address): enter the IP address of your cloud server
Port: 22
Connection type: SSH
Saved Sessions/New Folder: enter the IP address of your cloud server

Click Save. Click Open:

The following warning appears. Click Yes:

A terminal window appears. This is what it looks like after you login::

MacOS

From Finder, go to Applications. From the Applications folder, double-click on Utilities:

Scroll down and locate the Terminal application. Double-click to start Terminal:

A Terminal window appears:

From this window, enter the command: root@ipaddressofyourcloudserver, substituting the IP address of your cloud server. This is what it looks like after you login:

Linux

There are 2 ways to launch the Terminal program under Linux.

Opening a Terminal session by right-clicking on the desktop

Right-click on the desktop. Select “Open in Terminal”:

A Terminal window appears:

Opening a Terminal session by clicking “Show Applications”

Click on the icon in the lower-left of your desktop to “Show Applications.” Scroll down to find the terminal program,

or enter the word “terminal” in the box “Type to search”:

A Terminal window appears:

From this window, enter the command: root@ipaddressofyourcloudserver, substituting the IP address of your cloud server:

This is what it looks like after you login:

Previous step: Chapter 3: Buying an Ubuntu Linux cloud server from Digital Ocean
Next step: Chapter 5: Configuring an Ubuntu Linux cloud server to create a Linux Apache MySQL PHP (LAMP) web server, Part 1

Web presence step by step Chapter 3: Buying an Ubuntu Linux cloud server from Digital Ocean

Previous step: Chapter 2: Buying branded email from Gmail
Next step: Chapter 4: Using an SSH terminal program to connect to an Ubuntu Linux cloud server

Web presence step by step is a series of posts that will show you how to build a web presence.

In this post, we buy an Ubuntu Linux cloud server from Digital Ocean.

Connecting to the Digital Ocean site

Visit the Digital Ocean site. Create an account, or login to an existing account.

Click on “Create,” click on “Droplets”:


“Choose an image”: Ubuntu 20.04 (LTS) x64
“Choose a plan”: Shared CPU Basic

Click to select the option for “$5/mo”: (NOTE: this has recently changed to “$6/mo”)

Scroll down.

“Choose a datacenter region”: choose a region.
“Authentication”: click to select the option “Password.”
“Create root password”: enter a password.

Scroll down.

“Choose a hostname”: enter a hostname. This should in the format servername.yourdomain.com
“Add backups”: Click to select the option “Enable backups.”

Click Create Droplet:

For a few seconds, you can watch a progress bar as the cloud server is being created:

Take note of your new cloud server’s IP address.

Tip: If you move your mouse pointer over the IP address, you will see the word “copy.” You can click on the IP address to copy the IP address for the cloud server to the clipboard.

Previous step: Chapter 2: Buying branded email from Gmail
Next step: Chapter 4: Using an SSH terminal program to connect to an Ubuntu Linux cloud server

Web presence step by step Chapter 2: Buying branded email from Gmail

Previous step: Chapter 1: Buying a domain name from GoDaddy
Next step: Chapter 3: Buying an Ubuntu Linux cloud server from Digital Ocean

Web presence step by step is a series of posts that show you to how to build a web presence.

In this post, we set up branded email for the domain we registered in Chapter 1: Buying a domain name from GoDaddy, using Google Workspace, formerly Gmail for Business.

Google actually starts you with Workspace Business Standard for C$15/mo (US$12/mo). At the end of this procedure, we will downgrade to Workspace Business Starter for C$7/mo (US$6/mo).

(In later chapters, we will build out our website capabilities with other vendors.)

Start by logging into the GoDaddy account you used to register a domain in Chapter 1: Buying a domain name from GoDaddy. This will help the Google Workspace control panel to communicate with GoDaddy later in this procedure.

Visit the Google Workspace site. Click Get Started:

Under Business name, enter the name of your business. if you are not sure, enter the name of your domain as the business name. Under “Number of employees, including you,” choose “Just you” for now. You will be able to add other accounts later. Click “Next”:

Enter “First name”,”Surname”,”Current email address.” Click “Next”:

Click on “Yes, I have one that I can use”:

Enter “Your domain name”
Click Next:

Click “Next”:

Click “No, thanks”:

Click “No, thanks”:

enter values for “Username” and “Password.” If you are not sure, use “info” as the “Username.” Click “Agree and continue”:

Click “Next”:

Enter information for “Name and address,” “Payment method.” Click “Next”:

Click “Continue to setup”:

Click “Next”:

Click “Activate”:

Click “Sign in to activate”:

Click “Connect”:

Google Workspace will attempt to connect to GoDaddy to setup email for the domain using the GoDaddy DNS servers:

Sometimes, the connection between Google Workspace and GoDaddy times out. If this happens, try again by clicking on “Sign in to activate”:

Google Workspace shows this screen if the domain if Gmail is activated for the domain. Since we do not want to create new any more new users, click “or skip for now”:

The following screen is shown.

visit Gmail and login to the email account you created, for example info@domain.com:

Send a test email message to an email account you control:

Verify that you have received the test message in the email account you control. Reply to the test message:

From Gmail, verify that you have received the reply to the test message:

Visit the GoDaddy site so we can examine the MX and TXT records in the DNS zone file for your domain:

Click on the icon for your account in the upper-right corner of the site. Click on “My Products”:

Click on the “DNS” tab:

On the DNS tab’s pull-down menu, click on “Manage Zones” Search for your domain name:

This screen shows the DNS zone file information for the domain. MX is short for Mail eXchanger. TXT is short for text comment, but TXT records are used for security tokens and email subsystems like SPF and DKIM.

Visit the Google Workspace admin site. Click Accept:

On the left-side menu, hover over “Billing,” then click on the sub-option “Get more services”:

In the rectangle labeled “Google Workspace Business Starter,” click “Downgrade”:

Click “Checkout”:

Click “Place order”:

Google will present the following screen:

Previous step: Chapter 1: Buying a domain name from GoDaddy
Next step: Chapter 3: Buying an Ubuntu Linux cloud server from Digital Ocean

Web presence step by step Chapter 1: Buying a domain name from GoDaddy

Next step: Chapter 2: Buying branded email from Gmail

Web presence step by step is a series of posts that show you to how to build a web presence.

In this post, we register a domain name with GoDaddy, a domain name registrar.

Make sure that you select private registration. Skip the offers for email and website builders. Use the default name servers (DNS servers) provided by GoDaddy.

(In later chapters, we will build out our email and website capabilities with other vendors.)

Create an account or sign in to an existing GoDaddy account:

enter the name of the domain you would like:

Choose “Full Domain Privacy & Protection.” Do not select “Start your website for FREE.” Do not take optional email services under “Create an email address that matches your domain.” Click “Continue to Cart”:

Click “Checkout”:

Click “View Domain Settings”:

Click “Complete setup”:

Select “SMS text messages.” Click Continue:

Enter the code sent by SMS text. Click “Next”:

Click “View Domain Settings”:

From the DNS menu, select “Manage Zones”:

For now, just look. This is your DNS control panel.

You will use the GoDaddy DNS servers to control your domain in later steps.

Next step: Chapter 2: Buying branded email from Gmail

Fedora 33 broke my UEFI boot

Recently, I read that a kernel update in Fedora 32 had resolved a problem with HDMI audio and Nouveau video drivers (https://bugzilla.kernel.org/show_bug.cgi?id=207223). My plan was to use the “live” distribution of Fedora 33 to test HDMI audio. I burned a USB stick, and tried to boot. “Selected boot image did not authenticate.” Worse still, the UEFI order in my motherboard was changed: the system booted to Windows. I had to use a UEFI utility to change my UEFI boot device order to restore the multiple-boot menu offering a choice between Linux and Windows.

Live distributions should be safer than this

Live distributions are supposed to be a safe way to evaluate an operating system. Now I cannot recommend that somebody try a Fedora USB stick until I have tested that version.

UEFI is important

I use UEFI/Secure Boot on my laptops because it enables multiple-boot menus with grub2. This allows me to see a menu at boot time offering a choice between Linux and Windows. UEFI is also important because some modern system like NVMe drives require UEFI.

The worst part is… they knew

https://bugzilla.redhat.com/show_bug.cgi?id=1883609#c73

Adam Williamson 2020-10-22 21:42:08 UTC

“To clear up blocker status here: after FESCo retracted it as a FESCo blocker – see https://bugzilla.redhat.com/show_bug.cgi?id=1883609#c66 – this was voted on under the normal criteria process in the Go/No-Go meeting today:

https://meetbot-raw.fedoraproject.org/fedora-meeting-1/2020-10-22/f33-final-go_no_go-meeting.2020-10-22-17.00.log.html

and rejected as a blocker more or less on the grounds that the majority of voters didn’t think enough people would run into it before Fedora 34 release, and that we can potentially release a subset or full set of rebuilt/updated images at some point during the 33 cycle if it is considered necessary.

Our current best understanding is that Ubuntu was shipping the DBX update to users (whether all or some subset) at some point but has now stopped doing that, and Microsoft will not ship the DBX update until Q2 2021.”

Linux, Bluetooth, and sound

Linux can provide a fast, secure, and modern desktop computing experience. However, Bluetooth audio on Linux sucks.

Bluetooth audio cuts out intermittently

If you experience 1 second gaps of silence approximately every 300 seconds of Bluetooth audio playback, this post may help you.

Try adding this line to the /etc/modprobe.d/alsa-base.conf file

sudo su
cd /etc/modprobe.d
nano alsa-base.conf

add this line:

options snd-hda-intel model=generic

save and exit
reboot

Can you use a wire instead?

A dear friend, of the same generation that refers to “Walkman jacks,” first helped solve this problem for audio at work from my personal laptop: by gifting a sound bar that can plug into an actual 1/8″ analog audio headphone jack.

(My friend also sent a USB-C plug to 1/8″ analog audio jack adapter, which I do not yet need, but have packed into my accessories bag, for use in the near future, when my next laptop will have even fewer ports.)

J&D USB C to 3.5mm Audio Adapter, USB Type C to 3.5mm Headphone, and Widely Compatible for Google, Samsung, Huawei, Moto, ...

No Bluetooth microphone support for Linux

There are technical and historical reasons for why there is no Linux driver support for Bluetooth microphones. My suggestion is to invest in a wired USB headset. Logitech is a safe choice.

Experimenting with Linux as a desktop operating system

There are several ways to experiment with Linux as a desktop operating system without making a full commitment to re-formatting your laptop, or giving up access to Windows. This post aims to provide ideas and a roadmap for a current Windows consumer considering a switch to desktop Linux, but unsure how or where to start.

Links for Ubuntu and Fedora distributions

https://releases.ubuntu.com/20.10/

https://getfedora.org/en/workstation/download/

There are many distributions of desktop Linux. I suggest you start with Ubuntu or Fedora.

Running Linux as a live desktop boot on a USB stick

The live version of Linux on a USB stick is useful to test the hardware on your laptop, and to get an idea of how a Linux distribution feels hands-on. The interface on Mint, for example, is quite different from the Gnome 3 desktop experience on Fedora and Ubuntu.

An example: the boot screen of a “live” distribution of Ubuntu. If you click “Try Ubuntu” the operating system will run using the USB stick as its storage.

The live version of Linux on a USB stick is impractical for day-to-day use.

(If your laptop’s SATA controller is configured for RAID mode, you will still be able to boot the live operating system from the Linux installer on a USB stick. However, you will not be able to read files on the Windows hard drive, or install Linux to the hard drive. See below for more details regarding SATA drive controllers, RAID mode, and AHCI mode.)

Running Linux as a virtual machine (VM) guest under VMware Workstation Player Free for Windows

VMware Workstation Player Free for Windows is proprietary software, but is available free of charge for personal, non-commercial use. This software offers good performance and a smooth experience.

https://www.vmware.com/ca/products/workstation-player/workstation-player-evaluation.html

Running Linux on an older, secondary machine

On average, people upgrade their personal laptop every 5 years. If you buy a new laptop, consider backing up your old laptop, then reformatting the old laptop with Linux. The old machine will get a new lease on life: Linux will run faster than Windows on the same hardware. This approach allows you to experiment with Linux without committing yourself.

Checking the SATA drive controller mode in BIOS: RAID vs AHCI

(Warning: Windows partition will be unusable after changing SATA mode to AHCI, do your backup first!)

If you intend to format a computer with Linux, you need to go into the BIOS and change the SATA drive controller from RAID mode to AHCI mode.

Go into the BIOS of the laptop by pressing F2 during bootup, and change the SATA controller mode from RAID to AHCI.

Many howtos on creating multiple-boot between Windows and Linux are now obsolete

Many of the existing howtos describing how to create a multiple-boot between Windows and Linux are now obsolete. In the past 3 years, laptop motherboards have been shipping with the SATA hard drive controller set by default to RAID instead of AHCI. Changing the SATA controller mode from RAID to AHCI renders an existing Windows installation unusable. These howtos rely on resizing an existing Windows partition to create unallocated space for a Linux install. There is, however, little point in preserving a broken Windows installation.

Formatting a computer with Windows and Linux in dual-boot mode

It is possible to install Windows and Linux in a multiple-boot configuration. However this requires backing up the unique data (documents and other unique files) from the existing Windows installation, changing the SATA controller mode, doing a fresh baremetal Windows install on part of the drive space, and doing a fresh baremetal install of Linux on another part of the drive space.

Checking whether a system is set for UEFI or Legacy/BIOS mode

Check the laptop’s BIOS to determine whether the system is set for UEFI or Legacy/BIOS mode. If the system is in Legacy/BIOS mode, change the setting to UEFI mode. This will be needed later, when the Linux installer creates a multiple-boot menu using grub2.

Installing the Windows baremetal partition

Rufus ISO utility

Rufus is an ISO burning utility:

[rufus screenshot]

https://rufus.ie/

Downloading a fresh ISO of Windows 10 from Microsoft

https://www.microsoft.com/en-ca/software-download/windows10ISO

Use Rufus, and specify partition type GPT and target system UEFI-CSM. Burn the USB stick.

Run the Windows installer. Destroy all existing partitions. Then, install Windows in a 200GB partition, but leave the rest of the drive space as “unallocated space.”

Downloading a fresh ISO of Ubuntu 20.04LTS Linux

https://releases.ubuntu.com/20.04/

Use Rufus, and specify partition type GPT and target system UEFI-CSM. Burn the USB stick.

Run the Ubuntu Linux installer. Let the installer use the remaining “unallocated space” on the hard drive.

Linux will install with a multiple-boot menu

Linux will also install a multiple-boot menu that appears when you start the computer. By default, Ubuntu Linux will boot first, but you can choose Windows as the boot within 10 seconds.

Consider Running Windows as a virtual machine (VM) guest under KVM/qemu on a Linux desktop

see my presentation on this subject:

Fedora 33: Fedora version upgrade breaks a production web server, and Fedora’s reputation for smooth version upgrades

My brother hosts his personal website and blog malak.ca on a baremetal DSL server. My brother uses Fedora on his laptop and server.

A perfectly good pre-fork mod_php MPM-ITK PHP handler was in place, and serving web pages.

Upon reboot after the major version upgrade, the web server was showing error 503 for PHP requests on the blog. The config files were a mismatched mess, so we ended up having to do a baremetal format. My brother keeps his data on a separate drive so the baremetal evac only involved a mysql dump file and a few config files, but still.

Note this post about Fedora 33: “Several relatively controversial changes are currently under discussion on the project’s mailing lists…”

https://lwn.net/Articles/824620/

“The default doesn’t matter, there’s absolutely no reason to take away the sysadmin’s choice here. There are at least 40 servers I personally am responsible for where I see no reason to move from mod_php to php-fpm, for example.” John M. Harris Jr.

I was a CentOS web server admin for many years, and used Fedora on my personal laptop until last year. My brother ran CentOS in the past, but towards the end of the Long Term Support (LTS) cycle, CentOS had absurdly outdated but security-patched versions of libraries. My brother started using Fedora on his web server, and we have been able to do several major version upgrades without incident. The reliability of this upgrade process is what made Fedora suitable for a web server.

Ubuntu has trouble with major version upgrades. On some Ubuntu version upgrades, the installer freezes, requiring that a rescue kernel be entered, apt-get update –fix-missing, dpkg –repair, and other exotic interventions take place before the upgrade process can be resumed and completed.

By comparison, Fedora version upgrading has a better track record, and is usually smooth. A technical error or unforeseen incompatibility would be understandable. A deliberate policy choice to break production web servers to enforce a policy opinion: not cool.

Fortunately, Remi RPM has come to the rescue:

https://rpms.remirepo.net/

https://rpmfind.net/linux/rpm2html/search.php?query=mod_php

Read my brother’s post on this: