LAB #3: LAMP Stack If you are brave and intrepid, try this lab prior to class. If you are less confident, we will review these slides in class session for week 4. Package Installers ● ● ● ● ● We will be using the built-in package installer apt-get and you should get to know it. apt is a newer and simpler version, btw. We will also use pip, which is a program that merely finds and installs software for you. Although frameworks exist to streamline some of this, today’s lesson will have us installing many pieces manually, so follow along. If you should encounter a problem, let me know, but it is ultimately your responsibility to get this to work, much like you would in a job within the IT industry. Google for help, and you may have to solve particular challenges related to your laptop, OS, settings that are unique to you, disk space, conflicts, etc. This should work well if you have a clean Ubuntu instance to work with. If you have cloned your instance, you have a safe “sandbox” Getting Up To Date ● ● ● ● ● ● ● Because your installation of Ubuntu might not be fully patched up, let’s start there. Ubuntu comes from Debian, which has apt-get and apt (Advanced Package Tool) sudo apt-get update (same as) sudo apt update this command will pull down all the updates you need for installed packages sudo moves you into super user (do this as super user = sudo) Now, let’s upgrade what we just pulled down: sudo apt-get upgrade You may have to respond Y)es to get it to complete, and it may take a few minutes to complete all the updates Python 3 vs. Python 2 ● ● ● ● ● ● Since Python 2 is often the default in Linux distributions, we’ll start by making Python 3 our default. Python 2 has been deprecated, but is still widely available. Check python version: python –version If you get an error saying that python doesn’t exist, but python3 does, you’ll need to create a symbolic link. To create a symbolic link to python 3: sudo ln -s /usr/bin/python3 /usr/bin/python This will capture “python” commands and send them to python 3 To test, re-run python –version and you should see the correct answer (python 3.8.2 or later) Install Pip ● ● ● ● ● Pip is a package installer and will help you throughout this and other labs. sudo apt install python3-pip This will install a simple tool that will allow you to better use python tools and packages later on. As with all installs, Ubuntu will likely ask you to approve the use of additional space for this new tool, with a simple “y” response. It may take a few minutes Install MySQL ● ● ● ● ● ● MySQL is a very popular database. MariaDB is the open source fork from it. (To use MySQL in production environments does cost.) sudo apt install mysql-server When this completes… sudo mysql_secure_installation Select whatever strength of password you like, but respond to other prompts with y to maximize security. This will help remove hackable components and ensure password protection is in place. You may wish to select a LOW security password for testing, but write it down or remember it. You can choose to enforce some of the suggestions or we can do that later. TEST db might be helpful to some of you. Let’s Increase Security… These commands will help us work around the problem: $> sudo mysql mysql> select user, authentication_string, plugin, host from mysql.user; mysql> ALTER USER ‘root’@’localhost’ IDENTIFIED WITH mysql_native_password BY ‘NewPassword’; (NewPassword is one that you make up) mysql> flush privileges mysql> exit Test your work: sudo mysql (this should fail to let you in) mysql -u root -p (this should let you enter MySQL) Connect Python and MySQL Easily ● ● ● PyMySQL is a connector utility to allow Python to easily connect to MySQL and to enforce transactional integrity Run the following to help you connect from Python to MySQL: sudo pip3 install pymysql Install Apache Webserver ● ● ● ● ○ ○ ○ ○ The world’s most popular web server, and it’s free! sudo apt install apache2 To test this, you should be able to open a browser, point it to http://localhost/ and get a page indicating that it works! Optionally, you can learn more by doing this: cd /var/www/html look at contents using ls -l sudo nano index.html (sudo is required since root owns Apache) (exit nano with CTRL-X as shown at the bottom of the page) Play with the Apache Webserver ● ● ● ● ● ● Let’s see how Apache would install a simple hello world web page, if you’ve never done that before. In the html directory, sudo nano hw.html type Hello World, it’s me, ! Then from your browser, point to http://localhost/hw.html and see what comes up. Critical Thinking: Why does this work when we put in no official HTML tags?? Stretch Goal: Create a resume.html file that you create yourself, outlining your resume. Use HTML tags (minimal ones should suffice) Create Apache Test Directory ● ● ● ● ● ● ● Create a test directory: sudo mkdir /var/www/test Register Python with Apache, enable multi-processing module and allow CGI scripts to run sudo a2dismod mpm_event sudo a2enmod mpm_prefork cgi You will have to restart apache using sudo systemctl restart apache2 TEST by rechecking your localhost call in browser. Fix problems that might have been caused by sloppy command entry on this page. Make some apache modifications ● ● ● sudo nano /etc/apache2/sites-enabled/000-default.conf You are now in the nano editor. Simple, easy, and commands listed on the bottom as CTRL+? key strokes. Add the following right after the first line, which reads “” using tabs for indentation, not just spaces Options +ExecCGI DirectoryIndex index.py AddHandler cgi-script .py [note the space!] Further configure Apache: ● ● Prior steps told Apache to work from the test directory, that it contains executables, that index.py is the default. Now go to the part of the document that reads DocumentRoot /var/www/html and change the characters “html” to be “test” so the result looks like: DocumentRoot /var/www/test Result Should look like this: Options +ExecCGI DirectoryIndex index.py AddHandler cgi-script .py … DocumentRoot /var/www/test Further configure Apache: ● ● ● ● Save (CTRL-o) and Exit (CTRL-x) Restart apache to effect those changes as follows: sudo systemctl restart apache2 now, if you retry the http://localhost from browser, and you’ll see that the default Apache welcome screen no longer appears, since we’ve told Apache to look in a new directory for a file which we have yet to create. Now let’s have some database fun! ● ● ● ● ● ● ● ● First let’s create a database: mysql -u root -p this will prompt you for the password you gave it during install. Your prompt should now indicate you’re in MySQL and will change from a standard terminal prompt (“$”) to “mysql>” Create the database mysql> CREATE DATABASE yoga; Switch to use that database: mysql> USE yoga MySQL ● ● ● ● ● ● ● ● Let’s create a table and add some values: mysql> create table instructors (id INT, name VARCHAR(20)); Insert some records: mysql> insert into instructors values (1, ‘Erin’); mysql> insert into instructors values (2, ‘Caroline’); mysql> insert into instructors values (3, ‘’); (use YOUR name…) test your table: mysql> select * from instructors; exit mysql by pressing CTRL+D or typing quit And now let’s connect all the dots! ● ● ● ● ● ● Now we’ll create our Python program Type in the content shown on the following page into the file called /var/www/test/index.py (MANY have trouble with copy-and-paste) Do not create this file in your home directory sudo nano /var/www/test/index.py Cutting and pasting from the following slide could introduce hidden characters, so I recommend typing it in, remembering to use TABS for indentation, not spaces! index.py #!/usr/bin/python # Debug mode on import cgitb cgitb.enable() #Print html headers print (“Content-Type: text/html\n\n”) #Connect to the db import pymysql con = pymysql.connect( db=’yoga’, user=’root’, passwd=’yourpassword’, host=’localhost’) #print contents try: with con.cursor() as cur: cur.execute(“Select * from instructors”) rows = cur.fetchall() for row in rows: print(f’{row[0]} {row[1]}’) finally: con.close() Connect all the dots! ● ● Make this file executable! sudo chmod 755 /var/www/test/index.py Exit Criteria: Test our work 1. 2. a. b. 3. 4. 5. 6. 7. test at O/S level: python index.py if errors, correct there first See the on-screen error. This is testing Python and MySQL work only. Make sure this isolation test works before testing under Apache if you successfully get data, test using browser: http:// localhost if errors, see log: tail /var/log/apache2/error.log if continued errors, review code snippets provided on Blackboard Discussion Board “Lab Support” if you cannot debug using existing support and threads, post a new thread so all of us can support one another If you still have trouble, attend office hours with GTA or Professor What does success look like? So what just happened? ● When we pointed a browser to http://localhost, we used Apache to handle our request, which by default went to our Python script, which executed a select of rows of data from MySQL Deliverables & Next Steps ● ● Create a single file submission containing a screen shot of your application running in your browser. The web page data MUST contain YOUR full name to receive credit. Review the steps to understand how we installed the various components, how we updated our installation using apt and apt-get, how we built a small database, how we inserted data, how we created a simple web program, and, how that resulted in the working web page pulling data. Stretch Goals ● ● ● ● Consider doing some digging into the ways in which Apache Webserver can serve up different types of files. Consider digging deeper into the various components, such as MySQL and Python to become better versed in their technologies, which will help you at job interviews, even for non-developer jobs. Look into the vast library of Apache projects that would be good to know about. Just knowing they exist will help a conversation in a job interview or where you’re considering technology stacks. Consider where some vulnerabilities exist, and how we might secure and quantify our technology stack to make it suitable for production.
