Set up LAMP on Arch Linux (Raspberry Pi)

We are continuing to work with our Raspberry Pi installation, and today’s plan is to set up LAMP.

General disclaimer applies, no liability will be accepted for any loss or damage, use at your own risk and do frequent backups!

Install and Configure LAMP

The packages we need to install:

# pacman -S apache mariadb php php-apache php-gd php-intl php-xcache

As you may already know, the MySQL implementation chosen by Arch Linux is called MariaDB.

Configure MySQL

Start MySQL daemon with:

# /usr/bin/mysqld_safe --datadir='/var/lib/mysql' &

To add a password for root user, remove the test databases and anonymous user created by default, we will run the setup script:

# /usr/bin/mysql_secure_installation

Enable MySQL daemon to start on boot:

# systemctl enable mysqld.service

MySQL server is accessible from the network by default what enables remote access and is not required in our particular case. Since MySQL is only needed for the localhost, we can improve security by disabling listening on TCP port 3306.

# netstat -nlp | grep -i mysql
tcp 0 0* LISTEN 2796/mysqld
unix 2 [ ACC ] STREAM LISTENING 10396 2796/mysqld /run/mysqld/mysqld.sock

To refuse remote connections, we need to open:

# vim /etc/mysql/my.cnf

And uncomment the following line:


We will still be able to log in from the localhost – that’s all we actually need. Restart MySQL server:

# systemctl restart mysqld

Check that MySQL is no longer listening on a TCP port:

# netstat -nlp | grep mysql
unix 2 [ ACC ] STREAM LISTENING 10647 2855/mysqld /run/mysqld/mysqld.sock

It isn’t, excellent.

Configure Apache2

Open the configuration file:

# vim /etc/httpd/conf/httpd.conf

And change the following settings:

User http
Group http
ServerAdmin [email protected]
ServerName localhost:80

Remove Indexes from <Directory “/srv/http”> section. Open:

# vim /etc/httpd/conf/extra/httpd-default.conf

And turn off our server’s signature as well as hide server’s information:

ServerSignature Off
ServerTokens Prod

Enable and start the service appropriately:

# systemctl enable httpd
# systemctl start httpd

Run a configtest to check for any configuration errors:

# apachectl configtest
 Syntax OK

Configure SSL

Create a self-signed certificate (you can change the key size and the number of days of validity):

# cd /etc/httpd/conf
# openssl genrsa -out server.key 2048
# chmod 0600 server.key
# openssl req -new -key server.key -out server.csr
# openssl x509 -req -days 1825 -sha256 -in server.csr -signkey server.key \
-out server.crt

Then, open:

# vim /etc/httpd/conf/httpd.conf

Uncomment the line containing:

Include conf/extra/httpd-ssl.conf

Restart Apache to pick up changes:

# systemctl restart httpd

Configure PHP

Open Apache config file again:

# vim /etc/httpd/conf/httpd.conf

Add the following lines anywhere after LoadModule dir_module modules/

LoadModule php5_module modules/

Place this line at the end of the Include list:

Include conf/extra/php5_module.conf

Make sure that the following line is uncommented in the <IfModule mime_module> section:

TypesConfig conf/mime.types

Also uncomment the following line:

MIMEMagicFile conf/magic

Add this line to /etc/httpd/conf/mime.types:

application/x-httpd-php php php5

Open PHP configuration file:

# vim /etc/php/php.ini


date.timezone = Europe/London

Also uncomment the following extensions:

Restart Apache daemon:

# systemctl restart httpd

We can no proceed with Mediawiki installation.