The Ultimate Linux Home Server Guide

1. Course Promo: Welcome to the ultimate Linux home server course, where you learn to do the server using free tools and applications. And also learn and build your Linux skills, which you can then transfer it to the workplace. If you're a systems administrator, a web developer, or a programmer, you can practice and develop your skills and your own private server. If you're going for a job and one of these areas, you then have practical experience to talk about. This is where I had the most fun and how I transitioned into a career. I really enjoy. Maybe you're a business owner and want to use some of the many free tools like accounting, CRM, or electronic data management packages. There's also many superb and free tools for managing your household or personal finances. As a file server, you also have one central location to save the various files and data that may be spread across multiple devices in your home. Think of all the photos and videos that are stored in everyone's phones and tablets. Currently. In this course, we'll be installing a browser-based photo application to help you manage and view all of your photos. And finally, at the end of a long day, wouldn't it be nice to sit down and watch your collection of movies on your own TV. Will be looking at an application to do just that. This course works best if you have a spare physical computer or laptop that you can use for your server. We're going spend time on the command line together. So you'll get to put what you've learned into practice. And there are many downloadable guys included for you throughout the course. So you can take your time going back over them and really understand the topics we covered. My name is derma Downey, and I'm really looking forward to bring you on this journey. 2. Choosing your hardware: Okay, So now we're ready to start building your home server. The first question then is, what are we going to run it on? Often when we talk about servers, we think about it. It would row upon row of machines quietly humming away in some nondescript datacenter somewhere. These the large enterprise down and HP model of the world, which power enterprise and industry such as airlines, pharmaceutical manufacturing, or the online giants like IBM, Facebook or Google. For the home server that we're going to be building though, we're going to use something entirely different. If you have any old laptop or desktop computer lying around at home, it'll do it'll suit more than enough for our needs. After all, the only thing that makes a server, a server to begin with is the operating system and the software it's installed on those which share out or serve the files and resources saved in that machine. For other devices on the network to use. Linux is renowned for its support for very old hardware. Indeed, you often hear stories of an old e-mail server quietly running way in a beige box somewhere, tucked quite the way for years on end, doing its job without bothering anyone. And that's fine if that's all you need it for. But what we're going to be doing, we want something a little more modern and a little bit more power two is. In general, what I'd recommend is any old laptop or desktop computer within the last 10 to 15 years, they will have more than enough capability and CPU powerful. What we're going to need. In terms of specs. I say aim for something where at least two gigabyte of memory and possibly a 500 gig hard drive for storing all of your movies, your photos in your files in the US. But the key thing is even if you don't have something with dash, dash, dot, dot specification, start with what you do have. Even the, even if the machine you have as well underpowered, it doesn't have anything like Dash gets starters. The key thing here is to building your skills and getting from it, it working in server environments and on the command line, you can always upgrade your hardware later on. The other thing to take note of two isn't we're going to be running our server and what's called headless mode. What that means is that what we're certainly going to need and use a monitor and a keyboard for the installation process. When we're installing R saw our server operating system. We're going to need them for setting it up, installing and setting up passwords. Then like, once we're finished with us, we're going to be taking them away. So the only connections going into this machine is going to be the power laid power elite and the network connection. All of our, all of our administration and our interactions with the server is going to be either over SSH connection across the network or through a web GUI working as a configuring each cross one of those two means. Okay, So in this video, we discussed the server hardware and the requirements and what to aim for. I look forward to seeing you guys in the next video. 3. Home network design: Your home network is how your laptop, phones, movie players, et cetera, are all going to connect to your home server. Let's take a minute to understand your home server good better. So you'd be able to easily and comfortably connect to your server ones, etc. Your home network is how all of your electronic devices connected both the Internet and to each other. At the center of your network is your rotor. You're ever sounds and an address called an IP or Internet Protocol address to each device in the network. This is a sequence of numbers that will uniquely identify the device. Your home networks considered a private network. That is to say as devices owners cannot be connected to directly from the public Internet and IP addresses, but typically fall within these one of these three ranges. So IP addressing is how your devices send data to each other, such as your router passing on a website that your phone is requested, or your laptop connected to your home servers, download some files. So each device, including a router, has an IP address. But your router effect has two. As it is the gateway to your network, it must be contactable from both inside and outside your network. So it gets both a private internal IP address and the public externally facing IP address. And this is set by your ISP or your internet service provider, the company that you've contracted with to get access to the internet. Okay, so let's take a look of what happens when you go to download something from the Internet. When you're browsing the Internet from home. When you make it work, you make a request to Facebook for latest video. The requests will go to your router, which records the IP address. The request came from IE, the source IP of your phone. The router then pass the request onto Facebook, which in turn will record the source IP address that that request came from. Facebook cannot send the video directly back to your phone as it's on a private network. But it can send the traffic back to the publicly routable address of your router, which is the source address that it sees. Your router then in turn sees the video come in, remembers that it was your phone that requesters and pass it back to your phone. And all of this happens in a matter of seconds. To see your IP address or Windows laptop open up a command prompt and type IP config. You can see most of the connection options here are disconnected, except for the Wi-Fi option at the bottom. The IP address of the laptop is listed under IPV4. And the IP of the router is listed as the gateway. Other devices will list the IP address somewhere in the settings. And you can see here an example from an iPhone. Many devices these days will connect to your Azure wirelessly. But I would strongly recommend a wired connection for your server. This involves using a network cable. Note, not always color blue as in this picture. I'm plugging into the RJ45 ports on your Rocher. And this image, the ports and the Rocher are the four yellow color ports. And you will most likely find something similar on the back of your router 2. There are a number reasons I recommend using wired connection over wireless for your server. First of all, a wired connection is a less complex means of connecting some network. Using a Wi-Fi network involves selecting the correct network and entering a password. All find a well, if you've got a screen and a graphical menus and dot to choose from and to work with. But the server we're going to be building, well, at least initially have just a command prompt. So that's a little more challenging. With a wired connection. You just plug the cable in and go. A wired connection is a much simpler and a much more reliable connection. Also too. Wi-fi signals degrades the further you go from the router. Or if there are doors, floors, or walls in between you and the Rocher. You've probably seen this as you move around your home with your phone, that's the connection gets slower the further you go from the router. So there's technology involved in a wired connection is simpler and troubleshooting it is much simpler also too. You just pull the cable and plug it back in. Depending on how old your computer is that you're going to use for the server. It may not even have a wireless cards or the one that does to have may not be good, reliable. Wired connections are faster, hands down. I know a lot of wires connections now or AR, advertising and push themselves as has been ultrafast and similar speeds to wire connections. But again to wire a wired and a cabled connection is always going to be faster and much more stable. With tablets, phones, laptops, TVs, et cetera, all using the wireless network at home. It can be pretty busy environments. So if you have the opportunity to take a device off the radio waves and off a wireless connection onto a physical cable. It'll be wise to do that. You're going to avoid swamping the Wi-Fi network with even more traffic. And this way it has its own direct connection. And the final thing to consider is where you're going to place the server. Do you have the space to put it right next to the Rauscher, where it's going to get, where it would get an ideal Wi-Fi connection. If notched, you need to consider moving to a different room, physically putting it somewhere, somewhere distance. So having a wired connection will allow you to do that and not sacrifice any speed or unreliability, interconnection. Ok, so in this video, we cover the fundamentals of a home network of why wired connection will be much better for your server. I look forward seeing you in the next video. 4. The Ubuntu Operating System: Each time you turn on your laptop or desktop computer, you're probably familiar with the Microsoft Windows logo comes up and the desktop environment and folder structure that makes up windows. This is a desktop operating system, one designed for people to login to each day. We either e-mails and just do their work from it. In general. The alternative to a desktop operating system is a server operating system, which is designed to share out the files and resources of that server and not necessarily have someone logging into it each day or, or even frequently at all. On the desktop, microsoft dominates, with windows being run on almost 90 percent of computers worldwide. On servers, though, Linux-based operating systems have the upper hand. With some estimates showing over 70 percent of servers as running Linux. Microsoft have a very popular server OS. But there are licensing costs involved. Meaning you're going have to pay to install and run a Windows Server. Linux, on the other hand, have a range of powerful, well supporters and totally free server operating systems. That's one of the most popular variants of these that we're going to be using in this course. A Linux distribution is the name used collectively for Linux operating system. Distributions in general consists of various combinations of three things. The carnal. This is the heart of any Linux operating system. I was first written by finished student Linus Torvalds back in 1991. This is how limbs controls all of the various processes and drivers that allowed the system to function. The package management system is how a distribution installs, upgrades that configures the software on the system. Linux distributions tend to be categorized by what package manager they use a While. There are a number of them available. The two most popular package managers will be rpm and Debian. Or PAM, or the Red Hat Package Manager uses the RPM file format for software installations and Yom as the installer. Popular RPM based distributions include redhead, fedora, and CentOS. Debian based distributions use the dead file format for software and programs. And programs like deep EKG and apt for doing all installs and software handling. Popular Debian based distributions include Debian, B12 and mint, and a range of additional software. Some distributions, specialized and open source software, only. Some specialized and security software or programs suited to office end-users. And some have provide an absolutely minimal offering with very little extras bundled with the OS. So it's a combination of these three that will make up the Linux operating system and distribution of your choice. For our home server, we're going to be using the Ubuntu distribution. This is the mature, popular and very well supported operating, operating system. So if you ever have any questions or problems, just putting a B12 into quick Google search would bring back loads of very good results. A B12 is two major releases of its operating system twice a year in April, October. And the releases are numbered according to the month and year. Patches and upgrades are released throughout the year as they become available. Canonical, the company behind it, once you typically supports the major release for about nine months. Every two years though, they release an LTS or long-term support version, which supports for five years and will receive security updates for 10. It's this latest LTS version that we're going to be using on our home server. Okay? Now that we've learned about the operating system that we're going to be using. Let's go ahead and download this in next video and prepare for installation. 5. Preparing to Install the Operating System: To install the OS and the computer, we're going to use a USB stick. You don't need a large one. Even a two or four gig stick will suffice. When we installed on the machine. They'll just bear in mind that we are going to be using the entire hard drive of the computer. So anything that's saved there currently is going to be wiped. The first thing you want do then is download the Ubuntu server itself. If you go to a 12.com download and server, you were brought to a page that will offer the latest version of the server OS. So just click the download link that will download an ISO file dot ISO, and just save that to your computer. The latest versions of the Ubuntu server are only available in 64 bit versions. The 64 thirds tube is that you often hear about. It describes the CPU model, the architecture of the CPU that's in the computer itself. If you're not sure what are your computer as 64 or 32-bit, just do a quick Google search using the name and the model of a computer, and it should come up. 32 bits. Cpus can only run 32 bit operating systems and applications and programs where 64-bit machines can run both 32-bit and 64-bit operating systems applications, although targeted, although they won't use the full power of the 64-bit CPU. If you're running a 32-bit OS. If in doubt though, do download the 32-bit OS, it allows you to get started and get learning. Well, you can always wait while you can't update the CPU itself. If you do find out at a later stage that you actually have a 64-bit CPU, you can always reinstall the OS. So what a bone to only supports 64 bit, whereas latest OS, there is a link and the download page for older versions of the OS, which willing to 32-bit versions. Or alternatively, you can always search online for an alternative Linux server OS. So the next step then is to install the OS to the USB stick. There's a number of tools out there that will do that for you. Unit Newton, pen drive or Rufus. I've always had success. What unit? Buton. And it's the one I'm going to be using this program, although the others are also highly well recommenders and we'll, we'll do likewise. So radius by choosing one that you prefer. You want to know then when it comes to actually installing the OS on your computer, how to change the boot order in the bias of your computer, Sets what order the computer's going to boot up in. So it doesn't boot from the hard drive first or from a USB stick, or what is the order? In order to learn how to change that? Do quick Google search. Plug in the name of the computer that you're going to be using. And then just the simple, just ask you, how do I boot from us USBE. In this screenshot here, for example, this is for Dell. You can see that under the settings and boot sequence, there's options there for, for which, which is going to boot first. So the disk drive, internal hard drive, usb or whatever. So it's about making sure that you push the USB up to the top of the list so that it will boot before the hard drive would boot. And this is only for the installation. Remember we're going to change it again, reset it again afterwards. And finally then to what IP address are we going to give us? So we need to know what IP address is on your network. Because we're going to set a static IP, IE one that does not change. We're going to set a static IP on your server. On a Windows computer. If you pull up the command prompt and type in IP config, you can see down here as number of details about the IP addresses. For example, this laptop IPv4 address is 1 and 2, 16, 17, 18, 69. The gateway IP address. And the gateway is your router is wanting to 16, age 17, 8, 1. So we can see the first three sets of digits are the same, they're stay the same. Your, your network is a woman to 16, age 17 H that describes the network as a whole. And then the individual computers offered use the last, the last digit then to identify themselves. So in this case then for the server IP, in this series, we're going to use an IP of 19 to 16, 17, 8, and with set the server IP then in that network to 150. So here we have a folder where we've downloaded unit Newton and the bone 220 dot o for server OS. We run unit Buton, go down and select the option for disk image. Select the ISO, and then select your server OS here to. The next options then is where do we want to install it? A two. So this case we're inserting into the USB drive, run the laptop where we're setting up the USB drive, which we're then going to use on the machine that's going to be our server. The USB drive in this case is mounted under the E drive and I simply click, Okay. So some men do some option that list that exist there already. I'm just going to select Yes to all. So it's going to it's going to overwrite whatever is there already and create a whole new drive. So that's going to install the OS installer to the, to the USB drive. Once this finishes, then you're going to remove the USB stick and plug it into the server they are going to be using for your server and then turn that server on. Having set the boot order already, it should boot the OS then which is installed on the USB stick. And that in turn will launch the installer for the OS. 6. Installing Ubuntu: Okay, so let's take a look through here at the installation process of your Ubuntu server. At this point, you will have them installed. The server OS2, a USB stick, inserted the USB stick into your server machine, the actual physical computer that's going to be used for the server. And you will have set the boot order for it to boot the USB stick itself. Once you power it on, it begins booting up from the USB stick, like it's doing here. So you don't see a lot of random text stream up the screen as it's building up. In this case here what it's doing is it's setting up SSH keys. These keys are going to be important later on when it comes to setting up SSH connections. It's all about the server beginning to secure and encrypted connections for itself. So we're going to let all of this text string through. And then it's going to go into the installation process now in just a second. Okay, and here it begins. Now. The first thing is glass and force four is the language that we're going to use for the installation process. So I'm going to stick with English. In this case, we see there's actually an update to the installer. So what I'm gonna do is I'm going to continue without updating it. But by all means, you can use the arrow keys to scroll through the menus and Gulp and an update to the new installer. It's going to ask us for our keyboards. So in this case, again, use your use your arrow keys will go up and down to set the keyword that you want. In my case, because I'm in Ireland, I've tested and I know the Irish keyboard is one that works for me, but again, choose one that works specifically for you. You can always change it later on once you're into the, into the operating system. Network connections. Okay, so here's where we're setting our IP address. If you look up here, you can see that it's chosen an IP address for us already. When i 2, 16, 17, 18 to 44, this is what's known as a dynamic IP. It's gone out, it's reached out to our router, and it's asked for an IP. That IP address can change over time. And that's the one thing to be careful of with setting a dynamic IP is that because you're going to pack this server away somewhere and you're going to connect to it from other devices. You need to know what it's address is so as you can find. So what we're gonna do is we're going to set a static IP, one that would not change. In the previous video, we're looking at the IP that we're going to choose, and it's going to be a 150 IP. So let's go down to Edit IPV4. And here then instead of automatic, and the D means dynamic, so Dynamic Host Configuration Protocol, but it's a dynamic. So we're going to set Emmanuel IP. Okay? So subnet SSH. So we're saying earlier that's willing to 16, age 17 days, and then set it to 0. And then if it's the last digits as being changed, it'll be a slash 24. It's just the way IP addressing works. If it's, if it's an address that works OFF would just change the last digits. It's a slash 24, 1 and 2, 16, 17, a 150 is the address that we're going to give our server. The gateway remember is our router will need to 16, age 17, eight dot one. What our name servers then. Because the server on the internet as a whole works off of IP addresses. If we ever enter in a name like google.com, the server, nice, No, How do I translate google.com into an IP address? That's the job of a name server. So this case we're going to give it a name server. We're going to use Google's name servers themselves, which are eight dot-dot-dot, dot-dot-dot H, and then put it in a comma to separate them. And then 8 or 8 dot for, dot for. And what that means is if you ever enter in, if you're on your server and you're trying to use commands to download a file from GitHub, say, and you give it the GitHub address, it's got to reach out to eight dot eight arrays, as can say, what's the IP address for GitHub? And then that way they can, it can carry on. And it's gonna go down to save them. Okay, It's gonna apply these changes. And then it goes back and changes to done. So let's move ahead with that than proxy address. A proxy is another computer. So is your server going to connect to the internet through another computer? It's not, it's going to be a direct connection unless you, unless you obviously have proxy setup. So I'm just going to hit Done in this 12 mirrors. So these are mirrors. So again, the bone to software repositories are out there on the Internet. They mirror themselves to a number of locations so that everybody in the world isn't hitting the one set of servers at a time. So in this case, we just select the default that's there. And whatever peers of yours just select that also too. Okay, written to storage now, so now we're setting up the hard drive that we're going to use. So in this case we have two options. We can use the entire disk or we can go down and set a custom storage location where it should go, set up the hard disk dot dot the entire disk. Use the whole disk as for the storage, we're not, we don't want to keep any of it aside for another operating system or, or anything like that. It comes back and it tells us then what we're going to set up the, how it's going to partition or divides the disk. So you can see here, if I go to the top, then it's going to say one mount point as root. So it's going to say one location as root, the size. In this case, I'm running this on a Virtual Machine, this, this installation process here. So I've only given it a 20 gigabyte disk. This will reflect whatever size disk you have in yours. We're going to say to EXT 4. Ex T4 is the file, is the, is the format that I'm the bone to and Linux operating system uses. From Windows you'd be familiar with possibly NTFS or FAT, FAT. A bone to Linux uses EXT 4 down here. Then we see that there's the full disk. It's going to have two partitions then. This is probably a boot partition, some of that book, but really here's the full disk here, the mountain at root. So again, we just, unless, unless we know we want something different, just go ahead and say done with that. It's going to ask us to confirm this now because what we're gonna do now is we're actually going to overwrite the disk. So this, the disc on your server computer is going to override it. Are you sure you want to go ahead? Because no data will be will be retrievable afterwards. So we say, go ahead with that. Okay, Now we're going to set up our user, wants to use your counter, going to use. We're going to give it a US account called Jupiter. Simple enough, like astronomy. So with ash works, the server's name, what name do you want to give your server? Let's call our server here, home server, okay? Again, pick a username, going to call it Jupiter. Again, as well as the first one could have been your real life name. But it doesn't, it doesn't matter. Ultimately, choose a password again. So again, choose, choose a long passwords, choose a passphrase. Choose a passphrase with multiple words, and then separate them using underscores, brackets, full stops, numbers, whatever combination I like that of those makes sense. And remember bubble. When it comes to passwords, remember to length is strength. So a long password is a strong password. Okay, onto next one then do we want to sit up OpenSSH? So this is how we're going to connect to our server across the Internet. We're going to install the SSH server. And we're going to be connecting from his tutors, from an SSH client on your laptop. So we do want to install the OpenSSH server. During the installation process, you have the option of installing a number of programs and packages and tools. And so if there were any hear that you know that you're going to need and want by all means, you can store them at this point. All of these can be installed after the fact. So right now we're not going to tell it any of these preset ones. Going to select Done. And then if there's any here that you need, you can always come back and install later on. And here we go. It's now gotten to the process of installing the system. It's going to go through all these menus. You can see here there's a full log if you want to see exactly what it's doing. These are all the various commands and, and that, that is installing. And really this will take about another, it depends, you know, 510 minutes maybe to install. It all depends on the DMO to memory and thus that you have and how quick it can run on the CPU itself. So we'll let that run to completion. And then we'll, we'll, we'll take a look at it again. Once that's finished installing, then we'd be we'd be prompted to reboot the server. So let's go ahead and do that then. Remember to remove the USB stick from the computer when you do this or US has gone to load back into the load back into their operating system installer again. So here's asks us to remove the installation medium and press Enter. And we do that. And finally, that's ish. Once a reboots, it scrolls through a lot of text, brings it back to login prompt. So let's put it in the user accounts that we just set up. Let's put in their passwords. Note that it doesn't reflect it back to the screen as you're typing it in. And hit Enter. And we're in. Great. There's a bit of text when you login as big as our default text that comes up. Information about the system itself. Some updates that can be installed. But, um, but that's a run rate to go. We're ready to get or use it. We're rates start using our server. 7. The First Five Minutes After Installation: Immediately after installing your B12 server, there's a few things we want to do just to get set up and ready to use. The first we wanted, we notice is that the default text of an Ubuntu server is quite black and white. There's no color there, there. So we want it, we want to enable the option to allow color. So to do that, we're going to use the Nano text editor and what you will cover in a later video to edit a file on your home directory called doc bash or C. So we scroll down, then we're looking for a particular prompt, a ticket, a particular option called force color prompt. Delete the hashmark to uncomment or effectively turned out with that option on. And then we're going to press Control 0 to save the file and Control X then to edit. The next time we login, now, we know that we will have, we will see a colored prompt. Okay, the next thing I want to do then is our user has superuser rights. It has, it has raised the privileges to do administrative tasks. But the problem is, each time we do that, we're going to be, we're going to be asked to enter our password. So in order to set it so that we don't enter our password every time we need to do is we need to edit a file called VI Sudo, the suit ors file. So let's, let's do sudo, which will escalates our privileges. And then we want to type in VI Sudo. We're going to be asked to enter our password, and this is exactly what we're going to disable now and in 1 second. So put in the password that we have just set up. And as you go through this video series, you can see much more of pseudo being used. Yeah, much better understanding of what it does. This suit is filed. This controls who has access to the administrative rights in this computer. If you add other users set up that you didn't want to give admin privileges to. You would not add them in here because we are the admin on the server. We need to we need to make sure that we're in it first of all, but also to that to make it convenient for ourselves so that we don't enter the password every time. We're going to disable that now. So let's put in our username here. And then the string to follow then is all equals all. And then no passwords come at all again. And what that will do then is that will disable the prompt to enter a password each and every time that we go to use the sudo command. Again, we press Control 0 to write that out and Control X to edit two exits. Clear my screen. The last thing we want to do then is we want to install any updates that are pending. To do that, we type sudo apt update. This will reach out, download new software repositories in order for us to install them. It itself does not install them, but we do go into a lot more detail these commands in a later video when we cover updating or server. And then sudo apt upgrade. And that will actually go and install the commands. Once this is complete. At this point, you can reboot your server. Once it's, once it's finished, you can take the monitoring the keyboard away. You'll then be able to connect to it over the network and use using the SSH server that we set up earlier on. And that makes it much more convenience in terms of not having to use a monitor and keyboard all the time. 8. Log in using PuTTY: To connect to the SSH server on your home server, you need an SSH client on your laptop. Putty is most common and popular of SSH clients out there at the moment, and it's very, very easy to use. Let's take a look at this now. To download Party, first of all, go to put a.org and click on the download link. This is quite a busy page, but really what we're looking for is up the very top, the MSI Windows installers. There's a 32 and 64 bit options. I know that I'm working off a 64-bit laptop, so I'm going to install this one. But if you're not sure, go with the target to, it will work just as well. And we'll work on both 32 and 64 bit versions of your operating system. 140 downloads, go to your downloads folder, run the installer, and then it will appear in the Start menu as, as potty. When you open up potty, this is what it looks like. So these are the party options that we can configure. The main when we want to start with, first of all, is the IP address. So 12 until 16, age when 1750 SSH uses port 22. So we're going to leave that. There's a number of options on the left-hand side. And in the reference guide attached to this video, I've outlined a couple of them that might be handy just to set up and configure. If you want to avoid having to type in the IP address and the settings. Now later on, you can always save these by giving this, given this session and name and then saving it here. The next time you open a party then is going to appear in your menu, and you would simply double-click on this. Okay, let's make this connection and let's login to our server. So the first thing it asks us for then is the username. We know we set up Jupiter earlier on. So that's what we're going to use. What's the password for the account? We type that in. Notice that it doesn't get reflected back on the street on the screen. Eaters asterisks, asterisks or stars. And this is a common security feature of Linux. And once I hit Return to that, we're in, there's does it, we're onto our server. It gives us some generic information about the loads that the memory usage and all that, some updates, but really run to our server now. So we can start typing away and doing the work that we need. 9. Getting Started with Linux Commands: Using the Linux command line is one of the key skills you develop while working on your server. If you're news is start small and take your time, you will naturally get better as you go through this course. Let's take a look at some of the fundamental commands and concepts that you'll need to know. So in this video, we're going to cover some fundamental Linux commands to get comfortable and familiar with the Linux command line. As we go through the video series, you're gonna get a lot of opportunity to practice these. So don't worry about understand them on at first, your comfort level and your expertise is going to grow and develop as you go along and as you do more on your server. Before against the commands, a couple of concepts we want to cover. There is a handy reference guide to touch this module. So feel free to download and print it off in order to go through a number of Linux commands except flags. These are additional parameters, provides the command which expand the information that it gives us or its usage. In this case, the first command we run as PWD are present working directory. To confirm where we are in the system. We run an ls to list the contents of this directory. And we see this file there called test. Doesn't tell us the loss until we add the slash L, which gives us the long format. What this shows is first of all, the total here, this is the total disk allocation of blocks on the hard drive for this, for the files in this directory. This is not the number of files Now the total size of the files, but how much, how much, how many blocks on the hard drive has been allocated for these? First up then is the permission sash. Because this begins with a d. We know the test is a directory. The rest of the permissions covered in a separate video where we specifically go through understanding these. We see that the owner of this file, in this case directory is Jupiter. And the group into which this directory is owned is also Jupiter. The size of this link into a directory is for k is 496 bytes. All links into folders are always going to be 40, 96 bytes, even if there's content or even a massive files within. This will not tell you the size of the directory, the date, and the time of which the directory was created is listed here. And then finally, I'll see its name. Linux commands are case-sensitive. So in all cases they use a lowercase. So we see here, when we run the lowercase ls, we get a result. If we run the uppercase ls, it eat or does not finders. Or it looks to suggest a file or a program that it could be. So when we run uppercase ls, it comes back and says, I couldn't find it. But here's positive. Another option that I could be, do you want to install it? So in all cases, your commands or lowercase Linux is a case-sensitive system. So if you name your files with different cases, you have to again use dash because uppercase is different to lowercase. Some commands take arguments and some do not. So the first command we run here was PWD. And that's simply returns the present working directory, the directory that we're in at the moment. Ls likewise, also just, it can be run on its own or it me on Run width with an argument attached to us. And the second option in second example here, we're run the copy command CP. So when you copy something, you have to tell it what you're copying and what you want to copy it to, what you want to rename it to. So in this case, it needs arguments. And we can see here that the error messages that prompt up when we either leave out all arguments or we leave out the two arguments as needed first, the last concept to understand is that of piping. Piping the concept where you take the output of one command and user as the input to another. Let's take for example, where we list in long format the contents of the ETC. Directory. You can see here there's so much, there's so many things in there that it's built right off the page. And we don't see, for example, the beginning injuries. If you want to be able to scroll up and down and see what's in this, this folder. We have to use this air push a pipe that into another command. In this case, I'm going to clear my screen again. I guess I'm gonna type list in long format, the SC command. But this time I'm going to use the pipe command, which is a vertical bar, or pipe it into the Less file display or less commands that displays the contents of a file or a command one page at a time. So you can see here, it is now stopped once fill the page and allows me to scroll down. As I type the arrow keys down. Go back up to find the data that I need. A press Q to quit out of this. Another thing I can do with piping is I can use to search for text if I want to search for file. So I'll go and listen long form at the SC command. And this case, I want to search for a file related to the u fw firewall. Grep is a command that will search for text from an input SSH. So in this case I'm going to grep for anything related to u fw. And it pulls back the directory relates to you of w. Okay, Let's take a look at some of the fundamental and some of the basic commands that you'll find you're going to use over and over in your time on the command line. So clear is, is one that we've used quite a bit. Clear of C clears your screen. Pwd will tell you your present working directory. Where are you in the folder structure? Ls to list the contents of a file. And I go, I often use it in long format. And in this case here we can see we have just the test directory in this folder. Okay, so let's go ahead and create a file, just a test file. I'm going to use touch and touch a file and files my file name, I can enter anything I want there. If I type ls dash l, I see I now have a file named file. To copy a file you type CP. Cp takes two arguments. It takes to find that you want to copy. And it takes, what do you want to copy? What's the name of the file that you're going to create a copy off. So in this case, I'm going to copy file and make file O2. And if I type ls again, you see I now have two files. Move is a very interesting file. I'm very interesting Command moved as two things. Move. First of all, LC moves the file. So if I type move file, I can move it into the test directory. So if I now type ls dash l, I can see my file named file is gone. And if I type ls dash l of tests, I can see that's now in their move on, also rename a file. So I see in this folder, in this file here I have files. There are two. If I move 500 to, I can move to 500. 31 will do and effect is it will rename it. To delete a file, use the 4M or remove commands. So we know that I have Fazio three in this directory. I want to or MB 400 three. And I see now the fossae are three has gone. The one note of caution for this command is there is no recycle bin on the Linux command line. There is no way of retrieving that file, so use it with caution. Let's try another command, relate to directories. If I want to create a new directory, I use make dir. So make dir, I'm going to make a directory called, just call it new. And you'll see that I have two directories and here I have my new and I have a test1 to remove a directory I use or M dear. So remove directory. And I see that that that directory is gone. One thing to know who it would remove directory command is that it only works if the directory is empty. If I try and remove the directory called test. And remember we have, we have file. It tells me the directory is not empty. So there's my test directory, and here's the contents of the test directory. In order to move, remove a directory that has files or days in is, we have to use the RM commands with two flags, the recursive and the force commands. This will recursively remove both directory and any contents within. So now I can type remove recursively the test directory. And now it's gone. There's many other commands listened in the reference document touched this module. So feel free to take a look at that and go through them and experiments. The more you experiment, the better you're going to guess. If this is something completely new to you. Well done for starters, for learning something new. The more time you spend in the command line, the better you're going to guess. And you'll find these commands are just used over and over, so your experience will grow. I hope this was helpful and I look forward to seeing you in the next video. 10. Finding Your Way Around the Linux File Sytem: A coward. Climbing people are learning Linux or comparing it to Windows is a Linux is not Windows. It's different. Nowhere is this more evident than in the file system. And how next arranges its files and data. Along with the reference guide to this module. Let's take a closer look at the next folder structure. On a Windows computer. You probably very familiar with the concept of opening up File Explorer in order to browse the files and folders stored in the system. In this image here, we can see the C drive, a DVD drive mountain is d. And there's also USB stick that's been plugged in. And it's mounted as the E drive. Windows is a very set way of organizing things. Anything related to the running of installed programs and the system gets mounted on it gets gets stored under C slash program files. And the files for the individual users on the system are stored on to C slash users. And any days are required for the running of the Windows operating system itself are stored under C slash users. And then external storage devices get their own lettering system for organizing their own data. On our Linux, things are organized quite differently. There is no concept of lettering and everything falls under the root directory as indicated by a forward slash. So separate storage devices will typically be mounted under the Media directory. Also. There's very handy guide as part of this module. So I recommend you take and print that off as we're going through the rest of this and might help explain everything bit better. Linux is an open source operating system. That means I'm no one company owns and the code is available and free foramen to take, modify, and release a distribution of their own. And indeed they do. There are thousands of Linux distributions available from consumer desktop to serve a distros to embedded versions. And remember too that Android is its own version of Linux. To get an idea of just how many are available, take a look at distro watch.com. So because there's so many versions of Linux available, it would be very easy for differences to start to appear in her data and files are being stored on the system. This would not make life very difficult for software producers and engineers, administrators. So a standard was developed for organizing the file system. The file system hierarchy standard lays down how and where files related certain functions should be stored. The slash bin directory, for example, are all executional PFAS for commands and system. So when you run the commands such as ls, as we'll see, you're actually calling a program that's under the bin directory. The Dev Directory stores phosphorylated to devices for the system, such as hard drives, input terminals, et cetera. Does also some special devices. And here it's called zeros, randoms, which will produce a stream of zeros, are random characters and which has some very specific uses. The ETC. Directory stores configuration files for all programs and services running on your server. The slash home directory is location for it user's home directories and any files that they may have. The media Directory provides mount points for any removable media. And this is where you would typically find your DVD drive or your USB stick. The root directory is a home directory for the root user. The S or V directory is provided for any files or services that are going to be shared out of the server. And this is the directory we're going to be using for anything to our server is going to be sharing out to the network. The temp directory is a space for temporary files if there needs to be unpacked, are modified in any ways by a program. And the var directory is also a very special directory for storing variable files. And this is where you will find your web root directory. It's also where you find log files in every folder on a Linux system is also two very special subdirectories called dot and a double-dot. Let's take a closer look at what they do now. The dot-dot-dot directories have two very special purposes. We can see here that were in the test directory under the Jupiter user. And there's nothing in here, but these two directories. Dash represents the current directory that you're in right now. So you can see d to Dutch. And what you find is you still end up in the same directory you're in right now. This might seem like there's much pointers, but this comes in very useful when it comes to running scripts that are within that directory. Dot-dot, on the other hand, brings you to the parents directory of the one you're in right now. So if I cd to duck dodge, what I find is that I've now gone up a level to the home directory of the Jupiter user. The dot and dot-dot directories are not normally seen by the ls command and does a very good story. And the consequences behind this. Linux is based off of the Unix OS. We don't go into Unix and discuss in this course, one of them, it was one of the earliest operating systems which is developed for computers back in the 1960s. Background was originally developed. The ls command did show all contents in a directory including the dot and dot-dot directories. And developers wants to hide these just for sheer tidiness sake. So they redesigned the ls command so that it would not show these based off of the fact that the first character in the name is a dash. As a consequence of this, this created the concept of hidden files. So ls itself will not now show any file or directory which begins with a dash. We can see this here by going to ls dash l in my home directory. And I see just the test directory. But I go ls, dash l with the a are all flag. I can see there's a whole lot of other subdirectories and subfiles. These are the hidden files which are typically configuration settings, particularly in a, in a user's home directory, is, you see it is quite common. Okay, I hope you've enjoyed this and I encourage you to explore the folder structure of your own home server and look forward to seeing you guys in the next video. 11. Editing Files using the nano Text Editor: At some point you're going to need to edit config file on your server. Under Windows laptop were used to open up Notepad or Microsoft Word or any graphical text editor like Dash. Whenever you want to add content to file. On our server though, we don't haven't graphical environment, only the command line. Let's take a look at a very simple command line text Azure.edu, editing files with ease in no time. When it comes to editing files on the command line. There are three text editors that are the most popular. Nano is a simple program to use, that It's very user-friendly, especially for new users. Vi is the most popular texts Azure for Linux and has a great set of features. Though there is a small learning curve involved at the start. And Ymax is another common text editor with advanced features, but takes a bit of time to learn and understand how to users. We're going to be taking a look at nano in this video. In nano to use the commands such as saving, searching, or exiting. You press Control and the leisure. For example, we can see that one example in the bottom left is to exit nano. The Control key is represented by the upward-pointing arrow, which is actually called a carrot. And even though x is shown as an uppercase X and the screenshot, all commands use the lowercase letters. So use Control X and not control Shift X. Some commands use the meta key instead of control, and this is represented by an m And then the ledger. You can see the undo command for example, over on the right-hand side uses Meta and you. The medic Key's most commonly mapped to the Alt key on most keyboards. Try it out on your keyboard if you're using it. And if you find that doesn't work, you may have to do some unknown searches for the laptop or computer model that you're working with. Let's take a look at nano inaction to open a file and nano just type nano and the file name. In this case, I've already prepared a file called testfile. If no fun name has been given nano and open up on a new blank file. So the top bar shows us the version of nano. Firstly, it shows the name of the Father we're working on. And also to to show us if there's been any unsaved changes this file. If I simply move down a line, move all the text down a line. You can see now it tells me that this file has been modified. So that means I need to save some of the work. The main window then shows your file contents. You can navigate through this using your standard keyboard, arrow keys or the page up and page down buttons also. And you can begin editing this file right away. Along the bottom then are the commands, like we said, all the ones that begin with the Irish or the upwards arrow use the Control key. So control and x we can see, will exit the program. Some needs, some use the Medicare, which is most commonly mapped to the old keyboards. So to say the file that we've just done, we just press Control 0. Last for the name of the file that we want to save it as. And we just press Return to keep the same file to search for text and our file Control W. This case I'll search for Alice. And it brings me to the line and the sentence with Allison's. I can also jump to a line. So I press Control and lowercase. It'll ask for the line. It'll also asked for the column. The column is the letter, so which column don't want is to. Well, I went to London. So I want to land in line three here. Remember the first line is the blank line would just add is. To copy and paste texts. Text, you must begin by marking is. So control and carrot marks the texts that you wanted to copy. Marking does not include the cursor. So to capture the last letter of the words, we need to move the cursor one step beyond us. And then I'm going to, and then I'm going to press Mehta and carrot to copy this. If I go down a line, I'm going to paste it in your control and you. I can also put text. Again, I'm going to begin by marking it. I'm going to mark all of this. And this. I'm going to cut it with Control K. Move down a line given subspace. And this time I'm going to paste it in again. Ok. Control G has a lot more commands. So there's, this could be quite a feature-rich program editor if you, once you get into it. So feel free to go through the commands that they have there and explored some more. And like said, it's a great tool for beginning to edit your text and config files on your server. 12. Editing Files using the vi Text Editor: Editing files and the command line is a very useful skill to have. Because another bone to Linux server, you don't have a graphical screen with menus and options to work with. When I started out learning Linux and billing home server, I use Nano for editing text files from the command line is very simple to use and as a nice, easy learning curve. And you could indeed use nano to all of your lens career. But I'd highly recommend taking a look at the vi text editor. Also. Vi is a more feature-rich editor. And once you learn its commands, it is I feel a faster and easier editor to use. There's a set of commands you need to learn, and that is what we're going to cover off in this video. But you only even need the basic set of commands to begin working with us. In the reference guide to touch this lesson, I've grouped the VI commands into two sets. The fundamental ones you'll want to familiarize yourself with first, and then commands to expand on what you know and can do in order to use VI. Vii works using two modes, command mode and insert mode. These determine how the keys you type will be used. Command mode is the default mode. When you start VI. In command mode, each key on the keyboard performs an action on the file you've just opened. So when you press X, for example, it would delete a character, an or willow to replace a character. It's also where you're going to save your file from an exit the text, the text editor. Insert mode is where you actually start to enter text into a file. To enter Insert mode, press I or a, among other options, among other keys, and begin typing. And what you're typing is now being etched into the file. An a type and a, an x times an x. And you can begin deleting text using the backspace and delete keys. To go back to command mode and in order to save your file, you press Escape. Let's go ahead and take a look at VI now in action. In this example here, I've taken a copy of a configuration file. In this case is the conflict fall for the sample file server. So let's use this to work with to open up this file type VII, S, and B.com. And it brings us into a using the vi text editor. Without doing anything. In order to exit this file. We press the colon key and q for quit, and we can back out. Okay, let's go back in again. So V S and V.com. In order to move around, we can, we can use the arrow keys to move up and down left and right through the file. If you've a very long file that might take it out bedtime. So the page up and page down also used to quickly move you around. This because here too, Let's try maybe delete some things. By default. When you enter VI, you're in command mode. So in this case, x will delete a, delete a character and pressing a D twice. So double d will delete the whole line. So if I press dd, I'm deleting whole lines at a time. Let's try exit again. So press colon and Q. This time it tells me that there had been rights are changes to the file since the last time it was opened. So it can do one of two things. I can either press Q with a possible exclamation mark to force an exit that will discard any changes that were made. Or if I wanted to save those changes, I can press right and quit. That is now written the change to file and also exit, exit as exited for us. To go back in again. I know it's my father, my lines are still gone. Let's try enter some text now. Let's go to anywhere at all. I'm going to press the I button, the I key to go into insert mode. And you can see down the bottom now it tells me that we're in insert mode. So I can enter anything I want in here. And then to exit Insert mode, I press escape. That brings me back to command mode where I can save or I can work on the file from there. And this case I wanted to, I'm going to write these changes. So colon and Q semicolon and q, that will write them without exiting the file. Let's do some searching and VI. To do a search forward, press the forward slash button and then type them, type the word is that you want to search for. So in this case and go search for server and it highlights any option that I find that a fine. Okay, so I press Return. Now it's looking for all that. It's going to jump be to all that. Bring me to all of the odd the results for that search. To scroll through the results, I just press the N key, just a lowercase n, because an uppercase N, We're bringing me backwards. So if I want to search in reverse for them, I'm going to press Escape again just to get out of this. You can press Escape at anytime, just cancel anything you're doing. Or if I'm, if I'm in the middle of command and it will, it will cancel. Okay, Let's go to the first line of the file then. So I'll press one. And capital G. Capital G by itself brings me to the last line in the file. So one capital G rubric to us, the first line. And this case what I wanna do is with this line of texts I've entered here, I want to copy and paste that underneath. So I press YoY to copy and then a P would paste it underneath. Okay, I'm going to save that file and I'm going to exit. There's many more commands. And though there is a bit of a learning curve involved in using the commands, once you get them down, even the basic session, you'll find that you begin to quickly use it. It becomes a much speedier text editor for working way through, through files and working on the command line. 13. Linux File Permissions: For permissions and ownership are two key security features of your Linux server. When you install it, it went to format your hard drive using the EXP for file system. Permissions and ownership are actually features of EXT for itself. As opposed to the Linux operating system which is installed on top of the file system. Linux though, do it offers a very handy commands to easily manage all of this. Let's take a look over the next two videos at these two key, at these two important concepts. Every file and folder on your Ubuntu Linux server has a set of permissions associated with it which dictate what a user can and cannot do with this. You can see these permissions by run the ls slash l command. Let's break this. Take a look at the output of this command. Now. Here we can see the permission set, the number of links to the file or folder, the owner and group, the size in bytes, its last modification date. The filename. Permissions begin with an indicator of whether an object is a directory or not. The permissions themselves are broken down into three groups. What the owner of the file can do, what members of the group can do, and what all other users on the system can do with this file. There's three types of permissions that a user, group or others can have. Permission to read the file. For directories. This means to be able to list the contents of the directory. Permission to write to the file. For directories. This means permission to create and delete files from the directory. And permission to execute the file or run it as a program. And for directories, this means to move into an access files within, within the directory. One thing you will be doing frequently enough is changing permissions to get something to work. Scripts, for example, are simply text files until you make them executable. And only then can they be run and act as a program. Ch mod is the command used to change permissions to users. You need to specify for whom the permissions are being changed, what the change is, and give it the name of the file or directory being changed. You also have to own the file which you are changing. If you're not the owner, you have to use sudo to make the changes. So here we have a file with read and write permissions for both the user and group, and Read Only for all others. To add the execute bit. For everyone, we write, change, we've typed CH modes, all plus executes and give it the file name. If we look at that again now, we can see the execute bit has been added to everyone. If we want to remove permissions, say we want to take permissions away from the group. We would say CH mod group minus read, write, and execute file one. And we look at that again. And we can see now uses within the group don't have any permissions when this file. Permissions can also be expressed numerically using three numbers or combinations thereof. Here, read is represented by four, right? By a to an execute by a one. So one example will be to run CH mod 6 4 4 on a file. This specifies the permissions to be set for a user, the group, and others. So in this case, the user will have read and write permissions while the group and others have read only. Okay, so here we have a file in a folder itself contains some files to set the permissions in the file to read, write, and execute for everyone. Type CH mod 777401. If you look at the permissions, we can see those are now being updated. If we wanted to, for example, to set it to Read and Write for the user and remove permissions for everyone else. Ch mod 600, file 001. So again, you're combining them, the numbers used for read, write, execute to get your permission sets that you want in-between. Okay, so let's run the same command on the folder then. So CH mod. In fact, we'll look at the permissions of the folder. First off, CH mod 7, 7, 7, folder 0, 1. And we can see that, yes, indeed, now full permissions have been set for all users. But let's look inside the folder. And what we can see is that while the folder permissions are updated, the contents of the folder of the files within that folder have not been. So what we want to do is once you've went off, see you find a way of recursively affecting the permissions of a folder and it's sub contents. And to do that, what we'll use is CH mod hyphen or for recursive 7, 7, 7 folder. And now what we find is that the permissions of the folder haven't even updated. Unless look inside that folder, we see the permissions of its contents to. This works in both files and subfolders within a folder. Take care using this command. Permissions are a powerful than an important feature of Linux. So be sure you know what you're doing and don't change any system permissions or permissions only system files like slash, slash, ETC, slash user. Doing so, you redo, risk damaging your server too much. And again, having to roll back then and maybe even re-install. 14. Linux File Ownership: Every file and folder on Linux system has an owner and belongs to a group. You can see this by running the LS hyphen L command. We can see here the two columns indicating the owner of the file and the group in which it belongs. In both cases, it's called Jupiter. When you install Ubuntu Linux, you created user account to login to a group of the same name was created. But there are many default and system accounts on a server, even a newly installed one. Some services and applications have their own user account for their own processes. And you can see all of these accounts by viewing the slash, ETC slash password file. We go into these in more detail in the reference doc attached to this video series. But slash ETC slash password contains some basic information about each user account separated by colons. To focus on the root user, we see the username, the user ID number, the home directory. If there is one, and the shelves they will, they will use when they login to a command prompt. The root user always has a user ID of 0. An ID of one to 999 are reserved for system accounts. For the shell. We mean the black command prompt screen. You see when you login either over SSH or at a terminal using a keyboard and monitor. It. Both cases, you've logged into a running program. The default shell in Ubuntu, it's called bash. And you can see it here. Indicate as slash bin slash bash. If you see no login or bin slash false as it uses shell. This is a security feature. That means that user account cannot be logged into. It can only be used by processes running in the background on your system. Passwords are not actually stored in slash, ETC. Slash passwords. An older systems they used to be, but programs need to read this file in order to run. So passwords were moved and are now stored in an encrypted form in slash, etc, slash shadow. What all users can read the ETC slash password file. Only the root user can access the slash ETC slash shadow. One common tasks you will probably need to do often enough, especially if you're running a web server. It's changed the ownership of files and folders so that the web server can control them. Don using the CH own Command. D Apache web server, for example, runs using a user called www data. To change the ownership of a file. You've drawn CHN pseudo CHO, www data file 001. And we can see now that the user has been updated. You can also change the group at the same time too. So let's try that now in the folder hair, so we're on CHO own www data, colon www data, and then the folder. And we can see now that both the user, the owner, and the group had been updated here. Note that changing ownership is an administrator command, so something that you're going to need to use the pseudo four. Notice also too, that while the owner and the group of being updated on the folder, if we look at the files within that folder, there's still owned by the original owner and group. So to make your changes apply to a directory and all of its contents and subdirectories. You need to use the recursive flag. So to do that, we type C, H pseudo CH own hyphen or WW data. Ww data and folder. Now we see the folder has its permissions changed in deeds. But also to if we look at the contents within us, we see that the ownership and the group membership of those have been, has been updated also to ownership and permissions are powerful security features that you would likely have to work with on a few occasions. Often diagnosing the problem is the challenging part as fixing as, as we've seen here, can be quite straightforward. As you build your Linux skills though, I'm reads the error messages that you come across. You will get better at identifying, predicting problems and ultimately fixing them. 15. Where to Get Help if Stuck: As you build your CR and skills index, you're going to come across things that don't work for you the first time around. And that's a good thing. Linux is a highly configurable operating system. Were the readings you're going down this road is that you have an interest in building your knowledge and technical skills on the command line. It's all about how you look at things. It's only a problem if you see it as a problem. Rather, it's an opportunity for you to learn and put your troubleshooting skills to the test. And there's no greater feeling than when you find the crackers, get your project working and understand what the hold-up was. There are finite number error types and you're going to end up seeing the same types of error or problem occur. You'll soon get familiar with reading error messages and knowing what needs to be done to get past. As. In this example, some modules for the PHP web scripting language are missing. And there are some permissions issues. Having seen these countless times, I know what I need to do to install the modules, set the permissions, and restart the web server. There's a massive community of support out there in the world of Linux users and admins. You just have to be clear in what you're asking. Give all relevant details like server or software versions. And most importantly, describe what you've tried already and the exact result or error message you gosh, online forums are very supportive and helpful to users who are willing to sports and help themselves. If you're having trouble with a Linux command itself, always start with the man pages to see what they have to offer. In this case, type man ls, to get the man page for the ls command to show all flags and options available. You can get the version number of installed programs by using the dash V for version flags. Sometimes they use an uppercase V, but more often than not, it's the lowercase. To get details of the web, of the PHP web scripting language itself creates a simple webpage which is three lines. And as the PHP opening tag, PHP info. And don't forget the open and close brackets are important, as is the semicolon at the end. And finally the PHP closing tag. This shows you a lot of information like the version, the installed modules, and a lot more info that's very often is very useful for troubleshooting. While there are many forums available online, I draw particular attention to three, stack overflow. An Ubuntu forums are very, very good in terms of the wealth of information that they use. And there's also Google itself. Google is going to be invaluable in searching for answers. You'll learn how to construct your search query in order to get the best results. And in this example here, I just simply copies the error message from the PHP module, error message from the previous slide. As straightaway, it's pulled up details that will help you to solve that problem. When reading the advice and suggestions that come up from online forums, they'll remember to listen to your own judgement and intuition. Don't blindly follow online advice without running it past your own internal filter first. And try to understand what's going on. You have knowledge that counts. Trusting your own abilities to if though you ever find it gets frustrating, step away from it for a while, you can figure it out. I can't tell you how many times I've come back to a challenge with a much clearer head after leaving for a day or so, or maybe even after getting a good night sleep. And finally, especially if you're just starting out, be prepared to re-install your operating system occasionally, as you tinker, test and getting experience. It's my sincere hope that you break things often as that shows you're trying and learning. Always don't keep a good working backup copy of your data. At least then you know, you can break things in safety. 16. Install a File Server: And never faster or is one of most useful things you can do with your home server. It gives you a central place to store all of your files, photos, music, etc, and make them available for other devices on the network to use. It's important though, that if you're backing up important files and folders to your server, that you are sure that it itself is backed up. And we have a later video and series of columns how to do this? The narrow crossover analytics is called Sander. Let's take a look now at how to set up and configure Sandra server. The first step to setting up sand on your home server is to install. Let's go ahead and do that now using sudo apt install, samba. They'll reach out and down all the packages that are needed. It says here because it's going to need to get 16 megabytes of archives we want to continue. And so we say yes, we do. One sandbars installed. Let's go ahead and look at the configuration files. The configuration files for Sandberg stored in the ETC slash sample directory. If we go in here, we see a couple of files that are already S and B.com is the one that we're going to turn our attention to. By default, Sandra installs a lengthy and very explanatory and well detailed configuration file. There's actually almost too much detail as you can see, there are 242 lines in this one. And a lot of that is descriptive text, is commenting on what are the different sections are. Rather than trying to amend that and change dash, what we're gonna do is we're going to rename that to move it ever the way I create a new config file for ourselves. So the first thing we're gonna do is sudo move S and B, and they're going to call it S and become original. So I'm just going to simply, simply going to rename the file. So there is there Nixon to do then is create a new one. So I'm going to use no, no. You sudo again because SMB uses am system, it's a system process. So nano creation new one. The first we wanna do is more so global parameters which apply to the same server as a whole. And we do this by, first of all, provided the global headline. And then we want to say to guest equals bad user. And what this means is a bad user, someone who has not logged in. So when we, when we have bad user logs in, we want to match into the guest accounts, which we say then Jupiter. By giving it the Jupyter account, it means that when you upload a file to which you can then login via SSH later on and not have to change permissions are changing ownership in order to work on flies and the SAML server when you're logged in via SSH and just makes it convenient. And so the next thing then is to give it a share name. So a share name is the name of the font. Actually access when you connect to the IP address. And you'll see in the photo session how we use that. In this case here we're just gonna call those files. First step then is what is the folder or directory on the server where the files in this fascia are going to be saved. Where's the paths? Patent this case is going to be smashing a survey. Is it going to be writable yesterday? Is we want to give it right. Permissions to that we can write to us. And then we wanted to reiterate then guest account equals is okay, so people can login using the guest accounts. Next thing then is when someone goes to create a file, upload file ensemble share, what permissions do we want to give us? So in this case we want to give it read and write permissions in order for security reasons, we want to exclude execute permissions. So we're going to get each file read and write permissions. And thus the 66, 66 is read write. For directories, then directories need 777 because you need execute permissions nor to move into a directory to open it up. Now some professors don't have the concept of a recycle bin. So when you delete a file, it's gone. If there's no getting it back. That's a little too drastic. So what we want to do is Montenegro feature inside of it, which allows us to use a recycle bin so that if the file deletion, we do have an option to pull it back. So with Visa, VFS object, there are recycled. Want to say first of all, is what is the directory for the recycle bin. So SRP is going to be, we're going to choose to make it recycle bin. Again, you can make anything that you want to keep tree. Then parameter allows you to keep the folder structure. So if it was in the Images folder in your, in your sacrifice, your son will then create an images folder in the recycle bin. I moved the father, you've deleted it into here. So let's just see where the file was stored originally. Versions then is if there's multiple versions of a file that you either deletion and then recreate or delete haplotype who keeps each of those. So you do have the option then of them pointed back a specific person that would have been deleted. We want to lead certain files, such as temp files, and sometimes that can be called TMP. And then we also want to exclude recycle bin itself from being, from being added to the, to the recycle bin. So when you delete the recycle bin, you don't want it to actually create another recycle bin within. It becomes an endless loop. For directory permissions. Then you want to give this again 777. So that means all of the directories with the recycle bin directory is going to get 777 permissions. And for any subdirectories that it creates a to get settled, settled several began to you want to be able to reach them, to write within them, and then execution or a sudden you can actually move into the directory itself. Next thing to do then is to restart your Samba Server. So it picks up the new settings in the conflict file and begins to use those. So to do that we go sudo service, CBD, restart, written, that's done. If we take a look at the folder that we're using for our server, the slash SRB folder, you can see that's owned by root. That means a non-health blood root has access to use that anemones and thus will be problem when you come to match your File Share as you will be able to access it. So to do that, we do is we simply change the permissions ownership on it or change it, change the permissions on it. So we do sudo CH, CH mod 7, 7, 7 and smashing historically. Now you can see root has read, write, and execute permissions for all groups. That means people can get into it and you can begin to use it as your sample file share. Okay, great. Let's see if we can now connect to us from our Windows laptop. And the laptop here, I've opened up File Explorer where I can browse all the files and folders on the machine. I'm going to go click into this PC GOP to map network drive. And this is where we're now going to connect to the file share as a permanent drive letter on the laptop. So the first thing it does ask you what drive there do you want to use? So feel free to choose any I'll just choose m just for the sake of it. Okay, What's the folder we're mapping to? So here then we're going to add in the IP address of our server. And we're also going to add in the name of the file share that we set up. So we set up on ours under Files. Again, if you have multiple file shares, one for movies or photos or a dash, you can set them up as different drive letters if you saw wished. Do Entre reconnected sign-in? Do you all want to make this don't make the sticky in a sense so that it sticks on the computer after reboots, it comes back and it's there permanently? Yes, I do. And I hit finish stash. That's all we need. And that then opens it up as the M drive. Let's go on in here and see what's here. So at the moment, we have nothing. If I create a new test file, which going to call this test. This shows that yes, we can now write to the directory That's good, that's deleted them. And see if that the recycle bin comes up. I've found that you need to create a new test file in order for the recycle bin to appear. But it should do so. And there we go, there now. So this is the test file, just creators. And if I go into the recycle bin, you can see the one that was just deleted a minute ago. So that should not prove that we're able to write to the right to the directory. We're able to read from his ribs, delete from it. And everything is working perfectly just as we need. 17. Installing Web Applications on Your Server: Think of many of the applications that are in popular use online, from Dropbox to Gmail to YouTube. Now that you are running your own server, you have the opportunity to run open source versions of all of these and many, many more. Dropbox, Gmail and YouTube are all examples of web-based applications. That is, online services which you interact or work with using your web browser. There are loads of examples of self-hosted web applications that you can use in your server. These include CRMs, photo and video management, and business tools like Office suites and ticketing systems. This is an excellent way to really make use of your server. And there are loads of applications available through doing a quick Google search. Many commercial online services, such as CRMs, also offer what are known as community editions of their application. These are fully featured versions for installation on your own server with the hope that users will build familiarity and loyalty and upgrades to a Cloud service managed by the vendor. I'd also highly recommend taking a look at the GitHub page listed here, which has tons of open source projects available, again for installation on your own server. Okay, so what are the benefits of self-hosting a web app? Well, first of all, you controlled the privacy of your data. The data that you upload is not going off some third cloudy vendor to be used by someone else. It's all hosts on your own server which you control and manage. This is also a fantastic way for you to build your technical expertise, either on the Linux command line or with databases. And in configuring and reconfiguring applications. They'll often not necessary at all. The code and database structure is accessible and available to you. So stare if you just study if you wish. And a web application can also help organize your files, your photos, your music, et cetera, in a better way than by simply uploaded into uploading them to a file share. Often too, there is a front end, means a viewing them. So you can just, you can see the photos which you've just uploaded. Okay. Some things to bear in mind then to first of all, the database, you're going to need a separate database for each and every application you set up in your server center. Similarly, separate user count would need to be setup. This is a basic security principle with the idea being that if an application where to be hacked by an attacker, they can only access that application and not others on your server. This is all about containment of a problem and limiting what an attacker can do. Also to never use the root user, the database server root user. And for setting up a database, it has too much access over other databases. And it should only be used for setting up a user account for that specific web application. You may need to manage the permissions of some folders on your server to ensure the application worse, work successfully. Apache runs using the www dash data user accounts on your server. So you may need to ensure that this user account has permissions to write to some of the folders in your web directory. This though, you will usually come up or come to life during the setup of your application. Web applications, like all other software on your server, needs to be updated frequently. It's not updated though, using the sudo apt upgrade command, which only works for install software on the Linux server. So you're going to need to log into the application every now and then to check if there are any updates available. Password reuse is a bigger problem than weak passwords. As you'll be using a web browser all the time. Consider using a password manager plugin such as Last Pass to generate and security Store long, strong and unique passwords. Okay, let's move on to the next few videos. We're going to take a look at some web applications that are installed on your server. 18. Installing a Web Server: While there are certainly no absolute necessity to have a web server running on your home server. I do feel this one was used for applications you can install. Now, going to allow you to set up a private Intranet on your home network or practice building websites if you're interested. But there's many web-based tools out there for, for monitoring and administering your server. There are a lot more interesting to use, not easier to use, and make doing the job whole lot more fun. Let's take a look at how to set up a web server. A web server is an application or program running on a server that listens for network requests coming in on port 80 or port 443. We go through network ports in more detail in a later video where we discuss firewalls. But for now, consider them like channels on TV. When your laptop is sending a request for a webpage to Google servers, it has to send to the right channel or won't be received. So your laptop sends HTTP requests to Google's IP server on port 80. And requests for HTTPS server pages, which use secure encrypted channel to protect the confidentiality of data sent to port 443. Google's web server receives the request, looks for the requested data, and then returns it back to you. Your web browser then displays this deja as a webpage on your laptop. So on our server, we're going to be installing a full web server software stack known as a lamp. Stack. Lamp stands for the operating system. This is obviously the platform on which we built our web server. The Apache web server. This is the actual web server application, self. Apache, the most popular web server in the world, running on millions of web servers across the world. It's fast, reliable, and secure. On its own. Though. A web server can only serve up FLAC files. That is, files which have been saved into a folder. This can be rather limiting. So additional software is used. The MySQL database. Many websites don't say it's our data as files or static web pages. They stored in a database where it can be queried, updated, modified, et cetera. So when you go to login to a web site, the web server queries the list of registered users in the database before letting you proceed. Mysql also pronounces my SQL is the most popular free and open source database in the worlds. In 2009, though, MySQL was bought by Oracle. A number of MySQL core developers on happy at my desk at Oracle's track record. With regards to supporting free software projects launched MariaDB. Mariadb is intended to be a free open source, like for, like replacement for MySQL. This if Oracle choose to move from a Free to a paid license model for MySQL. There will be database to which people and companies can move to immediately. You may see MySQL or MariaDB referenced throughout documentation online when it comes to installing software and applications. And finally, PHP. Php is a scripting language, especially developed for websites. Without a scripting language, the only thing that the Apache web server can respond to network requests with our static web pages which had been saved on the server. Php allows the web server to serve dynamic pages. That is, pages whose content changes depending on who is logged in, where their physical location, the world, or what you're doing on the site, such as allowing you to byproducts. It is webpages coded with PHP that will make queries to your database when you login to the website. Or in the case of sites which use WordPress, where all of the blog content is stored in the database. Php would build, build, and create the webpages as you visit them. Okay, so now that we're a little more familiar with the components of a lamp web server. Let's go ahead and install it. On your B12 home server is absolutely possible to install each component of the web server individually. That is to say the Apache MySQL database and the PHP scripting language are all separate components. But there is a very useful package, the Ubuntu software repositories, which will install the entire lamp stack for us and one commands. So we start off first of all by updating our software repository, the local repository on the server, so that it knows up and is aware of the latest version of the software. And then we installed the lamp stack. Sudo apt install lamp iPhone server. And it's important that we put this little carrot at the end. If that's important or is it won't install the lamp service deck for us. So we go ahead and hit Run. And then it stops, it goes out. It looks for everything is that we're going to need. So the following, if we see here the following new patched packages would be installed. It lists everything that is going to install. It needs to download 25 megabytes of archives, which is going to use a 181 megabytes of disk space. Do we want to continue? So in this case, we do indeed. Why? And go. So here we are, and we see that it's finishes installation now. Okay. So at this stage is installed as the Apache web server, MySQL database, and the PHP scripting language. First thing we want to do then I'm going to clear my screen, is I want to secure a MySQL database. Do this. We run sudo MySQL secure installation. And this is going to run through a number of prompts and prompt us for a number of things in order to lock down security state this database before begin to use it for real. So the first one is a validate password login. So do we want to enable a plugin that will validate that the strength of our passwords while do is disallow a week or so or short passwords. And it makes sure that we need a combination of upper and lowercase number, string, all that type of thing like so. And this gets, I'm just going to say no because it's, it's it's the past. I'm going to choose. I know we're going to be strong enough. So please set that root user password here. So we have, I'm going to pop in my passwords, re-enter your new password again. And we put a password in again. Okay, so next question then by default, and MySQL installation hasn't an anonymous user allowing anyone to login without having to a user account created for them. That sounds like a bad idea. So do we want to remove that known as user? Yes, we do. Normally, root would only be allowed to connect from the local host. This ensures that someone cannot guess the root password from the network. This, this prompt here is meant to prevent, prevent or allow logins to the root user account across the network. Now, I've found that this one does not work even if you want to allow that it doesn't work because my SQL does have the security mechanism preventing the roof account from being logged into by default. And I covered that in the next video. How are we going to set up a new database, database admin user. But for now, do we want to disallow root login user password for consistency? Because we're gonna say yes to all these. I'm going to say yes here again. But like I said in the next video, we're going to show you how to work around this one. Okay, the next question then, by default, MySQL database names tests that anyone can access. Do you want to remove that? And ax2 is I do indeed. And then you want to reload the privileged table now. So all change will take place. All done. Grace. That is now our database efficiently locked down. Okay, so let's jump on over to the web browser. Take a look at our database or Taste, sorry, take a look at our server and ensure that the Apache web server is running correctly. So in order to do that, let's just confirm again are the IP address of our server. So if we put in IP address, Show this will pull back details of the nephrons, the two network cards on this machine. And when I've actually zone, there's only one network card and one is the loopback address. In amongst all of this text does give us the IP address, but it can be a bit hard to pull out and to identify. So there isn't much shorter way of doing it. Much easier way. If you type in IP brief with two hyphens, address, Show. And now what that does, it shows first of all, the loopback address, which is always present. It's not an actual network address, it's, it's a software feature of a network card. And finally, our network card is the EMP o S3, which is up, and it has an IP address listed there. So let's take that to a web browser, plug it in and just confirm their Apache web server is up and running. Okay, so we've put the IP address into a web browser and we can see what comes up is the default Apache web page. This webpage is just a simple place holder. While there's no other web files on the Apache web server. And radium want to do is just confirmed to us that the Apache web server has just been installed successfully. So we're happy enough with that installation process. Okay, let's move on to other videos where we can make more use of our web server and configure the rest of our lamp stack. 19. Setting Up Your Database Admin Account: The root account is the default administrator account on MySQL and MariaDB databases. As this account always exists on the database, it'll be very easy for attackers to start brute-force guessing the password. Once a webpage interface has been set up, as we'll be doing in the next few videos. So this is, there is a security mechanism on the database that the root account can only be logged into by somebody who's already on the localhost command line. Anyone trying to connect to the database from a remote location then will not succeed. In order to use webpage interface, then we're going to need to login to database and create a new user. You also as admin rights using the username that's going to be less likely known to attackers. So let's do that now. First thing we do is we login to the database using the roofs accounts. And again, we're doing this from the local host, from the server itself. So we're going to be given permission to do so. We're in. So let's take a look at the user's already setup on the database. Commands on MySQL, often written in uppercase. But MySQL is not a case-sensitive command structure, so they can be written in upper or lower or mixed. And it will, it will all work the same. Always member to end your command with a semicolon. So we can see here some default database users and the root account, all of which can only be set up or login to from the local host. So we're going to need to set up a new user. Then in order to do that, we want our create user command first. So I'm going to create user by name of Jupiter again. Now stick with the use of that we've been, we've been using up to this point and this stage and go to between login from anywhere, going to give it a password, also two. And we end with our semicolon query. Okay, means the patent means the command has been entered correctly. So now the path users being setup, let's give it a count privileges over the whole database, and also give it permissions to create new accounts and to measure those users. So grant all all privileges on star dot star means everything on the database to Jupiter. And then also give us the grant options so it can set up other users on the, on the database and also two. Okay. And then finally, we flush the privileges in order to recess or have the or refresh the privileges table and have the changes take effect straight away. Okay, so let's now look again ash. What are the, what are the users on our database? And we can see now we have our Jupiter a user setup there. Okay, We logos. And we should be able to use this user now. We should be able to use it this user now from, from a web interface that we're going to be setting up the next few videos. All the commands that we've outlined in this module are including the handy reference guides. Thus, thus far this module 2. So you should be able to use them and replicate them on your own database. 20. Working with Your Database: Being able to configure and work with your database server is an important part of setting up a web application or administering your homes or in general. Let's take a look at PHP, my admin, powerful and popular tool for working with your databases. Php my admin is a free, open source and very popular tool for administering MySQL and MariaDB databases. Okay, so let's go ahead and store it in our server so we can use it here. First thing to do is update our software repositories so that our server knows about the latest version of it. And then we go ahead and install sudo apt, install PHP, my admin. Okay, So it goes out and looks to what packages needs to be installed. The first thing, because back then it says it needs to go. It has some configuration steps to go through. So dad, the PHP, my admin package must have a database installed and configured before it can be used. So do you want to go ahead with this one? And yes, we do indeed. Okay, so please provide a path for PHP, my admin to register with the database. So again, they're going to need to set up the PHP, my admin user account here. So I'm going to type in a good strong passwords. This one use a combination of numbers, upper, lower, special characters, and all of us. Okay? So because this is a web interface tool, it's look and see what web server are we using. So it has two options here, Apache and lightweight HTTP. So ourselves, the Apache to select it, press the space bar. And then you can tab down to the Okay button and press bend, press, press Return to confirm. Okay, that's gone through its, its, its steps now. And it's done. Grace. Okay, Let's jump on over to the, to the web browser. And we'll see how using PHP, my admin, to login to our database. Okay, So here we are. At our login page. We go to plug-in the IP address of our server and slash PHP, my admin at the end, it'll bring us to this login page. So let's go ahead and login using the user account we've just set up. So I'll put Jupiter in there. And then our passwords in here. Okay? So this is the PHP, my admin homepage. Open the top left here, you can see some handy icons to bring it back to this page, back to the homepage to exit as someones for documentation and to go to some settings. Download the left-hand side here you see the MySQL system databases. Mysql needs some databases itself for to run. Here's one for PHP, my admin also to. And you can explore those bit more by dropping in, pressing the button to drop down and see what columns and tables are listed out there. In the main body of the window. We can see first of all, there were at the server level. Down here are some tabs and we're going to take a look at, at the moment to give you various options and Cr on the database. And here's some tiles here with details about general settings, change the appearance information in the database and the web server, and then some PHP my admin links. Okay, so let's click on the Databases tab. This brings us to a list of the databases currently setup. So here we can see the ones again that are reflected on the left-hand side here. And you can click into them, check the privileges. You can click in here to check the schema and the structure of his and see what's there. If you have a specific query that you want to run just a once off query. There's a window here. If in order for you to do this, type your type, your query out there, and then click Go and it will run us. Status here has some details on the database and the database server itself. So click through those and see what's, what's of interest and what comes up. And user accounts. This shows the user accounts that are being set up for all the individual users on your system. There's other options along the top here to export and import your database. You're going to back it up. Some settings options if you want to change things again to so sort of subcategories and some features up along here. Replication variables. The most ones you're going to find yourself using though, our databases and the users tabs. So let's take a look at that now. Okay, for all of the web application that we're going to be setting up, each is going to get its own database as own database user. So let's see how that's done. Let's go set up a test database. We call this one test db. We click Create. Okay? So the first thing we do is bring it into the structure of us. Know, tables found. When you're setting up a web application, you just want to give it the database. It's going to create its own structure. So this is as far as you would go. The next thing you want to do is set up the privileges and who can access this? So let's go up here too. Privileges tab. And this case then we can see that there's three users on the system that because they have global permissions, they obviously have access to us. We're going to set up a new database, specific user accounts. Go to Add User. I'm just going to call this one test user. I go up a password in here and then scroll down. The reason for doing this is that it contains any damage that can happen if someone were to access attack your application. It contains the number of databases they would have access to. Down here then on their database for the user accounts. If you want to create a new database with the same name, if you ever needed, thus, granted privileges on a wildcard name or here then grant all privileges on the database, test db. So this is already selected. So this user is going to get all privileges on the database we've just set up. And that's what we want down here. Then this covers global privileges across the whole of the database engine itself, across the whole of the database server. So if we want to contain a user to one database, we don't select any of these if he wants to give them permission to select other databases, we would. But on the whole, you want one user per database and containment. So scroll down to the bottom here and click Go. And that's because that's been created. If I click the user accounts again, I now see test user and go and go into my Edit privileges. And they see first of all, along the top here we have global details about the user accounts. So globally, I have no permissions. But on this TSDB, you see I have full permissions. And that's perfect. That's what we want other than the ability to grant permissions to other, to other users. So that's the user accounts. That's perfect. That's exactly what we would want. When we're finished with others. If we wanted to drop that are dropping, deleting a day basis called dropping us. Go back to Databases, click on us and click Drop it. Last year's confirm. We say yes. Same again with the user accounts. Click on them. I scroll down a bit here and I click to removers. And I click Yes. And that's our user accounts and database gone. Okay. If you're using PHP for administering your server, you're going to get very familiar. Are you going to get a lot more familiar with moving in and out of these settings. Feel free to explore and see what else is there. The more comfortable you are working within these environments, the better and the quicker you'll be able to get in and do what you want. It's a great tool, very, very fully featured. So feel free to take a look around and explore. Okay, I look forward to seeing you guys in the next video. 21. Installing WordPress: Wordpress is a great tool for building websites, never user-friendly manner, and is used in over a quarter of all websites on the Internet today. Let's go ahead and install WordPress on your own server now. So the first thing we're gonna do is download, get the link for WordPress itself. So if we go to WordPress.org and over here is a button, forget WordPress. We click on this, are brought to the download page. Okay, so scroll down. They have the latest version available here. This is a zipped version and this is the tar, tar.gz version. So we're going go ahead and download the link for the zip version. So we just copy the link address and we carry that into our command line. Okay, so the first thing we wanna do is on moved to the web roots directory. On a bond to the web root directory is in slash var slash www, HTML. I'm going to create a separate sub folder here for WordPress. Now, you can certainly have is so that when you visit your service website with a web browser, WordPress page opens up. It's the it's the homepage as such. But because I want to use this server for many different web applications, I'm actually going to create a separate subdirectory for each. Also to the web directory by default is owned by the root user. You can see there it's routes that owns this file that is within us. So you're going to need to use sudo to make your, your, your WordPress folder. In this case, I'm just going to call it WordPress. You can certainly we name to anything you want. But you can change the owner of the PFAD, this folder to be either your user or an IT that just to make life easier. So I'm going to sudo and create that. And then I want to move into us. I'm going to use w gets to download the link that we've just installed for the WordPress downloader to paste into potty pasta's enough work with Control V Put it does not use Control V for paste pasting. So you need to either use the right-click on your mouse or Shift and insert, and that will paste into, into party. Okay, So that's down. Notice ls there shows me that it has downloaded and deeds. Okay. So next I want to do then is I want to unzip this so that I can users on zip not found. Okay, so if you're working with the command line, you find that you find there is a command that that's not installed. Let's go ahead and install it as soon as you needed. So I'm just going go to sudo apt install unzip. And that will just pull it down from the software repositories and give me the latest version. So I'll clear my screen and I'll just start again. Ls-l just to show us what's in here. So pseudo ON ZIP, latest excellence. Okay. Okay, so I'm now finished with, with, with the latest file. So I want to delete it. That's gone. Ls l. So in the WordPress directory and I want to move everything back to this folder. So I want to say is sudo move WordPress folder, everything within the word true directory. I want to move to this directory. And now you should see this fully populated. But that's not all. You also need to take note of any hidden files. So I'm going to press the up arrow to go back to my previous command. I want to say anything within the WordPress directory which begins with a dot, also moved to this current directory. Now it's going to complain that those two, the dash dot dot files can't be moved. But that's fine. We, we, we, we understand and accept dash. But if I do slash LA now, I can see there is. Okay, so in this case there's nothing. Sometimes you will find a dot HT access file, but we have nothing here now. So now that the Wordpress directory is empty, I can remove it using the Orem directory commands. Remember this only works for empty directories, which is great way to test that you have actually taken everything out it was. Okay. We have the WordPress files here in this folder. Let's go ahead and set up a database, a database user for the installation process. Or one final thing to take note of, Apache runs using the www data user. So at the moment, if we look at so I'm gonna go back up a level to my web root directory. I can see it. The Wordpress directory we've just created is owned by root. So WW data won't be able to write to this folder. So that means it's going to cause problems during the installation process. During installation of themes or plugins or just general administration of the WordPress website itself. So to do that, we want to give ownership of this directory and its contents to the Apache user. So in order to do that, we use a CH own command, change the owner. So we do sudo, CH owner. Won't you recursively so that it changes ownership not only of the folder, but of all subfolders and contents. What's the owner we want to, we want to give a two when it gives a WW data owner and the group. And then we just specify the folder to which we're applying this. Now you can see ownership of the folder has changed and ownership of the contents of change. Whereas, whereas it used to have root listed in the owner and group columns snare www data. Okay, Let's go ahead and under setup our database user. Okay, so I've used PHP, my admin to login to my database server. I got set up a database for my WordPress installation and call this one just simply WordPress DB. And the next thing then is the privileges. So up here, I'm going to set up a user for, so it adds user account, give it anything there for the passwords, then give it any past or again, a good strong combination of characters, letters, especially, and a number as in the large grant all privileges on the database, WordPress dB. That's what I want. And I just go ahead and click Go. Okay, That's great. Let's go on now and actually install our database, or sorry, our WordPress application. So I'm going to do 19268178 up 1 fifth dy. Remember if I just do one to one than to 160, 150, I come to my default page. If I go into the WordPress directory we just created. Now I have the setup page. Okay, so let's go on down. Or language. You can choose your language, their English, UK. Okay, So welcome to our press. This is just a basic page where they say they're gonna, they're gonna collect a need to earn to go on to collect some basic data from us. They're going to use create a WP config file. This is the file where all your, your database user information, if you ever need to edit it later on. So let's go. So the database name we created his WordPress. The username we used was WordPress user. I think it was the password that I created there. Let's simply my Wordpress database host. Localhost means this server. So the database is on the same server. If you had installed on different database, you would put the IP address in there. But in this case we're going to leave it as localhost, Table Prefix. Then this is just a random string of characters. Were presses said setup such that multiple sites can use the same database. We would never do that in real life, but this is a hangover from a time when multiple sites did use the same one. So we just put some random there and just go and submit dash. So I did something wrong there. Wordpress user, WordPress, hyphen dB, that's a WordPress. Hiv and TB were press user. And I say submit this time, right? So let's go runs the installation and then it comes to the setup pages. So site title. All these can be changed later on. I'm going to give my username their passwords. In fact, you know what I'm gonna do? I'm going to use something strong there. And then as an e-mail address, you can put it in there. So to provide e-mail address and run. And that should now install the database and the application on our server. Okay, Let's test it quickly. Here we are wanting to 16 8178150, our WP Login page. And there we are. We've been working where precise? Let's let's check. Take a look, the front page of it. And this is WordPress installed on our server. Using the admin page, you can now see lookup and begin to create your page and still themes and plug-ins and all that. But this is WordPress now running on our server. 22. Installing a Photo Gallery: We all have tons of photos capturing our digital lives these days. The POS be spread across multiple Android devices, like phones, tablets, etc. So how do we manage all of these? Gallery is a web application that we're going to install on a server that allows you to upload your photos and browse them using a web browser. There are many photo web applications out there. And it looks like support and development for a lot of them seem to stop for number of years. But galleries had some updates recently and seen some recent activity. If you already have a collection of photos, gallery will allow you to import them in bulk. In another video, we go through how to set up a file server. So that will allow you to upload your photos to the server and then gallery and important then into the application. And having tested a number of photo applications, I felt Gallery had the best support for photo and folder naming. Some applications couldn't handle things like spaces, underscores or ampersands, but Gary didn't seem to have any problem with those. Okay. So how would we go about installing it then? Galleries are pretty standard web application in that there's a number of steps that we're going to go through. We're going to start off in the command line and we'll go and download the project from the gallery project website itself. There we're going to go through setting up the folder structure on the server. So I'm going to unzip the file. We're going to set up the folders that it needs, and then also the ownership and permissions. And finally then to, to some configuration needed for the PHP web server itself in order for it to be able to display and allow you to upload and view your photos. Following that, there we go and jump over to the web browser. We're going to set up the database. And then finally, we're going to run the installation itself in a further follow-up video. Then we're actually going to go into the application itself and use it to upload your photos and set up some albums and maybe imports to from the server also too. All of the commands and steps that we go through in this process are also capturing the reference guide attached to this video. So feel free to take dash printed off and review it as you're setting up gallery on your server. Also two from the gallery Project homepage itself. I've copied the link to the most recent version of us. So let's go ahead and download that to our server now. So first thing we wanna do isn't going to move to the web directory itself. So var www, html. And the only thing out there at the moment is an index file. So let's download that now. And this is the, this is the actual gallery zip file itself. Okay? So it comes down as a zip file. So what we want to do is we want to unzip dash. And that will expand it out. There we go. So let's remove the file that we've just downloaded. We don't need that anymore. And Amman, I'm also going to do is I'm going to rename the folder. It is created. So I'm going to rename it from Gallery 3, 13 to just Gallery. This makes it a lot easier for me browse to the folder itself then afterwards to do the installation. Okay. When you upload files and folders are photos to the gallery application. It create, moved them into a folder called var. So what we wanna do is we want to create a folder inside of gallery called var, because there is none there at the moment. So I'll do is simply make dir var. Now remember this is inside the gallery directory. It's not the var directory on the server itself. So you can see now there's a new var directory down there. The last thing we want to do then is if I go back out of this, is I want to actually change ownership to the www data user because that's what the web server is going to be running under. So do that, I do CH, CH, CH own and go set it to be recursive and go to specify the user and the group that I want to give ownership of this directory to and NSA, which directory it is. Brilliant, that's done. Okay, let's go over and take a look at PHP and we set some configurations on that. Gallery requires a number of config changes to the PHP script settings in order for it to run successfully in the web browser. So we're going to go in and make those changes. Now, the PHP conflict file is saved or an ETC slash PHP. If we look at this file or this folder other, we can see it as one subdirectory for the version of PHP that we're running, which is 7.4. So let's move into the mesh. And we can see that within this directory there's some more subdirectories. We're always going to be going into the Apache won't because it's configurations for the Apache web server. We're making here. Okay? There's your PHP config file, the PHP INI. In order to edit that, then we're going to use sudo because melt the file is owned by root. So we need to be, we need to escalate to roofs. To do so, I'm going to use the vi text editor. And then I entered the font name itself. Often when you're installing gallery, if it doesn't or any web application, if it doesn't have the PHP settings that it needs, it will show you that as part of the installation process, you'll see an error message coming up. The first one that we're going to set then is one called short open tags. So I'm going to do a search in VI for short. Open tags. And if there's one there, but this the one that I want here. So I'm going to move over and I'm going to clear those and set that to on. The next thing I want to do is I want to change the max file size that we can upload to the server. So at the moment, I think it's set to about two megabytes. So many, many, many photos and even, even short movies are a lot larger than two megabytes. So we want to make that larger. So on the two sides and one change our upload. Upload max file size. I see down here. I'm going to set this to 50. And the second one is the post max file size. And there's that also to set that to 50 also to okay. So I exit able to VI then so those conflict changes had been made. And then if you want to do then to make them, to make them applied, to put them into effect, is I need to restart the Apache web browser. So sudo service Apache, and we're going to restart it. Brilliant. Okay, now we're reachable to the web browser because separate database and we're going to install the application over and a web browser. Now, I've answered the IP address for our server and I've logged into PHP, my admin. So let's go ahead and set up a new database, specifically for the gallery project. And we're also going to create a new user account who has access to just that database alone. So for database then let's call those is called photo gallery. And we're going to create that. Okay. So why we're within the photo gallery database? Let's set up the privileges or the user counts that can access it. So these are the User Accounts currently that can accesses our equation, new user count. It's going to be limited to just this database. So call a photo gallery for the password. Then I'm going to enter a password in there. And it come down then make sure that grant all privileges on the database folder gallery is set and the hit go. Okay, So the pastor and the same there. So enter that again. Granted privileges is set and it come down then and go. And that's brilliant. That user account is now set up ready to use over in the gallery itself. Then we again go to the galleries directory and into the installer sub-directory. If there was any problems that had found during the installation, like in this case, it says it's founds the directory for storing the photos. But if it hadn't done or if there's any issues with the PHP configuration, you'd see error messages for that here now. So the database name then we're going to enter these now to set it up with the database. The user count. Again, you never want to use the root account, the password, then the host is localhost. Localhost means that the database is on the same server as the application, so it's a local host. And the table prefix, we're not going to use dash. So we'll hit Continue here. And they should run okay for us. Brilliant. Okay, so the installation is complete. You want to copy the username and password. And then your 3D array to start using gallery. Right? We click in here. In the next video. Then we're going to actually go through the process of creating accounts, are creating albums and uploading photos, and using the web application you've just set up. 23. Uploading and Browsing Your Photos: Okay, let's go ahead and start to use the gallery application then in order to manage and save all of our photos. I'm logged in as the administrator here. That's all I do is I go to add and I add an album. So let's give this a name as college, just simply our beach holiday. And this will create the Album and bring a straight into us. In order to add some photos. Then I go to Add again, add photos. I'm going to bring up this folder here off of pictures I have from my from Alice and drop them in there. Any photos which are uploaded to the gallery application go into the var directory which we set up earlier on. So if you're setting up backups and that you want to make sure that that directory is captured. And here we are, here's a picture, then we can click into them. We can scroll through them to view. And if we go back out then to the album itself, you can see this little option menu option down here with some, with some options that we can use for the pictures themselves. Then another way to add photos into the gallery application is to upload them directly from your file server itself. So if you set up this server as a file server and upload your photos too is you can have gallery automatically import them all. So let's take a look at that now. This group, first of all, it's the admin section. And we're going to go to Modules. We to scroll down to the bottom. And there's one here for Server AD. And we're going to enable that and update. Okay, Brilliant. Next we want to do is you want to configure it and point to where the files on the server or saved. So we go to Settings and server ads. And in here then we put the path During the directory path for where our photos are saved. So in this case, I saved them to slash SRB photos. And you can see as I'm typing, it's actually pulling up or it's finding a number of directories here. And this one here from mountain climbing. So I'm going to add this one here. And that adds it to the, to the path here. Okay, So now that setup, Let's go ahead and actually add those photos into our application. So we go back to the gallery itself. I'm going to go back to Add. And this time you see another option now has been added called Server AD. So I click this, I click mountain climbing, and I click Add. Note that the photos that are saved to the directory, to the file server must have read permissions for the group. So if you remember, if you remember before when we talked about permissions, you have the owner, we have the user, the group, and all others. So in this case, the WW data user needs to have read permissions. So either you change the ownership of them to WW data, or you said they're all others must have read permissions, which is the setting in the case of these ones here. And I close this out then. And there we go. We've see, now this album has been added. And there's all my photos there. Again, each one has a number of different options there, but that has been a quick way to, to import them all. Note that you want to be careful of trying to import too many at once. Php does have a timeout function, and that is gained setback in the config file. So if you have too many photos, I tried once before to import many, many directories and subdirectories and multiple gigabytes or follows. And it, it, it never worked successfully because it was just too much at once. Php would time out. So you want to add in separate, distinct folders and then import them one by one. Gallery also has the ability for you to upload and play movie files from the application in order to do that first. And these go over here into settings, down to movies. It use a package called FFmpeg in order to be able to play the movies from the server. To install this in your server, you go to your command nine months sudo apt install FFmpeg. And this case you can see actually have installed already on this server. So this screen here and gallery will tell you when it's installed, if it's found successfully there. So let's get back to our gallery then, an upload movie file. In this case, I'm going to put one into the holiday folder. So I'm going to go to add, add photos. I'm going to click in this window here. And this is my movie here. And we'll allow this to upload. Again, bearing in mind the size of the file size restrictions that we set in the config file. This one's only 25 makes so it should work successfully. And there we go. I can click on to this then. And this should play the movie here. Another great thing you can do too is if you found that you wanted to move it to a different folder. You also have the option by going to Options, move to another album. And what you do then is you would take your picture and you would drag it over to the file in the folder that you do wants to be in. If I close out of this, then it's gone from there, go back to my gallery. And I can see that the file should now be under my my other folder. So it's a great way for you to manage a move files and folders around. Just bear minds default the folders like we were saying earlier where the where the photos are saved and just make sure all of them are are are backed up. 24. Watching Movies on Your Server: Being able to stream movies from your server and watch them on your TV or tablets is one of those enjoyable ways for everyone to benefit from your home server. Plexus application that allows us to do exactly that. It can take movies, photos, and even home videos and played one to order devices. I won't be covering how to get movie files themselves in this video, as there are legal issues around that. But a quick Google search will give you many guides on how to either set up a BitTorrent client for downloading them or you can rip them off of DVDs that you already own. Plex works on a server client model. The Plex server gets installed onto our bond to server and the movies are stored and setup there. A plexus client is then used and the device being used to watch the movies. Flex client exist for many types of devices, including mobile devices, both Android and Apple iOS. Internet enabled smart TVs, and set-top boxes like Roku and Apple TVs. You can also connect directly to the Plex server itself using a web browser and watch your movies from there. The first thing we want to do then is download the Plex app for our server to plex dot tv and scroll down to here. And we have an option to get plex. We want to get plex for our device. Going to click on this. And here comes up with the absence of devices. Make sure that we're clicked onto the media server. From here, then I got dropped down to choose my platform. It's going to be Linux. We're using lengths of 12. And it says, choose our distribution. I'm going to click on this link. And there's a number of different ones between either Fedora or a 12. So where I was using a B12, because our version is older, it is more recent in 1600 for it, that's when we're choosing 64 or 32-bit again. So in this case, I know we have a 64 bit OS. Again, 32-bit will work on a 64 bit. So if you're not sure, go with that one. But I not use 64-bit here. So I'm going to right-click and I can say copy the link address. While you're on plexus website to be sure to sign up for an account because you're going to need that once we installed on the server and once we go to login to the device, okay, let's go ahead and download this to our server. Now. The first thing we want to do then is go ahead and download the Plex server to our server, to our server. So I'm going to use w guess. I'm going to paste in the, paste in the link that we just copied. I'm going to hit down, no, so that's going to start to pull that down now. And we'll give it a minute or two just to download to our machine. Once that's downloaded, we'll take a look at it. So ls slash L. And we see it's there, it's a it's a debt file with Dead Files. We install them using installed are called dP, dP KG, the Debian package manager. So we wanted to do this is again using sudo, deep EKG slash i and then first few characters and then press Tab for to autocomplete. And that's going to install now the plex media server onto our server. Brilliant plexus now installed on our server. Okay, so I'm going to clear the screen here. I have a movie file saved in my SRC folder. So if I go to slash S or V and I LSL, I see I have a movie there. Note that the movie is owned by the, by the Jupiter or user and is also in the Jupiter group. The Plex server runs using its own user account called Plex. So what we need to do is we need to make sure that the plex user has read permissions to this file. So to do that, we're going to add the plex user into the Jupiter group. If you're running a file server like we went through one data videos, we set it up using the Jupiter user. So all files that you move over to your server using a file, a file explorer browser window are going to be added an owned by Jupiter. So you want to make sure that plex has the rights that it needs to read that file. So to do that, I'm going to do a sudo user mode. I want to add or append a user to a group. So I want to select a for append and g to get the group name. So the group name that I'm going to give is Jupiter. And the user that I wanted to add is going to be the flex user. Brilliant. Let's test that quickly. I'm going to go pseudo groups flex. So I want to say what groups is the plex user in? And you see there the plexus and a user called Plex. It's an a group, sorry, it's in a group called Plex group called video and, and the Jupiter group brothers. Let's move on over to the file browser now. And we're going to set up the server. And we're going to add this file in. So over in a web browser, the first thing we do is we start by plugging in the IP address of our server. So 192168178 on 50 pecs uses port 32 400. So what we do is put in a colon 32 400s. And we've also got put in forward slash web to get to the web interface. So that's going to connect to the server and start to loggers in. Okay, So the first thing it's gonna do is going to ask us to login to the server. So using the account that we set up earlier on, we just begin by putting that in. So I haven't either username, I just drink before of auto coin and 52. And I just put in my password here then. Brilliant. Okay, so we've gotten a note again and walk through quickly how plex works. Check some server, it scans your media and then a pleasure media on your app. And that's brilliant. Okay, so we just say, we got it. It's going to come up with a screen here for a Plex Pass is really just an advertising feature. So if it's something that you're interested in by all means, but not for what we're doing right now. Okay, So service had a great They found a server first off. So home server, you can change to something else or if you want, I'm going to leave as, just as it is. I click Next. I wanted to add a library now. Okay, so the type of file is going to be in this, you can see a different type of library types you have here. So movies are obviously for movies or TV shows, music photos. If you have home videos or in a dash that you wanted to add this, the other videos would be the ones to choose from movies was gonna do is when it, when it scans them, is going to go out and try and find like a poster or an artwork fors wars were other videos that wouldn't do that. So movies you can shake and change names you need to. Okay, So next step then is to add the folders. So I know our folder is served, is saved on the slash S or V directory. So this one I click in here and I just click Add. So now at the top, now I can see slash SRB is there. And I click add to this. And then I'm going to click Add Library. And that's done. No. Okay, So you can add more if you have if you had them spread across different folders, by all means you could do that. But for the moment, I'm just going to click Next. Okay, So it's talking more about here about getting some apps, Nash, but for the moment we're okay with what we have. And we'll click Done. Brilliant. So here we are. So when we come in first into flex, it shows us as a default list of apps on screens that has painted this front screen. We can remove any of these at a time. But to find the server we've just set up, go into more. And we see here we have our home survive another server set up down here. But if we're going to movies here, we can see the movie we've added to pin this to the front screen. Again, we go and we go pin. And then when we go back then we can see it's now listed there. So I could remove some of these then in order to clean up the display that I have when I first log into flex. So I'll remove all of these. My home screen just consists of the movies that I've said on my, on my server. In order to play this movie now, just simply hover over and click on the play icon. You can see it'll come up with a series of controls on the bottom. And it starts into the movie there. And we can start. Okay, I'm going to close back out of the skin. And it show it comes up there now because it's a progress bar on the bottom showing how far along it's been. Sometimes you might find that the movie that's been added is Adams the wrong title. What's happened is plex has misidentified as to fix the matching of movie. Press the three buttons there, and go to fix match. You'll see it comes up with a number of options of what it could be. And then if one was incorrect, you could select the correct one and changes. You can also change the poster, thus display here, or the backgrounds that the displayed when the movies is, is being played. To do that, click on the pencil icon here. You have a number of options here to change, but the name, you can change the movie, you can change the name version changed some of the details. You can change the pollster does display in this case, I want to choose this one. I'll change the background that's being displayed. So I can change this one here. I'll save the changes and you'll see those reflected on the screen here right away. Another thing to take a look at is the settings for the plexus itself. So up the top here there's a spanner icon. If you click in there, you go through a wealth of options that you can change for the server itself. One in particular that I always change is relation to the library. I always set to scan the library automatically. So whenever I download or copy new file into it, it'll automatically identified, pick it up and scan is you can also have do that periodically on an hourly basis. And finally, every now and then you'll see a new server of plaques is made available. When I found sometimes is that if you leave for too long without updating that the player doesn't play anymore, it forces you to update. At that times, you'll see a banner common on the top of the window here saying there's new, a new version available. In that case, simply go through the steps that we did before, downloaded, use the Debian package manager to install it. And then that's all you need to do. It should pick it up and run automatically from there. Okay. I hope that helps and hope you get many happy hours of movie watching out of your server. 25. How Secure is Your Home Network: There is a constant level of traffic and background noise out there on the Internet. From malware and viruses looking for the next systems to infect, to very scans and probes sweeping the Internet. There's a lot going on. Your router blocks all of this unwanted, most likely malicious traffic that would otherwise be hitting your server. At the same time to your routers able to keep track of all requests that go out from your intern, from your network to the Internet and only allows in traffic and web pages which are responding to those requests. So while your server is much more secure behind your home router, you should not relax, but taking some fundamental security steps, as we will go through in the next few videos. It is best to adopt the perspective that it's not a case of if your server, with all your precious data, photos, et cetera, honors will be hacked. But when and take the necessary steps to protect it. Now, whenever you set up a new program or web application, give it a unique and long passphrase, not just a password. Consider three or four words mix with numbers and special characters. Also two, if there are any preset or default passwords in a program, be sure to change them. Don't use easily guessable a passphrase is either, not all attackers live on the other side of the world. And if you have sensitive data on your server and are using the name of your dog as the passwords that could easily be guessed by someone in your own home. I'll do devices on your network could be a source of attack against your server to if a laptop or IoT device gets infected with malware that could be used to launch an attack and to get onto your server. The best prevention here is to change all default passwords, set up your firewall, and install all patches for your server. Finally, consider physical security. If someone were to break into your home and steal your server, what would that mean to you in terms of data loss? Likewise, if there is a fire, consider the possible attacks and take measures to limit the impact now, before it's too late. 26. Setting Up Your Cloud Backups: The first three rules of computer security, backup, backup, and backup your data. You may be uploading important information to your server. So it's important to ensure that this is secure. In the event of a fire, a break-in, or even a hard drive failure. So there's a number of things that we're looking for from our backup solution. We want one which is offsite. So Cloud-based, working for one of which is secure and keeps this important. We're looking for one which is inexpensive. And also because we're working for loop from the command line for the moment, although there's always the option to install a desktop GUI on the server, we are looking for one, which is support for Linux tools. Many Cloud providers like Google or Dropbox offer free storage up to a certain amount, say about 15 gigabytes. I wouldn't recommend choosing your backup storage provider on that basis though, that you don't want to feel restricted to watch, you can upload or be afraid of breaching the limits. The cloud provider I'd recommend is Amazon AWS. They are extremely secure, an inexpensive. To give you an idea. I currently have about 75 or so gigabytes of photos and videos and content backed up there. I only pay about €4 per month. Also, there was a great command line Linux tool, which we are going to be using for our backups and our server called S3 command. S3 or Simple Storage Service, is the AWS service that we'll be using for backups. Files are stored in S3 buckets. And there are some rules over the naming of buckets that we'll cover in a minute. So in S3, we're gonna go ahead and do three things. We're going to create a user account and give it permissions to access our S3 because we're going to create the S3 book is that we're using for backups. And then we're also going to set up versioning and lifecycle management. So the deleted files are kept for a set time after deletion, just in case some are deleted accidentally. Once you've set up an Amazon AWS account, you're brought to the management console. Let's start off first by setting up our user. We go to services and type in IAM for identity access management. We click in here and it brings up the IAM console. We can manage our users or groups and all the security around that over the left-hand side and go click on to users. We're able to users panel. You'll see a list of your current users. We're going to click to add a new user. Okay, So let's give this user a name. I'll just call it server backups. For access type, this user won't be getting a password, so we won't be able to login like we've just done into the management console. Instead, we're going to use access keys for the Linux tools to login. So we're going to tick programmatic access, which gonna give us access keys as opposed to the console access, which will give us a password. For the permissions, then we want to set up what this user can do. So I'm going to create a group. This group is going to have permissions to access S3. So what I'm going to call this one here then is S3 full access. And I'm going to search for S3 here and go and tick to allow full access to this group. So any users that are members of this group now have full access to S3. Again, from a security perspective, that's all they need to do. So that's all the permissions that we need to give them. Move onto the next one. We're not gonna need any tags, is a chance to reviews. And then we're going to click to say create user. Okay, So he uses being created. And here's the access key and a secret key. At this point, you want to copy these keys. This is the only time you're going to see them. If you come back to view this user later on, you won't be able to see the secret access key. You would have to create one all over again. So copy it out at this time and that weighs then you have it ready for when we go to the command line. Okay, this kills this out. We'll go to S3 and we'll set up our actual storage bookers. So type in S3. There's two options here, S3 and S3 Glacier. We're just gonna go with S3. Okay? This is going to bring up the S3 console. Then. Of all we start with seeing is any book, is there already existing? Were LC going to create a new one? Okay. First thing we need to do is give it a name. S3 bucket naming. You must, you must make sure first of all, that your name is unique within the region that you're choosing. So what that means is that whatever name you give your book is, must not be used by anyone else within the region that you're within. So I'm within EU West one. So I want to make sure that whatever name I choose, nobody else is currently using. So I'm just going to call this one. Server backups. There's also some other rules around the length version must be a maximum of 63 characters. And it can only contain lowercase numbers, dots and hyphens, not the full list of rules. You can see there's a link here, so it's worthwhile just taking a look at that. But the key thing is the uniqueness of the moment. Okay, So the region then choose a region that's close to you. Again, for data, for cost purposes, it's cheaper to have any closer to you than it is to send it to right across the world and, and say back-up my data in Japan or so, if I'm in Dublin, I come down to access, then you can have these book. It's open to the, open to the Internet. So anyone who has the link can access it and scanners and access the data. So in this case, because our backups, we obviously want obviously want to turn that off. I'm just going to go ahead and say Create bookish. Oh, okay. So somebody else helps. He has a book or with this name already, so I'll just call this 0011. And I'll say Create book is brilliant. That's been set up. Okay, let's go into our book and then the last thing we will go into do is set up versioning. There is no recycle bin in S3. So when you delete a file, it's gone, similar to the command line, it's gone. The closest thing that you have to enabling versioning. What versioning does is it keeps versions of a file when that file gets changed or deleted or overwritten. So we're going to turn that on here. So that gives us the option then that if a file does get deleted, we always have the option to come back and restore the file again. Now simply turning that on, we'll just add and add and add to the stores that you're using with each new version is a new file. And that adds to the cost of the S3 service that you are going to be billed for. So what we also want to do with, we also want to add lifecycle management. And what this does is this will allow us to first certain time after deletion, say, to delete those old versions. So what I'm going to say is going to add a rule here. And I'm going to say, he's going to call an old backup deletions, go apply to all objects within this bookers. It's going to apply on previous versions. So what we're going to do is after a set time, we're going to after 60 days. We're gonna say we're gonna delete any old versions. So that will, that will keep track of, that will doubt keep men that would manage all the versions that had been superseded is make sure that we do have certain time periods to restore and he fires have been accidentally deleted. But it also keeps our storage costs under control. So this is going to apply to all objects in the book as we understand. And that's done. So any old any files that are deleted, we're going to after six days, we're going to we're going to release those. Okay. Go and copy the name of the brokers. And in the next video we're going to jump on over to the command line where we'll start S3 commands that the next tool, we'll begin our backups. 27. Backing Up Your Important Files: The tool we'll be using for backups on the command line is called S3 command. This tool is available in the 12 repositories. So to installers, we run sudo apt install S3, CMD. It's a small package, so it should install it pretty quickly. And there it goes, It's finished. The first thing we want to do then is we want to configures with the access key and secret key with the we set up earlier. So we run sudo S3 command, hyphen, hyphen, configure. The first thing is going to look for then is what is the access key that we're using here? Of this paste in our access key. What's our secret key then? So we copy our secret key and we paste it in here also to default region. Wanna do is ask you for the region that you're backing up to. I've found that it doesn't make it make a difference in terms of the ability to backup. So you can start to put your region in or you can just click Return and just move on through them. The next few also, next few questions are just going to click, click-through and move on, pass them. This one's asking for the encryption password. S3 does have the ability to encrypt your files saved to S3. We haven't done that. We were set up S3 there. So I'm just going to click past this one also two. The important thing is the s3 command does use HTTPS when it's transporting and backing up your files to S3 to Amazon. So everything is moved over a secure encrypted channel. But again, here we're looking for, we're looking for proxies and dash. So would you want to use it? Yes, we certainly do you want to use it? Here's looking for HTTP proxy, which we don't have. That's fine. It asks now do we want to test the settings, which we do? Okay? So it says here's our access key is worked fine. But the encryption doesn't because we haven't got setup. But that's fine. We knew that should put the key thing is that it is able to access our accounts. Now, the very last line you can see here is where the configuration saved to. So in your home directory, it saved to a file called dot S3 configure. To see all of the options available for S3 command. Take a look at the man file. This manual shows all the options and various ways of running the file and what it can do. It really is a very feature-rich program. So it's worth taking a look down through this to see what's available. I have summarized the more important ones and more relevant ones. What we'll be doing into a handout, which is part of this video. I have a folder, a folder with some photos saved to our slash server directory. If we go in here and run LS, you see I have a photos directory and in dash, there are three photos. These are what we want to backup. So how did we do that? The syntax for the command is S3 command. We're going to sink. Sinking creates a mirror image of what's on your local server directory over to S3, which is what we want to do. We also want to add the delete removes option. Otherwise it is s3 command will not delete what's on S3 even if the file has been deleted on your server. Because what we want is a mirror image. We want to add this. Otherwise, like I said, it'll always just add to S3. It'll never remove stuff that you have removed on your, on your directory, on your server. Okay. What's the source directory that we want to back up? My backup. What's in the slash SRC folder? Well, we want to back it up to S3. Server backups 0, 0, 1, 1. And this one now take copy of what's there and move it over to S3 for us. Let's jump on back to the web browser. Take a look at S3 and confirm that these have indeed been backed up in our S3 management console. Now, if we go in and click into our server backups folder again, this will bring up the contents of the directory. And we can confront ourselves is that the three photos have indeed backed up. Okay? So we see the directory with the photos opens up. We want to click into this and that this should expand that to show us the contents of the folder. And there we see the three photos successfully backed up. There's a script included with this video, which will allow you to automate your backups without having to manually log on and run it each time. In this case, I've updated the script here with details of the server folder to be backed up and the name of the S3 bucket that I wanted to back it up to. So the first thing we want do is we want to make our script executable. This will allow it to be run or executed by our server. So we run CH mod command. We add the Executable flag to each group, and then we specify the file name. If I run ls l again, you can see now looking at the permission session that the execute permission has been added to all groups. The B12 has a built-in scheduled are called Cron. This allows scripts and programs to be run repeatedly on a set schedule. You can set the scheduled manually for a script, or you can take advantage of some preset daily, weekly, or monthly Cron schedule by moving your script into the relevant Cron folder. These are all saved. These are all saved in the ETC directory. You can see here we have a Cron daily scripts that run daily. There's an hourly, monthly and a weekly one with two scripts and is we're going to use the weekly Cron schedule to do that. Move your script into the ETC cron weekly folder. So it's a system owns directory, so we're going to need to use sudo. Sudo move S3 into CR1 weekly. For now, look at the contents of chron weekly. I can see our fall. Our File R Script is now sitting there. This will automatically allow you to run your backups on a weekly basis without you having to log on each time. And to do it. 28. Using a Firewall to Secure Your Server: A firewall is a fundamental part of your servers security, even on your home network. Let's take a look at how to set up your farmable on your 12 server. Now, we've seen before that a server has one IP, but can provide many services out to the network. It can be a web server, a name server, file server. Are you gonna move the server? So how does the server know when a client is connecting to is what's service it is looking for? The answer is it uses ports. Different services on the server will respond to traffic on different ports. So when your laptop, for instance, connects to a server, say to view a web page, it doesn't just connect using the IP address, but also the specific port. There are a maximum of 65,535 ports for TCP connections. And the same for UDP. Tcp and UDP are two different protocols that we won't go into in detail in this, in this program. But TCP in particular is used for connections which require a persistent connection to be maintained between the server and the clients. And the most common services will use port numbers of less than one, 0, 0, 0, 0. A firewall controls who can connect to your server based on IP and port number. Firewalls are a fundamental security feature even on a home network. If malware from a laptop, we're able to scan your server for vulnerabilities. They can connect and binds to an unused port and infect your server. We're going to be using a firewall to allow access only to the ports and services that we specify. I'm going to make an assumption this video that your home network is using IP version 4 addressing as opposed to IP version 6. How do you know? Ip version 4 is the much more widespread address for mesh with a familiar grouping of four numbers separated by dots. Ipv6, though newer, has not taken off as much as hoped for and uses a very different and distinctive addressing for mesh. We're going to be dissaving IPV6 in our firewall to make administering it a little easier. Okay, so the first thing we wanna do is want to check that the latest version of you have w is indeed installed. So sudo apt install you have w. And we find that it is indeed installed. So that's perfect. Okay, let's move on then. So what I wanna do is I want to disable IPV6 in the firewall. The reason being that whenever we go to add a rule to allow network traffic, it will currently add two rules, one for IPV4 and one for IPV6. I'm not using IPV6 and my network. I want to simplify what I see when I check the status of the firewall. So I'm going to disable IPV6. So I'm going to cd to the ETC, default directory. And if I list out the contents, I see down at the bottom, there's a file for you FW, it's owned by root. So I'm going to need sudo V i and u fw. Go down to the line where it has IPV6 equals yes. I don't want to change that to know save and exit. Okay. So I'll go back to my home directory just by typing CD. And I clear my screen. Okay, so the first rule we want to do is we want to add real to allow SSH traffic. Currently, if we turn on the firewall, it will block all traffic because there are no rules allowing any traffic at the moment. So we want to make sure that we can still connect to our server when the firewall is enabled. So first thing we do is sudo u fw, Allow SSH. And the rule has been updated. Now we can turn on the firewall. So pseudo, you have w enable. So we're going to turn it on. We're going to enablers. It says the commands may enter disrupt any existing SSH connections. Do you want to proceed? Because we're confident that we've just we've just added a real to allow us as h, We can say yes. And you can see we're still, we're still on the server here. Let me clear my screen here. And let's check the status of us. So if I go to sudo u fw status. You can see the status is active and we have one rule allowing traffic to the two ports, 22. The action is to allow us from anywhere. Again, you can have very specific, you can say only allow traffic from certain IPs. But in this case we're allowed traffic in from anywhere. Okay, so at this point, the only traffic allowed is on port 22. There is no web page, there is no web traffic allowed. So if we were to pull up a website and points to our web or our server's IP address here, you would say we wouldn't, we wouldn't see anything on us. We wouldn't be allowed to connect to us. So let's add a rule to allow web traffic. So pseudo, you have w Lao HTTP. And I'm going to add a comment in here also two, because you have, you have W has a feature for adding comments. So I'm going say comment is my web my web server, anything at all that will just allow you to see that. Now when we go to pseudo, you have w status. You can see we have port 80. And it also too. There are actually three state has commands to take note of. They, they, they, they serve different kind of features and functions. Pseudo you have w status is the basic one. It simply shows that the firewall is active and the ports that are allowed, the rules that are in your firewall. If I go to you have w status and add verbose, it gives you some more information. So it shows me how stays active. There's logging is turned on, it's low-level logging. You can again set this back in the ETC slash default slash DFW file. The default rules are in place also to, so the default rule on incoming traffic is to deny is. So what we're saying here is that unless we have a rule that is explicitly allowing traffic, by default, we're denying is. So we're blocking everything that we have notched purposely allowed, and that's what you want. The default route on outgoing traffic is to allow hours. So for any connections coming from the server out to the Internet, we're allowing, and again, that's what you want. And then for router traffic then as disabled, because a server can act as almost as a router where it takes traffic and 11 source and passes it on. We're not doing that what our server here. But the key one is the default for incoming traffic, which is saying that unless we have a rule allowing us, we're going to deny or block all traffic. Okay. So D01 then to that I want to show you is the status for numbered. And this like the like the like the basic status shows you that the firewall is turned on. But this time it's going to add a number beside each rule in your firewall. This comes in very useful for deleting and I'll show you why now. Say we now want to delete our web traffic. What we'll do is we'll do sudo. You have W, delete. And we wanna say we wanted to leave real number 2. I want to proceed with this. We say yes. And if we go back up again, then we find that rule has gone. If there were 10 rules in this firewall session, deletion rule number two would move everything up one. So now while was rule number 3 becomes real number 2. So they all filter up. That was once you have a few rules in your firewall rule set, you'll notice that the u fw status doesn't display them in numerical order, but rather in the order that you added them. This is an important concept to understand and is key to how firewalls work. Imagine this instance. You wanted to block all SSH connections for security reasons to your server, except those coming from a machine whose IP address is 192 dot 16, H dot 17, 8 dot 10. So your, your, your firewall now has a two rules as seen here and what do you think will happen? The order of rules is vitally important and the first match wins. In this case, the first match to an SSH connection says that all SSH traffic is to be denied. So even if you are connecting from the machine 100 to 16, age 17, 8, 10, your connection will be denied. So when adding rules, you must add the more specific rules first and the more general ones after. Luckily, there is a way to rectify this. So when we, when we run the numbered status command, it shows the number or position of each rule and the real session. In this, in this case, what we would do first of all is delete rule number 2 and then add it in again as rule number one. So pseudo you off if you have W insert one, and then add our rules. So allow from 19 to 160, 170, 10 to any on port 22. Again, just be sure to take note of the u fw man or manual page. It goes into a lot more detail on these. You can get very, very granular when it comes to firewall rules and a lot of detail here. There's also a very handy reference guide attached to this video. So feel free to take a look at that for more information on any of the rules that we've covered in this video. 29. Keeping the Server Updated and Patched: It's best security practice to keep your server and software fully patched and updated at all times. Every day, new bugs and vulnerabilities are being discovered in software and so on. These vulnerabilities compose a real threat to your server. Let's take a look at what's involved in staying updated. Your server maintains a database of available software which you can install using APT, the advanced packaging tool. It gets this list of software from the online repositories. It knows about. This list of software repositories is saved us at C, apt sources duct list. Any repository that is listed here is trusted by your server. As software such as the Apache web server for example, it gets updated. It is these online repositories where the new update is registered to have your server know, but the new version then run sudo apt, update. The apps to a, reaches out to the repositories and down knows a fresh list of available software and diversions and update its own local database. You can see what software on your server has upgrades available by running sudo apt lists upgradable to actually upgrade the system. Then run sudo apt upgrade. Optimal check the installed version of software against the latest version available, and install the upgrade. If there is one. For software which is not installed using APT and web application would be one example that comes to mind. You'll need to update these manually. Each software project will have a different update interface. But taking a look at WordPress here as an example, look for the update menu to install updates and run them from here. And finally, when a new major version of your Ubuntu operating system is released, it is possible to upgrade from the command line, update your repositories, upgrade your software, and finally run sudo do release upgrades. In this example will be upgrading from a 12 18 dot 04 to 2004 of 12 prefers not to run this release upgrade over an SSH connection. So you'll need to connect up a monitor and keyboard to your server and login locally. Note also to that this is going to be a big upgrade, possibly taken number of hours. So you'd be wise also to, to have taken backups of your important data first, just in case something doesn't work and you have to end up we installing the whole server again. 30. Simple Tools to Monitor Server Health: Linux as many very good command line tools from my configuration and performance of your server. Do you use invite information on how your system is performing? There are a lot of it will default and are present in pretty much all Unix distributions. So it really helps to get very familiar with them. Let's take a look at these now. The first system command we're going to look at is LSB release snatch a. This gives a lot of useful information about your server. The LSB project or Linux standard base involved isn't, involves several Linux distributions trying to establish a standard software structure for their distributions. So this command shows information about your district, including the disk or name, the release number, and the code name. In this case, you can see it's a bone to 2004 long-term support. The cold name is focal upon to assigns code names to all of their releases. 2004. It's called focal fossa. Fossa being a kind of a cat-like creature. The next system command to look at is cat. At C OS release. This command again shows an a la details about your system, what ID it is, what version it is, and all that type of information. In a little more of a machinery or before much. If you were to use this in a script or anything. Another very useful command is very well known one called uptime. And what this shows is how long your server has been up. So in this case, it's showing first of all, the local time. It, this server has been up for days, up running four days. There's one user logged on at the moment. And the load averages over the last one, 5 and 15 minutes are shown. So this where you get an indication of how busy your server has been, how active the CPU has been over the last 15 and 15 minutes. Another useful command is you name slash a. And this gives a lot of currently information. So what this shows is information related to your, the kernel, the kernel version that's in use. So here you have your, again your host name, your urine Karl of 5.4 release 26 dot kernel itself was released in April 28th, last. And you also have confirmation that this is a 64 bit processor. That's a news here. So X86 64 proves that it is a 64 bit processor you are using. For CPU information. There's one very good one command that gives a lot of rich information about your CPU. We're looking at the proc CPU info file. And again, this gives a lot of detail, but the CPU and your system, its speed is caching and any flags that are session for storage on your server. The first thing to look at is the file is the partitioning on the server. So f disk is a very famous command use for, for information about partitioning of us. So what it does is, and I'll scroll up a little bit. It starts off by showing the dev loop devices. So these are virtual devices that Linux uses to mount image files similar to the image file that you would have used during installation of your operating system. Down at the bottom, we have the disk for Dev SDA. And this again is the one that we're using as, as VirtualBox virtual hard drive. So it has the overall size of it as 9.878 gigs, about 10 gigabytes. And down here it has the partitioning others. So we see some two partitions. And you can see the respective sizes for each of those. To get another indication of what drives are mounted on your system. The mount command is very useful. So MT itself is used to mount or Attach File Systems to the Linux system. So say for example, if you were to attach a new hard drive or USB drive, while there appears a device under the slash dev directory, they can't be used until they're actually mounted on the file system. So a USB drive is an example where typically get mounted automatically by the system when it's plugged in. And this will often be under the slash Media directory. So only then would you be able to browse or cd to that dr and begin to access the files and folders. That's honors. So you can see here calling MTT on its own lists, the currently mounted file systems. So it's quite a busy display. What you would typically look for, anything that's under the slash dev devices to see what folder there mount says. So I'm going to, I'm going to call that again actually. And this I'm going to run through the sort command. See it's source them alphabetically. And here's my slash dev to folder. And I can see it's mounted on the root drive. Again, if you had a USB, you would see slash dev USB. And where that's mounted. The last storage command and to use is a particular useful one. It's df. So df reports on the disk space usage of your server. So calling myself, you can see here, it's not very clear how to read it or what all these numbers mean. But if we add the H flag to use human-readable numbers, then so be it looks a lot clear. So we can see here we've got temporary fs. We've got our main drive again. This is the 10 gigabyte dram drive. There are 5.2 gigs used, a 57 percent, which is 50 percent percent percent dollar. But we can see the fact that messages route indicates that this is our primary drive. Again, any other drives that you haven't listed here or partitions will also be reflected here. For memory or RAM usage. The first place to go is take a look at proc mem info. Again, this gives a lot of very rich information about, about the memory and use on your system. If you're looking for that dot-dot-dot depth of information. A very useful commands then in terms of understanding how much memories and your system is free. So free shows the amount of memory that's available, both in RAM and in swap memory. So again, the numbers are Bish. There, there'll be reporting kilobytes, so they're a bit difficult to understand unless we add the page blank again for human readable. So what we see here now is under total, we have 1.5 gig of RAM, of actual RAM. And this server, we have 1.9 gig of swap memory space on the hard drive that's reserved for if, if more memory is needed. Items that are applications that are not being used are moved to swap IE, move to the hard drive to make space for new applications. So looking at the numbers then, we can see going across the memory row, there's 500 megabytes in use at the moment, but we see there's only a 153 megabytes free. So what's going on? Well, Linux caches or stores data in RAM that it expects is going to need soon because this is a faster way of accessing his than trying to read from disk when it does come to is. So you can see how much is actually being cached in RAM by looking at the buffering and caching number there. So what we see is there is of those 500 megabytes in use, but there's 800 megabytes also in use for caching. But if an application or program comes along that needs dash, this can be freed up instantly, so it's not booked, It's not in total US, like application, like abuse for an application, the system would free to stop as it needs is. So reading what you have is not just a 150 megabytes free, but you overhear, you see you actually have 800 megabytes free. So that's the true figure that will tell you how much space is actually available to you. Okay, so the last commands then, the last set of commands we want to look at are ones for getting information about your network. The first one of these is to show what our IP addresses. So IP address Show will again bring back a very busy command showing us all the information about our network devices. So we'll take a look at those now and second, to try and shorten that down and get a bit, bit bit more condensed. If we do IP brief address Show, you can see it cuts it down now to the just the IP address itself. And in fact, we can go one step further. We can say IP colored, brief dress show. I can see it adds a bit of highlighting and coloring to it now. So again, what this is showing is the two network devices on this machine. The first one is the loopback device. So you will always have a loopback device. It's part of the Internet protocol, the IP protocol, that all of our devices will use. Loop I devices are special virtual network interfaces that your system used community communicate essentially with itself. It's always going to use it for use primarily for network diagnostics and troubleshooting. These will always have an IP address of one to seven dot-dot, dot-dot, dot-dot one, or in fact any one 27 dot x IP address will work for the loop back. And we can see here are our actual network card is the one list as EN POS S3 and we can see its IP address. There were nine to 16, 17, a 150. So what we have is all of this after then is the IPV6, IPV4 version four. And this IPV6 split primarily it's the, it's the IPV4 one is the one that you will be, you'll be using. The last command and I want to show you then is host name. And this simply list the host name of your server. So the host name is a network name for your computer. So in a network with many computers, many servers, it's often a lot easier to use a name to connect to and ping a device than having to remember the IP address. So rather than if we're on a bigger network, rather than having to remember 192 dot 16, 17, 8 dot 150. It's easier just to call this one home server. And then when you try and connect to home server, you're onto this machine. 31. Monitoring Server Performance from the Command Line: Knowing what processes are running on a server is key to be able to administer and troubleshoot properly. Maybe the server starts to run slow for some reason or something hanging. Or the fans start to want to full speed and you want to get an idea of what's going on. Let's take a look at a great tool that will allow you to do this. The default Linux tool for viewing the running processes on a server is called top. Top displays in a very dense form us a lot of information about your, your, your server, its processes, and what's going on. But there's something a little grey about us and it's not all that obvious how to use the information that's being displayed here. A much nicer, more user-friendly for mesh is one called htop. Htop is an interactive process viewer which uses coloring to give much more user-friendly view of your service performance. So let's go ahead and install that now. First thing we do is update our server software repository so that it knows about the latest version of the software available. Great, that's done. And then we go ahead and installs htop. It shouldn't still and nice and quickly and that's finished. Now, to run htop, then we simply type htop. Hf displays the information that your server and much more segment is and colorful and matter. Up in the top left we can see CPU, memory and the swap partition or being there, being describes CPU Otzi shows how busy your CPU is. Coloring is used to indicate the normal processes in green and Carlo processes are shown in red. For the memory, it's how much of your memory's being used. Green bars show the actual memory in use by programs or processes. Blue is Mehrabian buffered, and yellow is cached memory. And swap then is your servers swap partition. This is the partition that your server uses when it's running low on memory. And then it has to offload some processes and saved them off to the hard disk. Over in the top right. Then we have the tasks, the load, and the uptime task shows the number of processes on the server and how many of them are running. We can see here we have 27 tasks. We've 20 threads or simultaneous tasks, and only one of them is actually running. The rest is going to see in a moment, are sleeping. We can turn to turn the threads on and off by pressing shift in which the load is the average load and server over the last one, 5 and 15 minute periods. Uptime is the uptime of the server. In this case, 23 hours and three minutes. In the main body of the server then, well, we can swap the displays or we can see our number of null lot of information about the processes being running. There's a reference guide attached to this module which explains in more detail each of the sections. But that looks like, Let's look at some of the more important ones now. The PID is the process ID, is the unique indicator describing that process. And this can be very useful if you want to kill or stop the process. You can call it as byte by using its PID. The user is the name of the user which called the process. In this case, if we scroll down to the heat shock process as we ran it when we logged in as Jupiter is running under the Jupiter user. We can see for S is the stage, in this case htop, it's in a running state or, or the rest are sleeping sleeping process. As you can see, there's many of them here is one that is waiting for something like some input or network event. So while they're waiting, the sleeping state means the CPU that would ordinarily be used by them is made available for other processes to use. And this is, this is how your server manages processes and the resources that are assigned to us. If we look at CPU, then there's the percentage of processor time being used by each process. We can filter on CPU, we're pressing Shift and p. And it brings the highest usage process to the top. Memory is the percentage of memory being used by a process. And Shift and M will bring the highest user to the top shift. I will invert the selection and actually bring the lowest atop and shift. I'll work for any of these, any of these columns that we're looking at here. Time is how long a process has been running. Shift T would filter on those. And the commands then is the command that actually started the running process. You can show or hide the full path to the command by just pressing the PI button. Along the bottom, then we have function keys. Again, I'm Scott, talk about a few important ones. I have them all outlined in the reference guide. Attach this module. F3 will help you search for a particular process. So if we type F3, we can search for htop and you pull it up there. F4 will filter for a process. So if we type F for htop, it filters them all out, bar that one. And pressing F4 again should turn it off. It would delete that. F9 will kill or stop a process. So if we're hovered on htop there and we hover and it gives us number of options have to killers. The default one is, is, it will work just fine. And F ten then finally, helps us to exit htop. Or you can also press just a Q button for quit. Okay, I hope that was very useful. And look forward, seeing you guys in the next video. 32. Monitoring Your Storage Space: Being able to monitor files, their sizes are what's using up your storage is another key part to administering your home server. Let's take a look at a greater command line utility that will allow you to do this. Do is the default Linux tool for calculation file or folder sizes. We cover how to use this in another video. But it's not a very flexible tool. And you really have to know the syntax of the command in order to use it well. Ncd you is a great command line tool which will allow you to browse through files and folders quickly, identify the file sizes of the contents. It's very easy to use. It's very flexible. So let's go ahead and install this. First thing we do is update our software repositories so that our server knows about the latest version of it to install and download. Okay, and then we go ahead and install it as so sudo apt install NC, do. It's a very smallest file size. So she'll come down pretty quickly, grayish. By default, if you run NCD you without any parameters, it's going to scan the current directory that you're in. In our case, home directory of the Jupiter user. In order to scan the whole server. Let's tell to scan the root folder. So NCD, you route. It takes a few minutes to scroll through all the contents and it comes back pretty quickly. Brings. So here you can see the contents of your whole server sorted in order of size. We can scroll up and down through the contents using the arrow keys. If we want to go into any one of them, any of them in particular. All of the directories you can see have a forward slash before the name, so slash home slash user. Whereas this swap image is actually a file on the root partition, this is always the largest file in the root drive. By pressing the G key, we can swap between percentages, a percentage and a graph, or turn it off altogether and just have the font sizes. So to sleep the grass on graph on pressing the N key source by filename. Pressing S allows gained come back to the default file sizes and an orderBy sizes. We can put all the directories up before the files by pressing T. And that will toggle the file sizes or all the directories first. So let's go into one of them. Let's go into the home directory here. It's going to directory. You either press Enter or the right, the right arrow key. So I'm dropping here in the home directory. I see I only have one user, Jupiter. Let's go in here. And I get now into the home to Jupiter user. You can see the full path just up above, just the second line on the, on the, on the screen here. In order to get some information about a file. Go down to oppress the I button. And it'll bring up some details about the file, including whether it's a file or directory and the size of a. If we go down to a directory here, you can see pressing, I would call it offsets the config on home Jupiter. The type is now a directory. If I have a file that I realized is too large and I want to delete that file. I could do it from here also to by pressing the Delete key or D. D wants to lease in this case. I know that I do. So I say yes. Again, always bear in mind that there is no Recycle Bin and Linux, when you delete something from the command line, it's gone. In order to go back up a level. Then I can either go up here to the daughters, the two dots. And I can press Enter, or I can press H for home. Or I can press the left arrow key. Pressing or would refreshes if any changes are made, I want to refresh the screen pressing or we'll refresh that screen. And always remember you can always press the question mark. So shift and question mark in order to get all of your menu options and all the keys that can be pressed. Okay, That's NCD, you lobby tool, very small and very useful for identifying large files. I look forward, seeing you guys in the next video. 33. A Cool Web Tool to Monitor Your Server: Monitoring your service performance is key to managing this. And we've looked at some prayer, some command line tools in a previous video for doing exactly that. Sometimes though, it can be quicker and easier just to put up a webpage that shows you your critical server stats. What does many programs available out there for doing exactly this? I want to share with you one in particular that I love. And that's become my default tool when I'm running a server. The ad server Manager is a simple and lightweight web dashboard for displaying key Linux server stats. It's simple to deploy, looks good, and presents your most important information in a very easy to understand matter. The homepage is it server.com or easy server goes through the various features and provides links for both the web-based PHP script and the Linux script versions. We're going to be looking at just the web-based version here. But feel free to download and test scripts to and see if that works for you. To download the latest version. Go to the web-based pink page and find, find the link to our GitHub site. Over on GitHub. Then we're going to move down, click on the download link, go to zip file, right-click and copy the link address. Okay, Let's take that link now, a download to our server. So the first thing I'm gonna do is move to our web roots directory. And I'm going to use w guess, download the file that we have just, we've just copied or the LinkedIn which is copied bridge so that downloads there now. And you can see it's downloaded as master. Let's go ahead and unzip dash. And if I clear my screen and do an ls, l again, you can see now it's downloads the E-jet Server Manager directory. I'm going to rename that to something shorter. So I'll rename that to ESM for example. And I'm also going to delete the master file since we don't need that anymore. Right? Let's take a look in the ESM folder itself. So because he has a number of different files in here unready, there's nothing more that we actually need to do. This will run just fine when we, when we look at it in a browser now and a second, there is a file in the config directory. So if I look, if we look at the ls, Let's look in the directory. There is a file that will allow you to change some settings, but you don't need to. But this decimal name great thing about this file is that you can layer it just uploaders and begin using it straight away. Okay, so let's jump on over to the web browser and we'll take a look at it now. And let's plot, plot the IP address of our server in up here. So we wanted to 16, 17, 8 dot 150. That brings up the default page. Since we don't have anything on the web root directory itself, just the default page. And then we're going to put in the subdirectory of ESM burdens. There's a number of different modules or blocks that are loaded up here that given the variety of information, you can see your system information here like your net and your host name, your version. Over here you can see CPU activity over the last one, 5 and 15 minutes. Information on your CPU, your network cards, and how much data has transferred back and forth over them. You've got your disk space, your memory. The last Logan's. And finally these two modules down here at the bottom, these are what can be configured in the config folder. But again, they're not really neat as you can get by their great to have. But what, it's all the critical information up here that sometimes very handy to pull up in a webpage. Just a quickie browsers. Okay. Like I said, there's many different web web dashboards out there. Please do take time to go and look for one that works for you and that you'll enjoy. But this is one that I particularly love, and therefore I thought I wanted to share with you and see hope there was benefit, hope there's a benefit to you too. Okay. Thanks very much. I look forward to seeing you guys in the next video. 34. Conclusion: If you've gotten this far, you now have a working server at home. Well done. I'm genuinely proud of you. You've improved your technical expertise and you've built an asset that can be used enjoyed by everyone in your household and your family. And the skills you've learned can be used to find a new job or improve your current one. But whatever your motivations were for building home server, I'd love to hear your story. What are you working on and what do you need help with next? How can I help you more? Drop me an email at the address below. And best of luck with your ongoing learning and growth.