Using a Different System?
-
How to Install Lychee 3.1 Photo Album on a Debian 9 LAMP VPS
-
How to Install Lychee 3.1 Photo Album on a Fedora 26 LAMP VPS
-
How to Install Lychee 3.1 Photo Album on a FreeBSD 11 FAMP VPS
-
How to Install Lychee 3.1 Photo Album on an Ubuntu 16.04 LAMP VPS
Lychee 3.1 Photo Album is a simple and flexible, free and open source photo-management tool which runs on a VPS server. It installs in a matter of seconds, enabling you to upload, manage, and share photos quickly and securely. Lychee 3.1 features Dropbox import, (with a valid drop-ins app key). It can be expanded with new features via plug-ins which can, for instance, allow you to sync with any directory containing photos, upload photos via SSH, create RSS feeds out of your photos, add watermarks to your photos, plus many other advanced and useful features.
In this tutorial, we are going to install Lychee 3.1 Photo Album on a CentOS 7 LAMP VPS using Apache web server, PHP 7.1, and a MariaDB database.
Prerequisites
- A clean Vultr CentOS 7 server instance with SSH access
Step 1: Add a Sudo User
We will start by adding a new sudo
user.
First, log into your server as root
:
ssh root@YOUR_VULTR_IP_ADDRESS
Add a new user called user1
(or your preferred username):
useradd user1
Next, set the password for the user1
user:
passwd user1
When prompted, enter a secure and memorable password.
Now check the /etc/sudoers
file to make sure that the sudoers
group is enabled:
visudo
Look for a section like this:
%wheel ALL=(ALL) ALL
This line tells us that users who are members of the wheel
group can use the sudo
command to gain root
privileges. It will be uncommented by default, so you can simply exit the file.
Next we need to add user1
to the wheel
group:
usermod -aG wheel user1
We can verify the user1
group membership and check that the usermod
command worked with the groups
command:
groups user1
Now use the su
command to switch to the new sudo user user1
account:
su - user1
The command prompt will update to indicate that you are now logged into the user1
account. You can verify this with the whoami
command:
whoami
Now restart the sshd
service so that you can login via ssh
with the new non-root sudo user account you have just created:
sudo systemctl restart sshd
Exit the user1
account:
exit
Exit the root
account (which will disconnect your ssh
session):
exit
You can now ssh
into the server instance from your local host using the new non-root sudo user user1
account:
ssh user1@YOUR_VULTR_IP_ADDRESS
If you want to execute sudo without having to type a password every time, then open the /etc/sudoers
file again, using visudo
:
sudo visudo
Edit the section for the wheel
group so that it looks like this:
%wheel ALL=(ALL) NOPASSWD: ALL
Please note: Disabling the password requirement for the sudo user is not a recommended practice, but it is included here as it can make server configuration much more convenient and less frustrating, especially during longer systems administration sessions. If you are concerned about the security implications, you can always revert the configuration change to the original after you finish your administration tasks.
Whenever you want to log into the root
user account from within the sudo
user account, you can use one of the following commands:
sudo -i
sudo su -
You can exit the root
account and return back to your sudo
user account any time by simply typing the following:
exit
Step 2: Update CentOS 7 System
Before installing any packages on the CentOS server instance, we will first update the system.
Make sure you are logged into the server using a non-root sudo user and run the following command:
sudo yum -y update
Step 3: Install Apache Web Server
Install the Apache web server:
sudo yum -y install httpd
Then use the systemctl
command to start and enable Apache to execute automatically at boot time:
sudo systemctl enable httpd
sudo systemctl start httpd
Check your Apache configuration file to ensure that the DocumentRoot
directive points to the correct directory:
sudo vi /etc/httpd/conf/httpd.conf
The DocumentRoot
configuration option will look like this:
DocumentRoot "/var/www/html"
Now, let’s make sure that the mod_rewrite
Apache module is loaded. We can do this by searching the Apache base modules configuration file for the term “mod_rewrite
“.
Open the file:
sudo vi /etc/httpd/conf.modules.d/00-base.conf
Search for the term mod_rewrite
.
If the mod_rewrite
Apache module is loaded, you will find a configuration line looking like this:
LoadModule rewrite_module modules/mod_rewrite.so
If the above line starts with a semi-colon, you will need to remove the semi-colon to uncomment the line and load the module. This, of course, applies to any other required Apache modules too.
We now need to edit Apache’s default configuration file so that mod_rewrite
will work correctly with Lychee.
Open the file:
sudo vi /etc/httpd/conf/httpd.conf
Then find the section that starts with <Directory "/var/www/html">
and change AllowOverride none
to AllowOverride All
. The end result (with all comments removed) will look something like this:
<Directory "/var/www/html">
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
Now save and close the Apache configuration file.
We will restart Apache at the end of this tutorial, but restarting Apache regularly during installation and configuration is certainly a good habit, so let’s do it now:
sudo systemctl restart httpd
Step 4: Open Web Firewall Ports
We now need to open the default HTTP
and HTTPS
ports as they will be blocked by firewalld
by default.
Open the firewall ports:
sudo firewall-cmd --permanent --add-port=80/tcp
sudo firewall-cmd --permanent --add-port=443/tcp
Reload the firewall to apply the changes:
sudo firewall-cmd --reload
You will see the word success
displayed in your terminal after each successful firewall configuration command.
We can quickly verify that the Apache HTTP
port is open by visiting the IP address or domain of the server instance in a browser:
http://YOUR_VULTR_IP_ADDRESS/
You will see the default Apache web page in your browser.
Step 5: Disable SELinux (if enabled)
SELinux stands for “Security Enhanced Linux”. It is a security enhancement to Linux which allows users and administrators more control over access control. It is disabled by default on Vultr CentOS 7 instances, but we will cover the steps to disable it, just in case you are not starting from a clean install and it was previously enabled.
To avoid file permission problems with Lychee we need to ensure that SELinux is disabled.
First, let’s check whether SELinux is enabled or disabled with the sestatus
command:
sudo sestatus
If you see something like: SELinux status: disabled
then it is definitely disabled and you can skip straight to Step 6. If you see any other message, then you will need to complete this section.
Open the SELinux configuration file with your favourite terminal editor:
sudo vi /etc/selinux/config
Change SELINUX=enforcing
to SELINUX=disabled
and then save the file.
To apply the configuration change, SELinux requires a server reboot, so you can either restart the server using the Vultr control panel or you can simply use the shutdown
command:
sudo shutdown -r now
When the server reboots, your SSH session will get disconnected and you may see a message informing you about a 'broken pipe'
or 'Connection closed by remote host'
. This is nothing to worry about, simply wait for 20 seconds or so and then SSH back in again (with your own username and domain):
ssh user1@YOUR_DOMAIN
Or (with your own username and IP address):
ssh user1@YOUR_VULTR_IP_ADDRESS
Once you have logged back in, you should check the status of SELinux again with the sestatus
command to make sure it is properly disabled:
sudo sestatus
You should see a message saying SELinux status: disabled
. If you see a message saying SELinux status: enabled
(or something similar) you will need to repeat the above steps and ensure that you properly restart your server.
Step 6: Install and Configure PHP 7.1
CentOS 7 requires us to add an external repo in order to install PHP 7.1, so run the following command:
sudo rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm
We can now install PHP 7.1 along with all of the necessary PHP modules required by Lychee:
sudo yum -y install php71w php71w-gd php71w-mbstring php71w-mysql php71w-xml php71w-common php71w-pdo php71w-mysqlnd
Since we may need to use Lychee to upload and process large files, we will need to change some of the default PHP settings.
Open the php.ini
configuration file:
sudo vi /etc/php.ini
Change the following PHP options to these values:
max_execution_time = 300
post_max_size = 100M
upload_max_size = 100M
upload_max_filesize = 50M
memory_limit = 256M
When you have finished, save and exit the file.
If you ever run into problems with not being able to upload or process large files with Lychee then simply try increasing the above values further, as that can solve your problems.
Step 7: Install MariaDB (MySQL) Server
CentOS 7 defaults to using MariaDB database server, which is an enhanced, fully open source, community developed, drop-in replacement for MySQL server.
Install MariaDB database server:
sudo yum -y install mariadb-server
Start and enable MariaDB server to execute automatically at boot time:
sudo systemctl enable mariadb
sudo systemctl start mariadb
Secure your MariaDB server installation:
sudo mysql_secure_installation
The root
password will be blank, so simply hit enter when prompted for the root
password.
When prompted to create a MariaDB/MySQL root
user, select “Y” (for yes) and then enter a secure root
password. Simply answer “Y” to all of the other yes/no questions as the default suggestions are the most secure options.
Step 8: Create Database for Lychee
Log into the MariaDB shell as the MariaDB root
user by running the following command:
sudo mysql -u root -p
To access the MariaDB command prompt, simply enter the MariaDB root
password when prompted.
Run the following queries to create a MariaDB database and database user for Lychee:
CREATE DATABASE lychee_db CHARACTER SET utf8 COLLATE utf8_general_ci;
CREATE USER 'lychee_user'@'localhost' IDENTIFIED BY 'UltraSecurePassword';
GRANT ALL PRIVILEGES ON lychee_db.* TO 'lychee_user'@'localhost';
FLUSH PRIVILEGES;
EXIT;
You can replace the database name lychee_db
and username lychee_user
with something more to your liking, if you prefer. (Please note that the default maximum length for usernames in MariaDB on CentOS 7 is 16 characters). Also, make sure that you replace “UltraSecurePassword” with an actually secure password.
Step 9: Install Lychee Files
Change your current working directory to the default web directory:
cd /var/www/html/
If you get an error message saying something like 'No such file or directory'
then try the following command:
cd /var/www/ ; sudo mkdir html ; cd html
Your current working directory will now be: /var/www/html/
. You can check this with the pwd
(print working directory) command:
pwd
Now use wget
to download the Lychee installation package:
sudo wget --content-disposition https://github.com/electerious/Lychee/archive/v3.1.6.zip
Please note: You should definitely check for the most recent version by visiting the Lychee download page.
List the current directory to check that you have successfully downloaded the file:
ls -la
Let’s quickly install unzip
so we can unzip the file:
sudo yum -y install unzip
Now uncompress the zip archive:
sudo unzip Lychee-3.1.6.zip
Move all of the installation files to the web root directory:
sudo mv -v Lychee-3.1.6/* Lychee-3.1.6/.* /var/www/html 2>/dev/null
Change ownership of the web files to avoid any permissions problems:
sudo chown -R apache:apache * ./
Set world readable permissions on the upload
and data
directories:
sudo chmod -R 777 data/ upload/
Restart Apache again:
sudo systemctl restart httpd
Now we’re ready to move onto the final step.
Step 10: Complete Lychee Installation
It’s now time to visit the IP address of your server instance in your browser, or if you’ve already configured your Vultr DNS settings (and given it enough time to propagate) you can simply visit your domain instead.
To access the Lychee installation page, enter your Vultr instance IP address into your browser address bar:
http://YOUR_VULTR_IP_ADDRESS/
-
On the
Database Connection Details
page, enter the following database values:Database Host: localhost Database Username: lychee_user Password: UltraSecurePassword Database Name: lychee_db
Click
Connect
to continue. -
Enter a
Username
andPassword
for your installation:Username: <your username> Password: <a secure password>
Click
Create Login
to continue.
You will be automatically redirected to your album upload page and logged into the admin section. If you want to change the settings you can click on the gear icon in the top left corner of the page.
To change the more advanced settings, you will need to return to the terminal and edit the Lychee configuration file:
sudo vi data/config.php
If you haven’t yet configured your Vultr DNS settings, you can do so using the Vultr DNS control panel.
It’s also advisable to configure your site to use SSL as most modern browsers will give warnings when sites do not have SSL enabled and SSL certificates are now available for free.
In any case, you are now ready to start uploading and sharing your photos. Make sure you check out the Lychee docs for more information about how to configure and use your photo manager.
Want to contribute?
You could earn up to $300 by adding new articles
Suggest an update
Request an article