The lempstack_debian repository provides configuration files for setting up a secure LEMP web server on Debian.
Both php5 and php7.3 are supported, there are also configurations for fail2ban, goaccess and munin.
Below is an example of /etc/apt/sources.list, please refer to Debian SourceList.
deb http://deb.debian.org/debian testing main
deb http://deb.debian.org/debian testing-updates main
Using these configurations on current Debian stable would generally work. However, minor issues might be expected.
Below is an example of /etc/apt/sources.list, please refer to Debian SourceList.
deb http://deb.debian.org/debian stable main
deb http://deb.debian.org/debian-security/ stable/updates main
deb http://deb.debian.org/debian stable-updates main
Using new packages from Debian testing on Debian stable would generally work. However, minor issues might be expected.
Put all six sources above into /etc/apt/sources.list, and tell the system to install packages from Debian stable as default.
echo 'APT::Default-Release "stable";' > /etc/apt/apt.conf.d/99defaultrelease
Now packages could be installed from Debian stable like normal. To install packages from Debian testing, use -t to specify the desired release.
sudo apt-get update
sudo apt-get -t testing install nginx
To aviod Logjam attack the following command SHOULD be executed to generate your own dhparam. The provided example SHOULD NOT be used.
The generation process is going to take a long time (a few minutes).
sudo openssl dhparam -out /etc/ssl/private/dhparam.pem 4096 && sudo chmod 0640 /etc/ssl/private/dhparam.pem
These configurations are designed to run on low performance servers, typically those with 1-2 vCPU(s) and 1-2 GB of RAM.