Magento, the robust e-commerce platform acquired by Adobe in 2018, offers both open-source and commercial editions, allowing you to create high-capacity, professional shopping websites. This guide walks you through installing the open-source community edition of Magento along with Elasticsearch for advanced search capabilities, Redis for better caching solutions, and serving it with Nginx.
Prerequisites
- Your server should have Debian 12 installed, with a minimum of 2GB RAM, though more may be needed based on your specific needs.
- You need a non-root user with sudo privileges.
- A fully qualified domain name (FQDN) such as
magento.example.com. - Ensure your system is updated with:
sudo apt update sudo apt upgrade
Install necessary system packages (some may already be installed):
sudo apt install wget curl nano ufw software-properties-common dirmngr apt-transport-https gnupg2 ca-certificates lsb-release debian-archive-keyring unzip -y
Step 1 – Configure Firewall
Debian comes with ufw (Uncomplicated Firewall) by default. Start by checking the status and configuring the firewall:
sudo ufw status
Ensure your output matches below for it to be active:
Status: active To Action From -- ------ ---- OpenSSH ALLOW Anywhere OpenSSH (v6) ALLOW Anywhere (v6)
Allow HTTP and HTTPS ports:
sudo ufw allow http sudo ufw allow https
Verify the status again to ensure the rules are applied:
sudo ufw status
Step 2 – Install PHP and Required Extensions
Install PHP 8.2 and necessary extensions for Magento:
sudo apt install php-fpm php-cli php-mysql php-mbstring php-xml php-gd php-bcmath php-zip php-curl php-tidy php-intl php-soap php-xsl libsodium-dev libsodium23 libssl-dev libcurl4-openssl-dev
To stay updated with PHP versions, add Ondrej’s PHP repository:
sudo curl -sSLo /usr/share/keyrings/deb.sury.org-php.gpg https://packages.sury.org/php/apt.gpg sudo sh -c 'echo "deb [signed-by=/usr/share/keyrings/deb.sury.org-php.gpg] https://packages.sury.org/php/ $(lsb_release -sc) main" > /etc/apt/sources.list.d/php.list' sudo apt update sudo apt install php8.2-fpm php8.2-mysql php8.2-bcmath php8.2-xml php8.2-zip php8.2-curl php8.2-mbstring php8.2-gd php8.2-tidy php8.2-intl php8.2-cli php8.2-soap php8.2-xsl libsodium-dev libsodium23 libssl-dev libcurl4-openssl-dev
Verify PHP installation:
php --version PHP 8.2.8 (cli) (built: Jul 16 2023 11:00:43) (NTS)
Step 3 – Install Composer
Composer, necessary for dependency management in PHP, is crucial for Magento installation. Get Composer 2.2 LTS:
php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
php composer-setup.php --2.2
php -r "unlink('composer-setup.php');"
sudo mv composer.phar /usr/local/bin/composer
Verify the Composer installation by checking its version:
composer --version Composer version 2.2.21 2023-02-15 13:07:40
Step 4 – Install MariaDB
Install MariaDB, as MySQL packages are not available for Debian 12 yet:
sudo apt install mariadb-server mysql --version mysql Ver 15.1 Distrib 10.11.3-MariaDB, for debian-linux-gnu (x86_64) using EditLine wrapper
Note: MariaDB version is not currently supported by Magento, so a workaround will be used later.
Secure the MariaDB installation:
sudo mysql_secure_installation
By default, there is no password for the root user. Follow the prompts to remove anonymous users, disallow remote root logins, and remove the test database.
Step 5 – Configure MariaDB
Create a Magento database and user:
sudo mysql mysql> CREATE DATABASE magento; mysql> CREATE USER 'magentouser'@'localhost' IDENTIFIED BY 'Your_password2'; mysql> GRANT ALL PRIVILEGES ON magento.* TO 'magentouser'@'localhost'; mysql> FLUSH PRIVILEGES; mysql> exit
For administrative tasks, create a separate SQL user:
MariaDB> GRANT ALL ON *.* TO 'adminuser'@'localhost' IDENTIFIED BY 'YourSecurePassword!' WITH GRANT OPTION;
Step 6 – Install Nginx
To install the latest version of Nginx, add its official repository:
curl https://nginx.org/keys/nginx_signing.key | gpg --dearmor | sudo tee /usr/share/keyrings/nginx-archive-keyring.gpg >/dev/null echo "deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] http://nginx.org/packages/debian `lsb_release -cs` nginx" | sudo tee /etc/apt/sources.list.d/nginx.list sudo apt update sudo apt install nginx
Verify the Nginx version:
sudo nginx -v nginx version: nginx/1.24.0
Start and enable Nginx service:
sudo systemctl start nginx
Step 7 – Install SSL
Install and setup Certbot for SSL certification using Snapd:
sudo apt install snapd sudo snap install core && sudo snap refresh core sudo snap install --classic certbot sudo ln -s /snap/bin/certbot /usr/bin/certbot certbot --version
Generate an SSL certificate:
sudo certbot certonly --nginx --agree-tos --no-eff-email --staple-ocsp --preferred-challenges http -m name@example.com -d magento.example.com
Generate a Diffie-Hellman certificate:
sudo openssl dhparam -dsaparam -out /etc/ssl/certs/dhparam.pem 4096
Ensure automatic renewal is set:
sudo systemctl list-timers sudo certbot renew --dry-run
Step 8 – Install Elasticsearch
Elasticsearch enables powerful search capabilities within Magento. Install it following these steps:
wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo gpg --dearmor -o /usr/share/keyrings/elasticsearch-keyring.gpg echo "deb [signed-by=/usr/share/keyrings/elasticsearch-keyring.gpg] https://artifacts.elastic.co/packages/7.x/apt stable main" | sudo tee /etc/apt/sources.list.d/elastic-7.x.list sudo apt update sudo apt install elasticsearch
Configure Elasticsearch memory based on your server capacity:
sudo nano /etc/elasticsearch/jvm.options.d/memory.options
-Xms512m -Xmx784m
Enable and start the Elasticsearch service:
sudo systemctl enable elasticsearch --now curl http://localhost:9200
Step 9 – Install Redis Server
Redis greatly improves Magento’s session and cache storage performance:
curl -fsSL https://packages.redis.io/gpg | sudo gpg --dearmor -o /usr/share/keyrings/redis-archive-keyring.gpg echo "deb [signed-by=/usr/share/keyrings/redis-archive-keyring.gpg] https://packages.redis.io/deb $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/redis.list sudo apt update sudo apt install redis
Verify Redis installation:
redis-server -v
Secure your Redis server by setting a password:
redis-cli 127.0.0.1:6379> acl setuser default >Your_Redis_Password 127.0.0.1:6379> AUTH Your_Redis_Password 127.0.0.1:6379> ping 127.0.0.1:6379> exit
Step 10 – Download Magento
Create a directory for Magento and set permissions:
sudo mkdir /var/www/magento -p sudo chown $USER:$USER /var/www/magento/ -R
Acquire Magento authentication keys by signing up on Magento. Use these keys for installation:
nano ~/.config/composer/auth.json
{
"http-basic": {
"repo.magento.com": {
"username": "",
"password": ""
}
}
}
Download and set up the Magento project:
cd /var/www/magento composer create-project --repository-url=https://repo.magento.com/ magento/project-community-edition . sed -i 's/php-fpm:9000/fastcgi_backend/g' /var/www/magento/nginx.conf.sample
Configure permissions:
sudo find var generated vendor pub/static pub/media app/etc -type f -exec chmod g+w {} +
sudo find var generated vendor pub/static pub/media app/etc -type d -exec chmod g+ws {} +
sudo chown -R :nginx .
sudo chmod u+x bin/magento
Step 11 – Install Magento
Modify compatibility check to support MariaDB 10.11.3:
sudo nano /var/www/magento/app/etc/di.xml
<item name="MariaDB-(10.2-10.6)" xsi:type="string">^10\.[2-6]\.</item> <item name="MariaDB-(10.2-10.11)" xsi:type="string">^10\.([2-9]|10|11)\.</item>
Install Magento with necessary configuration details such as base URL, database, and cache settings:
cd /var/www/magento bin/magento setup:install \ --base-url=http://magento.example.com \ --use-secure=1 \ --base-url-secure=https://magento.example.com \ --use-secure-admin=1 \ --db-host=localhost \ --db-name=magento \ --db-user=magentouser \ --db-password=Your_password2 \ --admin-firstname=FirstName \ --admin-lastname=LastName \ --admin-email=admin@example.com \ --admin-user=admin \ --admin-password=admin_password \ --language=en_US \ --currency=USD \ --timezone=America/Chicago \ --use-rewrites=1 \ --elasticsearch-host=http://127.0.0.1 \ --elasticsearch-port=9200 \ --session-save=redis \ --session-save-redis-db=0 \ --session-save-redis-password=redis_password \ --cache-backend=redis \ --cache-backend-redis-db=2 \ --cache-backend-redis-password=redis_password \ --page-cache=redis \ --page-cache-redis-db=4 \ --page-cache-redis-password=redis_password
Create Magento cron jobs for scheduled operations:
php bin/magento cron:install crontab -l
Step 12 – Configure PHP-FPM
Configure PHP-FPM to run under the Nginx user:
sudo nano /etc/php/8.2/fpm/pool.d/www.conf
user = nginx group = nginx
Change socket ownership:
listen.owner = nginx listen.group = nginx
Adjust PHP-FPM settings for Magento:
sudo sed -i 's/max_execution_time = 30/max_execution_time = 180/' /etc/php/8.2/fpm/php.ini sudo sed -i 's/max_execution_time = 30/max_execution_time = 180/' /etc/php/8.2/cli/php.ini sudo sed -i 's/memory_limit = 128M/memory_limit = 256M/' /etc/php/8.2/fpm/php.ini
Adjust file size limit in PHP settings:
sudo sed -i 's/upload_max_filesize = 2M/upload_max_filesize = 25M/g' /etc/php/8.2/fpm/php.ini sudo sed -i 's/post_max_size = 8M/post_max_size = 25M/g' /etc/php/8.2/fpm/php.ini
Enable Zlib Compression:
sudo sed -i 's/zlib.output_compression = Off/zlib.output_compression = On/g' /etc/php/8.2/fpm/php.ini
Restart PHP-FPM service:
sudo systemctl restart php8.2-fpm
Update permissions for the PHP sessions directory:
sudo chgrp -R nginx /var/lib/php/sessions
Step 13 – Configure Nginx
Adjust server configuration in Nginx to accommodate Magento:
sudo nano /etc/nginx/nginx.conf
server_names_hash_bucket_size 64;
Create a Magento Nginx configuration file:
sudo nano /etc/nginx/conf.d/magento.conf
upstream fastcgi_backend {
server unix:/run/php/php8.2-fpm.sock;
}
server {
# Redirect any http requests to https
listen 80;
listen [::]:80;
server_name magento.example.com;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name magento.example.com;
set $MAGE_ROOT /var/www/magento;
include /var/www/magento/nginx.conf.sample;
client_max_body_size 25m;
access_log /var/log/nginx/magento.access.log;
error_log /var/log/nginx/magento.error.log;
# TLS configuration
ssl_certificate /etc/letsencrypt/live/magento.example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/magento.example.com/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/magento.example.com/chain.pem;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384';
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:50m;
ssl_session_timeout 1d;
# OCSP Stapling ---
# fetch OCSP records from URL in ssl_certificate and cache them
ssl_stapling on;
ssl_stapling_verify on;
ssl_dhparam /etc/ssl/certs/dhparam.pem;
}
Test the Nginx configuration and restart the service:
sudo nginx -t sudo systemctl restart nginx
Step 14 – Disable Two-Factor Authentication
Disable Two-Factor Authentication to access the admin portal; this can be re-enabled after setting up SMTP for emails:
php /var/www/magento/bin/magento module:disable Magento_AdminAdobeImsTwoFactorAuth php /var/www/magento/bin/magento module:disable Magento_TwoFactorAuth
Compile Magento classes and clean the cache:
php /var/www/magento/bin/magento setup:di:compile php /var/www/magento/bin/magento c:c
Step 15 – Access the Administration Portal
Verify the Admin URI to access the Magento admin dashboard and configure SMTP settings for email transmission:
php /var/www/magento/bin/magento info:adminuri
Visit the Admin portal using your specific Admin URI and log in with your credentials.
Step 16 – Enable and Configure Two-Factor Authentication
After SMTP configuration, re-enable Two-Factor Authentication for added security:
php /var/www/magento/bin/magento module:enable Magento_AdminAdobeImsTwoFactorAuth php /var/www/magento/bin/magento module:enable Magento_TwoFactorAuth php /var/www/magento/bin/magento setup:upgrade php /var/www/magento/bin/magento setup:di:compile php /var/www/magento/bin/magento c:c
Use an authenticator app like Google Authenticator or Authy to configure Two-Factor Authentication, ensuring a secure environment for admin access.
Conclusion
Following the steps outlined above, you can successfully set up a Magento e-commerce platform on a Debian 12 server. Should you have questions, feel free to leave a comment below.
FAQ
1. Can I use MySQL instead of MariaDB?
Yes, you can use MySQL, but since Debian 12 does not ship with MySQL by default, MariaDB is a viable alternative. Make sure to adjust configurations accordingly.
2. How do I troubleshoot installation errors?
Check the logs in /var/www/magento/var/log for specific error details and verify that all system prerequisites are met.
3. How often should I update my Magento installation?
Regular updates are crucial for security and feature improvements. Adobe often releases patches and updates, so continuously monitor for these releases.
4. What can I do if my SSL certificate fails renewal?
Ensure the certbot service is running properly and review any error logs produced by certbot renew --dry-run for guidance.
5. How to enable Two-Factor Authentication if I skipped it during the setup?
You can enable it anytime by running the commands to enable the respective Magento modules and configuring your preferred authentication method through the Magento admin panel.