Drupal¶
OpenLiteSpeed Drupal One-Click automatically installs OpenLiteSpeed, Drupal and LSCache. It also automates initial setup for components like PHP OPCache to reduce the time it takes to optimize a web server.
Quick Start¶
Step 1.¶
Use the OpenLiteSpeed Drupal 1-Click App to create a Droplet with any plan you want. Click here to create an account and get a $100 Digital Ocean credit.
Use the "OpenLiteSpeed Drupal app" to create a server with any plan you want. Click here to create an account and get a $100 Vultr credit.
Use the "Deploy OpenLiteSpeed Joomla" to create a server with any plan you want. Click here to create an account
- Login to the Google Cloud Platform and click Launch a VM instance on Compute Engine.
Method 1. Through Subscribe
- Subscribe to OpenLiteSpeed Drupal
- Click Continue to Launch and Launch
Method 2. Through EC2 console
- Open the Amazon EC2 console
- Locate the product by searching for "Drupal With OpenLiteSpeed" from AWS Marketplace
- Click Select,Continue,Preview and launch (the default is the most recent version)
- Login to the Azure Portal and click Image Link.
- Click the GET IT NOW and Create buttons
- Choose any server plan you'd like to use, and create the server
Use the "OpenLiteSpeed Drupal" from Marketplace to create an ECS instance with any plan you want.
Use the "Deploy OpenLiteSpeed Drupal" Simply go to hPanel and navigate to your VPS dashboard, select the Applications tab to create a VPS template with the desired CMS.
Step 2.¶
From a terminal on your local computer, connect to the server as root, like so:
ssh root@use_your_server_ip
ssh username@192.0.2.0
# Instead of using "username" to SSH with, you can find the right username here:
# Google Cloud Platform > Project > Compute Engine > Metadata > SSH Keys > Username
ssh ubuntu@192.0.2.0
ssh azureuser@192.0.2.0
Be sure to substitute the server’s public IP address for 192.0.2.0
. You can also use Cloud Console if the platform is supported.
Once you have connected successfully via SSH, the server will automatically start the installation service for you. This will only happen one time. You should see the following output:
############# Auto-Installation (one time only) ###############
[notice] Starting Drupal installation. This takes a while.
[notice] Performed install task: install_select_language
...
[success] Installation complete.
[success] Successfully enabled: lite_speed_cache
#############################################################
Step 3.¶
An interactive script that runs will prompt you for your domain or subdomain:
Please input a valid domain:
Please verify it is correct. [y/N]
Enter your root domain only. The system will automatically add the www
subdomain as well.
Note
You can press CTRL+C and continue to SSH, but the prompt will open again the next time you log in. It will continue to do so until you finish the whole setup.
If your domain is already pointed to this server, you will have the option of automatically applying Let's Encrypt SSL. Enter y
and your email address to complete the process:
Do you wish to issue a Let's encrypt certificate for this domain? [y/N]
Please enter your E-mail:
Please verify it is correct: [y/N]
Once finished, you should see Certificate has been successfully installed...
You can force HTTPS rules to be applied:
Do you wish to force HTTPS rewrite rule for this domain? [y/N]
Complete the process by pressing Y
:
Do you wish to update the system which include the web server? [Y/n]
You should not be prompted to initiate this setup again.
Step 4.¶
Visit the server's IP or domain in your browser.
Components¶
The Drupal One-Click Image installs several packages and performs other useful actions.
System Package Installation¶
Component | Version |
---|---|
Linux | Ubuntu 24.04 |
OpenLiteSpeed | Latest from LiteSpeed |
Drupal | Latest from Official |
Drush | Latest from Official |
MariaDB | Latest from APT |
PHP | Latest from LiteSpeed |
phpMyAdmin | Latest from phpMyAdmin |
LiteSpeed Cache | Latest from LiteSpeed |
Composer | Latest from Official |
Certbot | Latest from Certbot |
Postfix | Latest from APT |
Other Actions¶
- Enables the UFW firewall to allow only SSH (port 22, rate limited), HTTP (port 80) and HTTPS (port 443) access.
- Sets the MySQL root password, runs
mysql_secure_installation
, and creates a Drupal user with the necessary permissions. - Modifies some PHP settings to increase the maximum filesize and execution time.
- Creates the initial Drupal set up by Drush.
How to Access the Installed Software¶
phpMyAdmin Access¶
Connect to phpMyAdmin at the following URL:
https://example.com/phpmyadmin
Get the MySQL root password:
sudo sed -n 1p .db_password
sudo sed -n 1p /home/ubuntu/.db_password
sudo sed -n 1p /home/ubuntu/.db_password
Get the MySQL drupal user password:
sudo sed -n 2p .db_password
sudo sed -n 2p /home/ubuntu/.db_password
sudo sed -n 2p /home/ubuntu/.db_password
Web Server Control Panel Access¶
Get the WebAdmin admin password:
cat .litespeed_password
cat /home/ubuntu/.litespeed_password
cat /home/ubuntu/.litespeed_password
Visit https://use_your_droplet_ip:7080
to access WebAdmin in a browser.
By default, WebAdmin uses port 7080. To allow access to 7080 from your IP(e.g. 192.0.2.0):
ufw allow from 192.0.2.0 to any port 7080
ufw allow 7080
We suggest turning this port off once you've finished setup:
ufw delete allow 7080
Optional Setup¶
Enable HTTPS¶
Setting up an SSL certificate enables HTTPS on the web server, which secures the traffic between the server and the clients connecting to it. Certbot is a free and automated way to set up SSL certificates on a server.
Step 1. Register Domain¶
To use Certbot, you’ll need a registered domain name and DNS records:
-
An A record from the domain (e.g.,
example.com
) to the server’s IP address -
An A record from the domain prefaced with
www
(e.g.,www.example.com
) to the server’s IP address.
Step 2. Add Domain to Listener¶
Navigate to OpenLiteSpeed WebAdmin Console > Listeners, and add Your Domain to HTTP/HTTPS.
Step 3. Certbot¶
Once the DNS records are set up, you can generate the SSL certificate. Be sure to substitute the correct domain name in the following command:
certbot certonly --webroot -w /var/www/html/ -d example.com -d www.example.com
/etc/letsencrypt/
Step 4. Set SSL for HTTPS¶
Navigate to OpenLiteSpeed WebAdmin Console > Listeners > SSL, and edit the following three items:
- Private Key File =
/etc/letsencrypt/live/example.com/privkey.pem
- Certificate File =
/etc/letsencrypt/live/example.com/fullchain.pem
- Chained Certificate =
Yes
Save and perform a Graceful Restart.
Now your server should support TLS1.1, TLS 1.2, and TLS 1.3.
Step 5. Redirect HTTP to HTTPS¶
HTTPS traffic on port 443 is already allowed through the firewall. After you set up HTTPS, you can optionally rewrite all HTTP traffic to HTTPS.
Add the following rules to OpenLiteSpeed WebAdmin Console > Virtual Hosts > Rewrite > Rewrite Rules
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://example.com/$1 [R,L]
Install LSCache for Drupal¶
This step is only necessary if you have migrated a Drupal installation or it's a fresh Drupal installation.
-
From the Drupal Administration menu, navigate to Extend > Add new module.
-
Add the following URL to the Add from a URL tab, and press the Continue button to begin installation.
https://github.com/litespeedtech/lscache-drupal/archive/master.zip
- The plugin will be installed and automatically enabled.
Frequently Asked Questions¶
How do I Reset my Web Server WebAdmin Password?¶
If you forget your password, you may run the following command to reset it:
/usr/local/lsws/admin/misc/admpass.sh
It will ask for the WebAdmin username, which should be admin
. Then, enter your new password.
How do I Create Additional Virtual Hosts?¶
This method will automatically set up Listener/VirtualHost/Force SSL/Let's Encrypt.
Interactive mode
wget https://raw.githubusercontent.com/litespeedtech/ls-cloud-image/master/Setup/vhsetup.sh
chmod +x vhsetup.sh
bash vhsetup.sh
/bin/bash <( curl -sk https://raw.githubusercontent.com/litespeedtech/ls-cloud-image/master/Setup/vhsetup.sh )
CLI mode
wget https://raw.githubusercontent.com/litespeedtech/ls-cloud-image/master/Setup/vhsetup.sh
chmod +x vhsetup.sh
bash vhsetup.sh -d www.example.com -le admin@example.com -f
/bin/bash <( curl -sk https://raw.githubusercontent.com/litespeedtech/ls-cloud-image/master/Setup/vhsetup.sh ) -d www.example.com -le admin@example.com -f
- Please be sure that your domain is already pointing to the server when using
-le YOUR_EMAIL
By default, OpenLiteSpeed has an example virtual host already created. You can create more virtual hosts if you like. See Create Virtual Hosts on OpenLiteSpeed.
How do I upgrade OpenLiteSpeed to latest stable version?¶
OpenLiteSpeed was installed from the LiteSpeed repository, so you can simply use the system update to update OpenLiteSpeed to the latest stable version.
$ sudo apt update && sudo apt upgrade openlitespeed -y
How do I upgrade to LiteSpeed Enterprise?¶
This script will:
-
Generate LiteSpeed Enterprise config file from OpenLiteSpeed config
-
Backup OpenLiteSpeed config and uninstall OpenLiteSpeed
-
Install LiteSpeed and load the config file
/bin/bash <( curl -sk https://raw.githubusercontent.com/litespeedtech/ls-cloud-image/master/Setup/ols2ent-v2.sh )
Note
We recommend you to run and test this script on a test server first. Get help by using the -H
parameter for more information including how to revert back to OpenLiteSpeed if needed.
How do I Migrate Drupal?¶
Please see Drupal's official doc for migrating Drupal!.
How do I Verify if Cache is Working?¶
There's a simple way to see if a URL is cached by LiteSpeed: the LSCache Check Tool.
Or visit your website using Chrome. Navigate to Chrome menu > More tools > Developer tools > Network, or simply use the shortcut Ctrl+Shift+I to bring it up. The test page may contain many requests, but you can just click your main domain to check the header. You might see X-LiteSpeed-Cache: miss
or X-LiteSpeed-Cache: hit
. Normally the first visit to a page is a miss
, but subsequent visits should be a hit
.
How Does Certbot's Auto Renew Script Work?¶
The image comes with automatic certificate renewal by default in /etc/cron.d/certbot
. An example of the cron job is:
0 */12 * * * root test -x /usr/bin/certbot -a \! -d /run/systemd/system && perl -e 'sleep int(rand(43200))' && certbot -q renew
Once you finish the Let's Encrypt apply by prompt script, it will auto apply the server hook to the cronjob rule. An example of the cron job is:
0 */12 * * * root test -x /usr/bin/certbot -a \! -d /run/systemd/system && perl -e 'sleep int(rand(43200))' && certbot -q renew --deploy-hook "systemctl restart lsws"
This cron job is triggered twice every day to renew the certificate. The certbot -q renew
command will check if the certificate is expiring in the next 30 days. If it is, then certbot will auto renew the certificate quietly without generating output, and auto restart the web server by hook. If the certificate is not expiring, then no action will be performed. When renewing the certificate, the same information provided during certificate creation (such as email address, domain name, web server root path etc.) will be used.
What if the Certbot Deploy Hook is not Triggered?¶
If your certificate renewal is successful, but for some reason the deploy hook is not being triggered, you can run the following command. This will insert a restart lsws
command into the Certbot cronjobs.
echo '0 0 * * 3 root systemctl restart lsws' | sudo tee -a /etc/cron.d/certbot > /dev/null
This particular example triggers a web server restart every Wednesday at Midnight. You can modify the 0 0 * * 3
part of the command to adjust the schedule, if needed.
How do I Fix a Too Many Open Files Issue?¶
The default system value is 1024
. To increase the value to e.g. 65535
, please append following content to the /etc/security/limits.conf file:
* soft nproc 65535
* hard nproc 65535
* soft nofile 65535
* hard nofile 65535
root soft nproc 65535
root hard nproc 65535
root soft nofile 65535
root hard nofile 65535
session required pam_limits.so
ulimit -n
command. Output should read 65535
. NOTE: 65535
is an example. Feel free to use a different value.
How do I use lsphp81?¶
Install PHP 8.1 and commonly used PHP extensions:
apt install lsphp81 lsphp81-common lsphp81-mysql lsphp81-memcached lsphp81-redis lsphp81-opcache lsphp81-curl lsphp81-imagick -y
Navigate to WebAdmin Console > Server Configuration > External App > lsphp, then update the following value:
- Command:
lsphp81/bin/lsphp
OpenLiteSpeed comes with PHP detached mode enabled by default. Restart PHP with command killall -9 lsphp
to make these settings take effect.
How do I Set Up Virtual-Host-Specific PHP?¶
By default virtual hosts inherit the version of PHP that is set at the server level. You may wish to use a different PHP version for certain virtual hosts. Follow the steps below to set up virtual-host-level PHP. Here we will use the PHP version 7.4 as an example.
Install PHP 7.4 and commonly used PHP extensions:
apt install lsphp74 lsphp74-common lsphp74-curl lsphp74-imagick lsphp74-imap lsphp74-json lsphp74-memcached lsphp74-mysql lsphp74-opcache lsphp74-redis -y
Navigate to WebAdmin console > Server Configuration > External App > Add > Type > LiteSpeed SAPI App to set up a server-level external application. Set the following values:
- Name:
lsphp74
- Address:
uds://tmp/lshttpd/lsphp74.sock
- Max Connections:
35
- Environment:
LSAPI_AVOID_FORK=200M
- Initial Request Timeout (secs):
60
- Retry Timeout (secs):
0
- Command:
/usr/local/lsws/lsphp74/bin/lsphp
- Instances:
1
Navigate to WebAdmin console > Virtual Hosts > your vhost > Script Handler > Add to add a virtual-host-level PHP handler. Set the following values:
- Suffixes:
php
- Handler Type:
LiteSpeed SAPI
- Handler Name:
[Server Level]:lsphp74
OpenLiteSpeed comes with PHP detached mode enabled by default. Restart PHP with command killall -9 lsphp
to make these settings take effect.
How do I get the Drupal admin Password?¶
The Drupal admin password is the same as the password used for WebAdmin access. Please see Web Server Control Panel Access for instructions.
How do I reset Drupal admin password?¶
The Drush tool allows you to reset your Drupal admin password.
Navigate to the project directory:
cd /var/www/html
The following command sets temp_password
as the password for the user admin
:
drush user:password admin 'temp_password'
temp_password
with the secure password you wish to use for your admin account. Learn more about the Drush command.
API Creation¶
In addition to creating a Droplet from the Drupal 1-Click application using the control panel, you can also use the DigitalOcean API.
The following example creates a Drupal 20.04 Droplet called “My-Droplet” in the NYC3 datacenter, with 1 GB RAM:
curl -X POST "https://api.digitalocean.com/v2/droplets" \ -d'{"name":"My-Droplet","region":"nyc3","size":"s-1vcpu-1gb","image":"litespeedtechnol-openlitespeeddru"}' \ -H "Authorization: Bearer $TOKEN" \ -H "Content-Type: application/json"
In addition to creating an instance from the WordPress with LiteSpeed Cache using the AWS Management Console, you can also use the AWS Command Line Interface.
The following example creates an t2.micro Instance with OpenLiteSpeed Drupal AMI:
Please replace XXX to your own settings.aws ec2 run-instances --image-id ami-0120f9796d786893c \ --subnet-id subnet-XXXXXXX \ --security-group-ids sg-XXXXXXXXXXXXXX \ --count 1 \ --instance-type t2.micro \ --key-name XXXXXX \ --query "Instances[0].InstanceId"
Get the exact name of the Drupal image from LiteSpeed's project, gc-image-pub
:
gcloud compute images list --project=gc-image-pub --filter="name ~ 'openlitespeed-drupal'"
Create an instance, replacing INSTANCE_NAME
with the name of your choice, and IMAGE_NAME
with the name obtained from the previous command:
gcloud compute instances create INSTANCE_NAME --image-project=gc-image-pub --image=IMAGE_NAME