ROADMAP UPGRADE SKILL BERSAMA GLOBAL IT SOLUTION

www.alfasmk.my.id

#belajar #linuxserver #sysadmin

Installasi dan Konfigurasi Lychee pada Ubuntu 24.04

ByAdmin

Feb 9, 2026

1. Informasi Sistem

Server Environment:

  • OS: Ubuntu 24.04
  • Web Server: Nginx
  • PHP: 8.3 FPM
  • Database: MariaDB
  • SSL: Let’s Encrypt
  • Domain: gallery.alfasmk.my.id

2. Persiapan Sistem

Update sistem:

sudo apt update && sudo apt upgrade -y

Install dependensi PHP:

sudo apt install php8.3 php8.3-fpm php8.3-mysql php8.3-gd php8.3-xml php8.3-mbstring php8.3-curl php8.3-zip unzip -y

Pastikan PHP-FPM aktif:

sudo systemctl status php8.3-fpm

3. Konfigurasi Database MariaDB

Masuk ke MariaDB:

sudo mysql -u root -p

Buat database dan user:

CREATE DATABASE lychee;
CREATE USER 'lycheeuser'@'localhost' IDENTIFIED BY 'PasswordKuat123!';
GRANT ALL PRIVILEGES ON lychee.* TO 'lycheeuser'@'localhost';
FLUSH PRIVILEGES;
EXIT;

4. Instalasi Lychee

Buat direktori aplikasi:

sudo mkdir -p /var/www/gallery
sudo chown -R www-data:www-data /var/www/gallery
cd /var/www/gallery

Download versi stabil yang kompatibel dengan PHP 8.3:

sudo wget https://github.com/LycheeOrg/Lychee/releases/download/v5.2.0/Lychee.zip
sudo unzip Lychee.zip
sudo chown -R www-data:www-data /var/www/gallery

Struktur akhir direktori:

/var/www/gallery/Lychee/

5. Konfigurasi Nginx

Buat file virtual host:

sudo nano /etc/nginx/sites-available/gallery

Isi konfigurasi:

server {
    server_name gallery.alfasmk.my.id;

    root /var/www/gallery/Lychee/public;
    index index.php index.html;

    client_max_body_size 200M;

    location / {
        try_files $uri $uri/ /index.php?$query_string;
    }

    location ~ \.php$ {
        include snippets/fastcgi-php.conf;
        fastcgi_pass unix:/run/php/php8.3-fpm.sock;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
    }

    location ~ /\.ht {
        deny all;
    }

    listen 80;
}

Aktifkan site:

sudo ln -s /etc/nginx/sites-available/gallery /etc/nginx/sites-enabled/
sudo nginx -t
sudo systemctl reload nginx

6. Konfigurasi DNS

Tambahkan record pada Bind9:

gallery    IN    A    103.141.255.9

Reload DNS:

sudo rndc reload

7. Instalasi SSL Let’s Encrypt

Install Certbot:

sudo apt install certbot python3-certbot-nginx -y

Generate SSL:

sudo certbot --nginx -d gallery.alfasmk.my.id

Pilih opsi redirect HTTP → HTTPS.

8. Konfigurasi Database Lychee

Edit file .env:

cd /var/www/gallery/Lychee
sudo nano .env

Sesuaikan konfigurasi database:

DB_CONNECTION=mysql
DB_HOST=127.0.0.1
DB_PORT=3306
DB_DATABASE=lychee
DB_USERNAME=lycheeuser
DB_PASSWORD=PasswordKuat123!

Clear cache:

php artisan config:clear
php artisan cache:clear

Restart PHP-FPM:

sudo systemctl restart php8.3-fpm

Akses installer melalui browser dan selesaikan proses instalasi.

9. Hardening PHP

Edit php.ini:

sudo nano /etc/php/8.3/fpm/php.ini

Sesuaikan:

upload_max_filesize = 200M
post_max_size = 200M
memory_limit = 512M

Restart PHP:

sudo systemctl restart php8.3-fpm

10. Pengamanan Login Menggunakan Fail2Ban

Install Fail2Ban

sudo apt install fail2ban -y

Pastikan aktif:

sudo systemctl enable fail2ban
sudo systemctl start fail2ban

Buat Filter Khusus Nginx Login Lychee

Buat file filter:

sudo nano /etc/fail2ban/filter.d/nginx-lychee.conf

Isi:

[Definition]
failregex = ^<HOST> -.*"(POST).*login.*" 401
ignoreregex =

Buat Jail

sudo nano /etc/fail2ban/jail.local

Tambahkan:

[nginx-lychee]
enabled = true
port = http,https
filter = nginx-lychee
logpath = /var/log/nginx/access.log
maxretry = 5
findtime = 600
bantime = 3600

Restart Fail2Ban:

sudo systemctl restart fail2ban

Cek status:

sudo fail2ban-client status nginx-lychee

11. Hasil Akhir

Server berhasil dikonfigurasi dengan:

  • Nginx + PHP 8.3 FPM
  • MariaDB Database
  • SSL HTTPS aktif
  • Upload limit disesuaikan
  • Fail2Ban aktif untuk proteksi brute-force login
  • Aplikasi Lychee berjalan stabil pada subdomain

Kesimpulan

Deploy Lychee pada Ubuntu 24.04 dengan PHP 8.3 FPM berjalan stabil dengan konfigurasi:

  • Root diarahkan ke folder public
  • Database menggunakan MariaDB
  • SSL aktif
  • Proteksi brute-force menggunakan Fail2Ban

Dokumentasi ini dapat dijadikan referensi implementasi sistem galeri berbasis web yang aman dan terkontrol pada server VPS berbasis Linux.

By Admin

Related Post

#belajar #keamanan #linux

Tutorial Lengkap Install OWASP CRS di Ubuntu24

Mar 13, 2026 Admin
#belajar #keamanan #linux

Panduan Lengkap Instalasi dan Konfigurasi Linux Malware Detect

Mar 9, 2026 Admin
#belajar #keamanan #linux

password auth. bash on linux system

Feb 27, 2026 Admin

Tinggalkan Balasan

Alamat email Anda tidak akan dipublikasikan. Ruas yang wajib ditandai *

You missed

#belajar #keamanan #linux

Tutorial Lengkap Install OWASP CRS di Ubuntu24

2026-03-13 Admin
#belajar #keamanan #linux

Panduan Lengkap Instalasi dan Konfigurasi Linux Malware Detect

2026-03-09 Admin
#belajar #keamanan #linux

password auth. bash on linux system

2026-02-27 Admin
Uncategorized

Tutorial Buat Service Custom APT Package

2026-02-25 Admin