Lychee is an open-source photo-management software based on PHP and MySQL. It is a self-hosted photo management that allows you to upload, browse, and share photos securely on your server.
In this tutorial, you’ll learn how to install Lychee Photo Management on Debian 12 server. You’ll be using the LAMP Stack for running Lychee and securing Lychee with HTTPS through Certbot and Letsencrypt.
Prerequisites
Before you begin, make sure you have the following:
- A Debian 12 server
- A non-root user with administrator privileges
Installing dependencies
In this section, you’ll install the LAMP Stack (Linux, Apache, MariaDB, and PHP) on the Debian server. As for now, Lychee supports PHP 8.2 or higher, which is available by default on the Debian repository.
First, run the command below to update your Ubuntu package index.
sudo apt update
Now install the LAMP Stack packages to your Debian system with the following command. Enter ‘Y‘ to confirm the installation.
sudo apt install apache2 mariadb-server php-cli php-intl php-xmlrpc php-soap php-mysql php-zip php-gd php-tidy php-mbstring php-curl php-xml php-pear php-bcmath php-imagick php-tokenizer libapache2-mod-php
After the installation is complete, execute the command below to check the Apache service status. You’ll see the Apache web server is running and enabled.
sudo systemctl is-enabled apache2
sudo systemctl status apache2
Now check the MariaDB server with the following command. The MariaDB server should be running and enabled automatically on your system.
sudo systemctl is-enabled mariadb
sudo systemctl status mariadb
Lastly, check the PHP version with the following – You can see PHP 8.3 is installed.
php -v
php -m
Configuring PHP
After dependencies are installed, you will configure PHP by editing the ‘php.ini’ file and restarting the Apache web server to take effect.
Open the file ‘/etc/php/8.3/apache2/php.ini‘ with the ‘nano‘ editor.
sudo nano /etc/php/8.3/apache2/php.ini
Change the default configuration like this – Make sure to adjust the ‘memory_limit‘ and ‘date.timezone‘ options accordingly.
date.timezone = Europe/Amsterdam
memory_limit = 256Mupload_max_filesize = 64MB
post_max_size = 64MB
When finished, save the file and exit the editor.
Now run the ‘systemctl‘ command below to restart the Apache web server and apply your changes.
sudo systemctl restart apache2
Configuring MariaDB server
With the PHP configured, you’ll be securing the MariaDB server using the ‘mariadb-secure-installation’ command. And then, creating a new database and user that will be used for Lychee through the ‘mariadb‘ client.
Execute the ‘mariadb-secure-installation‘ command below to set up your MariaDB server.
sudo mariadb-secure-installation
Now you’ll be asked with the following MariaDB configurations:
- For the default MariaDB server installation without a root password, press ENTER when asked about the password.
- The local authentication for MariaDB root users is secured by default, input ‘n’ when asked to change the authentication method to ‘unix_socket’.
- Input ‘Y’ to create a new MariaDB root password. Then, input the strong password for your MariaDB root user and repeat.
- When asked to disable remote authentication for the MariaDB root user, input ‘Y’ to agree.
- The default MariaDB server installation comes with the database ‘test’ and allows an anonymous user to access it.
- Input ‘Y’ for both settings to remove the default database ‘test’ and remove the anonymous privilege.
- Lastly, input ‘Y’ to confirm reloading table privileges.
After the MariaDB is configured and secured, you’ll create a new database and user that will be used by Lychee installation.
Log in to the MariaDB server with the ‘mariadb‘ command below. Enter your MariaDB root password when prompted.
sudo mariadb -u root -p
Now run the following queries to create a new database ‘lychee‘ with the user ‘lycheeuser@localhost‘ and the password ‘LycheePassword‘. You can change the details of the database as needed.
CREATE DATABASE lychee;
GRANT ALL PRIVILEGES ON lychee. * TO lycheeuser@'localhost' IDENTIFIED BY 'LycheePassword' WITH GRANT OPTION;
FLUSH PRIVILEGES;
Next, run the query below to ensure that user ‘lycheeuser@localhost‘ can access the database ‘lychee‘.
SHOW GRANTS FOR lycheeuser@localhost;
If everything goes well, you’ll see the following output:
Lastly, type ‘quit‘ to exit from the MariaDB server.
Downloading Lychee Photo Management
Now that you’ve configured both the PHP and MariaDB, you’ll be downloading the Lychee source code and setting up the installation directory and the ‘.env’ file.
But first, install the ‘unzip’ package to your Debian system with the following command.
sudo apt install unzip -y
Go to the ‘/var/www‘ directory and download the Lychee source code release using the ‘wget‘ command below. Make sure to grab the link for the latest version from the Lychee release page.
cd /var/www/
wget https://github.com/LycheeOrg/Lychee/releases/download/v5.5.1/Lychee.zip
Once downloaded, extract the Lychee source code with the ‘unzip‘ command below. The source code will be extracted to the ‘/var/www/Lychee‘ directory.
unzip Lychee.zip
Next, execute the following command to change the ownership of the ‘/var/www/Lychee‘ directory to the user ‘www-data‘, and make some directories writable for the user ‘www-data‘.
sudo chown -R www-data:www-data /var/www/Lychee
sudo chmod u rw /var/www/Lychee/{storage,bootstrap/cache/,public/dist,public/uploads,public/sym}
Now run the following command to copy the ‘.env‘ file for Lychee and modify it using the ‘nano‘ editor.
sudo -u www-data cp /var/www/Lychee/.env-example /var/www/Lychee/.env
sudo -u www-data nano /var/www/Lychee/.env
Change the default APP_URL with your domain name and the database configuration with the ‘mysql‘ and your database details like the following:
# domain name
APP_URL=https://photo.howtoforge.local# database to MariaDB/MySQL
DB_CONNECTION=mysql
DB_HOST=localhost
DB_PORT=3306
DB_DATABASE=lychee
DB_USERNAME=lycheeuser
DB_PASSWORD=LycheePassword
Save the file and exit the editor.
Creating Apache virtual host
In this section, you’ll be creating a new Apache virtual host file for running Lychee Photo Management.
First, run the command below to activate the ‘rewrite’ module.
sudo a2enmod rewrite
Now edit the Apache configuration ‘/etc/apache2/apache.conf‘ using ‘nano‘.
sudo nano /etc/apache2/apache.conf
Add the following configuration to the file. This allows you to set up the ‘.htaccess‘ for rewriting rules.
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
Save the file and exit the editor.
Now create a new Apache virtual host configuration ‘/etc/apache2/sites-available/lychee.conf‘ with the ‘nano‘ editor command below.
sudo nano /etc/apache2/sites-available/lychee.conf
Paste the following configuration and make sure to change the ‘ServerName‘ option with your target domain name. Make it sure same as the APP_URL within the ‘.env‘ file.
ServerAdmin [email protected]
ServerName photo.howtoforge.localDocumentRoot /var/www/Lychee/
ErrorLog /var/log/apache2/photo-howtoforge-local-error_log
CustomLog /var/log/apache2/photo-howtoforge-local-access_log common
When finished, save and exit the file.
Now run the command below to activate the virtual host file ‘lychee.conf‘ and verify your Apache syntax. If you’ve proper Apache syntax, you’ll see an output ‘Syntax is OK‘.
sudo a2ensite lychee.conf
sudo apachectl configtest
Lastly, run the following command to restart Apache and apply your changes.
sudo systemctl restart apache2
Securing Lychee with HTTPS
If you’re running Lychee on the public domain name, make sure to secure it with HTTPS. In this section, you’ll be installing Certbot and secure Lychee with SSL/TLS certificates from Letsencrypt.
Run the command below to install Certbot and the Apache plugin.
sudo apt install certbot python3-certbot-apache -y
After the installation is complete, run the following ‘certbot‘ command to generate new SSL/TLS certificates for the Lychee installation. Make sure to change the domain name and email address in this command.
sudo certbot --apache --agree-tos --redirect --hsts --staple-ocsp --email [email protected] -d photo.howtoforge.local
When the process is complete, your Lychee installation should be secured with HTTPS and your SSL/TLS certificates will be available at the ‘/etc/letsencrypt/live/domain.com’ directory.
Installing Lychee Photo Management
Visit the Lychee installation domain name such as https://photo.howtoforge.local/ using your preferred web browser and you’ll see the Lyche installer wizard.
Click Next to proceed with the installation.
Ensure every PHP extension is installed and the Apache ‘rewrite’ module is enabled on your system.
Ensure that PHP can read, write, and execute within some of those directories.
Check the ‘.env’ file within your screen and make sure your domain name and MariaDB details are correct.
Now the installer will generate the application key for Lychee.
Input your admin user, email address, and password. And the Lychee installation should be completed.
On the Lychee home page, click the login prompt, and then input your admin user and password.
You can see below the Lychee user dashboard after uploading some images to the Lychee server.
Conclusion
Congratulations! You’ve completed the installation of Lychee Photo Management on the Debian 12 server with the LAMP Stack (Linux, Apache, MariaDB, and PHP). You’ve also secured Lychee with HTTPS through Certbot and Letsnencyrpt.
