Ampache is an open-source and cross-platform web music player. As the name suggests, the original ampache was designed only to run on an apache webserver. With the current evolution and diversity in technology, it has been reviewed and modified to even run on other web servers such Nginx. Ampache allows you to listen to your music regardless of your location.

In this guide, we are going to install Ampache on Ubuntu 20.04 and Debian too as well. Since the two OS are of the same family sharing repositories, commands for installation and configuration are all the same.

Setup Prerequisites:

  1. Server running Ubuntu 20 Operating System.
  2. Web-server running on the server (Apache/Nginx).
  3. PHP
  4. SQL database.

We are going to use Nginx as web-server and MySQL as our database in this demonstration. If you are not familiar with the two don’t worry. We are going going to install then step by step.

Step 1 : Install Nginx Web-Server.

To begin with setting up environment, we are going to install web-server that we will use to run Ampache in web browser. Run commands as below to update the system first.

sudo apt update
sudo apt upgrade -y

Install Nginx with command below in terminal.

$ sudo apt install nginx
Reading package lists... Done
Building dependency tree       
Reading state information... Done
The following packages were automatically installed and are no longer required:
  eatmydata libeatmydata1 python3-importlib-metadata python3-jinja2 python3-json-pointer python3-jsonpatch python3-jsonschema python3-markupsafe
  python3-more-itertools python3-pyrsistent python3-zipp
Use 'apt autoremove' to remove them.
The following additional packages will be installed:
  apache2-bin apache2-data apache2-utils libapr1 libaprutil1 libaprutil1-dbd-sqlite3 libaprutil1-ldap libjansson4 liblua5.2-0 ssl-cert
Suggested packages:
  apache2-doc apache2-suexec-pristine | apache2-suexec-custom www-browser openssl-blacklist
The following NEW packages will be installed:
  apache2 apache2-bin apache2-data apache2-utils libapr1 libaprutil1 libaprutil1-dbd-sqlite3 libaprutil1-ldap libjansson4 liblua5.2-0 ssl-cert
0 upgraded, 11 newly installed, 0 to remove and 8 not upgraded.
Need to get 1,865 kB of archives.
After this operation, 8,080 kB of additional disk space will be used.
Do you want to continue? [Y/n] y

With prompt above, type Y then click enter to continue with installation.

Start, enable then check nginx status to verify if it is u and running.

sudo systemctl start nginx
sudo systemctl enable nginx
sudo systemctl status nginx

Status below shows that nginx is up and running.

nginx.service - A high performance web server and a reverse proxy server
     Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled)
     Active: active (running) since Mon 2021-06-07 22:34:17 EAT; 1 day 19h ago
       Docs: man:nginx(8)
   Main PID: 78696 (nginx)
      Tasks: 3 (limit: 2240)
     Memory: 7.6M
     CGroup: /system.slice/nginx.service
             ├─78696 nginx: master process /usr/sbin/nginx -g daemon on; master_process on;
             ├─78697 nginx: worker process
             └─78698 nginx: worker process

Create a server block then add the following script.

sudo vim /etc/nginx/sites-available/ampache.conf

Replace the domain (ampache.domain.com) to match your domain/server_name.

nginxserver {
    listen 80;
    listen [::]:80;

    server_name  ampache.domain.com;
    root   /var/www/html/ampache;
    index  index.php;
    
    access_log /var/log/nginx/ampache.domain.com.access.log;
    error_log /var/log/nginx/ampache.domain.com.error.log;

    client_max_body_size 100M;
  
    autoindex off;

#Rewrite rule for Subsonic backend
if ( !-d $request_filename ) {
    rewrite ^/rest/(.*).view$ /rest/index.php?action=$1 last;     
    rewrite ^/rest/fake/(.+)$ /play/$1 last;
     } 

# Rewrite rule for Channels 
    if (!-d $request_filename){
    rewrite ^/channel/([0-9]+)/(.*)$ /channel/index.php?channel=$1&target=$2 last; 
    }

#Rewrite rule for Channels
 if (!-d $request_filename){
   rewrite ^/channel/([0-9]+)/(.*)$ /channel/index.php?channel=$1&target=$2 last;
    }

location /rest {
       limit_except GET POST {
          deny all;
         }
   }

 location ^~ /bin/ {
       deny all;
       return 403;
       }

 location ^~ /config/ {
       deny all;
       return 403;
    }

 location / {
       limit_except GET POST HEAD{
          deny all;
         }
    }

    location ~ \.php$ {
         include snippets/fastcgi-php.conf;
         fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
         fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
         include fastcgi_params;
    }
}

Create absolute link to site-enabled for ampache.conf file.

sudo unlink /etc/nginx/sites-enabled/default
sudo ln -s /etc/nginx/sites-available/ampache.conf /etc/nginx/sites-enabled/
sudo systemctl restart nginx

Next we are going to secure Nginx with Let’s Encrypt SSL Certificate. Install certbot.

sudo apt install python-certbot-nginx -y

Next, install Letsencrypt to nginx using certbot command installed. Replace ampache.domain.com with your server_domain

$ sudo certbot --nginx -d ampache.domain.com

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator nginx, Installer nginx
Enter email address (used for urgent renewal and security notices) (Enter 'c' to
cancel): 

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Please read the Terms of Service at
https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must
agree in order to register with the ACME server at
https://acme-v02.api.letsencrypt.org/directory
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(A)gree/(C)ancel: A

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Would you be willing to share your email address with the Electronic Frontier
Foundation, a founding partner of the Let's Encrypt project and the non-profit
organization that develops Certbot? We'd like to send you email about our work
encrypting the web, EFF news, campaigns, and ways to support digital freedom.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(Y)es/(N)o: N
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for ampache.domain.com
Waiting for verification...
Cleaning up challenges
Deploying Certificate to VirtualHost /etc/nginx/sites-enabled/ampache.conf

Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: No redirect - Make no further changes to the webserver configuration.
2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for
new sites, or if you're confident your site works on HTTPS. You can undo this
change by editing your web server's configuration.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 1
Future versions of Certbot will automatically configure the webserver so that all requests redirect to secure HTTPS access. You can control this behavior and disable this warning with the --redirect and --no-redirect flags.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Congratulations! You have successfully enabled https://ampache.domain.com

You should test your configuration at:
https://www.ssllabs.com/ssltest/analyze.html?d=ampache.domain.com
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

IMPORTANT NOTES:
 - Congratulations! Your certificate and chain have been saved at:
   /etc/letsencrypt/live/ampache.domain.com/fullchain.pem
   Your key file has been saved at:
   /etc/letsencrypt/live/ampache.domain.com/privkey.pem
   Your cert will expire on 2021-09-07. To obtain a new or tweaked
   version of this certificate in the future, simply run certbot again
   with the "certonly" option. To non-interactively renew *all* of
   your certificates, run "certbot renew"
 - Your account credentials have been saved in your Certbot
   configuration directory at /etc/letsencrypt. You should make a
   secure backup of this folder now. This configuration directory will
   also contain certificates and private keys obtained by Certbot so
   making regular backups of this folder is ideal.
 - If you like Certbot, please consider supporting our work by:

   Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate
   Donating to EFF:                    https://eff.org/donate-le

Step 2: Install PHP and Its Modules

Since Ampache is a PHP application, it is necessary to install it. This will also include php-fpm which is responsible for nginx to run a .php file.

$ sudo apt install php php-cli php-common php-gd php-xmlrpc php-fpm php-curl php-intl php-imagick php-mysql php-zip           php-xml php-mbstring php-bcmath -y

Edit php config file and replace lines in the file to look similar as these down here.

$ sudo vim /etc/php/7.4/fpm/php.ini
file_uploads = On
allow_url_fopen = On
short_open_tag = On
memory_limit = 256M
cgi.fix_pathinfo = 0
upload_max_filesize = 100M
max_execution_time = 360

Step 2 : Install MySQL Database Server.

Copy and paste command below in terminal to install MySQL server on Ubuntu 20.

$ sudo apt install mysql-server

Seat back and relax to allow installation to run to completion.

With MySQL now installed, next we need to run mysql_secure_installation to protect our database from unauthorized access. This is very essential since with default settings anyone can gain access to the database anytime from anywhere.

$ mysql_secure_installation

Press Y then Enter to continue with validate password component setup.

Securing the MySQL server deployment.

Connecting to MySQL using a blank password.

VALIDATE PASSWORD COMPONENT can be used to test passwords
and improve security. It checks the strength of password
and allows the users to set only those passwords which are
secure enough. Would you like to setup VALIDATE PASSWORD component?

Press y|Y for Yes, any other key for No: y

With provided options, choose the strength of password as per your preference. It is recommended you select 2 for strong and more secure password.

There are three levels of password validation policy:

LOW    Length >= 8
MEDIUM Length >= 8, numeric, mixed case, and special characters
STRONG Length >= 8, numeric, mixed case, special characters and dictionary   
Please enter 0 = LOW, 1 = MEDIUM and 2 = STRONG: 2 

Set your preferred password.

Please set the password for root here.

New password: 

Re-enter new password: 

Statistics below shows the strength of password entered depending on the policy you entered above. If you are satisfied with it then select Y then press Enter to continue.

Estimated strength of the password: 100 
Do you wish to continue with the password provided?(Press y|Y for Yes, any other key for No) : y

Is good practice you remove anonymous users to prevent anonymous logins.

By default, a MySQL installation has an anonymous user,
allowing anyone to log into MySQL without having to have
a user account created for them. This is intended only for
testing, and to make the installation go a bit smoother.
You should remove them before moving into a production
environment.

Remove anonymous users? (Press y|Y for Yes, any other key for No) : y
Success.

To keep your database safe from intruders, always remember to disallow root from remote login. Hackers will always try to brute force using root as user since is MySQL default user.

Normally, root should only be allowed to connect from
'localhost'. This ensures that someone cannot guess at
the root password from the network.

Disallow root login remotely? (Press y|Y for Yes, any other key for No) : y
Success.

Select Y to remove test database. Sometimes may create vulnerability if not taken care of.

By default, MySQL comes with a database named 'test' that
anyone can access. This is also intended only for testing,
and should be removed before moving into a production
environment.


Remove test database and access to it? (Press y|Y for Yes, any other key for No) : y
 - Dropping test database...
Success.

 - Removing privileges on test database...
Success.

Reload privileges to allow changes made to take effect.

Reloading the privilege tables will ensure that all changes
made so far will take effect immediately.

Reload privilege tables now? (Press y|Y for Yes, any other key for No) : y
Success.

All done! 

Create Database and Database User for Ampache.

Execute command below to create Ampache user.

#Login to MySQL
$ sudo mysql
#Create database

$ CREATE DATABASE ampache_db;
$ SHOW DATABASES;
+--------------------+
| Database           |
+--------------------+
| ampache            |
| ampache_db         |
| information_schema |
| mysql              |
| performance_schema |
| sys                |
| testdb             |
+--------------------+

#Create user and grant privileges.

$ CREATE USER 'ampache'@'localhost' IDENTIFIED WITH mysql_native_password BY 'my-passsword';
$ GRANT ALL PRIVILEGES ON ampache_db.* TO 'ampache'@'localhost' WITH GRANT OPTION;
$ FLUSH PRIVILEGES;

Step 3 : Download and Install Ampache.

Up to this point, we have our environment set to install, configure and run Ampache. Software is readily available in Github. Use the command below to download.

VERSION=4.4.3
wget https://github.com/ampache/ampache/releases/download/${VERSION}/ampache-${VERSION}_all.zip

Unzip and dump files to /var/www/html/ampache

unzip ampache-${VERSION}_all.zip -d /var/www/html/ampache

Change ownership and permission of the files.

sudo chown -R www-data:www-data /var/www/html/ampache
sudo chown -R 755 /var/www/html/ampache

Create a directory where music will be uploaded.

$ sudo mkdir -p /data/my_music
#Change ownership to www-data:www-data /data/my_music
$ sudo chown -R www-data:www-data /data/my_music

Install ffmpeg, a tool used by ampache to convert audio and video files from one format to another.

sudo apt install ffmpeg

Install Ampache Using Web Installer.

Open your domain (ampache.domain.com) in browser to start the installer. Replace with your server_domain/server_host-name

https://ampache.domain.com

Screen below will show up. select language the click start configuration.

From below, ensure that your server has necessary modules to run ampache then click continue

Enter database credentials we configure after installation of MySQL.

On the next screen, got where we have Template Configuration. change from none to ffmpeg.

Enter credentials that will be used to login as an admin.

Click update to update packages.

Click return to main page and you will be redirected to login page. Enter your credentials to sign in

Create catalog pointing to music directory we configured, /data/my_music. Use ftp client such as FizeZilla to upload music to this location.

Click Add Catalog to complete. on the upper right, click on the head phones then select music in the menu down there. You should be able to see music uploaded.

Conclusion

That all that you need to stream your music with Ampache Music Player. Hope the guide has been so helpful up to this point. Your feedback is highly welcomed as well. Enjoy your music!!

In case you missed out to previous guides, you can have a look at other interesting articles that maybe useful.

Fix “mkfs.xfs: No such file or directory” on CentOS/Ubuntu/Debian

Install XCP-ng VM Tools on Ubuntu | Debian Linux

Install VSCodium on Ubuntu|Debian|Linux Mint

LEAVE A REPLY

Please enter your comment!
Please enter your name here