iPhone 4K | Moment Anamorphic | Avid Media Composer

When I went to film school we shot on mini DV. Now I have an iPhone X that can shoot 4K footage. It’s insane. Of course, 4K from a phone isn’t anything like 4K from a RED, but it’s great for short films and more!

The Basic Requirements of Filmmakers

Story tellers using the medium of movies for their art typically want 24 frame footage, shutter speed and white balance control, focus control along with 4K footage with an anamorphic frame size.

iPhones can’t do all of that.

The good news? The Moment Anamorphic lens combined with the Moment Pro iPhone app will deliver. You can shoot 4K anamorphic footage at 24 frames while controlling shutter speed, aperture, white balance and focus. DUDE.

When Moment announced their new anamorphic lens, it didn’t take me too long to spring for it. But when I started prep for my first short film with the new setup, I realized there was a small learning curve for post.

The iPhone 4K Workflow

My editing tool of choice is Avid Media Composer. I’ve cut three feature length films and who knows how many short films in Avid. Love it! Avid is stable, used by the industry pros, and it just makes sense.

Here is a 100% tested workflow to get your iPhone 4K anamorphic footage into Avid Media Composer. This assumes the following:

  1. You’re shooting on an iPhone (X/XS/11)
  2. The Moment app is set to 4K
  3. The Moment app has the desqueeze option turned off
  4. You’re shooting H.264 vs HEVC
  5. You’re cutting in Avid Media Composer on Mac

HEVC vs H.264. Remember that HEVC is about smaller file size, not better quality — At least from what I’ve read. Also, Avid MC doesn’t support HEVC files. Obviously that could change in the future. If you do shoot HEVC, you can run them through Compressor and convert to ProRes which Avid can then work with.

1) Media Management

Smooth post production begins with good media management. Trust me – you do not want to rush this part.

We’ll be AMA linking the footage in Avid vs importing it. Back in the day of DV tapes from the lab, importing was obviously the easiest and only option. But with with various high resolution formats, AMA linking is the ticket.

I recommend you create a separate folder outside of Avid MediaFiles called Avid Original Media. Then create sub-folders for each project you work on, with consistent naming applied to project sub folders (raw, sound, etc).

Consistent file management will save your sanity.

2) Copy Footage from Photos

The easiest way is to airdrop the files to your computer. After obtaining the files (downloads folder), copy all of the .MOV files into the raw folder of your project.

You can also grab the files after a normal iPhone to Mac import. If you’re familiar with Apple, you know imports dump all the videos into the main photo library. Open Finder and go to your User Folder > Pictures. Right-click on the Photos Library and choose Show Package Contents. Open Masters and then navigate to the date of the import.

Note: I’ve lost an entire day’s footage before with the Photos library corrupting. It’s horrifying. My method to avoid this is to first import all of the footage into Photos. Once that is done, disconnect your iPhone graciously via iTunes. Then close Photos completely. Once you’ve done that, then do the Show Package Contents on the photos library.

4) Create Your Avid Project

If you’re new to 4K, there are different types, as you’ll soon see when creating your project in Avid. 4K is a pixel resolution of 4096×2160. This is also an aspect ratio of 1.9:1. Ultra High Definition (UHD) TVs are technically 3840×2160 or 16:9 which is the 1.77:1 aspect ratio.

Moment says on their website that the lens is a 1.33x or 2.40:1 aspect ratio. The 2.40:1 part isn’t accurate. I beat my head against the wall a bit, then finally reached out to Moment to get the official word.

Turns out the Moment anamorphic lens is a 2.36:1 aspect ratio. Footage comes squeezed from the camera at UHD dimensions of 3840×2160. The actual project size for 2.36:1 will be 5106×2160. This is not broadcast standard, so when you deliver you’ll need to size that down. I leave my Avid project at the native dimensions and then worry about the size down later.

For any of you who have shot with Moment’s desqueeze setting to on, you know the resulting footage is 3840×1624. So if you don’t want to lose quality, make sure that setting is off in the app. I think it defaults to on!

Setup your Avid project as 5106×2160 for a 2.36:1 aspect ratio.

Click a new project and choose Custom under format. Type in 5106×2160 and you’ll see the Aspect Ratio field automatically adjust to 2.36:1.

5) Create Bins & AMA Link Files

As mentioned, back in the day you’d receive tapes from the lab and digitize the footage. Avid would create MXF files (formerly OMF files) to represent each digitized clip. You can still do this, but there can be drawbacks. Here we will do the AMA link method.

Open a bin, right-click inside and choose Input > Source Browser. Navigate to the raw folder and link your footage! You can also simply open Finder and alt-drag the files into the open Avid bin. This automatically AMA links vs importing. If you drag without holding the alt key, it will import vs link.

How you organize your project is up to you, but I create bins to match my folder structure on the computer, for simplicity.
The Source Browser windows in Avid Media Composer

Once the AMA linking is done, simply close the Source Browser and double-click on a clip to view in the Composer Window. You’ll see that Avid automatically adjusts the 3840×2160 footage to match your project settings of 5106×2160!

Footage from my shoot in Switzerland 2019.

However, playback could be an issue, especially if you did a high data rate when recording (Moment Pro and Filmic Pro allow you to change this) and you’re cutting on a MacBook Pro like me. If you notice stutter, you should transcode your footage.

6) Transcode Your Footage

Transcoding footage allows you to create new clips at a lower resolution, and then cut in a resolution that your computer can handle. Once you’re editing is done, simply relink to the original source footage with zero quality loss!

To transcode, highlight all of the clips in a bin, and right-click. Choose the Consolidate/Transcode option. It will bring up a window with settings. Select the transcode radio button.

Transcode your footage for a better editing experience.

Next you’ll need to specify Target Drive, Raster Dimensions, Target Resolution and Linked Source Scaling. All of this depends on the length of your project and the speed of your computer. Just be sure to check the Keep Source’s Frame Rate radio box to ensure no relinking issues later.

There are no wrong answers here. You can set the Raster Dimension to 1/4, Target Resolution to Avid DNxHR LT and the Source Scaling to something less than full. This will all help your playback and editing be more enjoyable.

After you transcode, the AMA linked clips will now show the new code information. If you’re wondering what codec and quality to choose, I went with high on everything (including DNxHDR HQX) and playback was fine vs the stuttered playback of H.264.

7) Exporting A Sequence

When you have a 4K sequence ready for export, simply go to File > Output > Export to File. You’ll need to choose Custom vs Same as Source and then specify the dimensions. If you leave it at Same as Source you’ll get a quicktime file with a green screen instead of your footage.

Avid Export to File settings window

BOOYAH! That’s it.

Cutting 4K iPhone footage shot with the Moment Anamorphic lens is a ton of fun. And it’s shocking how far technology has come. Now anyone has the tools they need to tell a good story without spending a fortune.

Getting Started with Gridpane

I’ve used Linode VPS servers for a long time. They have been fast and reliable. But there’s been a problem: I can spin up Debian/Ubuntu servers, set them up and get sites going with no issue. But when it comes to detailed database tuning, firewall configuration or tech issues, I’m lacking.

Decided it was time to engage a control panel, and went with Gridpane due to their support and feature sets. If you’re like me two months ago, you’re probably wondering what a control panel offers. Don’t worry, we’ll get to that.

This blog post will walk you through a start to finish task list of setting up Gridpane, provisioning a server and moving an existing WordPress site to the new install. Ready? Here are the topics I’m covering:

Advantages of Gridpane

Gridpane provides an entire admin interface to your servers and websites. This alone makes life easier, but it doesn’t stop there. Gridpane is focused on WordPress, and they have a LEMP stack tuned for the best performance. Plus the stack adjusts config parameters whenever you resize your VPS! Some other important points:

  • Latest Ubuntu LTS LEMP
  • Easy Site Cloning
  • You keep root access & ownership
  • Site Backups
  • ModSec WAF or 6g WAF Per Site
  • Global Sendgrid Implementation
  • WordPress Plugin Bundles (Awesome!)
  • Redis Caching
  • Change PHP Versions Per Site
  • Support (FAST chat response)
  • Server Updates (NICE)

There’s even more, but you can see by the above feature set that your VPS servers will benefit in massive ways.

Next I’m going to take you through setting up the defaults, creating and connecting to a server, and setting up a website. I had a few questions during this process, and documented my journey which is specific to Linode, OSX and WordPress websites.

Configure Gridpane Defaults

Click on your name at the top right of Gridpane and then go to Your Settings. Here we’ll set some basic options before setting up servers or websites.

Gridpane global settings are located under Your Settings

1) Add A Linode API Key

First you’ll need to sign in at Linode and click your account name in the top right. Then My Profile. Go to the API Tokens tab. Click Add a Personal Access Token and grant it Read/Write. I’m sure you can narrow it down, but I just did everything. Copy the new API key and paste it in as a new token at Gridpane > Your Settings > LINODE API.

2) Add System User(s)

What’s this about? It’s recommended to not use the default gridpane user that’s setup upon server creation when you’re creating your nginx sites. Go to System Users and add a user for each of your servers.

3) SMTP Providers

Under SMTP Providers I added my Sendgrid API key as a global site token. You can then enable this on a per site basis, which we’ll cover in a minute.

4) Default WP Admin Settings

Here can enter the default admin account you want to create on all of your WordPress sites. NICE!

5) Bundles

Okay, so this a pretty sweet time-saver. You can name and create a new bundle. Then within that you can add default theme and plugins to use on any new website using this bundle.

Here’s what you need to know:

1) Only include the end of the plugin or theme URL at WordPress.org. Not the full address. The Follow Hook CRM full URL is https://wordpress.org/plugins/follow-hook/. To add this plugin to a bundle, simply enter follow-hook as show below.

2. If you want to add licensed plugins that aren’t hosted at WordPress.org, use a full URL to a path they can be downloaded from. Example:

https://yousite.com/the-folder/your-plugin-file.zip.

Provision Server(s)

With these basic defaults complete, it’s time to provision a server! As you can see below, the current choices are Digital Ocean, Vultr and Linode. I’m all about Linode, so that’s who we’re using. And not to state the obvious, but point one above is required for this to work.

Simply name the VPS instance, choose your plan and region and create the server! When this completes you’ll see the server in your Linode account. I haven’t really discussed this yet, but Gridpane doesn’t own your VPS instances, you do. So if you were to cancel Gridpane at any time, you’d still have all of the servers at Linode.

Create SSH Keys

So this one was a little new to me. I’m one of those admins who has always skipped SSH keys, and just used a good password for attaching to servers. However, Gridpane requires SSH keys to be used.

An SSH key is a pair of files. One is called the private key, and you should never give this out. The other is called the public key, and this key is what you upload to Gridpane.

1) Generate SSH Key Pair

I’m on a Mac. To generate an SSH key pair in OSX you’ll need to open terminal and type in the following command:

ssh-keygen -t rsa

Next you will be prompted for a passphrase. Give it a unique passphrase or hit enter to skip. Ideally, you want a passphrase in case someone were to gain access to your computer. You know, think a hotel room you leave it in. While you’re in the bathroom at the coffee shop, etc.

2) Copy Public Key

OSX has now generated a key pair and they are stored in the /Users/Your-Username/.ssh folder on your computer as as id_rsa and id_rsa.pub. Now you must copy the public key so that you can add it to your Gridpane account.

Type the following in Terminal:

pbcopy < ~/.ssh/id_rsa.pub

Your public key is not copied to clipboard.

3) Add Public Key to Gridpane

Go to Your Settings > SSH Keys in Gridpane. Name the key and paste it in.

Note: Make sure your cursor is up next to the last line versus down on the bottom (see above). You will then need to turn the key on in the lower section of this same screen.

4) Add Key to Desired Servers

Within Gridpane, you can choose what keys have access to which servers. For example, maybe you have a contractor who only needs access to a single VPS, etc. Go to Gridpane > Home > Active Servers. Click the key icon next to a server, and add your new key to grant access.

Now if you attempt to access the server via SSH it will use the key and prompt you for the passcode you entered. Voila!

5) Using sFTP Client

If you want to access your server with an sFTP client, you’ll now need to also use the key. I use ForkLift3 from Binary Knights. IMO it’s the best sFTP client out there. Like, if Apple built sFTP abilities into Finder, it would feel like ForkLift3.

In ForkLift click Go > Connect and enter the information (yes you’re connecting as root). You’ll need to click the key and browse to your /Users/Your-Username/.ssh folder. Choose the id_rsa key. Not the public one here — It’s your private key. Once done, the key will turn blue and you’ll be able to enter the passphrase you used in step 1.

Note: If you have problems connecting, uncheck the blue key but use the password you set on your secret key and try again. This will should make it work.

Create A WordPress Site

One pain-in-the-rear part of moving to Gridpane is the fact that your existing Linodes cannot just be moved in. It’s impossible. Now, you can setup a new Linode, import the sites and have Linode move the IP address.

For this next step, we’re going to setup a new Gridpane site, and then export and import from old to new. Ready?

1) Create Site on Gripane

Go to Sites from the top menu. Fill in the site URL, choose the server, system user and bundle (if using a bundle). Next you’ll need to uncheck Staging Site if you’re not doing one of those. Click Add Site!

It’s that easy. No creating nginx server block files or Maria databases.

2) Export Data on Original Site

Sign into the site you’re moving and install the All in One WP Migration plugin. Once it’s activated, access it from the menu and choose Export > To File.

Once the export is complete, download the file. If you accidentally close the window before downloading the file, you can access the file from an sFTP client. Just look for a file with the wpress extension under the ai1wm-backups folder in WP-Content > Uploads.

3) Change Local Hosts File

Since public DNS is pointed to your old site, you’ll need to modify your local hosts file in OSX to correctly resolve to the new WordPress site. Go to Terminal and type in:

sudo nano /etc/hosts

It will open your local hosts file. Navigate to the bottom and then type your IP address + tab + the domain name. So if your Gridpane server IP address was 198.75.50.22 and your domain name was booyah.com, it would look like this:

Hit Ctrl + X to exit and type Y to save changes. Now ping your domain name from terminal. It should give you the updated IP address.

4) Import Data to Gridpane Site

Sign into your new Gridpane WordPress site. You can launch the sign on from within Gridpane (cool!) or do it the normal way. Remember, you’re using the global WordPress admin account you specified in Gridpane here.

If your current site has an SSL cert installed, your browser is going to try and use https when you access the new copy at Gridpane. This won’t work yet. Manually force your browser to go to http://yoursite.com/wp-admin and then you’ll be in business.

Install the All in One WP Migration plugin. This time choose Import from the menu. Browse to that file and import! Remember, if you forgot to download the file, simply use an sFTP client and access your old server. The file will be in the ai1wm-backups folder.

Note: If the site says the file you’re inputting exceeds upload limitations, you need to install a Pro plugin from All in One WP Migration. The good news is that Gridpane licenses them for you! Just click on any website within the Gridpane control panel and then click on the Downloads tab. You’re looking for the All in One Migration MultiSite Extension.

Once the import is complete it will prompt you about overwriting everything. When you click Proceed it will actually overwrite the data. Then click Finish on the final prompt.

5) Save Permalinks

Click Settings > Permalinks on the new site. It will make you sign in again. Sign in with the admin account on the original site you imported. Then go back to Settings > Permalinks unless it takes you there.

On the Permalink Settings page, scroll to the bottom and click Save Changes two times. You should see a Permalink Structure Updated message as shown below.

5) Change Public DNS

Your site is ready to go! Now you’ll need to change DNS to point to the new Gridpane IP address.

If you can spare a little downtime, I like to first transfer the DNS to Gridpane and setup the SSL and such before importing the site.

6) Enable SSL

Once your public DNS is changed (and updated!) you can enable SSL within the site settings area under Gridpane > Sites. Simply click on the new Gridpane site and toggle SSL to on. If your DNS has updated, the Let’s Encrypt Certificate will work. If not, just give it some more time.

Speed Things Up

Now that your new WordPress site is ready, let’s setup object caching and page caching to make things really fly. But first I need to clear the confusion about something. Well, at least I was confused at first:

Nginx Fast CGI and Redis Static Caching are mutually exclusive. From what Gridpane has said, you need to use Redis page caching if your users are using certain plugins in WordPress like page builders as Fast CGI might not be compatible.

1) Redis Object Cache

With Gridpane, Redis can cache both database queries (object cache) and additional page content. These are each enabled in different ways. To use Redis Object Cache, you’ll need to download and install the following plugin:

https://github.com/gridpane/gridpane-redis-object-cache

This is their own modified plugin that is more streamlined than what you’ll get from WordPress.org. Currently you have to download from Github, but they will be adding it to the WordPress repository soon.

Once installed and activated, you’ll need to enable it under Settings > Redis Object Cache. Enable the cache, and then you should see it active as shown in the screen above. Read more about setup at Gridpane:

https://gridpane.zendesk.com/hc/en-us/articles/360033598631-Using-GridPane-Redis-Object-Caching

2) Redis Nginx Cache

In addition to object caching, Redis can also do static page caching as well. I’m not using this as I use WP-Rocket for my caching, but if you do want to enable it, here’s how:

First, go to Gridpane > Sites and click on the site you’d like to cache. Toggle the Redis Caching option to On as shown below.

Next you’ll need to install the Nginx Helper plugin from the WordPress repository. This plugin also has settings. You can view instructions on proper configuration by visiting the Gridpane Support article here:

https://gridpane.zendesk.com/hc/en-us/articles/360033598811-Using-GridPane-Nginx-Redis-Caching

3) Fast CGI Caching

As mentioned above, Fast CGI and Redis Static caching are mutually exclusive. If you’re not using Redis you can enable Fast CGI under the same site configuration area shown in Step 2. You also need to add the nginx helper plugin. here’s an article with the details from Gridpane:

https://gridpane.zendesk.com/hc/en-us/articles/360033232392-Using-GridPane-Nginx-FastCGI-Caching

I plan to do some testing soon, but right now I’m using WP-Rocket for me static caching. I’m going to test it against Gridpane only caching and see which works better!

Always check your migrated site in a browser that you didn’t use to sign into the site. The reason? Even if you turn off the Redis page caching, it is on be default. I’ve had my Gridpane server only show the WordPress 2020 theme after migration due to caching, and nothing I did on the site helped. If you run into this, simply go to Terminal and type in: gp cache fix yoursite.com.

That’s A Wrap!

Boom! You’ve done it. Hopefully this has helped someone navigate a few startup issues with moving to Gridpane. Overall, I’m loving the service, and can’t wait to get all of my VPS servers under the Gridpane hood!

Setup LEMP on Debian 10 (Buster) with NFTables

Debian 10 is out! I discovered this after running into a problem on a new Debian 9.8 distro. Decided to spring for 10 for my LEMP server needs. Debian 10 also ships with NFTables which replaces IPTables – Something I didn’t know until neck deep in setup.

The order I execute these steps isn’t the only way to do it. My goal is to take you from a fresh server install to installing a WordPress site with an SSL certificate. So the order I execute reflects this.

Ready? Let’s get on with it!

Update Your Server

*Note: This post assumes you have just loaded Debian Buster on a server or VPS. Get to your command line via SSH (terminal for Mac) and type:

apt update && apt upgrade

*Note: Normally, you’ll always type in sudo and then the command, as you won’t be signed in as the root user. This is assumed.

Set Server’s DNS Name

Now make sure you’ve entered your server’s fully qualified DNS name into your server’s hosts file. Obviously this needs to be setup in DNS as well.

nano /etc/hosts (no trailing slash)

The format should look similar to:

95.183.52.150   servername.domain.com    servername

Install Nginx

As you know, LEMP servers using nginx vs apache. As of April 2019, Debian 10 ships with nginx 1.14.2.

apt install nginx

Use nginx -v to see your version after installation.

Remove Apache

I like to get Apache2 off my Debian 10 server. Why? Every once in awhile, it can accidentally get loaded on a server reboot, and you’ll beat your head on the desk trying to figure out why nginx won’t load.

service apache2 stop
apt-get remove apache2*
apt-get autoremove
apt-get autoclean
rm -rf /etc/apache2 /var/lib/apache2 /var/lib/apache2

Be sure to run all of those commands (sudo assumed) or the rebellious Apache2 will raise it’s ugly head later on. If you still have problems with Apache2 showing up, use these commands:

apt-get purge apache2
apt-get remove --purge apache2 apache2-utils

Install Maria DB Server

If you’re new to later versions of Debian (or Ubuntu) you may not have used Maria yet. Don’t worry – it’s a beautiful drop in replacement for MySQL. All the commands you’re used to using still work.

apt install mariadb-server

Secure Maria DB Server

Running the secure installation script allows you to tighten up the default Maria install for your Debian LEMP server by setting a root password, removing test users and disabling remote access. Remote access does not mean an SSH connection, as that is signing on as if local.

mysql_secure_installation

Set the root password (hit enter as there is none set for Maria yet). Answer ‘yes’ to the other remaining questions. Easy as pie.

Install PHP & Libraries

If you use WordPress, you know they’re recommending php 7.3 as the minimum version. Maybe still a little bleeding edge, but I’ve not had any issues, and my WordPress site does some complicated stuff. PHP 7.3 is the current stable as of April 2019. Type php -v to show the version after install.

A handful of other common libraries you’ll need, including support for Maria DB and PHP-FPM (FastCGI Process Manager) :

apt install php-fpm php-cli php-mysql php-zip php-gd php-curl php-xml php7.3-mbstring

Configure NFTables (Firewall)

You’ve probably heard of iptables — It’s been the go to firewall for Linux for many moons. But Debian Buster is now shipping with nfttables as the replacement to iptables. NFTables is a different animal, but more powerful. When you first load your VPS, nothing is blocked, so you need to do this quickly.

This will list the current ruleset:

nft list ruleset

If that command doesn’t produce a result, your particular Debian 10 distro probably has iptables instead. Just use apt remove to remove and then apt install.

apt remove iptables
apt install nftables

Update NFTables Config

Use an sFTP client (you can also you nano) and edit the /etc/nftables.conf file. If you’re a MAC user, ForkLift cannot be beat. Trust me. It’s the best sFTP client out there.

The link below contains a sample starter configuration that will allow http, https and ssh ports while blocking everything else:

https://kyler.media/nftables.txt.zip

Load New Configuration

Type the following:

/etc/nftables.conf

Now your config is live. If you use the command at the top again, you’ll see the updated ruleset.

Make New Ruleset Persistent

Type the following commands in to make your NFTables config persistent when your Debian 10 server is rebooted:

systemctl enable nftables
systemctl start nftables
systemctl status nftables

You’re good to go! There’s a lot more that can be done with NFTables, but now your server has basic protection. Also, if you change the nftables.conf file, use these words to tell Debian Buster to load the new config:

nft flush ruleset
/etc/nftables.conf

Now type nft list ruleset to show the new config. You should see your new rules listed.

Resources:

https://docs.snowme34.com/en/latest/reference/devops/debian-firewall-nftables-and-iptables.html

https://stosb.com/blog/explaining-my-configs-nftables/#TableInetFilter

Setup Website with Nginx on Debian 10

Now let’s get that first nginx-based website rocking and rolling. We’ll prep the server for a WordPress site, which will obviously use both nginx and Maria DB.

Create Site Folder & Download WordPress

mkdir -p /var/www/oilygurus.ch/public_html/

Go to wordpress.org and download the WordPress installation files. Unzip them, and then copy the contents to the public_html folder created above.

Change Ownership to WWW-DATA

Once you’ve copied the WordPress files to your public_html folder, use the following command to ensure the www-data user has ownership:

chown -R www-data:www-data /var/www/oilygurus.ch/public_html/

Create Nginx Server Block

nano /etc/nginx/sites-available/default

Add a space or any minor change, and then hit Ctrl-X to save the file. Follow the prompts to save as a different filename. Name the file the name of your website, including the TLD. Example: theatereleven.com.

Enable the Website

Once your server block file is ready, you must enable it. The command below places a link to your new server block file in the /etc/nginx/sites-enabled folder.

ln -s /etc/nginx/sites-available/oilygurus.ch /etc/nginx/sites-enabled/

*Note: You’ll also want to remove default from the sites enabled folder.

Verify Website Configuration

At the command line type:

service nginx restart

When you hit enter, it should take you to a blank command line. If there are any problems, you’ll see an error message. The best way to get the scoop on nginx errors is to open the log. This can be found at /var/log/nginx/error.log.

Enable SSL with Let’s Encrypt

Obtaining an SSL certificate and installing it for your website used to be a royal pain. Not it’s easy thanks to Let’s Encrypt and their official server client: Certbot. Back at your command line type:

apt-get install certbot python-certbot-nginx

Now let’s add an SSL certificate to your new website. I do this before installing WordPress so the installation configures the site for https:// right out the door.

certbot --nginx (use TWO dashes before nginx)

The first time you do this it’s going to ask you a couple questions like admin email, etc. After that completes, it will display the available nginx server blocks on your Debian 10 server. Select both the www and non-www names via their number and a comma. Next you’ll be asked about redirect – You want Option 2.

More on certbot: https://certbot.eff.org/

*Note: DNS for the domain name you’re setting up must be pointed to your server for this to work. Try and ping your domain name from the server command line to ensure DNS is working.

Create WordPress Database

As you know, WordPress needs a database to run from. Let’s jump into Maria DB server and get a database ready!

mysql -u root -p

Enter the password you set in the MySQL secure installation step from above.

create database yourdbname;

*Note: All MySQL/Maria DB commands must end with a semicolon.

Now that your database is created, you need to assign rights to a user. The command below grants access to your new database to a username you create (make one up here) identified by a password (make this difficult and jot it down as you’ll need this when setting up WordPress).

Grant all on yourdbname.* to 'yourdbuser' identified by 'yourpassword';
Flush privileges:]flush privileges;

Now type quit to exit Maria DB.

Set File Upload Size

Before we kick of the WordPress installation, you’ll want to set a file upload size in two configuration files on your Debian Buster server:

NGINX.CONF

You’ll find this file in /etc/nginx/. Add the line below to the http area. Restart nginx after saving to verify everything was done correctly.

client_max_body_size 25M;

PHP.INI

Sometimes there can be more than one php.ini on a server. The one you need to edit for PHP-FPM on your Debian 10 server is found at /etc/php/7.3/fpm/php.ini. The upload max filesize line will already be in this file. You just need to update it.

upload_max_filesize = 25M

Now restart your PHP-FPM service:

service php7.3-fpm restart

Install WordPress

You’ve done it! You’ve setup LEMP on Debian Buster. BOOYAH!

If you’re familiar with WordPress, you know that simply going to your domain name in a browser will kick off the install. I won’t go into detail on that here, but it’s pretty straight forward.

Bonus Configuration Files

I frequently use 8GB VPS setups at Linode (highly recommend them by the way). If you’re doing the above, here are configuration files that will save you some time beating your head against the wall. Trust me – the wrong configuration can make your server take 10 hours to do a task it could do in 40 seconds — I’m not kidding.

Just download this zip file, and replace the files on your new Debian 10 server. These adjust nginx, php-fpm and maria db. These assume php v7.3.

Configuration Files

Do NOT follow this link or you will be banned from the site!