Linux - Ollama Installation

En ëmfassenden Schrëtt-fir-Schrëtt Guide fir Ollama op Debian 12 ze installéieren mat Apache2 Reverse Proxy, SSL-Verschlësselung an HTTP Basic Authentication fir sécher ëffentlech API-Notzung.

Debian 12OllamaApache2SSL/TLSAPI

Wichteg Hiweiser

Bedenkt dës wichteg Punkten virum Setup

Root-Zougang Erfuerderlech

Root-Zougang oder sudo-Berechtigungen sinn fir all Installatiounsschrëtt erfuerderlech

Domain Erfuerderlech

Eng gëlteg Domain mat DNS-Konfiguratioun ass néideg fir SSL-Zertifikater

Firewall-Konfiguratioun

Maacht d'Porten 80 an 443 an Ärer Firewall op fir HTTP/HTTPS-Zougang

Séchert Passwuert

Benotzt e staarkt Passwuert fir d'API-Authentifizéierung

Backup Erstellen

Sécheréiert all Konfiguratiounsdateien ier Dir wichteg Ännerungen maacht

Hardware-Ufuerderungen

Op d'mannst 8GB RAM sinn recommandéiert fir Ollama-Modeller ze bedreiwen

Setup Schrëtt

Bash

Update package lists again

apt update -y && apt upgrade -y

Bash

Install basic packages

apt install sudo curl

Bash

Download and install Ollama

curl -fsSL https://ollama.com/install.sh | sh

Bash

Download and test small test model

ollama run gemma3:4b

Bash

Open Ollama service configuration

systemctl edit ollama.service

INI

/etc/systemd/system/ollama.service.d/override.confoverride.conf

[Service]
Environment="OLLAMA_NUM_PARALLEL=6"
Environment="OLLAMA_MAX_QUEUE=512"
Environment="OLLAMA_MAX_LOADED_MODELS=3"

Bash

Reload systemd manager

sudo systemctl daemon-reexec

Bash

Reload Ollama service

sudo systemctl daemon-reload

Bash

Restart Ollama service

sudo systemctl restart ollama

Bash

Check if Ollama is listening on port 11434

sudo ss -tulpen | grep 11434

Bash

Install Apache2 and SSL modules

sudo apt update && sudo apt install apache2 apache2-utils -y

Bash

Enable required Apache modules

sudo a2enmod proxy proxy_http ssl headers rewrite

Bash

Restart Apache2

sudo systemctl restart apache2

Bash

Install Certbot for Let's Encrypt

sudo apt install certbot python3-certbot-apache -y

Bash

Request SSL certificate for domain

sudo certbot --apache -d server.chad.lu --register-unsafely-without-email

Bash

Create directory for auth files

sudo mkdir -p /etc/apache2/htpasswd

Bash

Create user with password for HTTP Basic Auth

sudo htpasswd -c /etc/apache2/htpasswd/ollama-api.htpasswd apiuser

Note: Enter a secure password when prompted

Apache

/etc/apache2/sites-available/server.chad.lu.confserver.chad.lu.conf

<VirtualHost *:80>
    ServerName server.chad.lu
    Redirect permanent / https://server.chad.lu/
</VirtualHost>

<VirtualHost *:443>
    ServerName server.chad.lu
    DocumentRoot /var/www/server.chad.lu

    <Directory /var/www/server.chad.lu>
        Options Indexes FollowSymLinks
        AllowOverride All
        Require all granted
    </Directory>

    # Rewrite-Rule for redirect outside of /ollama/
    RewriteEngine On
    RewriteCond %{REQUEST_URI} !^/ollama/
    RewriteRule ^ https://www.chad.lu%{REQUEST_URI} [R=301,L]

    # Proxy Ollama API
    ProxyPreserveHost On
    ProxyPass "/ollama/" "http://localhost:11434/"
    ProxyPassReverse "/ollama/" "http://localhost:11434/"

    <Location "/ollama/">
        AuthType Basic
        AuthName "Ollama API"
        AuthUserFile /etc/apache2/htpasswd/ollama-api.htpasswd
        Require valid-user
    </Location>

    # SSL configuration
    Include /etc/letsencrypt/options-ssl-apache.conf
    SSLCertificateFile /etc/letsencrypt/live/server.chad.lu/fullchain.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/server.chad.lu/privkey.pem

    # Security headers
    Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains"
    Header always set X-Content-Type-Options "nosniff"
    Header always set X-Frame-Options "DENY"
    Header always set X-XSS-Protection "1; mode=block"
</VirtualHost>

Bash

Enable new site configuration

sudo a2ensite server.chad.lu.conf

Bash

Disable default Apache site

sudo a2dissite 000-default.conf

Bash

Disable default SSL site

sudo a2dissite 000-default-le-ssl.conf

Bash

Reload Apache configuration

sudo systemctl reload apache2

Bash

Test API endpoint with curl

curl -u apiuser https://server.chad.lu/ollama/api/generate -H "Content-Type: application/json" -d '{"model": "gemma3:4b", "prompt": "Erzähl mir eine Geschichte.", "stream": true}'

Note: You will be prompted for the 'apiuser' password. On successful test, you will receive JSON responses with generated text fragments.

Problemléisung

Heefeg Problemer an hir Léisungen

Installation ofgeschloss!

documentations.ollamaSetup.completion.description

Linux - Ollama Installation

Wichteg Hiweiser

Root-Zougang Erfuerderlech

Domain Erfuerderlech

Firewall-Konfiguratioun

Séchert Passwuert

Backup Erstellen

Hardware-Ufuerderungen

Setup Schrëtt

Install Dependencies

Install Ollama

Configure Apache2

Setup SSL Certificate

HTTP Basic Authentication

Enable Virtual Host

Test Installation

Problemléisung

Ollama Issues

Apache Issues

SSL Issues

Installation ofgeschloss!