Difference between revisions of "CentOS8 -Install nginx, Apache, Redis, php7.4-fpm, MySQL, PostgreSQL"
Jump to navigation
Jump to search
(Created page with "{{DISPLAYTITLE:CentOS8 -Install nginx, Apache, Redis, php7.4-fpm, MySQL, PostgreSQL}} == nginx == sudo dnf update sudo dnf install nginx mod_ssl sudo systemctl start ngi...") |
|||
Line 36: | Line 36: | ||
== Or Apache == | == Or Apache == | ||
− | + | yum -y install httpd httpd-tools mod_ssl | |
− | sudo systemctl | + | sudo systemctl status httpd |
− | sudo systemctl start httpd | + | sudo systemctl start httpd.service |
+ | sudo systemctl enable httpd.service | ||
+ | |||
== firewalld == | == firewalld == | ||
sudo yum install firewalld | sudo yum install firewalld |
Revision as of 11:39, 30 January 2021
nginx
sudo dnf update sudo dnf install nginx mod_ssl sudo systemctl start nginx
TEST
curl -4 ec2-3-123-2-191.eu-central-1.compute.amazonaws.com
SSL
openssl req -new -newkey rsa:4096 -nodes -keyout rho-demo.key -out rho-demo.csr #(Copy and send .csr file content to Certificate Authority)
mkdir -p /etc/pki/nginx mkdir -p /etc/pki/nginx/private openssl req -newkey rsa:4096 -nodes -keyout /etc/pki/nginx/private/server.key -x509 -days 365 -out /etc/pki/nginx/server.crt -subj "/C=GH/ST=Greater Accra/L=Accra/O=Rhomicom Demo/OU=IT/CN=*.rhomicom.com/[email protected]" openssl dhparam -out /etc/pki/nginx/dhparam.pem 4096 nano /etc/nginx/nginx.conf #(# Add DH parameters ssl_dhparam /etc/pki/nginx/dhparam.pem;) nginx -t systemctl restart nginx
Letsencrypt
dnf install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm # (for centos 8) dnf config-manager --set-enabled PowerTools sudo dnf install certbot python3-certbot-nginx OR dnf install certbot python3-certbot-apache
certbot --version certbot --nginx OR certbot --apache
certbot renew certbot certificates certbot certonly --apache certbot certonly --nginx
echo "0 0,12 * * * root python3 -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew -q" | sudo tee -a /etc/crontab > /dev/null
Or Apache
yum -y install httpd httpd-tools mod_ssl sudo systemctl status httpd sudo systemctl start httpd.service sudo systemctl enable httpd.service
firewalld
sudo yum install firewalld sudo systemctl start firewalld sudo systemctl enable firewalld sudo systemctl status firewalld
sudo firewall-cmd --permanent --add-service=http sudo firewall-cmd --permanent --add-service=https sudo firewall-cmd --permanent --list-all sudo firewall-cmd --reload
nano /etc/firewalld/firewalld.conf # AllowZoneDrifting=no
SELinux
setsebool -P httpd_can_network_connect 1 setsebool -P httpd_execmem 1 setsebool -P httpd_setrlimit 1 setsebool -P httpd_can_sendmail 1 setsebool -P allow_httpd_mod_auth_pam 1 setsebool -P httpd_mod_auth_pam 1 setsebool -P httpd_read_user_content 1 setsebool -P httpd_run_stickshift 1 setsebool -P httpd_enable_cgi 1 setsebool -P httpd_unified 1 setsebool -P httpd_enable_homedirs 1
MariaDB
sudo dnf install mariadb-server sudo systemctl start mariadb sudo systemctl enable mariadb
sudo mysql_secure_installation #(Set Root Password and disable test and insecure features)
sudo mysql -p #(Use \q to quit) CREATE DATABASE rho_database; GRANT ALL ON rho_database.* TO 'root'@'localhost' IDENTIFIED BY 'password' WITH GRANT OPTION; FLUSH PRIVILEGES;
REDIS
dnf module install redis sysctl vm.overcommit_memory=1 (# nano /etc/sysctl.conf) echo never > /sys/kernel/mm/transparent_hugepage/enabled
systemctl start redis systemctl enable redis systemctl status redis ss -tlpn redis-cli (#PING -> PONG)
PHP
sudo dnf module list php sudo dnf module install php:7.4 #(use dnf module reset php to reset if necessary before running command) sudo dnf install php-fpm php-opcache php-openssl php-curl php-cli php-common php-zip php-gd php-xml php-pear php-bcmath php-json php-pdo php-mysqlnd php-pgsql php-mbstring php-soap php-sockets php-pecl-apcu php-json php-ctype php-dom php-exif php-mysqli php-iconv php-fileinfo
sudo nano /etc/php-fpm.d/www.conf #(Change user and group to nginx) sudo systemctl start php-fpm systemctl status php-fpm.service sudo systemctl restart nginx
nano /etc/php.ini # session.save_handler = redis # session.save_path = tcp://127.0.0.1:6379 nano /etc/php-fpm.d/www.conf # php_value[session.save_handler] = redis # php_value[session.save_path] = tcp://127.0.0.1:6379
PostgreSQL
dnf install https://download.postgresql.org/pub/repos/yum/reporpms/EL-8-x86_64/pgdg-redhat-repo-latest.noarch.rpm dnf update dnf install postgresql11-server postgresql11 postgresql11-contrib systemctl start postgresql systemctl enable postgresql systemctl status postgresql
/usr/bin/postgresql-setup --initdb passwd postgres su - postgres psql -c "ALTER USER postgres WITH PASSWORD 'adminpasswdhere123';" OR \password tree -L 1 /var/lib/pgsql/data/ nano /var/lib/pgsql/data/pg_hba.conf #host all all 127.0.0.1/32 md5 #host all all ::1/128 md5 systemctl reload postgresql su - postgres psql