Difference between revisions of "CentOS8 -Install nginx, Apache, Redis, php7.4-fpm, MySQL, PostgreSQL"

From Rhomicom Wiki
Jump to navigation Jump to search
Line 156: Line 156:
 
   sudo firewall-cmd --zone=public --add-port=10000/tcp --permanent
 
   sudo firewall-cmd --zone=public --add-port=10000/tcp --permanent
 
   sudo firewall-cmd --reload
 
   sudo firewall-cmd --reload
 +
== JAVA ==
 +
  sudo dnf install java-11-openjdk-devel
 +
 +
  #OPEN JRE
 +
  sudo yum -y install java-1.8.0-openjdk
 +
 +
  #OPEN JDK
 +
  sudo yum -y install java-1.8.0-openjdk-devel
 +
 +
  #ORACLE JDK -- AFTER DOWNLOAD
 +
  sudo yum localinstall jdk-8u181-linux-x64.rpm
 +
 +
  java -version
 +
  sudo alternatives --config java
 +
  sudo sh -c "echo export JAVA_HOME=/usr/java/jdk1.8.0_181-amd64/jre >> /etc/environment"

Revision as of 11:51, 30 January 2021

nginx

 sudo dnf update
 sudo dnf install nginx mod_ssl
 sudo systemctl start nginx

TEST

 curl -4 https://your_url

SSL

 openssl req -new -newkey rsa:4096 -nodes -keyout rho-demo.key -out rho-demo.csr #(Copy and send .csr file content to Certificate Authority)

 mkdir -p /etc/pki/nginx
 mkdir -p /etc/pki/nginx/private
 openssl req -newkey rsa:4096 -nodes -keyout /etc/pki/nginx/private/server.key -x509 -days 365 -out /etc/pki/nginx/server.crt -subj "/C=GH/ST=Greater Accra/L=Accra/O=Rhomicom Demo/OU=IT/CN=*.rhomicom.com/[email protected]"
 openssl dhparam -out /etc/pki/nginx/dhparam.pem 4096
 nano /etc/nginx/nginx.conf #(# Add DH parameters
       ssl_dhparam /etc/pki/nginx/dhparam.pem;)
 nginx -t
 systemctl restart nginx

Letsencrypt

 dnf install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
 # (for centos 8) dnf config-manager --set-enabled PowerTools
 sudo dnf install certbot python3-certbot-nginx
 OR dnf install certbot python3-certbot-apache

 certbot --version
 certbot --nginx
 OR certbot --apache

 certbot renew
 certbot certificates
 certbot certonly --apache
 certbot certonly --nginx

 echo "0 0,12 * * * root python3 -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew -q" | sudo tee -a /etc/crontab > /dev/null

Or Apache

 yum -y install httpd httpd-tools mod_ssl
 sudo systemctl status httpd
 sudo systemctl start httpd.service
 sudo systemctl enable httpd.service

firewalld

 sudo yum install firewalld
 sudo systemctl start firewalld
 sudo systemctl enable firewalld
 sudo systemctl status firewalld

 sudo firewall-cmd --permanent --add-service=http
 sudo firewall-cmd --permanent --add-service=https
 sudo firewall-cmd --permanent --list-all
 sudo firewall-cmd --reload

 nano /etc/firewalld/firewalld.conf
 # AllowZoneDrifting=no

SELinux

 setsebool -P httpd_can_network_connect 1
 setsebool -P httpd_execmem 1
 setsebool -P httpd_setrlimit 1
 setsebool -P httpd_can_sendmail 1
 setsebool -P allow_httpd_mod_auth_pam 1
 setsebool -P httpd_mod_auth_pam 1
 setsebool -P httpd_read_user_content 1
 setsebool -P httpd_run_stickshift 1
 setsebool -P httpd_enable_cgi 1
 setsebool -P httpd_unified 1
 setsebool -P httpd_enable_homedirs 1

MySQL

 sudo dnf install mysql-server
 sudo systemctl start mysqld
 sudo systemctl enable mysqld
 sudo mysql_secure_installation
 sudo grep 'temporary password' /var/log/mysqld.log

 mysql -u [user] -p
 create database [database_name];
 mysql -u [new_user] -p [database_name] < [file_name].sql
 mysql -u root -p rhomicom < rhomicom.sql
 #Backup of all databases
 mysqldump -u [user] -p all-databases > [file_name].sql

REDIS

 dnf module install redis
 
 sysctl vm.overcommit_memory=1 (# nano /etc/sysctl.conf)
 echo never > /sys/kernel/mm/transparent_hugepage/enabled

 systemctl start redis
 systemctl enable redis
 systemctl status redis
 ss -tlpn
 redis-cli (#PING -> PONG)

PHP

 sudo dnf install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
 sudo dnf install https://rpms.remirepo.net/enterprise/remi-release-8.rpm
 sudo dnf install dnf-utils
 sudo dnf module list php
 sudo dnf module install php:remi-7.4
 sudo dnf install -y php-fpm php-cli php-common php-zip php-gd php-mcrypt php-mbstring php-curl php-xml php-pear php-bcmath php-json php-pdo php-mysqlnd php-pgsql
 sudo dnf install php-fpm php-opcache php-openssl php-curl php-cli php-common php-zip php-gd php-xml php-pear php-bcmath php-json php-pdo php-mysqlnd php-pgsql php-mbstring  php-soap php-sockets php-pecl-apcu php-json php-ctype php-dom php-exif php-mysqli php-iconv php-fileinfo

 php -v
 sudo nano /etc/php.ini   #Add cgi.fix_pathinfo=0
  max_execution_time = 600
  max_input_time = 600
  disable_functions =exec,passthru,shell_exec,system,proc_open,popen,curl_multi_exec,parse_ini_file,show_source,phpinfo,apache_child_terminate,apache_setenv,define_syslog_variables, eval, ftp_connect, ftp_exec, ftp_get, ftp_login, ftp_nb_fput, ftp_put, ftp_raw, ftp_rawlist,highlight_file,ini_alter,ini_get_all,ini_restore,inject_code,mysql_pconnect,openlog,phpAds_remoteInfo,phpAds_XmlRpc,phpAds_xmlrpcDecode,phpAds_xmlrpcEncode,posix_kill,posix_mkfifo,posix_setpgid,posix_setsid,posix_setuid,posix_setuid,posix_uname,proc_close,proc_get_status,proc_nice,proc_terminate,syslog,xmlrpc_entity_decode,curl_exec

 sudo nano /etc/php-fpm.d/www.conf

 sudo nano /etc/php-fpm.d/www.conf  #(Change user and group to nginx)
 sudo systemctl start php-fpm
 systemctl status php-fpm.service
 sudo systemctl restart nginx

 nano /etc/php.ini
  # session.save_handler = redis
  # session.save_path = tcp://127.0.0.1:6379
 nano /etc/php-fpm.d/www.conf
  # php_value[session.save_handler] = redis
  # php_value[session.save_path]    = tcp://127.0.0.1:6379

PostgreSQL

 dnf module list postgresql
 sudo dnf module enable postgresql:12
 sudo dnf install postgresql-server
 sudo postgresql-setup --initdb
 sudo systemctl start postgresql
 sudo systemctl enable postgresql

 su - postgres -c "psql"
 \password postgres
 systemctl restart postgresql

 cd /var/lib/pgsql/data/
 nano pg_hba.conf
 nano postgresql.conf

WEBMIN

 yum -y install perl-Digest-Perl-MD5
 yum -y install perl-Digest-MD5
 yum -y install perl-DBD-Pg

 nano /etc/yum.repos.d/webmin.repo
  [Webmin]
  name=Webmin Distribution Neutral
  #baseurl=http://download.webmin.com/download/yum
  mirrorlist=http://download.webmin.com/download/yum/mirrorlist
  enabled=1

  wget http://www.webmin.com/jcameron-key.asc
  rpm --import jcameron-key.asc
  yum -y update
  yum -y install webmin
  service webmin start
  chkconfig webmin on
  sudo firewall-cmd --zone=public --add-port=10000/tcp --permanent
  sudo firewall-cmd --reload

JAVA

 sudo dnf install java-11-openjdk-devel

 #OPEN JRE
 sudo yum -y install java-1.8.0-openjdk

 #OPEN JDK
 sudo yum -y install java-1.8.0-openjdk-devel

 #ORACLE JDK -- AFTER DOWNLOAD
 sudo yum localinstall jdk-8u181-linux-x64.rpm

 java -version
 sudo alternatives --config java
 sudo sh -c "echo export JAVA_HOME=/usr/java/jdk1.8.0_181-amd64/jre >> /etc/environment"
Retrieved from "https://wiki.rhomicom.com/index.php?title=CentOS8_-Install_nginx,_Apache,_Redis,_php7.4-fpm,_MySQL,_PostgreSQL&oldid=141"