CentOS8 -Install nginx, Apache, Redis, php7.4-fpm, MySQL, PostgreSQL

From Rhomicom Wiki
Revision as of 11:38, 30 January 2021 by Admin (talk | contribs) (Created page with "{{DISPLAYTITLE:CentOS8 -Install nginx, Apache, Redis, php7.4-fpm, MySQL, PostgreSQL}} == nginx == sudo dnf update sudo dnf install nginx mod_ssl sudo systemctl start ngi...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

nginx

 sudo dnf update
 sudo dnf install nginx mod_ssl
 sudo systemctl start nginx

TEST

 curl -4 ec2-3-123-2-191.eu-central-1.compute.amazonaws.com

SSL

 openssl req -new -newkey rsa:4096 -nodes -keyout rho-demo.key -out rho-demo.csr #(Copy and send .csr file content to Certificate Authority)

 mkdir -p /etc/pki/nginx
 mkdir -p /etc/pki/nginx/private
 openssl req -newkey rsa:4096 -nodes -keyout /etc/pki/nginx/private/server.key -x509 -days 365 -out /etc/pki/nginx/server.crt -subj "/C=GH/ST=Greater Accra/L=Accra/O=Rhomicom Demo/OU=IT/CN=*.rhomicom.com/[email protected]"
 openssl dhparam -out /etc/pki/nginx/dhparam.pem 4096
 nano /etc/nginx/nginx.conf #(# Add DH parameters
       ssl_dhparam /etc/pki/nginx/dhparam.pem;)
 nginx -t
 systemctl restart nginx

Letsencrypt

 dnf install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
 # (for centos 8) dnf config-manager --set-enabled PowerTools
 sudo dnf install certbot python3-certbot-nginx
 OR dnf install certbot python3-certbot-apache

 certbot --version
 certbot --nginx
 OR certbot --apache

 certbot renew
 certbot certificates
 certbot certonly --apache
 certbot certonly --nginx

 echo "0 0,12 * * * root python3 -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew -q" | sudo tee -a /etc/crontab > /dev/null

Or Apache

 sudo dnf install httpd httpd-tools mod_ssl
 sudo systemctl enable httpd
 sudo systemctl start httpd

firewalld

 sudo yum install firewalld
 sudo systemctl start firewalld
 sudo systemctl enable firewalld
 sudo systemctl status firewalld

 sudo firewall-cmd --permanent --add-service=http
 sudo firewall-cmd --permanent --add-service=https
 sudo firewall-cmd --permanent --list-all
 sudo firewall-cmd --reload

 nano /etc/firewalld/firewalld.conf
 # AllowZoneDrifting=no

SELinux

 setsebool -P httpd_can_network_connect 1
 setsebool -P httpd_execmem 1
 setsebool -P httpd_setrlimit 1
 setsebool -P httpd_can_sendmail 1
 setsebool -P allow_httpd_mod_auth_pam 1
 setsebool -P httpd_mod_auth_pam 1
 setsebool -P httpd_read_user_content 1
 setsebool -P httpd_run_stickshift 1
 setsebool -P httpd_enable_cgi 1
 setsebool -P httpd_unified 1
 setsebool -P httpd_enable_homedirs 1

MariaDB

 sudo dnf install mariadb-server
 sudo systemctl start mariadb
 sudo systemctl enable mariadb

 sudo mysql_secure_installation #(Set Root Password and disable test and insecure features)

 sudo mysql -p #(Use \q to quit)
 CREATE DATABASE rho_database;
 GRANT ALL ON rho_database.* TO 'root'@'localhost' IDENTIFIED BY 'password' WITH GRANT OPTION;
 FLUSH PRIVILEGES;

REDIS

 dnf module install redis
 
 sysctl vm.overcommit_memory=1 (# nano /etc/sysctl.conf)
 echo never > /sys/kernel/mm/transparent_hugepage/enabled

 systemctl start redis
 systemctl enable redis
 systemctl status redis
 ss -tlpn
 redis-cli (#PING -> PONG)

PHP

 sudo dnf module list php
 sudo dnf module install php:7.4 #(use dnf module reset php to reset if necessary before running command)
 sudo dnf install php-fpm php-opcache php-openssl php-curl php-cli php-common php-zip php-gd php-xml php-pear php-bcmath php-json php-pdo php-mysqlnd php-pgsql php-mbstring  php-soap php-sockets php-pecl-apcu php-json php-ctype php-dom php-exif php-mysqli php-iconv php-fileinfo

 sudo nano /etc/php-fpm.d/www.conf  #(Change user and group to nginx)
 sudo systemctl start php-fpm
 systemctl status php-fpm.service
 sudo systemctl restart nginx

 nano /etc/php.ini
  # session.save_handler = redis
  # session.save_path = tcp://127.0.0.1:6379
 nano /etc/php-fpm.d/www.conf
  # php_value[session.save_handler] = redis
  # php_value[session.save_path]    = tcp://127.0.0.1:6379

PostgreSQL

 dnf install https://download.postgresql.org/pub/repos/yum/reporpms/EL-8-x86_64/pgdg-redhat-repo-latest.noarch.rpm
 dnf update
 dnf install postgresql11-server postgresql11  postgresql11-contrib
 systemctl start postgresql
 systemctl enable postgresql
 systemctl status postgresql

 /usr/bin/postgresql-setup --initdb
 passwd postgres
 su - postgres
 psql -c "ALTER USER postgres WITH PASSWORD 'adminpasswdhere123';"
 OR \password
 
 tree -L 1 /var/lib/pgsql/data/
 nano /var/lib/pgsql/data/pg_hba.conf
  #host    all             all         127.0.0.1/32            md5
  #host    all             all		::1/128                 md5
 systemctl reload postgresql
 su - postgres
 psql
Retrieved from "https://wiki.rhomicom.com/index.php?title=CentOS8_-Install_nginx,_Apache,_Redis,_php7.4-fpm,_MySQL,_PostgreSQL&oldid=132"