Install nginx
sudo dnf update
sudo dnf install nginx mod_ssl
sudo systemctl start nginx
TEST
curl -4 https://your_url
SSL
openssl req -new -newkey rsa:4096 -nodes -keyout rho-demo.key -out rho-demo.csr #(Copy and send .csr file content to Certificate Authority)
mkdir -p /etc/pki/nginx
mkdir -p /etc/pki/nginx/private
openssl req -newkey rsa:4096 -nodes -keyout /etc/pki/nginx/private/server.key -x509 -days 365 -out /etc/pki/nginx/server.crt -subj "/C=GH/ST=Greater Accra/L=Accra/O=Rhomicom Demo/OU=IT/CN=*.rhomicom.com/[email protected]"
openssl dhparam -out /etc/pki/nginx/dhparam.pem 4096
nano /etc/nginx/nginx.conf #(# Add DH parameters
ssl_dhparam /etc/pki/nginx/dhparam.pem;)
nginx -t
systemctl restart nginx
Install Letsencrypt
dnf install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
# (for centos 8) dnf config-manager --set-enabled PowerTools
sudo dnf install certbot python3-certbot-nginx
OR dnf install certbot python3-certbot-apache
certbot --version
certbot --nginx
OR certbot --apache
certbot renew
certbot certificates
certbot certonly --apache
certbot certonly --nginx
echo "0 0,12 * * * root python3 -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew -q" | sudo tee -a /etc/crontab > /dev/null
Or Install Apache
yum -y install httpd httpd-tools mod_ssl
sudo systemctl status httpd
sudo systemctl start httpd.service
sudo systemctl enable httpd.service
Install firewalld
sudo yum install firewalld
sudo systemctl start firewalld
sudo systemctl enable firewalld
sudo systemctl status firewalld
sudo firewall-cmd --permanent --add-service=http
sudo firewall-cmd --permanent --add-service=https
sudo firewall-cmd --permanent --list-all
sudo firewall-cmd --reload
nano /etc/firewalld/firewalld.conf
# AllowZoneDrifting=no
SELinux Permissions
setsebool -P httpd_can_network_connect 1
setsebool -P httpd_execmem 1
setsebool -P httpd_setrlimit 1
setsebool -P httpd_can_sendmail 1
setsebool -P allow_httpd_mod_auth_pam 1
setsebool -P httpd_mod_auth_pam 1
setsebool -P httpd_read_user_content 1
setsebool -P httpd_run_stickshift 1
setsebool -P httpd_enable_cgi 1
setsebool -P httpd_unified 1
setsebool -P httpd_enable_homedirs 1
Install MySQL
sudo dnf install mysql-server
sudo systemctl start mysqld
sudo systemctl enable mysqld
sudo mysql_secure_installation
sudo grep 'temporary password' /var/log/mysqld.log
mysql -u [user] -p
create database [database_name];
mysql -u [new_user] -p [database_name] < [file_name].sql
mysql -u root -p rhomicom < rhomicom.sql
#Backup of all databases
mysqldump -u [user] -p all-databases > [file_name].sql
INSTALL REDIS
dnf module install redis
sysctl vm.overcommit_memory=1 (# nano /etc/sysctl.conf)
echo never > /sys/kernel/mm/transparent_hugepage/enabled
systemctl start redis
systemctl enable redis
systemctl status redis
ss -tlpn
redis-cli (#PING -> PONG)
INSTALL PHP
sudo dnf install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
sudo dnf install https://rpms.remirepo.net/enterprise/remi-release-8.rpm
sudo dnf install dnf-utils
sudo dnf module list php
sudo dnf module install php:remi-7.4
sudo dnf install -y php-fpm php-cli php-common php-zip php-gd php-mcrypt php-mbstring php-curl php-xml php-pear php-bcmath php-json php-pdo php-mysqlnd php-pgsql
sudo dnf install php-fpm php-opcache php-openssl php-curl php-cli php-common php-zip php-gd php-xml php-pear php-bcmath php-json php-pdo php-mysqlnd php-pgsql php-mbstring php-soap php-sockets php-pecl-apcu php-json php-ctype php-dom php-exif php-mysqli php-iconv php-fileinfo
php -v
sudo nano /etc/php.ini #Add cgi.fix_pathinfo=0
max_execution_time = 600
max_input_time = 600
disable_functions =exec,passthru,shell_exec,system,proc_open,popen,curl_multi_exec,parse_ini_file,show_source,phpinfo,apache_child_terminate,apache_setenv,define_syslog_variables, eval, ftp_connect, ftp_exec, ftp_get, ftp_login, ftp_nb_fput, ftp_put, ftp_raw, ftp_rawlist,highlight_file,ini_alter,ini_get_all,ini_restore,inject_code,mysql_pconnect,openlog,phpAds_remoteInfo,phpAds_XmlRpc,phpAds_xmlrpcDecode,phpAds_xmlrpcEncode,posix_kill,posix_mkfifo,posix_setpgid,posix_setsid,posix_setuid,posix_setuid,posix_uname,proc_close,proc_get_status,proc_nice,proc_terminate,syslog,xmlrpc_entity_decode,curl_exec
sudo nano /etc/php-fpm.d/www.conf
sudo nano /etc/php-fpm.d/www.conf #(Change user and group to nginx)
sudo systemctl start php-fpm
systemctl status php-fpm.service
sudo systemctl restart nginx
nano /etc/php.ini
# session.save_handler = redis
# session.save_path = tcp://127.0.0.1:6379
nano /etc/php-fpm.d/www.conf
# php_value[session.save_handler] = redis
# php_value[session.save_path] = tcp://127.0.0.1:6379
Install PostgreSQL
dnf module list postgresql
sudo dnf module enable postgresql:12
sudo dnf install postgresql-server
sudo postgresql-setup --initdb
sudo systemctl start postgresql
sudo systemctl enable postgresql
su - postgres -c "psql"
\password postgres
systemctl restart postgresql
cd /var/lib/pgsql/data/
nano pg_hba.conf
nano postgresql.conf
INSTALL WEBMIN
yum -y install perl-Digest-Perl-MD5
yum -y install perl-Digest-MD5
yum -y install perl-DBD-Pg
nano /etc/yum.repos.d/webmin.repo
[Webmin]
name=Webmin Distribution Neutral
#baseurl=http://download.webmin.com/download/yum
mirrorlist=http://download.webmin.com/download/yum/mirrorlist
enabled=1
wget http://www.webmin.com/jcameron-key.asc
rpm --import jcameron-key.asc
yum -y update
yum -y install webmin
service webmin start
chkconfig webmin on
sudo firewall-cmd --zone=public --add-port=10000/tcp --permanent
sudo firewall-cmd --reload
INSTALL JAVA
sudo dnf install java-11-openjdk-devel
#OPEN JRE
sudo yum -y install java-1.8.0-openjdk
#OPEN JDK
sudo yum -y install java-1.8.0-openjdk-devel
#ORACLE JDK -- AFTER DOWNLOAD
sudo yum localinstall jdk-8u181-linux-x64.rpm
java -version
sudo alternatives --config java
sudo sh -c "echo export JAVA_HOME=/usr/java/jdk1.8.0_181-amd64/jre >> /etc/environment"
INSTALL FONTS
sudo yum -y install wkhtmltopdf;
yum -y install curl cabextract xorg-x11-font-utils fontconfig
rpm -i http://mirror.centos.org/centos/8/AppStream/x86_64/os/Packages/libmspack-0.7-0.3.alpha.el8.4.x86_64.rpm
rpm -i https://pkgs.dyn.su/el8/base/x86_64/cabextract-1.9-2.el8.x86_64.rpm
rpm -i https://downloads.sourceforge.net/project/mscorefonts2/rpms/msttcore-fonts-installer-2.6-1.noarch.rpm
rpm -i msttcore-fonts-installer-2.6-1.noarch.rpm
rpm -i http://li.nux.ro/download/nux/dextop/el7/x86_64/webcore-fonts-3.0-1.noarch.rpm
dnf install xorg-x11-fonts-misc
fc-cache -f -v
sudo cp -r ~/Downloads/fonts /usr/share/fonts/truetype/
#Font files should have the permission of 644 and the containing folder should have 755
sudo apt-get install font-manager