Skip to content

Instantly share code, notes, and snippets.

@jbaranski jbaranski/CentOS.md

Created Aug 1, 2020
Embed
What would you like to do?
New CentOS 8 Server

This post is an evolving draft...

Initial setup (less verbose version of this article)

# Run updates
yum update
yum install nano
# Change root password
passwd root
# Add non-root user
adduser username
passwd username
# Allow user to run as root (su/sudo)
usermod -aG wheel username
# Setup firewall
dnf install firewalld -y
systemctl start firewalld
firewall-cmd --permanent --list-all
firewall-cmd --get-services
firewall-cmd --permanent --add-service=http
firewall-cmd --permanent --add-service=https
# Allow another port other than 80/443
firewall-cmd --zone=public --add-port=8080/tcp --permanent
firewall-cmd --zone=public --add-port=8443/tcp --permanent
firewall-cmd --zone=public --list-ports
firewall-cmd --reload
# Allow new user to login via SSH
rsync --archive --chown=username:username ~/.ssh /home/username
# Allow a user to run sudo without password prompt
visudo # Enter this after running command --> username ALL=(ALL) NOPASSWD:ALL
# Install OpenJDK and Maven
yum install java-11-openjdk-devel
java -version
javac -version
which java
which javac
yum install maven
# Set JAVA_HOME and make sure Maven uses proper version of Java
update-alternatives --config javac
update-alternatives --config java
which java
update-alternatives --display java
nano /etc/profile
export JAVA_HOME=<java path> # add to bottom of file
echo $JAVA_HOME
mvn -v

For manual certificate generation, follow [this Certbot article] (https://certbot.eff.org/lets-encrypt/centos6-other).

# List known certifactes
certbot-auto certificates
# Convert to Java / Spring Boot compatible format
openssl pkcs12 -export -in fullchain.pem -inkey privkey.pem -out keystore.p12 -name tomcat -CAfile chain.pem -caname root

Install httpd (less verbose version of this article):

# Initial install
yum install httpd
systemctl start httpd
systemctl status httpd
hostname -I
curl -4 icanhazip.com
# Virtual hosts
mkdir -p /var/www/example.com/html
mkdir -p /var/www/example.com/log
chown -R $USER:$USER /var/www/example.com/html
chown -R $USER:$USER /var/www/example.com/log
chmod -R 755 /var/www
# Save dummy index.html
# Save virtual host config in conf.d directory
cat /var/www/example.com/html/index.html
cat /etc/httpd/conf.d/example.com.conf
setsebool -P httpd_unified 1
ls -dZ /var/www/example.com/log/
semanage fcontext -a -t httpd_log_t "/var/www/example.com/log(/.*)?"
restorecon -R -v /var/www/example.com/log
systemctl restart httpd
# Make sure the access and error log exists
ls -lZ /var/www/example.com/log
# TODO: Redirect apex domain to www subdomain with Apache rewrite rule
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.