tidus2102/gist:d752910155ba77e7ff56f375122de73e

## gistfile1.txt
0.
yum -y install epel-release yum-utils
rpm -Uvh http://rpms.famillecollet.com/enterprise/remi-release-7.rpm
yum-config-manager --enable remi
yum-config-manager --enable remi-php71

yum clean all
yum -y update

nano /etc/selinux/config
==============================
#SELINUX=enforcing
SELINUX=disabled
==============================
reboot

1. Clone source
yum -y install bash-completion gcc nano git zip unzip wget
mkdir /var/www
cd /var/www
git clone ...
cp config
cp nsms.conf
cp nginx.conf
cp opache
cp renew_ssl

Disable git compression
git config --global gc.auto 0


1. Update gzip
wget https://ftp.gnu.org/gnu/gzip/gzip-1.8.tar.xz
tar xvf gzip-1.8.tar.xz
cd gzip-1.8
./configure --prefix=/usr
make
make check
make install
# mv -v /usr/bin/gzip /bin


2. Install NGINX - https://www.nginx.com/resources/wiki/start/topics/tutorials/install/
nano /etc/yum.repos.d/nginx.repo
================================================
[nginx]
name=nginx repo
baseurl=http://nginx.org/packages/centos/$releasever/$basearch/
gpgcheck=0
enabled=1
================================================
yum -y install nginx
systemctl start nginx
systemctl enable nginx
nano /etc/nginx/conf.d/php-fpm.conf
================================================
upstream php-fpm {
        #server 127.0.0.1:9000;
        server unix:/run/php-fpm/www.sock;
}
================================================


Disable firewall
firewall-cmd --permanent --zone=public --add-service=http
firewall-cmd --permanent --zone=public --add-service=https
firewall-cmd --reload


3. Install PHP - https://www.digitalocean.com/community/tutorials/how-to-upgrade-to-php-7-on-centos-7
https://dl.iuscommunity.org/pub/ius/stable/CentOS/7/x86_64/

yum -y install php-fpm php-common php-gd php-mysqlnd php-xml php-mbstring php-mcrypt php-opcache php-cli redis
yum -y install ImageMagick ImageMagick-devel php-devel php-pear
pecl install imagick
#pecl config-set php_ini /etc/php.ini


systemctl start php-fpm
systemctl enable php-fpm
systemctl start redis
systemctl enable redis

nano /etc/php-fpm.d/www.conf
================================================
;listen = 127.0.0.1:9000
listen = /run/php-fpm/www.sock
listen.acl_users = nginx
================================================

nano /etc/php.ini
================================================
short_open_tag = On
date.timezone=UTC
extension=imagick.so
================================================


4. Install MariaDB - https://downloads.mariadb.org/mariadb/repositories
nano /etc/yum.repos.d/mariadb.repo
================================================
[mariadb]
name = MariaDB
baseurl = http://yum.mariadb.org/10.1/centos7-amd64
gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB
gpgcheck=1
================================================
yum -y install MariaDB-server MariaDB-client
systemctl start mariadb
systemctl enable mariadb
mysql_secure_installation

mysql -u root -pPASSWORD
SET time_zone = '+00:00';
SET GLOBAL time_zone = '+00:00';

Allow remote access
GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' IDENTIFIED BY 'PASSWORD' WITH GRANT OPTION;
https://cloud.google.com/solutions/mysql-remote-access


nano /etc/my.cnf.d/server.cnf
================================================
character-set-client-handshake = false
character-set-server = utf8mb4
collation-server = utf8mb4_unicode_ci

innodb_file_format = barracuda
innodb_file_per_table = 1
innodb_large_prefix = 1
================================================
systemctl restart mysql
systemctl restart mariadb


5. NodeJS
curl --silent --location https://rpm.nodesource.com/setup_8.x | sudo bash -
yum -y install nodejs
npm -g install npm
npm -g install yarn
yarn global add bower


6.SSL: https://serversforhackers.com/video/letsencrypt-for-free-easy-ssl-certificates
cd /opt
git clone git@github.com:certbot/certbot.git
cd /opt/certbot
./certbot-auto certonly --webroot -w /var/www/html -d mysportcorner.com,www.mysportcorner.com --non-interactive --agree-tos --email tidus2102@gmail.com


mkdir /etc/nginx/cert
cd /etc/nginx/cert
touch dhparam.pem
openssl dhparam 2048 -out /etc/nginx/cert/dhparam.pem

Auto Renew Cronjob
nano /etc/cron.monthly/renew_ssl
================================================
#!/usr/bin/env bash
cd /opt/certbot
./certbot-auto renew --webroot --noninteractive -w /var/www/nsms --post-hook "systemctl restart nginx"
================================================
chmod u=rwx,go=rx /etc/cron.monthly/renew_ssl
	0.
	yum -y install epel-release yum-utils
	rpm -Uvh http://rpms.famillecollet.com/enterprise/remi-release-7.rpm
	yum-config-manager --enable remi
	yum-config-manager --enable remi-php71

	yum clean all
	yum -y update

	nano /etc/selinux/config
	==============================
	#SELINUX=enforcing
	SELINUX=disabled
	==============================
	reboot

	1. Clone source
	yum -y install bash-completion gcc nano git zip unzip wget
	mkdir /var/www
	cd /var/www
	git clone ...
	cp config
	cp nsms.conf
	cp nginx.conf
	cp opache
	cp renew_ssl

	Disable git compression
	git config --global gc.auto 0


	1. Update gzip
	wget https://ftp.gnu.org/gnu/gzip/gzip-1.8.tar.xz
	tar xvf gzip-1.8.tar.xz
	cd gzip-1.8
	./configure --prefix=/usr
	make
	make check
	make install
	# mv -v /usr/bin/gzip /bin



	2. Install NGINX - https://www.nginx.com/resources/wiki/start/topics/tutorials/install/
	nano /etc/yum.repos.d/nginx.repo
	================================================
	[nginx]
	name=nginx repo
	baseurl=http://nginx.org/packages/centos/$releasever/$basearch/
	gpgcheck=0
	enabled=1
	================================================
	yum -y install nginx
	systemctl start nginx
	systemctl enable nginx
	nano /etc/nginx/conf.d/php-fpm.conf
	================================================
	upstream php-fpm {
	#server 127.0.0.1:9000;
	server unix:/run/php-fpm/www.sock;
	}
	================================================


	Disable firewall
	firewall-cmd --permanent --zone=public --add-service=http
	firewall-cmd --permanent --zone=public --add-service=https
	firewall-cmd --reload


	3. Install PHP - https://www.digitalocean.com/community/tutorials/how-to-upgrade-to-php-7-on-centos-7
	https://dl.iuscommunity.org/pub/ius/stable/CentOS/7/x86_64/

	yum -y install php-fpm php-common php-gd php-mysqlnd php-xml php-mbstring php-mcrypt php-opcache php-cli redis
	yum -y install ImageMagick ImageMagick-devel php-devel php-pear
	pecl install imagick
	#pecl config-set php_ini /etc/php.ini


	systemctl start php-fpm
	systemctl enable php-fpm
	systemctl start redis
	systemctl enable redis

	nano /etc/php-fpm.d/www.conf
	================================================
	;listen = 127.0.0.1:9000
	listen = /run/php-fpm/www.sock
	listen.acl_users = nginx
	================================================

	nano /etc/php.ini
	================================================
	short_open_tag = On
	date.timezone=UTC
	extension=imagick.so
	================================================


	4. Install MariaDB - https://downloads.mariadb.org/mariadb/repositories
	nano /etc/yum.repos.d/mariadb.repo
	================================================
	[mariadb]
	name = MariaDB
	baseurl = http://yum.mariadb.org/10.1/centos7-amd64
	gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB
	gpgcheck=1
	================================================
	yum -y install MariaDB-server MariaDB-client
	systemctl start mariadb
	systemctl enable mariadb
	mysql_secure_installation

	mysql -u root -pPASSWORD
	SET time_zone = '+00:00';
	SET GLOBAL time_zone = '+00:00';

	Allow remote access
	GRANT ALL PRIVILEGES ON . TO 'root'@'%' IDENTIFIED BY 'PASSWORD' WITH GRANT OPTION;
	https://cloud.google.com/solutions/mysql-remote-access


	nano /etc/my.cnf.d/server.cnf
	================================================
	character-set-client-handshake = false
	character-set-server = utf8mb4
	collation-server = utf8mb4_unicode_ci

	innodb_file_format = barracuda
	innodb_file_per_table = 1
	innodb_large_prefix = 1
	================================================
	systemctl restart mysql
	systemctl restart mariadb


	5. NodeJS
	curl --silent --location https://rpm.nodesource.com/setup_8.x \| sudo bash -
	yum -y install nodejs
	npm -g install npm
	npm -g install yarn
	yarn global add bower


	6.SSL: https://serversforhackers.com/video/letsencrypt-for-free-easy-ssl-certificates
	cd /opt
	git clone git@github.com:certbot/certbot.git
	cd /opt/certbot
	./certbot-auto certonly --webroot -w /var/www/html -d mysportcorner.com,www.mysportcorner.com --non-interactive --agree-tos --email tidus2102@gmail.com


	mkdir /etc/nginx/cert
	cd /etc/nginx/cert
	touch dhparam.pem
	openssl dhparam 2048 -out /etc/nginx/cert/dhparam.pem

	Auto Renew Cronjob
	nano /etc/cron.monthly/renew_ssl
	================================================
	#!/usr/bin/env bash
	cd /opt/certbot
	./certbot-auto renew --webroot --noninteractive -w /var/www/nsms --post-hook "systemctl restart nginx"
	================================================
	chmod u=rwx,go=rx /etc/cron.monthly/renew_ssl