Created
November 10, 2017 09:52
-
-
Save tidus2102/d752910155ba77e7ff56f375122de73e to your computer and use it in GitHub Desktop.
CentOS 7 PHP Deployment
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
0. | |
yum -y install epel-release yum-utils | |
rpm -Uvh http://rpms.famillecollet.com/enterprise/remi-release-7.rpm | |
yum-config-manager --enable remi | |
yum-config-manager --enable remi-php71 | |
yum clean all | |
yum -y update | |
nano /etc/selinux/config | |
============================== | |
#SELINUX=enforcing | |
SELINUX=disabled | |
============================== | |
reboot | |
1. Clone source | |
yum -y install bash-completion gcc nano git zip unzip wget | |
mkdir /var/www | |
cd /var/www | |
git clone ... | |
cp config | |
cp nsms.conf | |
cp nginx.conf | |
cp opache | |
cp renew_ssl | |
Disable git compression | |
git config --global gc.auto 0 | |
1. Update gzip | |
wget https://ftp.gnu.org/gnu/gzip/gzip-1.8.tar.xz | |
tar xvf gzip-1.8.tar.xz | |
cd gzip-1.8 | |
./configure --prefix=/usr | |
make | |
make check | |
make install | |
# mv -v /usr/bin/gzip /bin | |
2. Install NGINX - https://www.nginx.com/resources/wiki/start/topics/tutorials/install/ | |
nano /etc/yum.repos.d/nginx.repo | |
================================================ | |
[nginx] | |
name=nginx repo | |
baseurl=http://nginx.org/packages/centos/$releasever/$basearch/ | |
gpgcheck=0 | |
enabled=1 | |
================================================ | |
yum -y install nginx | |
systemctl start nginx | |
systemctl enable nginx | |
nano /etc/nginx/conf.d/php-fpm.conf | |
================================================ | |
upstream php-fpm { | |
#server 127.0.0.1:9000; | |
server unix:/run/php-fpm/www.sock; | |
} | |
================================================ | |
Disable firewall | |
firewall-cmd --permanent --zone=public --add-service=http | |
firewall-cmd --permanent --zone=public --add-service=https | |
firewall-cmd --reload | |
3. Install PHP - https://www.digitalocean.com/community/tutorials/how-to-upgrade-to-php-7-on-centos-7 | |
https://dl.iuscommunity.org/pub/ius/stable/CentOS/7/x86_64/ | |
yum -y install php-fpm php-common php-gd php-mysqlnd php-xml php-mbstring php-mcrypt php-opcache php-cli redis | |
yum -y install ImageMagick ImageMagick-devel php-devel php-pear | |
pecl install imagick | |
#pecl config-set php_ini /etc/php.ini | |
systemctl start php-fpm | |
systemctl enable php-fpm | |
systemctl start redis | |
systemctl enable redis | |
nano /etc/php-fpm.d/www.conf | |
================================================ | |
;listen = 127.0.0.1:9000 | |
listen = /run/php-fpm/www.sock | |
listen.acl_users = nginx | |
================================================ | |
nano /etc/php.ini | |
================================================ | |
short_open_tag = On | |
date.timezone=UTC | |
extension=imagick.so | |
================================================ | |
4. Install MariaDB - https://downloads.mariadb.org/mariadb/repositories | |
nano /etc/yum.repos.d/mariadb.repo | |
================================================ | |
[mariadb] | |
name = MariaDB | |
baseurl = http://yum.mariadb.org/10.1/centos7-amd64 | |
gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB | |
gpgcheck=1 | |
================================================ | |
yum -y install MariaDB-server MariaDB-client | |
systemctl start mariadb | |
systemctl enable mariadb | |
mysql_secure_installation | |
mysql -u root -pPASSWORD | |
SET time_zone = '+00:00'; | |
SET GLOBAL time_zone = '+00:00'; | |
Allow remote access | |
GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' IDENTIFIED BY 'PASSWORD' WITH GRANT OPTION; | |
https://cloud.google.com/solutions/mysql-remote-access | |
nano /etc/my.cnf.d/server.cnf | |
================================================ | |
character-set-client-handshake = false | |
character-set-server = utf8mb4 | |
collation-server = utf8mb4_unicode_ci | |
innodb_file_format = barracuda | |
innodb_file_per_table = 1 | |
innodb_large_prefix = 1 | |
================================================ | |
systemctl restart mysql | |
systemctl restart mariadb | |
5. NodeJS | |
curl --silent --location https://rpm.nodesource.com/setup_8.x | sudo bash - | |
yum -y install nodejs | |
npm -g install npm | |
npm -g install yarn | |
yarn global add bower | |
6.SSL: https://serversforhackers.com/video/letsencrypt-for-free-easy-ssl-certificates | |
cd /opt | |
git clone git@github.com:certbot/certbot.git | |
cd /opt/certbot | |
./certbot-auto certonly --webroot -w /var/www/html -d mysportcorner.com,www.mysportcorner.com --non-interactive --agree-tos --email tidus2102@gmail.com | |
mkdir /etc/nginx/cert | |
cd /etc/nginx/cert | |
touch dhparam.pem | |
openssl dhparam 2048 -out /etc/nginx/cert/dhparam.pem | |
Auto Renew Cronjob | |
nano /etc/cron.monthly/renew_ssl | |
================================================ | |
#!/usr/bin/env bash | |
cd /opt/certbot | |
./certbot-auto renew --webroot --noninteractive -w /var/www/nsms --post-hook "systemctl restart nginx" | |
================================================ | |
chmod u=rwx,go=rx /etc/cron.monthly/renew_ssl |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment