Skip to content

Instantly share code, notes, and snippets.

@xuannghia

xuannghia/Initial-Server-CentOS-7.md

Last active October 28, 2020 19:58
Show Gist options
  • Save xuannghia/53fa78df6cf5eb27c9feb1b2e8d0e043 to your computer and use it in GitHub Desktop.
Save xuannghia/53fa78df6cf5eb27c9feb1b2e8d0e043 to your computer and use it in GitHub Desktop.
Download ZIP
Initial Server CentOS 7 - with NGINX, PHP 7.2, MariaDB 10.2, PostgreSQL 10 ,phpMyAdmin 4.8, MongoDB, Redis, Python3.6, NodeJS 10.15.3
Raw
Initial-Server-CentOS-7.md

1. Add Repositories

EPEL repository

sudo yum install -y epel-release

SCLo Software collections Repository

yum -y install centos-release-scl-rh centos-release-scl

Remi repository

rpm -Uvh http://rpms.famillecollet.com/enterprise/remi-release-7.rpm

Nginx repository

rpm -Uvh http://nginx.org/packages/centos/7/noarch/RPMS/nginx-release-centos-7-0.el7.ngx.noarch.rpm

IUS repository

yum install -y https://centos7.iuscommunity.org/ius-release.rpm

yum update

Config Timezone

timedatectl set-timezone Asia/Ho_Chi_Minh
timedatectl

Configuring a Basic Firewall

yum install firewalld
systemctl start firewalld

# add some services
firewall-cmd --permanent --add-service=ssh
firewall-cmd --permanent --add-service=http
firewall-cmd --permanent --add-service=https
firewall-cmd --permanent --add-service=smtp

firewall-cmd --reload

systemctl enable firewalld

Some command usefull

firewall-cmd --permanent --add-port=4444/tcp
firewall-cmd --permanent --remove-port=4444/tcp
firewall-cmd --get-services
firewall-cmd --permanent --list-all

SELinux

# List port http
semanage port -l | grep http_port_t
# Add port
semanage port -a -t http_port_t  -p tcp 8090
# Remove port
semanage port -d -t http_port_t  -p tcp 8090

Compiler

yum -y install gcc gcc-c++ wget

2. Create new User "cent"

Create and add to wheel group

adduser cent
passwd cent
gpasswd -a cent wheel

Add ssh key

su - cent
mkdir .ssh
chmod 700 .ssh
vi .ssh/authorized_keys
# -> Paste public key and save
chmod 600 .ssh/authorized_keys
exit
systemctl reload sshd

3. GIT

Install GIT

yum install -y git

Check your git version

git --version

Config

git config --global user.name "Your Name"
git config --global user.email "you@example.com"

4. Install NGINX

Install

yum --enablerepo=epel -y install nginx

Optimize nginx

systemctl start nginx.service
systemctl enable nginx.service

Start & Enable nginx

systemctl start nginx.service
systemctl enable nginx.service

5. Install PHP 7.3

Install PHP, PHP-FPM and some module

yum --enablerepo=remi,remi-php73 install -y php php-fpm php-cli php-mysqlnd php-zip php-devel php-gd php-common php-pear php-mbstring php-mcrypt php-pdo php-curl php-xml php-pear php-bcmath php-json

Load environment variables to use

scl enable php73 bash

Use php -v to check result:

PHP 7.3.4 (cli) (built: Apr  2 2019 13:48:50) ( NTS )
Copyright (c) 1997-2018 The PHP Group
Zend Engine v3.3.4, Copyright (c) 1998-2018 Zend Technologies

Config PHP-FPM

vi /etc/php-fpm.d/www.conf

Change user = apache to user = nginx and group = apache to group = nginx

Config php.ini

vi /etc/php.ini

Change upload_max_filesize and post_max_size (change xx to size you want):

upload_max_filesize = xxM
...
post_max_size = xxM

Stop HTTPD default, Start & Enable PHP-FPM

systemctl stop httpd.service
systemctl disable httpd.service
systemctl start php-fpm.service
systemctl enable php-fpm.service

Config default NGINX to run PHP

vi /etc/nginx/conf.d/default.conf

Change content to (change example.com to your domain or ip, xx to size you want)

client_max_body_size xxM;
server {
    listen       80;
    server_name example.com;

    location / {
        root   /usr/share/nginx/html;
        index index.php index.html index.htm;
        try_files $uri $uri/ /index.php?q=$uri&$args;
    }

    error_page  404              /404.html;
    location = /404.html {
        root   /usr/share/nginx/html;
    }

    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
        root   /usr/share/nginx/html;
    }

    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
    #
    location ~ \.php$ {
        root           /usr/share/nginx/html;
        fastcgi_pass   127.0.0.1:9000;
        fastcgi_index  index.php;
        fastcgi_param  SCRIPT_FILENAME   $document_root$fastcgi_script_name;
        include        fastcgi_params;
    }
}

Restart Nginx

systemctl restart nginx.service

6. Install MariaDB 10.2

Install from SCLo

sudo yum --enablerepo=centos-sclo-rh -y install rh-mariadb102-mariadb-server

Load environment variables to use

scl enable rh-mariadb102 bash

Use mysql -V to check result:

mysql -V

# mysql Ver 15.1 Distrib 10.2.8-MariaDB, for Linux (x86_64) using EditLine wrapper

Enable when login

vi /etc/profile.d/rh-mariadb102.sh

"rh-mariadb102.sh" content:

# create new

#!/bin/bash

source /opt/rh/rh-mariadb102/enable
export X_SCLS="`scl enable rh-mariadb102 'echo $X_SCLS'`"

Enable MariaDB 10.2 and configure initial settings.

vi /etc/opt/rh/rh-mariadb102/my.cnf.d/mariadb-server.cnf

Add follows into [mysqld] section:

[mysqld]
character-set-server=utf8

Start & Enable

systemctl start rh-mariadb102-mariadb 
systemctl enable rh-mariadb102-mariadb

Initial and setup root password

mysql_secure_installation

Forgot Password?

systemctl stop rh-mariadb102-mariadb
systemctl set-environment MYSQLD_OPTS="--skip-grant-tables"
systemctl start rh-mariadb102-mariadb
mysql -u root
# In Mysql command
> USE mysql;
> UPDATE user SET password=PASSWORD('newPassword') WHERE User='root' AND Host = 'localhost';
> exit
systemctl stop rh-mariadb102-mariadb
systemctl unset-environment MYSQLD_OPTS
systemctl start rh-mariadb102-mariadb

7. Install phpMyAdmin

sudo yum --enablerepo=remi,remi-php73 install -y php-mysqlnd phpMyAdmin

Link to /usr/share/nginx/html

sudo ln -s /usr/share/phpMyAdmin /usr/share/nginx/html

Change chown folder /var/lib/php/session from apache to nginx

chown -R nginx:nginx /var/lib/php/session

Restart PHP-FPM

systemctl restart php-fpm.service

8. Install PostgreSQL 10

Install Postgres 10

yum --enablerepo=centos-sclo-rh -y install rh-postgresql10-postgresql-server

load environment variables

scl enable rh-postgresql10 bash

Enable when login

vi /etc/profile.d/rh-postgresql10.sh

"rh-postgresql10.sh" content

# create new

#!/bin/bash

source /opt/rh/rh-postgresql10/enable
export X_SCLS="`scl enable rh-postgresql10 'echo $X_SCLS'`"

Setup Postgres

Create a new PostgreSQL database cluster

postgresql-setup --initdb --unit rh-postgresql10-postgresql

Start & Enable Postgres

systemctl start rh-postgresql10-postgresql 
systemctl enable rh-postgresql10-postgresql

Create User Database

su - postgres
Add db user 'cent'
createuser cent
Create db 'testdb' with owner is 'cent'
createdb testdb -O cent

Login & Set password

# Login as cent user
root$ su cent
# List database
cent$ psql -l
# Select db & Set password
cent$ psql testdb
testdb=# alter user cent with password 'password';
# => ALTER ROLE

Setup pg_hba.conf to access with password

vi /var/opt/rh/rh-postgresql102/lib/pgsql/data/pg_hba.conf 

# line 82: change like follows and add access permission
host    all             all             127.0.0.1/32            md5
host    all             all             10.0.0.0/24             md5
host    all             all             ::1/128                 md5

8. Install MongoDB 4

Add MongoDB Repository

sudo vi /etc/yum.repos.d/mongodb-org-4.0.repo

Change content to:

[mongodb-org-4.0]
name=MongoDB Repository
baseurl=https://repo.mongodb.org/yum/redhat/$releasever/mongodb-org/4.0/x86_64/
gpgcheck=1
enabled=1
gpgkey=https://www.mongodb.org/static/pgp/server-4.0.asc

Save and close the file. Use yum repolist to check, content will be like this:

...
mongodb-org-4.0/7       MongoDB Repository          5
...

Install MongoDB package

sudo yum install -y mongodb-org

Start & Enable MongoDB service with the systemctl utility:

sudo systemctl start mongod
sudo systemctl enable mongod

9. Install Redis

sudo yum install redis -y

Start & Enable Redis service with the systemctl utility:

sudo systemctl start redis.service
sudo systemctl enable redis

Check Redis status

sudo systemctl status redis.service

Ping Redis

redis-cli ping

10. Install Python3.6

!!! Required IUS Repo

yum install -y python36u python36u-libs python36u-devel python36u-pip

Check verion

python3.6 -V
pip3.6 -V

11. NodeJS 10.15.3

curl -sL https://rpm.nodesource.com/setup_10.x | sudo bash -

yum info nodejs
###
#Arch        : x86_64
#Epoch       : 2
#Version     : 10.15.3
#Release     : 1nodesource
#Size        : 53 M
###

yum install -y nodejs

node --version
# v10.15.3
npm --version
# 6.4.1
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment