Showing posts with label centos. Show all posts

Tuesday, March 28, 2023

Note : The list required to install and configure

Checklist to activate hosting server (php, laravel and sql server)

Install Virtualmin
Upgrade PHP8.1 or latest
To connect with Oracle DB - install OCI8
To connect with MSSQL - install ODBC, sqlsrv, pdo_sqlsrv
Install Laravel - install composer, npm, node

# Previous OS Centos 7 and below - install with latest OpenSSL 1.0.2k-fips
# Latest OS Rocky9.1 and above - install with latest OpenSSL 3.0

OpenSSL : Install and Upgrade version

1.Verify the current OpenSSL version

# openssl version

2. Download the latest version OR previous version of OpenSSL

# cd /usr/local/src
# wget https://www.openssl.org/source/openssl-X.X.X.tar.gz
# tar -xvzf openssl-X.X.X.tar.gz

3.Manually compile and install OpenSSL

# cd openssl-1.0.2l
#./config
# make depend
# make
# make test
# make install

4.Move the newly installed OpenSSL binary to the PATH

# mv /usr/bin/openssl /root/
# ln -s /usr/local/ssl/bin/openssl /usr/bin/openssl

5.Verify the newly installed OpenSSL version

#openssl version

source

https://techglimpse.com/upgrade-openssl-linux-tutorial/

Rocky 9 : Install PHP8.3 & PHP-FPM

Install PHP

1.Add the EPEL (Extra Packages for Enterprise Linux) repository

#dnf install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm

2.Add the REMI repository for Rocky Linux 9

#dnf install https://rpms.remirepo.net/enterprise/remi-release-9.2.rpm

3. Install yum utilities.

#dnf -y install yum-utils

4.Verify the list of an available repositories on the Rocky Linux system

#dnf repolist

5.To enable php 8.3 Remi repository.

#dnf module reset php
#dnf module install php:remi-8.3
#dnf update

6.Check available PHP modules on your system

#dnf module list php

7.Install PHP packages

#dnf install php

8.Verify the PHP version

#php --version / -v

9.Install additional PHP extensions

#dnf install php-mcrypt php-{imagick,apcu,geoip,memcached,zstd}

10.Verify all available PHP extensions on your system

#php -m
#php -m | grep imagick

FirewallD: Allow Port or Services

To start / stop firewalld
#systemctl start firewalld OR service firewalld start
#systemctl stop firewalld OR service firewalld stop

1. To allow specific port. Example to allow TCP port 10000, 8080 and 8443

#firewall-cmd --permanent --add-port=10000/tcp
#firewall-cmd --permanent --add-port=8080/tcp
#firewall-cmd --permanent --add-port=8443/tcp
#firewall-cmd --reload

2. To check the port that opened

#firewall-cmd --list-ports

3. To allow spesific service

#firewall-cmd --permanent --add-service=http

4. To check the service that opened

#firewall-cmd --list-services

5. To allow services / port with spesific IP

#firewall-cmd --new-zone=ftp --permanent
#firewall-cmd --reload
#firewall-cmd --get-zones
#firewall-cmd --zone=ftp --add-source=10.X.X.XX --permanent
#firewall-cmd --zone=ftp --add-port=21/tcp --permanent
#firewall-cmd --reload

To remove rules

# firewall-cmd --zone=ftp --remove-source=10.X.X.XX --permanent
# firewall-cmd --reload
# firewall-cmd --zone=ftp --remove-port=21/tcp --permanent
# firewall-cmd --reload
# firewall-cmd --permanent --delete-zone=ftp
# firewall-cmd --reload

6. Firewalld rich rules

# firewall-cmd --permanent –zone=ftp --add-rich-rule='rule family="ipv4" source address="10.24.96.5/20" port protocol="tcp" port="21" accept'

Tomcat : Setup SSL Cetrificate On Tomcat

The step to setup SSL certificate on Tomcat server

a) Requirement

1.The active certificate

intermediate certificate
certificate
private key

2. The Tool

keytool
openssl

Tomcat : Enable auto startup Tomcat service in Centos 7

1. Create file tomcat.service in /usr/lib/systemd/system/

2. Edit file tomcat.service add

[Unit]
Description=tomcat7

[Service]
Type=forking
WorkingDirectory=/usr/local/tomcat7/bin

ExecStart=/bin/bash /usr/local/tomcat7/bin/startup.sh start
ExecStop=/bin/bash /usr/local/tomcat7/bin/shutdown.sh stop

User=root
Group=root

[Install]
WantedBy=multi-user.target

#make sure used exact Tomcat install location

3. Start Tomcat service

#service tomcat start OR #systemctl start tomcat

4. Stop Tomcat service

#service tomcat stop OR #systemctl stop tomcat

Centos : Update Centos 6

Issue : Error: Cannot find a valid baseurl for repo: base

Solutions : To fix this problem you edit /etc/yum.repos.d/CentOS-Base.repo and replace all mirrorlist

1. Go to /etc/yum.repos.d/ directory:

# cd /etc/yum.repos.d/

2. Make copy of original file:

# cp CentOS-Base.repo CentOS-Base.repo.old

3. Open and edit file with any text editor:

# vi CentOS-Base.repo

4. Replace mirrorlist‘s

Replace in sections:

[base]
name=CentOS-$releasever - Base
baseurl=https://vault.centos.org/6.10/os/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6

# released updates
[updates]
name=CentOS-$releasever - Updates
baseurl=https://vault.centos.org/6.10/updates/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6

# additional packages that may be useful
[extras]
name=CentOS-$releasever - Extras
baseurl=https://vault.centos.org/6.10/extras/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6

5. Clean yum cache

# yum clean all

6. Run again yum update command:

# yum update

source : https://secure.subwayhost.com/knowledgebase/14/How-to-fix-YumRepo-Error-and-Cannot-find-valid-baseurl.html

CENTOS : Cleaning up duplicate packages when yum has failed

Solution:

#package-cleanup --cleandupes --removenewestdupes
#yum update

source: https://wiki.centos.org/HowTos/CleaningUpDuplicatePackages

Netdata : Install and configuration in Centos 7

Netdata is FREE tools for monitor everything in real time.

1. Install Netdata

# bash <(curl -Ss https://my-netdata.io/kickstart.sh) all

2. Allow Netdata port in firewall

# firewall-cmd --permanent --add-port=19999/tcp
# firewall-cmd --reload

3. Create Apache.conf to monitor Apache server

vim /etc/netdata/python.d/apache.conf

add this line:

localhost:
        name : 'local'
        url : 'http://localhost/server-status?auto'

localhost:
        name : 'local'
        url : 'http://127.0.0.1/server-status?auto'

4. Restart Netdata

systemctl restart netdata

5. Access the Netdata on browser

http://domain_name:19999

Apache : Enable Mod_Status Module in Apache Centos 7

1. Enable and configure mod_status module in Apache

#vi /etc/httpd/conf.modules.d/00-base.conf
Un-commented to enable mod_status module

2. Once enable the module, need to create a server-status.conf in /etc/httpd/conf.d

#vi /etc/httpd/conf.d/server-status.conf
Add following line:
<Location "/server-status">
SetHandler server-status
</Location>

3.Restart Apache services

# systemctl restart httpd

CENTOS : Install Desktop GUI

1. Install GNOME

#yum -y groups install "GNOME Desktop"

2. Install KDE Desktop Environment

#yum -y groups install "KDE Plasma Workspaces"

3. Install Cinnamon Desktop Environment

# yum -y install epel-release
# sed -i -e "s/\]$/\]\npriority=5/g" /etc/yum.repos.d/epel.repo # set [priority=5]
# sed -i -e "s/enabled=1/enabled=0/g" /etc/yum.repos.d/epel.repo # for another way, change to [enabled=0] and use it only when needed
# yum --enablerepo=epel install [Package] # if [enabled=0], input a command to use the repository
# yum --enablerepo=epel -y install cinnamon*

4. Install MATE Desktop Environment

# yum --enablerepo=epel -y groups install "MATE Desktop"

5. Install Xfce Desktop Environment

# yum -y groupinstall X11
# yum --enablerepo=epel -y groups install "Xfce"

Centos 7 : Extending LVM Volume

1. Check the un-partition disk under Disk GUI on Centos 7 GUI

2. Create and format disk
#fdisk -l
#fdisk -l /dev/sda3
- to format the partition :

- n = create new partition
- p = creates primary partition
- 1 = makes partition the first on the disk

- to prepare the partition to be used by LVM :

- t = change partition type
- 8e = changes to LVM partition type

- verify and write the information to the hard drive:

- p = view partition setup so we can review before writing changes to disk
- w=write changes to disk

3. Check the LVM volume on server
#pvs - show physical volume status
#lvs - show logical volume status
#vgs - show volume group status

4. Used fdisk to create new free partition
#fdisk /dev/sda ,then enter p for print the details partition status

5. Work with new partition create and extend LV volume
#pvcreate /dev/sda3
#vgextend "<volume group name>" /dev/sda3

6. Extend the Logical Volume
#lvextend -L +200G /dev/mapper/centos-home

* if insufficient free space status, please used this

#lvextend -l +100%FREE /dev/mapper/centos-home

7. Use xfs_growfs utility
#xfs_growfs /dev/mapper/centos-home

#resize2fs /dev/mapper/centos-home - in Centos 6

8. Recheck the disk status
#df -h

source :

Centos 7 : Guide to increace /dev/mapper/root on Centos 7

Guide to increace /dev/mapper/root on Centos 7

1. backup all data in /home

- #tar -czvf /root/home.tgz -C /home .
- test backup : #tar -tvf /root/home.tgz

2. unmount home

- #df-h
- #umount /dev/mapper/centos-home

3. remove the home logical volume

- #lvremove /dev/mapper/centos-home

4.recreate a new (400GB) logical volume for /home, format and mount it

- #lvcreate -L 400GB -n home centos
- #mkfs.xfs /dev/centos/home
- #mount /dev/mapper/centos-home

5.extend /root volume with ALL of the remaining space and resize (-r) the file system while doing so

- #lvextend -r -l +100%FREE /dev/mapper/centos-root
- #df -h

6.restore your backup

- #tar -xzvf /root/home.tgz -C /home

Centos 7 : Install Multiple PHP Version (php5.6 and php7.3, php7.4, php8.1)

The guide (refer www.tecmint.com)

1. Installing and enabling the EPEL and Remi repository - offers the latest versions of the PHP stack on CentOS

# yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
# yum install http://rpms.remirepo.net/enterprise/remi-release-7.rpm

2. Install the yum-utils package - which is used to enable or disable Yum repositories on the system

# yum install yum-utils

3. Install different versions of PHP, use yum-config-manager command to install multiple versions of PHP:

Install PHP 8.1 Version

# yum install php81 php-common 
# yum install php81-php-mysql php81-php-fpm php81-php-pecl-memcache php81-php-pecl-memcached php81-php-gd php81-php-mbstring php81-php-mcrypt php81-php-xml php81-php-pecl-apc php81php-cli php81-php-pear php81-php-pdo

Install PHP 7.4 Version

# yum install php74 php-common 
# yum install php74-php-mysql php74-php-fpm php74-php-pecl-memcache php74-php-pecl-memcached php74-php-gd php74-php-mbstring php74-php-mcrypt php74-php-xml php74-php-pecl-apc php74-php-cli php74-php-pear php74-php-pdo

Install PHP 7.3 Version

# yum-config-manager --enable remi-php73  [Default]
# yum install php php-common 
# yum install php-mysql php-fpm php-pecl-memcache php-pecl-memcached php-gd php-mbstring php-mcrypt php-xml php-pecl-apc php-cli php-pear php-pdo

Install PHP 5.6 Version

# yum install php56 php56-php-common 
# yum install php56-php-mysql php56-php-fpm php56-php-pecl-memcache php56-php-pecl-memcached php56-php-gd php56-php-mbstring php56-php-mcrypt php56-php-xml php56-php-pecl-apc php56-php-cli php56-php-pear php56-php-pdo

4. Command to check the default version of PHP

# php -v 
# yum list installed | grep php - list installed

5. The PHP configuration path location :

/etc/php.d/ for PHP7.3
/opt/remi/php56/ for PHP5.6

Repository :

https://rpms.remirepo.net
https://fedoraproject.org/wiki/EPEL

SSL : Disable SSL on Webmin

1. Edit /etc/webmin/miniserv.conf
2. Change value of "ssl" entry from 1 to 0

ssl=1 (enable)
ssl=0 (disable)

3. Restart webmin services # /etc/init.d/webmin restart
4. Restart apache services # /etc/init.d/httpd restart

Centos : Allow two NIC with different subnet

Solution:

Edit /etc/sysctl.conf

# Controls IP packet forwarding

net.ipv4.ip_forward = 1

# Controls source route verification

net.ipv4.conf.default.rp_filter = 2

...

Save and restart server

Source:
http://jensd.be/468/linux/two-network-cards-rp_filter

Centos : Manage LVMs With a GUI

1. Install LVM Gui
#yum install system-config-lvm

2. Lunch LVM Gui
#system-config-lvm

3. Go to Disk Utility

Add new partition

- Create and Mount new partition
- After that un-mount back the new partition

4. Go to LVM Gui back - "initialize entity" the new volume and 'Yes'