blog

Started a new job

Hello there!

Just stopping by to say I started a new full-time developer job near Ljubljana at HS Plus d.o.o., company that runs e-commerce sites in more then 12 EU contries. My own company is still alive but due to work requirements, I won’t be able to do as many projects for now, at least until I get on top of my new job. Feel free to contact me if you have work to be done and we will see, if it’s possible for me to do it in reasonable time.

Until next time.

CentOS 7 + Webmin

Hello there!

Today I will demonstrate how to prepare server running on CentOS 7 for development purposes. I will only repeat steps that I have already done so they might not work for every possible configuration/instance out there.

I am using time4vps.eu as a hosting provider for all live VPS servers. I mostly use Linux but have used Windows before as well. Service is great, prices are fair and in 3 years not a single provider-side incident accurred.

In hosting dashboard there are couple quick install options available that I use when setting up new environments. They work and they save time.

So, I chose CentOS 7 + Webmin. CentOS 7 is the latest major release of this distribution, that was derived from RedHat OS (bought by IBM in 2018). Webmin is a web-based system configuration tool that works well with CentOS. Also, cPanel (which I also like a lot) costs 300$ per year, so no, thanks.

Anyway, main chapters of this post:
– Virtualmin post-install wizard,
– new admin user,
– public key authentication for SSH,
– disable root SSH access,
– new virtual server,
– Install PHP 7,
– Update all packages,
– create and config swap.

Complete Virtualmin post-install wizard

Straightforward process. I used the following options based on my desires:
– Preload Virtualmin libraries – YES,
– Email domain lookup server – YES,
– ClamAV server scanner – NO,
– SpamAssasin filter – NO,
– MySQL database server – YES,
– PostgreSQL server – NO,
– Set MySQL password – NO (I change it later via console),
– MySQL configuration size – Large 1 GB,
– Setting nameserver – OFC,
– Password storage mode – only hashed passwords.

That is it. Re-check and refresh configuration and make sure everything looks good. Also I turned off BIND DNS domain under “Features and plugins” section because I manage DNS on a different server.

Create new user

Login via SSH.

ssh root@your-ip

adduser matic

passwd matic

gpasswd -a wheel matic

Config public key authentication for SSH

This provides better security compared to basic password authentication.

On your local machine run:

ssh-keygen

Hit enter or assign new name. Then enter password to protect your key from unauthorized use.

This command creates a private key and a public key. The private key stays on your local and the public key must be uploaded to the server.

The fastest way to add public key to server is via this command:

ssh-copy-id matic@your-ip

After you enter password, your public key will be saved in remote user home directory at .ssh/authorized_keys. Check that the .ssh folder has permissions 600.

Now you can login to your server without providing an admin password or even without a password at all, if you didn’t set password for private key. Anyway, much better than basic password authentication.

Disable SSH root login

This is generally more secure because we can now connect to the server with a newly created administrator account.

vi /etc/ssh/sshd_config

Now find the line that looks like this:

# PermitRootLogin yes

Now replace “yes” with “no”.

For new configuration to take effect, we need to restart SSH service:

systemctl reload sshd

You can test if this works by logging out and try to connect again with the root account. Connection should be refused by server.

Create new virtual server

Creating a new virtual server is a straightforward process. Navigate to Virtualmin tab, then select option “Create new virtual server”.

Enter domain name, to which server should bind to, a description is also recommended for more clarity, if you use couple of instances.

The best practice is that you create a new user and unique password for every instance. It depends on what you want to do with this virtual server, but other options can be left as they are.

Update all packages

Before we do any further customizations it’s recommended that you update all packages and dependencies that server uses.

CentOS uses “yum” command in most cases.

To show all installed and available packages, enter following command:

yum list all

If you want to know all dependecises for specific package:

yum deplist

In order to see list of all available updates, enter:

yum check-update

To update all enter this command:

yum check-update

In order to be able to perform update, you should run command with “sudo” and confirm changes with “y”.

Install PHP 7

If your application requires PHP in order to run it’s recommended to use PHP 7 over PHP 5, because it provides significantly better performance and security.

First, add Fedora repository to repository list:

yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm

Next, check if “yum-utils” are already installed, otherwise install it:

yum install yum-utils

In order to use PHP 7.2, enter the following command:

yum-config-manager --enable remi-php72

Now install some core PHP extensions:

yum install php php-mcrypt php-cli php-gd php-curl php-mysql php-ldap php-zip php-fileinfo

Now check, if changes took effect by:

php -v

This should show which version of PHP is active.

Create and config swap

Swap can help extend system memory by saving temporary data on disk. Here is how you can set it up.

Navigate to root path on your server and define swap file. I recommend twice the size of your system RAM. “/swapfile” is the name of the file, to which system will write.

sudo fallocate -l 8G /swapfile

Now restrict file access, so other users can’t read it.

sudo chmod 600 /swapfile

Now tell the system where swap file is located:

sudo mkswap /swapfile

Now tell system, that it can use file as swap:

sudo swapon /swapfile

This changes only last until system reboots. To make changes permanent, use the following command:

sudo sh -c 'echo "/swapfile none swap sw 0 0" >> /etc/fstab'

Where to go from here

These are the basic steps to set up your development environment. There are lots of extra things you could do, but are specific to your goals.

Here are some things you could do going forward:
– Customize firewall rules,
– Change PHP variables,
– Create new Webmin user,
– Setup SSL certificate,
– Change Mysql root password (recommended!) and create new user,
– Customize email server,
– Install git and/or other tools,
– Etc..

This is it. Whole process should take less then 20 min, mostly depending on the speed of your server internet connection.

Feel free to message me if you have any questions or want to recommend any extra chapters in this quick guide. Contact me via contact form (comments are disabled for security reasons).

Production 1.0

Hello!

Finished my website at last.

To-do:
– better SEO optimisation,
– 2k – 4k resolution layout changes,
– eBeat blog story,
– add old projects to portfolio.

Focusing on work in order to run over the finish line a.k.a. end of the year.

eBeat story

This article is work in progress due to length and scope of the topic. Hate broken links, so this will have to do for now. It will probably take a while before this will be overwritten.

Hello World

Hello there internet pioneer!

Thanks for stopping by 👋

This is my first blog post. Ever.

Its main purpose is to increase my network reach therefore most posts will be reposted on my LinkedIn profile and somehow connected to my work.

I will try to write a bit about my view on different topics that are not directly connected to my work but are important to me and (almost certainly) have or will have impact on our daily lives in the near future. Topics may include my views on blockchain, economics, global politics, space or anything that comes to my mind.

Its secondary purpose is to keep me accountable to write a post every week – or every two weeks :), quality over quantity (read “laziness”).

This will be prime location to post tips and tricks from my day-to-day work or to defuse my anger over spaghetti code that made my day a rollercoaster of debugging.

For now, there are couple of things on site that need my attention short-term:
– translation to Slovenian language,
– deploying some of the old projects so they are publicly accessible if allowed, adding them to my portfolio page and finishing some README.md of those repositories in the process,
– configure and test couple of SEO tricks I found recently.

In the future I might release certain collections I created over the years from all the corners of the internet that range from amazing quotes to small little-known software gems or automation scripts/shortcuts that make life of a power user a bit more enjoyable.

This is it, see ya in a week or two.