{"id":1263,"date":"2019-01-15T22:30:15","date_gmt":"2019-01-15T21:30:15","guid":{"rendered":"https:\/\/nextgen-solutions.xyz\/?p=1263"},"modified":"2019-10-24T08:18:09","modified_gmt":"2019-10-24T07:18:09","slug":"centos-7-webmin","status":"publish","type":"post","link":"https:\/\/nextgen-solutions.xyz\/en\/centos-7-webmin\/","title":{"rendered":"CentOS 7 + Webmin"},"content":{"rendered":"
Today I will demonstrate how to prepare server running on CentOS 7 for development purposes. I will only repeat steps that I have already done so they might not work for every possible configuration\/instance out there.<\/p>\n
I am using time4vps.eu as a hosting provider for all live VPS servers. I mostly use Linux but have used Windows before as well. Service is great, prices are fair and in 3 years not a single provider-side incident accurred. <\/p>\n
In hosting dashboard there are couple quick install options available that I use when setting up new environments. They work and they save time.<\/p>\n
So, I chose CentOS 7 + Webmin. CentOS 7 is the latest major release of this distribution, that was derived from RedHat OS (bought by IBM in 2018). Webmin is a web-based system configuration tool that works well with CentOS. Also, cPanel (which I also like a lot) costs 300$ per year, so no, thanks. <\/p>\n
Anyway, main chapters of this post:
\n–\tVirtualmin post-install wizard,
\n–\tnew admin user,
\n–\tpublic key authentication for SSH,
\n–\tdisable root SSH access,
\n–\tnew virtual server,
\n–\tInstall PHP 7,
\n–\tUpdate all packages,
\n–\tcreate and config swap.<\/p>\n
Straightforward process. I used the following options based on my desires:
\n–\tPreload Virtualmin libraries \u2013 YES,
\n–\tEmail domain lookup server \u2013 YES,
\n–\tClamAV server scanner \u2013 NO,
\n–\tSpamAssasin filter \u2013 NO,
\n–\tMySQL database server \u2013 YES,
\n–\tPostgreSQL server \u2013 NO,
\n–\tSet MySQL password \u2013 NO (I change it later via console),
\n–\tMySQL configuration size \u2013 Large 1 GB,
\n–\tSetting nameserver \u2013 OFC,
\n–\tPassword storage mode \u2013 only hashed passwords.<\/p>\n
That is it. Re-check and refresh configuration and make sure everything looks good. Also I turned off BIND DNS domain under \u201cFeatures and plugins\u201d section because I manage DNS on a different server.<\/p>\n
Login via SSH.<\/p>\n
This provides better security compared to basic password authentication.<\/p>\n On your local machine run:<\/p>\n Hit enter or assign new name. Then enter password to protect your key from unauthorized use.<\/p>\n This command creates a private key and a public key. The private key stays on your local and the public key must be uploaded to the server.<\/p>\n The fastest way to add public key to server is via this command:<\/p>\n After you enter password, your public key will be saved in remote user home directory at .ssh\/authorized_keys. Check that the .ssh folder has permissions 600.<\/p>\n Now you can login to your server without providing an admin password or even without a password at all, if you didn\u2019t set password for private key. Anyway, much better than basic password authentication.<\/p>\n This is generally more secure because we can now connect to the server with a newly created administrator account. <\/p>\n Now find the line that looks like this:<\/p>\n Now replace \u201cyes\u201d with \u201cno\u201d. <\/p>\n For new configuration to take effect, we need to restart SSH service:<\/p>\n You can test if this works by logging out and try to connect again with the root account. Connection should be refused by server.<\/p>\n Creating a new virtual server is a straightforward process. Navigate to Virtualmin tab, then select option \u201cCreate new virtual server\u201d. <\/p>\n Enter domain name, to which server should bind to, a description is also recommended for more clarity, if you use couple of instances.<\/p>\n The best practice is that you create a new user and unique password for every instance. It depends on what you want to do with this virtual server, but other options can be left as they are. <\/p>\n Before we do any further customizations it’s recommended that you update all packages and dependencies that server uses.<\/p>\n CentOS uses \u201cyum\u201d command in most cases.<\/p>\n To show all installed and available packages, enter following command:<\/p>\n If you want to know all dependecises for specific package:<\/p>\n In order to see list of all available updates, enter:<\/p>\n To update all enter this command: <\/p>\n In order to be able to perform update, you should run command with \u201csudo\u201d and confirm changes with \u201cy\u201d.<\/p>\n If your application requires PHP in order to run it’s recommended to use PHP 7 over PHP 5, because it provides significantly better performance and security.<\/p>\n First, add Fedora repository to repository list:<\/p>\n Next, check if \u201cyum-utils\u201d are already installed, otherwise install it:<\/p>\n In order to use PHP 7.2, enter the following command: <\/p>\n Now install some core PHP extensions:<\/p>\n Now check, if changes took effect by:<\/p>\n This should show which version of PHP is active.<\/p>\n Swap can help extend system memory by saving temporary data on disk. Here is how you can set it up.<\/p>\n Navigate to root path on your server and define swap file. I recommend twice the size of your system RAM. \u201c\/swapfile\u201d is the name of the file, to which system will write.<\/p>\n Now restrict file access, so other users can\u2019t read it.<\/p>\n Now tell the system where swap file is located:<\/p>\n Now tell system, that it can use file as swap:<\/p>\n This changes only last until system reboots. To make changes permanent, use the following command:<\/p>\n These are the basic steps to set up your development environment. There are lots of extra things you could do, but are specific to your goals.<\/p>\n Here are some things you could do going forward: This is it. Whole process should take less then 20 min, mostly depending on the speed of your server internet connection.<\/p>\n Feel free to message me if you have any questions or want to recommend any extra chapters in this quick guide. Contact me via contact form (comments are disabled for security reasons). <\/p>\n","protected":false},"excerpt":{"rendered":" Hello there! Today I will demonstrate how to prepare server running on CentOS 7 for development purposes. I will only repeat steps that I have already done so they might not work for every possible configuration\/instance out there. I am using time4vps.eu as a hosting provider for all live VPS servers. I mostly use Linux… <\/p>\nssh root@your-ip<\/code><\/p>\n
adduser matic<\/code><\/p>\n
passwd matic<\/code><\/p>\n
gpasswd -a matic wheel<\/code><\/p>\n
Config public key authentication for SSH<\/h3>\n
ssh-keygen<\/code><\/p>\n
ssh-copy-id matic@your-ip<\/code><\/p>\n
Disable SSH root login<\/h3>\n
vi \/etc\/ssh\/sshd_config<\/code><\/p>\n
# PermitRootLogin yes<\/code><\/p>\n
systemctl reload sshd<\/code><\/p>\n
Create new virtual server<\/h3>\n
Update all packages<\/h3>\n
yum list all <\/code><\/p>\n
yum deplist
yum check-update<\/code><\/p>\n
yum check-update<\/code><\/p>\n
Install PHP 7<\/h3>\n
yum install https:\/\/dl.fedoraproject.org\/pub\/epel\/epel-release-latest-7.noarch.rpm <\/code><\/p>\n
yum install yum-utils<\/code> <\/p>\n
yum-config-manager --enable remi-php72<\/code><\/p>\n
yum install php php-mcrypt php-cli php-gd php-curl php-mysql php-ldap php-zip php-fileinfo <\/code><\/p>\n
php -v<\/code><\/p>\n
Create and config swap <\/h3>\n
sudo fallocate -l 8G \/swapfile<\/code><\/p>\n
sudo chmod 600 \/swapfile <\/code><\/p>\n
sudo mkswap \/swapfile<\/code><\/p>\n
sudo swapon \/swapfile<\/code><\/p>\n
sudo sh -c 'echo \"\/swapfile none swap sw 0 0\" >> \/etc\/fstab' <\/code><\/p>\n
Where to go from here<\/h3>\n
\n–\tCustomize firewall rules,
\n–\tChange PHP variables,
\n–\tCreate new Webmin user,
\n–\tSetup SSL certificate,
\n–\tChange Mysql root password (recommended!) and create new user,
\n–\tCustomize email server,
\n–\tInstall git and\/or other tools,
\n–\tEtc..<\/p>\n