Hello there!
Today I will demonstrate how to prepare server running on CentOS 7 for development purposes. I will only repeat steps that I have already done so they might not work for every possible configuration/instance out there.
I am using time4vps.eu as a hosting provider for all live VPS servers. I mostly use Linux but have used Windows before as well. Service is great, prices are fair and in 3 years not a single provider-side incident accurred.
In hosting dashboard there are couple quick install options available that I use when setting up new environments. They work and they save time.
So, I chose CentOS 7 + Webmin. CentOS 7 is the latest major release of this distribution, that was derived from RedHat OS (bought by IBM in 2018). Webmin is a web-based system configuration tool that works well with CentOS. Also, cPanel (which I also like a lot) costs 300$ per year, so no, thanks.
Anyway, main chapters of this post:
– Virtualmin post-install wizard,
– new admin user,
– public key authentication for SSH,
– disable root SSH access,
– new virtual server,
– Install PHP 7,
– Update all packages,
– create and config swap.
Complete Virtualmin post-install wizard
Straightforward process. I used the following options based on my desires:
– Preload Virtualmin libraries – YES,
– Email domain lookup server – YES,
– ClamAV server scanner – NO,
– SpamAssasin filter – NO,
– MySQL database server – YES,
– PostgreSQL server – NO,
– Set MySQL password – NO (I change it later via console),
– MySQL configuration size – Large 1 GB,
– Setting nameserver – OFC,
– Password storage mode – only hashed passwords.
That is it. Re-check and refresh configuration and make sure everything looks good. Also I turned off BIND DNS domain under “Features and plugins” section because I manage DNS on a different server.
Create new user
Login via SSH.
adduser matic
passwd matic
gpasswd -a matic wheel
Config public key authentication for SSH
This provides better security compared to basic password authentication.
On your local machine run:
ssh-keygen
Hit enter or assign new name. Then enter password to protect your key from unauthorized use.
This command creates a private key and a public key. The private key stays on your local and the public key must be uploaded to the server.
The fastest way to add public key to server is via this command:
ssh-copy-id [email protected]
After you enter password, your public key will be saved in remote user home directory at .ssh/authorized_keys. Check that the .ssh folder has permissions 600.
Now you can login to your server without providing an admin password or even without a password at all, if you didn’t set password for private key. Anyway, much better than basic password authentication.
Disable SSH root login
This is generally more secure because we can now connect to the server with a newly created administrator account.
vi /etc/ssh/sshd_config
Now find the line that looks like this:
# PermitRootLogin yes
Now replace “yes” with “no”.
For new configuration to take effect, we need to restart SSH service:
systemctl reload sshd
You can test if this works by logging out and try to connect again with the root account. Connection should be refused by server.
Create new virtual server
Creating a new virtual server is a straightforward process. Navigate to Virtualmin tab, then select option “Create new virtual server”.
Enter domain name, to which server should bind to, a description is also recommended for more clarity, if you use couple of instances.
The best practice is that you create a new user and unique password for every instance. It depends on what you want to do with this virtual server, but other options can be left as they are.
Update all packages
Before we do any further customizations it’s recommended that you update all packages and dependencies that server uses.
CentOS uses “yum” command in most cases.
To show all installed and available packages, enter following command:
yum list all
If you want to know all dependecises for specific package:
yum deplist
In order to see list of all available updates, enter:
yum check-update
To update all enter this command:
yum check-update
In order to be able to perform update, you should run command with “sudo” and confirm changes with “y”.
Install PHP 7
If your application requires PHP in order to run it’s recommended to use PHP 7 over PHP 5, because it provides significantly better performance and security.
First, add Fedora repository to repository list:
yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
Next, check if “yum-utils” are already installed, otherwise install it:
yum install yum-utils
In order to use PHP 7.2, enter the following command:
yum-config-manager --enable remi-php72
Now install some core PHP extensions:
yum install php php-mcrypt php-cli php-gd php-curl php-mysql php-ldap php-zip php-fileinfo
Now check, if changes took effect by:
php -v
This should show which version of PHP is active.
Create and config swap
Swap can help extend system memory by saving temporary data on disk. Here is how you can set it up.
Navigate to root path on your server and define swap file. I recommend twice the size of your system RAM. “/swapfile” is the name of the file, to which system will write.
sudo fallocate -l 8G /swapfile
Now restrict file access, so other users can’t read it.
sudo chmod 600 /swapfile
Now tell the system where swap file is located:
sudo mkswap /swapfile
Now tell system, that it can use file as swap:
sudo swapon /swapfile
This changes only last until system reboots. To make changes permanent, use the following command:
sudo sh -c 'echo "/swapfile none swap sw 0 0" >> /etc/fstab'
Where to go from here
These are the basic steps to set up your development environment. There are lots of extra things you could do, but are specific to your goals.
Here are some things you could do going forward:
– Customize firewall rules,
– Change PHP variables,
– Create new Webmin user,
– Setup SSL certificate,
– Change Mysql root password (recommended!) and create new user,
– Customize email server,
– Install git and/or other tools,
– Etc..
This is it. Whole process should take less then 20 min, mostly depending on the speed of your server internet connection.
Feel free to message me if you have any questions or want to recommend any extra chapters in this quick guide. Contact me via contact form (comments are disabled for security reasons).