Update system
dnf update
Set your timezone
timedatectl set-timezone UTC
date
Set the machine hostname
hostnamectl set-hostname my.domain
Install nano text editor
dnf install nano
If you want yum to update automatically
dnf install dnf-automatic
nano /etc/dnf/automatic.conf
systemctl enable --now dnf-automatic.timer
Reboot system, login back to server (as root)
reboot
Create yourself a user, and set password (super important)
adduser webmaster
Copy root key to user home (you can remove it from the root user later)
cp -r -p /root/.ssh/ /home/webmaster/
chown -R webmaster:webmaster /home/webmaster/.ssh
Add your user to 'wheel' group (as supplementary group (-G), primary group still 'josh')
usermod -a -G wheel webmaster
Logout server, and login again as your user
exit
Check sudo access is working, now you should be 'root' again
sudo su
Check if server has swap, if it does, you can skip this step
swapon -s
Check how much memory the machine has, and how much disk space
free -m && df -h
Create swap file on disk, and confirm size
dd if=/dev/zero of=/swapfile count=4096 bs=1MiB && ls -lh /swapfile
Enable swap
chmod 600 /swapfile && ls -lh /swapfile
mkswap /swapfile
swapon /swapfile
swapon -s
Make the swap file permanent
nano /etc/fstab
Add the following line to /etc/fstab
/swapfile swap swap sw 0 0
CentOS defaults to a swappiness setting of 30, which is a fair middle ground for most desktops and local servers. For a VPS system, we'd probably want to move it closer to 0.
sysctl vm.swappiness=10
This setting will persist until the next reboot. To make the setting persist between reboots, we can add the outputted line to our sysctl configuration file:
nano /etc/sysctl.conf
Another related value that you might want to modify is the vfs_cache_pressure. This setting affects the storage of special filesystem metadata entries. Constantly reading and refreshing this information is generally very costly, so storing it on the cache for longer is excellent for your system's performance.
cat /proc/sys/vm/vfs_cache_pressure
To make cache inode information from the cache more slowly:
sysctl vm.vfs_cache_pressure=50
This setting will persist until the next reboot. To make the setting persist between reboots, we can add the outputted line to our sysctl configuration file:
nano /etc/sysctl.conf
dnf install epel-release
Install Apache 2.4 HTTP Server
dnf install httpd httpd-filesystem httpd-manual httpd-tools mod_ssl
Start server, check it's working, enable during boot
systemctl start httpd
systemctl status httpd
systemctl enable httpd
You might need to install the service
dnf install firewalld
Check firewall status (should be off in most cases)
firewall-cmd --state
If firewall not running start it:
systemctl start firewalld.service
Some firewall info commands:
firewall-cmd --get-active-zones
firewall-cmd --list-all
Add HTTP/HTTPS rule to public zone
firewall-cmd --zone=public --add-service=http
firewall-cmd --zone=public --add-service=https
Add HTTP/HTTPS rule permanently to public zone
firewall-cmd --zone=public --add-service=http --permanent
firewall-cmd --zone=public --add-service=https --permanent
Or ...
firewall-cmd --zone=public --add-port=80/tcp --permanent
firewall-cmd --zone=public --add-port=443/tcp --permanent
Install Remi repository and enable module
dnf install https://rpms.remirepo.net/enterprise/remi-release-8.rpm
dnf module list php
dnf module enable php:remi-7.4
dnf install php \
php-fpm \
php-common \
php-bcmath \
php-mbstring \
php-cli \
php-dba \
php-gd \
php-opcache \
php-intl \
php-pdo \
php-mysqlnd \
php-pgsql \
php-process \
php-tidy \
php-xml \
php-xmlrpc \
php-json \
php-pecl-memcached \
php-pecl-igbinary \
php-pecl-msgpack
Restart the web server
systemctl restart php-fpm httpd
systemctl status php-fpm httpd
systemctl enable php-fpm
Create PHP test page
cd /var/www/html/
echo "<?php phpinfo(); ?>" > index.php
Open browser, goto: http://<server_ip>/ You should see PHP info page, remove the index page afterwards.
rm index.php
Restart web services
systemctl restart php-fpm httpd
dnf -y install memcached
Edit configuration
nano /etc/sysconfig/memcached
Enable service
systemctl start memcached
systemctl enable memcached
Install PosgreSQL official RHEL8 repositories, and enable version 13
dnf install https://download.postgresql.org/pub/repos/yum/reporpms/EL-8-x86_64/pgdg-redhat-repo-latest.noarch.rpm
dnf update
dnf -qy module disable postgresql
yum-config-manager --enable pgdg13-updates-testing
Install PostgreSQL packages
dnf install postgresql13 \
postgresql13-libs \
postgresql13-server \
postgresql13-contrib \
postgresql13-docs \
postgresql13-devel \
postgresql13-plperl \
postgresql13-plpython3 \
postgresql13-pltcl
Init initial database
/usr/pgsql-13/bin/postgresql-13-setup initdb
Start service and enable on boot
systemctl start postgresql-13
systemctl status postgresql-13
systemctl enable postgresql-13
Add server port to firewall and restart firewall
firewall-cmd --permanent --zone=public --add-service=postgresql
Or ...
firewall-cmd --permanent --zone=public --add-port=5432/tcp
Restart firewall
systemctl restart firewalld.service
Change to postgres user, check server is running
su - postgres
psql
Create remote admin user, with db creation access
createuser -W -d -s pgadmin
Create dtabase for user (UTF8)
createdb -T template0 -l en_US.UTF-8 -E UTF8 -O pgadmin admindb
Allow remote user to connect, edit hosts file:
nano /var/lib/pgsql/13/data/pg_hba.conf
Add following entry:
host all pgadmin <user_ip_address>/32 trust
Test remote user:
psql -h dbserver_name_or_ip_address -U pgsql -W <password>