jazio · January 24, 2020 15:47
diff --git a/Configure CentOS 7 b/Configure CentOS 7
 ##################################
 # Checkout the CentOS version
 ##################################
 cat /etc/redhat-release
 cat /etc/os-release

 ##################################
 # Find out hostname and external IP
 ##################################
 hostname
 hostname -I
 hostname -a

 ##################################
 # Security checks
 ##################################

 # See last logins
 last

 ##################################
 # Supervise processes/daemons
 ##################################
 systemctl --list
 systemctl | grep httpd
 systemctl | grep sshd


 ##################################
 # Updates (apps, kernel...)
 ##################################
 yum check-update
 # Do an update to an app or a group of apps or to all
 yum update httpd
 yum update "Development Tools"
 yum update


 #Update to the newest kernel (5) and cleanup old kernels
 yum -y update
 yum -y install yum-plugin-fastestmirror
 rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org
 rpm -Uvh https://www.elrepo.org/elrepo-release-7.0-3.el7.elrepo.noarch.rpm
 yum repolist
 yum --enablerepo=elrepo-kernel install kernel-ml
 uname -a

 # Now configure the grub to boot the newest kernel
 awk -F\' '$1=="menuentry " {print i++ " : " $2}' /etc/grub2.cfg
 sudo grub2-set-default 0
 sudo grub2-mkconfig -o /boot/grub2/grub.cfg
 reboot

 uname -r
 yum install yum-utils
 package-cleanup --oldkernels

 ##################################
 # Users
 ##################################
 Add a new user and grant him as a sudo (wheel) privileges
 useradd bananaspook
 passwd bananaspook
 su - bananaspook
 usermod -aG wheel bananaspook

 #List groups for current user
 groups

 #List all groups
 getent group > /etc/initial-group-list
 cat /etc/initial-group-list

 #Delete a group
 sudo groupdel NAME_OF_THE_GROUP_TO_DELETE
 #Create a group
 sudo groupadd NAME_OF_THE_NEW_GROUP

 # Recommended I usually add group named www (or www-data, whatever works for you). To this group I add php daemons, nginx workers etc. It makes life easier with writing to files
 sudo groupadd www-data (or www)
 # Add a user to a group
 sudo usermod -g www-data developer


 ##################################
 # Firewall
 ##################################
 # Install the firewall daemon
 sudo yum install firewalld
 sudo systemctl start firewalld
 sudo firewall-cmd --permanent -add-service=ssh
 sudo firewall-cmd --permanent --add-service=ssh
 sudo firewall-cmd --permanent --add-service=http
 sudo firewall-cmd --permanent --add-service=https
 sudo firewall-cmd --permanent --add-service=smtp
 sudo firewall-cmd --permanent --list-all
 sudo firewall-cmd --get-services
 sudo firewall-cmd --reload
 #Make it permanent
 sudo systemctl enable firewalld



 ##################################
 # ssh keys
 ##################################
 # For new user
 ssh developer@IP_OF_THE_SERVER_HERE
 ssh-keygen -t rsa -b 4096
 # !! execute it from local pc not from server
 ssh-copy-id developer@IP_OF_YOUR_SERVER
 #this will do:
 ssh developer@IP_OF_YOUR_SERVER
 cd ~/.ssh
 vi authorized_keys
 //Press "i" to enter in input mode, paste there your code (usually it's right click of the mouse) and :wq (colon, w, q) it will save and quit from vi 
 chmod 600 authorized_keys

 #test key
 ssh developer@IP_OF_YOUR_SERVER -i path/to/your/PRIVATE/key/file
 ##################################
 # LAMP
 ##################################
 # Install Apache http server
 sudo yum install httpd
 sudo systemctl start httpd.service

 # www-data is the user that web servers on Ubuntu (Apache, nginx, for example) use by default for normal operation. 
 # The web server process can access any file that www-data can access. It has no other importance.
 # There is apache user instead of www-data in Centos
 sudo chown -R apache:www-data /var/www
 usermod -a -G www-data your-username

 # Install MariaDB
 sudo yum install mariadb-server mariadb
 sudo systemctl start mariadb
 # Remove unsecure configuration
 sudo mysql_secure_installation
 # Make it permanent
 sudo systemctl enable mariadb.service

 # Install PHP 7.3
 sudo yum install epel-release
 sudo yum install http://rpms.remirepo.net/enterprise/remi-release-7.rpm
 sudo yum install -y yum-utils
 sudo yum-config-manager --enable remi-php73
 sudo yum install php
 php -v

 # Composer
 curl -sS https://getcomposer.org/installer | php
 sudo mv composer.phar /usr/local/bin/composer
 sudo chmod +x /usr/local/bin/composer
 source ~/.bashrc
 ################################## 
 # git
 ##################################
 # Install latest git from https://www.kernel.org/pub/software/scm/git/
 sudo yum remove git
 cd /usr/src
 wget https://www.kernel.org/pub/software/scm/git/git-2.24.0.tar.gz
 tar xzf git-2.24.0.tar.gz
 cd git-2.24.0
 make prefix=/usr/local/git all
 make prefix=/usr/local/git install
 # If necessary go the root mode
 echo "export PATH=$PATH:/usr/local/git/bin" >> /etc/bashrc
 source /etc/bashrc
 git -version
 git config --global user.name "Jazz"                                                                                                             
 git config --global user.email "Your mail"
 git config --global core.editor vim
 git config --global merge.tool vimdiff

 ##################################
 # Install Latest ruby, rvm, gem
 ##################################
 # rvm (Ruby Version Manager)
 curl -sSL https://get.rvm.io | bash -s -- --version latest
 sudo printenv | grep -i rvm
 # Dependencies
 sudo yum install curl gpg gcc gcc-c++ make patch autoconf automake bison libffi-devel libtool patch readline-devel sqlite-devel zlib-devel openssl-devel
 source ~/.rvm/scripts/rvm
 rvm install 2.5.7
 ruby -v
 gem -v

 # Check ruby versions and remove all ruby versions
 rpm -qa | grep -i ruby
 sudo yum erase ruby-*

 ##################################
 # sshfs
 # Mount droplet locally
 ##################################
 sudo apt-get install sshfs
 # local
 sudo mkdir /mnt/droplet
 sudo chown -R myuser:myuser /mnt/droplet
 sshfs [-o allow_other,defer_permissions] [email protected]:/ /mnt/droplet
 sshfs [-o allow_other,defer_permissions,IdentityFile=~/.ssh/id_rsa] [email protected]:/ /mnt/droplet
 sudo umount /mnt/droplet

 # Permanent mounting remote fs
 sudo nano /etc/fstab
 sshfs#[email protected]:/ /mnt/droplet
 #save the changes to /etc/fstab and reboot if necessary.

  
 ##################################
 # Spin up a Jekyll Blog + git revisioning system (ongoing)
 ##################################
 # Local
 gem install jekyll
 gem install bundler
 # if issue with permissions
 alias sudo='sudo env PATH=$PATH'
 jekyll new myjekyllsite
 cd myjekyllsite
 # In Amazon AWS Cloud9 you need to pas port 8080 to launch it
 jekyll serve --detach --port 8080
 # Now go to https://025dbc2f7f4a4dbbaf4caa9fcbe9cc4d.vfs.cloud9.eu-west-1.amazonaws.com/ where 025.. is your ID and tada!
 bundle exec jekyll serve --host 198.18.58.2 --port 8080 --detach
 #Then we get:server address: http://198.18.58.2:8080/

 git remote remove droplet
 git remote add droplet myuser@ip:/var/www/repos/jazjek.git
 git push droplet master

 git pull droplet master --allow-unrelated-histories



 ##################################
 # Deploy jekyll with git hooks
 ##################################
 # Local
 jekyll new awesomeblog
 cd awesomeblog
 # Listen to http://localhost:8080
 jekyll serve --port 8080
 git init
 git add .
 git commit -m "Initial commit"


 #On Centos server
 cd ~/
 mkdir repos && cd repos
 mkdir awesomeblog.git && cd awesomeblog.git
 git init --bare
 cd hooks && touch post-receive && nano post-receive

 # In post-receive hook paste

 `
 #!/bin/bash -l

 # Install Ruby Gems to ~/gems
 export GEM_HOME=$HOME/gems
 export PATH=$GEM_HOME/bin:$PATH

 GIT_REPO=$HOME/myrepo.git
 TMP_GIT_CLONE=$HOME/tmp/myrepo
 GEMFILE=$TMP_GIT_CLONE/Gemfile
 PUBLIC_WWW=/var/www/myrepo

 git clone $GIT_REPO $TMP_GIT_CLONE
 BUNDLE_GEMFILE=$GEMFILE bundle install
 BUNDLE_GEMFILE=$GEMFILE bundle exec jekyll build -s $TMP_GIT_CLONE -d $PUBLIC_WWW
 rm -Rf $TMP_GIT_CLONE
 exit
 `
 # Make it executable
 chmod +x post-receive

 # Local
 git remote add droplet [email protected]:repos/awesomeblog.git
 git push droplet master




 Journaling
 ----

 24.1
 # update repos
 yum makecache fast
 yum -v repolists

 # install php modules required for nextcloud
 zip, dom, XMLWriter, libxml, mb multibyte, GD, SimpleXML, PDO

 php -v
 # version 7.3.11

 yum search php73
 yum list installed php73*


 Upgrade 
 https://www.tecmint.com/upgrade-centos-7-to-centos-8/

 ##################################
 # References
 ##################################
  
 # Installation of gitlab MINIMUM 4GB of RAM
 https://about.gitlab.com/install/#centos-7
 # or if have less memory
 https://www.digitalocean.com/community/tutorials/how-to-deploy-jekyll-blogs-with-git
 # sshfs
 https://www.digitalocean.com/community/tutorials/how-to-use-sshfs-to-mount-remote-file-systems-over-ssh
 # jekyll. rsync
 https://davesworld.blog/publish-to-jekyll-blog-via-local-jekyll-server-and-git-enabled-web-hosting-account
	##################################
	# Checkout the CentOS version
	##################################
	cat /etc/redhat-release
	cat /etc/os-release

	##################################
	# Find out hostname and external IP
	##################################
	hostname
	hostname -I
	hostname -a

	##################################
	# Security checks
	##################################

	# See last logins
	last

	##################################
	# Supervise processes/daemons
	##################################
	systemctl --list
	systemctl \| grep httpd
	systemctl \| grep sshd


	##################################
	# Updates (apps, kernel...)
	##################################
	yum check-update
	# Do an update to an app or a group of apps or to all
	yum update httpd
	yum update "Development Tools"
	yum update


	#Update to the newest kernel (5) and cleanup old kernels
	yum -y update
	yum -y install yum-plugin-fastestmirror
	rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org
	rpm -Uvh https://www.elrepo.org/elrepo-release-7.0-3.el7.elrepo.noarch.rpm
	yum repolist
	yum --enablerepo=elrepo-kernel install kernel-ml
	uname -a

	# Now configure the grub to boot the newest kernel
	awk -F\' '$1=="menuentry " {print i++ " : " $2}' /etc/grub2.cfg
	sudo grub2-set-default 0
	sudo grub2-mkconfig -o /boot/grub2/grub.cfg
	reboot

	uname -r
	yum install yum-utils
	package-cleanup --oldkernels

	##################################
	# Users
	##################################
	Add a new user and grant him as a sudo (wheel) privileges
	useradd bananaspook
	passwd bananaspook
	su - bananaspook
	usermod -aG wheel bananaspook

	#List groups for current user
	groups

	#List all groups
	getent group > /etc/initial-group-list
	cat /etc/initial-group-list

	#Delete a group
	sudo groupdel NAME_OF_THE_GROUP_TO_DELETE
	#Create a group
	sudo groupadd NAME_OF_THE_NEW_GROUP

	# Recommended I usually add group named www (or www-data, whatever works for you). To this group I add php daemons, nginx workers etc. It makes life easier with writing to files
	sudo groupadd www-data (or www)
	# Add a user to a group
	sudo usermod -g www-data developer


	##################################
	# Firewall
	##################################
	# Install the firewall daemon
	sudo yum install firewalld
	sudo systemctl start firewalld
	sudo firewall-cmd --permanent -add-service=ssh
	sudo firewall-cmd --permanent --add-service=ssh
	sudo firewall-cmd --permanent --add-service=http
	sudo firewall-cmd --permanent --add-service=https
	sudo firewall-cmd --permanent --add-service=smtp
	sudo firewall-cmd --permanent --list-all
	sudo firewall-cmd --get-services
	sudo firewall-cmd --reload
	#Make it permanent
	sudo systemctl enable firewalld



	##################################
	# ssh keys
	##################################
	# For new user
	ssh developer@IP_OF_THE_SERVER_HERE
	ssh-keygen -t rsa -b 4096
	# !! execute it from local pc not from server
	ssh-copy-id developer@IP_OF_YOUR_SERVER
	#this will do:
	ssh developer@IP_OF_YOUR_SERVER
	cd ~/.ssh
	vi authorized_keys
	//Press "i" to enter in input mode, paste there your code (usually it's right click of the mouse) and :wq (colon, w, q) it will save and quit from vi
	chmod 600 authorized_keys

	#test key
	ssh developer@IP_OF_YOUR_SERVER -i path/to/your/PRIVATE/key/file
	##################################
	# LAMP
	##################################
	# Install Apache http server
	sudo yum install httpd
	sudo systemctl start httpd.service

	# www-data is the user that web servers on Ubuntu (Apache, nginx, for example) use by default for normal operation.
	# The web server process can access any file that www-data can access. It has no other importance.
	# There is apache user instead of www-data in Centos
	sudo chown -R apache:www-data /var/www
	usermod -a -G www-data your-username

	# Install MariaDB
	sudo yum install mariadb-server mariadb
	sudo systemctl start mariadb
	# Remove unsecure configuration
	sudo mysql_secure_installation
	# Make it permanent
	sudo systemctl enable mariadb.service

	# Install PHP 7.3
	sudo yum install epel-release
	sudo yum install http://rpms.remirepo.net/enterprise/remi-release-7.rpm
	sudo yum install -y yum-utils
	sudo yum-config-manager --enable remi-php73
	sudo yum install php
	php -v

	# Composer
	curl -sS https://getcomposer.org/installer \| php
	sudo mv composer.phar /usr/local/bin/composer
	sudo chmod +x /usr/local/bin/composer
	source ~/.bashrc
	##################################
	# git
	##################################
	# Install latest git from https://www.kernel.org/pub/software/scm/git/
	sudo yum remove git
	cd /usr/src
	wget https://www.kernel.org/pub/software/scm/git/git-2.24.0.tar.gz
	tar xzf git-2.24.0.tar.gz
	cd git-2.24.0
	make prefix=/usr/local/git all
	make prefix=/usr/local/git install
	# If necessary go the root mode
	echo "export PATH=$PATH:/usr/local/git/bin" >> /etc/bashrc
	source /etc/bashrc
	git -version
	git config --global user.name "Jazz"
	git config --global user.email "Your mail"
	git config --global core.editor vim
	git config --global merge.tool vimdiff

	##################################
	# Install Latest ruby, rvm, gem
	##################################
	# rvm (Ruby Version Manager)
	curl -sSL https://get.rvm.io \| bash -s -- --version latest
	sudo printenv \| grep -i rvm
	# Dependencies
	sudo yum install curl gpg gcc gcc-c++ make patch autoconf automake bison libffi-devel libtool patch readline-devel sqlite-devel zlib-devel openssl-devel
	source ~/.rvm/scripts/rvm
	rvm install 2.5.7
	ruby -v
	gem -v

	# Check ruby versions and remove all ruby versions
	rpm -qa \| grep -i ruby
	sudo yum erase ruby-*

	##################################
	# sshfs
	# Mount droplet locally
	##################################
	sudo apt-get install sshfs
	# local
	sudo mkdir /mnt/droplet
	sudo chown -R myuser:myuser /mnt/droplet
	sshfs [-o allow_other,defer_permissions] [email protected]:/ /mnt/droplet
	sshfs [-o allow_other,defer_permissions,IdentityFile=~/.ssh/id_rsa] [email protected]:/ /mnt/droplet
	sudo umount /mnt/droplet

	# Permanent mounting remote fs
	sudo nano /etc/fstab
	sshfs#[email protected]:/ /mnt/droplet
	#save the changes to /etc/fstab and reboot if necessary.


	##################################
	# Spin up a Jekyll Blog + git revisioning system (ongoing)
	##################################
	# Local
	gem install jekyll
	gem install bundler
	# if issue with permissions
	alias sudo='sudo env PATH=$PATH'
	jekyll new myjekyllsite
	cd myjekyllsite
	# In Amazon AWS Cloud9 you need to pas port 8080 to launch it
	jekyll serve --detach --port 8080
	# Now go to https://025dbc2f7f4a4dbbaf4caa9fcbe9cc4d.vfs.cloud9.eu-west-1.amazonaws.com/ where 025.. is your ID and tada!
	bundle exec jekyll serve --host 198.18.58.2 --port 8080 --detach
	#Then we get:server address: http://198.18.58.2:8080/

	git remote remove droplet
	git remote add droplet myuser@ip:/var/www/repos/jazjek.git
	git push droplet master

	git pull droplet master --allow-unrelated-histories



	##################################
	# Deploy jekyll with git hooks
	##################################
	# Local
	jekyll new awesomeblog
	cd awesomeblog
	# Listen to http://localhost:8080
	jekyll serve --port 8080
	git init
	git add .
	git commit -m "Initial commit"


	#On Centos server
	cd ~/
	mkdir repos && cd repos
	mkdir awesomeblog.git && cd awesomeblog.git
	git init --bare
	cd hooks && touch post-receive && nano post-receive

	# In post-receive hook paste

	`
	#!/bin/bash -l

	# Install Ruby Gems to ~/gems
	export GEM_HOME=$HOME/gems
	export PATH=$GEM_HOME/bin:$PATH

	GIT_REPO=$HOME/myrepo.git
	TMP_GIT_CLONE=$HOME/tmp/myrepo
	GEMFILE=$TMP_GIT_CLONE/Gemfile
	PUBLIC_WWW=/var/www/myrepo

	git clone $GIT_REPO $TMP_GIT_CLONE
	BUNDLE_GEMFILE=$GEMFILE bundle install
	BUNDLE_GEMFILE=$GEMFILE bundle exec jekyll build -s $TMP_GIT_CLONE -d $PUBLIC_WWW
	rm -Rf $TMP_GIT_CLONE
	exit
	`
	# Make it executable
	chmod +x post-receive

	# Local
	git remote add droplet [email protected]:repos/awesomeblog.git
	git push droplet master




	Journaling
	----

	24.1
	# update repos
	yum makecache fast
	yum -v repolists

	# install php modules required for nextcloud
	zip, dom, XMLWriter, libxml, mb multibyte, GD, SimpleXML, PDO

	php -v
	# version 7.3.11

	yum search php73
	yum list installed php73*


	Upgrade
	https://www.tecmint.com/upgrade-centos-7-to-centos-8/

	##################################
	# References
	##################################

	# Installation of gitlab MINIMUM 4GB of RAM
	https://about.gitlab.com/install/#centos-7
	# or if have less memory
	https://www.digitalocean.com/community/tutorials/how-to-deploy-jekyll-blogs-with-git
	# sshfs
	https://www.digitalocean.com/community/tutorials/how-to-use-sshfs-to-mount-remote-file-systems-over-ssh
	# jekyll. rsync
	https://davesworld.blog/publish-to-jekyll-blog-via-local-jekyll-server-and-git-enabled-web-hosting-account