RHEL: Difference between revisions
→Install NGINX: more docs |
|||
Line 101: | Line 101: | ||
$ cd /tmp | $ cd /tmp | ||
$ wget https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm | $ wget https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm | ||
$ sudo yum install epel-release-latest-7.noarch.rpm | $ sudo yum -y install epel-release-latest-7.noarch.rpm | ||
</source> | </source> | ||
Revision as of 12:01, 3 November 2021
Setting up from scratch on a VM at work
Web services
Install NGINX
$ sudo yum install yum-utils
Create /etc/yum.repos.d/nginx.repo
[nginx-stable]
name=nginx stable repo
baseurl=http://nginx.org/packages/centos/$releasever/$basearch/
gpgcheck=1
enabled=1
gpgkey=https://nginx.org/keys/nginx_signing.key
module_hotfixes=true
[nginx-mainline]
name=nginx mainline repo
baseurl=http://nginx.org/packages/mainline/centos/$releasever/$basearch/
gpgcheck=1
enabled=0
gpgkey=https://nginx.org/keys/nginx_signing.key
module_hotfixes=true
Install nginx
$ sudo yum install nginx
Set up folders
# cd /etc/nginx
# mkdir sites-available
# mkdir sites-enabled
Create a file named sites-available/unm.edu.conf
server {
listen 80;
listen [::]:80;
server_name unm.edu *.unm.edu;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name ~^(?<subdomain>.+)\.unm\.dev$;
if (!-d /srv/www/unm.edu/$subdomain) {
set $subdomain "base";
}
set $public "";
if (-d /srv/www/unm.edu/$subdomain/public) {
set $public public;
}
root /srv/www/unm.edu/$subdomain/$public;
index index.php index.html index.htm;
access_log /var/log/nginx/access-wildcard.unm.edu.log;
error_log /var/log/nginx/error-wildcard.unm.edu.log;
include php_80_params.conf;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
ssl_certificate /etc/pki/tls/certs/_wildcard.unm.edu.pem;
ssl_certificate_key /etc/pki/tls/private/_wildcard.unm.edu-key.pem;
include letsencrypt_params.conf;
}
Install SSL certificates
Certificates should have been created by something like mkcert for development environment. The certificate should be in /etc/pki/tls/certs/
and the private key should be stored in /etc/pki/tls/private/
. Then secure the private key with:
# chmod 600 /etc/pki/tls/private/_wildcard.unm.edu-key.pem
Install EPEL repo
$ sudo subscription-manager repos --enable rhel-7-server-optional-rpms --enable rhel-7-server-extras-rpms
$ cd /tmp
$ wget https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
$ sudo yum -y install epel-release-latest-7.noarch.rpm
Useful commands
Package management
Clean up cache for yum PM
$ sudo service rhsmcertd restart
$ sudo subscription-manager refresh
$ sudo yum clean all && yum rm -rf /var/cache/yum && yum makecache
List all subscriptions
$ sudo subscription-manager list --all --available | more
Install downloaded RPM package
$ sudo yum -y localinstall ~/Downloads/screen
Check if there are any disabled repositories
$ egrep -Hi '(^\[|^enabled)' /etc/yum.repos.d/*
/etc/yum.repos.d/epel.repo.rpmsave:[epel]
/etc/yum.repos.d/epel.repo.rpmsave:enabled=1
/etc/yum.repos.d/epel.repo.rpmsave:[epel-debuginfo]
/etc/yum.repos.d/epel.repo.rpmsave:enabled=0
/etc/yum.repos.d/epel.repo.rpmsave:[epel-source]
/etc/yum.repos.d/epel.repo.rpmsave:enabled=0
/etc/yum.repos.d/nginx.repo:[nginx-stable]
/etc/yum.repos.d/nginx.repo:enabled=1
/etc/yum.repos.d/nginx.repo:[nginx-mainline]
/etc/yum.repos.d/nginx.repo:enabled=1
...