Install U-232 Trinity on CentOS 7

Started by GodFather, February 27, 2021, 09:16:52 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

GodFather

#1
This tutorial shows how to prepare a CentOS 7 x86_64 server for the installation of U-232 Trinity.
We will use latest PHP, MariaDB.
As webserver we will use Nginx with PHP support (through PHP-FPM).


1. Requirements
A Centos 7.6 minimal server system.

2. Preparing the server

Import the GPG keys for software packages:

sudo rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY*
Next we enable the EPEL repository on our CentOS system.

sudo yum -y install epel-release
Next we update our existing packages on the system:

sudo yum -y update
Next we install some software packages that are needed later on:

$ sudo yum -y install nano vim wget net-tools yum-utilssudo yum -y groupinstall 'Development Tools'
3. Disable SELinux

Edit /etc/selinux/config and set SELINUX=disabled:

sudo nano /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of these two values:
#     targeted - Targeted processes are protected,
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted

Afterwards we must reboot the system:

sudo reboot
The latest Nginx is not available from the official CentOS repositories, so we include the repository of the Nginx project to install it:

sudo nano /etc/yum.repos.d/nginx.repo
... insert this:

[nginx]
name=nginx repo
baseurl=http://nginx.org/packages/centos/7/$basearch/
gpgcheck=0
enabled=1

4. Installing MariaDB

wget https://downloads.mariadb.com/MariaDB/mariadb_repo_setup
chmod +x mariadb_repo_setup
sudo ./mariadb_repo_setup
sudo yum -y install MariaDB-client MariaDB-server

Then we create the system startup links for MariaDB (so that it starts automatically whenever the system boots) and start the MariaDB server:

sudo systemctl enable mariadb.service
sudo systemctl start mariadb.service

Now check that networking is enabled. Run

sudo netstat -tap | grep mysql
It should show something like this:

[root@server1 ~]# netstat -tap | grep mysql
tcp 0 0 0.0.0.0:mysql 0.0.0.0:* LISTEN 19842/mysqld

Run:

sudo mysql_secure_installation
to set a password for the user root (otherwise, anybody can access your MySQL database!):

5. Installing Nginx

Nginx is available as a package from nginx.org which we can install like this:

sudo yum -y install nginx
Then we create the system startup links for nginx and start it:

sudo systemctl enable nginx.service
sudo systemctl start nginx.service

There are chances that you get an error that port 80 is already in use, the error message will be like this:

[root@server1 ~]# service nginx start
Starting nginx: nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
nginx: [emerg] still could not bind()
                                                           [FAILED]
[root@server1 ~]#

This means that another web server (probably Apache) is already running on this server. Stop the Apache service and then start the service for NGINX:

sudo systemctl stop httpd.service
sudo systemctl disable httpd.service

Then try to start Nginx again.

systemctl start nginx.service
Open the HTTP and HTTPS ports in the firewall

sudo firewall-cmd --permanent --zone=public --add-service=http
sudo firewall-cmd --permanent --zone=public --add-service=https
sudo firewall-cmd --reload

The resulting output on the shell will look like this:

[root@server1 ~]# firewall-cmd --permanent --zone=public --add-service=http
success
[root@server1 ~]# firewall-cmd --permanent --zone=public --add-service=https
success
[root@server1 ~]# firewall-cmd --reload
success
[root@server1 ~]#

6. Installing PHP

sudo yum install -y https://rpms.remirepo.net/enterprise/remi-release-7.rpm
sudo yum-config-manager --enable remi-php80
sudo yum -y install php php-cli php-fpm php-devel php-pear php-bcmath php-curl php-igbinary php-json php-memcached php-redis php-msgpack php-mysqlnd php-mbstring php-gd php-geoip php-opcache php-xml php-xmlrpc php-zip php-apcu php-couchbase

Open /etc/php.ini and set cgi.fix_pathinfo=0:

sudo nano /etc/php.ini
[...]
; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI.  PHP's
; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok
; what PATH_INFO is.  For more information on PATH_INFO, see the cgi specs.  Setting
; this to 1 will cause PHP CGI to fix its paths to conform to the spec.  A setting
; of zero causes PHP to behave as before.  Default is 1.  You should fix your scripts
; to use SCRIPT_FILENAME rather than PATH_TRANSLATED.
; http://www.php.net/manual/en/ini.core.php#ini.cgi.fix-pathinfo
cgi.fix_pathinfo=0
[...]

You should set date.timezone in /etc/php.ini:

[...]
[Date]
; Defines the default timezone used by the date functions
; http://www.php.net/manual/en/datetime.configuration.php#ini.date.timezone
date.timezone = "Europe/London"
[...]

You can find out the correct timezone for your system by running:

cat /etc/sysconfig/clock
[root@server1 ~]# cat /etc/sysconfig/clock
ZONE="Europe/London"
[root@server1 ~]#

Next, create the system startup links for php-fpm and start it:

sudo systemctl enable php-fpm.service
sudo systemctl start php-fpm.service

PHP-FPM is a daemon process (with the init script /etc/init.d/php-fpm) that runs a FastCGI server on port 9000.

7. Configuring Nginx

The nginx configuration is in /etc/nginx/nginx.conf which we open now:

sudo nano /etc/nginx/nginx.conf
First (this is optional) you can increase the number of worker processes and set the keepalive_timeout to a reasonable value:

[...]
worker_processes  4;
[...]
    keepalive_timeout  2;
[...]

The virtual hosts are defined in server {} containers in the /etc/nginx/conf.d directory.
Let's modify the default vhost (in /etc/nginx/conf.d/default.conf) as follows:

sudo nano /etc/nginx/conf.d/default.conf
server {
    listen       80;
    server_name  localhost;

    #charset koi8-r;
    #access_log  /var/log/nginx/log/host.access.log  main;

    location / {
        root   /usr/share/nginx/html;
        index  index.php index.html index.htm;
    }

    #error_page  404              /404.html;

    # redirect server error pages to the static page /50x.html
    #
    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
        root   /usr/share/nginx/html;
    }

    # proxy the PHP scripts to Apache listening on 127.0.0.1:80
    #
    #location ~ \.php$ {
    #    proxy_pass   http://127.0.0.1;
    #}

    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
    #

    location ~ \.php$ {
        root           /usr/share/nginx/html;
        try_files $uri =404;
        fastcgi_pass   127.0.0.1:9000;
        fastcgi_index  index.php;
        fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
        include        fastcgi_params;
    }

# deny access to .htaccess files, if Apache's document root
    # concurs with nginx's one
    #
    location ~ /\.ht {
        deny  all;
    }
}

server_name _;(of course, you can as well specify a hostname here like www.example.com).

In the location / part, I've added index.php to the index line.
    root /usr/share/nginx/html;
    means that the document root is the directory /usr/share/nginx/html.

The important part for PHP is the location ~ \.php$ {} stanza.
Uncomment it to enable it.
Change the root line to the web site's document root (e.g. root /usr/share/nginx/html;).
Please make sure that you change the fastcgi_param line to fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; because otherwise, the PHP interpreter won't find the PHP script that you call in your browser ($document_root translates to /usr/share/nginx/html because that's what we have set as our document root).

PHP-FPM is listening on port 9000 on 127.0.0.1 by default, therefore we tell Nginx to connect to 127.0.0.1:9000 with the line fastcgi_pass 127.0.0.1:9000;.
 
Now save the file and reload Nginx:

sudo systemctl restart nginx.service
It is also possible to make PHP-FPM use a Unix socket.

Making PHP-FPM use a Unix Socket

By default, PHP-FPM is listening on port 9000 on 127.0.0.1. It is also possible to make PHP-FPM use a Unix socket which avoids the TCP overhead. To do this, open /etc/php-fpm.d/www.conf...

sudo nano /etc/php-fpm.d/www.conf
... and make the listen line look as follows:
[...]
;listen = 127.0.0.1:9000
listen = /var/run/php-fpm/php-fpm.sock
[...]

...on the same file uncomment those 3 lines and change nobody with nginx:

[...]
;listen.owner = nobody
;listen.group = nobody
;listen.mode = 0660
[...]

..and change user apache and group apache to nginx:

[...]
user = nginx
group = nginx
[...]

Then reload PHP-FPM:

sudo systemctl restart php-fpm.service
Next, go through your Nginx configuration and all your vhosts and change the line fastcgi_pass 127.0.0.1:9000; to fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;, e.g. like this:

nano /etc/nginx/conf.d/default.conf
[...]
    location ~ \.php$ {
        root           /usr/share/nginx/html;
        try_files $uri =404;
        fastcgi_pass   unix:/var/run/php-fpm/php-fpm.sock;
        fastcgi_index  index.php;
        fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
        include        fastcgi_params;
    }
[...]

Finally, reload Nginx:

sudo systemctl restart nginx.service
8. Installing memcached and redis server

sudo yum -y install memcached redis
Next we create the system startup links for redis and memcached and start;

sudo systemctl enable redis.service
sudo systemctl start redis.service
sudo systemctl enable memcached.service
sudo systemctl start memcached.service

9. Installing nodejs and gulp

For Latest Release:

sudo yum install -y gcc-c++ make
curl -sL https://rpm.nodesource.com/setup_15.x | sudo -E bash -

For Stable Release:

sudo yum install -y gcc-c++ make
curl -sL https://rpm.nodesource.com/setup_14.x | sudo -E bash -

sudo yum install nodejs
sudo npm install gulp-cli -g

10. Create the database

mysql -u root -p

CREATE DATABASE mydatabase;
CREATE USER 'yourusername'@'localhost' IDENTIFIED BY 'yourpassword';
GRANT ALL PRIVILEGES ON mydatabase.* TO 'yourusername'@'localhost' IDENTIFIED BY 'yourpassword';
FLUSH PRIVILEGES;
EXIT;

11. Clone the source from git on the webserver root directory
cd /usr/share/nginx
sudo chown -R $USER:nginx ./html

On html folder are some files. Move them on another location before clone the source and move them back after.

cd html
git clone https://github.com/iseeyoucopy/U-232-Trinity-RC ./

chmod -R 0777 /usr/share/nginx/html/dir_list/ /usr/share/nginx/html/imdb/ /usr/share/nginx/html/cache/ /usr/share/nginx/html/torrents/ /usr/share/nginx/html/uploads/ /usr/share/nginx/html/include/backup/ /usr/share/nginx/html/sqlerr_logs/ /usr/share/nginx/html/install/ /usr/share/nginx/html/install/extra/ /usr/share/nginx/html/include/ /usr/share/nginx/html/phperr_logs/

git clone https://github.com/iseeyoucopy/gulp4-sass-foundation foundation
cd foundation
npm install
gulp

Point to https://yoursite.com/install/index.php - fill in all the required data and choose XBT or default - then log in.

Create a second user on entry named System ensure its userid2 so you dont need to alter the autoshout function on include/user_functions.php.

Sysop is added automatically to the array in cache/staff_settings.php and cache/staff_setting2.php.

Staff is automatically added to the same 2 files, but you have to make sure the member is offline before you promote them.