Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

Wordpress is used for https://openvino.org and other project sites.

This is how wordpress is configured and installed.

  1. Install unzip

    [mtb@sierra ~]$ sudo dnf install unzip -y

  2. In this setup, nginx is already installed and enabled as a service on boot:

    [mtb@sierra ~]$ nginx -v
nginx version: nginx/1.14.1
[mtb@sierra ~]$ systemctl status nginx
● nginx.service - The nginx HTTP and reverse proxy server
   Loaded: loaded (/usr/lib/systemd/system/nginx.service; enabled; vendor preset: disabled)
   Active: active (running) since Thu 2022-05-26 15:47:48 UTC; 7h ago
  Process: 170448 ExecReload=/bin/kill -s HUP $MAINPID (code=exited, status=0/SUCCESS)
  Process: 170387 ExecStart=/usr/sbin/nginx (code=exited, status=0/SUCCESS)
  Process: 170385 ExecStartPre=/usr/sbin/nginx -t (code=exited, status=0/SUCCESS)
  Process: 170383 ExecStartPre=/usr/bin/rm -f /run/nginx.pid (code=exited, status=0/SUCCESS)
 Main PID: 170390 (nginx)
    Tasks: 5 (limit: 49268)
   Memory: 23.2M
   CGroup: /system.slice/nginx.service
           ├─170390 nginx: master process /usr/sbin/nginx
           ├─170449 nginx: worker process
           ├─170450 nginx: worker process
           ├─170451 nginx: worker process
           └─170452 nginx: worker process

May 26 15:47:48 sierra systemd[1]: Starting The nginx HTTP and reverse proxy server...
May 26 15:47:48 sierra nginx[170385]: nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
May 26 15:47:48 sierra nginx[170385]: nginx: configuration file /etc/nginx/nginx.conf test is successful
May 26 15:47:48 sierra systemd[1]: Started The nginx HTTP and reverse proxy server.
May 26 15:52:47 sierra systemd[1]: Reloading The nginx HTTP and reverse proxy server.
May 26 15:52:47 sierra systemd[1]: Reloaded The nginx HTTP and reverse proxy server.

  3. Install MariaDB (LEMP STACK)
    Optional. Change to MariaDB 10.5

Rocky Linux App stream by default installs MariaDB 10.3, an older but incredibly stable version. However, the latest build of MariaDB at the time of this tutorial that is classed as a stable release is MariaDB 10.7, with MariaDB 10.8 being the RC candidate.

As you can imagine, the difference is pretty significant; however, as most users of Rocky Linux prefer using stability over cutting edge, a solution will be to use MariaDB 10.5 that is newer while at the same time being incredibly stable and still receiving bug fixes and security updates.

First, reset the MariaDB module list:

sudo dnf module reset mariadb

[mtb@sierra ~]$ sudo dnf module enable mariadb:10.5
Last metadata expiration check: 0:01:11 ago on Thu 26 May 2022 11:05:48 PM UTC.
Dependencies resolved.
=======================================================================================================
 Package                 Architecture           Version                  Repository               Size
=======================================================================================================
Enabling module streams:
 mariadb                                        10.5                                                  

Transaction Summary
=======================================================================================================

Is this ok [y/N]: y
Complete!

4. Install MariaDB

[mtb@sierra ~]$ sudo dnf install mariadb-server mariadb
Last metadata expiration check: 0:03:01 ago on Thu 26 May 2022 11:05:48 PM UTC.
Dependencies resolved.
=======================================================================================================
 Package                        Arch     Version                                     Repository   Size
=======================================================================================================
Installing:
 mariadb                        x86_64   3:10.5.13-1.module+el8.5.0+773+f75e97f7     appstream   6.2 M
 mariadb-server                 x86_64   3:10.5.13-1.module+el8.5.0+773+f75e97f7     appstream    18 M
Upgrading:
 libsemanage                    x86_64   2.9-8.el8                                   baseos      167 k
 policycoreutils                x86_64   2.9-19.el8                                  baseos      373 k
 policycoreutils-python-utils   noarch   2.9-19.el8                                  baseos      252 k
 python3-libsemanage            x86_64   2.9-8.el8                                   baseos      127 k
 python3-policycoreutils        noarch   2.9-19.el8                                  baseos      2.2 M
 selinux-policy                 noarch   3.14.3-95.el8                               baseos      644 k
 selinux-policy-targeted        noarch   3.14.3-95.el8                               baseos       15 M
Installing dependencies:
 libaio                         x86_64   0.3.112-1.el8                               baseos       31 k
 mariadb-common                 x86_64   3:10.5.13-1.module+el8.5.0+773+f75e97f7     appstream    67 k
 mariadb-connector-c            x86_64   3.1.11-2.el8_3                              appstream   199 k
 mariadb-connector-c-config     noarch   3.1.11-2.el8_3                              appstream    14 k
 mariadb-errmsg                 x86_64   3:10.5.13-1.module+el8.5.0+773+f75e97f7     appstream   239 k
 mysql-selinux                  noarch   1.0.2-6.el8                                 appstream    36 k
 perl-DBD-MySQL                 x86_64   4.046-3.module+el8.6.0+904+ef468285         appstream   155 k
 perl-DBI                       x86_64   1.641-4.module+el8.6.0+891+677074cb         appstream   739 k
 perl-Math-BigInt               noarch   1:1.9998.11-7.el8                           baseos      194 k
 perl-Math-Complex              noarch   1.59-421.el8                                baseos      108 k
Installing weak dependencies:
 mariadb-backup                 x86_64   3:10.5.13-1.module+el8.5.0+773+f75e97f7     appstream   6.9 M
 mariadb-gssapi-server          x86_64   3:10.5.13-1.module+el8.5.0+773+f75e97f7     appstream    55 k
 mariadb-server-utils           x86_64   3:10.5.13-1.module+el8.5.0+773+f75e97f7     appstream   1.2 M
Enabling module streams:
 perl-DBD-MySQL                          4.046                                                        
 perl-DBI                                1.641                                                        

Transaction Summary
=======================================================================================================
Install  15 Packages
Upgrade   7 Packages

Total download size: 53 M
Is this ok [y/N]:

5. Check the MariaDB version:

[mtb@sierra ~]$ mysql --version
mysql  Ver 15.1 Distrib 10.5.13-MariaDB, for Linux (x86_64) using  EditLine wrapper

6. Check MariaDB server status

Verify the status of the database software by using the following systemctl command:

[mtb@sierra ~]$ mysql --version
mysql  Ver 15.1 Distrib 10.5.13-MariaDB, for Linux (x86_64) using  EditLine wrapper
[mtb@sierra ~]$ sudo systemctl enable mariadb --now
Created symlink /etc/systemd/system/mysql.service → /usr/lib/systemd/system/mariadb.service.
Created symlink /etc/systemd/system/mysqld.service → /usr/lib/systemd/system/mariadb.service.
Created symlink /etc/systemd/system/multi-user.target.wants/mariadb.service → /usr/lib/systemd/system/mariadb.service.

7. Recheck the status:

[mtb@sierra ~]$ systemctl status mariadb
● mariadb.service - MariaDB 10.5 database server
   Loaded: loaded (/usr/lib/systemd/system/mariadb.service; enabled; vendor preset: disabled)
   Active: active (running) since Thu 2022-05-26 23:13:37 UTC; 51s ago
     Docs: man:mysqld(8)
           https://mariadb.com/kb/en/library/systemd/
 Main PID: 187209 (mysqld)
   Status: "Taking your SQL requests now..."
    Tasks: 18 (limit: 49268)
   Memory: 77.5M
   CGroup: /system.slice/mariadb.service
           └─187209 /usr/libexec/mysqld --basedir=/usr

May 26 23:13:37 sierra mysql-prepare-db-dir[187121]: See the MariaDB Knowledgebase at https://mariadb.>
May 26 23:13:37 sierra mysql-prepare-db-dir[187121]: MySQL manual for more instructions.
May 26 23:13:37 sierra mysql-prepare-db-dir[187121]: Please report any problems at https://mariadb.org>
May 26 23:13:37 sierra mysql-prepare-db-dir[187121]: The latest information about MariaDB is available>
May 26 23:13:37 sierra mysql-prepare-db-dir[187121]: You can find additional information about the MyS>
May 26 23:13:37 sierra mysql-prepare-db-dir[187121]: https://dev.mysql.com
May 26 23:13:37 sierra mysql-prepare-db-dir[187121]: Consider joining MariaDB's strong and vibrant com>
May 26 23:13:37 sierra mysql-prepare-db-dir[187121]: https://mariadb.org/get-involved/
May 26 23:13:37 sierra mysqld[187209]: 2022-05-26 23:13:37 0 [Note] /usr/libexec/mysqld (mysqld 10.5.1>
May 26 23:13:37 sierra systemd[1]: Started MariaDB 10.5 database server.

8. To stop MariaDB:

[mtb@sierra ~]$ sudo systemctl stop mariadb

9. To enable MariaDB on system startup

[mtb@sierra ~]$ sudo systemctl enable mariadb

10. To restart the MariaDB service:

[mtb@sierra ~]$ sudo systemctl restart mariadb

11. Secure MariaDB with Security Script

When installing MariaDB fresh, default settings are considered weak by most standards and cause concern for potentially allowing intrusion or exploiting hackers. A solution is to run the installation security script that comes with the MariaDB installation.

First, use the following command to launch the (mysql_secure_installation):

[mtb@sierra ~]$ sudo mysql_secure_installation

NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
      SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!

In order to log into MariaDB to secure it, we'll need the current
password for the root user. If you've just installed MariaDB, and
haven't set the root password yet, you should just press enter here.

Enter current password for root (enter for none): 
OK, successfully used password, moving on...

Setting the root password or using the unix_socket ensures that nobody
can log into the MariaDB root user without the proper authorisation.

You already have your root account protected, so you can safely answer 'n'.

Switch to unix_socket authentication [Y/n] Y
Enabled successfully!
Reloading privilege tables..
 ... Success!


You already have your root account protected, so you can safely answer 'n'.

Change the root password? [Y/n] 
New password: 
Re-enter new password: 
Password updated successfully!
Reloading privilege tables..
 ... Success!


By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them.  This is intended only for testing, and to make the installation
go a bit smoother.  You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n] 
 ... Success!

Normally, root should only be allowed to connect from 'localhost'.  This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n] 
 ... Success!

By default, MariaDB comes with a database named 'test' that anyone can
access.  This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n] 
 - Dropping test database...
 ... Success!
 - Removing privileges on test database...
 ... Success!

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n] 
 ... Success!

Cleaning up...

All done!  If you've completed all of the above steps, your MariaDB
installation should now be secure.

Thanks for using MariaDB!

12. Install PHP & PHP-FPM (LEMP STACK)

  • No labels