quebec
Hardware
System: Rocky Linux RockyLinux 8.5 x64
Specs
8 GB Memory
4 AMD vCPUs
160 GB Disk
Location
NYC
Server (hardware bound)
Host Name: rockylinux-s-4vcpu-8gb-amd-nyc3-01
IP(s):
ipv4: 159.xxx.xxx.184
Hardware link
Hardware provisioned (100%)
Service: Front-End
Name: openvinoapp
Static Front-end on Nginx server
Install Nginx on Rocky Linux 8
How to Install Nginx:
Step 1: Install Nginx on Rocky Linux 8
First, update all the available packages on Rocky Linux.
$ sudo dnf upgrade
Note: dnf update is a deprecated alias.
Now, install Nginx on Rocky Linux.
$ sudo dnf install nginx
Once Nginx is installed, start the Nginx service.
$ sudo systemctl start nginx
If any issues it will display an error message or else no output.
To verify the status of the Nginx service, type:
Now make sure to enable Nginx at the start at boot time.
To check the Nginx version which is installed, type:
Output:
The output shows we have installed Nginx 1.14.1 version. The main configuration file is stored under the directory /etc/nginx and the main config file is /etc/nginx/nginx.conf. The Nginx log files are stored at /var/log/nginx.
Step 2: Setup Firewall
To allow HTTP and HTTPS traffic (when using SSL) on the firewall.
To make the changes effective, reload the firewall service:
You can verify by listing the current firewall settings:
Step 3: Verify the installation
Open a browse and enter server IP or domain name to see the Nginx default page on Rocky Linux.
On Rocky Linux, the default Nginx webpage is located in /usr/share/nginx/html.
Uninstall Nginx
To completely uninstall Nginx on Rocky Linux, type
Then manually delete the Nginx log files.
Configuration Location
/usr/share/nginx/html
Default TCP port: 80
Encrypt SSL for NGINX on Rocky Linux 8:
Step 1) Install Certbot
The only step left is to install Let’s Encrypt and secure the Nginx webserver. However, to accomplish this, we need to install certbot. Written in Python and developed by the Electronic Frontier Foundation, Certbot is a fully featured client for the Let’s Encrypt CA. It is run on the webserver and allows you to automatically set up an SSL certificate for your webserver in a single command.
First, install the EPEL repository which provides additional and high-quality packages for RHEL-based distros.
Once installed, install certbot and certbot module for Nginx.
This installs certbot, certbot module for Nginx host of other packages and dependencies.
Step 2) Install Let’s Encrypt SSL/TLS certificate
Finally, run the certbot client to install the SSL certificate
This takes you through a series of prompts. First, provide the email address that will be used by EFF to send you renewal and security updates. Then accept the Terms of service by pressing ‘Y’. If you desire, you can press ‘Y’ to allows EFF to send you regular updates concerning their efforts in securing the web, news, and campaigns. Finally, select the domain names to encrypt. In our case, we pressed the ‘ENTER’ button to select all the domain names.
Certbot will fetch the SSL/TLS certificate and deploy it for the domain names specified. This enables HTTPS protocol for your domain, in effect encrypting traffic exchanged with the webserver.
To confirm that HTTPS has been enabled, head back to your browser and reload it. This time around, you will notice a padlock icon at the URL bar – an indication that the site is encrypted.
Click on the icon and then select ‘Certificate’.
This displays the certificate details as provided
Step 3) Managing the SSL certificate renewal
Let’s Encrypt certificate is valid for 90 days, however, Let’s encrypt recommends that you renew the certificate every 60 days. Email notifications will be sent to you the last 20 days to expiry with the frequency going up the last 10 days.
You can manually renew the certificate as follows.
Thankfully, you can automate the renewal, by adding a new cron job. So, open the crontab file.
And add the line shown. Save the changes and exit.
That’s all. Thank you for coming this far. We have demonstrated how you can install the Let’s Encrypt SSL certificate for Nginx on Rocky Linux 8.
Server Back-End
Name: ydiyoi-api
Backend API
Setting:
pm2 process
Install pm2:
Start:
Monitoring:
Microservice:
Act on them:
Default TCP port: 3000
Requires an active DB with the credentials
Server Database
Database system: Postgresql
Install PostgreSQL 14 on Rocky Linux 8
Step 1: System Update
Before you begin installing PostgreSQL 14 on Rocky Linux 8 | AlmaLinux 8 | CentOS 8, make the following updates to your system:
Reboot your system after the update:
Step 2: Add PostgreSQL Repository on Rocky Linux 8
PostgreSQL server 9.6, 10, 12 and 13 are included in the AppStream components.
We’ll need to add the following official repositories to install PostgreSQL 14 on Rocky Linux 8 | AlmaLinux 8:
Installation output sample:
Step 3: Install PostgreSQL 14 on Rocky Linux 8
Disable the default PostgreSQL module once the repository has been added:
Then install PostgreSQL 14 Server and Client:
Step 4: Initialize and Start PostgreSQL 14 Database Service
Before running the service, you must first initialize the database instance after installing PostgreSQL 14:
This will create the initial data as well as the main configuration file, which will be written to /var/lib/pgsql/14/data/postgresql.conf
.
The PostgreSQL 14 database service is enabled and started as follows:
Verify that the PostgreSQL 14 service is up and running:
Step 5: Connect to PostgreSQL 14 Database Locally
here are two methods to connect to a PostgreSQL 14 instance.
Method 1
Using sudo to run the Postgresql command directly.
Method 2
To use this method, you must first switch to the Postgresql user created after installing PostgreSQL 14.
Connect to the instance while you’re here using psql command.
Secure Postgres User
Now that you’re logged in as the postgres user, execute the following command to set a strong password for the default postgres user:
Create Database in PostgreSQL
Connect to PostgreSQL to create a database. When PostgreSQL is installed, a default user named ‘postgres‘ is created. Make a connection with this user first. Create database called testdb.
Create Tables in PostgreSQL
We’ll make a new table called Employees with the columns listed below:
user_id – primary key
username – unique and not null
password – not null
email – unique and not null
created_on – not null
last_login – null
List PostgreSQL Tables:
Delete PostgreSQL Tables:
Step 6: Enable PostgreSQL Remote Access
You can update the configuration and set Listen address to your server IP address or “*” for all interfaces if you have applications that will connect to the server via the network.
PostgreSQL should also be configured to accept remote connections:
You must restart database service after performing the changes:
If you have an active firewalld service, allow port 5432/tcp
:
Pass the IP address of your server to the psql command to test database remote connections:
Setting:
DB Scripts
Default TCP port: 5432