1
0
mirror of https://github.com/tommytran732/Linux-Setup-Scripts synced 2024-12-26 00:31:57 -05:00

Compare commits

...

8 Commits

Author SHA1 Message Date
8febd18b4e
Update RHEL-9-LEMP.sh
Signed-off-by: Tommy <contact@tommytran.io>
2024-07-28 16:04:24 -07:00
7ad9c64ef8
Fix RHEL MariaDB configuration 2024-07-28 15:14:02 -07:00
02643acd9e
Fix /srv/drupal labels 2024-07-28 14:51:46 -07:00
2439a4b7e2
Add missing instructions 2024-07-28 14:44:14 -07:00
f8ffc68422
Add php-opcache 2024-07-28 14:13:39 -07:00
c7ddb00a35
Typo Fixes 2024-07-28 14:10:09 -07:00
a303b46b3b
Enable php-fpm and mariadb on RHEL 2024-07-28 14:00:58 -07:00
dda5c35767
Change username
Signed-off-by: Tommy <contact@tommytran.io>
2024-07-28 13:57:51 -07:00
3 changed files with 23 additions and 8 deletions

View File

@ -14,7 +14,7 @@ sudo dnf install -y composer
## Install other necessary packages
```
sudo dnf install -y php-gd php-pdo unzip
sudo dnf install -y php-gd php-mysqlnd php-opcache php-pdo unzip
```
## Setup Directory Structure
@ -34,6 +34,8 @@ sudo setfacl -m u:nginx:rwx /srv/drupal
# Setup SELinux context
sudo semanage fcontext -a -t httpd_sys_content_t "$(realpath /srv/drupal)(/.*)?"
sudo semanage fcontext -a -t httpd_sys_rw_content_t "$(realpath /srv/drupal)(/.*)/web/sites(/.*)/files(/.*)?"
sudo semanage fcontext -a -t httpd_sys_rw_content_t "$(realpath /srv/drupal)(/.*)/web/sites(/.*)/settings.php"
sudo restorecon -Rv /srv/drupal
```
@ -53,7 +55,7 @@ umask 022
cd /srv/drupal
composer create-project drupal/recommended-project drupal.yourdomain.tld
cp /srv/drupal/drupal.yourdomain.tld/web/sites/default/default.settings.php /srv/drupal/drupal.yourdomain.tld./web/sites/default/settings.php
cp /srv/drupal/drupal.yourdomain.tld/web/sites/default/default.settings.php /srv/drupal/drupal.yourdomain.tld/web/sites/default/settings.php
```
Exit the drupal user:
@ -61,6 +63,12 @@ Exit the drupal user:
exit
```
Fix the labels (why mkdir is giving us the wrong label idk, need more investigation):
```
sudo restorecon -Rv /srv/drupal
```
## Generate an SSL certificate
```
@ -94,7 +102,7 @@ server {
include snippets/cross-origin-security.conf;
include snippets/quic.conf;
add_header Content-Security-Policy "default-src 'none'; connect-src 'self'; font-src 'self'; img-src 'self' data:; script-src 'self'; style-src 'self' 'unsafe-inline'; base-uri 'none'; block-all-mixed-content; form-action 'none'; frame-ancestors 'self'; upgrade-insecure-requests";
add_header Content-Security-Policy "default-src 'none'; connect-src 'self'; font-src 'self'; img-src 'self' data:; script-src 'self'; style-src 'self' 'unsafe-inline'; base-uri 'none'; block-all-mixed-content; form-action 'self'; frame-ancestors 'self'; upgrade-insecure-requests";
index index.php;
root /srv/drupal/drupal.yourdomain.tld/web;
@ -123,9 +131,9 @@ mariadb -uroot
Run the following queries:
```
CREATE DATABASE drupal CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
CREATE USER 'drupal'@'127.0.0.1' IDENTIFIED BY 'yourPassword';
GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, INDEX, ALTER, CREATE TEMPORARY TABLES ON drupal.* TO 'drupal'@'127.0.0.1';
CREATE DATABASE drupal_default CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
CREATE USER 'drupal_default'@'127.0.0.1' IDENTIFIED BY 'yourPassword';
GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, INDEX, ALTER, CREATE TEMPORARY TABLES ON drupal_default.* TO 'drupal_default'@'127.0.0.1';
exit
```

View File

@ -47,6 +47,13 @@ sudo systemctl enable --now php-fpm
# Install MariaDB
unpriv curl -LsS https://r.mariadb.com/downloads/mariadb_repo_setup | sudo bash
sudo dnf install -y MariaDB-server
sudo systemctl enable --now mariadb
# Secure MariaDB
output "Running mariadb-secure-installation."
output "You should answer yes to everything except setting the root password."
output "This is already done via the UNIX socket if you switch it with the prompts so you should be okay."
sudo mariadb-secure-installation
# Run NGINX Setup script
unpriv curl -LsS https://raw.githubusercontent.com/TommyTran732/NGINX-Configs/main/setup.sh | sudo bash
@ -55,4 +62,4 @@ unpriv curl -LsS https://raw.githubusercontent.com/TommyTran732/NGINX-Configs/ma
sudo sed -i 's/user = apache/user = nginx/g' /etc/php-fpm.d/www.conf
sudo sed -i 's/group = apache/group = nginx/g' /etc/php-fpm.d/www.conf
sudo chgrp nginx /var/lib/php/opcache /var/lib/php/session /var/lib/php/wsdlcache
sudo systemctl restart php-fpm
sudo systemctl restart php-fpm

View File

@ -93,7 +93,7 @@ server {
include snippets/cross-origin-security.conf;
include snippets/quic.conf;
add_header Content-Security-Policy "default-src 'none'; connect-src 'self'; font-src 'self'; img-src 'self' data:; script-src 'self'; style-src 'self' 'unsafe-inline'; base-uri 'none'; block-all-mixed-content; form-action 'none'; frame-ancestors 'self'; upgrade-insecure-requests";
add_header Content-Security-Policy "default-src 'none'; connect-src 'self'; font-src 'self'; img-src 'self' data:; script-src 'self'; style-src 'self' 'unsafe-inline'; base-uri 'none'; block-all-mixed-content; form-action 'self'; frame-ancestors 'self'; upgrade-insecure-requests";
index index.php;
root /srv/drupal/drupal.yourdomain.tld/web;