Skip to main content

NGINX / PHP / MARIADB INSTALL

This will just be a quick write up of the steps that can be used to setup a Nginx web server using the nginx repo, along with PHP from the Remi repo, and mariadb from the MariaDB repo.  By using the Nginx and MariaDB repositories , I can have a bit of comfort knowing that the applications are clean, maintained, and patched.  There are other methods out there to get PHP loaded in, but I find that the Remi repo does a pretty good job at maintaining the packages, and they also have a great collection of already built modules that just slip right in and work.  So let me get started.

ROCKY LINUX: https://rockylinux.org
NGINX: https://nginx.org
REMI PHP: https://rpms.remirepo.net
MARIADBhttps://mariadb.com
EPEL: https://docs.stg.fedoraproject.org/en-US/epel/

# ----- FIND A NICE PLACE TO WORK -----

cd /opt

# ----- SWAP CENTOS LOGOS, ADD EPEL AND PHP REPOS -----

dnf -y swap centos-logos-httpd rocky-logos-httpd
dnf -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
dnf -y config-manager --set-enabled powertools
dnf -y install https://rpms.remirepo.net/enterprise/remi-release-8.rpm

# ----- RESET DNF MODULES AND ENABLE REMI PHP------

dnf -y module reset php
dnf -y module reset nginx
dnf -y module reset httpd
dnf -y module disable php*
dnf -y module disable composer*
dnf -y module enable php:remi-8.2
dnf -y module enable composer

# ----- ADD MARIADB REPO -----

wget https://downloads.mariadb.com/MariaDB/mariadb_repo_setup
chmod +x mariadb_repo_setup
./mariadb_repo_setup --mariadb-server-version="mariadb-11.4"
rm -f mariadb_repo_setup

# ----- ADD NGINX REPO FILE -----

cat > /etc/yum.repos.d/nginx.repo << "EOF"
[nginx-stable]
name=nginx stable repo
baseurl=http://nginx.org/packages/centos/$releasever/$basearch/
gpgcheck=1
enabled=1
gpgkey=https://nginx.org/keys/nginx_signing.key
module_hotfixes=true

[nginx-mainline]
name=nginx mainline repo
baseurl=http://nginx.org/packages/mainline/centos/$releasever/$basearch/
gpgcheck=1
enabled=0
gpgkey=https://nginx.org/keys/nginx_signing.key
module_hotfixes=true

EOF

# ----- ENABLE MAINLINE REPO -----

yum-config-manager --enable nginx-mainline

# ----- UPDATE THE SYSTEM AND INSTALL DEVELOPMENT TOOLS -----

dnf -y update --refresh
dnf -y group install "Development Tools"

# ----- INSTALL NGINX, MARIADB, AND A COUPLE PHP MODULES -----

dnf -y install \
nginx nginx-all-modules \
MariaDB-server MariaDB-client \
php-mysqlnd php-pecl-mysql

# ----- ENABLE AND START MARIADB AND RUN THE SECURE SCRIPT -----

systemctl enable mariadb
systemctl start mariadb

source mariadb-secure-installation

### I ANSWER THE QUESTIONS INITIALLY LIKE SO...
Enter current password for root (enter for none):  'enter'
Switch to unix_socket authentication [Y/n] 'n'
Change the root password? [Y/n] 'n'
Remove anonymous users? [Y/n] 'y'
Disallow root login remotely? [Y/n] 'n'
Remove test database and access to it? [Y/n] 'y'
Reload privilege tables now? [Y/n] 'y'

### RUN THE FOLLOWING TO ENABLE REMOTE ROOT ACCESS
### WARNING: CHANGE THE PASSOWRD FROM 'PASSWORD'
#
# CREATE USER 'root'@'%' IDENTIFIED BY 'PASSWORD';
# GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' WITH GRANT OPTION;
# FLUSH PRIVILEGES;
#

# ----- FIX UP SOME PERMISSIONS -----

userdel -r apache
chown -R nginx.nginx /usr/share/httpd
chown -R nginx.nginx /var/www/html
chown -R root.nginx /var/lib/php/{opcache,session,wsdlcache}
chown -R nginx.nginx /var/log/{nginx,php-fpm}

Back to top