- LaraBOX8
- 1. Initial CentOS 8 Vagrant box
- 2. Installing LAMP stack
- 3. Installing Composer 1.9.3
- 4. Installing NodeJS 10.16.3-2 and npm
- 5. Installing Git 2.18.2 and Ungit 0.10.3
- 6. Rainloop + Dovecot + Postfix
- 7. Adminer 4.7.6
- 8. phpMyAdmin 5.0.1
- 9. Samba 4 for File Sharing
- 10. Create an HTTPS certificate for localhost domains
vagrant init centos/8
truncate Vagrantfile -s 0Modify the above Vagrantfile with the flowing contents. Remember change the config.vm.hostname and config.vm.network with your own setting.
Vagrant.configure("2") do |config|
config.vm.box = "centos/8"
config.vm.hostname = "larabox8"
config.vm.network "public_network", ip: "192.168.0.100", netmask: "255.255.255.0", gateway: "192.168.0.1"
config.vm.provider "virtualbox" do |vb|
vb.cpus = 1
vb.memory = "512"
end
endStartup vagrant box by command vagrant up --provision.
Some Vagrant usage command
# Connection to box via SSH
vagrant ssh
# Reload box
vagrant reload --provision
# Check status current box
vagrant status
# Check status all box
vagrant global-status
# Shutdown box
vagrant halt
# Destroy box
vagrant destroy --force
# Remove box image
vagrant box remove <box_name>How to ssh to vagrant box using root account
vagrant sshInstall vim editor first
sudo su
dnf install vimEdit ssh config
vim /etc/ssh/sshd_configFind the line #73 change
PasswordAuthentication notoPasswordAuthentication yes.
systemctl restart sshd
exit
# SSH with user `root` and password `vagrant`
ssh root@192.168.0.100Turn off selinux
vim /etc/selinux/configChange SELINUX=enforcing to SELINUX=disabled and reboot system. Run command sestatus to check status.
Start with CentOS version 8 you can using
dnfalso withyumold-school.
Enable both repositories on your system using the following commands on your CentOS 8 system.
dnf install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
dnf install https://rpms.remirepo.net/enterprise/remi-release-8.rpm
dnf install yum-utilsdnf install httpdCheck Apache version
httpd -v
# Output
Server version: Apache/2.4.37 (centos)
Server built: Dec 23 2019 20:45:34Make Apache run at startup
systemctl enable httpdStarting Apache
systemctl start httpdCheck Apache status
systemctl status httpdOutput
● httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
Active: active (running) since Thu 2020-02-06 14:56:46 UTC; 21min ago
Docs: man:httpd.service(8)
Main PID: 1084 (httpd)
Status: "Total requests: 6; Idle/Busy workers 100/0;Requests/sec: 0.00472; Bytes served/sec: 256 B/sec"
Tasks: 213 (limit: 2881)
Memory: 11.1M
CGroup: /system.slice/httpd.service
├─1084 /usr/sbin/httpd -DFOREGROUND
├─1086 /usr/sbin/httpd -DFOREGROUND
├─1087 /usr/sbin/httpd -DFOREGROUND
├─1088 /usr/sbin/httpd -DFOREGROUND
└─1089 /usr/sbin/httpd -DFOREGROUND
Feb 06 14:56:46 larabox8 systemd[1]: Stopped The Apache HTTP Server.
Feb 06 14:56:46 larabox8 systemd[1]: Starting The Apache HTTP Server...
Feb 06 14:56:46 larabox8 systemd[1]: Started The Apache HTTP Server.
Feb 06 14:56:46 larabox8 httpd[1084]: Server configured, listening on: port 80mkdir -p /var/www/vhosts
mkdir -p /etc/httpd/conf.d/vhosts
vim /etc/httpd/conf/http.confModify the http.conf file with below contents
# Add
servername localhost
IncludeOptional conf.d/vhosts/*.conf
AddType application/x-httpd-php .php
# Change
<IfModule dir_module>
DirectoryIndex index.php index.html
</IfModule>Add the official repository of MySQL to install the MySQL community server.
dnf install https://dev.mysql.com/get/mysql80-community-release-el8-1.noarch.rpmMake sure the MySQL repository has been added and enabled by using the following command.
dnf repolist all | grep mysql | grep enabledDisable AppStream (default) repository temporarily to install MySQL from MySQL Dev Community
dnf --disablerepo=AppStream install mysql-community-serverCheck MySQL version
mysql -V
# Output
mysql Ver 8.0.19 for Linux on x86_64 (MySQL Community Server - GPL)Make MySQL run at startup
systemctl enable mysqldStarting MySQL
systemctl start mysqldCheck MySQL status
systemctl status mysqldOutput
● mysqld.service - MySQL Server
Loaded: loaded (/usr/lib/systemd/system/mysqld.service; enabled; vendor preset: disabled)
Active: active (running) since Thu 2020-02-06 15:16:54 UTC; 10s ago
Docs: man:mysqld(8)
http://dev.mysql.com/doc/refman/en/using-systemd.html
Process: 3754 ExecStartPre=/usr/bin/mysqld_pre_systemd (code=exited, status=0/SUCCESS)
Main PID: 3830 (mysqld)
Status: "Server is operational"
Tasks: 39 (limit: 2881)
Memory: 356.6M
CGroup: /system.slice/mysqld.service
└─3830 /usr/sbin/mysqld
Feb 06 15:16:45 larabox8 systemd[1]: Starting MySQL Server...
Feb 06 15:16:54 larabox8 systemd[1]: Started MySQL Server.In CentOS 8, the initial MySQL password can be found in /var/log/mysqld.log. You can use the below command to take the password from the log file.
cat /var/log/mysqld.log | grep -i 'temporary password'Output
2020-02-06T15:16:48.833311Z 5 [Note] [MY-010454] [Server] A temporary password is generated for root@localhost: SqdWyk8&,>MsNow, you need to run mysql_secure_installation to secure your MySQL installation. This command takes care of setting the root password, removing anonymous users, disallow root login remotely, etc.
mysql_secure_installationOutput
Securing the MySQL server deployment.
Enter password for user root:
The existing password for the user account root has expired. Please set a new password.
New password:
Re-enter new password:
The 'validate_password' component is installed on the server.
The subsequent steps will run with the existing configuration
of the component.
Using existing password for root.
Estimated strength of the password: 100
Change the password for root ? ((Press y|Y for Yes, any other key for No) : N
... skipping.
By default, a MySQL installation has an anonymous user,
allowing anyone to log into MySQL without having to have
a user account created for them. This is intended only for
testing, and to make the installation go a bit smoother.
You should remove them before moving into a production
environment.
Remove anonymous users? (Press y|Y for Yes, any other key for No) : Y
Success.
Normally, root should only be allowed to connect from
'localhost'. This ensures that someone cannot guess at
the root password from the network.
Disallow root login remotely? (Press y|Y for Yes, any other key for No) : N
... skipping.
By default, MySQL comes with a database named 'test' that
anyone can access. This is also intended only for testing,
and should be removed before moving into a production
environment.
Remove test database and access to it? (Press y|Y for Yes, any other key for No) : Y
- Dropping test database...
Success.
- Removing privileges on test database...
Success.
Reloading the privilege tables will ensure that all changes
made so far will take effect immediately.
Reload privilege tables now? (Press y|Y for Yes, any other key for No) : Y
Success.
All done!Login to MySQL server as the MySQL root user.
mysql -u root -pOutput
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 12
Server version: 8.0.19 MySQL Community Server - GPL
Copyright (c) 2000, 2020, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql>Enable the module stream for 7.4
dnf module install php:remi-7.4Install additional packages
dnf install php-mysqlnd php-zip php-devel php-gd php-mcrypt php-curl php-pear php-bcmathCheck PHP version
php --version
# Output
PHP 7.4.2 (cli) (built: Jan 21 2020 11:35:20) ( NTS )
Copyright (c) The PHP Group
Zend Engine v3.4.0, Copyright (c) Zend TechnologiesCheck available extentions
php --modulesphp -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
php composer-setup.php --install-dir=/usr/local/bin --filename=composerCheck Composer version
composer
# Output
______
/ ____/___ ____ ___ ____ ____ ________ _____
/ / / __ \/ __ `__ \/ __ \/ __ \/ ___/ _ \/ ___/
/ /___/ /_/ / / / / / / /_/ / /_/ (__ ) __/ /
\____/\____/_/ /_/ /_/ .___/\____/____/\___/_/
/_/
Composer version 1.9.3 2020-02-04 12:58:49
Usage:
...dnf install nodejsCheck NodeJS and NPM version
node -v
npm -vdnf install gitnpm install -g ungit@0.10.3Make Ungit run at startup
Create ungit.service file
touch /etc/systemd/system/ungit.service
chmod 664 ungit.serviceAdd ungit.service file with the following contents
[Unit]
Description=ungit-service
After=network.target
[Service]
Type=simple
User=root
WorkingDirectory=/home/vagrant
ExecStart=/usr/bin/ungit
TimeoutSec=15
Restart=always
[Install]
WantedBy=multi-user.targetStart ungit service
systemctl enable ungit
systemct daemon-reload
systemctl start ungit
systemctl status ungitFor some unknown reasons, main repo of RHEL doesn't support postfix-pcre. So that we need use 3rd repo.
rpm -Uvh http://mirror.ghettoforge.org/distributions/gf/el/8/testing/x86_64//postfix3-3.4.9-1.gf.el8.x86_64.rpm
rpm -Uvh http://mirror.ghettoforge.org/distributions/gf/el/8/testing/x86_64//postfix3-pcre-3.4.9-1.gf.el8.x86_64.rpmAdd new catchall user
adduser catchall
passwd catchallPCRE regrex
vim /etc/aliases.regexp
# Add below contents
/(?!^root$|^catchall$)^.*$/ catchallEdit main.cf file
cd /etc/postfix/
cp main.cf main.cf.bak
vim main.cfAdd below contents
# uncomment
home_mailbox = Maildir/
# change this line
alias_maps = hash:/etc/aliases, pcre:/etc/aliases.regexp
# add newline
transport_maps = pcre:/etc/postfix/transport_maps
Edit /etc/aliases file
# find postmaster:\troot replace by postmaster:\tcatchall
sed -i "s/postmaster:\troot/postmaster:\tcatchall/" /etc/aliasesCreate /etc/postfix/transport_maps file
vim /etc/postfix/transport_maps
# Add below contents
/^.*@.*$/ localdnf install dovecotEdit 10-mail.conf file
vim /etc/dovecot/conf.d/10-mail.conf
# Add below contents
mail_location = maildir:~/Maildir
Reload the services
postalias /etc/aliases
postmap /etc/postfix/transport
systemctl restart postfix
systemctl restart dovecot
systemctl enable dovecotDownload the latest rainloop
curl -o rainloop-latest.zip https://www.rainloop.net/repository/webmail/rainloop-latest.zipInstall unzip and extract the archive
dnf install unzip
mkdir -p /var/www/vhosts/rainloop
unzip rainloop-latest.zip -d /var/www/vhosts/rainloop/Config rainloop folder
find /var/www/vhosts/rainloop -type d -exec chmod 755 {} \;
find /var/www/vhosts/rainloop -type f -exec chmod 644 {} \;
chown -R apache:apache /var/www/vhosts/rainloop/Configure Apache web Server
vim /etc/httpd/conf.d/vhosts/rainloop.confEdit the rainloop.conf
Alias /rainloop /var/www/vhosts/rainloop
<Directory "/var/www/vhosts/rainloop">
Options Indexes FollowSymLinks MultiViews
AllowOverride all
Require all granted
</Directory>
Restart Apache service
systemctl restart httpdConfig the rainloop
Access domain vagrant_ipaddress/rainloop/?admin and login with info admin|12345
Config Domains sections
Config Login section
Install mailx
dnf install mailxSend the test mail. Press Ctr + D to send mail.
mail -s "This is Subject" -r "sender<[email protected]>" someone@example.comDownload Adminer
mkdir -p /var/www/vhosts/adminer
cd /var/www/vhosts/adminer
dnf install wget
wget https://github.com/vrana/adminer/releases/download/v4.7.6/adminer-4.7.6.php -O index.phpCreate adminer.conf vhosts file
vim /etc/httpd/conf.d/vhosts/adminer.confAdd contents
Alias /adminer /var/www/vhosts/adminer/index.php
Change the permission vhosts
chown -R apache:apache /var/www/vhosts/adminer
chmod -R 755 /var/www/vhosts/adminerRestart Apache service
systemctl restart httpdDownload the latest release
curl -o phpMyAdmin-5.0.1-english.tar.gz https://files.phpmyadmin.net/phpMyAdmin/5.0.1/phpMyAdmin-5.0.1-english.tar.gzExtract downloaded archive
tar xvf phpMyAdmin-5.0.1-english.tar.gzMove the folder to /usr/share/phpmyadmin
mv phpMyAdmin-5.0.1-english*/ /usr/share/phpmyadminCreate directory for phpMyAdmin temp files.
mkdir -p /var/lib/phpmyadmin/tmp
chown -R apache:apache /var/lib/phpmyadminCreate directory for phpMyAdmin configuration files.
mkdir /etc/phpmyadmin/Create phpMyAdmin configuration file.
cp /usr/share/phpmyadmin/config.sample.inc.php /usr/share/phpmyadmin/config.inc.phpEdit the file config.inc.php
# Set a secret passphrase – Needs to be 32 chars long
$cfg['blowfish_secret'] = 'TPfb1qcZoAzrO8UtGBD4qC6wMjc9jQoS';
# Configure temp directory
$cfg['TempDir'] = '/var/lib/phpmyadmin/tmp';
Configure Apache web Server
vim /etc/httpd/conf.d/vhosts/phpmyadmin.confEdit the phpmyadmin.conf
Alias /phpmyadmin /usr/share/phpmyadmin/
Alias /phpmyAdmin /usr/share/phpmyadmin/
<Directory "usr/share/phpmyadmin">
Options Indexes FollowSymLinks MultiViews
AllowOverride all
Require all granted
</Directory>
Install Samba
dnf install samba samba-clientStartup and enable smb and nmb daemons at boot
systemctl enable smb
systemctl enable nmb
systemctl start smb
systemctl start nmbConfiguring a shared directory accessible by guests
Edit the /etc/samba/smb.conf
vim /etc/samba/smb.conf
[global]
workgroup = WORKGROUP
map to guest = bad user
force user = root
[vhosts]
path = /var/www/vhosts
browsable = yes
writable = yes
guest ok = yes
read only = no
follow symlinks = yesRestart smb daemons
systemctl restart smb
systemctl restart nmbReference: https://gist.github.com/namdp06/f91c4fe0942845a4c775a4f5aafeab14
Generate RootCA.pem, RootCA.key & RootCA.crt
openssl req -x509 -nodes -new -sha256 -days 1024 -newkey rsa:2048 -keyout RootCA.key -out RootCA.pem -subj "/C=US/CN=Code9-Test-Root-CA"
openssl x509 -outform pem -in RootCA.pem -out RootCA.crtDomain name certificate
First, create a file domains.ext that lists all your local domains:
authorityKeyIdentifier=keyid,issuer
basicConstraints=CA:FALSE
keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment
subjectAltName = @alt_names
[alt_names]
DNS.1 = localhost
DNS.2 = code9.test
Generate code9_test.key, code9_test.csr, and code9_test.crt:
openssl req -new -nodes -newkey rsa:2048 -keyout code9_test.key -out code9_test.csr -subj "/C=VN/ST=HCM/L=HCM/O=Code9-Certificates/CN=code9.test"
openssl x509 -req -sha256 -days 1024 -in code9_test.csr -CA RootCA.pem -CAkey RootCA.key -CAcreateserial -extfile domains.ext -out code9_test.crtInstall Apache mod_ssl
sudo dnf install mod_sslCopy code9_test.crt, code9_test.key to ssl config folder
cp code9_test.crt /etc/pki/tls/certs/code9_test.crt
cp code9_test.key /etc/pki/tls/private/code9_test.keyYou can now configure your Apache:
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/code9_test.crt
SSLCertificateKeyFile /etc/pki/tls/private/code9_test.key
Trust the local CA
Linux: Chromium
Linux: Firefox
