Server Setup

So as I’m giving this blogging thing another try, I thought I’d detail the steps I followed to setup the new server.

Update 2015-07-20: Added post_max_size to Configure PHP-FPM, php-xml to Update and Install Packages, and added Configure Mail

I’ve been a happy Linode customer for a long time, running a couple of VMs there for the various web pages I support (those not hosted on GitHub Pages). As my current Linode was running a now old version of CentOS (6.6), I thought I’d stand up a new server with CentOS 7 on it, get the blog up and running, and then migrate my other sites over. This also gives me a chance to use Linodes new, and closer to Australia, Singapore datacenter (my old server is hosted in Newark). This also gave me a chance to test the backup and restoration of WordPress, as I’ll blew away and recreated the server until I was comfortable with it.

Overview

The server runs the following components:

  • Nginx: a HTTP server and reverse proxy server, replacing the more traditional Apache web server;
  • PHP-FPM: a FastCGI Process Manager, enable the use of PHP in Nginx; and
  • MariaDB: a drop-in replacement for MySQL, for SQL databases.

This is the first time I have used the LEMP (Linux, Nginx, MariaDB, PHP) stack on a server, replacing the traditional LAMP (Linux, Apache, PHP and MySQL) stack. I decided to move to LEMP as I have been using Nginx more and more for its forward proxy abilities, and it didn’t make sense to install heavyweight Apache just for its PHP support.

Create Server

I created a server following the Getting Started instructions at Linode. I picked a Linode 1024 server as it’s the cheapest server and its specs will be more than enough for the few websites it’ll be running.

Speaking of specs:

  • Hard Drive: 24GB
  • CPU: 1 CPU Core
  • RAM: 1GB RAM
  • Traffic: 2TB Traffic/Month

All this for a low price of USD10/Month. New customers can get their first month free through an offer from Treehouse.

I set the hostname following the Getting Started instructions as well:

hostnamectl set-hostname hostname

Update and Install Packages

As Nginx is not in the default CentOS 7 package repositories, first I enabled the Extra Packages for Enterprise Linux (EPEL) repository:

yum install –y epel-release

Then I installed the required packages (including nano as its my preferred text editor):

yum install -y mariadb-server nginx
yum install -y php php-fpm php-gd php-mysql php-mbstring php-xml
yum install -y zip unzip bzip2 nano
yum install -y postfix

Then I updated all installed packages:

yum update -y

I then rebooted to allow all updates to take effect:

reboot

Configure Firewall

I enabled and started the Firewalld service:

systemctl enable firewalld
systemctl start firewalld

Note that by default ssh is allowed through the firewall, or else these commands would have locked me out of my server. Fortunately, if that happened I could have accessed the console for my virtual machine through the Linode Shell (lish)

Configure Mail

While the server will not be being used as a mail server, applications will be trying to send mail out, hence a local mail system is required.

I created the /root/.forward file:

andrew.cole@illallangi.com

And I enabled and started the PostFix service:

systemctl enable postfix
systemctl start postfix

Configure PHP-FPM

First I updated the php.ini file to allow larger POSTs:

perl -pi -e "s/post_max_size = .*M/post_max_size = 64M/g" /etc/php.ini

Then I enabled and started the PHP-FPM service:

systemctl enable php-fpm
systemctl start php-fpm

Configure MariaDB

I enabled and started the MariaDB service:

systemctl enable mariadb
systemctl start mariadb

Then I secured the MariaDB installation with the provided script:

mysql_secure_installation

I answered all the prompts, which set the root password, removed unauthenticated access, and removed the default test databases.

Configure Nginx

First to enable PHP-FPM support in Nginx I created the /etc/nginx/default.d/php-fpm.conf file:

location ~ [^/]\.php(/|$) {
    fastcgi_split_path_info ^(.+?\.php)(/.*)$;
    include fastcgi_params;
    fastcgi_pass 127.0.0.1:9000;
    fastcgi_index index.php;
    fastcgi_param SCRIPT_FILENAME $document_root/$fastcgi_script_name;
}

All files in the default.d directory are included in the default site config (through a line in nginx.conf). These files will also be included in my custom server files (which will be stored in the conf.d directory).

I enabled and started the Nginx service:

systemctl enable nginx
systemctl start nginx

By default port 80 is blocked by the firewall, so I added an exception for inbound HTTP traffic:

firewall-cmd --permanent --zone=public --add-service=http
firewall-cmd --reload

Testing

By entering the IP address of my new server into my browser of choice (currently Chrome), I confirmed Nginx was functioning as expected when I was greeted by the Nginx Fedora test page:

screencapture-192-168-198-128-1437217369742

To ensure the PHP-FPM support was working, I created a simple php file at /usr/share/nginx/html/info.php:

<?php phpinfo(); ?>

Entering the path to this file in my browser I was greeted by the (ridiculously long) phpinfo() output:

screencapture-192-168-198-128-info-php-1437217406152

Next Steps

This completed the initial setup of the server with a functional LEMP stack. Next up was to install WordPress, which will be the subject of a future post.

Featured Image: “heat shrinkage” by eyemage on flickr.