CentOS 6.x (Cloud) Server Set-Up

Some yum updates that I commonly use when provisioning a (Rackspace) cloud server (but could be used for any Cent/RHEL server, mostly for basic LAMP application use).

(last edit: 2/28/2014)

# first download a few extra yum repos:
wget http://mirrors.servercentral.net/fedora/epel/6/x86_64/epel-release-6-8.noarch.rpm
wget http://rpms.famillecollet.com/enterprise/remi-release-6.rpm
rpm -Uvh remi-release-*.rpm epel-release-*.rpm
 
# remi is disabled by default, so you can use --enablerepo or set config:
nano /etc/yum.repos.d/remi.repo
 
# update whatever is already there and add a few utils if needed:
yum update
yum install mlocate system-config-securitylevel-tui unzip ntp nc
 
#  install some basic apps and build tools
yum --enablerepo=remi install gcc binutils patch rpm-build make bind bind-utils rsync
 
# install FTP if you need it:
yum install vsftpd
 
## AMP ##
 
# PHP -- use remi repo for the most recent PHP and MySQL versions
yum --enablerepo=remi install httpd.x86_64 mod_ssl php.x86_64 php-common php-mcrypt php-mbstring.x86_64
 
# if you need it:
yum --enablerepo=remi install php-gd
 
# add PHP zend opcache (until it's included in PHP, replaces APC):
yum --enablerepo=remi install php-pecl-zendopcache.x86_64 
 
# some specialized PHP add-ons for cache and search
#yum --enablerepo=remi install php-pecl-memcached php-pecl-geoip
# php-pecl-solr
 
# MYSQL
yum --enablerepo=remi install mysql.x86_64 mysql-server.x86_64 php-mysql phpmyadmin 
 
## /END AMP ##
 
# mail:
# only install these if you _really_ need them, and know what you're doing
# yum --enablerepo=remi install sendmail #AND/OR postfix
# yum --enablerepo=remi install dovecot
 
# basic mail client for reading mail
yum --enablerepo=remi install mailx
 
 
#Tomcat (only if you need a Java server). Be careful if you already have Java installed.
# check if you need java7 and if Yum has Tomcat 6 or 7
yum --enablerepo=remi install java-1.6.0-openjdk tomcat6 tomcat6-webapps tomcat6-admin-webapps
# Tomcat services: Solr, Hudson - installed via .war files with latest stable versions
 
# for monitoring:
yum --enablerepo=remi install net-snmp* python-memcached

*** Post Installation ***

config basic RH firewall for dev: (would most likely use something else in production environment)

/usr/bin/system-config-firewall-tui

mysql

/sbin/service mysqld start
/usr/bin/mysql_secure_installation

webmin

wget http://www.webmin.com/download/rpm/webmin-current.rpm  # (latest)
rpm -ivh webmin-*.noarch.rpm
# to change any settings like port:
nano /etc/webmin/miniserv.conf

time / timezone

# if you don't use webmin or similar to set up timezone:
cp /etc/localtime /etc/localtime.bak
# example for UTC:
rm /etc/localtime && ln -s /usr/share/zoneinfo/UTC /etc/localtime

security issues

nano /etc/ssh/sshd_config
# set:
PermitRootLogin no
# then:
/sbin/service sshd reload

for mailscanner

yum --enablerepo=remi install spamassassin
yum --enablerepo=remi install clamav clamav-server clamav-update

## ADDITIONAL SPECIALIZED INSTALLS:

# nginx (for apache replacement) and/or SSL/TLS terminator
# yum configuration file and a public PGP key (http://nginx.org/en/linux_packages.html#stable):

rpm -vhi http://nginx.org/packages/centos/6/noarch/RPMS/nginx-release-centos-6-0.el6.ngx.noarch.rpm
 
yum install nginx

# Varnish cache: (https://www.varnish-cache.org/installation/redhat)

rpm --nosignature -vhi http://repo.varnish-cache.org/redhat/varnish-3.0/el6/noarch/varnish-release/varnish-release-3.0-1.el6.noarch.rpm
 
yum install varnish

# REDIS (latest on remi recommended) or get from http://redis.io
# also igbinary:

yum --enablerepo=remi install php-pecl-igbinary-devel.x86_64
yum --enablerepo=remi install php-pecl-igbinary.x86_64
 
yum --enablerepo=remi install redis.x86_64
yum --enablerepo=remi install php-pecl-redis.x86_64

TODO: update for CentOS 7

No Responses to “ “CentOS 6.x (Cloud) Server Set-Up”

Trackbacks/Pingbacks

  1. CentOS alternate repos | LDG Tech Blog - [...] and remi: (see here) wget http://download.fedora.redhat.com/pub/epel/5/x86_64/epel-release-5-4.noarch.rpm wget [...]

Leave a Reply