Okay, it’s time to install Git so you can play with some pull and merge requests for some projects you are working on. This set of instructions should work on your system regardless if you are running CentOS 7, 8, or 9.
The first thing to do is elevate…
sudo su
Then update your system.
dnf update
Install Git
dnf install git
Check the installed version
git --version
Just like that, you are ready to “Git” yourself back to coding something grand!
Docker is an operating system virtualization tool that allows us to run applications as containers. In simplest terms, that means you are virtualizing only the application, and not creating an entire virtual machine as you would traditionally do in hypervisors like VMware, Hyper-V, or Nutanix.
Okay, that’s cool… How do we install Docker so we can start to test workloads on it? Well, let me show you how to install Docker on a virtual machine running CentOS 9 Stream. **While I have not tested to confirm, this Docker installation method should be identical on CentOS 8 Stream, as well as for CentOS 7.x
Let us begin by shifting to Sudo mode by running this command first…
sudo su
Then the first thing to do is remove PodMan as it conflicts with Docker.
Let us view what we installed by running these two commands.
rpm -q docker-ce
docker version
Congratulations! You now have Docker installed on your machine.
You’ll probably want to install Docker Compose on your machine too so you can build and run a docker image. You can install it with this simple command.
Here is how to add the open source antivirus tool ClamAV to the CentOS machine and configure it automatically run a virus scan on newly uploaded files. ClamAV detects all forms of malware including Trojan horses, viruses, and worms, and it operates on all major file types including Windows, Linux, and Mac files, compressed files, executables, image files, Flash, PDF, and many others. ClamAV’s Freshclam daemon automatically updates its malware signature database at scheduled intervals.
First edit freshclam.conf and configure your options.
vi /etc/freshclam.conf
Freshclam updates your malware database, so you want it to run frequently to get updated malware signatures. Run it manually post-installation to download your first set of malware signatures:
freshclam
Next, edit scan.conf.
vi /etc/clamd.d/scan.conf
Uncomment this line
LocalSocket /run/clamd.scan/clamd.sock
When you’re finished you must enable the clamd service file and start clamd:
Verify PHP is installed and the version. You can see I was able to install PHP v8.1.4
sudo php -v
Open the php.ini config file and set your timezone. You will need to uncomment the line for date.timezone and set it to your timezone of choice and set it to your timezone of choice. .
Secure or instance of Maria DB by running the ‘mariadb_secure_installation‘ command.
sudo mariadb-secure-installation
Enter your root credentials when prompted. For the next two prompts, if you have your root account protected correctly, it will tell you so and you can follow the recommendation to enter ‘n’ for them.
For the next four prompts, enter ‘Y’ for them.
Check your MariaDB and what version it is running this command below or login into the database and check as shown in the image below.
So I’m going to walk thru installing Nextcloud on CentOS 7. Your mileage will vary if you attempt to use this as a guide to install NextCloud on CentOS 8 (which is EOL) or CentOS Stream 8/9 as it is not intended for those versions of CentOS.
Nextcloud is an open-source self-hosted sync and file sharing server that was forked from OwnCloud. It is written in PHP and JavaScript and supports multiple databases like MySQL, PostgreSQL, SQLite, and Oracle Database.
Before we get started, we will need to make sure we are set up with a LAMP stack. LAMP stands for Linux, Apache, MySQL, PHP. It’s bascially setting us up as a web server. And since we are going to be a webserver, we should also add Let’s Encrypt for SSL on our machine.
First step is to update your system.
yum -y update
Install PHP
To install PHP 8, you will need to add the EPEL and Remi repositories to your machine. You should also import the repo’s signing key.
Verify PHP is installed and the version. You can see I was able to install PHP v8.0.17
php -v
Open the php.ini config file and set your timezone. You will need to uncomment the line for date.timezone and set it to your timezone of choice.
vi /etc/php.ini
date.timezone = Pacific/Honolulu
Raise PHP’s memory limit
sed -i '/^memory_limit =/s/=.*/= 512M/' /etc/php.ini
Install Apache
Install Apache on your machine.
yum -y install httpd mod_ssl
Start Apache and enable the Apache service at boot.
systemctl start httpd
systemctl enable httpd
Install MariaDB
Add the MariaDB repository to your machine
cat <<EOF | sudo tee /etc/yum.repos.d/MariaDB.repo
[mariadb]
name = MariaDB
baseurl = http://yum.mariadb.org/10.6/centos7-amd64
gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB
gpgcheck=1
EOF
Clean the yum cache
yum makecache fast
Install MariaDB 10.6
yum -y install MariaDB-server MariaDB-client
Start and enable MariaDB service:
systemctl start mariadb
systemctl enable mariadb
Secure or instance of Maria DB by running the ‘mariadb_secure_installation‘ command.
mariadb-secure-installation
Enter your root credentials when prompted. For the next two prompts, if you have your root account protected correctly, it will tell you so and you can follow the recommendation to enter ‘n’ for them.
For the next four prompts, enter ‘Y’ for them.
Check your MariaDB and what version it is running this command below or login into the database and check as shown in the image below.
mysql -V
Create the Database and the user account for NextCloud using the commands below.
Take note of what you set for: <nextcloud_db> : This will be the name of your NextCloud database. <nextcloud_user> : This will be the NextCloud user. <nextcloud_pw> : This is a strong password that you have created for your ‘nextcloud_user’.
mysql -u root -p
create database <nextcloud_db>;
create user '<nextclouduser>'@'localhost' identified BY '<nextcloud_pw>';
grant all privileges on <nextcloud_db>.* to '<nextclouduser>'@'localhost';
flush privileges;
\q
Give Apache access to MariaDB
setsebool -P httpd_can_network_connect_db 1
Let us go ahead and reboot the system before we proceed with installing NextCloud.
init 6
Installing NextCloud
Download the packages needed to download and unzip NextCloud
yum -y install wget unzip
Next, download the latest stable release of NextCloud to your system.
Create a data directory to store files that get uploaded to NextCloud. If you use a symlink, this can be any type of path to a NAS, SAN, or NFS. Give Apache permiss
Give the Apache user and group ownership of the NextCloud folder.
chown apache:apache -R /var/www/html/nextcloud
The next step will create an Apache VirtualHost configuration file.
vi /etc/httpd/conf.d/nextcloud.conf
Copy and paste the following code block into the file. Note: Make sure to update the “ServerName” and “ServerAdmin” settings to suit your environment. The “ServerName” is its FQDN, so remember to setup your DNS entry for it, if necessary.
<VirtualHost *:80>
ServerName nextcloud.pwwf.com
ServerAdmin nextcloud.admin@pwwf.com
DocumentRoot /var/www/html/nextcloud
<directory /var/www/html/nextcloud>
Require all granted
AllowOverride All
Options FollowSymLinks MultiViews
SetEnv HOME /var/www/html/nextcloud
SetEnv HTTP_HOME /var/www/html/nextcloud
</directory>
</VirtualHost>
Configure SELinux
Install the SEMange package.
yum -y install policycoreutils-python
Add the context rules to allow NextCloud to write data into its directories.
semanage fcontext -a -t httpd_sys_rw_content_t '/var/www/html/nextcloud/data'
semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/html(/.*)?"
semanage fcontext -a -t httpd_sys_rw_content_t '/var/www/html/nextcloud/config(/.*)?'
semanage fcontext -a -t httpd_sys_rw_content_t '/var/www/html/nextcloud/apps(/.*)?'
semanage fcontext -a -t httpd_sys_rw_content_t '/var/www/html/nextcloud/3rdparty(/.*)?'
semanage fcontext -a -t httpd_sys_rw_content_t '/var/www/html/nextcloud/.htaccess'
semanage fcontext -a -t httpd_sys_rw_content_t '/var/www/html/nextcloud/.user.ini'
restorecon -Rv /var/www/html
Open your web browser of choice and enter either the server name URL you entered in the ‘nextcloud.conf’ file, or alternatively you could use the IP address of your machine, to access the NextCloud Web GUI.
example – http://nextcloud.pwwf.com/ http://10.1.2.169/
The first fields are for creating an admin account for your NextCloud instance. Set it to anything you wish, just don’t forget those credentials.
Then select “MySQL/MariaDB” and configure the database fields with the information we used earlier when we set up the database in MariaDB.
Then click on the “Install” button at the very bottom of the page.
Once the install completes, your dashboard will be ready to use. In your browser, go to: http://<ServerName>/nextcloud/index.php/apps/dashboard
Having HTTP access is great… but I think that we would like to have some security. There are plenty of paid services out there to get an SSL from. But for this post let us add SSL encryption using the FREE resource that is Let’s Encrypt so that we can utilize HTTPS without any additional cost.
The first thing we need to do is install certbot.
yum -y install epel-release certbot
Next we will need to request our SSL certificate for this machine.
Note: If certbot is not working for you, you will need to figure out whatever issue it is having before proceeding. If you cannot resolve it, the rest of this article will not benefit you. Unfortunately, troubleshooting certbot is outside the scope of this article.
After the SSL certificate has successfully been generated, it is time to edit your Apache config file for NextCloud, again.
vi /etc/httpd/conf.d/nextcloud.conf
Make your configuration file look like what I have below. Note: Make sure to update the “ServerName” and “ServerAdmin” settings to suit your environment.
To remove the “index.php” from every URL, open the Nextcloud config file.
vi /var/www/html/nextcloud/config/config.php
Depending on how your config file is setup, you will add one of the following entries below based on how your URL is configured. If you get this wrong, don’t worry, you will see an “Internal Server Error” message instead of your NextCloud page and will have to come back into this file and change it.
If your line for “overwrite.cli.url” looks like this
Now go back to your browser and in the address bar, enter your pretty url without the ‘index.php’ in it… In my case, it will be “https://nextcloud.pwwf.com/”
Proxy override
I was having an issue with the UI inside NextCloud. I could view folders and files, but I could not create new folders or files. After some troubleshooting recreating the NextCloud server and testing before adding the SSL certificate and also after adding the certificate, as well as testing bypassing the proxy I was able to confirm that the proxy was indeed causing me my headaches. This should help you if you are behind a proxy…
vi /var/www/html/nextcloud/config/config.php
Under your line for “overwrite.cli.url” add this entry.
'overwriteprotocol' => 'https',
This will make sure that any requests, and replies, are done over HTTPS and now HTTP.
Max Upload
PHP is going to try to limit the file upload size that you can use. Since I know you are going to probably want to save/share some large files, let us update those limits to something more realistic.
vi /etc/php.ini
Search the file and update these values to your desired limit, I’m going to set it to 10GB.
While you can adjust these values to your environment, just remember to always make your “post_max_size” a little bit larger than your “upload_max_filesize”. This will keep you from having any issues when uploading a file that is the same size as your max upload limit.
Lastly, you will need to restart Apache.
systemctl restart httpd
Trash Cleanup
So NextCloud isn’t always great at cleaning up your deleted files. By design, it is set to hold on to your deleted items for 30 days, then it only forces a delete if you are running low on space. Since you’re probably sitting on at least a few terabytes of storage, those deleted files may never actually get deleted.
vi /var/www/html/nextcloud/config/config.php
Open your NextCloud config file.
Here is how you can control NextCloud’s behavior with these settings.
auto – default setting. keeps files and folders in the trash bin for 30 days and automatically deletes anytime after that if space is needed (note: files may not be deleted if space is not needed).
D, auto – keeps files and folders in the trash bin for D+ days, delete anytime if space needed (note: files may not be deleted if space is not needed)
auto, D – delete all files in the trash bin that are older than D days automatically, delete other files anytime if space needed
D1, D2 – keep files and folders in the trash bin for at least D1 days and delete when exceeds D2 days (note: files will not be deleted automatically if space is needed)
disabled – trash bin auto clean disabled, files and folders will be kept forever
To automatically delete the files after 30 days and allow NextCloud to purge them sooner if space is needed, you can add this line.
'trashbin_retention_obligation' => 'auto, 30',
To retain the files for 30 days and then absolutely purge them after 40 days, you would add this line.
'trashbin_retention_obligation' => '30, 40',
Install ClamAV
Here is how to add the open source antivirus tool ClamAV to the CentOS machine and configure it automatically run a virus scan on newly uploaded files. ClamAV detects all forms of malware including Trojan horses, viruses, and worms, and it operates on all major file types including Windows, Linux, and Mac files, compressed files, executables, image files, Flash, PDF, and many others. ClamAV’s Freshclam daemon automatically updates its malware signature database at scheduled intervals.
First edit freshclam.conf and configure your options.
vi /etc/freshclam.conf
Freshclam updates your malware database, so you want it to run frequently to get updated malware signatures. Run it manually post-installation to download your first set of malware signatures:
freshclam
Next, edit scan.conf.
vi /etc/clamd.d/scan.conf
Uncomment this line
LocalSocket /run/clamd.scan/clamd.sock
When you’re finished you must enable the clamd service file and start clamd:
Warning: CentOS 8 has reached End of Life (EOL) and is no longer supported. You should really consider moving to a supported OS such as CentOS 8 Stream.
I was looking at some virtual machines earlier today and I realized that they were not running the most current version of CentOS. Since I am going to upgrade them, I figured it’d be the perfect time to document the process of how to do it.
The first thing I do is make a backup of my virtual machine. You can’t recover from an accident if you don’t have a recovery point. At the very least, make sure you have taken a snapshot of your virtual machine.
Next, I verify what version of CentOS I’m on by running the following command.
cat /etc/centos-release
From the screenshot below you can see that I am currently on version 7.9.2009.
At this point, I’m going to enter “sudo su” on my VM and then enter my credentials, so that I can continue as ‘root’ and I don’t have to type “sudo” before every single command.
First step is to install the EPEL repository.
yum -y install epel-release
Next, install both ‘yum-utils’ and ‘rpmconf’ by using this command.
yum -y install yum-utils rpmconf
Next, use ‘rpmconf’ to resolve the RPM packages that are in use on your VM.
rpmconf -a
Then clean up any packages that are not required by your system.
CentOS Linux 8 had actually reached the End Of Life (EOL) as of December 31st, 2021. Which means that CentOS 8 will no longer receive development from the official CentOS project. After that EOL date, if you need to update your CentOS (yes, that means us right now), you need to change the mirrors to point to vault.centos.org where they are archived. So a better option would actually be to upgrade to CentOS Stream instead, but we’ll save that for another post… Here is how to change the mirrors.
cd /etc/yum.repos.d/
sed -i 's/mirrorlist/#mirrorlist/g' /etc/yum.repos.d/CentOS-*
sed -i 's|#baseurl=http://mirror.centos.org|baseurl=http://vault.centos.org|g' /etc/yum.repos.d/CentOS-*
dnf update
cd
There are two packages, dracut-network and rpmconf, that conflict with upgradingand need to be removed.
dnf remove dracut-network rpmconf
Remove the old CentOS 7 kernel
rpm -e `rpm -q kernel`
Remove any conflicting packages that are not needed any longer