Centos 7 Server, dan selanjutnya ada beberapa konfigurasi Centos 7 Server sebelum kita melakukan installasi service-service yang akan kita jalankan. Pada artikel kali ini kita akan melakukan beberapa konfigurasi awal Centos 7 Server yang sebelumnya kita sudah Install, Ok ikuti step by step cara konfigurasinya.
1. Resize Linux Partition (/root)
#df -h
#lsblk
backup dulu yg ada di home
#umount /home
catat lokasi path /dev/centos/home
#lvdisplay
#lvremove /dev/centos/home
#vgs
#lvextend --size +47.00 -r /dev/centos/root
#vgs
Hapus path /home pada fstab
#vi /etc/fstab
#vgs
Restart server
#reboot
#pvscan
#export http_proxy="http://10.15.3.20:80"
#export https_proxy="http://10.15.3.20:80"
#yum -y install cloud-utils-growpart
#lvextend -l +100%FREE /dev/mapper/centos-root
#xfs_growfs /
#df -h
Restore /home
2. Update OS Centos 7.6 -> 7.9
#yum update
#reboot
"Installing epel repository"
cd /usr/src ; wget http://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
rpm -ivh /usr/src/epel-release-latest-7.noarch.rpm
"Installing remi repository"
cd /usr/src ; wget http://rpms.famillecollet.com/enterprise/remi-release-7.rpm
rpm -ivh /usr/src/remi-release-7.rpm
"Installing basic package server"
yum -y groupinstall "Development Tools"
"Installing basic package server"
yum -y -q install wget chrony curl git tcl expect xinetd systemtap-sdt-devel yum-utils ghostscript supervisor redhat-lsb-core net-tools tuned redis xrdp tigervnc-server
3. Pastikan date time zone server menggunakan Asia/Jakarta
#rm -rf /etc/localtime
#ln -s /usr/share/zoneinfo/Asia/Jakarta /etc/localtime
#ntpdate 10.15.34.220
4. SELinux disable
#setenforce 0
#sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config
#sleep 1
5. HOSTNAME : app-simproject
#hostnamectl set-hostname absensita
6. Security menggunakan iptables (bukan firewalld)
#systemctl disable firewalld
#systemctl stop firewalld
7. Server tersikronized NTPnya ke 10.15.34.220
#yum install chrony -y
#systemctl restart chronyd
#cd /etc/cron.daily ; wget https://sourcecode.jakarta.go.id/diskominfotik/sysadmin/raw/master/ntpdate
#chmod +x ntpdate
#./ntpdate
8. Set ACL SSH menggunakann iptables
#yum install -y iptables-services
#systemctl enable iptables
#systemctl start iptables
#iptables -F
#iptables -I INPUT -s 10.15.13.0/24 -p tcp --dport 22 -j ACCEPT
#iptables -I INPUT -s 10.15.32.0/24 -p tcp --dport 22 -j ACCEPT
#iptables -I INPUT -s 10.15.64.0/24 -p tcp --dport 22 -j ACCEPT
#iptables -I INPUT -s 10.15.37.0/24 -p tcp --dport 22 -j ACCEPT
#iptables -I INPUT -s 10.255.255.14 -p tcp --dport 22 -j ACCEPT
#iptables -I INPUT -s 10.15.36.176 -p tcp --dport 22 -j ACCEPT
#iptables -I INPUT -s 10.15.3.144 -p tcp --dport 22 -j ACCEPT
#iptables -I INPUT -s 10.15.3.215 -p tcp --dport 22 -j ACCEPT
#iptables -I INPUT -s 10.15.3.218 -p tcp --dport 22 -j ACCEPT
#iptables -I INPUT -s 10.15.36.179 -p tcp --dport 22 -j ACCEPT
#iptables -A INPUT -p tcp --dport 22 -j DROP
#service iptables save
9. Buat user simproject pada server
#useradd simproject
#passwd simproject
10. Install NGINX dan PHP
#export PHP_DTRACE=yes
#yum -y install nginx
#yum --enablerepo=remi-php73 -y install php-pecl-jsonc-devel php-pgsql php-xml php-soap php-pecl-msgpack php-gd php-pecl-jsonc php-pdo php-pear php-pecl-sqlite php-pecl-apcu php-pecl-zip php-process php-mcrypt php-mysqlnd php-cli php-pecl-igbinary php-pecl-memcached php-mbstring php-common php-intl php-pecl-memcache php-devel php-odbc php-pecl-sqlite php-mysqlnd php-pecl-jsonc php-fpm php-pecl-redis php-bcmath
11. Install Composer
#cd /usr/src ; curl -sS https://getcomposer.org/installer | php
#mv composer.phar /usr/local/bin/composer
12. Install Oci8 php mmodule
#yum install -y gcc
#yum install -y systemtap-sdt-devel
Install oracle client dari lokal
#cd /usr/src ; wget https://pecl.php.net/get/oci8-2.2.0.tgz
#cd /usr/src ; tar -zxvf oci8-2.2.0.tgz
#cd /usr/src/oci8-2.2.0 ; phpize
#cd /usr/src/oci8-2.2.0 ; ./configure --with-oci8=instantclient,/usr/lib/oracle/12.1/client64/lib
#cd /usr/src/oci8-2.2.0 ; make
#cd /usr/src/oci8-2.2.0 ; make install
#echo "extension=oci8.so" >> /etc/php.ini
#echo "date.timezone = "Asia/Jakarta"" >> /etc/php.ini
13. Install module imagick
#yum -y install ImageMagick ImageMagick-devel
#cd /usr/src ; wget https://pecl.php.net/get/imagick-3.4.4.tgz
#cd /usr/src ; tar -zxvf imagick-3.4.4.tgz
#cd /usr/src/imagick-3.4.4 ; phpize
#cd /usr/src/imagick-3.4.4 ; ./configure
#cd /usr/src/imagick-3.4.4 ; make
#cd /usr/src/imagick-3.4.4 ; make install
#echo "extension=imagick.so" >> /etc/php.ini
14. Konfigurasi nginx dan start service
#systemctl start nginx
#systemctl enable nginx
#systemctl enable php-fpm
#systemctl start php-fpm
#vi /etc/nginx/conf.d/simprojectprod.conf
#nginx -t
#systemctl restart nginx
#reboot
15. Clone Repo GIT
#su - absensita
#mkdir -p /home/absensita/repo
#ssh-keygen
add SSH-Key pada git jakarta
#git clone --mirror git@10.15.34.82:egov/simproject.git
#vi git_fetch_simproject
#. git_fetch_simproject