How to install Magento on CentOS 8

How to install Magento on CentOS 8

Magento is one of the most popular open source ecommerce platforms that allows you to set up an ecommerce website and online store in minutes. It is based on PHP, written on the Zend Framework, and uses an entity attribute value (EAV) database model to store data. It comes with an easy-to-use interface that lets you customize your online store and easily sell products and services.

In this tutorial, we will show you how to install Magento e-commerce platform on CentOS 8 using Let’s Encrypt free SSL.

Claim

  • A server running CentOS 8 with 2 GB of RAM.
  • A valid domain name pointing to the server IP.
  • A root password is configured on the server.

Install LEMP server

First, install Nginx web server, MariaDB database server, PHP, and other required PHP libraries by running the following commands:

dnf install nginx mariadb-server php php-cli php-mysqlnd php-opcache php-xml php-gd php-soap php-bcmath php-intl php-mbstring php-json php-iconv php-fpm php-zip unzip git -y

After installing all packages, start Nginx, MariaDB and PHP-FPM services and use the following command to make them start after the system reboots:

systemctl start nginx systemctl start mariadb systemctl start php-fpm systemctl enable nginx systemctl enable mariadb systemctl enable php-fpm

Next, you will need to edit the php.ini file and make some settings:

nano /etc/php.ini

Change the following lines:

memory_limit =512M
upload_max_filesize = 200M
zlib.output_compression = On 
max_execution_time = 300 
date.timezone = Asia/Kolkata

Save and close the file when you are finished.

Configuration database

MariaDB is not secure by default, so you first need to secure it. Run the following script to protect MariaDB:

mysql_secure_installation

Answer all questions as follows:

Enter current password for root (enter for none): 
Set root password? [Y/n] Y
New password: 
Re-enter new password: 
Remove anonymous users? [Y/n] Y
Disallow root login remotely? [Y/n] Y
Remove test database and access to it? [Y/n] Y
Reload privilege tables now? [Y/n] Y

Once done, log in to the MariaDB shell using the following command:

mysql -u root -p

Provide your root password when prompted, and then create a database and user for Magento as follows:

MariaDB [(none)]> CREATE DATABASE magentodb; MariaDB [(none)]> GRANT ALL ON magentodb.* TO [email protected] IDENTIFIED BY 'password';

Next, refresh the privileges and exit from the MariaDB shell using the following command:

MariaDB [(none)]> flush privileges; MariaDB [(none)]> exit;

Configure PHP-FPM for Magento

Next, you will need to configure a PHP-FPM pool for your Magento instance. You can configure it by creating the following files:

nano /etc/php-fpm.d/magento.conf

Add the following lines:

[magento]
user = nginx
group = nginx
listen.owner = nginx
listen.group = nginx
listen = /run/php-fpm/magento.sock
pm = ondemand
pm.max_children =  50
pm.process_idle_timeout = 10s
pm.max_requests = 500
chdir = /

Save and close the file, then restart the PHP-FPM service to implement the changes:

systemctl restart php-fpm

Download Magento

First, download the latest version of Magento from the Git repository using the following command:

cd /var/www/html wget https://github.com/magento/magento2/archive/2.3.zip

After downloading, unzip the downloaded file as follows:

unzip 2.3.zip

Next, move the extracted directory to magento2 as follows:

mv magento2-2.3 magento2

Next, you will need to install Composer to install PHP dependencies for Magento.

You can install Composer using the following command:

curl -sS https://getcomposer.org/installer | php mv composer.phar /usr/local/bin/composer

Next, change directory to magento2 and install all Magento dependencies using the following command:

cd /var/www/html/magento2 composer update composer install

Next, you will need to create a Magento crontab to schedule tasks. You can create it using:

./bin/magento cron:install

You can verify crontab with:

crontab -l

You should get the following output:

#~ MAGENTO START f73db5f5dcf223372d4c9fab56bef0c1730eece898fad5cbee0c313b46b0dd1f
* * * * * /usr/bin/php /var/www/html/magento2/bin/magento cron:run 2>&1 | grep -v "Ran jobs by schedule" >> /var/www/html/magento2/var/log/magento.cron.log
* * * * * /usr/bin/php /var/www/html/magento2/update/cron.php >> /var/www/html/magento2/var/log/update.cron.log
* * * * * /usr/bin/php /var/www/html/magento2/bin/magento setup:cron:run >> /var/www/html/magento2/var/log/setup.cron.log
#~ MAGENTO END f73db5f5dcf223372d4c9fab56bef0c1730eece898fad5cbee0c313b46b0dd1f

Next, give proper permissions to the magento2 directory:

chown -R nginx:nginx /var/www/html/magento2 chmod -R 755 /var/www/html/magento2

Configure Nginx for Magento

Next, you will need to create an Nginx virtual host file for Magento. You can create it using:

nano /etc/nginx/conf.d/magento.conf

Add the following lines:

upstream fastcgi_backend {
  server   unix:/run/php-fpm/magento.sock;
}

server {
    listen 80;
    server_name magento.linuxbuz.com;

    set $MAGE_ROOT /var/www/html/magento2;
    set $MAGE_MODE developer;

    access_log /var/log/nginx/magento-access.log;
    error_log /var/log/nginx/magento-error.log;

    include /var/www/html/magento2/nginx.conf.sample;
}

Save and close the file when you are finished. Then, restart the Nginx and PHP-FPM services to implement the changes:

systemctl restart php-fpm systemctl restart nginx

Configure SELinux and firewall

SELinux is enabled by default in CentOS 8. Therefore, you need to configure SELinux for Magento to work properly.

You can configure SELinux with the following command:

semanage permissive -a httpd_t

Next, you will need to create firewall rules to allow HTTP and HTTPS services from external networks. You can allow it using:

firewall-cmd --permanent --add-service=http
firewall-cmd --permanent --add-service=https firewall-cmd --reload

Let’s Encrypt SSL to Protect Magento

Magento is now installed and configured. It’s time to secure it with “free encrypted SSL”.

To do this, you need to download the certbot client on the server. You can download and set the correct permissions by running:

wget https://dl.eff.org/certbot-auto mv certbot-auto /usr/local/bin/certbot-auto chown root /usr/local/bin/certbot-auto chmod 0755 /usr/local/bin/certbot-auto

Now, run the following command to obtain and install an SSL certificate for your Magento website.

certbot-auto --nginx -d magento.linuxbuz.com

The above command first installs all required dependencies as follows:

Installed:
  gcc-8.2.1-3.5.el8.x86_64                                                  mod_ssl-1:2.4.37-12.module_el8.0.0+185+5908b0db.x86_64             
  python3-virtualenv-15.1.0-18.module_el8.0.0+33+0a10c0e1.noarch            python36-devel-3.6.8-2.module_el8.0.0+33+0a10c0e1.x86_64           
  redhat-rpm-config-116-1.el8.0.1.noarch                                    augeas-libs-1.10.1-8.el8.x86_64                                    
  libffi-devel-3.1-18.el8.x86_64                                            openssl-devel-1:1.1.1-8.el8.x86_64                                 
  annobin-8.64-1.el8.x86_64                                                 cpp-8.2.1-3.5.el8.x86_64                                           
  dwz-0.12-9.el8.x86_64                                                     efi-srpm-macros-3-2.el8.noarch                                     
  ghc-srpm-macros-1.4.2-7.el8.noarch                                        go-srpm-macros-2-16.el8.noarch                                     
  isl-0.16.1-6.el8.x86_64                                                   libmpc-1.0.2-9.el8.x86_64                                          
  ocaml-srpm-macros-5-4.el8.noarch                                          openblas-srpm-macros-2-2.el8.noarch                                
  perl-srpm-macros-1-25.el8.noarch                                          platform-python-devel-3.6.8-2.el8_0.0.1.x86_64                     
  python-rpm-macros-3-37.el8.noarch                                         python-srpm-macros-3-37.el8.noarch                                 
  python3-rpm-generators-5-4.el8.noarch                                     python3-rpm-macros-3-37.el8.noarch                                 
  qt5-srpm-macros-5.11.1-2.el8.noarch                                       rust-srpm-macros-5-2.el8.noarch                                    
  glibc-devel-2.28-42.el8.1.x86_64                                          glibc-headers-2.28-42.el8.1.x86_64                                 
  kernel-headers-4.18.0-80.11.2.el8_0.x86_64                                keyutils-libs-devel-1.5.10-6.el8.x86_64                            
  krb5-devel-1.16.1-22.el8.x86_64                                           libcom_err-devel-1.44.3-2.el8.x86_64                               
  libkadm5-1.16.1-22.el8.x86_64                                             libselinux-devel-2.8-6.el8.x86_64                                  
  libsepol-devel-2.8-2.el8.x86_64                                           libverto-devel-0.3.0-5.el8.x86_64                                  
  libxcrypt-devel-4.1.1-4.el8.x86_64                                        pcre2-devel-10.32-1.el8.x86_64                                     
  pcre2-utf16-10.32-1.el8.x86_64                                            pcre2-utf32-10.32-1.el8.x86_64                                     
  zlib-devel-1.2.11-10.el8.x86_64                                          

Complete!
Creating virtual environment...
Installing Python packages...
Installation succeeded.

After installing all dependencies, you will be asked to provide an email address and agree to the terms of service as follows:

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator nginx, Installer nginx
Enter email address (used for urgent renewal and security notices) (Enter 'c' to
cancel): [email protected]

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Please read the Terms of Service at
https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must
agree in order to register with the ACME server at
https://acme-v02.api.letsencrypt.org/directory
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(A)gree/(C)ancel: A

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator nginx, Installer nginx
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for magento.linuxbuz.com
Waiting for verification...
Cleaning up challenges
Deploying Certificate to VirtualHost /etc/nginx/conf.d/magento.conf

Next, you will need to choose whether to redirect HTTP traffic to HTTPS as follows:

Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: No redirect - Make no further changes to the webserver configuration.
2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for
new sites, or if you're confident your site works on HTTPS. You can undo this
change by editing your web server's configuration.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2  

Type 2 and press Enter to install a “Let’s Encrypt SSL” certificate for your domain as shown below:

Redirecting all traffic on port 80 to ssl in /etc/nginx/conf.d/magento.conf

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Congratulations! You have successfully enabled https://magento.linuxbuz.com

You should test your configuration at:
https://www.ssllabs.com/ssltest/analyze.html?d=magento.linuxbuz.com
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

IMPORTANT NOTES:
 - Congratulations! Your certificate and chain have been saved at:
   /etc/letsencrypt/live/magento.linuxbuz.com/fullchain.pem
   Your key file has been saved at:
   /etc/letsencrypt/live/magento.linuxbuz.com/privkey.pem
   Your cert will expire on 2020-03-23. To obtain a new or tweaked
   version of this certificate in the future, simply run certbot-auto
   again with the "certonly" option. To non-interactively renew *all*
   of your certificates, run "certbot-auto renew"
 - If you like Certbot, please consider supporting our work by:

   Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate
   Donating to EFF:                    https://eff.org/donate-le

Visit Magento

Magento is now installed and configured. It’s time to access the Magento installation wizard.

Open your web browser and enter the URL https://magento.linuxbuz.com. You will be redirected to the Magento welcome page:

Click on Agree and set up Magento Button. You should see the Magento Ready Inspection Wizard:

System Readiness Check

Now click next Button. You should see the following page:

Database settings

Provide your database details and click next Button. You should see the following page:

Web configuration

Now, provide your Magento store and admin URL and click next Button. You should see the following page:

Configure currency, time zone and language

Select the desired time zone, currency, language and click next Button. You should see the following page:

Configure username

Now provide your Magento admin username, password and click next Button. You should see the following page:

Continue installation

Now click installation right now Button to start Magento installation. Once the installation is successfully completed. You should see the following page:

Successful installation

Now click Your store address Button. You should see your Magento store on the following pages:

Magento homepagead

To access your Magento management interface, enter the URL https://magento.linuxbuz.com/admin_1teqss on your web browser. You will be redirected to the Magento login page:

Magento login

Provide your Magento administrator username, password, and click Sign in Button. You should see your Magento management interface on the following pages:

Magento Dashboard

That’s it for now. Your Magento is now protected with “Let’s Encrypt Free SSL”.

Related Posts