How to Install PyroCMS with Nginx an Let's Encrypt SSL on CentOS 8
This tutorial exists for these OS versions
- CentOS 8
- CentOS 7.6
On this page
- Requirements
- Prerequisites
- Initial steps
- Step 1 - Install PHP and necessary PHP extensions
- Step 2 - Install MariaDB and create a database for PyroCMS
- Step 3 - Install Acme.sh client and obtain Let's Encrypt certificate (optional)
- Step 4 - Install NGINX and configure NGINX for PyroCMS
- Step 5 - Install Composer
- Step 6 - Install PyroCMS
- Step 7 - Complete the PyroCMS setup
- Links
PyroCMS is a powerful modular CMS and development platform built with Laravel 5, which allows you to build better Laravel websites and applications faster.
In this tutorial, we will walk you through the PyroCMS installation process on a CentOS 8 operating system by using NGINX as a web server, MariaDB as a database server, and optionally you can secure the transport layer by using acme.sh client and Let's Encrypt certificate authority to add SSL support.
Requirements
To install PyroCMS, make sure your system meets the following requirements:
- At least 1GB of RAM or Swap configured.
- PHP version 7.0 or greater with PDO, cURL, SQLite, OpenSSL, Mbstring, Fileinfo, Tokenizer, GD PHP extensions.
- MariaDB
- NGINX
Prerequisites
- A system running CentOS 8 system.
- A non-root user with sudo privileges.
Initial steps
Check your CentOS version:
cat /etc/centos-release
# CentOS Linux release 8.1.1810 (Core)
Set up the timezone:
timedatectl list-timezones
sudo timedatectl set-timezone 'Region/City'
Update your operating system packages (software). This is an important first step because it ensures you have the latest updates and security fixes for your operating system's default software packages:
sudo dnf update -y
Install some essential packages that are necessary for basic administration of the CentOS operating system:
sudo dnf install -y curl wget vim git unzip socat bash-completion epel-release
Step 1 - Install PHP and necessary PHP extensions
Download and install PHP and required PHP extensions:
sudo dnf install -y php php-cli php-fpm php-mysqlnd php-curl php-sqlite3 php-mbstring php-gd php-xml
To show PHP compiled in modules, you can run:
php -m
ctype
curl
exif
fileinfo
. . .
. . .
Check the PHP version:
php --version
# PHP 7.2.11 (cli) (built: Oct 9 2018 15:09:36) ( NTS )
# Copyright (c) 1997-2018 The PHP Group
# Zend Engine v3.2.0, Copyright (c) 1998-2018 Zend Technologies
Start and enable PHP-FPM service:
sudo systemctl start php-fpm.service
sudo systemctl enable php-fpm.service
Step 2 - Install MariaDB and create a database for PyroCMS
Install MariaDB:
sudo dnf install -y mariadb-server mariadb-client
Check the MariaDB version:
mysql --version
# mysql Ver 15.1 Distrib 10.3.17-MariaDB, for Linux (x86_64) using readline 5.1
Start and enable MariaDB service:
sudo systemctl start mariadb.service
sudo systemctl enable mariadb.service
Run mysql_secure installation
script to improve MariaDB security and set the password for MariaDB root
user:
sudo mysql_secure_installation
Answer each of the questions:
Enter current password for root (enter for none): Press Enter
Set root password? [Y/n] Y
New password: your_secure_password
Re-enter new password: your_secure_password
Remove anonymous users? [Y/n] Y
Disallow root login remotely? [Y/n] Y
Remove test database and access to it? [Y/n] Y
Reload privilege tables now? [Y/n] Y
Log into MariaDB as the root user:
sudo mysql -u root -p
# Enter password
Create a MariaDB database and user that you will use for your installation of PyroCMS, and remember the credentials:
CREATE DATABASE dbname;
GRANT ALL ON dbname.* TO 'username' IDENTIFIED BY 'password';
FLUSH PRIVILEGES;
Replace dbname and username with appropriate names for your setup. Replace password with a strong password.
Exit from MariaDB shell:
quit
Step 3 - Install Acme.sh client and obtain Let's Encrypt certificate (optional)
Securing your website with HTTPS is not necessary, but it is a good practice to secure your site traffic. In order to obtain an SSL certificate from Let's Encrypt we will use Acme.sh client. Acme.sh is a pure UNIX shell software for obtaining SSL certificates from Let's Encrypt with zero dependencies.
Download and install acme.sh:
sudo su - root
git clone https://github.com/Neilpang/acme.sh.git
cd acme.sh
./acme.sh --install --accountemail [email protected]
source ~/.bashrc
cd ~
Check acme.sh version:
acme.sh --version
# v2.8.6
Obtain RSA and ECC/ECDSA certificates for your domain/hostname:
# RSA 2048
acme.sh --issue --standalone -d example.com --keylength 2048
# ECDSA
acme.sh --issue --standalone -d example.com --keylength ec-256
If you want fake certificates for testing you can add --staging
flag to the above commands.
To list your issued certs you can run:
acme.sh --list
Create a directory to store your certs. We will use /etc/letsencrypt
directory.
mkdir -p /etc/letsencrypt/example.com
sudo mkdir -p /etc/letsencrypt/example.com_ecc
Install/copy certificates to /etc/letsencrypt directory.
# RSA
acme.sh --install-cert -d example.com \
--cert-file /etc/letsencrypt/example.com/cert.pem \
--key-file /etc/letsencrypt/example.com/private.key \
--fullchain-file /etc/letsencrypt/example.com/fullchain.pem \
--reloadcmd "sudo systemctl reload nginx.service"
# ECC/ECDSA
acme.sh --install-cert -d example.com --ecc \
--cert-file /etc/letsencrypt/example.com_ecc/cert.pem \
--key-file /etc/letsencrypt/example.com_ecc/private.key \
--fullchain-file /etc/letsencrypt/example.com_ecc/fullchain.pem \
--reloadcmd "sudo systemctl reload nginx.service"
After running the above commands, your certificates and keys will be in:
- For RSA: /etc/letsencrypt
/example.com
directory. - For ECC/ECDSA: /etc/letsencrypt
/example.com_ecc
directory.
All the certificates will be automatically renewed every 60 days.
After obtaining certs, exit from root user and return back to normal sudo user:
exit
Step 4 - Install NGINX and configure NGINX for PyroCMS
Install the NGINX web server:
sudo dnf install -y nginx
Check the NGINX version:
nginx -v
# nginx version: nginx/1.14.1
Start and enable Nginx service:
sudo systemctl start nginx.service
sudo systemctl enable nginx.service
Configure NGINX for PyroCMS by running:
sudo vim /etc/nginx/conf.d/pyro.conf
And populate the file with the following configuration:
server {
listen 80;
listen 443 ssl;
server_name example.com;
index index.php index.html;
root /var/www/pyro/public;
ssl_certificate /etc/letsencrypt/status.example.com/fullchain.cer;
ssl_certificate_key /etc/letsencrypt/status.example.com/status.example.com.key;
ssl_certificate /etc/letsencrypt/status.example.com_ecc/fullchain.cer;
ssl_certificate_key /etc/letsencrypt/status.example.com_ecc/status.example.com.key;
location / {
try_files $uri $uri/ /index.php?$args;
}
location ~ \.php$ {
include fastcgi_params;
fastcgi_pass unix:/run/php-fpm/www.sock;;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_index index.php;
}
}
Check NGINX configuration for syntax errors:
sudo nginx -t
Reload NGINX service:
sudo systemctl reload nginx.service
Step 5 - Install Composer
Install Composer, the PHP dependency manager globally:
php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
php -r "if (hash_file('sha384', 'composer-setup.php') === 'e0012edf3e80b6978849f5eff0d4b4e4c79ff1609dd1e613307e16318854d24ae64f26d17af3ef0bf7cfb710ca74755a') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"
php composer-setup.php
php -r "unlink('composer-setup.php');"
sudo mv composer.phar /usr/local/bin/composer
Check Composer version:
composer --version
# Composer version 1.10.5 2012-04-02 10:52:10
Step 6 - Install PyroCMS
Create a document root directory where PyroCMS should reside in:
sudo mkdir -p /var/www/pyro
Change ownership of the /var/www/pyro
directory to your_username
that you should have created before and you should be logged in as this user.
sudo chown -R your_username:your_username /var/www/pyro
NOTE: Don't forget to replace your_username with the name that you have chosen.
Navigate to document root:
cd /var/www/pyro
Download the latest stable release of PyroCMS via composer
:
composer create-project pyrocms/pyrocms .
Change ownership of the /var/www/pyro
directory to www-data
.
sudo chown -R nginx:nginx /var/www/pyro
Run sudo vim /etc/php-fpm.d/www.conf
and set the user and group to nginx
. Initially, they will be set to apache.
Run:
sudo vim /etc/php-fpm.d/www.conf
And set user and group to nginx, like below:
user = nginx
group = nginx
And finally, restart PHP-FPM service for these changes to take effect:
sudo systemctl restart php-fpm.service
Step 7 - Complete the PyroCMS setup
Access your site in a web browser via domain name or IP address and follow the PyroCMS web installation wizard.
After you have filled all the required information, your PyroCMS installation is complete.