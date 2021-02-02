How to Install Shopware 6 with NGINX and Let's Encrypt on CentOS 8

Shopware is a free and open-source platform that helps you to start your own e-commerce website to power your online business. It provides a lot of useful tools that help you to build and customize a fully responsive online store. It is very similar to Magento. Compared to Magento, Shopware is a very powerful, easy-to-use, and flexible application. It helps you to create and manage content and products easily from any device with its modern user interface.

In this tutorial, we will show you how to install Shopware with Nginx and Let's Encrypt SSL on CentOS 8.

Prerequisites

A server running CentOS 8.

A valid domain name pointed with your server IP.

A root password is configured on your server.

Install LEMP Server

Shopware runs on a Web server and built on PHP with Symfony and Zend components, and uses MySQL or MariaDB as a database backend. So you will need to install Nginx, MariaDB, PHP and other extensions to your server. You can install all of them with the following command:

dnf install nginx mariadb-server php php-cli php-intl php-fpm php-common php-mysqli php-curl php-json php-zip php-gd php-xml php-mbstring php-opcache unzip -y

Once all the packages are installed, start the Nginx, MariaDB and PHP-FPM service and enable them to start at system reboot with the following command:

systemctl start mariadb

systemctl enable mariadb

systemctl start nginx

systemctl start php-fpm

systemctl enable nginx

systemctl enable php-fpm

Once you are finished, you can proceed to the next step.

Configure PHP-FPM

By default, PHP-FPM is configured to run as an apache user and group. So you will need to configure it to run as an Nginx user and group. You can do it by editing the file /etc/php-fpm.d/www.conf:

nano /etc/php-fpm.d/www.conf

Change the following lines:

user = nginx group = nginx

Save and close the file then create a session directory and set proper ownership with the following command:

mkdir -p /var/lib/php/session

chown -R nginx:nginx /var/lib/php/session

Next, edit the php.ini file and tweak some recommended settings:

nano /etc/php.ini

Change the following lines:

memory_limit = 512M upload_max_filesize = 20M date.timezone = Asia/Kolkata

Save and close the file then restart the PHP-FPM service to apply the changes:

systemctl restart php-fpm

Create a Database for Shopware

Next, you will need to create a database and user for Shopware. First, connect to the MariaDB using the following command:

mysql

Once connected, create a database and user with the following command:

MariaDB [(none)]> CREATE DATABASE shopware;

MariaDB [(none)]> GRANT ALL ON shopware.* TO 'shopware' IDENTIFIED BY 'password';

Next, flush the privileges and exit from the MariaDB with the following command:

MariaDB [(none)]> FLUSH PRIVILEGES;

MariaDB [(none)]> EXIT;

Once you are finished, you can proceed to the next step.

Download Shopware

Next, you will need to download the latest version of Shopware for its official website. First, create a directory for Shopware inside Nginx root directory:

mkdir /var/www/html/shopware

Next, download the Shopware with the following command:

wget https://www.shopware.com/en/Download/redirect/version/sw6/file/install_v6.3.5.0_ba08dbfc07784b5cefe7837f2abbda69dbf5b8b7.zip -O shopware.zip

Once the download is completed, extract the downloaded file to the shopware directory:

unzip shopware.zip -d /var/www/html/shopware

Next, set proper permission and ownership with the following command:

chown -R nginx:nginx /var/www/html/shopware

chmod -R 775 /var/www/html/shopware

Once you are finished, you can proceed to the next step.

Configure Nginx for Shopware

Next, create an Nginx virtual host configuration file for Shopware with the following command:

nano /etc/nginx/conf.d/shopware.conf

Add the following lines:

server { listen 80; # Handle / to index.php index index.php; # Our server name server_name shopware.example.com; # Where the code is located root /var/www/html/shopware/public; # Needed for Shopware install / update location /recovery/install { index index.php; try_files $uri /recovery/install/index.php$is_args$args; } location /recovery/update/ { if (!-e $request_filename){ rewrite . /recovery/update/index.php last; } } # Forward any not found file to index.php. Also allows to have beautiful urls like /homemade-products/ location / { try_files $uri /index.php$is_args$args; } # Let php-fpm handle .php files location ~ \.php$ { fastcgi_split_path_info ^(.+\.php)(/.+)$; include fastcgi.conf; fastcgi_param HTTP_PROXY ""; fastcgi_buffers 8 16k; fastcgi_buffer_size 32k; fastcgi_read_timeout 300s; client_body_buffer_size 128k; fastcgi_pass unix:/run/php-fpm/www.sock; http2_push_preload on; } }

Save and close the file then verify the Nginx for any syntax error with the following command:

nginx -t

You should get the following output:

nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf test is successful

Next, restart the Nginx service to apply the changes:

systemctl restart nginx

You can also verify the Nginx status using the command below:

systemctl status nginx

You should get the following output:

? nginx.service - The nginx HTTP and reverse proxy server Loaded: loaded (/usr/lib/systemd/system/nginx.service; disabled; vendor preset: disabled) Drop-In: /usr/lib/systemd/system/nginx.service.d ??php-fpm.conf Active: active (running) since Tue 2021-02-02 00:40:04 EST; 19s ago Process: 76059 ExecStart=/usr/sbin/nginx (code=exited, status=0/SUCCESS) Process: 76057 ExecStartPre=/usr/sbin/nginx -t (code=exited, status=0/SUCCESS) Process: 76054 ExecStartPre=/usr/bin/rm -f /run/nginx.pid (code=exited, status=0/SUCCESS) Main PID: 76060 (nginx) Tasks: 3 (limit: 12523) Memory: 5.5M CGroup: /system.slice/nginx.service ??76060 nginx: master process /usr/sbin/nginx ??76061 nginx: worker process ??76062 nginx: worker process Feb 02 00:40:04 centos8 systemd[1]: Stopped The nginx HTTP and reverse proxy server. Feb 02 00:40:04 centos8 systemd[1]: Starting The nginx HTTP and reverse proxy server... Feb 02 00:40:04 centos8 nginx[76057]: nginx: the configuration file /etc/nginx/nginx.conf syntax is ok Feb 02 00:40:04 centos8 nginx[76057]: nginx: configuration file /etc/nginx/nginx.conf test is successful Feb 02 00:40:04 centos8 systemd[1]: Started The nginx HTTP and reverse proxy server.

Configure SELinux and Firewall

By default, SELinux is enabled in CentOS 8. So you will need to configure SELinux context for Shopware. You can configure it with the following command:

setsebool httpd_can_network_connect on -P

chcon -R -u system_u -t httpd_sys_rw_content_t -r object_r /var/www/html/shopware

Next, allow port 80 and 443 through the firewalld with the following command:

firewall-cmd --permanent --add-service=http

firewall-cmd --permanent --add-service=https

firewall-cmd --reload

Once you are finished, you can proceed to the next step.

Access Shopware Web Interface

Now, open your web browser and type the URL http://shopware.example.com.

Select your language and click on the Next button. Make sure all the requirements have been met then click on the Next button. You should see the following page:

Agree to the GTC and click on the Next button. You should see the following page:

Provide your database, username, password and click on the Start installation button. Once the installation has been completed, you should see the following page:

Click on the Next page. You will be asked to provide your Shop name, email address, currency, country, admin username, password and click on the Next button. You will be redirected to the Shopware dashboard:

Provide all information and click on the Next button. You should see the following page:

Install your desired language plugins and click on the Next button. You should see the following page:

Install demo data or skip this and click on the Next button. You should see the following page:

Click on the Configure later. You should see the following page:

Click on the Skip button. You should see the following page:

Click on the Next button.You should see the following page:

Click on the Skip button. You should see the following page:

Click on the Finish button. You should see the Shopware welcome page:

Secure Shopware With Let's Encrypt SSL

Next, you will need to install the Certbot utility in your system to download and install Let's Encrypt SSL for Let's Chat domain.

You can install the Certbot client with the following command:

wget https://dl.eff.org/certbot-auto

mv certbot-auto /usr/local/bin/certbot-auto

chown root /usr/local/bin/certbot-auto

chmod 0755 /usr/local/bin/certbot-auto

Next, obtain and install an SSL certificate for your lets domain with the following command:

certbot-auto --nginx -d shopware.example.com

The above command will first install all the required dependencies on your server. Once installed, you will be asked to provide an email address and accept the term of service as shown below:

Saving debug log to /var/log/letsencrypt/letsencrypt.log Plugins selected: Authenticator nginx, Installer nginx Enter email address (used for urgent renewal and security notices) (Enter 'c' to cancel): [email protected] - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Please read the Terms of Service at https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must agree in order to register with the ACME server at https://acme-v02.api.letsencrypt.org/directory - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - (A)gree/(C)ancel: A - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Would you be willing to share your email address with the Electronic Frontier Foundation, a founding partner of the Let's Encrypt project and the non-profit organization that develops Certbot? We'd like to send you email about our work encrypting the web, EFF news, campaigns, and ways to support digital freedom. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - (Y)es/(N)o: Y Obtaining a new certificate Performing the following challenges: http-01 challenge for shopware.example.com Waiting for verification... Cleaning up challenges Deploying Certificate to VirtualHost /etc/nginx/conf.d/shopware.conf

Next, select whether or not to redirect HTTP traffic to HTTPS as shown below:

Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 1: No redirect - Make no further changes to the webserver configuration. 2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for new sites, or if you're confident your site works on HTTPS. You can undo this change by editing your web server's configuration. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2

Type 2 and hit Enter to continue. Once the installation has been finished, you should see the following output:

Redirecting all traffic on port 80 to ssl in /etc/nginx/conf.d/shopware.conf - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Congratulations! You have successfully enabled https://shopware.example.com You should test your configuration at: https://www.ssllabs.com/ssltest/analyze.html?d=shopware.example.com - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - IMPORTANT NOTES: - Congratulations! Your certificate and chain have been saved at: /etc/letsencrypt/live/shopware.example.com/fullchain.pem Your key file has been saved at: /etc/letsencrypt/live/shopware.example.com/privkey.pem Your cert will expire on 2021-04-2. To obtain a new or tweaked version of this certificate in the future, simply run certbot-auto again with the "certonly" option. To non-interactively renew *all* of your certificates, run "certbot-auto renew" - If you like Certbot, please consider supporting our work by: Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate Donating to EFF: https://eff.org/donate-le

You can now access Shopware securely using the URL https://shopware.example.com.

Conclusion

Congratulations! you have successfully installed and configured Shopware with Nginx and Let's Encrypt SSL on CentOS 8. You can now easily host your own online store with Shopware. Feel free to ask me if you have any questions.