Difference between revisions of "CentOS 7.x create lightsail redmine instance"
From Notes_Wiki
(Created page with "<yambe:breadcrumb>CentOS_7.x_redmine|redmine</yambe:breadcrumb> <yambe:breadcrumb>CentOS_7.x_Setup_lightsail_instances|Setup lightsail instances</yambe:breadcrumb> =CentOS 7.x...") |
m |
||
Line 7: | Line 7: | ||
# For production instances create static IP and attach with instance | # For production instances create static IP and attach with instance | ||
# Create DNS entry for FQDN mapping to static IP | # Create DNS entry for FQDN mapping to static IP | ||
# Allow HTTPS access to server in | # Allow HTTPS access to server in lightsail instance networking firewall section | ||
# Download corresponding regions private key | # Download corresponding regions private key | ||
# <tt>chmod 400 <private-key></tt> | # <tt>chmod 400 <private-key></tt> |
Revision as of 02:48, 14 February 2019
<yambe:breadcrumb>CentOS_7.x_redmine|redmine</yambe:breadcrumb> <yambe:breadcrumb>CentOS_7.x_Setup_lightsail_instances|Setup lightsail instances</yambe:breadcrumb>
CentOS 7.x create lightsail redmine instance
To create a AWS ligtsail instance with redmine use following steps:
- Create appropriate lightsail instance
- For production instances create static IP and attach with instance
- Create DNS entry for FQDN mapping to static IP
- Allow HTTPS access to server in lightsail instance networking firewall section
- Download corresponding regions private key
- chmod 400 <private-key>
- ssh -i <private-key> centos@<instance-public-ip>
- sudo su -
- yum -y install vim
- vim ~/.ssh/authorized_keys
- Add own key, Allow <private-key> direct root aaccess. (First line 155x)
- Set hostname
- hostname <desired-fqdn>
- vim /etc/hostname
- Exit
- ssh directly as root with self public key
- Search for bitnami installer URL
- yum -y install epel-release
- yum -y install wget
- wget '<Download-URL>' -O '<Installer-filename>'
- yum -y install perl-Data-Dumper
- Create appropriate swap space using CentOS 7.x adding swap space using file
- chmod +x <Installer-filename>
- ./<Installer-filename>
- Give standard answers with simple password and admin username. Email can be configured later.
- Setup fail2ban using CentOS 7.x fail2ban including firewalld using CentOS 7.x Basic firewalld configuration
- Set correct time zone CentOS 7.x Change system timezone
- Configure system to store history date time using Storing date / time along with commands in history
- exit and ssh again for history settings to take effect
- cd /opt/redmine-<ver>/apache2/htdocs
- mv index.html index-old.html
- wget sbarjatiya.com for downloading index.html containing HTTP meta refresh for redirection
- vim index.html
- Add redirect for /owncloud, Remove google identifier, Set appropriate name
- Login into redmine and enable authentication and disable self-signup. Optionally enable REST API access.
- Generate lets-encrypt certificate if public DNS FQDN is set using:
- /opt/redmine-<ver>/letsencrypt/scripts/generate-certificate.sh -m <admin-email-id> -d <FQDN>
-
- Run above command again if it fails first time.
- Refer: https://docs.bitnami.com/aws/how-to/generate-install-lets-encrypt-ssl/
- 'crontab -e' and update
- 0 0 1 * * /opt/redmine-4.0.0-0/letsencrypt/lego
-
- line to to have first two digit 0 and 0 randomized to minutes between 5 to 55 and hour between 1 to 4
- Open site using https://<fqdn> and verify that it is opening properly
- For compulsary https access edit /opt/redmine-<ver>/apache2/conf/bitnami/bitnami.conf and under
- DocumentRoot "/opt/redmine-<ver>/apache2/htdocs"
-
- Append
- RewriteEngine On
- RewriteCond %{HTTPS} !=on
- RewriteRule ^/(.*) https://%{SERVER_NAME}/$1 [R,L]
- Append
- /opt/redmine-<ver>/ctlscript.sh restart apache
- Test whether automatic redirection to https is working in private browser
- yum -y install bzip2
- Open /opt/redmine-<ver>/apps/redmine/htdocs/config/database.yml and see database, username and password
- /opt/redmine-<ver>/mysql/bin/mysql -u bitnami -p bitnami_redmine
-
- with password read in above step
- Create /opt/take-database-backup.sh with following contents:
- /opt/redmine-<ver>/mysql/bin/mysqldump -u bitnami -p<password> bitnami_redmine | bzip2 > /opt/bitnami_redmine.sql.bz2
- chmod +x above file and test it by running.
- Configure backup for /opt folder which executes /opt/take-database-backup.sh before backup.
- Install logwatch and set /etc/aliases for root user
<yambe:breadcrumb>CentOS_7.x_redmine|redmine</yambe:breadcrumb>
<yambe:breadcrumb>CentOS_7.x_Setup_lightsail_instances|Setup lightsail instances</yambe:breadcrumb>