Join the community today
Become a Member

Install Beginner CentMinMod Installation Video Tutorials

Discussion in 'Centmin Mod User Tutorials & Guides' started by Rake-GH, Mar 25, 2020.

  1. Rake-GH

    Rake-GH Active Member

    101
    40
    28
    Jul 29, 2019
    USA
    Ratings:
    +67
    Local Time:
    5:20 AM
    default
    default
    This video series is for beginners. If you are new to CentMin Mod or nginx this will be very helpful to you. It's a 5-6 part series which is very thorough in showing you the entire process of setting up a website on CentMinMod.

    I'm not an expert with web hosting and CentMinMod but I try to teach everything that I know in the best way that I can, again this is for beginners. These videos are not a substitution for reading documentation, they are a useful guide for beginners in video format.

    This series will show you basic centminmod installation using Cloudflare and later we will show you how to setup phpmyadmin, Xenforo 2, mailcow and much more.

    What you will learn in part 1 of this CentMinMod Tutorial:
    • Initial installation of CentMin Mod on a Digital Ocean droplet
    • nginx vhost setup and basics of nginx config files
    • lets encrypt SSL cert generation
    • How to remove a vhost
    • Cloudflare setup and configuration with CentMinMod
    • persisitent custom php config file
    • centminmod custom config flags
    • How to connect to your server via FTP
    • locking down default vhost with htpasswd
    • basics of managing your server


    If you are planning to use CentMinMod it is important that you read the documentation a few times and run 2-3 test installs and migrations before doing it live.
    For the latest up to date info about this series visit the main thread
     
    Last edited: Apr 2, 2020
    • Informative Informative x 1
  2. Rake-GH

    Rake-GH Active Member

    101
    40
    28
    Jul 29, 2019
    USA
    Ratings:
    +67
    Local Time:
    5:20 AM
    default
    default
    CentMinMod Tutorial 2 - Cloudflare, nginx rate limiting & more

    In our last video you learned how to setup and manage a centminmod website with cloudflare, in this video I will teach you how to setup authenticated origin pulls and some more tips on managing your server.

    In this video tutorial you will learn:
    • Cloudflare Authenticated Origin Pulls
    • Full vs Strict SSL Cloudflare settings
    • Cloudflare Force SSL Redirects & Re-writes
    • Coudflare automated IP whitelisting
    • How to update nginx & phpfpm
    • How to enable Profile Guided Optimizations
    • How to enable Zero Downtime nginx updates
    • seperate nginx redirect map
    • nginx rate limiting
    • ssh FTP Mode with Filezilla
    • how to manage /var/spool/mail/root
    • Simple manual backup script


    Cloudflare Authenticated Origin Pulls
    - Cloudflare - Setting Up Cloudflare Authenticated Origin Pulls Protecting Your Origins

    Full vs Strict SSL Cloudflare settings
    No SSL on origin = Flexible mode
    Self Signed or Let's Encrypt = Full
    Let's Encrypt or other CA cert = Strict

    Cloudflare Force SSL Redirects & Re-writes
    Always use HTTPS = redirect all queries for HTTP to HTTPS

    HTTPS Re-writes = On the CDN side, it will replace all your internal links from HTTP to HTTPS, therefore you don't need to change all your internal links. Also, less server load because it's done on the CDN side.

    Enable Profile Guided Optimizations
    - Insight Guide - How to boost Centmin Mod LEMP stack performance

    Code:
    echo "PHP_PGO='y'" >> /etc/centminmod/custom_config.inc
    Then recompile PHP via Centmin PHP upgrade option

    Enable Zero Downtime nginx upgrades
    Code:
    echo "NGINX_ZERODT='y'" >> /etc/centminmod/custom_config.inc
    Normally your server won't be accessible for 10-30 seconds, with zero downtime upgrades enabled your server will only be down for less than 1 second, if at all.

    - Beta Branch - Nginx Upgrade - zero downtime mode

    How to Update NGINX and PHP-FPM
    You can easily do both of these via the centmin.sh menu, it can take 5-10 minutes to complete. But your server will only go down for 5-30 seconds in my experience during the final stages of the upgrade. You can downgrade and upgrade easily at any time with very minimal impact.

    Seperate nginx redirect map
    Create redirects.conf in the same folder as your other nginx config files ( /usr/local/nginx/conf/conf.d/ )

    redirects.conf:
    Code:
    map $request_uri $redirect_uri {
    
        /403.html /404.html
    
    }
    inside your sites .conf file, find the location block and modify it to look similar to this:

    Code:
      location / {
    
        #map redirects from redirects.conf
    
        if ( $redirect_uri ) {
    
          return 301 $redirect_uri;
    
        }
      }
    NGINX Rate Limiting
    - NGINX Rate Limiting

    Inside your site's .conf file, add this to your global namespace:

    Code:
    limit_req_zone $binary_remote_addr zone=public:10m rate=200r/m;
    Inside your main / location block add:
    Code:
    limit_req zone=public burst=400 nodelay;

    This will allow 200 requests per minute per ip address, with an ability to burst up to 400 requests per minute when necessary. If your server is receiving many requests from a single user, the burst & nodelay option will allow them to bypass the rate limiting. If there are many users doing many requests, such as during a DDOS attack the burst and nodelay settings will not apply and the rate limiting will still protect you. Read more: NGINX Rate Limiting

    Simple Manual Backup Script
    Code:
    tar -zcvpf /home/nginx/domains/testserver.best/backup/full_backups/$(date +"%m_%d_%Y")-sitebackupPUBLIC-.tar.gz /home/nginx/domains/testserver.best/public/;
    
    tar -zcvpf /home/nginx/domains/testserver.best/backup/full_backups/$(date +"%m_%d_%Y")-mainPUBLIC.tar.gz /usr/local/nginx/html/;
    
    tar -zcvpf /home/nginx/domains/testserver.best/backup/full_backups/$(date +"%m_%d_%Y")-CONF.tar.gz /usr/local/nginx/conf/conf.d/;
    
     
    Last edited: Mar 25, 2020
  3. Rake-GH

    Rake-GH Active Member

    101
    40
    28
    Jul 29, 2019
    USA
    Ratings:
    +67
    Local Time:
    5:20 AM
    default
    default
    CentMinMod Tutorial 3 - Install Xenforo 2 on nginx

    This tutorial will teach you how to setup Xenforo 2 on nginx, specifically using CentMinMod but it will be applicable to most any Xenforo 2 nginx installation.

    You will learn how to:
    • install Xenforo 2
    • setup mysql database
    • proper nginx config setup
    • how to use mysqldump
    • how to setup memcached
    • how to view statistic files for zend opcache, memcached
    • password protect internal main vhost


    Commands for changing permissions of Xenforo files and directories after upload
    Code:
    find /home/nginx/domains/testserver.best/public/ -type f -print0 | xargs -0 chmod 0644
    find /home/nginx/domains/testserver.best/public/ -type d -print0 | xargs -0 chmod 0755
    find /home/nginx/domains/testserver.best/public/internal_data/ -type f -print0 | xargs -0 chmod 0777
    find /home/nginx/domains/testserver.best/public/data/ -type f -print0 | xargs -0 chmod 0777
    find /home/nginx/domains/testserver.best/public/internal_data/ -type d -print0 | xargs -0 chmod 0777
    find /home/nginx/domains/testserver.best/public/data/ -type d -print0 | xargs -0 chmod 0777
    chmod 0755 /home/nginx/domains/testserver.best/public
    Password Protect Xenforo folders in nginx config

    Code:
    location /admin.php {
        auth_basic "Private";
        auth_basic_user_file /usr/local/nginx/conf/htpasswd;
        include /usr/local/nginx/conf/php.conf;
    }
    
    location /install/ {
        auth_basic "Private";
        auth_basic_user_file /usr/local/nginx/conf/htpasswd;
        include /usr/local/nginx/conf/php.conf;
    }   
    Add to the bottom of your config.php file to enable memcached:
    Code:
    $config['cache']['enabled'] = true;
    $config['cache']['provider'] = 'Memcached';
    $config['cache']['config'] = [
        'server' => '127.0.0.1',
        'port' => '11211'
    ];
    
    To flush memcached:
    Code:
    echo 'flush_all' | nc localhost 11211
    Simple mysqldump gzipped with date:
    Code:
    /usr/bin/mysqldump DBNAME | gzip > ~/backups/db.$(date +%F).sql.gz
    Important Links
    Installation and upgrades - XenForo 2 Manual
    Options - XenForo 2 Manual
     
  4. Rake-GH

    Rake-GH Active Member

    101
    40
    28
    Jul 29, 2019
    USA
    Ratings:
    +67
    Local Time:
    5:20 AM
    default
    default
    CentMin Mod Tutorial 4 - vBulletin NGINX redirects for Xenforo 2

    Many people have migrated their forums from vBulletin 4 to Xenforo 2. So many in fact, that Xenforo has a vbulletin to Xenforo redirect plugin
    This addon doesn't work out of the box with NGINX, especially when using SEO friendly URLS. I'm going to show you how to fix that.

    In order to use Friendly URLS, Xenforo 2 requires special changes to the NGINX config. On Apache it works out of the box, but if you're using NGINX you need to make some changes outlined in the Xenforo 2 Manual.

    This tutorial will teach you how to setup Friendly URL redirection from vBulletin to Xenforo using NGINX.

    If you're using the vBulletin -> Xenforo 2 redirect plugin you will also need to modify the try_files directive because out of the box this plugin does not work on NGINX with vBulletin redirects. It works fine out of the box in Apache but not NGINX.



    The specific change you need to make is here:

    Code:
    location ~ \.php$ {
        #normal:
        #try_files $uri =404;
    
        #vbulletin redirect fix
        try_files $uri /index.php?$uri&$args;
    
        fastcgi_pass    127.0.0.1:9000;
        fastcgi_param   SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include         fastcgi_params;
    }
    eva says the bottom part of this code is redundant as it's handled in another file but I could not get friendly URLS to work with vbulletin redirects without this.

    Important Links
     
    Last edited: Mar 28, 2020
  5. Rake-GH

    Rake-GH Active Member

    101
    40
    28
    Jul 29, 2019
    USA
    Ratings:
    +67
    Local Time:
    5:20 AM
    default
    default
    CentMin Mod Tutorial 5 - How to install phpMyAdmin & SSL Certs

    This tutorial will show you how to install phpmyadmin on CentMin Mod under our default main vhost. You will learn how to generate a new SSL certificate from Let's Encrypt for the subdomain so that we can enable Full Strict SSL mode in Cloudflare.

    In the previous video we setup authenticated origin pulls but the main vhost wasn't accesible using Full Strict SSL because it was using a self signed certificate.

    You will learn how to:
    - Change hostname
    - Install phpmyadmin
    - issue and install a new subdomain certificate
    - use the vhost generator from centminmod



    Install phpyadmin:
    Code:
    cd /usr/local/src/centminmod/addons
    wget --no-check-certificate https://github.com/centminmod/phpmyadmin/raw/master/phpmyadmin.sh -O phpmyadmin.sh
    chmod 0700 /usr/local/src/centminmod/addons/phpmyadmin.sh
    ./phpmyadmin.sh install
    For everything else follow the video and the vhost generator linked below

    Important Links:
     
    Last edited: Mar 31, 2020
  6. Rake-GH

    Rake-GH Active Member

    101
    40
    28
    Jul 29, 2019
    USA
    Ratings:
    +67
    Local Time:
    5:20 AM
    default
    default
    How to Install Mailcow Tutorial + Xenforo 2 - Self hosted email

    Mailcow is by far the best self hosted email server. It is incredibly easy to install Mailcow as it is distributed as a docker container. @0xDEC0DE introduced it to me so thank you to him.

    It only takes 15 minutes to install and get all setup. In 15 minutes you can hook your website up with it's own email server. You want to use a separate email server because you cannot proxy your mail server behind Cloudflare. In order to hide your origin IP address you cannot use your web server as your email server. There are also several things you need to do to keep your server from getting blacklisted by spam blacklists which I will teach you.

    In this Mailcow tutorial you will learn how to:
    • Install mailcow on an Ubuntu Digital Ocean droplet
    • Set it up using Let's Encrypt SSL
    • Cloudflare configuration
    • DNS configuration
    • SPF, DKIM & DMARC setup
    • How to add mailboxes
    • How to setup Xenforo to use your mailcow server
    • Xenforo bounced email handling & one click unsubscribes
    • SMTP, POP3 usage



    Video links
     
    Last edited: Apr 2, 2020
  7. Rake-GH

    Rake-GH Active Member

    101
    40
    28
    Jul 29, 2019
    USA
    Ratings:
    +67
    Local Time:
    5:20 AM
    default
    default
    reserved
     
  8. rdan

    rdan Well-Known Member

    4,879
    1,162
    113
    May 25, 2014
    Ratings:
    +1,745
    Local Time:
    5:20 PM
    Mainline
    10.2
    This isn't true, during Nginx upgrade without the zerodowntime config.. Sites will work fine except for the time nginx restart which takes 1 second only.
     
  9. Rake-GH

    Rake-GH Active Member

    101
    40
    28
    Jul 29, 2019
    USA
    Ratings:
    +67
    Local Time:
    5:20 AM
    default
    default
    I updated this thread to include the latest 3 updates to this series:
    CentMin Mod Tutorial 4 - vBulletin NGINX redirects for Xenforo 2
    CentMin Mod Tutorial 5 - How to install phpMyAdmin & SSL Certs
    How to Install Mailcow Tutorial + Xenforo 2 - Self hosted email

    You can find them above ^
     
    • Like Like x 1