Join the community today
Register Now

Beta Branch Centmin Mod .09 beta branch Testing

Discussion in 'Beta release code' started by eva2000, Aug 12, 2015.

Tags:
  1. eva2000

    eva2000 Administrator Staff Member

    28,385
    6,445
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,545
    Local Time:
    4:44 PM
    Nginx 1.13.x
    MariaDB 5.5
    This thread is dedicated to testing Centmin Mod 1.2.3-eva2000.09 betas. Starting with Github branch 123.09beta01. You can get a feel of what development and effort gets put into betas by checking out previous .08 beta thread. Testing, feedback and suggestions by users will make Centmin Mod next release even better :D

    How to install 123.09beta01 Initially



    If you are not an existing 123.08stable user or want to start off with 123.09beta01. The quick one liner curl install method is best. Everything is the same as method 3 outlined here just using betainstaller.sh instead of installer.sh or betainstaller55.sh or betainstaller56.sh. You'd still want to bookmark and read and re-read the Getting Started Guide for updates and useful info and tips to get you on your way using Centmin Mod LEMP stack..

    Defaults to PHP 5.6.x branch
    Code (Text):
    yum -y update; curl -O https://centminmod.com/betainstaller.sh && chmod 0700 betainstaller.sh && bash betainstaller.sh


    Add new php 7.0.14+ default installer
    Code (Text):
    yum -y update; curl -O https://centminmod.com/betainstaller7.sh && chmod 0700 betainstaller7.sh && bash betainstaller7.sh


    Add installer-latest.sh for 123.09beta01, allows default PHP 7.0.14 or newer + Zend Opcache + enable customcurl RPM install to update from curl/libcurl 7.19/7.29 to 7.44 all out of box defaults for fresh 123.09beta01 and higher installs. As well newly added options outlined here.

    Can be installed via one liner install method
    Code (Text):
    yum -y update; curl -O https://centminmod.com/betainstaller-latest.sh && chmod 0700 betainstaller-latest.sh && bash betainstaller-latest.sh
    


    Added installer-minimal.sh option for 123.09beta01 with a preset persist config file /etc/centminmod/custom_config.inc already populated reducing number of Nginx modules to minimal amount

    Code (Text):
    yum -y update; curl -O https://centminmod.com/betainstaller-minimal.sh && chmod 0700 betainstaller-minimal.sh && bash betainstaller-minimal.sh
    


    How to switch to 123.09beta01 branch ?



    If you're using Centmin Mod 1.2.3-eva2000.08 stable release (123.08stable branch) and have setup git environment via centmin.sh menu option 23 submenu 1. Then switching from 123.08stable branch to 123.09beta01 branch is easy via centmin.sh menu option 23 submenu option 3 (you can switch between 123.09beta01 back to 123.08 stable via same submenu option 3 too).

    launch centmin.sh via cmd shortcut = centmin or via command in SSH below or check out dedicated menu page and youtube video on how to invoke centmin.sh.
    Code (Text):
    cd  /usr/local/src/centminmod
    ./centmin.sh


    If you already have centmin.sh option 23 submenu option 1 setup for git environment, go straight to centmin.sh option 23 submenu option 3. If you have yet to run centmin.sh option 23 submenu option 1, follow guide at centminmod.com/upgrade.html.

    Code (Text):
    --------------------------------------------------------
    Centmin Mod 1.2.3-eva2000.08 - http://centminmod.com
    --------------------------------------------------------
                       Centmin Mod Menu
    --------------------------------------------------------
    1).  Centmin Install
    2).  Add Nginx vhost domain
    3).  NSD setup domain name DNS
    4).  Nginx Upgrade / Downgrade
    5).  PHP Upgrade / Downgrade
    6).  XCache Re-install
    7).  APC Cache Re-install
    8).  XCache Install
    9).  APC Cache Install
    10). Memcached Server Re-install
    11). MariaDB 5.2/5.5 & 10.x Upgrade Sub-Menu
    12). Zend OpCache Install/Re-install
    13). Install ioping.sh vbtechsupport.com/1239/
    14). SELinux disable
    15). Install/Reinstall ImagicK PHP Extension
    16). Change SSHD Port Number
    17). Multi-thread compression: pigz,pbzip2,lbzip2...
    18). Suhosin PHP Extension install
    19). Install FFMPEG and FFMPEG PHP Extension
    20). NSD Re-install
    21). Update - Nginx + PHP-FPM + Siege
    22). Add Wordpress Nginx vhost + WP Super Cache
    23). Update Centmin Mod Code Base
    24). Exit
    --------------------------------------------------------
    Enter option [ 1 - 24 ] 23
    --------------------------------------------------------


    centmin.sh option 23 submenu option 3 will list out all available remote branches on github in date descending order with most recently updated remote branch at top and prompt you to enter the branchname you want to switch to which in this case is 123.09beta01

    Code (Text):
    --------------------------------------------------------
            Centmin Mod Updater Sub-Menu              
    --------------------------------------------------------
    1). Setup Centmin Mod Github Environment
    2). Update Centmin Mod Current Branch
    3). Update Centmin Mod Newer Branch
    4). Exit
    --------------------------------------------------------
    Enter option [ 1 - 4 ] 3
    --------------------------------------------------------
    
    fetching latest branch list...
    
    Update Centmin Mod to newer branch via git
    You need to input the name of the branch
    List of current remote branches by descending date order
    
    123.09beta01
    123.08stable
    
    Enter the branch name you want to switch to i.e. 123.09beta01 : 123.09beta01
    
    download github.com centmin mod 123.09beta01 branch repo
    time git clone -b 123.09beta01 --depth=1 https://github.com/centminmod/centminmod.git centminmod
    Cloning into 'centminmod'...
    
    real    0m1.634s
    user    0m0.280s
    sys     0m0.136s
    
    list all available local branches
            git branch -a
    * 123.09beta01
      remotes/origin/123.09beta01
    
    list git log last commit
            git log -a
    commit 071704dc6e8548c184d55080eda4a00abbf9e9e8
    Author: George Liu <snipped>
    Date:   Mon May 29 11:19:36 2017 +1000
    
        update inc/updater_submenu.inc
       
        exclude some branches for change branch listing
    
    to update centmin mod 123.09beta01 branch repo via git
            cd /usr/local/src/centminmod
            git stash
            git pull
            chmod +x centmin.sh
    
    ####################### IMPORTANT #######################
     To complete update 
    ####################### IMPORTANT #######################
     run:
    
      cd /usr/local/src/centminmod
    
     before invoking centmin.sh again
    ####################### IMPORTANT #######################
    


    Then hit submenu option 4 to go back to main menu on centmin.sh and then hit centmin.sh menu option 24 to exit. Then you need to change into the directory again for /usr/local/src/centminmod as it's a new directory under 123.09beta01 code
    Code (Text):
    cd  /usr/local/src/centminmod


    type git log -2 to confirm that the last git commits listed are latest from official commit history at Commits · centminmod/centminmod · GitHub

    How to update 123.09beta01 branch ?



    As you have git environment setup, updating is as easy as using centmin.sh menu option 23 submenu option 2.

    Code (Text):
    --------------------------------------------------------
            Centmin Mod Updater Sub-Menu
    --------------------------------------------------------
    1). Setup Centmin Mod Github Environment
    2). Update Centmin Mod Current Branch
    3). Update Centmin Mod Newer Branch
    4). Back to Main menu
    --------------------------------------------------------
    Enter option [ 1 - 4 ] 2
    --------------------------------------------------------
    
     
    Last edited: May 29, 2017
    • Informative Informative x 1
  2. eva2000

    eva2000 Administrator Staff Member

    28,385
    6,445
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,545
    Local Time:
    4:44 PM
    Nginx 1.13.x
    MariaDB 5.5

    123.09beta01 changes to date



    With 123.08stable release officially on July 31, 2015. I had already started making updates from August 1st, 2015 for 123.09beta01 branch as outlined at Commits · centminmod/centminmod · GitHub Some are minor fixes and speed improvements for initial install times.

    123.09 beta01 Change Log



    Centmin Mod 123.09 beta change log:

    Nginx HTTP/2 Support to Replace SPDY SSL



    The biggest change added is now for the Nginx HTTP/2 alpha patch. Official Nginx blog announcement at Announcing an Early Alpha Patch for HTTP/2 - NGINX Basically, Google is dropping SPDY based SSL for newer HTTP/2 based SSL.

    I have already started HTTP/2 benchmarks with other web servers such as h2o and OpenLiteSpeed which you can see at h2ohttp2.centminmod.com/webpagetests1.html. So it's good news that Nginx is progressing and released an Nginx HTTP/2 alpha patch :D

    You can see example of how I updated Centmin Mod to 123.09beta01 and then recompiled Nginx via centmin.sh menu option 4 to enable and apply the Nginx HTTP/2 alpha patch to Nginx here.


    HTTP/2 Links & Info

    Added IUS Community Repo and Python 2.7 & Python 3.4


    Wordpress Auto Installer without WP-CLI


    • To work wround WP-CLI incompatibilities with PHP 7 and centmin.sh menu option 22. Full details here.

    MariaDB 10.0 to 10.1 Upgrade Routine



    Details here.
     
    Last edited: Jun 23, 2017
  3. Andy

    Andy Active Member

    281
    42
    28
    Aug 6, 2014
    Ratings:
    +49
    Local Time:
    2:44 AM
    Time for a nginx/http2 benchmark to be added to previous ones.
     
  4. eva2000

    eva2000 Administrator Staff Member

    28,385
    6,445
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,545
    Local Time:
    4:44 PM
    Nginx 1.13.x
    MariaDB 5.5
  5. eva2000

    eva2000 Administrator Staff Member

    28,385
    6,445
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,545
    Local Time:
    4:44 PM
    Nginx 1.13.x
    MariaDB 5.5
  6. eva2000

    eva2000 Administrator Staff Member

    28,385
    6,445
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,545
    Local Time:
    4:44 PM
    Nginx 1.13.x
    MariaDB 5.5
    Updated first post with 123.09beta01 one line curl install command. Test away - just note with Nginx HTTP/2 patch applied by default, ngx_pagespeed maybe broken for now.

    Code:
    curl -sL http://centminmod.com/betainstaller.sh | bash
    You can disable Nginx HTTP/2 patch by editing centmin.sh option and change from
    Code:
    NGINX_HTTP2=y
    to
    Code:
    NGINX_HTTP2=n
    then run centmin.sh menu option 4 to recompile Nginx 1.9.3+. However, the whole point of beta testing is to test new features ;)
     
    • Like Like x 1
  7. eva2000

    eva2000 Administrator Staff Member

    28,385
    6,445
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,545
    Local Time:
    4:44 PM
    Nginx 1.13.x
    MariaDB 5.5
    heads up version 2 of the Nginx HTTP/2 patch was released Index of /patches/http2/ :)

    Code:
    2015-08-14 Version 2 (NGINX 1.9.3)
    - Introduced NPN support for HTTP/2 negotiation (this reduces OpenSSL version
       requirement to 1.0.1+);
    - Various fixes in the prioritization mechanism;
    - Fixed missing "Location" response header in some configurations;
    - Fixed processing of the ":authority" pseudo-header (the HTTP/2 analog of
       the "Host" header).
    
    2015-08-05 Version 1 (NGINX 1.9.3)
    The first public alpha release.
    centmin mod 123.09beta01 has been updated to ensure latest Nginx patch is applied each time you run Nginx upgrade/recompile via centmin.sh menu option 4 update inc/nginx_upgrade.inc ensure latest HTTP/2 patch applied · centminmod/centminmod@26a6138 · GitHub

    Nginx HTTP/2 version 2 patch fixed my Nginx HTTP/2 + ngx_pagespeed issues !

    Working now :)

    Code:
    nghttp -nas https://centminmod.com:443
    ***** Statistics *****
    
    Request timing:
      responseEnd: the  time  when  last  byte of  response  was  received
                   relative to connectEnd
    requestStart: the time  just before  first byte  of request  was sent
                   relative  to connectEnd.   If  '*' is  shown, this  was
                   pushed by server.
          process: responseEnd - requestStart
             code: HTTP status code
             size: number  of  bytes  received as  response  body  without
                   inflation.
              URI: request URI
    
    see http://www.w3.org/TR/resource-timing/#processing-model
    
    sorted by 'complete'
    
    id  responseEnd requestStart  process code size request path
    13    +80.22ms       +532us  79.69ms  200  29K /
    15    +91.08ms     +66.98ms  24.10ms  200   9K /img/favicon.ico
    17   +125.17ms     +66.99ms  58.18ms  200  60K /css/A.localfonts.css+font-awesome.min.css+bootstrap.min.css+hover-dropdown-menu.css+icons-set8.css+animate.min.css+style.css+responsive.css+color.css,Mcc.FHj-r4A0cI.css.pagespeed.cf.YOn5Xvomna.css
    21   +141.41ms     +66.99ms  74.42ms  200   7K /js/hover-dropdown-menu.js+jquery.hover-dropdown-menu-addon.js+jquery.easing.1.3.js.pagespeed.jc.vy5S6wKQse.js
    25   +156.83ms     +67.03ms  89.81ms  200   6K /js/custom.js.pagespeed.jm.q-StvNlmtR.js
    19   +157.11ms     +66.99ms  90.11ms  200  38K /js/jquery.min.js+bootstrap.min.js.pagespeed.jc.Cd39AMnoIp.js
    23   +157.12ms     +67.02ms  90.09ms  200  24K /js/bootstrapValidator.min.js.pagespeed.jm.YU3KUlvaHb.js   
     
    Last edited: Aug 15, 2015
  8. eva2000

    eva2000 Administrator Staff Member

    28,385
    6,445
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,545
    Local Time:
    4:44 PM
    Nginx 1.13.x
    MariaDB 5.5
    August 17th Git commits for 123.09beta01 add IUS Community YUM repo support (repo backed by folks at Rackspace) to provide a cleaner Python 2.7 and Python 3.4 side by side install with system Python 2.6 (CentOS 6) and Python 2.7 (CentOS 7). Updates add 2 new addons and update one existing addon. 123.09beta01 addons listing on github
    • /addons/python27_install.sh updated
    • /addons/python34_install.sh added
    • /addons/ius-repo.sh added
    With addons/ius-repo.sh ran you will install IUS Community YUM repo so can manually install Python 2.7 and/or 3.4 via commands

    For Python 2.7 if on CentOS 6. CentOS 7 already uses Python 2.7 so not needed
    Code:
    yum -y install python27 python27-devel python27-pip python27-setuptools python27-tools python27-virtualenv --enablerepo=ius
    Code:
    # rpm -ql python27 python27-pip python27-virtualenv | grep bin
    # /usr/bin/pydoc27
    # /usr/bin/python2.7
    # /usr/bin/pip2.7
    # /usr/bin/virtualenv-2.7
    For Python 3.4 on either CentOS 6 or CentOS 7
    Code:
    yum -y install python34u python34u-devel python34u-pip python34u-setuptools python34u-tools --enablerepo=ius
    Code:
    # rpm -ql python34u python34u-pip | grep bin
    # /usr/bin/pydoc3
    # /usr/bin/pydoc3.4
    # /usr/bin/python3
    # /usr/bin/python3.4
    # /usr/bin/python3.4m
    # /usr/bin/pyvenv
    # /usr/bin/pyvenv-3.4
    # /usr/bin/pip3
    # /usr/bin/pip3.4
    Code:
    python --version
    Python 2.6.6
    
    python2.7 --version
    Python 2.7.10
    
    python3.4 --version
    Python 3.4.3
    Full python 3.* versions and packages available in IUS Community repo on CentOS 6.7
    Code:
    yum list python3* --enablerepo=ius --disableplugin=priorities -q                  
    Available Packages
    python32.x86_64                                                                                                                    3.2.6-1.ius.centos6                                                                                                 ius
    python32-debug.x86_64                                                                                                              3.2.6-1.ius.centos6                                                                                                 ius
    python32-debuginfo.x86_64                                                                                                          3.2.6-1.ius.centos6                                                                                                 ius
    python32-devel.x86_64                                                                                                              3.2.6-1.ius.centos6                                                                                                 ius
    python32-hiredis.x86_64                                                                                                            0.2.0-1.ius.centos6                                                                                                 ius
    python32-hiredis-debuginfo.x86_64                                                                                                  0.2.0-1.ius.centos6                                                                                                 ius
    python32-libs.x86_64                                                                                                               3.2.6-1.ius.centos6                                                                                                 ius
    python32-lxml.x86_64                                                                                                               3.4.4-1.ius.centos6                                                                                                 ius
    python32-lxml-debuginfo.x86_64                                                                                                     3.4.4-1.ius.centos6                                                                                                 ius
    python32-mod_wsgi.x86_64                                                                                                           4.4.13-1.ius.centos6                                                                                                ius
    python32-mod_wsgi-debuginfo.x86_64                                                                                                 4.4.13-1.ius.centos6                                                                                                ius
    python32-postgresql.x86_64                                                                                                         1.1.0-2.ius.centos6                                                                                                 ius
    python32-postgresql-debuginfo.x86_64                                                                                               1.1.0-2.ius.centos6                                                                                                 ius
    python32-redis.noarch                                                                                                              2.10.3-1.ius.centos6                                                                                                ius
    python32-setuptools.noarch                                                                                                         18.0.1-1.ius.centos6                                                                                                ius
    python32-test.x86_64                                                                                                               3.2.6-1.ius.centos6                                                                                                 ius
    python32-tkinter.x86_64                                                                                                            3.2.6-1.ius.centos6                                                                                                 ius
    python32-tools.x86_64                                                                                                              3.2.6-1.ius.centos6                                                                                                 ius
    python33.x86_64                                                                                                                    3.3.6-1.ius.centos6                                                                                                 ius
    python33-debug.x86_64                                                                                                              3.3.6-1.ius.centos6                                                                                                 ius
    python33-debuginfo.x86_64                                                                                                          3.3.6-1.ius.centos6                                                                                                 ius
    python33-devel.x86_64                                                                                                              3.3.6-1.ius.centos6                                                                                                 ius
    python33-hiredis.x86_64                                                                                                            0.2.0-1.ius.centos6                                                                                                 ius
    python33-hiredis-debuginfo.x86_64                                                                                                  0.2.0-1.ius.centos6                                                                                                 ius
    python33-libs.x86_64                                                                                                               3.3.6-1.ius.centos6                                                                                                 ius
    python33-lxml.x86_64                                                                                                               3.4.4-1.ius.centos6                                                                                                 ius
    python33-lxml-debuginfo.x86_64                                                                                                     3.4.4-1.ius.centos6                                                                                                 ius
    python33-mod_wsgi.x86_64                                                                                                           4.4.13-1.ius.centos6                                                                                                ius
    python33-mod_wsgi-debuginfo.x86_64                                                                                                 4.4.13-1.ius.centos6                                                                                                ius
    python33-postgresql.x86_64                                                                                                         1.1.0-1.ius.centos6                                                                                                 ius
    python33-postgresql-debuginfo.x86_64                                                                                               1.1.0-1.ius.centos6                                                                                                 ius
    python33-redis.noarch                                                                                                              2.10.3-1.ius.centos6                                                                                                ius
    python33-setuptools.noarch                                                                                                         18.0.1-1.ius.centos6                                                                                                ius
    python33-test.x86_64                                                                                                               3.3.6-1.ius.centos6                                                                                                 ius
    python33-tkinter.x86_64                                                                                                            3.3.6-1.ius.centos6                                                                                                 ius
    python33-tools.x86_64                                                                                                              3.3.6-1.ius.centos6                                                                                                 ius
    python34u.x86_64                                                                                                                   3.4.3-2.ius.centos6                                                                                                 ius
    python34u-debug.x86_64                                                                                                             3.4.3-2.ius.centos6                                                                                                 ius
    python34u-debuginfo.x86_64                                                                                                         3.4.3-2.ius.centos6                                                                                                 ius
    python34u-devel.x86_64                                                                                                             3.4.3-2.ius.centos6                                                                                                 ius
    python34u-libs.x86_64                                                                                                              3.4.3-2.ius.centos6                                                                                                 ius
    python34u-pip.noarch                                                                                                               7.1.0-1.ius.centos6                                                                                                 ius
    python34u-redis.noarch                                                                                                             2.10.3-1.ius.centos6                                                                                                ius
    python34u-setuptools.noarch                                                                                                        18.0.1-1.ius.centos6                                                                                                ius
    python34u-test.x86_64                                                                                                              3.4.3-2.ius.centos6                                                                                                 ius
    python34u-tkinter.x86_64                                                                                                           3.4.3-2.ius.centos6                                                                                                 ius
    python34u-tools.x86_64                                                                                                             3.4.3-2.ius.centos6                                                                                                 ius
    python34u-wheel.noarch                                                                                                             0.24.0-1.ius.centos6                                                                                                ius
    
    Technically, Centmin Mod .08 stable users can also use these updated and newly added Centmin Mod addon scripts by just manually grabbing them from 123.09beta01 repo too at centminmod/addons at 123.09beta01 · centminmod/centminmod · GitHub :)

    Once 123.09 goes stable, these addons will also feature on official site page at Centmin Mod Addons - CentminMod.com LEMP Nginx web stack for CentOS

    edit: decided to backport updated python27_install.sh to .08 stable too as it's a better method for install and would lead to less issues when you upgrade to .09 stable in future.
     
    Last edited: Aug 18, 2015
  9. eva2000

    eva2000 Administrator Staff Member

    28,385
    6,445
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,545
    Local Time:
    4:44 PM
    Nginx 1.13.x
    MariaDB 5.5
    Added standalone tools/nvwp.sh cmd line Nginx vhost + Wordpress setup installer to work around WP-CLI incompatibilities with PHP 7 and centmin.sh menu option 22.

    The tools/nvwp.sh I wrote is a modified version of /tools/nv.sh (/usr/bin/nv) command line too for Centmin Mod Nginx vhost auto setup and added Wordpress database and latest download + Nginx wordpress vhost config routines to it without WP-CLI. This tool has been added to 123.09beta01 branch at tools/nvwp.sh - you can download standalone file here.

    What this means is I can't install Wordpress plugins like Super Cache automatically but I can get Wordpress mysql database, user and nginx vhost setup first.

    Then all you need is to visit the site in web browser to complete the Wordpress install.

    Actual command to setup Nginx vhost for newdomain3.com with self signed SSL enabled and pure-ftpd virtual ftp username = ftpusr003

    Code:
    ./nvwp.sh -d newdomain3.com -s y -u ftpusr003
    Code:
    ./nvwp.sh -d newdomain3.com -s y -u ftpusr003
    ---------------------------------------------------------------
    Nginx Vhost Setup...
    ---------------------------------------------------------------
    FTP password auto generated: Rm8L4TD9L4MHQPci44Wgq
    
    Password:
    Enter it again:
    /usr/local/nginx/conf/htpasswd.sh create /home/nginx/domains/newdomain3.com/htpasswd_wplogin uy+8zcGN+P+HmYx25586 p37LChHl97FKvc4PW8Yxy25586
    
    /home/nginx/domains/newdomain3.com/htpasswd_wplogin contents:
    uy+8zcGN+P+HmYx25586:$apr1$4RmP4Syb$dAoWAbzxQoodTlQVI4bS61
    ---------------------------------------------------------------
    SSL Vhost Setup...
    ---------------------------------------------------------------
    
    ---------------------------------------------------------------
    Generating self signed SSL certificate...
    Generating a 2048 bit RSA private key
    .....+++
    .............................................................................+++
    writing new private key to 'newdomain3.com.key'
    -----
    Signature ok
    subject=/C=US/ST=California/L=Los Angeles/O=newdomain3.com/CN=newdomain3.com
    Getting Private key
    ---------------------------------------------------------------
    Generating dhparam.pem file - can take a few minutes...
    Generating DH parameters, 2048 bit long safe prime, generator 2
    This is going to take a long time
    ..++*++*
    dhparam file generation time: 124.833351005
    ---------------------------------------------------------------
    Setup Wordpress + Super Cache (vhost only disabled by default) for newdomain3.com
    ---------------------------------------------------------------
    2015-08-20 13:27:09 URL:https://wordpress.org/latest.zip [7088086/7088086] -> "latest.zip" [1]
    Archive:  latest.zip
       creating: wordpress/
    
    ------------------------------------------------------------
    Created uninstall script
    /root/tools/wp_uninstall_newdomain3.com.sh
    ------------------------------------------------------------
    
    Code:
    -------------------------------------------------------------
    nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
    nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
    Stopping nginx:                                            [  OK  ]
    Starting nginx:                                            [  OK  ]
    service pure-ftpd restart
    
    -------------------------------------------------------------
    FTP hostname : IPADDRESS
    FTP port : 21
    FTP mode : FTP (explicit SSL)
    FTP Passive (PASV) : ensure is checked/enabled
    FTP username created for newdomain3.com : ftpusr003
    FTP password created for newdomain3.com : Rm8L4TD9L4MHQPci44Wgq
    -------------------------------------------------------------
    vhost for newdomain3.com created successfully
    
    domain: http://newdomain3.com
    vhost conf file for newdomain3.com created: /usr/local/nginx/conf/conf.d/newdomain3.com.conf
    
    vhost ssl for newdomain3.com created successfully
    
    domain: https://newdomain3.com
    vhost ssl conf file for newdomain3.com created: /usr/local/nginx/conf/conf.d/newdomain3.com.ssl.conf
    /usr/local/nginx/conf/ssl_include.conf created
    Self-signed SSL Certificate: /usr/local/nginx/conf/ssl/newdomain3.com/newdomain3.com.crt
    SSL Private Key: /usr/local/nginx/conf/ssl/newdomain3.com/newdomain3.com.key
    SSL CSR File: /usr/local/nginx/conf/ssl/newdomain3.com/newdomain3.com.csr
    
    upload files to /home/nginx/domains/newdomain3.com/public
    vhost log files directory is /home/nginx/domains/newdomain3.com/log
    
    ------------------------------------------------------------
    SSH commands to uninstall created Wordpress install and Nginx vhost:
      /root/tools/wp_uninstall_newdomain3.com.sh
    ------------------------------------------------------------
    
    Code:
    Wordpress domain: newdomain3.com
    Wordpress DB Name: wp18251db_4151
    Wordpress DB User: wpdb4151u7535
    Wordpress DB Pass: wpdbZPkuXZ9yK5dSp8745
    
    Wordpress wp-login.php password protection info:
    wp-login.php protection file /home/nginx/domains/newdomain3.com/htpasswd_wplogin
    wp-login.php protection Username: uy+8zcGN+P+HmYx25586
    wp-login.php protection Password: p37LChHl97FKvc4PW8Yxy25586
    http://uy+8zcGN+P+HmYx25586:p37LChHl97FKvc4PW8Yxy25586@newdomain3.com/wp-login.php
    
    Resetting wp-login.php protection:
    Step 1. remove protection file at /home/nginx/domains/newdomain3.com/htpasswd_wplogin
         rm -rf /home/nginx/domains/newdomain3.com/htpasswd_wplogin
    Step 2. run command:
         /usr/local/nginx/conf/htpasswd.sh create /home/nginx/domains/newdomain3.com/htpasswd_wplogin YOURUSERNAME YOURPASSWORD
    Step 3. restart Nginx + PHP-FPM services
         nprestart
    
    -------------------------------------------------------------
    Current vhost listing at: /usr/local/nginx/conf/conf.d/
    
    Aug 16  23:42   845    ssl.conf
    Aug 16  23:42   1.1K   demodomain.com.conf
    Aug 16  23:48   1.6K   virtual.conf
    Aug 20  13:12   2.1K   newdomain.com.conf
    Aug 20  13:12   3.8K   newdomain.com.ssl.conf
    Aug 20  13:15   3.8K   newdomain2.com.ssl.conf
    Aug 20  13:18   2.1K   newdomain2.com.conf
    Aug 20  13:27   2.1K   newdomain3.com.conf
    Aug 20  13:27   3.8K   newdomain3.com.ssl.conf
    
    -------------------------------------------------------------
    Current vhost ssl files listing at: /usr/local/nginx/conf/ssl/newdomain3.com
    
    Aug 20  13:24   1.7K   newdomain3.com.key
    Aug 20  13:24   1009   newdomain3.com.csr
    Aug 20  13:24   1.2K   newdomain3.com.crt
    Aug 20  13:27   424    dhparam.pem
    Then visit newdomain3.com in web browser and manually install Wordpress

    wp-install-00.png
    wp-install-01.png
    wp-install-02.png

    /home/nginx/domains/newdomain3.com/public/wp-config.php contents look okay too :D
    Code:
    <?php
    /**
    * The base configuration for WordPress
    *
    * The wp-config.php creation script uses this file during the
    * installation. You don't have to use the web site, you can
    * copy this file to "wp-config.php" and fill in the values.
    *
    * This file contains the following configurations:
    *
    * * MySQL settings
    * * Secret keys
    * * Database table prefix
    * * ABSPATH
    *
    * @link https://codex.wordpress.org/Editing_wp-config.php
    *
    * @package WordPress
    */
    
    // ** MySQL settings - You can get this info from your web host ** //
    /** The name of the database for WordPress */
    define('DB_NAME', 'wp18251db_4151');
    
    /** MySQL database username */
    define('DB_USER', 'wpdb4151u7535');
    
    /** MySQL database password */
    define('DB_PASSWORD', 'wpdbZPkuXZ9yK5dSp8745');
    
    /** MySQL hostname */
    define('DB_HOST', 'localhost');
    
    /** Database Charset to use in creating database tables. */
    define('DB_CHARSET', 'utf8');
    
    /** The Database Collate type. Don't change this if in doubt. */
    define('DB_COLLATE', '');
    
    /**#@+
    * Authentication Unique Keys and Salts.
    *
    * Change these to different unique phrases!
    * You can generate these using the {@link https://api.wordpress.org/secret-key/1.1/salt/ WordPress.org secret-key service}
    * You can change these at any point in time to invalidate all existing cookies. This will force all users to have to log in again.
    *
    * @since 2.6.0
    */
    define('AUTH_KEY',         '61tiA+E5-Y>*B~:RyLI.vx:)]WB>[E^:Ms=aa,:[@C>Q>f{7e(:sx,=5DD.8k:`U');
    define('SECURE_AUTH_KEY',  'L{[ A_cJhKpA0Od3X1TORjLjFr5l^S5A@nfmCj<3]bXWG5{~ oy{fz>^8L{2-&T/');
    define('LOGGED_IN_KEY',    '6^K.G&)=oc{=Z]?Gk1/^|6XY#P#MMh.O)w&W/yX^jvAgk^c20BIBOwdxQm)o!_e3');
    define('NONCE_KEY',        'UQV]mm6fJSpYxPkIZ@k8MM@Ld|GIv( Wk9JWeNORBQV4LeGS P[aA;JzBMe*3;Hr');
    define('AUTH_SALT',        'O?0K:Sq.[Dp10n03Q,1E3Ej_Ai?5Ls&0?=EQ9b].*:0,<d5@7p*s(-|c3ht==`ZI');
    define('SECURE_AUTH_SALT', 'ZelS:k{Wtrc.>;prin :aOn{3B-V!}xbP};k(#)@?PStr_=~uT;iyu~j36|c6hxB');
    define('LOGGED_IN_SALT',   'sXyQDe6XE4}V0fJ1FRVcD.)f>HBad.!I8vpK:SL}5k,!OptMwTlf)alm1DOP;+dH');
    define('NONCE_SALT',       '`blh=BbTRs7)=e&/,<0#KMxg2Et=0<DuyHjJ[;Ws20uzyiK/)aEtAPpQzGK  jwF');
    
    /**#@-*/
    
    /**
    * WordPress Database Table prefix.
    *
    * You can have multiple installations in one database if you give each
    * a unique prefix. Only numbers, letters, and underscores please!
    */
    $table_prefix  = '3261_';
    
    /**
    * For developers: WordPress debugging mode.
    *
    * Change this to true to enable the display of notices during development.
    * It is strongly recommended that plugin and theme developers use WP_DEBUG
    * in their development environments.
    *
    * For information on other constants that can be used for debugging,
    * visit the Codex.
    *
    * @link https://codex.wordpress.org/Debugging_in_WordPress
    */
    define('WP_DEBUG', false);
    
    /* That's all, stop editing! Happy blogging. */
    
    /** Absolute path to the WordPress directory. */
    if ( !defined('ABSPATH') )
            define('ABSPATH', dirname(__FILE__) . '/');
    
    /** Sets up WordPress vars and included files. */
    require_once(ABSPATH . 'wp-settings.php');
    Ran this on 123.09beta01 build so Nginx is patched for HTTP/2 so when you visit the self-signed SSL name you see :)

    wp-install-03.png

    And since Nginx is compiled against LibreSSL native chacha20_poly1305 cipher support out of the box :)

    wp-install-04.png

    Nginx vhost auto generated for newdomain3.com is also setup for rate limiting like centmin.sh menu option 22

    /usr/local/nginx/conf/conf.d/newdomain3.com.conf

    Code:
    # Centmin Mod Getting Started Guide
    # must read http://centminmod.com/getstarted.html
    
    # redirect from non-www to www
    # uncomment, save file and restart Nginx to enable
    # if unsure use return 302 before using return 301
    #server {
    #            listen   80;
    #            server_name newdomain3.com;
    #            return 301 $scheme://www.newdomain3.com$request_uri;
    #       }
    
    server {
      server_name newdomain3.com www.newdomain3.com;
    
    # ngx_pagespeed & ngx_pagespeed handler
    #include /usr/local/nginx/conf/pagespeed.conf;
    #include /usr/local/nginx/conf/pagespeedhandler.conf;
    #include /usr/local/nginx/conf/pagespeedstatslog.conf;
    
      # limit_conn limit_per_ip 16;
      # ssi  on;
    
      access_log /home/nginx/domains/newdomain3.com/log/access.log combined buffer=256k flush=60m;
      error_log /home/nginx/domains/newdomain3.com/log/error.log;
    
      root /home/nginx/domains/newdomain3.com/public;
    
      # prevent access to ./directories and files
      location ~ (?:^|/)\. {
       deny all;
      }
    
    include /usr/local/nginx/conf/wpsupercache_newdomain3.com.conf;
    
      location / {
    
      # Enables directory listings when index file not found
      #autoindex  on;
    
      # for wordpress super cache plugin
      #try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php?q=$uri&$args;
    
      # Wordpress Permalinks
      try_files $uri $uri/ /index.php?q=$uri&$args;
    
      }
    
    location ~* /(wp-login\.php) {
        limit_req zone=xwplogin burst=1 nodelay;
        #limit_conn xwpconlimit 30;
        auth_basic "Private";
        auth_basic_user_file /home/nginx/domains/newdomain3.com/htpasswd_wplogin;
        include /usr/local/nginx/conf/php-wpsc.conf;
    }
    
    location ~* /(xmlrpc\.php) {
        limit_req zone=xwplogin burst=2 nodelay;
        #limit_conn xwpconlimit 30;
        include /usr/local/nginx/conf/php-wpsc.conf;
    }
    
      include /usr/local/nginx/conf/wpsecure_newdomain3.com.conf;
      include /usr/local/nginx/conf/php-wpsc.conf;
      include /usr/local/nginx/conf/staticfiles.conf;
      include /usr/local/nginx/conf/drop.conf;
      #include /usr/local/nginx/conf/errorpage.conf;
      include /usr/local/nginx/conf/vts_server.conf;
    }
    and ssl version /usr/local/nginx/conf/conf.d/newdomain3.com.ssl.conf with Nginx HTTP/2 support

    Code:
    # Centmin Mod Getting Started Guide
    # must read http://centminmod.com/getstarted.html
    # For SPDY SSL Setup
    # read http://centminmod.com/nginx_configure_https_ssl_spdy.html
    
    # redirect from www to non-www  forced SSL
    # uncomment, save file and restart Nginx to enable
    # if unsure use return 302 before using return 301
    # server {
    #   server_name newdomain3.com www.newdomain3.com;
    #    return 302 https://$server_name$request_uri;
    # }
    
    server {
      listen 443 ssl http2;
      server_name newdomain3.com www.newdomain3.com;
    
      ssl_dhparam /usr/local/nginx/conf/ssl/newdomain3.com/dhparam.pem;
      ssl_certificate      /usr/local/nginx/conf/ssl/newdomain3.com/newdomain3.com.crt;
      ssl_certificate_key  /usr/local/nginx/conf/ssl/newdomain3.com/newdomain3.com.key;
      include /usr/local/nginx/conf/ssl_include.conf;
    
      # mozilla recommended
      ssl_ciphers ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA:!CAMELLIA;
      ssl_prefer_server_ciphers   on;
      add_header Alternate-Protocol  443:npn-spdy/3;
      #add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;";
      #add_header  X-Content-Type-Options "nosniff";
      #add_header X-Frame-Options DENY;
      #spdy_headers_comp 5;
      ssl_buffer_size 1400;
      ssl_session_tickets on;
    
      # enable ocsp stapling
      #resolver 8.8.8.8 8.8.4.4 valid=10m;
      #resolver_timeout 10s;
      #ssl_stapling on;
      #ssl_stapling_verify on;
      #ssl_trusted_certificate /usr/local/nginx/conf/ssl/newdomain3.com/newdomain3.com-trusted.crt;
    
    # ngx_pagespeed & ngx_pagespeed handler
    #include /usr/local/nginx/conf/pagespeed.conf;
    #include /usr/local/nginx/conf/pagespeedhandler.conf;
    #include /usr/local/nginx/conf/pagespeedstatslog.conf;
    
      # limit_conn limit_per_ip 16;
      # ssi  on;
    
      access_log /home/nginx/domains/newdomain3.com/log/access.log combined buffer=256k flush=60m;
      error_log /home/nginx/domains/newdomain3.com/log/error.log;
    
      root /home/nginx/domains/newdomain3.com/public;
    
      # prevent access to ./directories and files
      location ~ (?:^|/)\. {
       deny all;
      }
    
    include /usr/local/nginx/conf/wpsupercache_newdomain3.com.conf;
    
      location / {
    
      # Enables directory listings when index file not found
      #autoindex  on;
    
      # for wordpress super cache plugin
      #try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php?q=$uri&$args;
    
      # Wordpress Permalinks
      try_files $uri $uri/ /index.php?q=$uri&$args;
    
      }
    
    location ~* /(wp-login\.php) {
        limit_req zone=xwplogin burst=1 nodelay;
        #limit_conn xwpconlimit 30;
        auth_basic "Private";
        auth_basic_user_file /home/nginx/domains/newdomain3.com/htpasswd_wplogin;
        include /usr/local/nginx/conf/php-wpsc.conf;
    }
    
    location ~* /(xmlrpc\.php) {
        limit_req zone=xwplogin burst=2 nodelay;
        #limit_conn xwpconlimit 30;
        include /usr/local/nginx/conf/php-wpsc.conf;
    }
    
      include /usr/local/nginx/conf/wpsecure_newdomain3.com.conf;
      include /usr/local/nginx/conf/php-wpsc.conf;
      include /usr/local/nginx/conf/staticfiles.conf;
      include /usr/local/nginx/conf/drop.conf;
      #include /usr/local/nginx/conf/errorpage.conf;
      include /usr/local/nginx/conf/vts_server.conf;
    }
    FYI, this installer also auto disables WP_CRON and sets up a system cronjob for better performance

    custom wp-config.php settings

    Code:
    /** Enable core updates for minor releases (default) **/
    define('DISABLE_WP_CRON', true);
    define('WP_AUTO_UPDATE_CORE', 'minor' );
    define('WP_POST_REVISIONS', 10 );
    define('EMPTY_TRASH_DAYS', 10 );
    define('WP_CRON_LOCK_TIMEOUT', 60 );
    cronjob
    Code:
    crontab -l
    
    */15 * * * * sleep 268s ; wget -O - -q -t 1 http://newdomain3.com/wp-cron.php?doing_wp_cron=1 > /dev/null 2>&1
     
    Last edited: Aug 21, 2015
  10. eva2000

    eva2000 Administrator Staff Member

    28,385
    6,445
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,545
    Local Time:
    4:44 PM
    Nginx 1.13.x
    MariaDB 5.5
    For 123.09beta01 PHP default version I am thinking of bumping defaults to either PHP 5.5.28 or PHP 5.6.12 as PHP 5.4 active support ends in ~22 days on September 14, 2015 PHP: Supported Versions

    What do you guys think ?
     
  11. eva2000

    eva2000 Administrator Staff Member

    28,385
    6,445
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,545
    Local Time:
    4:44 PM
    Nginx 1.13.x
    MariaDB 5.5
    Playing with the initial SSH log in motd banner - seeing if I can get some useful info printed including whether or not there are updated versions for Nginx, PHP-FPM etc :)

    first draft :D

    Code:
    ################################################################
    # This message was setup by Centmin Mod
    # * Getting Started Guide - http://centminmod.com/getstarted.html
    # * Latest Centmin Mod version - http://centminmod.com 
    # * Centmin Mod FAQ - http://centminmod.com/faq.html
    # * Change Log - http://centminmod.com/changelog.html
    # * Google+ Page latest news http://centminmod.com/gpage
    # * Google+ Community Forum http://centminmod.com/gcom
    # * Centmin Mod Twitter https://twitter.com/centminmod
    ###############################################################
    # Cheap VPS Hosting at Digitalocean
    # https://www.digitalocean.com/?refcode=c1cb367108e8
    ###############################################################
    # recommend to keep the above lines and remove and
    # add your own messages below this point
    ###############################################################
    # To edit this message,
    # 1). edit /etc/motd
    # 2). edit inc/motd.inc and set to no ENABLEMOTD='n'
    ###############################################################
    
    ##############################################################
    Centmin Mod:           1.2.3-eva2000.09
    Hostname:              centminmod.com
    OS:                    CentOS release 6.7 (Final)
    Kernel:                2.6.32-042stab093.5
    Uptime:                11 day(s) 22:57:7
    Nginx:                 nginx/1.9.3 [latest: 1.9.4]
    PHP-FPM:               PHP 7.0.0RC1 [latest: check php.net]
    MariaDB MySQL:         10.0.21-MariaDB
    CSF Firewall:          csf: v8.04
    ##############################################################
    
    latest revision

    Code:
    ---------------------------------------------------------------
    Centmin Mod:           1.2.3-eva2000.09
    Hostname:              centminmod.com
    OS:                    CentOS release 6.7 (Final)
    Type:                  openvz
    Kernel:                2.6.32-042stab093.5
    Uptime:                12 day(s) 5:11:2
    ---------------------------------------------------------------
    Nginx:                 nginx/1.9.3  [latest: 1.9.4]
    PHP-FPM:               PHP 7.0.0RC1 [latest: check php.net]
    MariaDB MySQL:         10.0.21
    CSF Firewall:          csf: v8.04
    LibreSSL:              2.2.2 [latest: check libressl.org]
    ---------------------------------------------------------------
    Folks can help test the script motd.sh out first without any actual install on your server by running this command and sharing the output you get in CODE tags. Testing help ensures output is as expected across different server platforms and VPS virtualisation methods ;)

    Code:
    curl -sL https://gist.github.com/centminmod/a0caad0bea9b8d39126d/raw/motd.sh | bash
     
    Last edited: Aug 23, 2015
  12. RoldanLT

    RoldanLT Well-Known Member

    3,804
    932
    113
    May 25, 2014
    Phillipines
    Ratings:
    +1,257
    Local Time:
    2:44 PM
    1.11
    10.2
    (y)
     
  13. eva2000

    eva2000 Administrator Staff Member

    28,385
    6,445
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,545
    Local Time:
    4:44 PM
    Nginx 1.13.x
    MariaDB 5.5
    Updating 1st post with additional curl one liner 123.09beta01 unattended installs methods which default to PHP 5.5.28 and PHP 5.6.12 default respectively.

    Code:
    curl -sL http://centminmod.com/betainstaller55.sh | bash
    
    or
    Code:
    curl -sL http://centminmod.com/betainstaller56.sh | bash
    
     
  14. eva2000

    eva2000 Administrator Staff Member

    28,385
    6,445
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,545
    Local Time:
    4:44 PM
    Nginx 1.13.x
    MariaDB 5.5
    Working on updating centmin.sh menu option 2 and /usr/bin/nv and tools/nvwp.sh routines for Nginx vhost auto generation to add to SSL generation part, HTTP Public Key Pinning and auto generation of the 2nd CSR + Private key pair for back pin setup and the base64 encoded hashes themselves are saved to hpkp-info-primary-pin.txt and hpkp-info-secondary-pin.txt files in your auto created SSL directory at /usr/local/nginx/conf/ssl/yourdomain.com.

    You will need to add the header manually if you want to use HTTP Public Key Pinning but all the work is done for you on output actually i'll add it to your Nginx SSL vhost file /usr/local/nginx/conf/conf.d/newdomain5.com.ssl.conf as a commented out header option :)

    example from /usr/bin/nv method for creating Nginx vhost for newdomain5.com with SSL enabled and pure-ftpd virtual ftp user = fp02

    Code:
    /usr/bin/nv -d newdomain5.com -s y -u fp02
    ---------------------------------------------------------------
    Nginx Vhost Setup...
    ---------------------------------------------------------------
    
    
    FTP password auto generated: BmpQimW4TCBxL8ie1o4aU
    
    Password:
    Enter it again:
    ---------------------------------------------------------------
    SSL Vhost Setup...
    ---------------------------------------------------------------
    
    Code:
    ---------------------------------------------------------------
    Generating self signed SSL certificate...
    CSR file can also be used to be submitted for paid SSL certificates
    If using for paid SSL certificates be sure to keey both private key and CSR safe
    creating CSR File: newdomain5.com.csr
    creating private key: newdomain5.com.key
    creating self-signed SSL certificate: newdomain5.com.crt
    Generating a 2048 bit RSA private key
    ...........................................+++
    .....+++
    writing new private key to 'newdomain5.com.key'
    -----
    Signature ok
    subject=/C=US/ST=California/L=Los Angeles/O=newdomain5.com/OU=IT/CN=newdomain5.com
    Getting Private key
    
    Code:
    ---------------------------------------------------------------
    Generating backup CSR and private key for HTTP Public Key Pinning...
    creating CSR File: newdomain5.com-backup.csr
    creating private key: newdomain5.com-backup.key
    Generating a 2048 bit RSA private key
    ....................................................+++
    .................+++
    writing new private key to 'newdomain5.com-backup.key'
    -----
    
    Code:
    ---------------------------------------------------------------
    Extracting Base64 encoded information for primary and secondary
    private key's SPKI - Subject Public Key Information
    Primary private key - newdomain5.com.key
    Backup private key - newdomain5.com-backup.key
    For HPKP - HTTP Public Key Pinning hash generation...
    
    extracting SPKI Base64 encoded hash for primary private key = newdomain5.com.key ...
    writing RSA key
    OxuWh/qkrx2pCAD61nuI9foOs6E9UBazP/0JT3VDHhE=
    
    extracting SPKI Base64 encoded hash for backup private key = newdomain5.com-backup.key ...
    writing RSA key
    xcxXIdzzosEITfDxVugOWOyubt48ZfJ6+3i9MJy97tU=
    
    HTTP Public Key Pinning Header for Nginx
    
    for 7 days max-age including subdomains
    
    add_header Public-Key-Pins 'pin-sha256="OxuWh/qkrx2pCAD61nuI9foOs6E9UBazP/0JT3VDHhE="; pin-sha256="xcxXIdzzosEITfDxVugOWOyubt48ZfJ6+3i9MJy97tU="; max-age=604800; includeSubDomains';
    
    for 7 days max-age excluding subdomains
    
    add_header Public-Key-Pins 'pin-sha256="OxuWh/qkrx2pCAD61nuI9foOs6E9UBazP/0JT3VDHhE="; pin-sha256="xcxXIdzzosEITfDxVugOWOyubt48ZfJ6+3i9MJy97tU="; max-age=604800';
    
    Code:
    ---------------------------------------------------------------
    Generating dhparam.pem file - can take a few minutes...
    Generating DH parameters, 2048 bit long safe prime, generator 2
    This is going to take a long time
    .............................................................................................................................+.............................................................................+..................+..............................................................................................+....................+....+...............................................+....................................+...................................++*++*
    dhparam file generation time: 29.307974817
    
    -------------------------------------------------------------
    nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
    nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
    Stopping nginx:                                            [  OK  ]
    Starting nginx:                                            [  OK  ]
    service pure-ftpd restart
    
    Code:
    -------------------------------------------------------------
    FTP hostname : IPADDRESS
    FTP port : 21
    FTP mode : FTP (explicit SSL)
    FTP Passive (PASV) : ensure is checked/enabled
    FTP username created for newdomain5.com : fp02
    FTP password created for newdomain5.com : BmpQimW4TCBxL8ie1o4aU
    -------------------------------------------------------------
    vhost for newdomain5.com created successfully
    
    domain: http://newdomain5.com
    vhost conf file for newdomain5.com created: /usr/local/nginx/conf/conf.d/newdomain5.com.conf
    
    vhost ssl for newdomain5.com created successfully
    
    domain: https://newdomain5.com
    vhost ssl conf file for newdomain5.com created: /usr/local/nginx/conf/conf.d/newdomain5.com.ssl.conf
    /usr/local/nginx/conf/ssl_include.conf created
    Self-signed SSL Certificate: /usr/local/nginx/conf/ssl/newdomain5.com/newdomain5.com.crt
    SSL Private Key: /usr/local/nginx/conf/ssl/newdomain5.com/newdomain5.com.key
    SSL CSR File: /usr/local/nginx/conf/ssl/newdomain5.com/newdomain5.com.csr
    
    upload files to /home/nginx/domains/newdomain5.com/public
    vhost log files directory is /home/nginx/domains/newdomain5.com/log
    
    Code:
    -------------------------------------------------------------
    Current vhost listing at: /usr/local/nginx/conf/conf.d/
    
    Aug 10  20:26   845    ssl.conf
    Aug 10  20:26   1.1K   demodomain.com.conf
    Aug 10  20:29   1.6K   virtual.conf
    Aug 19  16:13   1.6K   domain1.com.conf
    Aug 19  16:13   3.2K   domain1.com.ssl.conf
    Aug 25  02:59   1.6K   newdomain4.com.conf
    Aug 25  02:59   3.3K   newdomain4.com.ssl.conf
    Aug 25  03:09   3.3K   newdomain5.com.ssl.conf
    Aug 25  03:09   1.6K   newdomain5.com.conf
    
    Code:
    -------------------------------------------------------------
    Current vhost ssl files listing at: /usr/local/nginx/conf/ssl/newdomain5.com
    
    Aug 25  03:08   1.7K   newdomain5.com.key
    Aug 25  03:08   1.1K   newdomain5.com.csr
    Aug 25  03:08   1.3K   newdomain5.com.crt
    Aug 25  03:08   1.7K   newdomain5.com-backup.key
    Aug 25  03:08   1.1K   newdomain5.com-backup.csr
    Aug 25  03:08   45     hpkp-info-primary-pin.txt
    Aug 25  03:08   45     hpkp-info-secondary-pin.txt
    Aug 25  03:09   424    dhparam.pem
    
    Code:
    -------------------------------------------------------------
    Commands to remove newdomain5.com
    
    rm -rf /usr/local/nginx/conf/conf.d/newdomain5.com.conf
    rm -rf /usr/local/nginx/conf/conf.d/newdomain5.com.ssl.conf
    rm -rf /usr/local/nginx/conf/ssl/newdomain5.com/newdomain5.com.crt
    rm -rf /usr/local/nginx/conf/ssl/newdomain5.com/newdomain5.com.key
    rm -rf /usr/local/nginx/conf/ssl/newdomain5.com/newdomain5.com.csr
    rm -rf /home/nginx/domains/newdomain5.com
    service nginx restart
    -------------------------------------------------------------
    Still testing before I commit updates to 123.09beta01 commited changes update Nginx vhost autogen to support HTTP Public Key Pinning for SSL · centminmod/centminmod@332b41f · GitHub :)

    Best part is the HPKP generated hash pins are derived from the primary and secondary backup private key's SPKI - Subject Public Key Information fields so if you use the primary and or secondary backup CSR and private key pairs for even paid SSL certificates - i.e. submitting the CSR file like /usr/local/nginx/conf/ssl/newdomain5.com/newdomain5.com.csr. The HPKP pins and headers that are auto generated are also valid and usable for paid SSL certificates :)

    Only item to be aware of with HPKP auto generation is when you renew or change your SSL certificates to using a different CSR file and private key, you need to regenerate new hashed pins manually. However, if you renewal by using same CSR file and private that is auto generated, then hashed pins should be still valid.
     
    Last edited: Aug 25, 2015
    • Like Like x 1
  15. eva2000

    eva2000 Administrator Staff Member

    28,385
    6,445
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,545
    Local Time:
    4:44 PM
    Nginx 1.13.x
    MariaDB 5.5
  16. eva2000

    eva2000 Administrator Staff Member

    28,385
    6,445
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,545
    Local Time:
    4:44 PM
    Nginx 1.13.x
    MariaDB 5.5
  17. eva2000

    eva2000 Administrator Staff Member

    28,385
    6,445
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,545
    Local Time:
    4:44 PM
    Nginx 1.13.x
    MariaDB 5.5

    Update SSL Vhost Generation Routines



    Updated the SSL vhost generation routines with this commit update inc/wpsetup.inc add SSL vhost setup & ssl cert variables · centminmod/centminmod@870e19b · GitHub
    1. updated inc/wpsetup.inc to allow self signed SSL certificate generated vhost like centmin.sh menu option 2
    2. updated all vhost self signed SSL certificate routines in inc/nginx_addvhost, tools/nvwp.sh, tools/nv.sh to be able to use preset centmin.sh variables for SSL certificates Country 2 digit code, State, Location (city), Organization and Organizational Unit fields. All are editable via centmin.sh set variables
    Code:
    ###############################################################
    # Settings for centmin.sh menu option 2 and option 22 for
    # the details of the self-signed SSL certificate that is auto
    # generated. The default values where vhostname variable is
    # auto added based on what you input for your site name
    #
    # -subj "/C=US/ST=California/L=Los Angeles/O=${vhostname}/OU=${vhostname}/CN=${vhostname}"
    #
    # You can only customise the first 5 variables for
    # C = Country 2 digit code
    # ST = state
    # L = Location as in city
    # 0 = organisation
    # OU = organisational unit
    #
    # if left blank # defaults to same as vhostname that is your domain
    # if set it overrides that
    SELFSIGNEDSSL_C='US'
    SELFSIGNEDSSL_ST='California'
    SELFSIGNEDSSL_L='Los Angeles'
    SELFSIGNEDSSL_O=''
    SELFSIGNEDSSL_OU=''
    ###############################################################
    
     
    • Like Like x 1
  18. eva2000

    eva2000 Administrator Staff Member

    28,385
    6,445
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,545
    Local Time:
    4:44 PM
    Nginx 1.13.x
    MariaDB 5.5
    With me working on extending motd message on first log into SSH, I was thinking about maybe also checking if a user's Centmin Mod install at /usr/local/src/centminmod has been setup for Git environment updates and then auto updating the Centmin Mod code at the same time as your first SSH login.

    This will update the Centmin Mod installed code at a more timely moment as the user logging into SSH is more likely to be using centmin.sh than leaving it up to a cronjob to schedule updating.

    Not sure how folks would feel about such a way of updating Centmin Mod code install at /usr/local/src/centminmod ?
     
  19. RoldanLT

    RoldanLT Well-Known Member

    3,804
    932
    113
    May 25, 2014
    Phillipines
    Ratings:
    +1,257
    Local Time:
    2:44 PM
    1.11
    10.2
    I would like to do it manually when I need to work some centmin task.
    But an automatic option is nice to have.
     
  20. eva2000

    eva2000 Administrator Staff Member

    28,385
    6,445
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,545
    Local Time:
    4:44 PM
    Nginx 1.13.x
    MariaDB 5.5
    Yeah for me I personally do manual updates via centmin.sh menu option 23 submenu option 2 or have cronjob setup to do auto updates depending on the site. For instance centminmod.com cluster of VPS servers is auto updated via the cronjob outlined here.