Join the community today
Register Now

DigitalOcean AlmaLinux 8 - Centmin Mod 130.00beta01 Test Installation

Discussion in 'AlmaLinux 8 & Rocky Linux 8 Beta Testing' started by eva2000, Nov 3, 2023.

Thread Status:
Not open for further replies.
  1. eva2000

    eva2000 Administrator Staff Member

    51,740
    11,946
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,438
    Local Time:
    5:20 PM
    Nginx 1.25.x
    MariaDB 10.x
    Centmin Mod 130.00beta01's public EL8 beta testing has been announced. You can read and post your EL8 beta testing feedback in AlmaLinux 8 & Rocky Linux 8 Beta Testing forum.

    Below is an example Centmin Mod LEMP 130.00beta01 LEMP stack install on AlmaLinux 8 on DigitalOcean shared Droplet with Premium AMD CPU with 4x CPU core/threads, 8GB memory and 160GB NVMe disk and 5TB bandwidth/month at US$56/month. If you like this guide, you can use my DigitalOcean affiliate link to sign up for an account. New sign ups via the referral affiliate link get US$200 credit for 60 days and once you've spent US$25, I'll get US$25 referral fee. ;)

    If you need a cheaper VPS for Centmin Mod testing, check out OVH Limited Edition AMD EPYC KVM VPS - seems like the best bang for your buck with sweet spot at OVH VLE-4 with 4 CPU cores, 4GB memory, 80GB NVMe disk for US$11/month and further 8-15% discounts for longer 12/24 month commits.

    I used Centmin Mod 130.00beta01 default EL8 specific installer listed at https://community.centminmod.com/th...almalinux-8-rocky-linux-8-beta-testing.24227/ - utilising screen to ensure SSH session disconnections won't prematurely terminate the installation process. For more info on using screen check out https://community.centminmod.com/threads/who-uses-screen-for-linux.508/.

    Code (Text):
    yum -y update
    yum -y install epel-release
    yum -y install screen nano
    curl -4sL https://centminmod.com/installer-el8x.sh -o installer-el8x.sh
    chmod +x installer-el8x.sh
    screen -S cminstall -h 2000000
    ./installer-el8x.sh
    

    For EL8 or EL9 based installs on AlmaLinux 8/9 or Rocky Linux 8/9 will disable SELINUX the first time and that requires a server reboot before re-running installer-el8x.sh installer. Reasons discussed at https://community.centminmod.com/threads/el8-el9-selinux-disable-handling.23761/
    Code (Text):
    ./installer-el8x.sh
    
    Last metadata expiration check: 0:02:10 ago on Thu 02 Nov 2023 08:32:32 AM UTC.
    Package glibc-langpack-en-2.28-225.el8_8.6.x86_64 is already installed.
    Dependencies resolved.
    Nothing to do.
    Complete!
    Detected SELinux NOT disabled for EL8
    Adding selinux=0 to Kernel GRUB_CMDLINE_LINUX line in /etc/default/grub
    GRUB_CMDLINE_LINUX="console=ttyS0,115200n8 console=tty0 no_timer_check net.ifnames=0 selinux=0"
    Regenerating GRUB2 configuration
    grub2-mkconfig -o /boot/grub2/grub.cfg
    Generating grub configuration file ...
    done
    
    Added selinux=0 to Kernel GRUB_CMDLINE_LINUX line in /etc/default/grub to disable SELinux
    This is the right way to disable SELinux in future as other run-time methods deprecated
    If you intend to use own custom Linux Kernels i.e. ELRepo, ensure you have selinux=0 set
    Please reboot system to disable SELinux then install Centmin Mod
    

    If you are scripting or automating Centmin Mod installs, you can use CloudInit or User data to disable SELINUX using these commands at time of server creation time.
    Code (Text):
    grubby --update-kernel ALL --args selinux=0
    grep '^GRUB_CMDLINE_LINUX=' /etc/default/grub
    shutdown -r now
    

    Then run the installer after server is rebooted
    Code (Text):
    ./installer-el8x.sh

    Once installer has finished installing Centmin Mod 130.00beta01 on AlmaLinux 8, you will get time summary for the installation - you can use this as a quick benchmark tool to compare different servers you install Centmin Mod on. More CPU cores, faster disks and higher CPU clock speeds = faster installation times. Folks can also post and share the EL8+ Centmin Mod install times here https://community.centminmod.com/threads/post-your-130-00beta01-el8-install-times.23265/.
    Code (Text):
    ---------------------------------------------------------------------------
    Total Curl Installer YUM or DNF Time: 129.5743 seconds
    Total YUM Time: 65.750942619 seconds
    Total YUM or DNF + Source Download Time: 87.7916
    Total Nginx First Time Install Time: 251.0613
    Total PHP First Time Install Time: 582.8438
    Download From Github Time: 1.1694
    Total Time Other eg. source compiles: 311.0879
    Total Centmin Mod Install Time: 1232.7845
    ---------------------------------------------------------------------------
    Total Install Time for curl yum + cm install + zip download: 1363.5282 seconds
    ---------------------------------------------------------------------------
    AlmaLinux 8.8 Sapphire Caracal  4.18.0-477.27.2.el8_8.x86_64
    4 DO-Premium-AMD
    4 1996.247
    PHP VERSION: 8.0.30
    ---------------------------------------------------------------------------
    Centmin Mod Version: 130.00beta01.b457
    Install Summary Logs: /root/centminlogs/installer_summary_links.log
    ---------------------------------------------------------------------------
    

    The summary log link /root/centminlogs/installer_summary_links.log contains a summary of key logs you can use to troubleshoot your initial Centmin Mod installation. The key install log being date timestamped at /root/centminlogs/installer_031123-050352.log. You can use this log for troubleshooting - How to troubleshoot Centmin Mod initial install issues.
    Code (Text):
    cat /root/centminlogs/installer_summary_links.log
    
    Full initial install log: /root/centminlogs/installer_031123-050352.log
    Minimal initial install log: /root/centminlogs/installer_031123-050352_minimal.log
    Initial install time stats: /root/centminlogs/install_time_stats_031123-050352.log
    Initial install nginx configure options: /root/centminlogs/nginx-configure-031123-050737.log
    Initial install sar stats:
    /root/centminlogs/sar-b-installstats.log
    /root/centminlogs/sar-d-installstats.log
    /root/centminlogs/sar-r-installstats.log
    /root/centminlogs/sar-q-installstats.log
    /root/centminlogs/sar-u-installstats.log
    


    Above the initial install time output is your login information etc as well.
    Code (Text):
    *************************************************
    * Centmin Mod install completed....
    *************************************************
    
    *************************************************
    *  Setup memcached_*.php admin page ...
    *************************************************
    
    Setup Memcached Server Admin Login Details for /usr/local/nginx/html/memcache_bbc15f94d3384f67.php
    current memcached username: memcacheuser
    current memcached password: memcachepass
    *************************************************
    Memcached Server Admin Login File: /usr/local/nginx/html/memcache_bbc15f94d3384f67.php
    Memcached Server Admin Login: almalinux-s-4vcpu-8gb-amd-nyc3-01/memcache_bbc15f94d3384f67.php
    new memcached username: memadminkOEEJFlTHmMA
    new memcached password: 0AAKDU2dXvgetKCJHrvrZdw49qPa
    *************************************************
    *************************************************
    * memcache_bbc15f94d3384f67.php admin page installed
    *************************************************
    
    run phpiadmin
    
    *************************************************
    PHP Info Login File: /usr/local/nginx/html/933f16e2_phpi.php
    PHP Info Login: almalinux-s-4vcpu-8gb-amd-nyc3-01/933f16e2_phpi.php
    PHP Info Login username: phpiadmin0L8x9lG2sixkQR85iOA
    PHP Info Login password: DwVfKSfkrg3ROiVYpB8eiuyB5sg
    *************************************************
    
    *************************************************
    * Zend Opcache Stats Password / URL
    *************************************************
    
    -------------------------------------------------------
    File Location: /usr/local/nginx/html/1694028238d5d268_opcache.php
    Password protected almalinux-s-4vcpu-8gb-amd-nyc3-01/1694028238d5d268_opcache.php
    -------------------------------------------------------
    Username: opadminkflcRGdGp0bQqtU
    Password: wWMlieBrIpL0frYdRC6T3h9RHWicRE
    -------------------------------------------------------
    
    *************************************************
    * MariaDB Security Setup
    *************************************************
    
    -------------------------------------------------------
    MySQL root user password set
    MySQL root user added to /root/.my.cnf
    -------------------------------------------------------
    MySQL root password: mCUeItICcsnZ93CpxWxyaLz3PkBC0G4eiM
    -------------------------------------------------------
    *************************************************
    * MariaDB Security Setup Completed
    *************************************************
    
    --------------------------------------------------------
    Please bookmark:
    --------------------------------------------------------
    ###############################################################
    * Getting Started Guide - https://centminmod.com/getstarted.html
    * Find the latest Centmin Mod version - https://centminmod.com
    * Centmin Mod FAQ - https://centminmod.com/faq.html
    * Change Log - https://centminmod.com/changelog.html
    * Centmin Mod Blog https://blog.centminmod.com
    * Community Forums https://community.centminmod.com (signup)
    ###############################################################
    # Cheap VPS Hosting at Digitalocean
    # https://www.digitalocean.com/?refcode=c1cb367108e8
    ###############################################################
    # Fast Network Bandwidth Transfer VPS Hosting >1-12Gbps at Linode
    # New signups get free $100 60 day credit with validated payment added
    # https://www.linode.com/lp/refer/?r=f6d38ee057f8c18a3f508651b26af0e4ca1fbd46
    ###############################################################
    # High Performance VPS Hosting at Upcloud
    # New signups get free $25 credits
    # https://upcloud.com/signup/?promo=DPY36J
    ###############################################################
    ./centmin.sh install completion
    
    /root/.bashrc modifications
    alias command setup
    
    Created command shortcuts:
    * type cmdir to change to Centmin Mod install directory
      at /usr/local/src/centminmod
    * type centmin call and run centmin.sh
      at /usr/local/src/centminmod/centmin.sh


    Centmin Mod initial install and all centmin.sh menu options are automatically logged to /root/centminlogs. The command to list logs in reverse date order where latest dated logs are at the bottom.

    Code (Text):
    ls -lAhrt /root/centminlogs/
    

    Code (Text):
    ls -lAhrt /root/centminlogs/
    
    total 12M
    -rw-r--r-- 1 root root   19 Nov  3 05:07 getcmtime_installtime_031123-050352.log
    -rw-r--r-- 1 root root  928 Nov  3 05:07 centminmod_swapsetup_031123-050737.log
    -rw-r--r-- 1 root root  11K Nov  3 05:08 centminmod_130.00beta01.b457_031123-050737_yuminstall_centos8.log
    -rw-r--r-- 1 root root  32K Nov  3 05:08 centminmod_yumtimes_031123-050737.log
    -rw-r--r-- 1 root root   37 Nov  3 05:08 centminmod_profiletimes_031123-050737.log
    -rw-r--r-- 1 root root 2.2K Nov  3 05:09 cmm-login-git-checks_031123-050900.log
    -rw-r--r-- 1 root root  92K Nov  3 05:09 centminmod_downloadtimes_031123-050737.log
    -rw-r--r-- 1 root root  320 Nov  3 05:09 securedtmp.log
    -rw-r--r-- 1 root root 3.8K Nov  3 05:09 nginx_pcre_download_031123-050737.log
    -rw-r--r-- 1 root root    0 Nov  3 05:09 patch_opensslpatches_031123-050737.log
    -rw-r--r-- 1 root root 2.9K Nov  3 05:09 gcc_crypto_native.log
    -rw-r--r-- 1 root root   44 Nov  3 05:10 centminmod_opensslinstalltime_031123-050737.log
    -rw-r--r-- 1 root root 7.7K Nov  3 05:10 centminmod_opensslinstall_configdata_031123-050737.log
    -rw-r--r-- 1 root root  13K Nov  3 05:10 nginx-install-zlib_031123-050737.log
    -rw-r--r-- 1 root root  426 Nov  3 05:10 patch_patchnginx_031123-050737.log
    -rw-r--r-- 1 root root  30K Nov  3 05:11 centminmod_130.00beta01.b457_031123-050737_pcre-nginx_install.log
    -rw-r--r-- 1 root root 1.9K Nov  3 05:11 gcc_native.log
    -rw-r--r-- 1 root root 1.9K Nov  3 05:11 gcc_x86-64.log
    -rw-r--r-- 1 root root  364 Nov  3 05:11 gcc_diff_native-vs-x86-64.log
    -rw-r--r-- 1 root root 1.9K Nov  3 05:11 gcc_x86-64-non-native.log
    -rw-r--r-- 1 root root 8.5K Nov  3 05:12 nginx-configure-031123-050737.log
    -rw-r--r-- 1 root root 1.7M Nov  3 05:13 centminmod_ngxinstalltime_031123-050737.log
    -rw-r--r-- 1 root root   55 Nov  3 05:13 setmycnf_130.00beta01.b457_031123-050737.log
    -rw-r--r-- 1 root root 9.4K Nov  3 05:14 setio_innodbstatus-before-031123-051436.log
    -rw-r--r-- 1 root root  784 Nov  3 05:14 centminmod_setio_031123-051436.log
    -rw-r--r-- 1 root root 9.3K Nov  3 05:14 setio_innodbstatus-after-031123-051436.log
    -rw-r--r-- 1 root root  807 Nov  3 05:14 mariadb10.4-or-above-check-users-before.log
    -rw-r--r-- 1 root root    0 Nov  3 05:14 mariadb10.4-or-above-check-users-after.log
    -rw-r--r-- 1 root root  377 Nov  3 05:14 set-dot-my.cnf.log
    -rw-r--r-- 1 root root 7.9K Nov  3 05:14 patch_php_031123-050737.log
    -rw-r--r-- 1 root root  248 Nov  3 05:14 etc-centminmod-custom-config-settings_031123-050737.log
    -rw-r--r-- 1 root root 1.9K Nov  3 05:15 gcc_php_native.log
    -rw-r--r-- 1 root root 1.9K Nov  3 05:15 gcc_php_x86-64.log
    -rw-r--r-- 1 root root  364 Nov  3 05:15 gcc_php_diff_native-vs-x86-64.log
    -rw-r--r-- 1 root root 1.9K Nov  3 05:15 gcc_php_x86-64-non-native.log
    -rw-r--r-- 1 root root  72K Nov  3 05:24 php-compile-config-031123-050737.log.gz
    -rw-r--r-- 1 root root   58 Nov  3 05:24 centminmod_phpinstalltime_031123-050737.log
    -rw-r--r-- 1 root root  490 Nov  3 05:24 zendopcache_passfile.txt
    -rw-r--r-- 1 root root 1.9K Nov  3 05:27 gcc_general_native.log
    -rw-r--r-- 1 root root 1.9K Nov  3 05:27 gcc_general_x86-64.log
    -rw-r--r-- 1 root root  364 Nov  3 05:27 gcc_general_diff_native-vs-x86-64.log
    -rw-r--r-- 1 root root 1.9K Nov  3 05:27 gcc_general_x86-64-non-native.log
    -rw-r--r-- 1 root root 2.6K Nov  3 05:27 redis-server-install_031123-050737.log
    -rw-r--r-- 1 root root    1 Nov  3 05:28 centminmod_130.00beta01.b457_031123-050737_yum-log.log
    -rw-r--r-- 1 root root 4.0M Nov  3 05:28 centminmod_130.00beta01.b457_031123-050737_install.log
    -rw-r--r-- 1 root root   56 Nov  3 05:28 firstyum_installtime_031123-050352.log
    -rw-r--r-- 1 root root 1.1K Nov  3 05:28 install_time_stats_031123-050352.log
    -rw-r--r-- 1 root root 4.1M Nov  3 05:28 installer_031123-050352.log
    -rw-r--r-- 1 root root 1.2M Nov  3 05:28 installer_031123-050352_minimal.log
    -rw-r--r-- 1 root root 3.3K Nov  3 05:28 sar-u-installstats.log
    -rw-r--r-- 1 root root 3.0K Nov  3 05:28 sar-q-installstats.log
    -rw-r--r-- 1 root root 4.9K Nov  3 05:28 sar-r-installstats.log
    -rw-r--r-- 1 root root 7.8K Nov  3 05:28 sar-d-installstats.log
    -rw-r--r-- 1 root root 2.6K Nov  3 05:28 sar-b-installstats.log
    -rw-r--r-- 1 root root  564 Nov  3 05:28 installer_summary_links.log
    



    After Centmin Mod Initial Install



    After initial Centmin Mod install, exit you SSH session and re-login and then you can read the official Centmin Mod Getting Started guide and official Centmin Mod FAQ. You will use centmin.sh menu to manage your server, it's a shelled based menu outlined at https://centminmod.com/menu.html. Also check out the guide to learning about Centmin Mod.

    The first time you run centmin.sh menu, it will prompt for you to enter 2 email addresses - you can enter anything as it's currently not actively used for anything and first time creation of pure-ftpd /etc/ssl/private/pure-ftpd-dhparams.pem file - a one time task
    Code (Text):
    --------------------------------------------------------------------
    Setup Server Administration Email
    Emails will be used for future notification alert features
    --------------------------------------------------------------------
    Hit Enter To Skip...
    Will be prompted everytime run centmin.sh if both emails not entered
    --------------------------------------------------------------------
    enter primary email: 1
    enter secondary email: 2
    --------------------------------------------------------------------
    
    Primary: 1
    setup at /etc/centminmod/email-primary.ini
    
      1
    
    Secondary: 2
    setup at /etc/centminmod/email-secondary.ini
    
      2
    
    
    pure-ftpd: one time setup /etc/ssl/private/pure-ftpd-dhparams.pem file
    may take a while to create...
    pure-ftpd: /etc/ssl/private/pure-ftpd-dhparams.pem created
    

    Code (Text):
    --------------------------------------------------------
         Centmin Mod Menu 130.00beta01 centminmod.com
    --------------------------------------------------------
    1).  Centmin Install
    2).  Add Nginx vhost domain
    3).  NSD setup domain name DNS
    4).  Nginx Upgrade / Downgrade
    5).  PHP Upgrade / Downgrade
    6).  Option Being Revised (TBA)
    7).  Option Being Revised (TBA)
    8).  Option Being Revised (TBA)
    9).  Option Being Revised (TBA)
    10). Memcached Server Re-install
    11). MariaDB MySQL Upgrade & Management
    12). Zend OpCache Install/Re-install
    13). Install/Reinstall Redis PHP Extension
    14). SELinux disable
    15). Install/Reinstall ImagicK PHP Extension
    16). Change SSHD Port Number
    17). Multi-thread compression: zstd,pigz,pbzip2,lbzip2
    18). Suhosin PHP Extension install
    19). Install FFMPEG and FFMPEG PHP Extension
    20). NSD Install/Re-Install
    21). Data Transfer (TBA)
    22). Add Wordpress Nginx vhost + Cache Plugin
    23). Update Centmin Mod Code Base
    24). Exit
    --------------------------------------------------------
    Enter option [ 1 - 24 ]
    


    DigitalOcean Droplet Creation



    DigitalOcean droplet creation for AlmaLinux 8
    digitalocean-droplet-shared-do-premium-amd-01.png

    digitalocean-droplet-shared-do-premium-amd-02.png

    If you like this guide, you can use my DigitalOcean affiliate link to sign up for an account. New sign ups via the referral affiliate link get US$200 credit for 60 days and once you've spent US$25, I'll get US$25 referral fee. ;)

    Centmin Mod has extensive EL8 and EL9 automated beta testing now as well as outlined at https://community.centminmod.com/th...malinux-vs-rocky-linux-vs-oracle-linux.24179/ which has helped with finding EL8 and EL9 operating system bugs already :D

    If you want to learn more about Centmin Mod check out the guide to learning about Centmin Mod ;)
     
    Last edited: Nov 3, 2023
  2. eva2000

    eva2000 Administrator Staff Member

    51,740
    11,946
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,438
    Local Time:
    5:20 PM
    Nginx 1.25.x
    MariaDB 10.x

    Upgrading Nginx



    Centmin Mod Nginx and PHP-FPM are sourced compiled for the flexibility of supporting various configuration options that you can't do with YUM repo provided Nginx and PHP-FPM installations. For instance, if a security issue occurs, I can devise on the fly patching of the source code rather than wait for YUM repo's to release their updates.

    For instance recent Nginx HTTP/2 Rapid Reset DDOS vulnerability had a patch in Nginx master branch which Centmin Mod Nginx was able to take advantage of within 2hrs of Nginx master branch patch release as Centmin Mod Nginx via centmin.sh menu option 4 allows building Nginx against master branch when you specify Nginx version = master as outlined at https://community.centminmod.com/th...os-attack-vulnerability-cve-2023-44487.24186/.

    Centmin Mod Nginx as it's sourced compiled can support various advanced Nginx configurations - including various crypto library implementations to utilise different Nginx features. As outlined at https://blog.centminmod.com/2023/10...68-key-exchange-support-in-centmin-mod-nginx/, Centmin Mod Nginx supports various Nginx crypto libraries – OpenSSL 1.1.1 (default), OpenSSL 3.0/3.1, BoringSSL, LibreSSL, QuicTLS OpenSSL 1.1.1/3.0/3.1 and Quiche/BoringSSL For HTTP/3 QUIC. You can pick the one most optimal for your usage. By default Centmin Mod Nginx currently uses OpenSSL 1.1.1w.

    For upgrading Nginx, you do that by running cmupdate command and then run centmin.sh menu option 4. The cmupdate command will pull and sync your local Centmin Mod code to ensure it's always up to date before running centmin.sh menu option 4.

    When prompted enter the Nginx version you want to upgrade/downgrade/recompile for. You can find latest Nginx version at https://nginx.org/en/download.html or when you initially log into your Centmin Mod LEMP stack server, it will also report latest Nginx version available and which Nginx version you're using if they differ.

    Initial SSH login MOTD (message of the day)
    Code (Text):
    ===============================================================================
     - Hostname......: almalinux-s-4vcpu-8gb-amd-nyc3-01 on AlmaLinux 8.8
     - Users.........: Currently 4 user(s) logged on (includes: root)
    ===============================================================================
     - CPU usage.....: 0.01, 0.01, 0.00 (1, 5, 15 min)
     - Processes.....: 152 running
     - System uptime.: 0 days 1 hours 57 minutes 31 seconds
    ===============================================================================
                  total        used        free      shared  buff/cache   available
    Mem:           7941         959        6384          23         597        6731
    Swap:          4095           2        4093
    ===============================================================================
    Filesystem     Type      Size  Used Avail Use% Mounted on
    devtmpfs       devtmpfs  3.9G     0  3.9G   0% /dev
    tmpfs          tmpfs     3.9G     0  3.9G   0% /dev/shm
    tmpfs          tmpfs     3.9G   17M  3.9G   1% /run
    tmpfs          tmpfs     3.9G     0  3.9G   0% /sys/fs/cgroup
    /dev/vda1      xfs       160G   11G  150G   7% /
    tmpfs          tmpfs     795M     0  795M   0% /run/user/0
    tmpfs          tmpfs     3.9G  4.0K  3.9G   1% /tmp
    
    ===============================================================================
    # ! This server maybe running CSF Firewall !
    #   DO NOT run the below command or you  will lock yourself out of the server:
    #
    #   iptables -F
    
    ===============================================================================
    * Getting Started Guide - https://centminmod.com/getstarted.html
    * Centmin Mod FAQ - https://centminmod.com/faq.html
    * Centmin Mod Config Files - https://centminmod.com/configfiles.html
    * Centmin Mod Blog - https://blog.centminmod.com
    * Community Forums https://community.centminmod.com  [ << Register ]
    ===============================================================================
    
    ===============================================================================
     Centmin Mod local code is up to date at /usr/local/src/centminmod
     no available updates at this time...
    ===============================================================================
    


    Run centmin.sh menu option 4 and recompile Nginx version = 1.25.3

    Code (Text):
    --------------------------------------------------------
         Centmin Mod Menu 130.00beta01 centminmod.com
    --------------------------------------------------------
    1).  Centmin Install
    2).  Add Nginx vhost domain
    3).  NSD setup domain name DNS
    4).  Nginx Upgrade / Downgrade
    5).  PHP Upgrade / Downgrade
    6).  Option Being Revised (TBA)
    7).  Option Being Revised (TBA)
    8).  Option Being Revised (TBA)
    9).  Option Being Revised (TBA)
    10). Memcached Server Re-install
    11). MariaDB MySQL Upgrade & Management
    12). Zend OpCache Install/Re-install
    13). Install/Reinstall Redis PHP Extension
    14). SELinux disable
    15). Install/Reinstall ImagicK PHP Extension
    16). Change SSHD Port Number
    17). Multi-thread compression: zstd,pigz,pbzip2,lbzip2
    18). Suhosin PHP Extension install
    19). Install FFMPEG and FFMPEG PHP Extension
    20). NSD Install/Re-Install
    21). Data Transfer (TBA)
    22). Add Wordpress Nginx vhost + Cache Plugin
    23). Update Centmin Mod Code Base
    24). Exit
    --------------------------------------------------------
    Enter option [ 1 - 24 ] 4
    --------------------------------------------------------
    

    Code (Text):
    Nginx Upgrade - Would you like to continue? [y/n] y
    
    Current Nginx Version: 1.25.3 (031123-051150-almalinux8-kvm-8ee31b3)
    
    Install which version of Nginx? (version i.e. type 1.25.3): 1.25.3
    
    Do you still want to continue? [y/n] y
    

    Once Nginx compile is complete, you'll get returned to centmin.sh menu as well as show the Nginx upgrade time and some information of the upgrade which is useful for troubleshooting and verifying the Nginx configuration you wanted i.e. if you wanted Nginx built with OpenSSL 1.1.1/3/3.1 or with QuicTLS or with BoringSSL etc.

    Code (Text):
    nginx -V
    nginx version: nginx/1.25.3 (031123-064959-almalinux8-kvm-8ee31b3)
    built by gcc 12.2.1 20221121 (Red Hat 12.2.1-7) (GCC)
    built with OpenSSL 1.1.1w  11 Sep 2023
    TLS SNI support enabled
    configure arguments: --with-ld-opt='-Wl,-E -L/usr/local/zlib-cf/lib
    -L/usr/local/nginx-dep/lib -ljemalloc -Wl,-z,relro
    -Wl,-rpath,/usr/local/zlib-cf/lib:/usr/local/nginx-dep/lib -flto=4
    -fuse-ld=gold' --with-cc-opt='-I/usr/local/zlib-cf/include
    -I/usr/local/nginx-dep/include -m64 -march=x86-64-v3 -g -O3
    -fstack-protector-strong -flto=4 -fuse-ld=gold --param=ssp-buffer-size=4
    -Wformat -Werror=format-security -Wno-pointer-sign -fcode-hoisting
    -Wno-cast-function-type -Wno-format-extra-args -Wimplicit-fallthrough=0
    -Wno-implicit-function-declaration -Wno-int-conversion -Wno-error=unused-result
    -Wno-unused-result -Wno-error=vla-parameter -Wp,-D_FORTIFY_SOURCE=2'
    --sbin-path=/usr/local/sbin/nginx --conf-path=/usr/local/nginx/conf/nginx.conf
    --build=031123-064959-almalinux8-kvm-8ee31b3 --with-compat --without-pcre2
    --with-http_stub_status_module --with-http_secure_link_module --with-libatomic
    --with-http_gzip_static_module --with-http_sub_module
    --with-http_addition_module --with-http_image_filter_module=dynamic
    --with-http_geoip_module --with-stream_geoip_module --with-stream_realip_module
    --with-stream_ssl_preread_module --with-threads --with-stream
    --with-stream_ssl_module --with-http_realip_module
    --add-dynamic-module=../ngx-fancyindex-0.4.2
    --add-module=../ngx_cache_purge-2.5.1
    --add-dynamic-module=../ngx_devel_kit-0.3.2
    --add-dynamic-module=../set-misc-nginx-module-0.33
    --add-dynamic-module=../echo-nginx-module-0.63
    --add-module=../redis2-nginx-module-0.15
    --add-module=../ngx_http_redis-0.4.0-cmm --add-module=../memc-nginx-module-0.19
    --add-module=../srcache-nginx-module-0.33
    --add-dynamic-module=../headers-more-nginx-module-0.34 --with-pcre-jit
    --with-zlib=../zlib-cloudflare-1.3.3 --with-http_ssl_module
    --with-http_v2_module --with-openssl=../openssl-1.1.1w
    --with-openssl-opt='enable-ec_nistp_64_gcc_128 enable-tls1_3 -fuse-ld=gold'
    

    Code (Text):
    nginx -t
    nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
    nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
    

    Code (Text):
    ldd /usr/local/sbin/nginx
            linux-vdso.so.1 (0x00007ffd54e96000)
            libjemalloc.so.2 => /lib64/libjemalloc.so.2 (0x00007f6b55df9000)
            libdl.so.2 => /lib64/libdl.so.2 (0x00007f6b55bf5000)
            libpthread.so.0 => /lib64/libpthread.so.0 (0x00007f6b559d5000)
            libcrypt.so.1 => /lib64/libcrypt.so.1 (0x00007f6b557ac000)
            libpcre.so.1 => /usr/local/nginx-dep/lib/libpcre.so.1 (0x00007f6b56448000)
            libGeoIP.so.1 => /lib64/libGeoIP.so.1 (0x00007f6b5556f000)
            libatomic_ops.so.1 => /lib64/libatomic_ops.so.1 (0x00007f6b5536c000)
            libc.so.6 => /lib64/libc.so.6 (0x00007f6b54fa7000)
            libm.so.6 => /lib64/libm.so.6 (0x00007f6b54c25000)
            libstdc++.so.6 => /lib64/libstdc++.so.6 (0x00007f6b54890000)
            libgcc_s.so.1 => /lib64/libgcc_s.so.1 (0x00007f6b54678000)
            /lib64/ld-linux-x86-64.so.2 (0x00007f6b56298000)
    

    Code (Text):
    PKG_CONFIG_PATH='/usr/local/nginx-dep/lib/pkgconfig/' pkg-config --modversion libpcre
    8.45
    PKG_CONFIG_PATH='/usr/local/nginx-dep/lib/pkgconfig/' pkg-config --modversion atomic_ops
    7.6.2
    

    Code (Text):
    --------------------------------
    Nginx PCRE config check #2:
    --------------------------------
    DETECT_NGXVER=1025003
    NGINX_PCRE_DYNAMIC=y
    NGINX_PCRE_TWO=n
    PCRETWO_DISABLEOPT= --without-pcre2
    Check /etc/centminmod/custom_config.inc relevant variables:
    TLSTHREEOPT=y
    OPENSSL_TLSONETHREE=y
    NGINX_OPENSSLOPT_EXTRAS= -fuse-ld=gold
    NGINXOPENSSL_FATLTO_OBJECTS=n
    NGINXOPENSSL_NOFATLTO_OBJECTS=n
    OPENSSL_VERION=1.1.1w
    ECNISTP_CHECK=#define __SIZEOF_INT128__ 16
    ECNISTP_OPT=
    ECNISTP_ENDIAN=1
    NGINX_MIMALLOC=
    NGINX_MIMALLOC_VERSION=
    

    Code (Text):
    ls -lAhrt /usr/local/nginx-dep/lib | egrep 'libpcre.so|libpcre2-8.so'
    -rwxr-xr-x 1 root root 1.8M Nov  3 05:11 libpcre.so.1.2.13
    lrwxrwxrwx 1 root root   17 Nov  3 05:11 libpcre.so.1 -> libpcre.so.1.2.13
    lrwxrwxrwx 1 root root   17 Nov  3 05:11 libpcre.so -> libpcre.so.1.2.13
    

    Code (Text):
    dynamic modules include file /usr/local/nginx/conf/dynamic-modules.conf
    -rw-r--r-- 1 root root 518 Nov  3 06:49 /usr/local/nginx/conf/dynamic-modules.conf
    
    # place custom load_module lines in this dynamic-modules-includes.conf
    # file so that they persistent i.e. for manually dropped in dynamic modules
    include /usr/local/nginx/conf/dynamic-modules-includes.conf;
    load_module "modules/ngx_http_image_filter_module.so";
    load_module "modules/ngx_http_headers_more_filter_module.so";
    load_module "modules/ndk_http_module.so";
    load_module "modules/ngx_http_set_misc_module.so";
    load_module "modules/ngx_http_echo_module.so";
    load_module "modules/ngx_http_fancyindex_module.so";
    

    Code (Text):
    dynamic module directory at /usr/local/nginx/modules
    total 3.5M
    drwxr-xr-x  2 root root 4.0K Nov  3 06:51 .
    drwxr-xr-x 10 root root  136 Nov  3 05:28 ..
    -rwxr-xr-x  1 root root 107K Nov  3 06:51 ndk_http_module.so
    -rwxr-xr-x  1 root root 107K Nov  3 05:13 ndk_http_module.so.old
    -rwxr-xr-x  1 root root 526K Nov  3 06:51 ngx_http_echo_module.so
    -rwxr-xr-x  1 root root 526K Nov  3 05:13 ngx_http_echo_module.so.old
    -rwxr-xr-x  1 root root 124K Nov  3 06:51 ngx_http_fancyindex_module.so
    -rwxr-xr-x  1 root root 124K Nov  3 05:13 ngx_http_fancyindex_module.so.old
    -rwxr-xr-x  1 root root 233K Nov  3 06:51 ngx_http_headers_more_filter_module.so
    -rwxr-xr-x  1 root root 233K Nov  3 05:13 ngx_http_headers_more_filter_module.so.old
    -rwxr-xr-x  1 root root 128K Nov  3 06:51 ngx_http_image_filter_module.so
    -rwxr-xr-x  1 root root 128K Nov  3 05:13 ngx_http_image_filter_module.so.old
    -rwxr-xr-x  1 root root 616K Nov  3 06:51 ngx_http_set_misc_module.so
    -rwxr-xr-x  1 root root 616K Nov  3 05:13 ngx_http_set_misc_module.so.old
    

    Code (Text):
    backup dynamic modules to /usr/local/nginx/modules.copy
    total 3.5M
    drwxr-xr-x  2 root root 4.0K Nov  3 06:51 .
    drwxr-xr-x 11 root root  156 Nov  3 06:51 ..
    -rwxr-xr-x  1 root root 107K Nov  3 06:51 ndk_http_module.so
    -rwxr-xr-x  1 root root 107K Nov  3 05:13 ndk_http_module.so.old
    -rwxr-xr-x  1 root root 526K Nov  3 06:51 ngx_http_echo_module.so
    -rwxr-xr-x  1 root root 526K Nov  3 05:13 ngx_http_echo_module.so.old
    -rwxr-xr-x  1 root root 124K Nov  3 06:51 ngx_http_fancyindex_module.so
    -rwxr-xr-x  1 root root 124K Nov  3 05:13 ngx_http_fancyindex_module.so.old
    -rwxr-xr-x  1 root root 233K Nov  3 06:51 ngx_http_headers_more_filter_module.so
    -rwxr-xr-x  1 root root 233K Nov  3 05:13 ngx_http_headers_more_filter_module.so.old
    -rwxr-xr-x  1 root root 128K Nov  3 06:51 ngx_http_image_filter_module.so
    -rwxr-xr-x  1 root root 128K Nov  3 05:13 ngx_http_image_filter_module.so.old
    -rwxr-xr-x  1 root root 616K Nov  3 06:51 ngx_http_set_misc_module.so
    -rwxr-xr-x  1 root root 616K Nov  3 05:13 ngx_http_set_misc_module.so.old
    

    Code (Text):
    log files saved at /root/centminlogs
    -rw-r--r-- 1 root root  248 Nov  3 06:38 etc-centminmod-custom-config-settings_031123-063845.log
    -rw-r--r-- 1 root root  13K Nov  3 06:49 nginx-upgrade-zlib_031123-063845.log
    -rw-r--r-- 1 root root   76 Nov  3 06:49 centminmod_opensslinstall_skipped_031123-063845.log
    -rw-r--r-- 1 root root  155 Nov  3 06:49 nginx_pcre_download_031123-063845.log
    -rw-r--r-- 1 root root  198 Nov  3 06:49 patch_patchnginx_031123-063845.log
    -rw-r--r-- 1 root root 8.5K Nov  3 06:50 nginx-configure-031123-063845.log
    -rw-r--r-- 1 root root  31K Nov  3 06:51 nginx_autoconf.err.031123-063845.log
    -rw-r--r-- 1 root root 4.0K Nov  3 06:51 nginx_pcre_checks_031123-063845.log
    -rw-r--r-- 1 root root 933K Nov  3 06:51 centminmod_130.00beta01.b457_031123-063845_nginx_upgrade.log
    
    *************************************************
    * nginx updated
    *************************************************
     
    Total Nginx Upgrade Time: 364.957034567 seconds
    

    The upgrade completion info above also shows the centmin.sh menu option 4 automatic logged run files at /root/centminlogs. So for troubleshooting Nginx upgrade, you will find the upgrade log at /root/centminlogs/centminmod_130.00beta01.b457_031123-063845_nginx_upgrade.log

    Centmin Mod uses ccache compiler caching. So if you are recompiling the same Nginx or PHP-FPM version, it's much faster. For instance, this first time Nginx upgrade took 364.96 seconds. If you recompile same Nginx 1.25.3 a second time, it will take approximately 64 seconds!

    ccache stats after 2nd Nginx 1.25.3 recompile
    Code (Text):
    ccache -s
    cache directory                     /home/.ccache
    primary config                      /home/.ccache/ccache.conf
    secondary config      (readonly)    /usr/local/etc/ccache.conf
    stats updated                       Fri Nov  3 06:54:33 2023
    cache hit (direct)                  1022
    cache hit (preprocessed)             226
    cache miss                          1308
    cache hit rate                     48.83 %
    called for link                      662
    called for preprocessing               6
    compiler produced stdout               2
    compiler produced empty output        36
    preprocessor error                     4
    bad compiler arguments                 2
    unsupported source language           12
    no input file                          8
    cleanups performed                     0
    files in cache                      3545
    cache size                          35.9 MB
    max cache size                       2.5 GB
    
     
  3. eva2000

    eva2000 Administrator Staff Member

    51,740
    11,946
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,438
    Local Time:
    5:20 PM
    Nginx 1.25.x
    MariaDB 10.x

    Upgrading PHP-FPM Versions



    Centmin Mod PHP-FPM is source compiled via centmin.sh menu option 5 and like Nginx which allows on the fly patching of PHP-FPM source code as well as building PHP-FPM with different crypto libraries like OpenSSL 1.1.1/3.0/3.1 (this will be important for EL9 operating system support - see below) or boosting PHP-FPM performance by compiling PHP-FPM with optional PHP Profile Guided Optimizations (PGO) see https://centminmod/perf/.

    Centmin Mod EL8 installs will default to PHP 8.0.x installation (PHP-FPM). EL9 OS will default to a minimum PHP 8.1.x version and PHP versions below PHP 8.1 won't work right now with EL9 OSes. If you need PHP 7.4 to 8.0 then stick with EL8 OSes like Alma Linux 8 or Rocky Linux 8. However, as of October 26, 2023, the latest Centmin Mod 130.00beta01 for EL9 now has backport patched PHP 7.4 and PHP 8.0 in EL9 to work with OpenSSL 3.x.

    Due to source compile flexibility, Centmin Mod 130.00beta01 will backport PHP security patches from PHP 8.0+ into end of life PHP 5.6, 7.0, 7.1, 7.2, 7.3 and 7.4 versions. Example https://community.centminmod.com/th...s-backported-fixes-for-php-7-2-7-3-7-4.24003/. Centmin Mod PHP-FPM backported patches come from REMI YUM repo's patches which are also officially used for Redhat Enterprise Linux's extended support lifecycle for their PHP 5.6/7 YUM packages AFAIK.

    Example of PHP-FPM 8.0.30 recompile via centmin.sh menu option 5 - you will be provided the current PHP-FPM version you have installed and also latest available version derived from using Centmin Mod getphpver command calling https://www.php.net web site. You will generally always answer yes to installing Zend Opcache for performance.

    Example of getphpver command
    Code (Text):
    getphpver
    8.2.12
    8.1.25
    8.0.30
    7.4.33
    7.3.33
    7.2.34
    7.1.33
    7.0.33
    5.6.40
    5.5.38
    

    Find latest PHP 8.0 branch version
    Code (Text):
    getphpver 80
    8.0.30
    

    or latest PHP 8.1 branch version
    Code (Text):
    getphpver 81
    8.1.25
    

    centmin.sh menu option 5. Generally, I'd get into habit of running command = cmupdate before running centmin.sh menu so to sync your local Centmin Mod code with latest version.
    Code (Text):
    --------------------------------------------------------
         Centmin Mod Menu 130.00beta01 centminmod.com 
    --------------------------------------------------------
    1).  Centmin Install
    2).  Add Nginx vhost domain
    3).  NSD setup domain name DNS
    4).  Nginx Upgrade / Downgrade
    5).  PHP Upgrade / Downgrade
    6).  Option Being Revised (TBA)
    7).  Option Being Revised (TBA)
    8).  Option Being Revised (TBA)
    9).  Option Being Revised (TBA)
    10). Memcached Server Re-install
    11). MariaDB MySQL Upgrade & Management
    12). Zend OpCache Install/Re-install
    13). Install/Reinstall Redis PHP Extension
    14). SELinux disable
    15). Install/Reinstall ImagicK PHP Extension
    16). Change SSHD Port Number
    17). Multi-thread compression: zstd,pigz,pbzip2,lbzip2
    18). Suhosin PHP Extension install
    19). Install FFMPEG and FFMPEG PHP Extension
    20). NSD Install/Re-Install
    21). Data Transfer (TBA)
    22). Add Wordpress Nginx vhost + Cache Plugin
    23). Update Centmin Mod Code Base
    24). Exit
    --------------------------------------------------------
    Enter option [ 1 - 24 ] 5
    --------------------------------------------------------
    

    Code (Text):
    PHP Upgrade/Downgrade - Would you like to continue? [y/n] y
    
    ----------------------------------------------------------------
    Install which version of PHP? (i.e. 7.3.33, 7.4.33, 8.0.30, 8.1.25, 8.2.11, NGDEBUG)
    PHP 7.x/7.1.x/7.2.x/7.3.x is GA Stable but still may have broken PHP extensions.
    NGDEBUG is PHP 8.3 dev builds minus incompatible PHP extensions
    ----------------------------------------------------------------
    
    Current PHP Version: 8.0.30
    Latest PHP Version Installable: 8.0.30
    
    Enter PHP Version number you want to upgrade/downgrade to: 8.0.30
    
    Do you still want to continue? [y/n] y
    
    ----------------------------------------------------------------
    existing php.ini will be backed up at /usr/local/lib/php.ini-oldversion_031123-082129
    ----------------------------------------------------------------
    

    Code (Text):
    -----------------------------------------------------------------------------------------
    Detected PHP 8.0 branch.
    You can compile Zend OPcache (Zend Optimizer Plus+) support
    as an alternative to using APC Cache or Xcache cache.
    But Zend OPcache only provides PHP opcode cache and
    DOESN'T do data caching, so if your web apps such as Wordpress,
    Drupal or vBulletin require data caching to APC or Xcache,
    it won't work with Zend OPcache.
    
    -----------------------------------------------------------------------------------------
    Do you want to use Zend OPcache [y/n] ? y
    

    Like Nginx, once PHP-FPM compile is completed, you will return to centmin.sh menu prompt with some post-compile information useful for php-config command and php -v command for verifying your PHP-FPM compile is as you expected, including links to automatic logged centmin.sh menu option 5 run info to /root/centminlogs. Again , the first compile of a version will be slower, but if recompiling the same version, it will use Centmin Mod ccache compiler caching to dramatically speed up recompiles. First time = 739 seconds. The second time with cache compiler caching = 595 seconds.

    Code (Text):
    ***************************************************
    Usage: /usr/local/bin/php-config [OPTION]
    Options:
      --prefix            [/usr/local]
      --includes          [-I/usr/local/include/php -I/usr/local/include/php/main -I/usr/local/include/php/TSRM -I/usr/local/include/php/Zend -I/usr/local/include/php/ext -I/usr/local/include/php/ext/date/lib]
      --ldflags           [ -L/usr/local/lib64]
      --libs              [-lcrypt  -lc-client  -ltidy -largon2 -lresolv -lncurses -laspell -lpspell -lrt -lldap -llber -lstdc++ -lcrypt -lpam -lgmp -lbz2 -lutil -lrt -lm -ldl  -lsystemd -lxml2 -lgssapi_krb5 -lkrb5 -lk5crypto -lcom_err -lssl -lcrypto -lsqlite3 -lz -lcurl -lxml2 -lenchant -lgmodule-2.0 -lglib-2.0 -lffi -lssl -lcrypto -lz -lpng16 -lwebp -ljpeg -lXpm -lX11 -lfreetype -lgssapi_krb5 -lkrb5 -lk5crypto -lcom_err -lssl -lcrypto -licuio -licui18n -licuuc -licudata -lonig -lsqlite3 -ledit -lxml2 -lnetsnmp -lm -lssl -lssl -lcrypto -lxml2 -lsodium -largon2 -lxml2 -lxml2 -lxml2 -lxslt -lm -lxml2 -lexslt -lxslt -lm -lgcrypt -ldl -lgpg-error -lxml2 -lzip -lz -lssl -lcrypto -lcrypt ]
      --extension-dir     [/usr/local/lib/php/extensions/no-debug-non-zts-20200930]
      --include-dir       [/usr/local/include/php]
      --man-dir           [/usr/local/php/man]
      --php-binary        [/usr/local/bin/php]
      --php-sapis         [ cli embed fpm phpdbg cgi]
      --ini-path          [/usr/local/lib]
      --ini-dir           [/etc/centminmod/php.d]
      --configure-options [--enable-fpm --enable-opcache --enable-intl --enable-pcntl --with-mcrypt --with-snmp --enable-embed=shared --with-mhash --with-zlib --with-gettext --enable-exif --with-zip --with-libzip --with-bz2 --enable-soap --enable-sockets --enable-sysvmsg --enable-sysvsem --enable-sysvshm --with-mysql-sock=/var/lib/mysql/mysql.sock --with-curl --enable-gd --with-xmlrpc --enable-bcmath --enable-calendar --enable-ftp --enable-gd-native-ttf --with-freetype --with-jpeg --with-png-dir=/usr --with-xpm --with-webp --with-t1lib=/usr --enable-shmop --with-pear --enable-mbstring --with-openssl --with-mysql=mysqlnd --with-libdir=lib64 --with-mysqli=mysqlnd --enable-pdo --with-pdo-sqlite --with-pdo-mysql=mysqlnd --enable-inline-optimization --with-imap --with-imap-ssl --with-kerberos --with-readline --with-libedit --with-gmp --with-pspell --with-tidy --with-enchant --with-fpm-user=nginx --with-fpm-group=nginx --with-ldap --with-ldap-sasl --with-password-argon2 --with-sodium=/usr/local --with-config-file-scan-dir=/etc/centminmod/php.d --with-fpm-systemd --with-ffi --with-xsl PKG_CONFIG_PATH=/usr/local/lib64/pkgconfig: PNG_CFLAGS=-I/usr/include PNG_LIBS=-L/usr/lib64 -lpng16 ICU_CFLAGS=-I/usr/include ICU_LIBS=-L/usr/lib64 -licuio -licui18n -licuuc -licudata ONIG_CFLAGS=-I/usr/include ONIG_LIBS=-L/usr/lib64 -lonig LIBSODIUM_CFLAGS=-I/usr/local/include LIBSODIUM_LIBS=-L/usr/local/lib64 -lsodium LIBZIP_CFLAGS=-I/usr/local/include LIBZIP_LIBS=-L/usr/local/lib64 -lzip]
      --version           [8.0.30]
      --vernum            [80030]
    

    Code (Text):
    ***************************************************
    PHP 8.0.30 (cli) (built: Nov  3 2023 08:31:07) ( NTS )
    Copyright (c) The PHP Group
    Zend Engine v4.0.30, Copyright (c) Zend Technologies
        with Zend OPcache v8.0.30, Copyright (c), by Zend Technologies
    ***************************************************
    * PHP compiled with CPU_MARCH=znver2
    * PHP upgraded and auto reinstalled PHP extensions
    ***************************************************
                       
    Total PHP Upgrade Time: 739.007025206 seconds


    Default PHP-FPM loaded extension modules

    Code (Text):
    php -m
    [PHP Modules]
    bcmath
    bz2
    calendar
    Core
    ctype
    curl
    date
    dom
    enchant
    exif
    FFI
    fileinfo
    filter
    ftp
    gd
    geoip
    gettext
    gmp
    hash
    iconv
    igbinary
    imagick
    imap
    intl
    json
    ldap
    libxml
    mailparse
    mbstring
    mcrypt
    memcache
    memcached
    mysqli
    mysqlnd
    openssl
    pcntl
    pcre
    PDO
    pdo_mysql
    pdo_sqlite
    Phar
    posix
    pspell
    readline
    redis
    Reflection
    session
    shmop
    SimpleXML
    snmp
    soap
    sockets
    sodium
    SPL
    sqlite3
    standard
    sysvmsg
    sysvsem
    sysvshm
    tidy
    timezonedb
    tokenizer
    xml
    xmlreader
    xmlwriter
    xsl
    Zend OPcache
    zip
    zlib
    
    [Zend Modules]
    Zend OPcache


    PHP extension .ini settings files info and location
    Code (Text):
    php --ini
    Configuration File (php.ini) Path: /usr/local/lib
    Loaded Configuration File:         /usr/local/lib/php.ini
    Scan for additional .ini files in: /etc/centminmod/php.d
    Additional .ini files parsed:      /etc/centminmod/php.d/a_customphp.ini,
    /etc/centminmod/php.d/curlcainfo.ini,
    /etc/centminmod/php.d/geoip.ini,
    /etc/centminmod/php.d/igbinary.ini,
    /etc/centminmod/php.d/imagick.ini,
    /etc/centminmod/php.d/mailparse.ini,
    /etc/centminmod/php.d/mcrypt.ini,
    /etc/centminmod/php.d/memcache.ini,
    /etc/centminmod/php.d/memcached.ini,
    /etc/centminmod/php.d/redis.ini,
    /etc/centminmod/php.d/timezonedb.ini,
    /etc/centminmod/php.d/zendopcache.ini
    

    Inspecting some PHP Info extension info

    PHP curl
    Code (Text):
    php --ri curl
    
    curl
    
    cURL support => enabled
    cURL Information => 7.61.1
    Age => 4
    Features
    AsynchDNS => Yes
    CharConv => No
    Debug => No
    GSS-Negotiate => No
    IDN => Yes
    IPv6 => Yes
    krb4 => No
    Largefile => Yes
    libz => Yes
    NTLM => Yes
    NTLMWB => Yes
    SPNEGO => Yes
    SSL => Yes
    SSPI => No
    TLS-SRP => Yes
    HTTP2 => Yes
    GSSAPI => Yes
    KERBEROS5 => Yes
    UNIX_SOCKETS => Yes
    PSL => Yes
    HTTPS_PROXY => Yes
    MULTI_SSL => No
    BROTLI => Yes
    Protocols => dict, file, ftp, ftps, gopher, http, https, imap, imaps, ldap, ldaps, pop3, pop3s, rtsp, scp, sftp, smb, smbs, smtp, smtps, telnet, tftp
    Host => x86_64-redhat-linux-gnu
    SSL Version => OpenSSL/1.1.1k
    ZLib Version => 1.2.11
    libSSH Version => libssh/0.9.6/openssl/zlib
    
    Directive => Local Value => Master Value
    curl.cainfo => /etc/ssl/certs/cacert.pem => /etc/ssl/certs/cacert.pem


    PHP imagick
    Code (Text):
    php --ri imagick
    imagick module => enabled
    imagick module version => 3.7.0
    imagick classes => Imagick, ImagickDraw, ImagickPixel, ImagickPixelIterator, ImagickKernel
    Imagick compiled with ImageMagick version => ImageMagick 6.9.12-98 Q16 x86_64 18038 https://legacy.imagemagick.org
    Imagick using ImageMagick library version => ImageMagick 6.9.12-98 Q16 x86_64 18038 https://legacy.imagemagick.org
    ImageMagick copyright => (C) 1999 ImageMagick Studio LLC
    ImageMagick release date => 2023-10-08
    ImageMagick number of supported formats:  => 247
    ImageMagick supported formats => 3FR, 3G2, 3GP, AAI, AI, APNG, ART, ARW, AVI, AVS, BGR, BGRA, BGRO, BIE, BMP, BMP2, BMP3, BRF, CAL, CALS, CANVAS, CAPTION, CIN, CIP, CLIP, CMYK, CMYKA, CR2, CR3, CRW, CUR, CUT, DATA, DCM, DCR, DCX, DDS, DFONT, DJVU, DNG, DOT, DPX, DXT1, DXT5, EPDF, EPI, EPS, EPS2, EPS3, EPSF, EPSI, EPT, EPT2, EPT3, ERF, EXR, FAX, FILE, FITS, FLV, FRACTAL, FTP, FTS, G3, G4, GIF, GIF87, GRADIENT, GRAY, GRAYA, GROUP4, GV, H, HALD, HDR, HISTOGRAM, HRZ, HTM, HTML, HTTP, HTTPS, ICB, ICO, ICON, IIQ, INFO, INLINE, IPL, ISOBRL, ISOBRL6, J2C, J2K, JBG, JBIG, JNG, JNX, JP2, JPC, JPE, JPEG, JPG, JPM, JPS, JPT, JSON, K25, KDC, LABEL, M2V, M4V, MAC, MAGICK, MAP, MASK, MAT, MATTE, MEF, MIFF, MKV, MNG, MONO, MOV, MP4, MPC, MPEG, MPG, MRW, MSL, MSVG, MTV, MVG, NEF, NRW, NULL, ORF, OTB, OTF, PAL, PALM, PAM, PANGO, PATTERN, PBM, PCD, PCDS, PCL, PCT, PCX, PDB, PDF, PDFA, PEF, PES, PFA, PFB, PFM, PGM, PGX, PICON, PICT, PIX, PJPEG, PLASMA, PNG, PNG00, PNG24, PNG32, PNG48, PNG64, PNG8, PNM, POCKETMOD, PPM, PREVIEW, PS, PS2, PS3, PSB, PSD, PTIF, PWP, RADIAL-GRADIENT, RAF, RAS, RAW, RGB, RGBA, RGBO, RGF, RLA, RLE, RMF, RW2, SCR, SCT, SFW, SGI, SHTML, SIX, SIXEL, SPARSE-COLOR, SR2, SRF, STEGANO, SUN, SVG, SVGZ, TEXT, TGA, THUMBNAIL, TIFF, TIFF64, TILE, TIM, TTC, TTF, TXT, UBRL, UBRL6, UIL, UYVY, VDA, VICAR, VID, VIDEO, VIFF, VIPS, VST, WBMP, WEBM, WEBP, WMF, WMV, WMZ, WPG, X, X3F, XBM, XC, XCF, XPM, XPS, XV, XWD, YCbCr, YCbCrA, YUV
    
    Directive => Local Value => Master Value
    imagick.locale_fix => 0 => 0
    imagick.skip_version_check => 0 => 0
    imagick.progress_monitor => 0 => 0
    imagick.set_single_thread => 1 => 1
    imagick.shutdown_sleep_count => 10 => 10
    imagick.allow_zero_dimension_images => 0 => 0


    PHP memcache
    Code (Text):
    php --ri memcache
    
    memcache
    
    memcache support => enabled
    Version => 8.2
    
    Directive => Local Value => Master Value
    memcache.allow_failover => 1 => 1
    memcache.max_failover_attempts => 20 => 20
    memcache.default_port => 11211 => 11211
    memcache.chunk_size => 32768 => 32768
    memcache.protocol => ascii => ascii
    memcache.hash_strategy => consistent => consistent
    memcache.hash_function => crc32 => crc32
    memcache.redundancy => 1 => 1
    memcache.session_redundancy => 2 => 2
    memcache.compress_threshold => 20000 => 20000
    memcache.lock_timeout => 15 => 15
    memcache.session_prefix_host_key => Off => Off
    memcache.session_prefix_host_key_remove_www => On => On
    memcache.session_prefix_host_key_remove_subdomain => Off => Off
    memcache.session_prefix_static_key => no value => no value
    memcache.session_save_path => no value => no value
    memcache.prefix_host_key => Off => Off
    memcache.prefix_host_key_remove_www => On => On
    memcache.prefix_host_key_remove_subdomain => Off => Off
    memcache.prefix_static_key => no value => no value



    PHP memcached
    Code (Text):
    php --ri memcached
    
    memcached
    
    memcached support => enabled
    Version => 3.2.1-dev
    libmemcached version => 1.0.18
    SASL support => yes
    Session support => yes
    igbinary support => no
    json support => yes
    msgpack support => no
    zstd support => no
    
    Directive => Local Value => Master Value
    memcached.sess_locking => On => On
    memcached.sess_lock_wait_min => 150 => 150
    memcached.sess_lock_wait_max => 150 => 150
    memcached.sess_lock_retries => 5 => 5
    memcached.sess_lock_expire => 0 => 0
    memcached.sess_binary_protocol => On => On
    memcached.sess_consistent_hash => Off => Off
    memcached.sess_consistent_hash_type => ketama => ketama
    memcached.sess_number_of_replicas => 0 => 0
    memcached.sess_randomize_replica_read => Off => Off
    memcached.sess_remove_failed_servers => Off => Off
    memcached.sess_server_failure_limit => 0 => 0
    memcached.sess_connect_timeout => 3000 => 3000
    memcached.sess_sasl_username => no value => no value
    memcached.sess_sasl_password => no value => no value
    memcached.sess_persistent => Off => Off
    memcached.sess_prefix => memc.sess.key. => memc.sess.key.
    memcached.sess_lock_wait => not set => not set
    memcached.sess_lock_max_wait => not set => not set
    memcached.compression_type => fastlz => fastlz
    memcached.compression_factor => 1.3 => 1.3
    memcached.compression_level => 3 => 3
    memcached.compression_threshold => 2000 => 2000
    memcached.serializer => php => php
    memcached.store_retry_count => 0 => 0
    memcached.item_size_limit => 0 => 0
    memcached.default_consistent_hash => Off => Off
    memcached.default_binary_protocol => Off => Off
    memcached.default_connect_timeout => 0 => 0


    PHP redis
    Code (Text):
    php --ri redis
    
    redis
    
    Redis Support => enabled
    Redis Version => 6.0.1
    Redis Sentinel Version => 1.0
    Available serializers => php, json
    Available compression => zstd, lz4
    
    Directive => Local Value => Master Value
    redis.arrays.algorithm => no value => no value
    redis.arrays.auth => no value => no value
    redis.arrays.autorehash => 0 => 0
    redis.arrays.connecttimeout => 0 => 0
    redis.arrays.distributor => no value => no value
    redis.arrays.functions => no value => no value
    redis.arrays.hosts => no value => no value
    redis.arrays.index => 0 => 0
    redis.arrays.lazyconnect => 0 => 0
    redis.arrays.names => no value => no value
    redis.arrays.pconnect => 0 => 0
    redis.arrays.previous => no value => no value
    redis.arrays.readtimeout => 0 => 0
    redis.arrays.retryinterval => 0 => 0
    redis.arrays.consistent => 0 => 0
    redis.clusters.cache_slots => 0 => 0
    redis.clusters.auth => no value => no value
    redis.clusters.persistent => 0 => 0
    redis.clusters.read_timeout => 0 => 0
    redis.clusters.seeds => no value => no value
    redis.clusters.timeout => 0 => 0
    redis.pconnect.pooling_enabled => 1 => 1
    redis.pconnect.connection_limit => 0 => 0
    redis.pconnect.echo_check_liveness => 1 => 1
    redis.pconnect.pool_detect_dirty => 0 => 0
    redis.pconnect.pool_poll_timeout => 0 => 0
    redis.pconnect.pool_pattern => no value => no value
    redis.session.locking_enabled => 0 => 0
    redis.session.lock_expire => 0 => 0
    redis.session.lock_retries => 100 => 100
    redis.session.lock_wait_time => 20000 => 20000
    redis.session.early_refresh => 0 => 0


    PHP openssl
    Code (Text):
    php --ri openssl
    
    openssl
    
    OpenSSL support => enabled
    OpenSSL Library Version => OpenSSL 1.1.1k  FIPS 25 Mar 2021
    OpenSSL Header Version => OpenSSL 1.1.1k  FIPS 25 Mar 2021
    Openssl default config => /etc/pki/tls/openssl.cnf
    
    Directive => Local Value => Master Value
    openssl.cafile => no value => no value
    openssl.capath => no value => no value


    PHP gd
    Code (Text):
    php --ri gd
    
    gd
    
    GD Support => enabled
    GD Version => bundled (2.1.0 compatible)
    FreeType Support => enabled
    FreeType Linkage => with freetype
    FreeType Version => 2.9.1
    GIF Read Support => enabled
    GIF Create Support => enabled
    JPEG Support => enabled
    libJPEG Version => 6b
    PNG Support => enabled
    libPNG Version => 1.6.34
    WBMP Support => enabled
    XPM Support => enabled
    libXpm Version => 30411
    XBM Support => enabled
    WebP Support => enabled
    BMP Support => enabled
    TGA Read Support => enabled
    
    Directive => Local Value => Master Value
    gd.jpeg_ignore_warning => 1 => 1


    PHP Zend Opcache this reports PHP command line status only which is disabled by default. While non-command line is enabled if you check via web based viewing of phpinfo page.
    Code (Text):
    php --ri "Zend Opcache"
    
    Zend OPcache
    
    Opcode Caching => Disabled
    Optimization => Disabled
    SHM Cache => Enabled
    File Cache => Disabled
    JIT => On
    Startup Failed => Opcode Caching is disabled for CLI
    
    Directive => Local Value => Master Value
    opcache.enable => On => On
    opcache.use_cwd => On => On
    opcache.validate_timestamps => On => On
    opcache.validate_permission => Off => Off
    opcache.validate_root => Off => Off
    opcache.dups_fix => Off => Off
    opcache.revalidate_path => Off => Off
    opcache.log_verbosity_level => 1 => 1
    opcache.memory_consumption => 288 => 288
    opcache.interned_strings_buffer => 16 => 16
    opcache.max_accelerated_files => 65407 => 65407
    opcache.max_wasted_percentage => 5 => 5
    opcache.consistency_checks => 0 => 0
    opcache.force_restart_timeout => 180 => 180
    opcache.revalidate_freq => 180 => 180
    opcache.file_update_protection => 2 => 2
    opcache.preferred_memory_model => no value => no value
    opcache.blacklist_filename => no value => no value
    opcache.max_file_size => 0 => 0
    opcache.protect_memory => Off => Off
    opcache.save_comments => On => On
    opcache.record_warnings => Off => Off
    opcache.optimization_level => 0x7FFEBFFF => 0x7FFEBFFF
    opcache.opt_debug_level => 0 => 0
    opcache.enable_file_override => On => On
    opcache.enable_cli => Off => Off
    opcache.error_log => no value => no value
    opcache.restrict_api => no value => no value
    opcache.lockfile_path => /tmp => /tmp
    opcache.file_cache => no value => no value
    opcache.file_cache_only => Off => Off
    opcache.file_cache_consistency_checks => On => On
    opcache.huge_code_pages => Off => Off
    opcache.preload => no value => no value
    opcache.preload_user => no value => no value
    opcache.jit => tracing => tracing
    opcache.jit_buffer_size => 0 => 0
    opcache.jit_debug => 0 => 0
    opcache.jit_bisect_limit => 0 => 0
    opcache.jit_prof_threshold => 0.005 => 0.005
    opcache.jit_max_root_traces => 1024 => 1024
    opcache.jit_max_side_traces => 128 => 128
    opcache.jit_max_exit_counters => 8192 => 8192
    opcache.jit_hot_loop => 64 => 64
    opcache.jit_hot_func => 127 => 127
    opcache.jit_hot_return => 8 => 8
    opcache.jit_hot_side_exit => 8 => 8
    opcache.jit_blacklist_root_trace => 16 => 16
    opcache.jit_blacklist_side_trace => 8 => 8
    opcache.jit_max_loop_unrolls => 8 => 8
    opcache.jit_max_recursive_calls => 2 => 2
    opcache.jit_max_recursive_returns => 2 => 2
    opcache.jit_max_polymorphic_calls => 2 => 2

    All PHP .ini settings can be overridden of customised as outlined at https://centminmod.com/phpfpm.html
     
  4. eva2000

    eva2000 Administrator Staff Member

    51,740
    11,946
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,438
    Local Time:
    5:20 PM
    Nginx 1.25.x
    MariaDB 10.x

    h2load HTTP/2 Benchmarking



    You can also do some quick Centmin Mod Nginx HTTPS HTTP/2 h2load benchmarking using my h2load benchmark wrapper script https://github.com/centminmod/h2load-benchmarks.

    You can create Nginx HTTPS self-signed cert vhost domain.com for dummy tests using centmin.sh menu option 2 or via /usr/bin/nv command line as outlined here https://centminmod.com/nginx_domain_dns_setup.html.
    Code (Text):
    nv
    
    Usage: /usr/bin/nv [-d yourdomain.com] [-s y|n|yd] [-u ftpusername]
    
      -d  yourdomain.com or subdomain.yourdomain.com
      -s  ssl self-signed create = y or n or https only vhost = yd
      -u  your FTP username
    
      example:
    
      /usr/bin/nv -d yourdomain.com -s y -u ftpusername
      /usr/bin/nv -d yourdomain.com -s n -u ftpusername
      /usr/bin/nv -d yourdomain.com -s yd -u ftpusername


    To enable Nginx free Letsencrypt SSL certificate creation, read https://centminmod.com/letsencrypt-freessl.html where you set in persistent config file /etc/centminmod/custom_config.inc the following variable(s).
    Code (Text):
    LETSENCRYPT_DETECT='y'
    

    If you want to use dual RSA 2048bit + ECDSA 256bit SSL certificates where ECDSA 256bit SSL certificates allow better HTTPS performance.
    Code (Text):
    LETSENCRYPT_DETECT='y'
    DUALCERTS='y'
    

    If LETSENCRYPT_DETECT='y' is enabled, the nv command line options expand for -s flag to the following:
    Code (Text):
    nv
    
    Usage: /usr/bin/nv [-d yourdomain.com] [-s y|n|yd|le|led|lelive|lelived] [-u ftpusername]
    
      -d  yourdomain.com or subdomain.yourdomain.com
      -s  ssl self-signed create = y or n or https only vhost = yd
      -s  le - letsencrypt test cert or led test cert with https default
      -s  lelive - letsencrypt live cert or lelived live cert with https default
      -u  your FTP username
    
      example:
    
      /usr/bin/nv -d yourdomain.com -s y -u ftpusername
      /usr/bin/nv -d yourdomain.com -s n -u ftpusername
      /usr/bin/nv -d yourdomain.com -s yd -u ftpusername
      /usr/bin/nv -d yourdomain.com -s le -u ftpusername
      /usr/bin/nv -d yourdomain.com -s led -u ftpusername
      /usr/bin/nv -d yourdomain.com -s lelive -u ftpusername
      /usr/bin/nv -d yourdomain.com -s lelived -u ftpusername


    For the purpose of this example, use nv command create Nginx vhost domain = domain.com with self-signed SSL cert and pure-ftpd virtual FTP username = YOURFTPusername.
    Code (Text):
    /usr/bin/nv -d domain.com -s y -u YOURFTPusername
    

    Setup dummy domain.com with local server DNS override in /etc/hosts grabbing server public IP.
    Code (Text):
    CNIP=$(curl -s https://geoip.centminmod.com/v4 | jq -r ".ip") && echo "$CNIP domain.com" >> /etc/hosts
    cat /etc/hosts
    curl -Ik https://domain.com
    

    curl header check output
    Code (Text):
    curl -Ik https://domain.com
    
    HTTP/2 200
    date: Fri, 03 Nov 2023 09:09:05 GMT
    content-type: text/html; charset=utf-8
    content-length: 6356
    last-modified: Fri, 03 Nov 2023 05:42:52 GMT
    vary: Accept-Encoding
    etag: "6544885c-18d4"
    server: nginx centminmod
    x-powered-by: centminmod
    x-xss-protection: 1; mode=block
    x-content-type-options: nosniff
    accept-ranges: bytes
    


    Git clone the https://github.com/centminmod/h2load-benchmarks Github repo.
    Code (Text):
    cd /home; git clone https://github.com/centminmod/h2load-benchmarks
    

    Run h2load-bench.sh with 1 CPU thread, 100 concurrent clients and 5000 requests and save results to /home/nginxh2loadbench-summary.log file.
    Code (Text):
    /home/h2load-benchmarks/h2load-bench.sh -t1 -c100 -n5000 -u https://domain.com | grep -oP '{.*}' | jq -r | tee -a /home/nginxh2loadbench-summary.log
    

    Example output for h2load HTTP/2 benchmark against dummy Nginx vhost domain.com in JSON format. With 12700.54 requests/sec and 27.45MB/s of data transferred using X25519 curve key exchange and TLS_AES_256_GCM_SHA384 SSL cipher.
    Code (Text):
    /home/h2load-benchmarks/h2load-bench.sh -t1 -c100 -n5000 -u https://domain.com | grep -oP '{.*}' | jq -r | tee -a /home/nginxh2loadbench-summary.log
    
    {
      "time": "393.68ms",
      "req_per_sec": "12700.54",
      "mbs": "27.45MB/s",
      "total_req": "5000",
      "started_req": "5000",
      "done_req": "5000",
      "succeeded_req": "5000",
      "failed_req": "0",
      "errored_req": "0",
      "timeout_req": "0",
      "status_2xx": "5000",
      "status_3xx": "0",
      "status_4xx": "0",
      "status_5xx": "0",
      "total_traffic": "10.81MB",
      "header_traffic": "1010.74KB",
      "data_traffic": "9.73MB",
      "req_min": "1.25",
      "req_max": "229.83",
      "req_mean": "80.04",
      "req_sd": "68.46ms",
      "req_sd_pct": "61.76%",
      "conn_min": "11.55",
      "conn_max": "360.32",
      "conn_mean": "126.31",
      "conn_sd": "130.74ms",
      "conn_sd_pct": "72.00%",
      "first_byte_min": "54.69",
      "first_byte_max": "375.71",
      "first_byte_mean": "203.33",
      "first_byte_sd": "97.48ms",
      "first_byte_sd_pct": "57.00%",
      "req_s_min": "127.65",
      "req_s_max": "815.96",
      "req_s_mean": "313.62",
      "req_s_sd": "200.85",
      "req_s_sd_pct": "200.85",
      "cipher": "TLS_AES_256_GCM_SHA384",
      "tempkey": "X25519",
      "protocol": "h2",
      "threads": "1",
      "connections": "100",
      "duration": "null",
      "warm_up_time": "null",
      "requests": "5000",
      "udp_sent": "",
      "udp_received": ""
    }
     
  5. eva2000

    eva2000 Administrator Staff Member

    51,740
    11,946
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,438
    Local Time:
    5:20 PM
    Nginx 1.25.x
    MariaDB 10.x

    MariaDB MySQL Server



    Centmin Mod 130.00beta01 installs MariaDB 10.4 by default with MySQL root password set in /root/.my.cnf and changeable via centmin.sh menu option 11 submenu option 0.
    Code (Text):
    mysqladmin ver
    mysqladmin  Ver 9.1 Distrib 10.4.31-MariaDB, for Linux on x86_64
    Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
    
    Server version          10.4.31-MariaDB
    Protocol version        10
    Connection              Localhost via UNIX socket
    UNIX socket             /var/lib/mysql/mysql.sock
    Uptime:                 4 hours 24 min 47 sec
    
    Threads: 3  Questions: 17  Slow queries: 0  Opens: 17  Flush tables: 1  Open tables: 10  Queries per second avg: 0.001

    With optional major upgrades to MariaDB 10.5 and 10.6 via centmin.sh menu option 11 - see https://community.centminmod.com/threads/mariadb-10-1-upgrades-to-mariadb-10-2-10-3-and-10-4.17793/
    Code (Text):
    --------------------------------------------------------
         Centmin Mod Menu 130.00beta01 centminmod.com   
    --------------------------------------------------------
    1).  Centmin Install
    2).  Add Nginx vhost domain
    3).  NSD setup domain name DNS
    4).  Nginx Upgrade / Downgrade
    5).  PHP Upgrade / Downgrade
    6).  Option Being Revised (TBA)
    7).  Option Being Revised (TBA)
    8).  Option Being Revised (TBA)
    9).  Option Being Revised (TBA)
    10). Memcached Server Re-install
    11). MariaDB MySQL Upgrade & Management
    12). Zend OpCache Install/Re-install
    13). Install/Reinstall Redis PHP Extension
    14). SELinux disable
    15). Install/Reinstall ImagicK PHP Extension
    16). Change SSHD Port Number
    17). Multi-thread compression: zstd,pigz,pbzip2,lbzip2
    18). Suhosin PHP Extension install
    19). Install FFMPEG and FFMPEG PHP Extension
    20). NSD Install/Re-Install
    21). Data Transfer (TBA)
    22). Add Wordpress Nginx vhost + Cache Plugin
    23). Update Centmin Mod Code Base
    24). Exit
    --------------------------------------------------------
    Enter option [ 1 - 24 ] 11
    --------------------------------------------------------
    

    Code (Text):
    --------------------------------------------------------
         MariaDB MySQL Upgrade & Management Sub-Menu     
    --------------------------------------------------------
    0). Regenerate New MySQL Root User Password (local server)
    1). MariaDB 5.2.x Branch Upgrade Only
    2). MariaDB 5.2.x to MariaDB 5.5 YUM upgrade
    3). MariaDB 5.5 to MariaDB 10.x YUM upgrade
    4). MariaDB 5.5 to MariaDB 10.1.x YUM upgrade
    5). MariaDB 10.x to MariaDB 10.1.x YUM upgrade
    6). MariaDB 10.1.x to MariaDB 10.2.x YUM upgrade
    7). MariaDB 10.2.x to MariaDB 10.3.x YUM upgrade
    8). MariaDB 10.3.x to MariaDB 10.4.x YUM upgrade
    9). MariaDB 10.4.x to MariaDB 10.5.x YUM upgrade
    10). MariaDB 10.5.x to MariaDB 10.6.x YUM upgrade
    11). Back to Main menu
    --------------------------------------------------------
    Enter option [ 0 - 11 ] 


    You can use /usr/local/src/centminmod/addons/mysqladmin_shell.sh to create and manage MySQL databases and users https://community.centminmod.com/threads/mysqladmin_shell-sh-shell-based-addon.543/

    Options available for addons/mysqladmin_shell.sh
    Code (Text):
    addons/mysqladmin_shell.sh
    
    Usage: addons/mysqladmin_shell.sh {multidb|setglobaluser|setuserdb|setpass|createuserdb|deluser|showgrants}
    
    Options:
    
      multidb
        Multiple MySQL database/user creation mode. Pass a file name containing
        db, user, and pass as 3-column entries.
    
      setglobaluser
        Create a MySQL username with access to all databases on the server
        without SUPER ADMIN privileges (non-root).
    
      setuserdb
        Create individual MySQL usernames and databases or assign a new
        database to an existing MySQL username.
    
      setpass
        Change MySQL username password.
    
      createuserdb
        Unattended create individual MySQL username & databases. Fields
        required are dbname, dbuser, and dbpass.
    
      deluser
        Delete MySQL usernames.
    
      showgrants
        Show existing MySQL username granted privileges.


    Example, using

    multidb


    To create multiple MySQL databases and users using a file i.e. /home/nginx/domains/domain.com/dbfile.txt containing database, user, and password details in three columns, run:
    Code (Text):
    cd /usr/local/src/centminmod/addons
    ./mysqladmin_shell.sh multidb /home/nginx/domains/domain.com/dbfile.txt

    The input file /home/nginx/domains/domain.com/dbfile.txt should be in the following format:
    Code (Text):
    dbname dbusername dbpassword
    db2name db2username db2password
    

    Example output
    Code (Text):
    cd /usr/local/src/centminmod/addons
    ./mysqladmin_shell.sh multidb /home/nginx/domains/domain.com/dbfile.txt
    
    --------------------------------------------------------------
    Basic MySQL Admin - create mysql user & databases
    --------------------------------------------------------------
    --------------------------------------------------------------
    
    ----------------------------------------------------------------------------
    Create Multiple MySQL Databases, User & Pass From specified filepath/name
    i.e. /home/nginx/domains/domain.com/dbfile.txt
    One entry per line in dbfile.txt in format of:
    databasename databaseuser databasepass
    ----------------------------------------------------------------------------
    
    ---------------------------------
    Ok: MySQL user: db2username MySQL database: db2name created successfully
    
    
    ---------------------------------
    Ok: MySQL user: dbusername MySQL database: dbname created successfully
    


    Using

    createuserdb

    To create an individual MySQL user and database in an unattended mode, run:

    Code (Text):
    cd /usr/local/src/centminmod/addons
    ./mysqladmin_shell.sh createuserdb mydbname mydbuser mydbpass


    Replace mydbname, mydbuser, and mydbpass with the desired database name, user, and password, respectively.

    Example output
    Code (Text):
    cd /usr/local/src/centminmod/addons
    ./mysqladmin_shell.sh createuserdb mydbname mydbuser mydbpass
    --------------------------------------------------------------
    Basic MySQL Admin - create mysql user & databases
    --------------------------------------------------------------
    --------------------------------------------------------------
    Grants for mydbuser@localhost
    GRANT USAGE ON *.* TO `mydbuser`@`localhost` IDENTIFIED BY PASSWORD '*656A1F1C6814E2C4D43C302508A1E82184AD5320'
    GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, INDEX, ALTER, CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, TRIGGER ON `mydbname`.* TO `mydbuser`@`localhost`
    Ok: MySQL user: mydbuser MySQL database: mydbname created successfully
     
  6. eva2000

    eva2000 Administrator Staff Member

    51,740
    11,946
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,438
    Local Time:
    5:20 PM
    Nginx 1.25.x
    MariaDB 10.x

    MariaDB 10.4, 10.5, 10.6 Upgrades



    Centmin Mod 130.00beta01 defaults to installing MariaDB 10.4 from official MariaDB YUM repo unless you configure it otherwise by using following relevant variables to set in the persistent config file /etc/centminmod/custom_config.inc BEFORE initial Centmin Mod install.

    For MariaDB 10.6 default, set these variables to in the persistent config file /etc/centminmod/custom_config.inc BEFORE initial Centmin Mod install.
    Code (Text):
    MARIADB_INSTALLTENTHREE='n'
    MARIADB_INSTALLTENFOUR='n'
    MARIADB_INSTALLTENFIVE='n'
    MARIADB_INSTALLTENSIX='y'
    


    Centmin Mod initial install automatically tests your server and it's CPU, memory and disk performance and auto optimizes the MariaDB MySQL /etc/my.cnf configuration file for your server specs. The /etc/my.cnf will have generate settings and then MariaDB version specific settings under sections like:
    Code (Text):
    [mariadb-10.4]
    
    [mariadb-10.5]
    
    [mariadb-10.6]
    

    For ease of use, to access or edit /etc/my.cnf file, you can run SSH command shortcut = mycnf which will invoke nano text editor for the file /etc/my.cnf. You can see a list of Centmin Mod command shortcuts on official Centmin Mod FAQ page item 16.
    • Edit custom_config.inc persistent config file = customconfig ( /etc/centminmod/custom_config.inc )
    • mytimes = mytimes displays server date and time in multiple timezones (123.09beta01 only at /usr/bin/mytimes)
    • Edit php.ini = phpedit ( /usr/local/lib/php.ini )
    • Edit my.cnf = mycnf ( /etc/my.cnf )
    • Edit php-fpm.conf = fpmconf ( /usr/local/etc/php-fpm.conf )
    • Edit nginx.conf = nginxconf ( /usr/local/nginx/conf/nginx.conf )
    • Edit (nginx) virtual.conf = vhostconf - only edits /usr/local/nginx/conf/conf.d/virtual.conf not the additional vhost domain.com.conf files added later
    • Edit (nginx) php.conf = phpinc ( /usr/local/nginx/conf/php.conf )
    • Edit (nginx) drop.conf = dropinc ( /usr/local/nginx/conf/drop.conf )
    • Edit (nginx) staticfiles.conf = statfilesinc ( /usr/local/nginx/conf/staticfiles.conf )
    • nginx stop/start/restart = ngxstop/ngxstart/ngxrestart
    • php-fpm stop/start/restart = fpmstop/fpmstart/fpmrestart
    • mysql stop/start/restart = mysqlstop/mysqlstart/mysqlrestart
    • nginx + php-fpm stop/start/restart = npstop/npstart/nprestart
    • memcached stop/start/restart = memcachedstop/memcachedstart/memcachedrestart
    • csf stop/start/restart = csfstop/csfstart/csfrestart
    Example of mytimes output:
    Code (Text):
    mytimes
    Fri Nov  3 11:39:11 UTC 2023    [UTC]
    Fri Nov  3 21:39:11 AEST 2023   [Australia/Brisbane]
    Fri Nov  3 04:39:11 PDT 2023    [America/Los_Angeles]
    Fri Nov  3 06:39:11 CDT 2023    [America/Chicago]
    Fri Nov  3 07:39:11 EDT 2023    [America/New_York]
    Fri Nov  3 07:39:11 EDT 2023    [America/Montreal]
    Fri Nov  3 11:39:11 GMT 2023    [Europe/London]
    Fri Nov  3 12:39:11 CET 2023    [Europe/Berlin]
    Fri Nov  3 18:39:11 +07 2023    [Asia/Bangkok]
    Fri Nov  3 18:39:11 +07 2023    [Asia/Ho_Chi_Minh]
    Fri Nov  3 18:39:11 WIB 2023    [Asia/Jakarta]
    Fri Nov  3 19:39:11 +08 2023    [Asia/Kuala_Lumpur]
    Fri Nov  3 19:39:11 +08 2023    [Asia/Singapore]


    It's optimized for the server specs, but doesn't mean it's optimized for your web application's usage of MariaDB MySQL. So modifications maybe needed though Centmin Mod will give you a good starting configuration that is better than usual MySQL defaults :D

    Currently, MariaDB 10.6 is max version supported with MariaDB 10.11 planned in future. Minor MariaDB version upgrades within a major branch are usually updated via normal YUM updates.

    If you want to upgrade your MariaDB 10.4 existing MySQL server to MariaDB 10.6 via centmin.sh menu option 11 - see https://community.centminmod.com/threads/mariadb-10-1-upgrades-to-mariadb-10-2-10-3-and-10-4.17793/ and https://community.centminmod.com/threads/mariadb-10-4-upgrades-testing.23277/.

    To upgrade your MariaDB 10.4 existing MySQL server to MariaDB 10.6 via centmin.sh menu option 11, you have the following 3 variables to be set in the persistent config file /etc/centminmod/custom_config.inc BEFORE running centmin.sh menu option 11. Any issues, I'd need the MariaDB upgrade logs for inspecting which will be automatically saved at /root/centminlogs. You can use the below outlined cminfo listlogs command to find the log name quickly.
    Code (Text):
    ENABLE_MARIADBTENFOURUPGRADE='y'
    ENABLE_MARIADBTENFIVEUPGRADE='y'
    ENABLE_MARIADBTENSIXUPGRADE='y'
    

    For ease of use, to access /etc/centminmod/custom_config.inc persistent config file, you can run SSH command shortcut = customconfig which will invoke nano text editor for the file /etc/centminmod/custom_config.inc.

    To go from MariaDB 10.4 to 10.6, you have to upgrade from MariaDB 10.4 to 10.5 first via centmin.sh menu option 11 submenu option 9

    Code (Text):
    --------------------------------------------------------
         MariaDB MySQL Upgrade & Management Sub-Menu    
    --------------------------------------------------------
    0). Regenerate New MySQL Root User Password (local server)
    1). MariaDB 5.2.x Branch Upgrade Only
    2). MariaDB 5.2.x to MariaDB 5.5 YUM upgrade
    3). MariaDB 5.5 to MariaDB 10.x YUM upgrade
    4). MariaDB 5.5 to MariaDB 10.1.x YUM upgrade
    5). MariaDB 10.x to MariaDB 10.1.x YUM upgrade
    6). MariaDB 10.1.x to MariaDB 10.2.x YUM upgrade
    7). MariaDB 10.2.x to MariaDB 10.3.x YUM upgrade
    8). MariaDB 10.3.x to MariaDB 10.4.x YUM upgrade
    9). MariaDB 10.4.x to MariaDB 10.5.x YUM upgrade
    10). MariaDB 10.5.x to MariaDB 10.6.x YUM upgrade
    11). Back to Main menu
    --------------------------------------------------------
    Enter option [ 0 - 11 ] 9
    --------------------------------------------------------
    

    The upgrade routine will remind folks to do full mysqldump backup of your MySQL databases just to be safe. If you only just installed Centmin Mod, and don't have any MySQL data to safeguard, you can just answer yes to continue.
    Code (Text):
    -------------------------------------------------------------------------------
     This script's MariaDB 10.5.x upgrade process is still in beta testing stages.
     So please test on a test server and not a live production server. But if you use
     on live server or if MySQL databases already exist, please back them up before
     running this upgrade script via mysqldump - instructions at:
     http://dev.mysql.com/doc/refman/5.6/en/mysqldump.html.
    
     ###################################################################
     ###          IMPORTANT MYSQLDUMP BACKUP BEFORE UPGRADE          ###
     ###        OR RISK DATA LOSS DUE TO MARIADB 10.5 Changes        ###
     ###################################################################
    
     For each DATABASENAME backup via mysqldump i.e.
    
      mysqldump --opt --routines DATABASENAME > /path/to/DATABASENAME_backup.sql
    ------------------------------------------------------------------------
    
    Have you backed up your databases ? [y/n] y
    
    MariaDB 10.5.x https://mariadb.com/kb/en/library/what-is-mariadb-104/
    
    !!  Note  !!
    upgrade process can take more >5 minutes.. you may want to shutdown
    nginx server to not show mysql errors to visitors on your site or
    put site(s) into maintenance mode before proceeding with mysql upgrade
    
    Do you want to continue with upgrade to MariaDB 10.5.x ? [y/n] y
    

    Code (Text):
    checking mysql root password works in /root/.my.cnf
    mysqladmin ver
    mysqladmin  Ver 9.1 Distrib 10.4.31-MariaDB, for Linux on x86_64
    Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
    
    Server version          10.4.31-MariaDB
    Protocol version        10
    Connection              Localhost via UNIX socket
    UNIX socket             /var/lib/mysql/mysql.sock
    Uptime:                 5 hours 53 min 1 sec
    
    Threads: 3  Questions: 20  Slow queries: 0  Opens: 17  Flush tables: 1  Open tables: 10  Queries per second avg: 0.000
    

    Code (Text):
                 ____                                  _            
                |  _ \  _ __  ___  _ __    __ _  _ __ (_) _ __    __ _
                | |_) || '__|/ _ \| '_ \  / _` || '__|| || '_ \  / _` |
                |  __/ | |  |  __/| |_) || (_| || |   | || | | || (_| |
                |_|    |_|   \___|| .__/  \__,_||_|   |_||_| |_| \__, |
                                  |_|                            |___/
        ____   _             _       _                          _____         
       / ___| | |__   _   _ | |_  __| |  ___ __      __ _ __   |  ___|___   _ __
       \___ \ | '_ \ | | | || __|/ _` | / _ \\ \ /\ / /| '_ \  | |_  / _ \ | '__|
        ___) || | | || |_| || |_| (_| || (_) |\ V  V / | | | | |  _|| (_) || |
       |____/ |_| |_| \__,_| \__|\__,_| \___/  \_/\_/  |_| |_| |_|   \___/ |_|
                                                                              
                      _   _                                _    
                     | | | | _ __    __ _  _ __  __ _   __| |  ___
                     | | | || '_ \  / _` || '__|/ _` | / _` | / _ \
                     | |_| || |_) || (_| || |  | (_| || (_| ||  __/
                      \___/ | .__/  \__, ||_|   \__,_| \__,_| \___|
                            |_|     |___/                       
    
     no MariaDB / Galera yum packages version locked packages detected
    
    
    shut down existing MariaDB server for upgrade..
    mysql -e "SET GLOBAL innodb_fast_shutdown = 1;"
    
    total 523M
    drwxr-xr-x   8 mysql mysql  283 Nov  3 11:21 .
    drwxr-xr-x. 41 root  root  4.0K Nov  3 05:27 ..
    -rw-rw----   1 mysql mysql  16K Nov  3 11:21 aria_log.00000001
    -rw-rw----   1 mysql mysql   52 Nov  3 11:21 aria_log_control
    drwxr-xr-x   2 root  root    84 Nov  3 05:14 cmsetiofiotest
    drwx------   2 mysql mysql   20 Nov  3 09:46 db2name
    drwx------   2 mysql mysql   20 Nov  3 09:46 dbname
    -rw-rw----   1 mysql mysql  976 Nov  3 05:27 ib_buffer_pool
    -rw-rw----   1 mysql mysql  10M Nov  3 11:21 ibdata1
    -rw-rw----   1 mysql mysql 256M Nov  3 11:21 ib_logfile0
    -rw-rw----   1 mysql mysql 256M Nov  3 05:14 ib_logfile1
    -rw-rw----   1 mysql mysql    0 Nov  3 05:14 multi-master.info
    drwx------   2 mysql mysql 4.0K Nov  3 05:14 mysql
    -rw-r--r--   1 mysql mysql   16 Nov  3 05:14 mysql_upgrade_info
    drwx------   2 mysql mysql   20 Nov  3 05:14 performance_schema
    drwx------   2 mysql mysql   20 Nov  3 05:13 test
    
    warning: /etc/logrotate.d/mysql saved as /etc/logrotate.d/mysql.rpmsave
    Dependencies resolved.
    ================================================================================
     Package        Arch   Version                                 Repository  Size
    ================================================================================
    Removing:
     mytop          noarch 1.7-18.b737f60.el8                      @epel       67 k
    Removing unused dependencies:
     perl-DBD-MySQL x86_64 4.046-3.module_el8.6.0+2827+49d66dc3    @appstream 358 k
     perl-DBI       x86_64 1.641-4.module_el8.6.0+2823+173faa7e    @appstream 1.8 M
    
    Transaction Summary
    ================================================================================
    Remove  3 Packages
    
    Freed space: 2.2 M
    Running transaction check
    Transaction check succeeded.
    Running transaction test
    Transaction test succeeded.
    Running transaction
      Preparing        :                                                        1/1
      Erasing          : mytop-1.7-18.b737f60.el8.noarch                        1/3
      Erasing          : perl-DBD-MySQL-4.046-3.module_el8.6.0+2827+49d66dc3.   2/3
      Erasing          : perl-DBI-1.641-4.module_el8.6.0+2823+173faa7e.x86_64   3/3
      Running scriptlet: perl-DBI-1.641-4.module_el8.6.0+2823+173faa7e.x86_64   3/3
      Verifying        : mytop-1.7-18.b737f60.el8.noarch                        1/3
      Verifying        : perl-DBD-MySQL-4.046-3.module_el8.6.0+2827+49d66dc3.   2/3
      Verifying        : perl-DBI-1.641-4.module_el8.6.0+2823+173faa7e.x86_64   3/3
    
    Removed:
      mytop-1.7-18.b737f60.el8.noarch                                            
      perl-DBD-MySQL-4.046-3.module_el8.6.0+2827+49d66dc3.x86_64                 
      perl-DBI-1.641-4.module_el8.6.0+2823+173faa7e.x86_64                       
    
    Complete!
    

    Code (Text):
        __  __               _         ____   ____    _   ___     ____       
       |  \/  |  __ _  _ __ (_)  __ _ |  _ \ | __ )  / | / _ \   | ___|   __  __
       | |\/| | / _` || '__|| | / _` || | | ||  _ \  | || | | |  |___ \   \ \/ /
       | |  | || (_| || |   | || (_| || |_| || |_) | | || |_| |_  ___) |_  >  <
       |_|  |_| \__,_||_|   |_| \__,_||____/ |____/  |_| \___/(_)|____/(_)/_/\_\
                                                                             
               ____                       ____         _              
              |  _ \  ___  _ __    ___   / ___|   ___ | |_  _   _  _ __
              | |_) |/ _ \| '_ \  / _ \  \___ \  / _ \| __|| | | || '_ \
              |  _ <|  __/| |_) || (_) |  ___) ||  __/| |_ | |_| || |_) |
              |_| \_\\___|| .__/  \___/  |____/  \___| \__| \__,_|| .__/
                          |_|                                     |_| 
    *************************************************
    MariaDB 10.5.x Repo setup...
    *************************************************
    
    102 files removed
    rpm --import https://mirror.rackspace.com/mariadb/yum/RPM-GPG-KEY-MariaDB
    rpm --import https://supplychain.mariadb.com/MariaDB-Server-GPG-KEY
    
    *************************************************
    MariaDB 10.5.x check available packages
    yum -q list MariaDB-client MariaDB-common MariaDB-compat MariaDB-devel MariaDB-server MariaDB-shared --disablerepo=epel --disableplugin=priorities
    *************************************************
    
    Installed Packages
    MariaDB-client.x86_64                   10.4.31-1.el8                   @mariadb
    MariaDB-common.x86_64                   10.4.31-1.el8                   @mariadb
    MariaDB-devel.x86_64                    10.4.31-1.el8                   @mariadb
    MariaDB-shared.x86_64                   10.4.31-1.el8                   @mariadb
    Available Packages
    MariaDB-client.x86_64                   10.5.22-1.el8                   mariadb
    MariaDB-common.x86_64                   10.5.22-1.el8                   mariadb
    MariaDB-compat.x86_64                   10.5.22-1.el8                   mariadb
    MariaDB-devel.x86_64                    10.5.22-1.el8                   mariadb
    MariaDB-server.x86_64                   10.5.22-1.el8                   mariadb
    MariaDB-shared.x86_64                   10.5.22-1.el8                   mariadb
    
    real    0m13.257s
    user    0m9.979s
    sys     0m0.526s
        __  __               _         ____   ____    _   ___     ____       
       |  \/  |  __ _  _ __ (_)  __ _ |  _ \ | __ )  / | / _ \   | ___|   __  __
       | |\/| | / _` || '__|| | / _` || | | ||  _ \  | || | | |  |___ \   \ \/ /
       | |  | || (_| || |   | || (_| || |_| || |_) | | || |_| |_  ___) |_  >  <
       |_|  |_| \__,_||_|   |_| \__,_||____/ |____/  |_| \___/(_)|____/(_)/_/\_\
                                                                             
                            ___              _          _  _
                           |_ _| _ __   ___ | |_  __ _ | || |
                            | | | '_ \ / __|| __|/ _` || || |
                            | | | | | |\__ \| |_| (_| || || |
                           |___||_| |_||___/ \__|\__,_||_||_|
                                                          
    

    Code (Text):
    *************************************************
    MariaDB 10.5.x YUM install...
    yum -y install MariaDB-client MariaDB-common MariaDB-compat MariaDB-devel MariaDB-server MariaDB-shared --disablerepo=epel --disableplugin=priorities
    *************************************************
    
    No matches found for the following disable plugin patterns: priorities
    Last metadata expiration check: 0:00:04 ago on Fri 03 Nov 2023 11:21:41 AM UTC.
    Package MariaDB-client-10.4.31-1.el8.x86_64 is already installed.
    Package MariaDB-common-10.4.31-1.el8.x86_64 is already installed.
    Package MariaDB-devel-10.4.31-1.el8.x86_64 is already installed.
    Package MariaDB-shared-10.4.31-1.el8.x86_64 is already installed.
    Dependencies resolved.
    ================================================================================
     Package          Arch   Version                                Repo       Size
    ================================================================================
    Installing:
     MariaDB-compat   x86_64 10.5.22-1.el8                          mariadb   2.2 M
     MariaDB-server   x86_64 10.5.22-1.el8                          mariadb    27 M
    Upgrading:
     MariaDB-client   x86_64 10.5.22-1.el8                          mariadb    13 M
     MariaDB-common   x86_64 10.5.22-1.el8                          mariadb    88 k
     MariaDB-devel    x86_64 10.5.22-1.el8                          mariadb   8.1 M
     MariaDB-shared   x86_64 10.5.22-1.el8                          mariadb   115 k
    Installing dependencies:
     compat-openssl10 x86_64 1:1.0.2o-4.el8_6                       appstream 1.1 M
     galera-4         x86_64 26.4.14-1.el8                          mariadb    13 M
     libnsl           x86_64 2.28-225.el8_8.6                       baseos    105 k
     perl-DBI         x86_64 1.641-4.module_el8.6.0+2823+173faa7e   appstream 739 k
    
    Transaction Summary
    ================================================================================
    Install  6 Packages
    Upgrade  4 Packages
    
    Total download size: 66 M
    Downloading Packages:
    (1/10): libnsl-2.28-225.el8_8.6.x86_64.rpm      6.9 MB/s | 105 kB     00:00 
    (2/10): perl-DBI-1.641-4.module_el8.6.0+2823+17 8.6 MB/s | 739 kB     00:00 
    (3/10): compat-openssl10-1.0.2o-4.el8_6.x86_64.  11 MB/s | 1.1 MB     00:00 
    (4/10): galera-4-26.4.14-1.el8.x86_64.rpm        14 MB/s |  13 MB     00:00 
    (5/10): MariaDB-server-10.5.22-1.el8.x86_64.rpm  19 MB/s |  27 MB     00:01 
    (6/10): MariaDB-compat-10.5.22-1.el8.x86_64.rpm 1.4 MB/s | 2.2 MB     00:01 
    (7/10): MariaDB-common-10.5.22-1.el8.x86_64.rpm 659 kB/s |  88 kB     00:00 
    (8/10): MariaDB-shared-10.5.22-1.el8.x86_64.rpm 1.0 MB/s | 115 kB     00:00 
    (9/10): MariaDB-client-10.5.22-1.el8.x86_64.rpm  10 MB/s |  13 MB     00:01 
    (10/10): MariaDB-devel-10.5.22-1.el8.x86_64.rpm 9.1 MB/s | 8.1 MB     00:00 
    --------------------------------------------------------------------------------
    Total                                            26 MB/s |  66 MB     00:02  
    Running transaction check
    Transaction check succeeded.
    Running transaction test
    Transaction test succeeded.
    Running transaction
      Preparing        :                                                        1/1
      Installing       : perl-DBI-1.641-4.module_el8.6.0+2823+173faa7e.x86_    1/14
      Running scriptlet: galera-4-26.4.14-1.el8.x86_64                         2/14
      Installing       : galera-4-26.4.14-1.el8.x86_64                         2/14
      Running scriptlet: galera-4-26.4.14-1.el8.x86_64                         2/14
      Installing       : compat-openssl10-1:1.0.2o-4.el8_6.x86_64              3/14
      Running scriptlet: compat-openssl10-1:1.0.2o-4.el8_6.x86_64              3/14
      Installing       : libnsl-2.28-225.el8_8.6.x86_64                        4/14
      Running scriptlet: MariaDB-common-10.5.22-1.el8.x86_64                   5/14
      Upgrading        : MariaDB-common-10.5.22-1.el8.x86_64                   5/14
      Running scriptlet: MariaDB-common-10.5.22-1.el8.x86_64                   5/14
      Running scriptlet: MariaDB-compat-10.5.22-1.el8.x86_64                   6/14
      Installing       : MariaDB-compat-10.5.22-1.el8.x86_64                   6/14
      Running scriptlet: MariaDB-compat-10.5.22-1.el8.x86_64                   6/14
      Running scriptlet: MariaDB-client-10.5.22-1.el8.x86_64                   7/14
      Upgrading        : MariaDB-client-10.5.22-1.el8.x86_64                   7/14
      Running scriptlet: MariaDB-client-10.5.22-1.el8.x86_64                   7/14
      Running scriptlet: MariaDB-shared-10.5.22-1.el8.x86_64                   8/14
      Upgrading        : MariaDB-shared-10.5.22-1.el8.x86_64                   8/14
      Running scriptlet: MariaDB-shared-10.5.22-1.el8.x86_64                   8/14
      Running scriptlet: MariaDB-devel-10.5.22-1.el8.x86_64                    9/14
      Upgrading        : MariaDB-devel-10.5.22-1.el8.x86_64                    9/14
      Running scriptlet: MariaDB-devel-10.5.22-1.el8.x86_64                    9/14
      Running scriptlet: MariaDB-server-10.5.22-1.el8.x86_64                  10/14
      Installing       : MariaDB-server-10.5.22-1.el8.x86_64                  10/14
      Running scriptlet: MariaDB-server-10.5.22-1.el8.x86_64                  10/14
      Running scriptlet: MariaDB-devel-10.4.31-1.el8.x86_64                   11/14
      Cleanup          : MariaDB-devel-10.4.31-1.el8.x86_64                   11/14
      Running scriptlet: MariaDB-devel-10.4.31-1.el8.x86_64                   11/14
      Running scriptlet: MariaDB-client-10.4.31-1.el8.x86_64                  12/14
      Cleanup          : MariaDB-client-10.4.31-1.el8.x86_64                  12/14
      Running scriptlet: MariaDB-client-10.4.31-1.el8.x86_64                  12/14
      Running scriptlet: MariaDB-shared-10.4.31-1.el8.x86_64                  13/14
      Cleanup          : MariaDB-shared-10.4.31-1.el8.x86_64                  13/14
      Running scriptlet: MariaDB-shared-10.4.31-1.el8.x86_64                  13/14
      Running scriptlet: MariaDB-common-10.4.31-1.el8.x86_64                  14/14
      Cleanup          : MariaDB-common-10.4.31-1.el8.x86_64                  14/14
      Running scriptlet: MariaDB-common-10.4.31-1.el8.x86_64                  14/14
      Running scriptlet: MariaDB-common-10.5.22-1.el8.x86_64                  14/14
      Running scriptlet: MariaDB-compat-10.5.22-1.el8.x86_64                  14/14
      Running scriptlet: MariaDB-client-10.5.22-1.el8.x86_64                  14/14
      Running scriptlet: MariaDB-shared-10.5.22-1.el8.x86_64                  14/14
      Running scriptlet: MariaDB-devel-10.5.22-1.el8.x86_64                   14/14
      Running scriptlet: MariaDB-server-10.5.22-1.el8.x86_64                  14/14
      Running scriptlet: MariaDB-common-10.4.31-1.el8.x86_64                  14/14
      Verifying        : libnsl-2.28-225.el8_8.6.x86_64                        1/14
      Verifying        : compat-openssl10-1:1.0.2o-4.el8_6.x86_64              2/14
      Verifying        : perl-DBI-1.641-4.module_el8.6.0+2823+173faa7e.x86_    3/14
      Verifying        : MariaDB-compat-10.5.22-1.el8.x86_64                   4/14
      Verifying        : MariaDB-server-10.5.22-1.el8.x86_64                   5/14
      Verifying        : galera-4-26.4.14-1.el8.x86_64                         6/14
      Verifying        : MariaDB-client-10.5.22-1.el8.x86_64                   7/14
      Verifying        : MariaDB-client-10.4.31-1.el8.x86_64                   8/14
      Verifying        : MariaDB-common-10.5.22-1.el8.x86_64                   9/14
      Verifying        : MariaDB-common-10.4.31-1.el8.x86_64                  10/14
      Verifying        : MariaDB-devel-10.5.22-1.el8.x86_64                   11/14
      Verifying        : MariaDB-devel-10.4.31-1.el8.x86_64                   12/14
      Verifying        : MariaDB-shared-10.5.22-1.el8.x86_64                  13/14
      Verifying        : MariaDB-shared-10.4.31-1.el8.x86_64                  14/14
    
    Upgraded:
      MariaDB-client-10.5.22-1.el8.x86_64    MariaDB-common-10.5.22-1.el8.x86_64
      MariaDB-devel-10.5.22-1.el8.x86_64     MariaDB-shared-10.5.22-1.el8.x86_64
    Installed:
      MariaDB-compat-10.5.22-1.el8.x86_64                                        
      MariaDB-server-10.5.22-1.el8.x86_64                                        
      compat-openssl10-1:1.0.2o-4.el8_6.x86_64                                   
      galera-4-26.4.14-1.el8.x86_64                                              
      libnsl-2.28-225.el8_8.6.x86_64                                             
      perl-DBI-1.641-4.module_el8.6.0+2823+173faa7e.x86_64                       
    
    Complete!
    
    real    0m52.571s
    user    0m47.794s
    sys     0m2.411s
    

    Code (Text):
    *************************************************
    * Adjust old MariaDB 10.x /etc/my.cnf
      for MariaDB 10.5.x my.cnf compatibility
    *************************************************
        __  __               _         ____   ____    _   ___     ____       
       |  \/  |  __ _  _ __ (_)  __ _ |  _ \ | __ )  / | / _ \   | ___|   __  __
       | |\/| | / _` || '__|| | / _` || | | ||  _ \  | || | | |  |___ \   \ \/ /
       | |  | || (_| || |   | || (_| || |_| || |_) | | || |_| |_  ___) |_  >  <
       |_|  |_| \__,_||_|   |_| \__,_||____/ |____/  |_| \___/(_)|____/(_)/_/\_\
                                                                             
                __     _            __                                  __
               / /___ | |_  ___    / /_ __ ___   _   _     ___  _ __   / _|
              / // _ \| __|/ __|  / /| '_ ` _ \ | | | |   / __|| '_ \ | |_
             / /|  __/| |_| (__  / / | | | | | || |_| | _| (__ | | | ||  _|
            /_/  \___| \__|\___|/_/  |_| |_| |_| \__, |(_)\___||_| |_||_|
                                                 |___/                  
             _        _   _              _                            _     
            / \    __| | (_) _   _  ___ | |_  _ __ ___    ___  _ __  | |_  ___
           / _ \  / _` | | || | | |/ __|| __|| '_ ` _ \  / _ \| '_ \ | __|/ __|
          / ___ \| (_| | | || |_| |\__ \| |_ | | | | | ||  __/| | | || |_ \__ \
         /_/   \_\\__,_|_/ | \__,_||___/ \__||_| |_| |_| \___||_| |_| \__||___/
                       |__/                                                 
    
    systemctl start mariadb.service
    systemctl restart mariadb.service
    
    total 791M
    drwx------ 2 mysql mysql   20 Nov  3 05:13 test
    -rw-rw---- 1 mysql mysql    0 Nov  3 05:14 multi-master.info
    drwx------ 2 mysql mysql 4.0K Nov  3 05:14 mysql
    drwx------ 2 mysql mysql   20 Nov  3 05:14 performance_schema
    -rw-r--r-- 1 mysql mysql   16 Nov  3 05:14 mysql_upgrade_info
    -rw-rw---- 1 mysql mysql 256M Nov  3 05:14 ib_logfile1.bak
    drwxr-xr-x 2 mysql mysql   84 Nov  3 05:14 cmsetiofiotest
    drwx------ 2 mysql mysql   20 Nov  3 09:46 db2name
    drwx------ 2 mysql mysql   20 Nov  3 09:46 dbname
    -rw-rw---- 1 mysql mysql 256M Nov  3 11:21 ib_logfile0.bak
    -rw-rw---- 1 mysql mysql  976 Nov  3 11:22 ib_buffer_pool
    -rw-rw---- 1 mysql mysql  10M Nov  3 11:22 ibdata1
    -rw-rw---- 1 mysql mysql   52 Nov  3 11:22 aria_log_control
    -rw-rw---- 1 mysql mysql  16K Nov  3 11:22 aria_log.00000001
    -rw-rw---- 1 mysql mysql  12M Nov  3 11:22 ibtmp1
    -rw-rw---- 1 mysql mysql 256M Nov  3 11:22 ib_logfile0
    srwxrwxrwx 1 mysql mysql    0 Nov  3 11:22 mysql.sock
    -rw-rw---- 1 mysql mysql    8 Nov  3 11:22 almalinux-s-4vcpu-8gb-amd-nyc3-01.pid
    

    Code (Text):
    mysql_upgrade --verbose
    Looking for 'mariadb' as: mariadb
    Looking for 'mariadb-check' as: mariadb-check
    Major version upgrade detected from 10.4.31-MariaDB to 10.5.22-MariaDB. Check required!
    Phase 1/7: Checking and upgrading mysql database
    Processing databases
    mysql
    mysql.column_stats                                 OK
    mysql.columns_priv                                 OK
    mysql.db                                           OK
    mysql.event                                        OK
    mysql.func                                         OK
    mysql.global_priv                                  OK
    mysql.gtid_slave_pos                               OK
    mysql.help_category                                OK
    mysql.help_keyword                                 OK
    mysql.help_relation                                OK
    mysql.help_topic                                   OK
    mysql.index_stats                                  OK
    mysql.innodb_index_stats                           OK
    mysql.innodb_table_stats                           OK
    mysql.plugin                                       OK
    mysql.proc                                         OK
    mysql.procs_priv                                   OK
    mysql.proxies_priv                                 OK
    mysql.roles_mapping                                OK
    mysql.servers                                      OK
    mysql.table_stats                                  OK
    mysql.tables_priv                                  OK
    mysql.time_zone                                    OK
    mysql.time_zone_leap_second                        OK
    mysql.time_zone_name                               OK
    mysql.time_zone_transition                         OK
    mysql.time_zone_transition_type                    OK
    mysql.transaction_registry                         OK
    Phase 2/7: Installing used storage engines... Skipped
    Phase 3/7: Fixing views
    Processing databases
    db2name
    dbname
    information_schema
    mysql
    mysql.user                                         OK
    performance_schema
    test
    Phase 4/7: Running 'mysql_fix_privilege_tables'
    Phase 5/7: Fixing table and database names
    Processing databases
    db2name
    dbname
    information_schema
    mysql
    performance_schema
    test
    Phase 6/7: Checking and upgrading tables
    Processing databases
    db2name
    dbname
    information_schema
    performance_schema
    test
    Phase 7/7: Running 'FLUSH PRIVILEGES'
    OK
    

    Code (Text):
    ------------------------------------------------
    Installing MariaDB 10 plugins
    ------------------------------------------------
    mysql -e "INSTALL SONAME 'metadata_lock_info';"
    mysql -e "INSTALL SONAME 'query_cache_info';"
    mysql -e "INSTALL SONAME 'query_response_time';"
    mysql -t -e "SELECT * FROM mysql.plugin;"
    +---------------------------+------------------------+
    | name                      | dl                     |
    +---------------------------+------------------------+
    | METADATA_LOCK_INFO        | metadata_lock_info.so  |
    | QUERY_CACHE_INFO          | query_cache_info.so    |
    | QUERY_RESPONSE_TIME       | query_response_time.so |
    | QUERY_RESPONSE_TIME_AUDIT | query_response_time.so |
    +---------------------------+------------------------+
    

    Code (Text):
    mysql -t -e "SHOW PLUGINS;"
    +-------------------------------+----------+--------------------+------------------------+---------+
    | Name                          | Status   | Type               | Library                | License |
    +-------------------------------+----------+--------------------+------------------------+---------+
    | binlog                        | ACTIVE   | STORAGE ENGINE     | NULL                   | GPL     |
    | mysql_native_password         | ACTIVE   | AUTHENTICATION     | NULL                   | GPL     |
    | mysql_old_password            | ACTIVE   | AUTHENTICATION     | NULL                   | GPL     |
    | CSV                           | ACTIVE   | STORAGE ENGINE     | NULL                   | GPL     |
    | MEMORY                        | ACTIVE   | STORAGE ENGINE     | NULL                   | GPL     |
    | Aria                          | ACTIVE   | STORAGE ENGINE     | NULL                   | GPL     |
    | MyISAM                        | ACTIVE   | STORAGE ENGINE     | NULL                   | GPL     |
    | MRG_MyISAM                    | ACTIVE   | STORAGE ENGINE     | NULL                   | GPL     |
    | SPATIAL_REF_SYS               | ACTIVE   | INFORMATION SCHEMA | NULL                   | GPL     |
    | GEOMETRY_COLUMNS              | ACTIVE   | INFORMATION SCHEMA | NULL                   | GPL     |
    | inet6                         | ACTIVE   | DATA TYPE          | NULL                   | GPL     |
    | inet_aton                     | ACTIVE   | FUNCTION           | NULL                   | GPL     |
    | inet_ntoa                     | ACTIVE   | FUNCTION           | NULL                   | GPL     |
    | inet6_aton                    | ACTIVE   | FUNCTION           | NULL                   | GPL     |
    | inet6_ntoa                    | ACTIVE   | FUNCTION           | NULL                   | GPL     |
    | is_ipv4                       | ACTIVE   | FUNCTION           | NULL                   | GPL     |
    | is_ipv6                       | ACTIVE   | FUNCTION           | NULL                   | GPL     |
    | is_ipv4_compat                | ACTIVE   | FUNCTION           | NULL                   | GPL     |
    | is_ipv4_mapped                | ACTIVE   | FUNCTION           | NULL                   | GPL     |
    | CLIENT_STATISTICS             | ACTIVE   | INFORMATION SCHEMA | NULL                   | GPL     |
    | INDEX_STATISTICS              | ACTIVE   | INFORMATION SCHEMA | NULL                   | GPL     |
    | TABLE_STATISTICS              | ACTIVE   | INFORMATION SCHEMA | NULL                   | GPL     |
    | USER_STATISTICS               | ACTIVE   | INFORMATION SCHEMA | NULL                   | GPL     |
    | wsrep                         | ACTIVE   | REPLICATION        | NULL                   | GPL     |
    | SQL_SEQUENCE                  | ACTIVE   | STORAGE ENGINE     | NULL                   | GPL     |
    | InnoDB                        | ACTIVE   | STORAGE ENGINE     | NULL                   | GPL     |
    | INNODB_TRX                    | ACTIVE   | INFORMATION SCHEMA | NULL                   | GPL     |
    | INNODB_LOCKS                  | ACTIVE   | INFORMATION SCHEMA | NULL                   | GPL     |
    | INNODB_LOCK_WAITS             | ACTIVE   | INFORMATION SCHEMA | NULL                   | GPL     |
    | INNODB_CMP                    | ACTIVE   | INFORMATION SCHEMA | NULL                   | GPL     |
    | INNODB_CMP_RESET              | ACTIVE   | INFORMATION SCHEMA | NULL                   | GPL     |
    | INNODB_CMPMEM                 | ACTIVE   | INFORMATION SCHEMA | NULL                   | GPL     |
    | INNODB_CMPMEM_RESET           | ACTIVE   | INFORMATION SCHEMA | NULL                   | GPL     |
    | INNODB_CMP_PER_INDEX          | ACTIVE   | INFORMATION SCHEMA | NULL                   | GPL     |
    | INNODB_CMP_PER_INDEX_RESET    | ACTIVE   | INFORMATION SCHEMA | NULL                   | GPL     |
    | INNODB_BUFFER_PAGE            | ACTIVE   | INFORMATION SCHEMA | NULL                   | GPL     |
    | INNODB_BUFFER_PAGE_LRU        | ACTIVE   | INFORMATION SCHEMA | NULL                   | GPL     |
    | INNODB_BUFFER_POOL_STATS      | ACTIVE   | INFORMATION SCHEMA | NULL                   | GPL     |
    | INNODB_METRICS                | ACTIVE   | INFORMATION SCHEMA | NULL                   | GPL     |
    | INNODB_FT_DEFAULT_STOPWORD    | ACTIVE   | INFORMATION SCHEMA | NULL                   | GPL     |
    | INNODB_FT_DELETED             | ACTIVE   | INFORMATION SCHEMA | NULL                   | GPL     |
    | INNODB_FT_BEING_DELETED       | ACTIVE   | INFORMATION SCHEMA | NULL                   | GPL     |
    | INNODB_FT_CONFIG              | ACTIVE   | INFORMATION SCHEMA | NULL                   | GPL     |
    | INNODB_FT_INDEX_CACHE         | ACTIVE   | INFORMATION SCHEMA | NULL                   | GPL     |
    | INNODB_FT_INDEX_TABLE         | ACTIVE   | INFORMATION SCHEMA | NULL                   | GPL     |
    | INNODB_SYS_TABLES             | ACTIVE   | INFORMATION SCHEMA | NULL                   | GPL     |
    | INNODB_SYS_TABLESTATS         | ACTIVE   | INFORMATION SCHEMA | NULL                   | GPL     |
    | INNODB_SYS_INDEXES            | ACTIVE   | INFORMATION SCHEMA | NULL                   | GPL     |
    | INNODB_SYS_COLUMNS            | ACTIVE   | INFORMATION SCHEMA | NULL                   | GPL     |
    | INNODB_SYS_FIELDS             | ACTIVE   | INFORMATION SCHEMA | NULL                   | GPL     |
    | INNODB_SYS_FOREIGN            | ACTIVE   | INFORMATION SCHEMA | NULL                   | GPL     |
    | INNODB_SYS_FOREIGN_COLS       | ACTIVE   | INFORMATION SCHEMA | NULL                   | GPL     |
    | INNODB_SYS_TABLESPACES        | ACTIVE   | INFORMATION SCHEMA | NULL                   | GPL     |
    | INNODB_SYS_DATAFILES          | ACTIVE   | INFORMATION SCHEMA | NULL                   | GPL     |
    | INNODB_SYS_VIRTUAL            | ACTIVE   | INFORMATION SCHEMA | NULL                   | GPL     |
    | INNODB_MUTEXES                | ACTIVE   | INFORMATION SCHEMA | NULL                   | GPL     |
    | INNODB_SYS_SEMAPHORE_WAITS    | ACTIVE   | INFORMATION SCHEMA | NULL                   | GPL     |
    | INNODB_TABLESPACES_ENCRYPTION | ACTIVE   | INFORMATION SCHEMA | NULL                   | BSD     |
    | PERFORMANCE_SCHEMA            | ACTIVE   | STORAGE ENGINE     | NULL                   | GPL     |
    | SEQUENCE                      | ACTIVE   | STORAGE ENGINE     | NULL                   | GPL     |
    | unix_socket                   | ACTIVE   | AUTHENTICATION     | NULL                   | GPL     |
    | FEEDBACK                      | DISABLED | INFORMATION SCHEMA | NULL                   | GPL     |
    | user_variables                | ACTIVE   | INFORMATION SCHEMA | NULL                   | GPL     |
    | THREAD_POOL_GROUPS            | ACTIVE   | INFORMATION SCHEMA | NULL                   | GPL     |
    | THREAD_POOL_QUEUES            | ACTIVE   | INFORMATION SCHEMA | NULL                   | GPL     |
    | THREAD_POOL_STATS             | ACTIVE   | INFORMATION SCHEMA | NULL                   | GPL     |
    | THREAD_POOL_WAITS             | ACTIVE   | INFORMATION SCHEMA | NULL                   | GPL     |
    | partition                     | ACTIVE   | STORAGE ENGINE     | NULL                   | GPL     |
    | METADATA_LOCK_INFO            | ACTIVE   | INFORMATION SCHEMA | metadata_lock_info.so  | GPL     |
    | QUERY_CACHE_INFO              | ACTIVE   | INFORMATION SCHEMA | query_cache_info.so    | BSD     |
    | QUERY_RESPONSE_TIME           | ACTIVE   | INFORMATION SCHEMA | query_response_time.so | GPL     |
    | QUERY_RESPONSE_TIME_AUDIT     | ACTIVE   | AUDIT              | query_response_time.so | GPL     |
    +-------------------------------+----------+--------------------+------------------------+---------+
    

    Code (Text):
    mysql -t -e "SHOW ENGINES;"
    +--------------------+---------+-------------------------------------------------------------------------------------------------+--------------+------+------------+
    | Engine             | Support | Comment                                                                                         | Transactions | XA   | Savepoints |
    +--------------------+---------+-------------------------------------------------------------------------------------------------+--------------+------+------------+
    | CSV                | YES     | Stores tables as CSV files                                                                      | NO           | NO   | NO         |
    | MRG_MyISAM         | YES     | Collection of identical MyISAM tables                                                           | NO           | NO   | NO         |
    | MEMORY             | YES     | Hash based, stored in memory, useful for temporary tables                                       | NO           | NO   | NO         |
    | Aria               | YES     | Crash-safe tables with MyISAM heritage. Used for internal temporary tables and privilege tables | NO           | NO   | NO         |
    | MyISAM             | YES     | Non-transactional engine with good performance and small data footprint                         | NO           | NO   | NO         |
    | SEQUENCE           | YES     | Generated tables filled with sequential values                                                  | YES          | NO   | YES        |
    | InnoDB             | DEFAULT | Supports transactions, row-level locking, foreign keys and encryption for tables                | YES          | YES  | YES        |
    | PERFORMANCE_SCHEMA | YES     | Performance Schema                                                                              | NO           | NO   | NO         |
    +--------------------+---------+-------------------------------------------------------------------------------------------------+--------------+------+------------+
    

    Code (Text):
    systemctl restart mariadb.service
    
    NotifyAccess=all
    LimitNOFILE=524288
    LimitNOFILESoft=524288
    OOMScoreAdjust=-1000
    
    systemctl enable mariadb.service
    Created symlink /etc/systemd/system/multi-user.target.wants/mariadb.service → /usr/lib/systemd/system/mariadb.service.
    

    Code (Text):
    mysqladmin  Ver 9.1 Distrib 10.5.22-MariaDB, for Linux on x86_64
    Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
    
    Server version          10.5.22-MariaDB
    Protocol version        10
    Connection              Localhost via UNIX socket
    UNIX socket             /var/lib/mysql/mysql.sock
    Uptime:                 0 sec
    
    Threads: 1  Questions: 1  Slow queries: 0  Opens: 17  Open tables: 10  Queries per second avg: 0.000
    
    ------------------------------------------------
    MariaDB 10.5.x Upgrade completed
    ------------------------------------------------
    

    Then you do the same for centmin.sh menu option 11 submenu option 10 for MariaDB 10.5 to 10.6 upgrade. End result is MariaDB 10.6 LTS release from official MariaDB YUM repo.

    Code (Text):
    mysqladmin ver
    mysqladmin  Ver 9.1 Distrib 10.6.15-MariaDB, for Linux on x86_64
    Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
    
    Server version          10.6.15-MariaDB
    Protocol version        10
    Connection              Localhost via UNIX socket
    UNIX socket             /var/lib/mysql/mysql.sock
    Uptime:                 2 min 22 sec
    
    Threads: 1  Questions: 2  Slow queries: 0  Opens: 17  Open tables: 10  Queries per second avg: 0.014
    
     
  7. eva2000

    eva2000 Administrator Staff Member

    51,740
    11,946
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,438
    Local Time:
    5:20 PM
    Nginx 1.25.x
    MariaDB 10.x

    Creating Nginx HTTPS HTTP/2 Vhost Domain Site



    Creating your first Centmin Mod Nginx HTTPS HTTP/2 based vhost domain is the same process as above for creating a Nginx HTTPS self-signed cert vhost domain.com for dummy tests using centmin.sh menu option 2 or via /usr/bin/nv command line as outlined here https://centminmod.com/nginx_domain_dns_setup.html.
    Code (Text):
    nv
    
    Usage: /usr/bin/nv [-d yourdomain.com] [-s y|n|yd] [-u ftpusername]
    
      -d  yourdomain.com or subdomain.yourdomain.com
      -s  ssl self-signed create = y or n or https only vhost = yd
      -u  your FTP username
    
      example:
    
      /usr/bin/nv -d yourdomain.com -s y -u ftpusername
      /usr/bin/nv -d yourdomain.com -s n -u ftpusername
      /usr/bin/nv -d yourdomain.com -s yd -u ftpusername


    To enable Nginx free Letsencrypt SSL certificate creation, read https://centminmod.com/letsencrypt-freessl.html where you set in the persistent config file /etc/centminmod/custom_config.inc the following variable(s).
    Code (Text):
    LETSENCRYPT_DETECT='y'
    

    If you want to use dual RSA 2048bit + ECDSA 256bit SSL certificates where ECDSA 256bit SSL certificates allow better HTTPS performance.
    Code (Text):
    LETSENCRYPT_DETECT='y'
    DUALCERTS='y'
    

    If LETSENCRYPT_DETECT='y' is enabled, the nv command line options expand for -s flag to the following:
    Code (Text):
    nv
    
    Usage: /usr/bin/nv [-d yourdomain.com] [-s y|n|yd|le|led|lelive|lelived] [-u ftpusername]
    
      -d  yourdomain.com or subdomain.yourdomain.com
      -s  ssl self-signed create = y or n or https only vhost = yd
      -s  le - letsencrypt test cert or led test cert with https default
      -s  lelive - letsencrypt live cert or lelived live cert with https default
      -u  your FTP username
    
      example:
    
      /usr/bin/nv -d yourdomain.com -s y -u ftpusername
      /usr/bin/nv -d yourdomain.com -s n -u ftpusername
      /usr/bin/nv -d yourdomain.com -s yd -u ftpusername
      /usr/bin/nv -d yourdomain.com -s le -u ftpusername
      /usr/bin/nv -d yourdomain.com -s led -u ftpusername
      /usr/bin/nv -d yourdomain.com -s lelive -u ftpusername
      /usr/bin/nv -d yourdomain.com -s lelived -u ftpusername


    I am going to provide 2 examples for creating Nginx HTTPS HTTP/2 based vhost that uses free Letsencrypt SSL certificates for 2 domains - one el8cf.centminmod.com behind Cloudflare orange cloud-enabled proxy and one el8nocf.centminmod.com not behind Cloudflare orange cloud proxy (grey clouded) using nv command line method. This allows you to script bulk creation of Nginx HTTPS vhosts if you want.

    If you are creating a domain with apex hostname i.e. domain.com and www.domain.com, you only need to pass and enter non-www version domain.com as Centmin Mod Nginx vhost routines will automatically create the www version.

    Non-Cloudflare Nginx vhost



    Not behind Cloudflare and using own DNS where you added DNS A record for el8nocf.centminmod.com to point to your server's public IP address. I have set the persistent config file /etc/centminmod/custom_config.inc the following variables to enable on Centmin Mod Nginx dual RSA 2048bit + ECDSA 256bit Letsencrypt SSL certificates as outlined at https://centminmod.com/letsencrypt-freessl.html. So modern browsers and if behind Cloudflare, will connect to Centmin Mod Nginx using better performing ECDSA 256bit based HTTPS and unsupported clients fallback to regular RSA 2048bit Letsencrypt SSL certificated based HTTPS.
    Code (Text):
    LETSENCRYPT_DETECT='y'
    DUALCERTS='y'
    

    I'm picking nv command's -s flag lelived option to default to HTTPS for Nginx vhost with live web browser trusted free Letsencrypt SSL certificates.
    Code (Text):
    /usr/bin/nv -d el8nocf.centminmod.com -s lelived -u ftpusername
    

    The resulting output is quite verbose. But here's the relevant parts:

    The pure-ftpd virtual FTP username and auto generated password andinfo
    Code (Text):
    -------------------------------------------------------------
    FTP hostname : 104.236.xxx.xxx
    FTP port : 21
    FTP mode : FTP (explicit SSL)
    FTP Passive (PASV) : ensure is checked/enabled
    FTP username created for el8nocf.centminmod.com : ftpusername
    FTP password created for el8nocf.centminmod.com : 8-FC&]Z0D(mG)(>GW,+Uq
    -------------------------------------------------------------
    vhost for el8nocf.centminmod.com created successfully
    

    The Nginx vhost config file for non-HTTPS and HTTPS locations. When you select nv -s lelived for HTTPS default, the non-HTTPS vhost is eventually removed. Your Letsencrypt SSL certificates are in Nginx vhost include file at /usr/local/nginx/conf/ssl/el8nocf.centminmod.com/el8nocf.centminmod.com.crt.key.conf
    Code (Text):
    domain: http://el8nocf.centminmod.com
    vhost conf file for el8nocf.centminmod.com created: /usr/local/nginx/conf/conf.d/el8nocf.centminmod.com.conf
    
    vhost ssl for el8nocf.centminmod.com created successfully
    
    domain: https://el8nocf.centminmod.com
    vhost ssl conf file for el8nocf.centminmod.com created: /usr/local/nginx/conf/conf.d/el8nocf.centminmod.com.ssl.conf
    /usr/local/nginx/conf/ssl/el8nocf.centminmod.com/el8nocf.centminmod.com.crt.key.conf created
    /usr/local/nginx/conf/ssl_include.conf created
    

    The contents of /usr/local/nginx/conf/ssl/el8nocf.centminmod.com/el8nocf.centminmod.com.crt.key.conf for Nginx dual RSA 2048bit + ECDSA 256bit
    Code (Text):
      ssl_dhparam /usr/local/nginx/conf/ssl/el8nocf.centminmod.com/dhparam.pem;
      ssl_certificate      /usr/local/nginx/conf/ssl/el8nocf.centminmod.com/el8nocf.centminmod.com-acme.cer;
      ssl_certificate_key  /usr/local/nginx/conf/ssl/el8nocf.centminmod.com/el8nocf.centminmod.com-acme.key;
    
      ssl_certificate      /usr/local/nginx/conf/ssl/el8nocf.centminmod.com/el8nocf.centminmod.com-acme-ecc.cer;
      ssl_certificate_key  /usr/local/nginx/conf/ssl/el8nocf.centminmod.com/el8nocf.centminmod.com-acme-ecc.key;
     
      #ssl_trusted_certificate /usr/local/nginx/conf/ssl/el8nocf.centminmod.com/el8nocf.centminmod.com-acme.cer;
      #ssl_trusted_certificate /usr/local/nginx/conf/ssl/el8nocf.centminmod.com/el8nocf.centminmod.com-acme-ecc.cer;
      ssl_trusted_certificate /usr/local/nginx/conf/ssl/el8nocf.centminmod.com/el8nocf.centminmod.com-dualcert-rsa-ecc.cer;
    

    Next output from nv command is listing a self-signed SSL certificate that is also created, it's used as fallback if Letsencrypt SSL domain verification and certificate issuance fails and includes a letsdebug API check log too at /root/centminlogs/letsdebug-el8nocf.centminmod.com-031123-235247.log
    Code (Text):
    Self-signed SSL Certificate: /usr/local/nginx/conf/ssl/el8nocf.centminmod.com/el8nocf.centminmod.com.crt
    SSL Private Key: /usr/local/nginx/conf/ssl/el8nocf.centminmod.com/el8nocf.centminmod.com.key
    SSL CSR File: /usr/local/nginx/conf/ssl/el8nocf.centminmod.com/el8nocf.centminmod.com.csr
    Backup SSL Private Key: /usr/local/nginx/conf/ssl/el8nocf.centminmod.com/el8nocf.centminmod.com-backup.key
    Backup SSL CSR File: /usr/local/nginx/conf/ssl/el8nocf.centminmod.com/el8nocf.centminmod.com-backup.csr
    letsdebug API check log: /root/centminlogs/letsdebug-el8nocf.centminmod.com-031123-235247.log
    

    Next nv output lists the Nginx vhost domain's public web root at /home/nginx/domains/el8nocf.centminmod.com/public and log directory at /home/nginx/domains/el8nocf.centminmod.com/log and file contents of all your current Nginx vhost config files at /usr/local/nginx/conf/conf.d/. It also lists the actual Nginx SSL certificate files in /usr/local/nginx/conf/ssl/el8nocf.centminmod.com
    Code (Text):
    upload files to /home/nginx/domains/el8nocf.centminmod.com/public
    vhost log files directory is /home/nginx/domains/el8nocf.centminmod.com/log
    
    -------------------------------------------------------------
    Current vhost listing at: /usr/local/nginx/conf/conf.d/
    
                      
    Nov 3   06:54   1.1K   demodomain.com.conf
    Nov 3   06:54   3.7K   domain.com.ssl.conf
    Nov 3   06:54   2.4K   domain.com.conf
    Nov 3   08:35   1.6K   virtual.conf
    Nov 3   23:53   3.6K   el8nocf.centminmod.com.ssl.conf
    
    -------------------------------------------------------------
    Current vhost ssl files listing at: /usr/local/nginx/conf/ssl/el8nocf.centminmod.com
    
                      
    Nov 3   05:43   424    dhparam.pem
    Nov 3   23:52   302    el8nocf.centminmod.com.key
    Nov 3   23:52   700    el8nocf.centminmod.com.csr
    Nov 3   23:52   1.3K   el8nocf.centminmod.com.crt
    Nov 3   23:53   396    acme-vhost-config.txt
    Nov 3   23:53   5.5K   el8nocf.centminmod.com-acme.cer
    Nov 3   23:53   1.7K   el8nocf.centminmod.com-acme.key
    Nov 3   23:53   5.5K   el8nocf.centminmod.com-fullchain-acme.key
    Nov 3   23:53   5.2K   el8nocf.centminmod.com-acme-ecc.cer
    Nov 3   23:53   227    el8nocf.centminmod.com-acme-ecc.key
    Nov 3   23:53   5.2K   el8nocf.centminmod.com-fullchain-acme-ecc.key
    Nov 3   23:53   850    el8nocf.centminmod.com.crt.key.conf
    Nov 3   23:53   11K    el8nocf.centminmod.com-dualcert-rsa-ecc.cer
    

    Next nv command output is commands that you can use to remove the Nginx vhost you just created
    Code (Text):
    -------------------------------------------------------------
    Commands to remove el8nocf.centminmod.com
    
     pure-pw userdel ftpusername
     rm -rf /usr/local/nginx/conf/conf.d/el8nocf.centminmod.com.conf
     rm -rf /usr/local/nginx/conf/conf.d/el8nocf.centminmod.com.ssl.conf
     rm -rf /usr/local/nginx/conf/ssl/el8nocf.centminmod.com/el8nocf.centminmod.com.crt
     rm -rf /usr/local/nginx/conf/ssl/el8nocf.centminmod.com/el8nocf.centminmod.com.key
     rm -rf /usr/local/nginx/conf/ssl/el8nocf.centminmod.com/el8nocf.centminmod.com.csr
     rm -rf /usr/local/nginx/conf/ssl/el8nocf.centminmod.com
     rm -rf /home/nginx/domains/el8nocf.centminmod.com
     rm -rf /root/.acme.sh/el8nocf.centminmod.com
     rm -rf /root/.acme.sh/el8nocf.centminmod.com_ecc
     rm -rf /usr/local/nginx/conf/pre-staticfiles-local-el8nocf.centminmod.com.conf
     service nginx restart
    

    Final nv command output is the actual automatic log file for this Nginx creation run at /root/centminlogs/centminmod_031123-235247_nginx_addvhost_nv.log which you can reference back to for any details you wanted from nv command output i.e. credentials, log and file paths etc.
    Code (Text):
    -------------------------------------------------------------
    vhost for el8nocf.centminmod.com setup successfully
    el8nocf.centminmod.com setup info log saved at:
    /root/centminlogs/centminmod_031123-235247_nginx_addvhost_nv.log
    -------------------------------------------------------------
    

    If you list the automated log files in reverse date ascending order and filter grep on date timestamp, you can see the logs created for just this nv command line run. The Nginx vhost removal commands are also logged to log file at /root/centminlogs/centminmod_031123-235247_nginx_addvhost_nv-remove-cmds-el8nocf.centminmod.com.log
    Code (Text):
    ls -lAls -lAhrt /root/centminlogs | grep '031123-235247'
    
    4.0K -rw-r--r-- 1 root root  264 Nov  3 23:53 letsdebug-el8nocf.centminmod.com-031123-235247.log
    4.0K -rw-r--r-- 1 root root 1.4K Nov  3 23:53 centminmod_031123-235247_nginx_addvhost_nv-remove-cmds-el8nocf.centminmod.com.log
     36K -rw-r--r-- 1 root root  33K Nov  3 23:53 centminmod_031123-235247_nginx_addvhost_nv.log
    

    Doing quick curl header response check for created Centmin Mod Nginx vhost
    Code (Text):
    curl -I https://el8nocf.centminmod.com
    
    HTTP/2 200
    date: Sat, 04 Nov 2023 00:07:01 GMT
    content-type: text/html; charset=utf-8
    content-length: 6416
    last-modified: Fri, 03 Nov 2023 23:52:48 GMT
    vary: Accept-Encoding
    etag: "654587d0-1910"
    server: nginx centminmod
    x-powered-by: centminmod
    x-xss-protection: 1; mode=block
    x-content-type-options: nosniff
    accept-ranges: bytes
    


    Cloudflare Orange Clouded Nginx vhost



    Cloudflare orange cloud-enabled where DNS where you added DNS A record for el8cf.centminmod.com to point to your server's public IP address but will show Cloudflare CDN IPs to visitors hiding your real server public IP address. I have set the persistent config file /etc/centminmod/custom_config.inc the following variables to enable on Centmin Mod Nginx dual RSA 2048bit + ECDSA 256bit Letsencrypt SSL certificates as outlined at https://centminmod.com/letsencrypt-freessl.html. So modern browsers and if behind Cloudflare, will connect to Centmin Mod Nginx using better performing ECDSA 256bit based HTTPS and unsupported clients fallback to regular RSA 2048bit Letsencrypt SSL certificated based HTTPS.

    I could do it same way I did above using Centmin Mod's default Letsencrypt intergration using webroot domain validation. But if you run Centmin Mod Nginx behind Cloudflare orange proxy cloud enabled services, sometimes there maybe issues with webroot domain validation. So instead we can use Cloudflare DNS API method of domain validation as outlined at https://centminmod.com/letsencrypt-freessl.html#dns.

    Cloudflare DNS API domain validation for Letsencrypt SSL certificate issuance that can be optionally enabled via variables when Cloudflare API Token is set in persistent config file at /etc/centminmod/custom_config.inc. Add these three variables to their persistent config file - create the file if it doesn't already exist. This method is recommended if your Centmin Mod Nginx domain is behind Cloudflare orange cloud enabled proxy and you have Cloudflare Full or Full Strict SSL mode enabled.
    Code (Text):
    CF_DNSAPI_GLOBAL='y'
    CF_Token="YOUR_CF_TOKEN"
    CF_Account_ID="YOUR_CF_ACCOUNT_ID"


    Cloudflare API Tokens, requires you to create your Cloudflare Token API with permissions for read access to Zone.Zone, and edit/write access to Zone.DNS, across all Zones at https://dash.cloudflare.com/profile/api-tokens and to grab your Cloudflare Account ID from any of your Cloudflare domain's main dashboard's right side column listing.

    Only one Cloudflare Account is supported, so intended domains need to be within same Cloudflare Account unless you have Cloudflare Account with invited administrator access to other Cloudflare Accounts and you can generate the CF API Token to include access to the other Cloudflare Accounts.

    You can verify the persistent config file set variables for Cloudflare API token are at least working using underlying addons/acmetool.sh check_cfapi command
    Code (Text):
    /usr/local/src/centminmod/addons/acmetool.sh check_cfapi
    Verifying working Cloudflare DNS API Credentials
    CF API Tokens detected
    Ok: CF API Token works
    


    I'm picking nv command's -s flag lelived option to default to HTTPS for Nginx vhost with live web browser trusted free Letsencrypt SSL certificates. This time instead of using Letsencrypt webroot authentication to validate the domain, you'd use Cloudflare DNS API where you already have added to Cloudflare DNS the hostname el8cf.centminmod.com with A record pointing to your server's public IP address and the DNS record is orange cloud proxy enabled to hide your server's public IP to visitors and instead the visitors see Cloudflare's IP addresses.
    Code (Text):
    /usr/bin/nv -d el8cf.centminmod.com -s lelived -u ftpusername2
    

    The resulting output is like before very verbose and basically the same. Just with the Letsencrypt SSL issuance and validation they will differ and notice it's automatically using Cloudflare DNS API validation via adding a TEXT record.
    Code (Text):
    -----------------------------------------------------------
    issue & install letsencrypt ssl certificate for el8cf.centminmod.com
    -----------------------------------------------------------
    testcert value = lived
    /root/.acme.sh/acme.sh --dns dns_cf --issue -d el8cf.centminmod.com --days 60 --pre-hook "/usr/local/src/centminmod/tools/pre-acme-hooks.sh all-check el8cf.centminmod.com" -w "/home/nginx/domains/el8cf.centminmod.com/public" -k "2048" --useragent "centminmod-centos8-acmesh-webroot" --log /root/centminlogs/acmetool.sh-debug-log-041123-001744.log --log-level 2 --preferred-chain  "ISRG"
    [Sat Nov  4 00:17:48 UTC 2023] Using CA: https://acme-v02.api.letsencrypt.org/directory
    [Sat Nov  4 00:17:48 UTC 2023] Run pre hook:'/usr/local/src/centminmod/tools/pre-acme-hooks.sh all-check el8cf.centminmod.com'
    Nginx root path: /home/nginx/domains/el8cf.centminmod.com/public
    Le_Webroot: dns_cf,/home/nginx/domains/el8cf.centminmod.com/public
    The root paths match. Proceeding with the acme.sh operation.
    [Sat Nov  4 00:17:48 UTC 2023] Creating domain key
    [Sat Nov  4 00:17:48 UTC 2023] The domain key is here: /root/.acme.sh/el8cf.centminmod.com/el8cf.centminmod.com.key
    [Sat Nov  4 00:17:48 UTC 2023] Single domain='el8cf.centminmod.com'
    [Sat Nov  4 00:17:48 UTC 2023] Getting domain auth token for each domain
    [Sat Nov  4 00:17:49 UTC 2023] Getting webroot for domain='el8cf.centminmod.com'
    [Sat Nov  4 00:17:49 UTC 2023] Adding txt value: LIWD8WdqG0LScsNJ2822NCLH3SoU3ok0WvFFbpaDcUM for domain:  _acme-challenge.el8cf.centminmod.com
    [Sat Nov  4 00:17:54 UTC 2023] Adding record
    [Sat Nov  4 00:17:55 UTC 2023] Added, OK
    [Sat Nov  4 00:17:55 UTC 2023] The txt record is added: Success.
    [Sat Nov  4 00:17:55 UTC 2023] Let's check each DNS record now. Sleep 20 seconds first.
    [Sat Nov  4 00:18:15 UTC 2023] You can use '--dnssleep' to disable public dns checks.
    [Sat Nov  4 00:18:15 UTC 2023] See: https://github.com/acmesh-official/acme.sh/wiki/dnscheck
    [Sat Nov  4 00:18:15 UTC 2023] Checking el8cf.centminmod.com for _acme-challenge.el8cf.centminmod.com
    [Sat Nov  4 00:18:15 UTC 2023] Not valid yet, let's wait 10 seconds and check next one.
    [Sat Nov  4 00:18:25 UTC 2023] Let's wait 10 seconds and check again.
    [Sat Nov  4 00:18:35 UTC 2023] You can use '--dnssleep' to disable public dns checks.
    [Sat Nov  4 00:18:35 UTC 2023] See: https://github.com/acmesh-official/acme.sh/wiki/dnscheck
    [Sat Nov  4 00:18:35 UTC 2023] Checking el8cf.centminmod.com for _acme-challenge.el8cf.centminmod.com
    [Sat Nov  4 00:18:36 UTC 2023] Domain el8cf.centminmod.com '_acme-challenge.el8cf.centminmod.com' success.
    [Sat Nov  4 00:18:36 UTC 2023] All success, let's return
    [Sat Nov  4 00:18:36 UTC 2023] Verifying: el8cf.centminmod.com
    [Sat Nov  4 00:18:36 UTC 2023] Pending, The CA is processing your order, please just wait. (1/30)
    [Sat Nov  4 00:18:38 UTC 2023] Success
    [Sat Nov  4 00:18:38 UTC 2023] Removing DNS records.
    [Sat Nov  4 00:18:38 UTC 2023] Removing txt: LIWD8WdqG0LScsNJ2822NCLH3SoU3ok0WvFFbpaDcUM for domain: _acme-challenge.el8cf.centminmod.com
    [Sat Nov  4 00:18:47 UTC 2023] Removed: Success
    [Sat Nov  4 00:18:47 UTC 2023] Verify finished, start to sign.
    [Sat Nov  4 00:18:47 UTC 2023] Lets finalize the order.
    

    And automatic log file for nv command line run.
    Code (Text):
    -------------------------------------------------------------
    vhost for el8cf.centminmod.com setup successfully
    el8cf.centminmod.com setup info log saved at:
    /root/centminlogs/centminmod_041123-001730_nginx_addvhost_nv.log
    -------------------------------------------------------------
    

    Once Centmin Mod Nginx vhost is created for site behind, Cloudflare, you will need to edit your Centmin Mod Nginx HTTPS vhost at /usr/local/nginx/conf/conf.d/el8cf.centminmod.com.ssl.conf and uncomment the /usr/local/nginx/conf/cloudflare.conf include file so that Nginx can log the real visitor's IP address instead of Cloudflare CDN edge proxy servers' IP addresses.

    So change from
    Code (Text):
      # uncomment cloudflare.conf include if using cloudflare for
      # server and/or vhost site
      #include /usr/local/nginx/conf/cloudflare.conf;
    

    to below removing hash # to uncomment the line
    Code (Text):
      # uncomment cloudflare.conf include if using cloudflare for
      # server and/or vhost site
      include /usr/local/nginx/conf/cloudflare.conf;
    

    You can uncomment other optional settings too. For instance, Centmin Mod Nginx vhost template includes access log and error log paths but also a 2nd commented out disabled JSON formatted access log that you may want to enable.
    Code (Text):
      access_log /home/nginx/domains/el8cf.centminmod.com/log/access.log combined buffer=256k flush=5m;
      #access_log /home/nginx/domains/el8cf.centminmod.com/log/access.json main_json buffer=256k flush=5m;
      error_log /home/nginx/domains/el8cf.centminmod.com/log/error.log;
    

    Nginx users may be confused to see there isn't a clear PHP location context to match PHP requests in Nginx vhost config file as it's actually located in /usr/local/nginx/conf/php.conf include file which you can add to location contexts in your vhost where you may server PHP files
    Code (Text):
    include /usr/local/nginx/conf/php.conf;

    Also if you're running Centmin Mod Nginx behind Cloudflare and have Cloudflare FULL/FULL Strict SSL and/or HTTPS default/redirect enabled, then you can edit and comment out the Nginx vhost's non-https to https 302 redirect server{} context like below so you do not get a too many redirects loop error message.
    Code (Text):
    #x# HTTPS-DEFAULT
     server {
       listen   80;
    #x#  
       server_name el8cf.centminmod.com www.el8cf.centminmod.com;
       return 302 https://el8cf.centminmod.com$request_uri;
       root /home/nginx/domains/el8cf.centminmod.com/public;
       include /usr/local/nginx/conf/staticfiles.conf;
     }

    Then after editing Nginx vhost you can restart Nginx via command
    Code (Text):
    systemctl restart nginx
    

    or command shortcut
    Code (Text):
    ngxrestart

    If you need to restart Nginx + PHP-FPM via command
    Code (Text):
    systemctl restart nginx php-fpm
    

    or command shortcut
    Code (Text):
    nprestart


    Doing quick curl header response check for created Centmin Mod Nginx vhost
    Code (Text):
    curl -I https://el8cf.centminmod.com
    
    HTTP/2 200
    date: Sat, 04 Nov 2023 00:19:52 GMT
    content-type: text/html; charset=utf-8
    last-modified: Sat, 04 Nov 2023 00:17:31 GMT
    vary: Accept-Encoding
    etag: W/"65458d9b-1906"
    x-powered-by: centminmod
    x-xss-protection: 1; mode=block
    x-content-type-options: nosniff
    cf-cache-status: DYNAMIC
    set-cookie: __cf_bm=voIFrV.zFoowEmYPD.h0_JBvuBprZ2CRb4YG8eiDhts-1699057192-0-AVBUsgLFdq1+XrdK69RcGz+ZE2aygLdGZG1sRi8WvQ7WDvIkUcY1CWpP46lb+OYFEgQW26AwCKDey0sinvIbLMoCHnHf3fSP05puQpizAFsl; path=/; expires=Sat, 04-Nov-23 00:49:52 GMT; domain=.centminmod.com; HttpOnly; Secure; SameSite=None
    report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JaYKQB7eyO3Tyw0yTydQTDXLBoYZ6ytQuvs5WVTW3OpwhC1VvdDjGz6Yz9yHdO%2BH0YMDEM4eInoCkFezEEVByAOQ63T%2FLtuxIi47PEc6RY2SR0KTSX5k3b2%2Bym%2Fxkp5YMpEPkKnl"}],"group":"cf-nel","max_age":604800}
    nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
    server: cloudflare
    cf-ray: 8208b01d4bf31a17-EWR
    alt-svc: h3=":443"; ma=86400
    

    And checking what automatic logs were created for that nv command run
    Code (Text):
    ls -lAls -lAhrt /root/centminlogs | grep '041123-001730'
    4.0K -rw-r--r-- 1 root root  195 Nov  4 00:18 letsdebug-el8cf.centminmod.com-041123-001730.log
    4.0K -rw-r--r-- 1 root root 1.4K Nov  4 00:18 centminmod_041123-001730_nginx_addvhost_nv-remove-cmds-el8cf.centminmod.com.log
     36K -rw-r--r-- 1 root root  34K Nov  4 00:18 centminmod_041123-001730_nginx_addvhost_nv.log
    

    Finally, Centmin Mod's underlying addons/acmetool.sh checkdates option allows you to inspect all Nginx vhosts on your server to compare their issued Letsencrypt SSL certificates versus the ones installed on each Nginx vhost and list their expiry dates and SHA1 fingerprints and links to crt.sh certificate transparency and reports and also what method of Letsencrypt SSL certificate verification and issuance was used.
    Code (Text):
    /usr/local/src/centminmod/addons/acmetool.sh checkdates
    ----------------------------------------------
    nginx installed
    ----------------------------------------------
    
    /usr/local/nginx/conf/ssl/el8nocf.centminmod.com/el8nocf.centminmod.com-acme.cer
    SHA1 Fingerprint=AB2EF466629C13D99D94BA6C1C0561968D23166A
    certificate expires in 88 days on 1 Feb 2024
    
    /usr/local/nginx/conf/ssl/el8nocf.centminmod.com/el8nocf.centminmod.com-acme-ecc.cer
    SHA1 Fingerprint=439DC2852DC8FC12E42D2E5D57AAA9BE88D42E2E
    certificate expires in 88 days on 1 Feb 2024
    
    /usr/local/nginx/conf/ssl/el8cf.centminmod.com/el8cf.centminmod.com-acme.cer
    SHA1 Fingerprint=9B2A5E83CA7A0B3B3328CC8AA9BB98378613AF93
    certificate expires in 88 days on 1 Feb 2024
    
    /usr/local/nginx/conf/ssl/el8cf.centminmod.com/el8cf.centminmod.com-acme-ecc.cer
    SHA1 Fingerprint=1C470B835058D92E0610362C92C16A18E55E28A5
    certificate expires in 88 days on 1 Feb 2024
    

    Code (Text):
    ----------------------------------------------
    acme.sh obtained
    ----------------------------------------------
    
    /root/.acme.sh/el8nocf.centminmod.com/el8nocf.centminmod.com.cer
    SHA1 Fingerprint=AB2EF466629C13D99D94BA6C1C0561968D23166A
    [ below certifcate transparency link is only valid ~1hr after issuance ]
    https://crt.sh/?sha1=AB2EF466629C13D99D94BA6C1C0561968D23166A
    certificate expires in 88 days on 1 Feb 2024
    Letsencrypt validation method: Le_Webroot='/home/nginx/domains/el8nocf.centminmod.com/public'
    
    /root/.acme.sh/el8nocf.centminmod.com_ecc/el8nocf.centminmod.com.cer
    SHA1 Fingerprint=439DC2852DC8FC12E42D2E5D57AAA9BE88D42E2E
    [ below certifcate transparency link is only valid ~1hr after issuance ]
    https://crt.sh/?sha1=439DC2852DC8FC12E42D2E5D57AAA9BE88D42E2E
    certificate expires in 88 days on 1 Feb 2024
    Letsencrypt validation method: Le_Webroot='/home/nginx/domains/el8nocf.centminmod.com/public'
    
    /root/.acme.sh/el8cf.centminmod.com/el8cf.centminmod.com.cer
    SHA1 Fingerprint=9B2A5E83CA7A0B3B3328CC8AA9BB98378613AF93
    [ below certifcate transparency link is only valid ~1hr after issuance ]
    https://crt.sh/?sha1=9B2A5E83CA7A0B3B3328CC8AA9BB98378613AF93
    certificate expires in 88 days on 1 Feb 2024
    Letsencrypt validation method: Le_Webroot='dns_cf,/home/nginx/domains/el8cf.centminmod.com/public'
    
    /root/.acme.sh/el8cf.centminmod.com_ecc/el8cf.centminmod.com.cer
    SHA1 Fingerprint=1C470B835058D92E0610362C92C16A18E55E28A5
    [ below certifcate transparency link is only valid ~1hr after issuance ]
    https://crt.sh/?sha1=1C470B835058D92E0610362C92C16A18E55E28A5
    certificate expires in 88 days on 1 Feb 2024
    Letsencrypt validation method: Le_Webroot='dns_cf,/home/nginx/domains/el8cf.centminmod.com/public'
    
     
    Last edited: Nov 4, 2023
  8. eva2000

    eva2000 Administrator Staff Member

    51,740
    11,946
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,438
    Local Time:
    5:20 PM
    Nginx 1.25.x
    MariaDB 10.x

    Site Data Migration



    Centmin Mod 130.00beta01 in general is in the middle of revising it's centmin.sh menu option 21 for repurposing it for site/server data transfers and backups features. It's currently in my own private beta testing but you can follow discussions or updates using forum's tag for https://community.centminmod.com/tags/centminsh-menu-option-21/. The initial commit thread and example started at https://community.centminmod.com/th...ion-21-submenu-routine-in-130-00beta01.23773/.

    Preview centmin.sh menu option 21 documentation and examples of how it will work are posted on Centmin Mod Github repo at https://github.com/centminmod/centm...1/datamanagement/centmin.sh-menu-21.readme.md

    Code (Text):
    --------------------------------------------------------
        Centmin Mod Data Management       
    --------------------------------------------------------
    1).   Manage SSH Keys
    2).   Manage AWS CLI S3 Profile Credentials
    3).   Migrate Centmin Mod Data To New Centmin Mod Server
    4).   Backup Nginx Vhosts Data + MariaBackup MySQL Backups
    5).   Backup Nginx Vhosts Data Only (no MariaDB MySQL backups)
    6).   Backup MariaDB MySQL With MariaBackup Only (no Vhosts Data backups)
    7).   Backup MariaDB MySQL With mysqldump only (no Vhosts Data backups)
    8).   Transfer Directory Data To Remote Server Via SSH
    9).   Transfer Directory Data To S3 Compatible Storage
    10).  Transfer Files To S3 Compatible Storage
    11).  Download S3 Compatible Stored Data To Server
    12).  S3 To S3 Compatible Storage Transfers
    13).  List S3 Storage Buckets
    14).  Back to Main menu
    --------------------------------------------------------
    Enter option [ 1 - 14 ]
    --------------------------------------------------------
    


    Existing Site Data Migration Guides



    As centmin.sh menu option 21 development is still in private beta, there are older guides to reference for data migration and understanding the Centmin Mod LEMP stack structure of where files and directories are located and how it all fits together below.

    For moving site data there's 2 general guides where the principles & steps of backing up and moving data is the same just slightly different for
    1. Moving Centmin Mod site data to another Centmin Mod server
    2. Moving cPanel/WHM site data to Centmin Mod server
    Those guides move alot more than just the site(s) in question but config files etc. You can use your own best judgement as to the config files and whether you want to move them or just use the fresh server setup Centmin Mod config files as they get auto optimised for the server Centmin Mod initially installed on.

    If your old site isn't centmin mod or cpanel/whm based, then those guides won't be 100% applicable. But the general overview of what needs moving and where everything is structured in Centmin Mod LEMP environment is worth reading up on.

    Also official site configuration files page explains the Centmin Mod structure of where the important files are so you can decide on what to backup.
     
  9. eva2000

    eva2000 Administrator Staff Member

    51,740
    11,946
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,438
    Local Time:
    5:20 PM
    Nginx 1.25.x
    MariaDB 10.x

    Centmin Mod Github Repo & Development



    Centmin Mod LEMP stack is GPLv3 open source licensed so the code is available at the official Centmin Mod Github repository. If you like Centmin Mod and have a Github account, don't forget to star the Centmin Mod Github repo and you can also follow Centmin Mod code updates by watching the Github repo ;)

    If you don't want to be notified for all Centmin Mod Github updates, you can select Custom events to be notified for. Though for Centmin Mod's development workflow, only relevant custom event would be issues as it doesn't use discussions, releases etc.

    cmm-github-watch-01.png

    Every Centmin Mod code commit to the official Centmin Mod Github repo is also posted as a thread to Centmin Mod Github Commits forum https://community.centminmod.com/forums/centmin-mod-github-commits.41/ so you forum members can track Centmin Mod development and post questions and feedback as well.
    The Centmin Mod Insights forum has threads that dig deeper into Centmin Mod features. One such thread is for How To Keep Informed Of Centmin Mod Related Updates.
     
  10. eva2000

    eva2000 Administrator Staff Member

    51,740
    11,946
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,438
    Local Time:
    5:20 PM
    Nginx 1.25.x
    MariaDB 10.x

    Quick Centmin Mod Nginx Vhost + MariaDB MySQL Database Setup



    I can be long winded and there's a lot of info outlined in this threads' posts, so a quick take on Centmin Mod Nginx Vhost creation and MariaDB MySQL database creation and setup using addons/mysqladmin_shell.sh can be summarized below, as well as in older guide I posted on how you can bulk create Centmin Mod Nginx vhost domains and MariaDB MySQL databases at [Guide] Save time creating Nginx vhost & MySQL users and databases.

    To enable Nginx free Letsencrypt SSL certificate creation, read https://centminmod.com/letsencrypt-freessl.html where you set in the persistent config file /etc/centminmod/custom_config.inc the following variable(s).
    Code (Text):
    LETSENCRYPT_DETECT='y'

    If you want to use dual RSA 2048bit + ECDSA 256bit SSL certificates where ECDSA 256bit SSL certificates allow better HTTPS performance.
    Code (Text):
    LETSENCRYPT_DETECT='y'
    DUALCERTS='y'


    Then, update domain and subdomain DNS A records to point to your Centmin Mod server's public IP address.

    Then you can use nv command's -s flag lelived option to default to HTTPS for Nginx vhost with live web browser trusted free Letsencrypt SSL certificates. Change domain.com to your desired domain name and ftpusername to your desired username. And using addons/mysqladmin_shell.sh to create MariaDB MySQL database name and MySQL username/password. Replace mydbname, mydbuser, and mydbpass with the desired database name, user, and password, respectively.
    Code (Text):
    /usr/bin/nv -d domain.com -s lelived -u ftpusername
    /usr/local/src/centminmod/addons/mysqladmin_shell.sh createuserdb mydbname mydbuser mydbpass
    
     
  11. eva2000

    eva2000 Administrator Staff Member

    51,740
    11,946
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,438
    Local Time:
    5:20 PM
    Nginx 1.25.x
    MariaDB 10.x

    QR Code Support



    Centmin Mod has had QR Code encoding support for a while but hasn't been mentioned much. You can easily get text or info from your server's SSH session to your mobile device via qrencode command and quote wrap whatever text you want to transfer to your mobile device :)
    Code (Text):
    qrencode "text"

    Centmin Mod uses a default alias for qrencode command
    Code (Text):
    alias qrencode='qrencode -t ansiutf8'


    qrencode help info

    Code (Text):
    qrencode --help
    qrencode version 4.1.1
    Copyright (C) 2006-2017 Kentaro Fukuchi
    Usage: qrencode [-o FILENAME] [OPTION]... [STRING]
    Encode input data in a QR Code and save as a PNG or EPS image.
    
      -h, --help   display the help message. -h displays only the help of short
                   options.
    
      -o FILENAME, --output=FILENAME
                   write image to FILENAME. If '-' is specified, the result
                   will be output to standard output. If -S is given, structured
                   symbols are written to FILENAME-01.png, FILENAME-02.png, ...
                   (suffix is removed from FILENAME, if specified)
    
      -r FILENAME, --read-from=FILENAME
                   read input data from FILENAME.
    
      -s NUMBER, --size=NUMBER
                   specify module size in dots (pixels). (default=3)
    
      -l {LMQH}, --level={LMQH}
                   specify error correction level from L (lowest) to H (highest).
                   (default=L)
    
      -v NUMBER, --symversion=NUMBER
                   specify the minimum version of the symbol. See SYMBOL VERSIONS
                   for more information. (default=auto)
    
      -m NUMBER, --margin=NUMBER
                   specify the width of the margins. (default=4 (2 for Micro QR)))
    
      -d NUMBER, --dpi=NUMBER
                   specify the DPI of the generated PNG. (default=72)
    
      -t {PNG,PNG32,EPS,SVG,XPM,ANSI,ANSI256,ASCII,ASCIIi,UTF8,UTF8i,ANSIUTF8,ANSIUTF8i,ANSI256UTF8},
      --type={PNG,PNG32,EPS,SVG,XPM,ANSI,ANSI256,ASCII,ASCIIi,UTF8,UTF8i,ANSIUTF8,ANSIUTF8i,ANSI256UTF8}
                   specify the type of the generated image. (default=PNG)
    
      -S, --structured
                   make structured symbols. Version must be specified with '-v'.
    
      -k, --kanji  assume that the input text contains kanji (shift-jis).
    
      -c, --casesensitive
                   encode lower-case alphabet characters in 8-bit mode. (default)
    
      -i, --ignorecase
                   ignore case distinctions and use only upper-case characters.
    
      -8, --8bit   encode entire data in 8-bit mode. -k, -c and -i will be ignored.
    
      -M, --micro  encode in a Micro QR Code.
    
          --rle    enable run-length encoding for SVG.
    
          --svg-path
                   use single path to draw modules for SVG.
    
          --inline only useful for SVG output, generates an SVG without the XML tag.
    
          --foreground=RRGGBB[AA]
          --background=RRGGBB[AA]
                   specify foreground/background color in hexadecimal notation.
                   6-digit (RGB) or 8-digit (RGBA) form are supported.
                   Color output support available only in PNG, EPS and SVG.
    
          --strict-version
                   disable automatic version number adjustment. If the input data is
                   too large for the specified version, the program exits with the
                   code of 1.
    
      -V, --version
                   display the version number and copyrights of the qrencode.
    
          --verbose
                   display verbose information to stderr.
    
      [STRING]     input data. If it is not specified, data will be taken from
                   standard input.
    
    SYMBOL VERSIONS
                   The symbol versions of QR Code range from Version 1 to Version
                   40. Each version has a different module configuration or number
                   of modules, ranging from Version 1 (21 x 21 modules) up to
                   Version 40 (177 x 177 modules). Each higher version number
                   comprises 4 additional modules per side by default. See
                   http://www.qrcode.com/en/about/version.html for a detailed
                   version list.


    From Google Len's and QRDroid Android apps

    Screenshot_2023-11-06-09-31-56-088_com.google.android.googlequicksearchbox-edit~01.jpg

    QRDroid scanned

    Screenshot_2023-11-06-09-34-04-725_la.droid.qr-edit~01.jpg
     
Thread Status:
Not open for further replies.