Need to ask about oneliner install method

welcome @Kyvaith to Centmin Mod Community

Yup you can do it that way to create the /etc/centminmod/custom_config.inc persistent config file before install. Or just see 1st post at Beta Branch - Centmin Mod .09 beta branch Testing | Centmin Mod Community - there's a PHP 7.0.7 installer called betainstaller7.sh method at

Code (Text):

curl -O https://centminmod.com/betainstaller7.sh && chmod 0700 betainstaller7.sh && bash betainstaller7.sh

contents of betainstaller7.sh on git is at installer7.sh and you can see basically it does what you did above centminmod/installer7.sh at 123.09beta01 · centminmod/centminmod · GitHub

there's also a betainstaller-latest.sh

Code (Text):

curl -O https://centminmod.com/betainstaller-latest.sh && chmod 0700 betainstaller-latest.sh && bash betainstaller-latest.sh

which corresponds to installer-latest on github at centminmod/installer-latest.sh at 123.09beta01 · centminmod/centminmod · GitHub

Should give you some ideas.. you can even take the installer-latest.sh code and tweak it for your specific needs. For that best to ask in Centmin Mod Insights forum Centmin Mod Insights | Centmin Mod Community or install/upgrade forum Install & Upgrades or Pre-Install Questions | Centmin Mod Community

for wordpress post in blog/cms forum at Blogs & CMS usage | Centmin Mod Community

Threads you might want to participate in

• What are you using Centmin Mod for ?
• How did you find out about Centmin Mod ?
• What PHP Version do you use ?
• How much memory installed on server running Centmin Mod ?
• Fill out Centmin Mod 2016 Survey

Threads & Info To Bookmark

Threads to read, pages to bookmark and threads to watch/subscribe to get to know Centmin Mod would include:

• Getting Started Guide, FAQ and What's New and centmin.sh guide.
• How to Install Centmin Mod 1.2.3-eva2000.08 Stable - you'd want to bookmark or subscribe to this thread for updates to the code, bug fixes, security updates etc.
• How to upgrade Centmin Mod 1.2.3-eva2000.08+ stable
• How to troubleshoot initial installs (as well as find the log files for all software for troubleshooting).
• Centmin Mod Configuration Files Overview
• Centmin Mod + Youtube Resources - recently created to illustrate visually what Centmin Mod can do. Alot of the vidoes are to showcase Centmin Mod .08 betas features which eventually will become the next stable release.
• All things SSL https related at SSL - HTTPS as a Google ranking signal
• Centmin Mod Insights forum - delve deeper into Centmin Mod code if you want to tweak it or extend it yourself. Find out how PHP Opcode cachers like APC Cache, Zend Opcache and Xcache are configured and installed and how Memcached server is setup etc.
• Several ways to follow Centmin Mod code development and changes/commits via Github Commit forum or directly on Centmin Mod Github repository - 123.08stable branche
• For forums, also check threads in dedicated Forum Software Usage forums. Some Xenforo users including myself have posted out Nginx vhost configs at Xenforo - My Xenforo Nginx vhost configuration
• For Nginx Pagespeed check out the official site page for Centmin Mod's integration of ngx_pagespeed module. Also check out the prefix linked forum url Nginx, PHP-FPM & MariaDB MySQL | Centmin Mod Community easy way to jump into all threads and info related to ngx_pagespeed. In particular bookmark the Nginx PageSpeed Troubleshooting sticky thread as there is high chance you need to tweak your Nginx pagespeed.conf config file for your web apps and styles used. You can see an example of this forum's pagespeed.conf tweaked for Xenforo and my particular used Xenforo style/theme and some discussion of troubleshooting advertising and ngx_pagespeed.
• Nginx example configuration listing at centminmod.com/nginx_configure.html

Premium Membership

• Centmin Mod Premium Membership Benefits - including access to custom tailored dbbackup.sh mysql database backup script and updates/improvements.

 

actually you need a few more commands for unattended that are contained in installer.sh/installer7.sh/installer-latest.sh example centminmod/installer-latest.sh at 123.09beta01 · centminmod/centminmod · GitHub which you can tweak

Code (Text):

# switch from PHP 5.4.41 to 5.6.9 default with Zend Opcache
sed -i "s|^PHP_VERSION='.*'|PHP_VERSION='5.6.22'|" centmin.sh
sed -i "s|ZOPCACHEDFT='n'|ZOPCACHEDFT='y'|" centmin.sh

# disable axivo yum repo
#sed -i "s|AXIVOREPO_DISABLE=n|AXIVOREPO_DISABLE=y|" centmin.sh

# bypass initial setup email prompt
mkdir -p /etc/centminmod/
echo "NGINX_PAGESPEED=y" > /etc/centminmod/custom_config.inc
echo "ORESTY_LUANGINX=y" >> /etc/centminmod/custom_config.inc
echo "NGINX_XSLT='n'" >> /etc/centminmod/custom_config.inc
echo "NGINX_LIBBROTLI='y'" >> /etc/centminmod/custom_config.inc
# Nginx Dynamic Module Switches
echo "NGXDYNAMIC_XSLT='n'" >> /etc/centminmod/custom_config.inc
echo "NGXDYNAMIC_IMAGEFILTER='y'" >> /etc/centminmod/custom_config.inc
echo "NGXDYNAMIC_GEOIP='y'" >> /etc/centminmod/custom_config.inc
echo "NGXDYNAMIC_STREAM='y'" >> /etc/centminmod/custom_config.inc
echo "NGXDYNAMIC_HEADERSMORE='y'" >> /etc/centminmod/custom_config.inc
echo "NGXDYNAMIC_SETMISC='y'" >> /etc/centminmod/custom_config.inc
echo "NGXDYNAMIC_ECHO='y'" >> /etc/centminmod/custom_config.inc
echo "NGXDYNAMIC_SRCCACHE='y'" >> /etc/centminmod/custom_config.inc
echo "NGXDYNAMIC_MEMC='y'" >> /etc/centminmod/custom_config.inc
echo "NGXDYNAMIC_REDISTWO='y'" >> /etc/centminmod/custom_config.inc
echo "NGXDYNAMIC_NGXPAGESPEED='y'" >> /etc/centminmod/custom_config.inc
echo "NGXDYNAMIC_BROTLI='y'" >> /etc/centminmod/custom_config.inc
# echo "ORESTY_LUANGINXVER='0.10.4'" >> /etc/centminmod/custom_config.inc
echo "1" > /etc/centminmod/email-primary.ini
echo "2" > /etc/centminmod/email-secondary.ini
"${INSTALLDIR}/centminmod/centmin.sh" install
rm -rf /etc/centminmod/email-primary.ini
rm -rf /etc/centminmod/email-secondary.ini

probably best to take one of the installer-latest.sh and tweak just for the /etc/centminmod/custom_config.inc

Or if it's tooo confusing the command in your 1st post is fine

 

Now that you have posted a intro post, you can post elsewhere in the more appropriate forums

• for wordpress questions, post in blog/cms forum at Blogs & CMS usage and my post at PHP-FPM - php hacking shell jailed? | Centmin Mod Community
• for installer questions, best to ask in Centmin Mod Insights forum Centmin Mod Insights or install/upgrade forum Install & Upgrades or Pre-Install Questions

FYI php 7.0.7 is latest version not 7.0.0

FAQ item 2 covers users accounts you can't lock site accounts down to user level like cpanel/WHM as there is no 100% user isolation between site accounts on Centmin Mod.

Pure-ftpd virtual ftp users only isolates ftp Pure-FTPD Virtual FTP Users but isn't fully jailed like cpanel/WHM as Centmin Mod is not made or setup for shared hosting like cpanel/WHM but more for usage by trusted user (myself/yourself).

 

Understandable but any out of box nginx based lemp stack suffers from the same lack of isolation. May I ask what Nginx based lemp stack you're currently use that has jailed/chrooted user account based isolation ? Or you add chroot/jailed isolation yourself ?

Centmin Mod doesn't have such out of box, but you are welcome to add chroot/jailed user isolation yourself to Centmin Mod if you know how as it can be done just very very very and I mean very involved amount of work ! And can limit what you'd be able to run on an Nginx LEMP based web stack for certain web app/technologies like node.js based web apps.

Jailed chroot user I have planned on my to do list for Centmin Mod way into the future and should in theory limit this as each Nginx vhost and associated jailed chrooted user account will run on it's own user and group and be locked to within it's own account directory which would be in either /home/chroot_sftp/home/username or/home/chroot_shell/home/username structure.

Then each Nginx vhost user will also have their own PHP-FPM pools and config files i.e. /usr/local/nginx/conf/phpfpmd/phpfpm_user1.conf each running on their own user and group unique from other jailed chrooted users.

See very old working preview at Previews - Jailed / chrooted SFTP & SSH user Nginx vhost menu | Centmin Mod Community of what can be done manually yourself.

 

Yeah unfortunately no free nginx lemp stack based self hosted/installed solutions I know of have user jailed/chrooted protection and certainly not with what Centmin Mod's wide range of supported web apps/technologies and nginx module capabilities anyway. Centmin Mod centmin.sh option 22 wordpress auto installer is pretty much locked down time with rate limiting, http authenticated login protection, auto wordpress plugin (option core) updater cronjob and wpsecure include file that locks down wp-content and subdirectories. So your wordpress installs would be much more secure than if you manually did a wordpress install from various nginx + wordpress basic how to guides online

Especially if you use 123.09beta01 beta branches version of centmin.sh menu option 22 - details Wordpress Nginx Auto Installer (WP Super Cache)

Centmin Mod 123.09beta01 also has tools/autoprotect.sh cron setup per nginx vhost to auto protect and convert all detected 'deny from all' based .htaccess files to nginx location match deny all syntax contexts Beta Branch - autoprotect.sh - apache .htaccess check & migration to nginx deny all | Centmin Mod Community which protects more than just wordpress but any web app where developer wrote for apache .htaccess based servers and included .htaccess 'deny from all' bundled in their web scripts with intention of securing and not making public such directories.

Any other nginx based lemp stack would ignore such web developer included .htaccess files and leave open to all public internet the private directories that were never meant to be made public IF you didn't add a specific nginx location match context with deny all ! You don't need multiple wordpress or sites on nginx to suffer from nginx ignoring 'deny form all' .htaccess files when you do not add a specific location match context deny all in your nginx vhost. If you overlook to add a specific nginx location match context for .htaccess equivalent 'deny all' within your web app or web app's addons/plugins (wordpress plugins) and their included .htaccess 'deny from all', you are also potentially at risk.

 

Unfortunately outdated and never kept up with massive amount of improvements and code changes in 123.09beta01 now so needs alot of work and testing which i currently don't have time for

just the free ssl certificates integration from letsencrypt coming soon to 123.09beta01 is enough to invalid the old jailed user code Letsencrypt - Welcome to acmetool.sh - new letsencrypt addon for Centmin Mod LEMP stacks | Centmin Mod Community

check out change log for 123.09beta01 changes to come Change Log - CentminMod.com LEMP Nginx web stack for CentOS

 

Understandable, but being one person need to prioritise and make best use of my spare time i dedicate to Centmin Mod. Jailed user support under Nginx/PHP-FPM will 100% break alot of the features and future features being developed for Centmin Mod and will restrict what you can run properly on Centmin Mod LEMP stack and require end users probably to understand how to keep Jailed user environment up to date every time you update software on the server - which can't really be automated as there's no way to know what end users install by themselves on their servers. I also wouldn't be able to free support for troubleshooting and guidance for such.

Also in Jailed environment, server resources especially disk and memory usage will increase dramatically due to each jailed user having to have a jailed copy of all server binaries you want the jailed user to have access to.

If you're already using separate VPS for each site already, you can still use Centmin Mod LEMP stack anyway just to test the waters

 

Unfortunately, not right now. If there's any news I'd post it in Centmin Mod Docker development subforums or if folks more familiar with Docker contribute they can post it there too.

 

Not publicly available.. acmetool.sh will be it once public beta testing staging comes. That will be after i do internal testing and adding more features and perfecting it privately

@Brian King did ask how to do it manually on Centmin Mod for now and i posted some steps at Letsencrypt - Centmin Mod Letsencrypt Branch testing discussions | Page 3 | Centmin Mod Community be sure to read disclaimer in that post too.