CentOS 7.x create lightsail redmine instance

From Notes_Wiki
Revision as of 11:40, 6 March 2019 by Saurabh (talk | contribs)

<yambe:breadcrumb>CentOS_7.x_redmine|redmine</yambe:breadcrumb> <yambe:breadcrumb>CentOS_7.x_Setup_lightsail_instances|Setup lightsail instances</yambe:breadcrumb>

CentOS 7.x create lightsail redmine instance

To create a AWS ligtsail instance with redmine use following steps:

  1. Create appropriate lightsail instance
  2. For production instances create static IP and attach with instance
  3. Create DNS entry for FQDN mapping to static IP
  4. Allow HTTPS access to server in lightsail instance networking firewall section
  5. Download corresponding regions private key
  6. chmod 400 <private-key>
  7. ssh -i <private-key> centos@<instance-public-ip>
  8. sudo su -
  9. Disable SELinux
  10. yum -y install vim
  11. vim ~/.ssh/authorized_keys
    Add own key, Allow <private-key> direct root aaccess. (First line 155x)
  12. Set hostname
    hostname <desired-fqdn>
    vim /etc/hostname
  13. Exit
  14. ssh directly as root with self public key
  15. Search for bitnami installer URL
  16. yum -y install epel-release
  17. yum -y install wget
  18. wget '<Download-URL>' -O '<Installer-filename>'
  19. yum -y install perl-Data-Dumper
  20. Create appropriate swap space using CentOS 7.x adding swap space using file
  21. chmod +x <Installer-filename>
  22. ./<Installer-filename>
    Give standard answers with simple password and admin username. Email can be configured later.
  23. Setup fail2ban using CentOS 7.x fail2ban including firewalld using CentOS 7.x Basic firewalld configuration
  24. Set correct time zone CentOS 7.x Change system timezone
  25. Configure system to store history date time using Storing date / time along with commands in history
  26. exit and ssh again for history settings to take effect
  27. cd /opt/redmine-<ver>/apache2/htdocs
  28. mv index.html index-old.html
  29. wget sbarjatiya.com for downloading index.html containing HTTP meta refresh for redirection
  30. vim index.html
    Add redirect for /owncloud, Remove google identifier, Set appropriate name
  31. Login into redmine and enable authentication and disable self-signup. Optionally enable REST API access.
  32. Generate lets-encrypt certificate if public DNS FQDN is set using:
    /opt/redmine-<ver>/letsencrypt/scripts/generate-certificate.sh -m <admin-email-id> -d <FQDN>
    Run above command again if it fails first time.
    Refer: https://docs.bitnami.com/aws/how-to/generate-install-lets-encrypt-ssl/
  33. 'crontab -e' and update
    0 0 1 * * /opt/redmine-4.0.0-0/letsencrypt/lego
    line to to have first two digit 0 and 0 randomized to minutes between 5 to 55 and hour between 1 to 4
  34. Open site using https://<fqdn> and verify that it is opening properly
  35. For compulsary https access edit /opt/redmine-<ver>/apache2/conf/bitnami/bitnami.conf and under
    DocumentRoot "/opt/redmine-<ver>/apache2/htdocs"
    Append
    RewriteEngine On
    RewriteCond %{HTTPS} !=on
    RewriteRule ^/(.*) https://%{SERVER_NAME}/$1 [R,L]
  36. /opt/redmine-<ver>/ctlscript.sh restart apache
  37. Test whether automatic redirection to https is working in private browser
  38. yum -y install bzip2
  39. Open /opt/redmine-<ver>/apps/redmine/htdocs/config/database.yml and see database, username and password
    /opt/redmine-<ver>/mysql/bin/mysql -u bitnami -p bitnami_redmine
    with password read in above step
  40. Create /opt/take-database-backup.sh with following contents:
    /opt/redmine-<ver>/mysql/bin/mysqldump -u bitnami -p<password> bitnami_redmine | bzip2 > /opt/bitnami_redmine.sql.bz2
  41. chmod +x above file and test it by running.
  42. Configure backup for /opt folder which executes /opt/take-database-backup.sh before backup.
  43. Install logwatch and set /etc/aliases for root user



<yambe:breadcrumb>CentOS_7.x_redmine|redmine</yambe:breadcrumb> <yambe:breadcrumb>CentOS_7.x_Setup_lightsail_instances|Setup lightsail instances</yambe:breadcrumb>