Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision |
centos_8_migration_notes [2020/10/15 18:33] – juckins | centos_8_migration_notes [2021/06/11 14:48] – juckins |
---|
==== CentOS 8 Migration Notes ==== | ==== CentOS 8 Migration Notes ==== |
| |
<color #ed1c24>**Below is copied from [[centos_7_migration_notes|CentOS 7 Migration Notes]] so modify as needed.**</color> | Fix php for phpmyadmin: |
| |
| dnf install php-gd php-ldap php-mysqlnd php-pecl-mcrypt php-pecl-zip |
| |
| Also comment out the cookie validity setting in config.inc.php |
| |
| Secure the mariadb |
| |
| Fix php.ini from known good config |
| |
| Configure $HOME/.vimrc as the following: |
| |
| autocmd FileType * setlocal formatoptions-=c formatoptions-=r formatoptions-=o |
| |
| # python3 -m pip install --upgrade pip |
| # python3 -m pip install dictor |
| # python3 -m pip install wheel |
| # python3 -m pip install httplib2 |
| # python3 -m pip install PyMySQL |
| |
| PyMySQL v0.9.3 has been upgraded to v1.0.2 and requires modification to "connect" statement. |
| |
Other fixes: | Other fixes: |
* uninstall [[https://phoenixnap.com/kb/setup-configure-modsecurity-on-apache|mod_security]] if necessary | * uninstall [[https://phoenixnap.com/kb/setup-configure-modsecurity-on-apache|mod_security]] if necessary |
* [[https://www.digitalocean.com/community/tutorials/how-to-set-up-a-firewall-using-firewalld-on-centos-8|Add https and http to firewall rules]] | * [[https://www.digitalocean.com/community/tutorials/how-to-set-up-a-firewall-using-firewalld-on-centos-8|Add https and http to firewall rules]] |
| * ''firewall-cmd --zone=public --add-service=http --permanent'' |
| * ''firewall-cmd --zone=public --add-service=https --permanent'' |
* <color #ed1c24>MySQL / MariaDB Database and users</color> | * <color #ed1c24>MySQL / MariaDB Database and users</color> |
* [[https://www.digitalocean.com/community/tutorials/how-to-reset-your-mysql-or-mariadb-root-password|Reset mysql root password]] | * [[https://www.digitalocean.com/community/tutorials/how-to-reset-your-mysql-or-mariadb-root-password|Reset mysql root password]] |
* Note firewall rules | * Note firewall rules |
* [[https://serverfault.com/questions/655851/is-there-a-simple-way-to-export-import-firewalld-settings|Export Firewall Rules to new server]] | * [[https://serverfault.com/questions/655851/is-there-a-simple-way-to-export-import-firewalld-settings|Export Firewall Rules to new server]] |
| |
| <color #ed1c24>**Below is copied from [[centos_7_migration_notes|CentOS 7 Migration Notes]] so modify as needed.**</color> |
| |
Must-Have functionality: | Must-Have functionality: |
* Apache, MySQL, PHP, Perl | * Apache, MySQL, PHP, Perl |
* [[https://www.digitalocean.com/community/tutorials/how-to-protect-ssh-with-fail2ban-on-centos-7|fail2ban]] | * [[https://www.cyberciti.biz/faq/how-to-protect-ssh-with-fail2ban-on-centos-8/|fail2ban]] |
* edit /etc/fail2ban/jail.local to ban for longer than default of 1 hour | * edit /etc/fail2ban/jail.local to ban for longer than default of 1 hour |
* Check logs: # cat /var/log/fail2ban.log | * Check logs: # cat /var/log/fail2ban.log |
| |
* For other run-level info, see [[https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/System_Administrators_Guide/sect-Managing_Services_with_systemd-Targets.html#sect-Managing_Services_with_systemd-Targets-Change_Default|RHEL7 Working with Systemd Targets]] | * For other run-level info, see [[https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/System_Administrators_Guide/sect-Managing_Services_with_systemd-Targets.html#sect-Managing_Services_with_systemd-Targets-Change_Default|RHEL7 Working with Systemd Targets]] |
| |
| After machine has been running for a few days, don't forget to use "alpine" and check for local email from crons that indicate any errors or failures. |