Create installation-CentOS-7.sh #19

Mant1kor commented 2019年01月01日 18:48:54 +01:00 (Migrated from github.com)

Hi!
I created this script to install on the "clean" CentOS 7 system.
Everything seems to work, but someone else needs to check it out.
Also, please specify to which directories Apache should have access (read, read/write, cache ...). I am not sure that I've set up the correct SELinux context.

bookstack/
├── app
├── artisan
├── bootstrap
├── composer.json
├── composer.lock
├── composer.phar
├── config
├── database
├── LICENSE
├── package.json
├── package-lock.json
├── phpcs.xml
├── phpunit.xml
├── public
├── readme.md
├── resources
├── routes
├── server.php
├── storage
├── tests
├── themes
├── vendor
├── version
└── webpack.config.js

Hi! I created this script to install on the "clean" CentOS 7 system. Everything seems to work, but someone else needs to check it out. Also, please specify to which directories Apache should have access (read, read/write, cache ...). I am not sure that I've set up the correct SELinux context. bookstack/ ├── app ├── artisan ├── bootstrap ├── composer.json ├── composer.lock ├── composer.phar ├── config ├── database ├── LICENSE ├── package.json ├── package-lock.json ├── phpcs.xml ├── phpunit.xml ├── public ├── readme.md ├── resources ├── routes ├── server.php ├── storage ├── tests ├── themes ├── vendor ├── version └── webpack.config.js

Mant1kor commented 2019年01月02日 22:57:29 +01:00 (Migrated from github.com)

@ssddanbrown where can I find actual nginx BookStack config?
I can add choice what web-server to use.

@ssddanbrown where can I find _actual_ nginx BookStack config? I can add choice what web-server to use.

Mant1kor commented 2019年01月03日 19:10:35 +01:00 (Migrated from github.com)

Added option to choose
web-server: Apache2 or nginx
database: MySQL or MariaDB

Added option to choose web-server: Apache2 or nginx database: MySQL or MariaDB

ssddanbrown commented 2019年01月03日 19:33:22 +01:00 (Migrated from github.com)

Thanks @Mant1kor for this pull request. I'll need to find some time to review this. Might be a while since I'm unfamiliar with CentOS.

I'm in two minds about offering database and web server options. It's good from a technical-user point of view but it would complicate support and maintenance. I'll have a think.

I'm a bit surprised to see a script faking interaction for installs:

BookStackApp/devops@3c57877057/scripts/installation-CentOS-7.sh (L120-L127)

Is this standard practice for CentOS or can these packages be installed non-interactively? This way seems a little brittle, Only needs the messaging to change a little before potentially breaking.

Thanks @Mant1kor for this pull request. I'll need to find some time to review this. Might be a while since I'm unfamiliar with CentOS. I'm in two minds about offering database and web server options. It's good from a technical-user point of view but it would complicate support and maintenance. I'll have a think. I'm a bit surprised to see a script faking interaction for installs: https://github.com/BookStackApp/devops/blob/3c57877057cc1b25247869a1ca6981920dbfd20e/scripts/installation-CentOS-7.sh#L120-L127 Is this standard practice for CentOS or can these packages be installed non-interactively? This way seems a little brittle, Only needs the messaging to change a little before potentially breaking.

Mant1kor commented 2019年01月03日 20:11:11 +01:00 (Migrated from github.com)

@ssddanbrown MariaDB is very similar to MySQL.
I didn't face any problem, at least in version 10.3.

Now I can't make another working solution. MySQL 5.7 have default random temp password. My first try:

MYSQL_TEMP_PASS="$(grep 'temporary password' /var/log/mysqld.log | grep -o '............$')"
MYSQL_ROOT_PASS="$(head /dev/urandom | tr -dc A-Za-z0-9 | head -c 11)\$"
DB_PASS="$(head /dev/urandom | tr -dc A-Za-z0-9 | head -c 13)\$"
# Create Database
mysql --user root --password="$MYSQL_TEMP_PASS" --execute="ALTER USER 'root'@'localhost' IDENTIFIED BY '$MYSQL_ROOT_PASS';"
mysql --user root --password="$MYSQL_ROOT_PASS" --execute="CREATE DATABASE bookstack;"
mysql --user root --password="$MYSQL_ROOT_PASS" --execute="CREATE USER 'bookstack'@'localhost' IDENTIFIED BY '$DB_PASS';"
mysql --user root --password="$MYSQL_ROOT_PASS" --execute="GRANT ALL ON bookstack.* TO 'bookstack'@'localhost';FLUSH PRIVILEGES;"

First mysql login and ALTER USER complete successfully, but second login fail. I don't know why yet.
I'll try to find better solution and update the script.

@ssddanbrown MariaDB is very similar to MySQL. I didn't face any problem, at least in version 10.3. Now I can't make another working solution. MySQL 5.7 have default random temp password. My first try: ```shell MYSQL_TEMP_PASS="$(grep 'temporary password' /var/log/mysqld.log | grep -o '............$')" MYSQL_ROOT_PASS="$(head /dev/urandom | tr -dc A-Za-z0-9 | head -c 11)\$" DB_PASS="$(head /dev/urandom | tr -dc A-Za-z0-9 | head -c 13)\$" # Create Database mysql --user root --password="$MYSQL_TEMP_PASS" --execute="ALTER USER 'root'@'localhost' IDENTIFIED BY '$MYSQL_ROOT_PASS';" mysql --user root --password="$MYSQL_ROOT_PASS" --execute="CREATE DATABASE bookstack;" mysql --user root --password="$MYSQL_ROOT_PASS" --execute="CREATE USER 'bookstack'@'localhost' IDENTIFIED BY '$DB_PASS';" mysql --user root --password="$MYSQL_ROOT_PASS" --execute="GRANT ALL ON bookstack.* TO 'bookstack'@'localhost';FLUSH PRIVILEGES;" ``` First mysql login and ALTER USER complete successfully, but second login fail. I don't know why yet. I'll try to find better solution and update the script.

Mant1kor commented 2019年01月03日 21:03:01 +01:00 (Migrated from github.com)

Changed database config section to more stable (but less secure).

Changed database config section to more stable (but less secure).

Mant1kor commented 2019年01月04日 19:38:12 +01:00 (Migrated from github.com)

@ssddanbrown one more question. Is it necessary to set 755 permission to bootstrap/cache public/uploads storage? Isn't next commands be more secure?

chmod -R 754 bootstrap/cache public/uploads storage
chmod -R o+X bootstrap/cache public/uploads storage

and umask if needed

@ssddanbrown one more question. Is it necessary to set 75**5** permission to bootstrap/cache public/uploads storage? Isn't next commands be more secure? ```shell chmod -R 754 bootstrap/cache public/uploads storage chmod -R o+X bootstrap/cache public/uploads storage ``` and `umask` if needed

ssddanbrown commented 2021年09月25日 22:54:24 +02:00 (Migrated from github.com)

Thank for offering this @Mant1kor and sorry for my very late response, And apologies for forgetting about this when adding the other CentOS7 script I eventually did add to the repo.

I've made the decision though to stick to focused, non-branching, Ubuntu LTS script to keep any official support of maintenance achievable.

Thank for offering this @Mant1kor and sorry for my very late response, And apologies for forgetting about this when adding the other CentOS7 script I eventually did add to the repo. I've made the decision though to stick to focused, non-branching, Ubuntu LTS script to keep any official support of maintenance achievable.