Rocky Linux 8.4 Building a server

1.Disable SELinuxFirst, disable selinux. selinux is a feature that improves auditing and security in Linux, but when it is enabled, it restricts the behavior of services and settings to a great extent. For this reason, selinux is basically disabled in most cases.If you build a server while looking at a website and it does not work as expected, it may be due to the fact that selinux is enabled. So, don't forget to disable it after installation.

1.Creating a Certificate for SSL1.1 advance preparationThe RHEL8 series does not include CA, so use RHEL7 CA.① Copy the CA to /etc/pki/tls/misc/ using WINSCP, etc.➁Pass PATH to SSL commands[root@Lepard ~]# export PATH=/etc/pki/tls/misc:$PATH➂Edit the openssl.cnf file

1.Installation of Apache2 (httpd-2.4.39) and virtual host configuration1-1.Apache2 installation①Download and extract httpd-2.4.39Download[root@Lepard ~]# cd /usr/local/src/src]# wget http://archive.apache.org/dist/httpd/httpd-2.4.39.tar.gzExtracting the Apache tar filesrc]# tar zxvf httpd-2.4.39.tar.gz➁Download and extract apr and apr-util

1.Install Postfix and Dovecot1-1.Install the required software.[root@Lepard ~]# dnf -y install postfix dovecot cyrus-sasl cyrus-sasl-plain cyrus-sasl-devel[root@Lepard ~]# systemctl enable postfix[root@Lepard ~]# systemctl enable dovecot[root@Lepard ~]# systemctl enable saslauthdCheck if Postfix is installed.

FTP Server Inatall1. vsftpd Install# dnf -y install vsftpd2. vsftpd configurationSave the unedited vsftpd.conf with .bak

1.Web site data backup1-1.Backup under /var/www/html①Create a backup script file[root@Lepard ~]# cd /optopt]# vi backup_html.sh#!/bin/bashTODAY=`/bin/date +%Y%m%d`

1.Mysql8 Installation1-1.Install[root@Lepard ~]# dnf module -y install mysql:8.0[root@Lepard ~]# vi /etc/my.cnf.d/charset.cnf　(Create New)# Set the default character encoding# To handle 4-byte characters such as pictograms, use [utf8mb4][mysqld]character-set-server = utf8mb4[client]default-character-set = utf8mb4[root@Lepard ~]# systemctl enable --now mysql1-2.Security measures

1.Tripwire Installation1.1 Download and install[root@Lepard ~]# cd /usr/local/srcsrc]# wget https://rpmfind.net/linux/epel/8/Everything/x86_64/Packages/t/tripwire-2.4.3.7-5.el8.x86_64.rpmsrc]# rpm -Uvh tripwire-2.4.3.7-5.el8.x86_64.rpmIf you get a dependency error, enter the following

Rocky LinuxCentOS, which was positioned as a downstream of RHEL (Red Hat Enterprise Linux), will no longer be supported for CentOS 8 on December 31, 2021.There are three distributions (AlmaLinux, RockyLinux, and CentOS Stream 8) that are attracting attention as a destination for migrating from CentOS, but this time we will build a server using the latest version of RockyLinux 8.4 for the following reasons.CentOS Stream 8Stability concerns with RHEL upstreamSupport period until May 31, 2024AlmaLinuxAlmaLinux is a free RHEL clone that is being developed by CloudLinux, the developer of CloudLinux OS, a commercial Linux distribution, with the goal of binary compatibility with the current version of RHEL.Support period until 2029Rocky LinuxIt is a free RHEL clone by the project started by Gregory Kurtzer, the founder of CentOS, and is being developed by the community as a "production downstream version of RHEL".The company is also eager to acquire sponsors, including Amazon Web Services (AWS) and Google Cloud.Support period until 2029

1.Synchronize the server time with Japan Standard Time.Edit chrony.conf# vi /etc/chrony.confPer line 3.pool 2.centos.pool.ntp.org iburst↓server ntp.nict.jpserver ntp1.jst.mfeed.ad.jpserver ntp2.jst.mfeed.ad.jpRestart chrony2.virus protection2.1 Clam AntiVirus installation and definition/configuration file settings①Installing Clam AntiVirus# dnf --enablerepo=epel -y install clamav clamav-update clamav-scanner-systemd