Page History

...

All installations of ProVision require at least PHP 5.5 (and related extensions). CentOS 6 comes with PHP 5.3 by default. You can either add a repository which provides PHP 5.5 or install PHP manually.

The Webtatic and Remi repos both have versions of PHP which are newer than those in the official repos. For this example, we'll be using Webtatic

Add the repository:

Code Block

language	bash

rpm -Uvh https://mirror.webtatic.com/yum/el6/latest.rpm

Update:

Code Block

language	powershell

yum update

Install:

Expand

PHP5 / Apache2 / extensions

httpd
php55w
php55w-opcache
php55w-mysqlnd
php55w-pdo
php55w-ldap
php55w-pecl-memcache
php55w-bcmath
php55w-devel
php55w-pear
php55w-cli

Development tools for pecl / additional system packages:

curl
openssl
memcached
mod_ssl

Code Block

language	bash

yum install httpd php55w php55w-opcache php55w-mysqlnd php55w-pdo php55w-ldap php55w-pecl-memcache php55w-bcmath php55w-devel php55w-pear php55w-cli curl openssl memcached mod_ssl

MySQL

...

MySQL is included with most CentOS installs, check for it with:

Code Block

language	powershell

yum list installed | grep mysql

The default MySqL version included with most CentOS installs will need to be upgraded to the latest version:

Code Block

language	bash

rpm -Uvh https://mirror.webtatic.com/yum/el6/latest.rpm

If it is not installedyou have an existing installation, you can replace it with:

Code Block

language	bash

yum install mysql.`uname -i` yum-plugin-replace
yum replace mysql --replace-with mysql55w

For a fresh install:

Code Block

language	bash

   yum install

...

mysql55w mysql55w-server

Then, re-start and configure.

Code Block

language	bash

   service mysqld start      chkconfig mysqld on

If a new install, set Set the MySQL root password:

Code Block

language	bash

    /usr/bin/mysqladmin -u root password 'new-password'

For an existing install / upgrade, you will need to upgrade the existing tables after the restart.

Code Block

language	bash

mysql_upgrade -u root -p

This will issue a password prompt for the user. If you don't have a root user password, remove the "-p".

DNS and Additional Utilities

...

Generate private key, CSR, and temporary key if one hasn't been provided.

Code Block

language	bash

openssl genrsa -out ca.key 1024    openssl req -new -key ca.key -out ca.csr    
openssl x509 -req -days 365 -in ca.csr -signkey ca.key -out ca.crt

Copy the files to the correct locations

...

Code Block

language	bash

vi /etc/httpd/conf.d/ssl.conf

Find the lines that start with SSHCertificateFile and change them to be like:

Code Block

language	text

SSLCertificateFile /etc/pki/tls/certs/ca.crt 
SSLCertificateKeyFile /etc/pki/tls/private/ca.key

Then restart

Code Block

language	powershell

/etc/init.d/httpd restart

Add 443 virtual hosts as needed in httpd.conf.

Apache

...

Allow overwrites in the apache vhosts

Code Block

language	bash

sed -i 's/AllowOverride None/AllowOverride All/g' /etc/httpd/conf/httpd.conf

...

Set the MySQL Configuration:

Code Block

language	bash

mysql -p -e "SET GLOBAL sql_mode='NO_ENGINE_SUBSTITUTION';SET SESSION sql_mode='NO_ENGINE_SUBSTITUTION';"

then enter the MySQL root password when prompted.

4) Optional configurations:

Configure SELinux

Note

title	RE-IP WARNING

Please remember - if you change the IP address of the your server, then you will need to update SELinux functions accordingly

Most CentOS install have SELinux enabled by default. One of its protections is to not allow httpd daemon to make network connections, we need to disable this for license checks.

To view the SELinux configuration for http:

Code Block

language	bash

/usr/sbin/getsebool -a | grep httpd

To turn protection off for the httpd daemon for creating network connections:

Code Block

language	bash

   /usr/sbin/setsebool -P httpd_can_network_connect 1

Configure IPTables

IPTables is enabled by default on CentOS. Add a new rule to allow 443 from anywhere. Make sure that this rule is in the chain BEFORE any blanket reject rule:

...

Code Block

language	bash

    yum install libssh2-devel     pecl install -f ssh2     echo extension=ssh2.so > /etc/php.d/ssh2.ini

Source Guardian

Note
Source Guardian is only required for ProVision versions 5.1.2 and earlier. If installing ProVision 5.1.3 or later, skip this step.

Expand

title	Click here for Source Guardian installation instructions (applies only to ProVision 5.1.2 and earlier)...

Install the Source Guardian php extension.

Info
Download and find additional details from http://www.sourceguardian.com/ixeds/. Choose either Linux 32 or Linux 64 .tar.gz depending on architecture.

Download the loader and put it in the appropriate place.

Place the file in your php extension directory as specified in your php.ini

Note: The PHP cli binary path must be set in the ProVision software Admin section if is different from default. By default it is /usr/bin/php.
Add extension=ixed.x.x.y.y to your php.ini

Code Block

language	bash

    wget https://www.sourceguardian.com/loaders/download/loaders.linux-x86_64.tar.bz2
    tar -xjf loaders.linux-x86_64.tar.bz2
    cp -rpPf ixed.5.5.lin /usr/lib64/php/modules/
    echo extension=ixed.5.5.lin > /etc/php.d/ixed.5.5.ini

Reload the web server

Code Block

language	bash

service httpd reload

Info

title	PRO TIP - Loader Assistant for Source Guardian

If you have any issues with getting Source Guardian installed, and the instructions are not working in your case, please check out http://www.sourceguardian.com/loaders/download.php - this page allows you paste in the output of your phpinfo page and then it will tell you the steps that need to be taken for your particular use case. If you are still having issues, please contact 6connect at support@6connect.com so one of our engineers can assist you.

4) Install 6connect ProVision Software:

...

Page tree

Versions Compared

Old Version 3

New Version 4

Key

MySQL

DNS and Additional Utilities

Apache

4) Optional configurations:

Configure SELinux

Configure IPTables

Source Guardian

4) Install 6connect ProVision Software: