yum install varnish
yum install nginx

Config nginx listen on port 8081

server {
        listen 8081;
        server_name www.example.com;
        rewrite ^(.*) http://example.com$1 permanent;
        }
server {
        listen 8081 default_server;
        server_name example.com;
        ....................

}

Varnish

• Config varnish: vi /etc/varnish/default.vcl (for wordpress)

#
# This is an example VCL file for Varnish.
#
# It does not do anything by default, delegating control to the

Start

echo "\$ModLoad imudp" > /etc/rsyslog.d/server.conf
echo "\$UDPServerRun 514" >> /etc/rsyslog.d/server.conf
echo "\$ModLoad imtcp" >> /etc/rsyslog.d/server.conf
echo "\$InputTCPServerRun 514" >> /etc/rsyslog.d/server.conf
echo "\$PreserveFQDN on" >> /etc/rsyslog.d/server.conf

yum -y install rsyslog-gnutls rsyslog-mysql rsyslog-crypto

MySQL/MariaDB database configuration

Assuming MariaDB is already installed and running.

Install packages on both nodes

sudo yum install corosync pcs pacemaker maxscale

Set the password for the hacluster user [both nodes]

sudo passwd hacluster

Start the pcs daemon service [both nodes]

sudo systemctl start pcsd

Authenticate the cluster

sudo pcs cluster auth node01.domain.local node02.domain.local

Create cluster

SSH Security Best Practices

On file /etc/ssh/sshd_config:

1. Disable Root Logins

Best: PermitRootLogin no
Good: PermitRootLogin without-password (requires PubkeyAuthentication yes)

Install RabbitMQ on CentOS 7

sudo yum -y install epel-release
sudo yum -y update

Install Erlang

Download repository

wget http://packages.erlang-solutions.com/erlang-solutions-1.0-1.noarch.rpm

Add repository

sudo rpm -Uvh erlang-solutions-1.0-1.noarch.rpm

Install erlang and dependencies

sudo yum -y install erlang socat logrotate

Install RabbitMQ

Download RabbitMQ package

This is helpful when you don't want to disable Selinux and need to run external program like wkhtmltopdf via apache on selinux enabled. Run the following commands from the terminal. (This has been tested in CentOS 7)

Allow Execution

setsebool httpd_execmem on

Change a dirs security context if the program writes to a file

chcon -R -t httpd_sys_rw_content_t dir

This is mostly a transcription of the process from the CentOS/RHEL ZoL installation manual.

Install the repo file

Add the ZFSonLinux repo and verify the fingerprint.

Note — manual fingerprint verification is atypical but we'll do it anyway just for kicks.

install certbot

  sudo yum install epel-release
  sudo yum update
  sudo yum install certbot

install nginx

  sudo yum install nginx
  sudo systemctl start nginx

config firewall

if firewall exist on centos do :

Installing mailx

yum -y update

yum install -y mailx

We can now start sending e-mails using

create a symbolic link

ln -s /bin/mailx /bin/mail

Set an External SMTP Server to Relay E-Mails

vi /etc/mail.rc

edit

Ubuntu