sl-digital · April 14, 2017 18:19
diff --git a/CentOS_7_LAMP_Install.txt b/CentOS_7_LAMP_Install.txt
 # SWITCH TO ROOT
 sudo su

 # CREATE A NEW USER
 adduser devops
 passwd whatevs

 # GRANT SUDO
 gpasswd -a devops wheel

 # SSH KEYGEN (LOCAL)
 ssh-keygen <follow prompts and save>
 cat ~/.ssh/yourkey_rsa.pub <copy contents>

 # SSH KEYGEN (SERVER)
 su - devops
 mkdir .ssh
 chmod 700 .ssh
 nano .ssh/authorized_keys <paste key data>
 chmod 600 .ssh/authorized_keys

 # DISABLE PASSWORD AUTH
 nano /etc/ssh/sshd_config
 - PermitRootLogin no
 systemctl reload sshd

 # ADD BETTER REPOS
 cd ~
 curl 'https://setup.ius.io/' -o setup-ius.sh
 sudo bash setup-ius.sh

 # INSTALL APACHE (HTTPD)
 sudo yum install httpd
 sudo systemctl start httpd.service
 sudo systemctl enable httpd.service

 # INSTALL MYSQL (MARIA)
 sudo yum install mariadb-server mariadb
 sudo systemctl start mariadb
 sudo mysql_secure_installation
 sudo systemctl enable mariadb.service

 # INSTALL PHP
 sudo yum install php php-mysql
 sudo systemctl restart httpd.service

 # FIND MORE PHP MODULES
 yum search php-
 sudo yum install php-whatevs1 php-whatevs1

 # ADJUST THE FIREWALL - IF NEEDED
 sudo firewall-cmd --permanent --zone=public --add-service=http 
 sudo firewall-cmd --permanent --zone=public --add-service=https
 sudo firewall-cmd --reload

 # CHECK FILE PERMISSIONS
 getfacl /var/www/html

 # SET DEFAULT ACL FOR APACHE (HTTPD)
 setfacl -Rd -m u:devops:rwx /var/www/html
 setfacl -Rd -m g:apache:rwx /var/www/html

 # Set ACL for admin user and www-data group
 setfacl -R -m u:devops:rwx /var/www/html
 setfacl -R -m g:apache:rwx /var/www/html

 # Set default group for new content
 chmod -R g+s /var/www/html

 # Change folder permissions to rwxr-xr-x
 find . -type d -exec chmod 755 {} \;

 # Change file permissions to rw-r--r--
 find . -type f -exec chmod 644 {} \;
	# SWITCH TO ROOT
	sudo su

	# CREATE A NEW USER
	adduser devops
	passwd whatevs

	# GRANT SUDO
	gpasswd -a devops wheel

	# SSH KEYGEN (LOCAL)
	ssh-keygen <follow prompts and save>
	cat ~/.ssh/yourkey_rsa.pub <copy contents>

	# SSH KEYGEN (SERVER)
	su - devops
	mkdir .ssh
	chmod 700 .ssh
	nano .ssh/authorized_keys <paste key data>
	chmod 600 .ssh/authorized_keys

	# DISABLE PASSWORD AUTH
	nano /etc/ssh/sshd_config
	- PermitRootLogin no
	systemctl reload sshd

	# ADD BETTER REPOS
	cd ~
	curl 'https://setup.ius.io/' -o setup-ius.sh
	sudo bash setup-ius.sh

	# INSTALL APACHE (HTTPD)
	sudo yum install httpd
	sudo systemctl start httpd.service
	sudo systemctl enable httpd.service

	# INSTALL MYSQL (MARIA)
	sudo yum install mariadb-server mariadb
	sudo systemctl start mariadb
	sudo mysql_secure_installation
	sudo systemctl enable mariadb.service

	# INSTALL PHP
	sudo yum install php php-mysql
	sudo systemctl restart httpd.service

	# FIND MORE PHP MODULES
	yum search php-
	sudo yum install php-whatevs1 php-whatevs1

	# ADJUST THE FIREWALL - IF NEEDED
	sudo firewall-cmd --permanent --zone=public --add-service=http
	sudo firewall-cmd --permanent --zone=public --add-service=https
	sudo firewall-cmd --reload

	# CHECK FILE PERMISSIONS
	getfacl /var/www/html

	# SET DEFAULT ACL FOR APACHE (HTTPD)
	setfacl -Rd -m u:devops:rwx /var/www/html
	setfacl -Rd -m g:apache:rwx /var/www/html

	# Set ACL for admin user and www-data group
	setfacl -R -m u:devops:rwx /var/www/html
	setfacl -R -m g:apache:rwx /var/www/html

	# Set default group for new content
	chmod -R g+s /var/www/html

	# Change folder permissions to rwxr-xr-x
	find . -type d -exec chmod 755 {} \;

	# Change file permissions to rw-r--r--
	find . -type f -exec chmod 644 {} \;