Tutorial-9122023

How to Install Grav CMS with Nginx on Fedora 30

screenshot 2019 05 30 at 02

How to Install Grav CMS with Nginx on Fedora 30

Grav is a fast, simple, and flexible, file-based CMS platform. Grav comes with a powerful Package Management System to allow for simple installation and upgrading of plugins and themes, as well as simple updating of Grav itself.

The underlying architecture of Grav is designed to use well-established and best-in-class technologies to ensure that Grav is simple to use and easy to extend. Some of these key technologies include:

  • Twig Templating: for robust control of the user interface
  • Markdown: for easy content creation
  • YAML: for simple configuration
  • Parsedown: for fast Markdown and Markdown Extra support
  • Doctrine Cache: layer for performance
  • Simple Dependency Injection Container: for extensibility and maintainability
  • Symfony Event Dispatcher: for plugin event handling
  • Symfony Console: for CLI interface
  • Gregwar Image Library: for dynamic image manipulation

In this tutorial, we will go through the Grav CMS installation and setup on the Fedora 30 system by using NGINX as a web server, and optionally you can secure the transport layer by using Acme.sh client and Let’s Encrypt certificate authority to add SSL support.

Requirements

Grav is intentionally designed with few requirements. Grav is built with plain text files for your content. There is no database needed. 

Make sure your system meets the following requirements:

  • Web Server (Apache, Nginx, LiteSpeed, Lightly, IIS, etc.) We will use NGINX.
  • PHP version 7.1.3 or higher

Prerequisites

  • An operating system running Fedora 30.
  • A non-root user with sudo privileges.

Initial steps

Check your Fedora version:
cat /etc/fedora-release
#

Set up the timezone:
timedatectl list-timezones
sudo timedatectl set-timezone 'Region/City'

Update your operating system packages (software). This is an important first step because it ensures you have the latest updates and security fixes for your operating system’s default software packages:
sudo dnf update -y

Install some essential packages that are necessary for basic administration of the Fedora operating system:
sudo dnf install -y curl wget vim git unzip socat bash-completion epel-release

Step 1 – Install PHP and necessary PHP extensions

Install PHP, as well as the required PHP extensions:
sudo dnf install -y php-cli php-fpm php-common php-curl php-gd php-json php-mbstring php-xml php-zip php-opcache php-pecl-apcu

To show PHP compiled in modules, you can run:
php -m

ctype
curl
exif
fileinfo
. . .
. . .

Check the PHP version:
php --version

# PHP 7.3.17 (cli) (built: May 13 2019 18:03:04) ( NTS )
# Copyright (c) 1997-2018 The PHP Group
# Zend Engine v3.2.0, Copyright (c) 1998-2018 Zend Technologies
# with Zend OPcache v7.2.17, Copyright (c) 1999-2018, by Zend Technologies

Start and enable PHP-FPM service:
sudo systemctl start php-fpm.service
sudo systemctl enable php-fpm.service

Step 2 – Install acme.sh client and obtain Let’s Encrypt certificate ( optional )

Securing your forum with HTTPS is not necessary, but it is a good practice to secure your site traffic. To obtain a TLS certificate from Let’s Encrypt we will use Acme.sh client. Acme.sh is a simple UNIX shell software for obtaining TLS certificates from Let’s Encrypt with zero dependencies. 

Download and install acme.sh:
sudo su - root
git clone https://github.com/Neilpang/acme.sh.git
cd acme.sh
./acme.sh --install --accountemail [email protected]
source ~/.bashrc
cd ~

Check acme.sh version:
acme.sh --version
# v2.8.2

Obtain RSA and ECC/ECDSA certificates for your domain/hostname:

# RSA 2048
acme.sh --issue --standalone -d example.com --keylength 2048
# ECDSA
acme.sh --issue --standalone -d example.com --keylength ec-256

If you want fake certificates for testing, you can add --staging flag to the above commands.

After running the above commands, your certificates and keys will be in:

  • For RSA: /home/username/example.com directory.
  • For ECC/ECDSA: /home/username/example.com_ecc directory.

To list your issued certs you can run:
acme.sh --list

Create a directory to store your certs. We will use /etc/letsencrypt directory.
mkdir -p /etc/letsecnrypt/example.com
sudo mkdir -p /etc/letsencrypt/example.com_ecc

Install/copy certificates to /etc/letsencrypt directory.
# RSA
acme.sh --install-cert -d example.com --cert-file /etc/letsencrypt/example.com/cert.pem --key-file /etc/letsencrypt/example.com/private.key --fullchain-file /etc/letsencrypt/example.com/fullchain.pem --reloadcmd "sudo systemctl reload nginx.service"
# ECC/ECDSA
acme.sh --install-cert -d example.com --ecc --cert-file /etc/letsencrypt/example.com_ecc/cert.pem --key-file /etc/letsencrypt/example.com_ecc/private.key --fullchain-file /etc/letsencrypt/example.com_ecc/fullchain.pem --reloadcmd "sudo systemctl reload nginx.service"

All the certificates are renewed automatically every 60 days.

After obtaining certs exit from root user and return to regular sudo user:
exit

Step 3 – Install and configure NGINX

Install NGINX:
sudo dnf install -y nginx

Check the NGINX version:
nginx -v
# nginx version: nginx/1.14.2

Start and enable NGINX service:
sudo systemctl start nginx.service
sudo systemctl enable nginx.service

Configure NGINX for Grav. Run sudo vim /etc/nginx/conf.d/grav.conf and add the following configuration.
server {

listen 80;
listen 443 ssl;
server_name example.com;
root /var/www/grav;
ssl_certificate /etc/letsencrypt/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/example.com/private.key;
ssl_certificate /etc/letsencrypt/example.com_ecc/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/example.com_ecc/private.key;
index index.html index.php;

location / {
try_files $uri $uri/ /index.php?$query_string;
}

location ~* /(.git|cache|bin|logs|backup|tests)/.*$ { return 403; }
location ~* /(system|vendor)/.*.(txt|xml|md|html|yaml|yml|php|pl|py|cgi|twig|sh|bat)$ { return 403; }
location ~* /user/.*.(txt|md|yaml|yml|php|pl|py|cgi|twig|sh|bat)$ { return 403; }
location ~ /(LICENSE.txt|composer.lock|composer.json|nginx.conf|web.config|htaccess.txt|.htaccess) { return 403; }

location ~ .php$ {
fastcgi_pass unix:/run/php-fpm/www.sock;
fastcgi_split_path_info ^(.+.php)(/.+)$;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root/$fastcgi_script_name;
}

}

Check NGINX configuration for syntax errors:
sudo nginx -t

Reload NGINX service:
sudo systemctl reload nginx.service

Step 4 – Install Grav CMS

Create a document root directory:
sudo mkdir -p /var/www/grav

Change ownership of the /var/www/grav directory to the user you are logged in at the moment, in my case, the user is johndoe:
sudo chown -R johndoe:johndoe /var/www/grav

Navigate to the document root folder:
cd /var/www/grav

Download and unzip Grav:
wget https://getgrav.org/download/core/grav-admin/1.6.9
unzip 1.6.9
mv grav-admin/* . && mv grav-admin/.* .
rm -rf grav-admin 1.6.9

NOTE: Version 1.6.9 is the current version and may be different by the time you read this. Please check the Grav website for the latest information.

Change ownership of the /var/www/grav directory to nginx:
sudo chown -R nginx:nginx /var/www/grav

Run sudo vim /etc/php-fpm.d/www.conf and set user and group to nginx. Initially, it’s set to user and group apache:
sudo vim /etc/php-fpm.d/www.conf

user = nginx
group = nginx

Restart the PHP-FPM service.
sudo systemctl restart php-fpm.service

Create /var/lib/php/session/ directory and change ownership to nginx:
sudo mkdir -p /var/lib/php/session/ && sudo chown -R nginx:nginx /var/lib/php/session/

Open http://example.com in your web browser and follow the on-screen instructions. To access Grav admin append /admin to your URL.

Step 5 – Complete Grav setup

Create a Grav admin user:

Add Grav admin user

After the creation, you will be redirected to the admin dashboard:

Grav CMS Dashboard

Links

Đăng ký liền tay Nhận Ngay Bài Mới

Subscribe ngay

Cám ơn bạn đã đăng ký !

Lỗi đăng ký !

Add Comment

Click here to post a comment

Đăng ký liền tay
Nhận Ngay Bài Mới

Subscribe ngay

Cám ơn bạn đã đăng ký !

Lỗi đăng ký !