Tutorial-9122023

How to Install Shopware with NGINX and Let’s Encrypt on CentOS 7

screenshot 2019 05 01 at 22 1

How to Install Shopware with NGINX and Let’s Encrypt on CentOS 7

Shopware is the next generation of open source e-commerce software. Based on bleeding edge technologies like Symfony 3, Doctrine2 and Zend Framework Shopware comes as the perfect platform for your next e-commerce project. This tutorial will walk you through the Shopware Community Edition (CE) installation on CentOS 7 system by using NGINX as a web server.

Requirements

Make sure your system meets the following minimum requirements:

  • Linux-based operating system with NGINX or Apache 2.x (with mod_rewrite) web server installed.
  • PHP 5.6.4 or higher with ctype, gd, curl, dom, hash, iconv, zip, json, mbstring, openssl, session, simplexml, xml, zlib, fileinfo, and pdo/mysql extensions. PHP 7.1 or above is strongly recommended.
  • MySQL 5.5.0 or higher.
  • Possibility to set up cron jobs.
  • Minimum 4 GB available hard disk space.
  • IonCube Loader version 5.0.0 or higher (optional).

NOTE: Shopware is currently up to PHP 7.2.x compatible.

Prerequisites

  • An operating system running CentOS 7.
  • A non-root user with sudo privileges.

Initial steps

Check your CentOS version:

cat /etc/centos-release

Set up the timezone:
timedatectl list-timezones
sudo timedatectl set-timezone 'Region/City'

Update your operating system packages (software). This is an important first step because it ensures you have the latest updates and security fixes for your operating system’s default software packages:
sudo yum update -y

Install some essential packages that are necessary for basic administration of the CentOS operating system:
sudo yum install -y curl wget vim unzip socat epel-release

Step 1 – Install PHP and PHP extensions

Setup the Webtatic YUM repo:
sudo rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm

Install PHP, as well as the necessary PHP extensions for Shopware:
sudo yum install -y php72w php72w-cli php72w-fpm php72w-common php72w-mysql php72w-curl php72w-json php72w-zip php72w-gd php72w-xml php72w-mbstring php72w-opcache

To show PHP compiled in modules, you can run:
php -m

ctype
curl
exif
fileinfo
. . .
. . .

Check the PHP version:
php --version
# PHP 7.2.14 (cli) (built: Jan 12 2019 12:47:33) ( NTS )
# Copyright (c) 1997-2018 The PHP Group
# Zend Engine v3.0.0, Copyright (c) 1998-2017 Zend Technologies
# with Zend OPcache v7.2.14, Copyright (c) 1999-2018, by Zend Technologies

Start and enable PHP-FPM service:
sudo systemctl start php-fpm.service
sudo systemctl enable php-fpm.service

We can move on to the next step, which is the IonCube Loader installation.

Step 2 – Install IonCube Loader (optional)

Download IonCube Loader:
cd /tmp && wget https://downloads.ioncube.com/loader_downloads/ioncube_loaders_lin_x86-64.tar.gz

Extract the loader:
tar xfz ioncube_loaders_lin_*.gz

Find the PHP extensions directory on the system by running the command below:
php -i | grep extension_dir
# extension_dir => /usr/lib64/php/modules => /usr/lib64/php/modules

Copy the ionCube Loader into the PHP extensions directory:
sudo cp /tmp/ioncube/ioncube_loader_lin_7.2.so /usr/lib64/php/modules

Include the loader via PHP configuration:
sudo vim /etc/php.ini

Then add a line in the file to include ionCube loader. It can be anywhere in the file below [PHP] line:
zend_extension = /usr/lib64/php/modules/ioncube_loader_lin_7.2.so

Save the file and restart PHP-FPM:
sudo systemctl restart php-fpm.service

Step 3 – Install MariaDB and create a database for Shopware

Install MariaDB database server:
sudo yum install -y mariadb-server

Check the MariaDB version:
mysql --version
# mysql Ver 14.14 Distrib 5.7.26, for Linux (x86_64) using EditLine wrapper

Start and enable MariaDB service:
sudo systemctl start mariadb.service
sudo systemctl enable mariadb.service

Run mysql_secure installation script to improve MariaDB security and set the password for MariaDB root user:
sudo mysql_secure_installation

Answer each of the questions:
Would you like to setup VALIDATE PASSWORD plugin? N
New password: your_secure_password
Re-enter new password: your_secure_password
Remove anonymous users? [Y/n] Y
Disallow root login remotely? [Y/n] Y
Remove test database and access to it? [Y/n] Y
Reload privilege tables now? [Y/n] Y

Connect to MariaDB shell as the root user:
sudo mysql -u root -p
# Enter password

Create an empty MariaDB database and user for Shopware and remember the credentials:
mysql> CREATE DATABASE dbname;
mysql> GRANT ALL ON dbname.* TO 'username' IDENTIFIED BY 'password';
mysql> FLUSH PRIVILEGES;

Exit from MariaDB:
mysql> exit

Replace dbname, username and password with your own names.

Step 4 – Install Acme.sh client and obtain Let’s Encrypt certificate (optional)

Securing your website with HTTPS is not necessary, but it is a good practice to secure your site traffic. In order to obtain a TLS certificate from Let’s Encrypt we will use acme.sh client. Acme.sh is a pure Unix shell software for obtaining TLS certificates from Let’s Encrypt with zero dependencies.

Download and install acme.sh:
sudo su - root
git clone https://github.com/Neilpang/acme.sh.git
cd acme.sh
./acme.sh --install --accountemail [email protected]
source ~/.bashrc
cd ~

Check acme.sh version:
acme.sh --version
# v2.8.1

Obtain RSA and ECC/ECDSA certificates for your domain/hostname:
# RSA 2048
acme.sh --issue --standalone -d example.com --keylength 2048
# ECDSA
acme.sh --issue --standalone -d example.com --keylength ec-256

If you want fake certificates for testing you can add –staging flag to the above commands.

After running the above commands, your certificates and keys will be in:

  • For RSA: /home/username/example.com directory.
  • For ECC/ECDSA: /home/username/example.com_ecc directory.

To list your issued certs you can run:
acme.sh --list

Create a directory to store your certs. We will use a directory /etc/letsencrypt.
mkdir -p /etc/letsecnrypt/example.com
sudo mkdir -p /etc/letsencrypt/example.com_ecc

Install/copy certificates to /etc/letsencrypt directory.
# RSA
acme.sh --install-cert -d example.com --cert-file /etc/letsencrypt/example.com/cert.pem --key-file /etc/letsencrypt/example.com/private.key --fullchain-file /etc/letsencrypt/example.com/fullchain.pem --reloadcmd "sudo systemctl reload nginx.service"
# ECC/ECDSA
acme.sh --install-cert -d example.com --ecc --cert-file /etc/letsencrypt/example.com_ecc/cert.pem --key-file /etc/letsencrypt/example.com_ecc/private.key --fullchain-file /etc/letsencrypt/example.com_ecc/fullchain.pem --reloadcmd "sudo systemctl reload nginx.service"

All the certificates will be automatically renewed every 60 days.

After obtaining certs exit from root user and return back to normal sudo user:
exit

Step 5 – Install and configure NGINX

Install the NGINX web server:
sudo yum install -y nginx

Check the NGINX version:
nginx -v

Start and enable Nginx service:
sudo systemctl start nginx.service
sudo systemctl enable nginx.service

Configure NGINX for Shopware. Run sudo vim /etc/nginx/conf.d/shopware.conf and add the following configuration:
server {
listen 80;
listen 443 ssl;

server_name example.com;
root /var/www/shopware;
ssl_certificate /etc/letsencrypt/example.com/fullchain.cer;
ssl_certificate_key /etc/letsencrypt/example.com/example.com.key;
ssl_certificate /etc/letsencrypt/example.com_ecc/fullchain.cer;
ssl_certificate_key /etc/letsencrypt/example.com_ecc/example.com.key;
index shopware.php index.php;

location / {
try_files $uri $uri/ /shopware.php$is_args$args;
}

location /recovery/install {
index index.php;
try_files $uri /recovery/install/index.php$is_args$args;
}

location ~ .php$ {
include fastcgi.conf;
fastcgi_pass 127.0.0.1:9000;
}
}

Check NGINX configuration for syntax errors:
sudo nginx -t

Reload NGINX service:
sudo systemctl reload nginx.service

Step 6 – Install Shopware

Create a document root directory for Shopware:
sudo mkdir -p /var/www/shopware

Change ownership of the /var/www/shopware directory to {jour_user}:
sudo chown -R {your_user}:{your_user} /var/www/shopware

Navigate to the document root directory:
cd /var/www/shopware

Download and unzip the latest Shopware release via wget:
wget https://releases.shopware.com/install_5.5.8_d5bf50630eeaacc6679683e0ab0dcba89498be6d.zip?_ga=2.141661361.269357371.1556739808-1418008019.1556603459 -O shopware.zip
unzip shopware.zip
rm shopware.zip

NOTE: Update download URL if there is a newer release.

Change ownership of the /var/www/shopware directory to nginx.
sudo chown -R nginx:nginx /var/www/shopware

Run sudo vim /etc/php-fpm.d/www.conf and set user and group to nginx.
sudo vim /etc/php-fpm.d/www.conf
# user = nginx
# group = nginx

Create /var/lib/php/session directory and change its ownership to a user nginx.
sudo mkdir -p /var/lib/php/session && sudo chown -R nginx:nginx /var/lib/php/session

Increase memory_limit = 256M and upload_max_filesize = 6M, and set allow_url_fopen = On if not already set in /etc/php.ini file.
sudo vim /etc/php.ini

After making changes in /etc/php.ini file, reload php-fpm.service:
sudo systemctl reload php-fpm.service

Open your domain/IP in the web browser and follow the installation wizard. The backend of Shopware is located at /backend example: http://example.com/backend.

Step 7 – Complete the Shopware setup

Start by selecting the language and click Next:

Shopware setup wizard

Next, make sure you meet all the Shopware requirements:

System requirements are met

Agree with Shopware TOS and click Next:

Accept license

Enter database credentials and click Next:

Shopware database settings

Start the installation to create database tables:

Installing database tables

After that, you will see a message about successful database import:

Database initialization successful

Choose a license and click Next:

Choose license

Fill in a few basic settings to finish up the setup and click Next:

Basic settings

Installation is complete.

Installation is complete

To access admin area append /backend to your URL.

Shopware backend login

You have successfully installed Shopware. Enjoy your new online shop!

Đăng ký liền tay Nhận Ngay Bài Mới

Subscribe ngay

Cám ơn bạn đã đăng ký !

Lỗi đăng ký !

Add Comment

Click here to post a comment

Đăng ký liền tay
Nhận Ngay Bài Mới

Subscribe ngay

Cám ơn bạn đã đăng ký !

Lỗi đăng ký !