# cms - Content Management System
Original Author: Matt Doyle
Updates: Robert S.
```
Note: I use the hash sign # to note a comment, do not run it in the terminal.
Note: I use the dollar sign $ for the Linux prompt commands to type in or copy to run.
Don't type or copy the dollar sign $ prompt it's self!
Note: I use the greater-than sign > for the MySQL prompt commands.
Don't type or copy the greater-than sign > prompt it's self!
Note: The apt-get package mgr is used by debian Linux like Ubuntu.
```
## Make www-data system-user account
```
# See if the account already exists?
$ id www-data
# If it says no such user, then:
$ sudo useradd --system --no-create-home --shell /usr/sbin/nologin www-data
```
## Make a Regular user account, if only the root account exists currently.
```
# Log in as Root user here
# replace jellybeansara with a user account name you desire like fredsmith
$ MYNEWUSER=jellybeansara
$ sudo adduser $MYNEWUSER
$ sudo usermod -aG www-data $MYNEWUSER
$ sudo usermod -aG sudo $MYNEWUSER
```
## Git clone repo to pull it
```
$ sudo mkdir -p /var/www
$ sudo chgrp www-data /var/www
$ if [ -z "$MYNEWUSER" ]; then MYNEWUSER="$USER"; fi
$ sudo chown $MYNEWUSER /var/www
$ sudo chmod 775 /var/www
$ sudo apt-get update && sudo apt-get install git openssl
# AS a normal user NOT Root, we will sudo or doas for that from most of the time:
$ cd /var/www
$ git clone https://git.mysnippetsofcode.com/bobs/cms
$ cd cms
```
## SETUP MySQL as Root, run:
```
# Assign an empty password for MySQL root, it will be changed later...during mysql_secure_installation script.
# Install the server:
$ sudo apt-get install mysql-server
$ sudo systemctl start mysql
$ sudo systemctl enable mysql
# Lets make a secure password for use with MySQL root account.
$ MROOT=$(openssl rand -base64 18)
$ echo "MySQL Root password is now: $MROOT"
# Copy this password to the clipboard
# The following script will prompt you to perform various security-related actions. Follow the prompts to set a root password (Paste in the password from the clipboard), remove anonymous users, disallow root login remotely, remove the test database, and reload the privilege tables.
$ sudo mysql_secure_installation
# Lets make a secure password for use with MySQL user account EX zoombox.
$ CMSPWD=$(openssl rand -base64 18)
$ echo "MySQL cms database user zoombox account password is now: $CMSPWD"
# Copy this password to the clipboard now
# Lets create a new user account for mysql
$ mysql -u root -p$MROOT
> CREATE USER 'zoombox'@'localhost' IDENTIFIED BY 'Paste_IN_The_Password_for_user_zoombox_in_the_step_above_here';
> GRANT ALL ON cms.* TO 'zoombox'@'localhost';
> create database cms;
> exit
```
## Import the tables.sql file:
```
$ pushd protected/src
$ pwd
# You should be in /var/www/cms/protected/src
# Run as normal user account for mysql program to run safely.
# Do not use the root MySQL user for cms app!
$ mysql -u zoombox -p$CMSPWD cms < tables.sql
$ popd
```
You may want to edit the config.php file which is in the protected/src folder.
```
define( "BLOG_NAME", "Widgetz Newz" ); // Display Name for Titles
```
## Create the .env file in root of Project to configure your secrets!
```
$ pwd
# You should be in /var/www/cms
# DO NOT use the root user for cms app!
$ nano .env
DB_TYPE=mysql
DB_HOST=127.0.0.1
DB_NAME=cms
DB_USERNAME=zoombox
DB_PASSWORD=Enter_the_Password_for_user_zoombox_here
ADMIN_USERS=zug:SunSet@XQWET,zig:CHANGE_ME_AS_WELL_MAKE_ONE_UP_HERE
```
(for Nano editor) Press ctrl+x to Save and Exit. Y to save. Enter to the default filename...
Note: the admin username is: zug
Admin password is: SunSet@XQWET
## Install Composer
```
# Must be a regular user here to do composer install.
$ curl -sS https://getcomposer.org/installer | php
$ sudo mv composer.phar /usr/local/bin/composer
```
## Install Composer deps
```
# Must be a regular user here to do composer install.
$ cd protected
$ pwd
# You should be in /var/www/cms/protected
$ composer install
```
## Install web server apache2 or nginx
https://unit.nginx.org/ (looks neat)
Pick just one
```
# for Apache2
$ sudo apt-get install apache2
$ sudo apt-get install libapache2-mod-php8.3
# edit default site:
$ sudo nano /etc/apache2/sites-available/000-default.conf
ServerAdmin webmaster@localhost
# Replace example.com with your actual domain or IP address:
ServerName example.com
ServerAlias www.example.com
DocumentRoot /var/www/cms/public
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
$ sudo a2ensite 000-default.conf
$ sudo a2enmod rewrite
# after php deps are installed come back and run this:
$ sudo a2enmod php8.3
---------------------------OR--------------------------------
# for nginx
$ sudo apt-get install nginx
$ sudo apt-get install php8.3-fpm
# Configure nginx for cms
$ sudo nano /etc/nginx/sites-available/cms
server {
listen 80;
# Replace your_domain.com with your actual domain or IP address:
server_name your_domain.com;
root /var/www/cms/public;
index index.php index.html;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php8.3-fpm.sock; # Adjust the PHP version if necessary
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ /\.ht {
deny all;
}
}
$ sudo ln -s /etc/nginx/sites-available/cms /etc/nginx/sites-enabled/
$ sudo nginx -t
# if test is ok, then run:
$ sudo systemctl reload nginx
```
## PHP deps
```
PHP gd and mysql must be installed:
$ sudo apt-get install php8.3 php8.3-gd php8.3-mysql
```
## Make site use SSL certs to enable https
```
# Install Certbot to get SSL certs
$ sudo snap install --classic certbot
$ sudo ln -s /snap/bin/certbot /usr/bin/certbot
If installed Apache2:
$ sudo certbot --apache
$ sudo systemctl restart apache2
----OR----
If installed nginx:
$ sudo certbot --nginx
$ sudo systemctl reload nginx
```