M2 Course Magento 2 Course "Practical advice about customization of a store" | GUIDE https://udemy.com/course/magento-2-practical-advice-about-customization-of-a-store/

Possible errors during Apache installation:

If you see next error:

AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using localhost.localdomain. Set the 'ServerName' directive globally to suppress this message.

Please try the following. Open the /etc/httpd/conf/httpd.conf file with root privileges using nano text editor:

sudo nano /etc/httpd/conf/httpd.conf

Add the ServerName 127.0.0.1 line to the end of the file:

ServerName 127.0.0.1

Save and close the file when you are finished (CTRL+X → Y → and ENTER).

Run apachectl to test that the configuration is valid:

sudo apachectl configtest

If result is Syntax OK, use this command to reload Apache’s configuration:

sudo systemctl reload httpd.service

Installation and Configuration PHP

Official info about PHP 8.2: https://www.php.net/releases/8.2/en.php
Download PHP: https://www.php.net/downloads.php
Required PHP settings (Magento tips): https://experienceleague.adobe.com/docs/commerce-operations/installation-guide/system-requirements.html#php-settings
https://experienceleague.adobe.com/docs/commerce-operations/installation-guide/prerequisites/php-settings.html

1. How to install PHP 8.2 on CentOS 9
2. How to set required PHP options

How to install PHP 8.2 on CentOS 9

Step 1: Update system's package repository — Before installing new packages, ensure that you are getting the latest versions and dependencies.

sudo dnf update -y

Step 2: Check a list of available modules for PHP

sudo dnf module list php

Step 3: Reset and Switch to the required version 8.2

sudo dnf module reset php

sudo dnf module -y enable php:8.2

Step 4: Install required version 8.2

sudo dnf module -y install php:8.2/common

Step 5: Install some common PHP extensions that you may need

sudo dnf install -y php-cli php-fpm php-json php-common php-mysqlnd php-zip php-gd php-mbstring php-curl php-xml php-pear php-bcmath php-json php-opcache php-soap php-intl php-iconv

! Check Magento Open Source requires:
https://experienceleague.adobe.com/docs/commerce-operations/installation-guide/prerequisites/php-settings.html
Verify that all required extensions are installed. List installed modules: php -m

Step 6: After the installation is complete, check the PHP version

php -v

Step 7: Configure PHP-FPM (FastCGI Process Manager). Start and enable PHP-FPM with the following commands:

sudo systemctl start php-fpm

sudo systemctl enable php-fpm

Ensure that PHP-FPM is running:

sudo systemctl status php-fpm

BONUS Step: Create test script to verify phpinfo()

echo '<?php echo `php -i`."\n"; ?>' > php_test.php

php php_test.php | head

OK!

Next step: How to set required PHP options

How to set required PHP options

Step 1: Find the configuration files necessary to update required settings

php --ini | grep "Loaded Configuration File"

Step 2: You will need to edit php.ini file and tweak some settings:

sudo nano /etc/php.ini

memory_limit = 4G
upload_max_filesize = 250M
zlib.output_compression = On 
max_execution_time = 3600 
max_input_time = 1000 
date.timezone = America/Los_Angeles
realpath_cache_size = 10M
realpath_cache_ttl = 7200

Step 3: Find OPcache configuration settings — are typically located either in php.ini or opcache.ini (If you have more than one opcache.ini, modify all of them)

sudo find / -name 'opcache.ini'

If you see error Permission denied, open php.ini and find (Ctrl+W) [opcache] block

sudo nano /etc/php.ini

There you will find the path to the settings opcache file

In my case it is: /etc/php.d/10-opcache.ini. Open this file using nano text editor:

sudo nano /etc/php.d/10-opcache.ini

Locate opcache.save_comments and uncomment it if necessary. Make sure that its value is set to 1. Save your changes and exit the text editor. Restart your web server:

sudo systemctl restart httpd

=====================================================================================================================================================================

Run a simple PHP script to check that a sodium function enabled

echo '<?php $result = sodium_compare(265423642453,738264786436); var_dump($result); ?>' > test.php

php test.php

Possible error:

ERROR: PHP Fatal error: Uncaught Error: Call to undefined function sodium_compare() in ...
Installation: https://libsodium.gitbook.io/doc/installation

=====================================================================================================================================================================

Next step: Install MySQL

How to install MySQL on CentOS 9

Official info about MySQL: https://www.mysql.com/
Download MySQL: https://www.mysql.com/downloads/
Installing MySQL on CentOS: https://dev.mysql.com/doc/refman/8.0/en/linux-installation-yum-repo.html
Magento General MySQL guidelines: https://experienceleague.adobe.com/docs/commerce-operations/installation-guide/prerequisites/database-server/mysql.html
Magento MySQL tips: https://experienceleague.adobe.com/docs/commerce-operations/installation-guide/prerequisites/overview.html#mysql

1. 1) Install and start MySQL 8.0
2. 2) Secure the MySQL installation
3. 3) Create the database instance for Magento installation

Install and start MySQL

Step 1: Install MySQL. Magento Open Source 2.4 require a clean installation of MySQL 8.0.

sudo dnf install mysql-server

Is this ok [y/N]: → press Y → Enter.

This installs the package for MySQL server and also packages for the components required to run the server, including packages for the client, the common error messages and character sets for client and server, and the shared client libraries.

Step 2: Ensure the MySQL server is running, start your server and verify its status with the following commands:

sudo systemctl start mysqld.service

sudo systemctl enable mysqld

sudo systemctl status mysqld

Confirm its release version and upgrade it if necessary.

mysql -V

Step 3: At the initial start up of the server, the following happens, given that the data directory of the server is empty:

• The server is initialized.
• A superuser account 'root'@'localhost is created.
• Password is empty for root account

Secure the MySQL installation

Step 1: You can do secure the MySQl installation and set a root password with the following command:

sudo mysql_secure_installation

Step 2: Answer all the questions as shown below:

Would you like to setup VALIDATE PASSWORD component? N
Enter current password for root (Enter, because it's empty):
Set root password? [Y/n] Y
New password: 
Re-enter new password:
Remove anonymous users? [Y/n] Y
Disallow root login remotely? [Y/n] Y
Remove test database and access to it? [Y/n] Y
Reload privilege tables now? [Y/n] Y

Create the database instance for Magento installation

Step 1: To configure a MySQL database instance, Log in to your database server:

sudo mysql -u root -p

Step 2: Enter the MySQL root user’s password when prompted. Enter the following commands to create a database instance, ! for example named magento with username magento. Replace these values with your own:

create database magento;

create user 'magento'@'localhost' IDENTIFIED BY 'magento';

GRANT ALL ON magento.* TO 'magento'@'localhost';

flush privileges;

Step 3: Enter exit to quit the command prompt. Then verify the database:

sudo mysql -u magento -p

If the MySQL monitor displays, you created the database properly. If an error displays, repeat the preceding commands.

Next step: Install Composer

Install Composer

Official info about Composer: https://getcomposer.org/
Download and Installing Composer: https://getcomposer.org/download/

Composer is a dependency manager for the programming language, PHP. It functions as some sort of project manager that helps the programmer manage dependencies that will be used on a project-to-project basis.

To install Magento 2.4.6 successfully, you need Magento Composer version 2.2 or higher.

How to Install Composer on CentOS Stream 9

Step 1: Download Composer installer by running the following command in your terminal:

sudo wget https://getcomposer.org/installer -O composer-setup.php

Step 2: Run the downloaded composer installation file with the command:

sudo php composer-setup.php --filename=composer --install-dir=/usr/bin

Step 3: Move the Composer binary to the system location with the following command:

sudo mv composer.phar /usr/local/bin/composer

Step 4: Verify the Composer version:

composer --version

To test your installation, run the following command:

composer

a) Note: If the above fails due to permissions, you may need to run it again with sudo.
b) If you receive the error "/usr/local/bin/composer: No such file or directory" then you must create the directory manually before proceeding: sudo mkdir -p /usr/local/bin/composer
c) You can place the Composer PHAR anywhere you wish. If you put it in a directory that is part of your PATH, you can access it globally.

Next step: Install Search engine Elasticsearch

Search engine: Elasticsearch or OpenSearch

Official info about Search engines: https://experienceleague.adobe.com/docs/commerce-operations/installation-guide/prerequisites/overview.html#search-engine
https://experienceleague.adobe.com/docs/commerce-operations/configuration-guide/search/overview-search.html
https://www.elastic.co/guide/en/elasticsearch/reference/current/rpm.html

Refer to the following topics for details about installing a search engine and initial configuration:

1. 1) Search engine prerequisites
2. 2) Configure nginx for your search engine
3. 3) Configure Apache for your search engine
4. 4) Install the Commerce software (command-line interface)

Search engine prerequisites

As of Adobe Commerce and Magento Open Source 2.4, all installations must be configured to use Elasticsearch or OpenSearch as the catalog search solution.

You must install and configure either Elasticsearch or OpenSearch before installing Adobe Commerce 2.4.4 and later.

Step-by-step guide installation Elasticsearch on CentOS, Red Hat or Fedora:

Step 1: Launch terminal.

Step 2: Install the latest Java Runtime Environment:

sudo dnf install --assumeyes java-11-openjdk

Step 3: Download and install the public signing key for Elasticsearch repository:

sudo rpm --import https://artifacts.elastic.co/GPG-KEY-elasticsearch

Step 4: Create and add Elasticsearch repository for yum/dnf:

sudo tee /etc/yum.repos.d/elasticsearch.repo <<EOF
[elasticsearch-7.x]
name=Elasticsearch repository for 7.x packages
baseurl=https://artifacts.elastic.co/packages/7.x/yum
gpgcheck=1
gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch
enabled=1
autorefresh=1
type=rpm-md
EOF

Step 5: Install Elasticsearch package along with dependencies using dnf:

sudo dnf install --assumeyes elasticsearch

ERROR: Even though dnf and yum supposedly resolve and install package dependencies, elasticsearch might not list java as a dependency thus you might come to this error if you don't manually install java as in the previous step.

Step 6: Open Elasticsearch configuration file using nano text editor to edit configuration options if necessary:

sudo nano /etc/elasticsearch/elasticsearch.yml

Use host's IP address 0.0.0.0 to listen on all available IP addresses in your system.
network.host: 0.0.0.0

Step 7: Enable network access to Elasticsearch service on port 9200 and 9300 from the firewall:

sudo firewall-cmd --permanent --add-port=9200/tcp

firewall-cmd --permanent --add-port=9300/tcp

Step 8: Reload firewall rules and keep state information:

sudo firewall-cmd --reload

Step 9: Configure Elasticsearch service to automatically start during system boot. And then start Elasticsearch service:

sudo systemctl enable elasticsearch

sudo systemctl start elasticsearch

Step 10: To verify that Elasticsearch is working, enter the following command on the server on which it is running:

curl -XGET '127.0.0.1:9200/_cat/health?v&pretty'

OR:

curl 127.0.0.1:9200

You will not be able to connect immediately to Elasticsearch because the service takes quite a while to start and will get the following error if you try to connect immediately:

curl: (7) Failed to connect to 127.0.0.1 port 9200: Connection refused

Try to wait a bit and restart the server:

sudo systemctl reload httpd.service

After you install and integrate your search engine with Adobe Commerce, you must perform additional maintenance:

1. 1) Configure search stopwords
2. 2) Search engine configuration

Next step: Configure Apache for search engine. Securing server

Securing server. SSL/TLS Encryption for Apache

Step 1: Update system's package repository — Before installing new packages, ensure that you are getting the latest versions and dependencies.

sudo dnf update -y

Step 2: Disable directory listing — By default, Apache will display a directory listing if no index file is present in a directory. Edit Apache configuration file located at /etc/httpd/conf/httpd.conf:

sudo nano /etc/httpd/conf/httpd.conf

...
<Directory "/var/www">
...
  Options -Indexes
...
</Directory>
...

Step 3: Configure a firewall:

sudo firewall-cmd --permanent --add-service=http

sudo firewall-cmd --reload

Step 4: Enable SSL/TLS encryption

1. 1) Setting up an SSL secured Webserver with a self-signed certificate
2. 2) Install snapd and Certbot

Option 1): Setting up an SSL secured Webserver with a self-signed certificate:

→ Getting the required software: OpenSSL and mod_ssl

sudo dnf install mod_ssl openssl

→ Generate a self-signed certificate: Using OpenSSL. NOTE: we strongly recommend you use a real certificate in production and not a self-signed certificate

Generate private key:

sudo openssl genrsa -out ca.key 2048

Generate CSR:

sudo openssl req -new -key ca.key -out ca.csr

You are about to be asked to enter information that will be incorporated into your certificate request. I filled in with test data for clarity.

Generate Self Signed Key:

sudo openssl x509 -req -days 365 -in ca.csr -signkey ca.key -out ca.crt

Copy the files to the correct locations:

sudo cp ca.crt /etc/pki/tls/certs
sudo cp ca.key /etc/pki/tls/private/ca.key
sudo cp ca.csr /etc/pki/tls/private/ca.csr

WARNING: Make sure that you copy the files and do not move them if you use SELinux. Apache will complain about missing certificate files otherwise, as it cannot read them because the certificate files do not have the right SELinux context.

→ Then we need to update the Apache SSL configuration file. Change the paths to match where the Key file is stored:

sudo nano /etc/httpd/conf.d/ssl.conf

SSLCertificateFile /etc/pki/tls/certs/ca.crt
SSLCertificateKeyFile /etc/pki/tls/private/ca.key

Quit and save the file and then restart Apache:

sudo systemctl restart httpd

All being well you should now be able to connect over https to your server. As the certificate is self signed browsers will generally ask you whether you want to accept the certificate.

→ Setting up the virtual hosts: for http on port 80 and for https on port 443:

sudo nano /etc/httpd/conf.d/magento2.loc.conf

Configure Apache to use the certificate. This can be done by adding the following lines:

<VirtualHost *:443>
    DocumentRoot "/var/www/magento2.loc"
    ServerName magento2.loc 
    SSLEngine on
    SSLCertificateFile /etc/pki/tls/certs/ca.crt
    SSLCertificateKeyFile /etc/pki/tls/private/ca.key 
    <Directory "/var/www/magento2.loc">
        Options Indexes FollowSymLinks
        AllowOverride All
        Require all granted
    </Directory>
</VirtualHost>

Quit and save the file and then restart Apache:

sudo systemctl restart httpd

You should now have a site working over https using a self-signed certificate. If you can't connect you may need to open the 443 port on your firewall.

Next step: Set up a proxy for Apache 2.4

Option 2): Install snapd and Certbot:

Step 4.1: Adding EPEL to CentOS 9 Stream:

sudo dnf install epel-release

sudo dnf upgrade

Install snapd:

sudo yum install snapd

Step 4.2: Once installed, the systemd unit that manages the main snap communication socket needs to be enabled:

sudo systemctl enable --now snapd.socket

Step 4.3: To enable classic snap support, enter the following to create a symbolic link between /var/lib/snapd/snap and /snap:

sudo ln -s /var/lib/snapd/snap /snap

Step 4.4: Restart your system to ensure snap’s paths are updated correctly

sudo systemctl restart httpd

Step 5: Install Certbot — free, open source software tool for automatically using Let’s Encrypt certificates on manually-administrated websites to enable HTTPS.

Step 5.1: Remove certbot-auto and any Certbot OS packages — you should remove them before installing the Certbot snap:

sudo dnf remove certbot

Step 5.2: Install Certbot:

sudo snap install --classic certbot

If you see an error: too early for operation, device not yet seeded or device model not acknowledged
— wait a few minutes and try again

Step 5.3: Prepare the Certbot command, to ensure that the certbot command can be run:

sudo ln -s /snap/bin/certbot /usr/bin/certbot

Step 5.4: Get and install certificates. Run this command to get a certificate and have Certbot edit your apache configuration automatically to serve it, turning on HTTPS access in a single step (for a local server, you can select the option without specifying an email address):

sudo certbot --apache --register-unsafely-without-email

If you see an error: Could not find ssl_module; not disabling session tickets.
— install mod_ssl: dnf -y install mod_ssl

If you see an error: ... Domain name does not end with a valid public suffix (TLD)
— you must use only valid public suffix, e.g .com, .net etc

Step 5.5: Test automatic renewal by running this command:

sudo certbot renew --dry-run

Step 6: Confirm that Certbot worked:

To confirm that your site is set up properly, visit https://magento2.loc/ (replace with your domain) in your browser and look for the lock icon in the URL bar.

Next step: Set up a proxy for Apache 2.4

Set up a proxy for Apache 2.4

Official info: https://experienceleague.adobe.com/docs/commerce-operations/installation-guide/prerequisites/search-engine/configure-apache.html#set-up-a-proxy

Module mod_proxy is included in httpd package and it is enabled by default, so it's possible to configure quickly.

Create a file with a text editor for example:

sudo nano /etc/httpd/conf.d/default-site.conf

Add the following directive at the top of the file:

Listen 8080

Add the following at the bottom of the file:

<VirtualHost *:8080>
   ProxyPass "/" "http://localhost:9200/"
   ProxyPassReverse "/" "http://localhost:9200/"
</VirtualHost>

Restart Apache:

sudo systemctl restart httpd

Verify the proxy works by entering the following command. For example, if you are using Elasticsearch and your proxy uses port 8080:

curl -i http://localhost:8080/_cluster/health

Messages similar to the following display to indicate success:

HTTP/1.1 200 OK
Date: ...
Content-Type: application/json; charset=UTF-8
Content-Length: ...
Connection: keep-alive
....

Next step: Download Magento - Get authentication keys to the Commerce Composer repository