Configure Static IP Address
sudo vi /etc/sysconfig/network-scripts/ifcfg-ens192
TYPE=Ethernet
BOOTPROTO=none
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=ens192
DEVICE=ens192
ONBOOT=yes
DNS1=8.8.8.8
DNS2=8.8.4.4
DOMAIN=localdomain
IPADDR=192.168.1.104
NETMASK=255.255.255.0
PREFIX=24
GATEWAY=192.168.1.1
PROXY_METHOD=none
BROWSER_ONLY=no
ZONE=public
Enable User on Sudoers
usermod -aG wheel username
Change Apache2 Port
https://www.tecmint.com/change-apache-port-in-linux/
Multiple IP for 1 SSL
https://www.theregister.co.uk/2017/03/01/nginx_and_the_end_of_ip4/
Install Git
sudo yum install git -y &&
Troubleshooting The CentOS
P: python-pip installed but pip command doesn't exist S: Enable EPEL repository
sudo yum install epel-release &&
sudo yum update -y &&
sudo yum install python-pip
Install Gunicorn & Django
sudo pip install gunicorn
sudo pip install Django
Install Nginx
sudo yum install nginx
Turn off default configuration at /etc/nginx/nginx.conf.
Enabling Nginx on boot.
sudo systemctl enable nginx
sudo systemctl start nginx
Add new configuration at /etc/nginx/conf.d/.
sudo ln -s /home/user/Projects/conf/example.conf /etc/nginx/conf.d/
Verify the configuration.
sudo nginx -t &&
sudo systemctl restart nginx
Install Vim
sudo yum install vim
Install Supervisor
sudo yum install supervisor -y
To enable new daemon configuration, add this line at /etc/supervisor.conf.
files=supervisor.d/*.conf
Activate The Supervisor.
sudo systemctl start supervisor &&
sudo systemctl status supervisor &&
sudo systemctl enable supervisor
Create symlink of new daemon configuration at /etc/supervisor.d/.
sudo ln -s /home/user/Projects/conf/daemon.conf /etc/supervisor.d/
Activate the configuration.
sudo supervisorctl reread &&
sudo supervisorctl update &&
sudo supervisorctl status
Configure Firewall
Enabling specific port.
sudo firewall-cmd --zone=public --add-port=8000 --permanent &&
sudo firewall-cmd --reload
Enabling specific services.
sudo firewall-cmd --zone=public --add-service=http --permanent &&
sudo firewall-cmd --zone=public --add-service=https --permanent &&
sudo firewall-cmd --reload
View existing rule.
sudo firewall-cmd --list-all-zones
SELINUX
Disable SELinux at /etc/selinux/config.
SELINUX=disabled
sudo reboot
Two Gateway Two Interface Routing Table
Create ens192 interfaces.
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=none
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=ens192
UUID=ae7ab5ed-05c2-4332-8fad-e075282f86f1
DEVICE=ens192
ONBOOT=yes
DNS1=8.8.8.8
DNS2=8.8.4.4
DOMAIN=localdomain
IPADDR=192.168.200.106
NETMASK=255.255.255.0
PREFIX=24
GATEWAY=192.168.200.1
PROXY_METHOD=none
BROWSER_ONLY=no
ZONE=dmz
Create ens224 interfaces.
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=none
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=ens224
UUID=ae7ab5ed-05c2-4332-8fad-e075282f86f2
DEVICE=ens224
ONBOOT=yes
DNS1=10.200.1.5
DOMAIN=sub.domain.id
IPADDR=10.13.37.166
NETMASK=255.255.255.0
PREFIX=24
GATEWAY=10.13.37.1
PROXY_METHOD=none
BROWSER_ONLY=no
ZONE=private
Create route-ens224.
10.13.37.0/8 dev ens224 src 10.13.37.166 table rt2
default via 10.13.37.1 dev ens224 table rt2
Create rule-ens224.
from 10.13.37.166/8 table rt2
to 10.13.37.166/8 table rt2
Add iproute.
sudo echo "1 rt2" >> /etc/iproute2/rt_tables
sudo reboot