RHEL CentOS installation

MagicFab · November 30, 2017, 8:56pm

If you already have a CentOS + LAMP installation, skip to “Piwik installation” below.

Note All commands should be run as root

CentOS minimal installation

Install CentOS 6.6 (tested here: from minimal ISO – CentOS-6.6-x86_64-minimal.iso)
Enable networking by default at boot: the /etc/sysconfig/network file should contain the following line:

NETWORKING=yes

The /etc/sysconfig/network-scripts/ifcfg-eth0 file should contain the following lines:

DEVICE=eth0

BOOTPROTO=dhcp

ONBOOT=yes

If SSH server is enabled, make sure to setup public-key authentication and harden as per best-practices/local environment policies require (IP whitelisting, custom port/port-knocking, fail2ban, etc).

Avoid slow SSH connections caused by GSSAPI authentication. In /etc/ssh/sshd_config comment out all GSSAPI* options

Other required utilities

yum install wget unzip

Installing the rest of the required LAMP environment (Apache web server, MySQL, PHP)

Install the Apache web server, MySQL database server, PHP5 and recommended extensions:

Note consider installing PHP 5.6 as it has important bug fixes related to memory management and performance which greatly improves Piwik’s stability.

yum install httpd mysql-server php php-mysql php-mbstring php5-curl php5-gd php5-cli php5-geoip php-pdo php-xml -y

Start the web and MySQL servers:

service mysqld start

service httpd start

Configure services to start automatically at boot:

chkconfig httpd on

chkconfig mysqld on

Finish configuration of the MySQL server (root credentials and initial setup):

/usr/bin/mysql_secure_installation

HTTPS (optional)
See HowTos/Https - CentOS Wiki
Setup firewall rules to accept HTTP and HTTPS traffic

By default only port 22 (SSH) will accept connections in CentOS. Firewall rules are needed to open requests to ports 80 and 443.

In CentOS 6:

iptables -I INPUT 5 -i eth0 -p tcp –dport 80 -m state –state NEW,ESTABLISHED -j ACCEPT
service iptables save

In CentOS 7.0:

firewall-cmd --permanent --zone=public --add-service=http

firewall-cmd --permanent --zone=public --add-service=https

firewall-cmd --reload

Piwik installation

Database setup

Setup a “piwik” user, create the database and corresponding permissions:

mysql -uroot -p

Enter password:

mysql> CREATE USER ‘piwik’@’localhost’ IDENTIFIED BY ‘password';

Query OK, 0 rows affected (0.00 sec)

mysql> GRANT ALL PRIVILEGES ON piwik_db.* TO ‘piwik’@’localhost’ WITH GRANT OPTION;

Query OK, 0 rows affected (0.00 sec)

mysql> flush privileges;

Query OK, 0 rows affected (0.01 sec)

mysql>

mysql>Bye

Go to the Apache root document directory:

cd /var/www/html/

Get the latest Piwik release and uncompress it:

wget http://piwik.org/latest.zip

unzip latest.zip

Set permissions for Piwik directories:

chmod 777 ./piwik/config

chmod 777 ./piwik/tmp

Open the Piwik login web page on your server and login to complete the setup steps:

http://[ipaddress]/piwik/

The setup steps are described in the 5-minute Piwik installation guide.

MisterGenest · November 19, 2024, 12:07am

For whoever needs to read this last tip:

If your server is running CentOS, SELinux or Redhat Enterprise Linux (RHEL), and you run into permissions problems, you may need to specify “context”. So fix the issue with the following commands:

chcon -R -t httpd_sys_rw_content_t /path/to/matomo
semanage fcontext -a -t httpd_sys_rw_content_t "/path/to/matomo(/.*)?"