Installing Linux 2023 – Amazon EC2 AWS Basic Installation

Basic EC2 Linux 2023 Installation Configuration

These steps are used before adding “dnf” packages for WordPress.

When I do a terminal shell login, I type:
$ sudo su
# set -o vi
# export EXINIT=’set noautoindent’. –> I don’t like the editor indenting code my behalf.

When I refer to “vi” you may have another preferred editor. Do not cut and paste my comments in square brackets. Replace “Australia/Brisbane” with your own country/city.

[log in as root: sudo su, then set -o vi for the vi editor]
[for a fresh/new instance, set up swap space before anything else. Greater than 1GB is of no use on these general instances:]

echo "vm.swappiness=10" >> /etc/sysctl.conf
echo "vm.vfs_cache_pressure=200" >> /etc/sysctl.conf
sysctl -w vm.swappiness=10
sysctl -w vm.vfs_cache_pressure=200
dd if=/dev/zero of=/swapfile bs=1024 count=1048576
mkswap /swapfile
chmod 600 /swapfile
swapon /swapfile
echo "/swapfile swap swap defaults 0 0" >> /etc/fstab
free -m

[Use your own Country/City:]

a="Australia/Brisbane";export a;echo $a
ln -sf /usr/share/zoneinfo/$a /etc/localtime
date

[Change /etc/bashrc. I use this:]
vi /etc/bashrc
# [ "$PS1" = "\\s-\\v\\\$ " ] && PS1="[\u@\h \W]\\$ "
  [ "$PS1" = "\\s-\\v\\\$ " ] && PS1="[\u@DOMAIN.AU: \w]\\$ "

[save and exit]

vi /etc/selinux/config

# SELINUX=permissive
SELINUX=disabled

[save and exit]

dnf check-release-update

[Do the update before adding the packages below. e.g. dnf update --releasever=2022.0.20221019]

sync;sync;reboot

Log back in as root.

vi /etc/selinux/config

# SELINUX=permissive
SELINUX=disabled

[save and exit]

Create your backup user login for emergencies, to allow connection to the Ec2 Connect Serial Console

There may be an error not related to anything we do:

[sss_cache] [sysdb_domain_cache_connect] (0x0010): DB version too old [0.22], expected [0.23] for domain implicit_files!
Higher version of database is expected!
In order to upgrade the database, you must run SSSD.
Removing cache files in /var/lib/sss/db should fix the issue, but note that removing cache files will also remove all of your cached credentials.
Could not open available domains

To fix this, 
cd /var/lib/sss/db
rm *
sss_cache -E

Then add the user and so forth below

[Add a user, e.g. snoopy]
adduser snoopy
[Give snoopy a password:]
passwd snoopy

[Add snoopy to /etc/sudoers - note, when using the vi editor, go to the end of the file (SHIFT G), and append the entry. Then use :w! to save the entry]

vi /etc/sudoers

snoopy ALL=(ALL) NOPASSWD:ALL

[Exit the file after saving with SHIFT ZZ]

[Add the user to groups wheel and root:]
sudo usermod -aG wheel snoopy; sudo usermod -aG root snoopy

You can monitor the website is up with the free service from uptimerobot.com.

You can check if your swap space (free -m) is too high. e.g. approaching 300 is problematic. This is checked at midnight.

cd /home/ec2-user

vi services.sh
#!/bin/sh
let g=280
let f=0
h=`free -m|grep Swap|awk '{print $3}'`
let f="$h"
if [ $f -le $g ] ; then
        :
else
 d=`date`
 /usr/bin/systemctl stop httpd
 /usr/bin/systemctl stop mariadb
 /usr/bin/systemctl stop php-fpm
 /usr/bin/systemctl start php-fpm
 /usr/bin/systemctl start mariadb
 /usr/bin/systemctl start httpd
 k=`free -m|grep Swap|awk '{print $3}'`
 echo services.sh: date: $d freespace before: $h freespace after: $k>> /home/ec2-user/info.log
fi

exit

crontab -e

0 0 * * * /home/ec2-user/services.sh