HomeAdmin ManualHelpSpot 4 - Installation & SetupHelpSpot Server Setup: RedHat/CentOS

4. HelpSpot Server Setup: RedHat/CentOS

RedHat (RHEL) and CentOS have additional security and configuration that you may not find on Debian/Ubuntu servers. This guide will help you setup a Server on RedHat/CentOS servers that may be missing some PHP modules HelpSpot requires, along with some setup for ensuring HelpSpot will work in environments where SELinux is enabled.

We'll cover setting up an RedHat/CentOS server for use with HelpSpot.

This will install PHP, Apache and MariaDB (a MySQL drop-in replacement). PostgreSQL can alternatively be used.

As of CentOS 7/RedHat 7, MariaDB is the default "MySQL" database available. HelpSpot will work fine with MariaDB and it's replacement of the InnoDB storage engine, ExtraDB.

If you with to use MySQL over MariaDB, however, you can find the appropriate RPMs available for MySQL 5.6 here.

Install Apache & PHP

First we'll install Apache and PHP.

As of CentOS/RedHat 6, a required PHP package "php-imap" (and other optional ones) are not available with the standard repositories. We suggest getting the Fedora EPEL package repository if you are able to. This can be done with one command:

sudo rpm -Uvh \
    http://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-5.noarch.rpm

 

Note: If you are using the Amazon AWS RHEL7 image, you may need to enable the Extras and Optional repositories.
To do so, run the following:

# ONLY IF USING AMAZON AWS'S RHEL7 IMAGE
sudo yum-config-manager --enable rhui-REGION-rhel-server-extras rhui-REGION-rhel-server-optional

 

Once that's done, we can install all of the needed Apache and PHP packages:

# Install Apache + PHP
sudo yum install httpd php php-pdo php-mysql php-gd php-mcrypt php-curl php-imap php-xml

# Set Apache to start on boot:
sudo systemctl enable httpd.service

# Start Apache:
sudo service httpd start

Users of SELinux can also ensure that Apache has permission to use the network to connect to MySQL/MariaDB (essentially connect over 127.0.0.1 rather than via hostname "localhost"):

sudo setsebool -P httpd_can_network_connect_db on
sudo service httpd restart

Next we need to edit the PHP.ini configuration file for one needed adjustment: Setting the timezone. Newer PHP often throws off errors if the timezone isn't set, which can cause issues with HelpSpot's error reporter.

Edit /etc/php.ini and set the "date.timezone" setting to any valid timezone, such as UTC. HelpSpot will use the correct timezone within the application despite this setting, but this will prevent PHP from throwing "warning" and "notice" type errors about the timezone not being set.

Timezone:

Change this from:

;date.timezone =

to:

date.timezone = UTC

(Note that it is no longer commented out with the preceding ";" character)

Memory Limits:

We also suggest setting PHP memory limits up from the stock settings. What you need depends on your use case, typically if there are larger files being sent in as attachments. We recommend 128M or 256M as a memory limit.

memory_limit = 256M

Once this is done, restart Apache for the change to take affect:

sudo service httpd restart

Lastly we'll create an Apache VirtualHost for use with HelpSpot. You can skip this and add HelpSpot into the default /var/www/html directory, but this is more useful to add some extra security.

We'll make a few assumptions:

Create or edit file /etc/httpd/conf.d/vhosts.conf. The following VirtualHost is recommended for HelpSpot:

<VirtualHost *:80>
    ServerName support.example.com
    DocumentRoot /var/www/support.example.com

    <Directory /var/www/support.example.com>
        Options -Indexes +FollowSymLinks +MultiViews 
        # Disallow .htaccess file usage: 
        AllowOverride None 
        Require all granted
    </Directory>

    <Directory /var/www/support.example.com/data>
        # Disallow web access to "data" directory:
        Deny from all
    </Directory>
    
    ErrorLog /var/log/httpd/support.example.com-error.log
    # Possible values include: debug, info, notice, warn, error, crit, 
    # alert, emerg. LogLevel warn
    CustomLog /var/log/httpd/support.example.com-access.log combined
</VirtualHost>

This configuration will be read automatically by Apache. Once that's saved, you can ensure your configuration is OK:

sudo service httpd configtest

If everything checks out, reload Apache to load in the new config:

sudo service httpd reload

Install MariaDB

We'll next install MariaDB, the drop-in replace for MySQL which CentOS7/RedHat7 now come with.

sudo yum install mariadb-server
sudo systemctl enable mariadb.service
sudo service mariadb start
sudo mysql_secure_installation

Once that's installed and you've run through the steps to secure the installation (remove test databases and anything but local root access), you can optionally setup MariaDB to be listen on the localhost network 127.0.0.1. (Otherwise you will only be able to connect to it with hostname "localhost"). Use this in conjunction with the SELinux setsebool above, if you are using SELinux.

Edit the /etc/my.cnf.d/server.cnf and append the following under [mysqld]:

[mysqld]
bind-address = 127.0.0.1

Then restart MariaDB:

sudo service mariadb restart

Once that's done, we can create a new database for HelpSpot. Run the following SQL after logging into the mysql command:

Log in:

# This will prompt you for the root password:
mysql -u root -p

Then use the following to create a new database:

CREATE DATABASE helpspot_db
    CHARACTER SET utf8mb4
    COLLATE utf8mb4_unicode_ci;

This will create a database. The last step is to create a user that can connect to the HelpSpot database locally. We'll use "localhost" For the host that the user can connect from. You should create additional users with other hosts or IP addresses defined if connecting to a remote MySQL server.

Still within the MySQL command prompt, run the following two commands. Note I'm assuming you created a database named "helpspot_db" and want a user named "helpspot_user". Also use a more secure password than the example here:

CREATE USER 'helpspot_user'@'localhost' IDENTIFIED BY 'some_secure_password';
GRANT ALL PRIVILEGES on helpspot_db.* TO 'helpspot_user'@'localhost';

Once that's done, edit your HelpSpot's config.php file to use the database and password you created above.

IonCube Loader

We recommend using the IonCube loader to read HelpSpot code files. In future HelpSpot versions, we may do away with Zend Loader support do to issues in building HelpSpot with the Zend Loader.

IonCube loader can be downloaded from here. You'll likely need the Linux 64bit version. Downloading the Uploader file of the appropriate version will download the Loader files and an HTML wizard which will inform you of how to install the IonCube loader. Downloading these files and running the wizard can be done by:

An example vide of this process of installing IonCube loader via the wizard can be seen here.

A list of command which should work for the latest CentOS/IonCube (assuming they install php version 5.4):

curl -o ioncube_loaders_lin_x86-64.tar.gz \
     http://downloads3.ioncube.com/loader_downloads/ioncube_loaders_lin_x86-64.tar.gz

# Uncompress .tar.gz file
tar -xvf ioncube_loaders_lin_x86-64.tar.gz

# Change into the new ioncube files
cd ioncube

# Add the ioncube loader for php 5.4, assuming that is what's installed
sudo cp ioncube_loader_lin_5.4.so /usr/lib64/php/modules/ioncube_loader_lin_5.4.so

# If you are using SELinux, give this file the proper owner and SELinux contenx:
sudo chown root:root /usr/lib64/php/modules/ioncube_loader_lin_5.4.so
sudo chcon -v --user=system_u --role=object_r --type=lib_t \
     /usr/lib64/php/modules/ioncube_loader_lin_5.4.so

# Edit/create the php module to load IonCube:
sudo vi /etc/php.d/00-ioncube.ini

Make the 00-ioncube.ini file look like this:

; Enable ioncube extension module
zend_extension=/usr/lib64/php/modules/ioncube_loader_lin_5.4.so

Then restart Apache:

sudo service httpd restart

HelpSpot Files & SELinux

If you are using SELinux, and assuming your HelpSpot installation is found at /var/www/support.example.com, make sure that your HelpSpot has the proper SELinux settings. We'll also ensure the "data" can be written to, as needed by HelpSpot.

# Set file ownership for HelpSpot files
sudo chown -R apache:apache /var/www/support.example.com

# Check current SELinux settings for HelpSpot files:
cd /var/www/support.example.com
ls -Z

# Set SELinux context for Apache files:
sudo chcon -Rv --user=system_u --role=object_r --type=httpd_sys_content_t \
    /var/www/support.example.com

# Set write ability to "data" directory:
sudo chmod -R gu+rw /var/www/support.example.com/data

# Ensure SELinux allows Apache has permission to write to the data directory:
sudo chcon -Rv --type=httpd_sys_content_rw_t /var/www/support.example.com/data

Wrapping Up

Once these steps are done, you can include your HelpSpot files in the /var/www/support.example.com directory, copy the config-empty.php file to config.php, edit that config.php file as needed (database configuration + cHOST variables) and then run the installer.php file from your web browser e.g. http://support.example.com/installer.php.

If you experience errors, check for PHP errors at the configured Apache error log. In this example, that log location is /var/log/httpd/support.example.com-error.log.

You may also wish to edit the /etc/php.ini file to change PHP configuration. For example, you may wish to enable display_errors and set the error_reporting to the example "development" setting to see more errors and debug potential issues during HelpSpot installation.

If you edit the php.ini file, be sure to restart Apache after configuration changes:

sudo service httpd restart

Assuming everything else is setup, you are now ready to run HelpSpot's installer. This is usually done in the web browser, using "installer.php" (e.g. http://your-helpspot-site.com/installer.php), but you can also run the installer using HelpSpot's new "install" CLI command as well.

This page was: Helpful | Not Helpful