Configure php mail service in centos 7

Sending Email via PHP in CentOS 7 using Sendmail

Step1: Install the below library
		# yum install sendmail

Step2: Allowing your server to send emails,
		If you are using SELinux on your CentOS 7 server, you have to allow sendmail to send emails using the following command:
		# setsebool -P httpd_can_sendmail=on

Step3: Restart the sendmail server
		# service sendmail restart				

Step4: Send a test email using PHP
		Enter the php interactive shell using this command:
		# php -a

Step5: In the interactive shell, paste the following line of code:
		# mail ('vjvr03@gmail.com', "Test email", "Test email from the Internet", null, "-f user@sender.com");		

Ste6: Viewing the sendmail log
		In order to monitor the mail log, you can use this command:

		# nano /var/log/maillog

STEP7: IN the logs if you are seeing the below error and the mails a not going immediately 
		# "unqualified hostname unknown; sleeping for retry unqualified hostname" 

STEP8: GO to hosts file in the etc folder of your server
		# nano /etc/hosts

STEP9: Check whether the configurations are matching the below lines. If not matching then chenge the code with the below code.

	FROM : 
		127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
		::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
		# Auto-generated hostname. Please do not remove this comment.
		127.0.0.1 Talent360

	TO : 
		127.0.0.1 localhost.localdomain localhost Talent360
		# Auto-generated hostname. Please do not remove this comment.
		104.237.9.117 Talent360
		::1 localhost.localdomain localhost


-------------------------------------HAPPY COADING--------------------------------

Reference:
http://fasterland.net/sending-email-via-php-centos-7-using-sendmail.html 

----------------------------------------------------------------------------------

// ======steps to gZip in the server=============

1) apachectl -t -D DUMP_MODULES |grep deflate

2) create a file in  cd /etc/httpd/conf.d
	."nano mod_deflate.conf"

3) add the below code in the above created file.
	<filesMatch "\.(js|html|css)$">
    SetOutputFilter DEFLATE
</filesMatch>

4) restart your httpd
	'"systemctl restart httpd"


// to get the git origin URL of the opened repo.
git remote get-url origin

How to create large db dumps from one db to other db

STEP 1 : GO to Home directoryin the phpmyadmin and go to export db
STEP 2 : Choose the custom export option and select your options and dump the db.
	NOTE : If you are going to export the whole Db's into a new server then you have to select what db;s you want to dump and you have to check Add CREATE DATABASE / USE statement in the options listed.

STEP 3 : Now you get a sql dump file which can be imported in any server.

STEP 4 : If you have your server access then go to 
			# /etc/phpMyAdmin/config.inc.php 
		and check for this variable -> $cfg['UploadDir'] = "/var/lib/phpMyAdmin/upload"
		The above mentioned variable will have a path, copy the path (ex: /var/lib/phpMyAdmin/upload)

STEP 5: Now go to the above mentioned path and copy your sql dump here.

STEP 6: Now go to phpMyAdmin and home -> imports 
			In File to Import: select # Select from the web server upload directory /var/lib/phpMyAdmin/upload/ and you will have a dropdown where your copied file is available here.
			Select it and import it 

STEP 7 : You are done the dump will create db's and dump the data init.

--------------------HAPPY CODING-----------------						 	  

// execute the below commands in the phpmyadmin of your server. 

// cmd for getting the max database connections.

	# show variables like "max_connections";

// cmd to increase the max database connections
	# set global max_connections = 200;

Field 'id'(column name) doesn't have a default value and you are not passing any value in the INSERT query.

NOTE : you have to configure the database in order to handle this special case by default you have to pass any data if the column default is mentioned as none, if it is mentioned default as NULL then no need to do any thing.  

There are 2 solutions mentioned below:

Solution 1
MySQL is most likely in STRICT SQL mode. Try to execute SQL query SET GLOBAL sql_mode='' or edit your my.cnf / my.ini to make sure you aren't setting STRICT_ALL_TABLES and/or STRICT_TRANS_TABLES.

Solution 2
If Solution-1 is not working then try Solution-2 as given in below steps:

Run MySQL Administrator tool as Administrator.
Then go to Startup Variable.
Then go to the Advance tab.
find SQL Mode and remove the STRICT_ALL_TABLES and/or STRICT_TRANS_TABLES and then Click on Apply Changes.
Restart MySQL Server.
Done.
Note: I have tested these solutions in MySQL Server 5.7

// to add a new JAVA environment to the server.(whether it is a test/development.)
	."nano .bash_profile"
	// add the below line inside this.
	."export SPRING_PROFILES_ACTIVE=dev" (specify your configuration name here.)

// after every configuration changeds in the OS execute the below command.
	."source filename"


 // to open ports in the cent os
	// to check the active zones.
		."firewall-cmd --get-active-zones"
	// use this below command and replace your port number with what ever port you want
		."firewall-cmd --zone=public --add-port=2888/tcp --permanent"
	//reload the firewall to load the new changes.
		."firewall-cmd --reload"
	//check the open ports in firewall
		."firewall-cmd --list-all"

// to restart any of the services
	."systemctl restart softwarename"

// Change the default 'root' password to a different password.
// can be used to change the password at any point of time by just mentioning the user at the end insterd of root.
. set/reset root password
	CMD - "passwd root"

// If needed create different users based on your requirement.
. add new user (e.g: us) 
	"adduser us"

// after the above step create a password for the above mentioned user. 
. set passwd for the new user (ex: us)
	"passwd us"

// new users has to be assigned to a group. 
. add new user to super privileges group (wheel) (ex: us)
	"gpasswd -a us wheel"
	
// "java -version" - (to get the version of the installed java.)

// restart httpd (apache)
"systemctl status httpd" - to get the satatus of the httpd. 
	"systemctl restart httpd" - to get the apache restarted.
	
	
// directory comands

// to unzip a file.
"unzip dist.zip"

// to remove the folder
"rm -rf dist"

// to remove a file.
"rm dist.zip"

//to create a zip out of a folder
"zip -r output_file.zip foldername"

"zip -r mysql.zip mysql"	

==========================
SETUP
==========================

// https://www.sslshopper.com/ssl-checker.html - to check whether the ssl is installed properly or not. 

Pre-requisite - Apache(httpd)

// installs ssl module for apache
	."yum install mod_ssl"

=============
Download your SSL certificates before you go further.(From where you bought your SSL for the domain name.)
============

// point the ip in the domain configuration from where you bought the domain.
 	."GO to DNS in the website where you bought the server and point the domain to the IP"


// place all the certificates in a directory in the server.
	."mostly place it in /certs"(certs will not be available by default create it)"
	
// create a empty directories in the below path one for placing your index.html file and another for logs. 
	."first create a directory in /var/www/html/us-test" - this is an example replace your directory name insterd of "us-test"
	."first create a directory in /var/www/html/logs" - create a log directory to store logs.
	
	."create a dummy index.html file with some sample page in the newly created directory in the above path."

// now cd in to httpd/conf file to add a new <virtualhost>
	."cd /etc/httpd/conf" - do ls after this which lists all the files in the directory
	."nano httpd.conf" - open the filewith nano
// add the below vertualhost tag code to configure ip for your domain name
	<VirtualHost test-upfront-security.com:80>   // - replace with your domain name with out www.
		DocumentRoot "/var/www/html/us-test"  // - point to the root ditectory of the website. 
		ServerName test-upfront-security.com  // - give the domain name again in the server name.
		Redirect / https://www.test-upfront-security.com  // - give this only if you have a ssl certificate installed. 
	    <Directory "/var/www/html/us-test">   // - poinr to the website root directory created in the above step. 
	       allow from all
	       Options None
	       Require all granted
	    </Directory>
	</VirtualHost>

//



// Edit the below file.
   ."nano /etc/httpd/conf.d/ssl.conf"

// create a new vertualhost tag with the belo code 
	<VirtualHost test-upfront-security.com:443>
     	SSLEngine on
     		SSLCertificateFile /certs/test-upfront-security.com.crt   - point to your ssl certificate file.
     		SSLCertificateKeyFile /certs/test-upfront-security-key.txt  - point ot your ssl key file.
	     	SSLCACertificateFile /certs/test-upfront-security.com.intreme.crt  - point to your ssl bundle file.
	     	SSLCertificateChainFile /certs/test-upfront-security.com.chain.crt  - point to youe chain file.

             ServerAdmin info@test-upfront-security.com
	     ServerName www.test-upfront-security.com
	     DocumentRoot /var/www/html/us-test
	     ErrorLog /var/www/html/logs/error.log
	     CustomLog /var/www/html/logs/access.log combined
	</VirtualHost>

=====================================================================================
<VirtualHost test-upfront-security.com:443>
     SSLEngine on
     SSLCertificateFile /certs/test-upfront-security.com.crt
     SSLCertificateKeyFile /certs/test-upfront-security-key.txt
     SSLCACertificateFile /certs/test-upfront-security.com.intreme.crt
     SSLCertificateChainFile /certs/test-upfront-security.com.chain.crt

     ServerAdmin info@test-upfront-security.com
     ServerName www.test-upfront-security.com
     DocumentRoot /var/www/html/us-test
     ErrorLog /var/www/html/logs/error.log
     CustomLog /var/www/html/logs/access.log combined
</VirtualHost>
=====================================================================================

// open the https port in the firewall
	."firewall-cmd --zone=public --permanent --add-service=https"
	."firewall-cmd --reload"  - reloades the firewall

3. Restart Apache to make available all the changes.
systemctl restart httpd

useful links:
https://www.linode.com/docs/security/ssl/ssl-apache2-centos/
https://www.digitalocean.com/community/tutorials/how-to-create-an-ssl-certificate-on-apache-for-centos-7


==========================
TROUBLESHOOTING
==========================

PKCS #1 
--BEGIN RSA PRIVATE KEY--
some large data chunk
--END RSA PRIVATE KEY--

PKCS #8
--BEGIN PRIVATE KEY--
some large data chunk
--END PRIVATE KEY--

# Convert PKCS #8 to PKCS #1 - Apache requires PKCS #1 key format
openssl rsa -in <some-name-key.txt> -out <some-name.pem>

Troubleshoot Unable to Load key Error: 
- copy the txt file content and create new file and retry.

#convert PKCS #8 key & SSL Certicate to PFX format - required by Spring boot
cat <some-name.key> <some-name.crt> |openssl pkcs12 -export -out <some-name.pfx>

#Extract decrypted Private Key and certificate from PFX file
openssl pkcs12 -in file.pfx -out file.pem -nodes

#Extract only Decrypted Private Key from PFX file
openssl pkcs12 -in myfile.pfx -nocerts -out private-key.pem -nodes

#Extract only Certificate from PFX file
openssl pkcs12 -in myfile.pfx -nokeys -out certificate.crt

#Generate PFX File
openssl pkcs12 -export -out certificate.pfx -inkey privkey.pem -in certificate.pem -certfile ca-chain.pem

#Convert PFX to JKS File
keytool -importkeystore -srckeystore gen-cert.pfx -srcstoretype pkcs12 -srcstorepass Sagar123# -srcalias 1 -destkeystore gen-cert.jks -deststoretype jks -deststorepass Sagar123# -destalias sagar

#Add Cert to JKS File
keytool -import -trustcacerts -alias root -file ca-bundle.pem -keystore gen-cert.jks

keytool -importcert -alias digid -keystore gen-cert.jks -file digid-idp.cer

#Remove Cert from JKS File
keytool -delete -alias aliasToRemove -keystore keystoreCopy.jks

-----YORENT SSL--------
Your account ID is 59964833

----It is a step by step process so open the website and start doing the process step by step---

1)  GO to the below website give the domain name as (yorent.in) and it asks to create ssl for (www.yorent.in) accept it.
	https://zerossl.com/free-ssl

2) After mentioning the Domain name and clicking next it generates a CSR certificate - Download it.
3) After clicking on next It generates Account Key - Download it.
4) Select "HTTP verification" on the bottom of the page and accept the Terms and Conditions. It takes you to a new page.

 Now You have to verify that the above mentioned domain name is your.
5) GO to your Websitr Root Directory and create the following path inside it(/.well-known/acme-challenge/)
6) Download the files provided by the website in the above mentioned path.
7) Now Click on the file link to verify the files are located at the correct path.
8) Before going to next step verify that the files are placed in the respective path and are accessable. Something like this link.(https://yorent.in/.well-known/acme-challenge/si76DZo-DOR5DVRKygICtXrHXvbTXqv4zSgmngJr-mc)


----Click next after placing the files in the respective location.----
9) Now if you have placed the files at the correct path it generates domain-crt and domain-key.
10) save the two files locally.
11) Open Godaddy - Cpanel - SSL/TLS - Certificates (CRT) - go to yorent domain and click INSTALL.
12) Then it open a page with all the previous certificates.
13) Remove the Expired Certificates and insert the new certificates. 
(Note: There will be two certificates in the domain-crt copy the first certificate and paste it in respective place)

14)After placing the certificate it should auto detect the domain name and certificate provider.
15) Click on the Install Certificates at the bottom and it activates the new certificate.

-------------------Happy Coding-------------------------


Your certificate is ready!
Congratulations on receiving your Free SSL Certificate. Please note that certificates are valid for 90 days, but they are free to renew. To renew just repeat the process, using the same LE key and CSR as you used last time. Using the same CSR means that you do not need a new domain key (it will stay the same) and will only need to update the certificate file on your server. Keep your keys and CSR safe. Make sure you remember where you saved your generated account key!

Your account ID is 59964833 - please write it down somewhere. You will not normally need this, but together with email it might help you to restore your account quicker if you lose your account key.

Important:

When installing the certificate, keep in mind that it should be used with the domain key, NOT the LE key from the "Details" screen. Domain key is the one you can download on this page.
The LE key should be only used on the "Details" screen when issuing or renewing your certificate. On renewal that will allow you to skip the verification of already verified domains.
Your certificate file contains both your domain certificate and the issuer's certificate. Most modern web servers will accept them as is. However, old versions of Apache, Amazon Web Services (AWS) and some control panels would want them separately. In that case just split the certificate file in two, preserving BEGIN and END lines around both certificates. The first one is your domain certificate, the second one is the issuer's, which in control panel interface may be called "Intermediate certificate", "Certificate chain" or "CA Bundle".

#! /bin/bash

sudo service lightdm stop
sudo stop nvidia-digits-server
sudo service docker stop
sudo modprobe -r nvidia-uvm
sudo service nvidia-docker stop

// To check the OS of the server.
	"cat /etc/os-release" (to check the operating system of the srever and version of it.) 


// Enter into the server for the first time.
. Type in the given server IP:104.237.9.126 and server default password.(Opens up the server [root@USTEST ~])

// Change the default 'root' password to a different password.
// can be used to change the password at any point of time by just mentioning the user at the end insterd of root.
. set/reset root password
	CMD - "passwd root"

// If needed create different users based on your requirement.
. add new user (e.g: us) 
	"adduser us"

// after the above step create a password for the above mentioned user. 
. set passwd for the new user (ex: us)
	"passwd us"

// new users has to be assigned to a group. 
. add new user to super privileges group (wheel) (ex: us)
	"gpasswd -a us wheel"

// Install firewall to protect your server.
. 	"yum install firewalld" - (install the firewall)
	"systemctl start firewalld" - (start the firewall after installation.)
	"systemctl enable firewalld" - (enable the firewall after starting it.)
	"systemctl status firewalld" - (check the status of the firewalld.)

// install java in the server. 
. install Java
	"yum install java-1.8.0-openjdk"
	"java -version" - (to get the version of the installed java.)

// set the java path in the environment.
. set JAVA_HOME environment variable
	"update-alternatives --config java"	- fetch java installation folder path (/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.212.b04-0.el7_6.x86_64/jre/bin/java)
	"nano .bash_profile" 			- edit profile file
	"export JAVA_HOME=<PATH>/jre/bin/java" 	- add java path at last in the file
	"source .bash_profile"			- refresh bash profile file
	"echo $JAVA_HOME"			- check env var

// install Apache server.
. install and start apache server
	"yum install -y httpd" - to install the httpd
	"systemctl start httpd" - to start the httpd
	"systemctl enable httpd" - to enable the httpd
	"systemctl status httpd" - to get the satatus of the httpd. 
	"systemctl restart httpd" - to get the apache restarted.

. open httpd port
	"firewall-cmd --permanent --zone=public --add-service=http"
	"firewall-cmd --reload"

. install extended package for enterprise linux
	"yum install -y epel-release" - ()

. install sudo
	"yum install sudo" - to install sudo users.

// yum is the primary tool for getting, installing, deleting, querying, and managing Red Hat Enterprise Linux RPM software packages from official Red Hat software repositories, as well as other third-party repositories. 
. update yum 
	"yum update" - To update your yum packages.

// install php.
. install php
	"yum install -y php"

// install phpmyadmin.
. install phpmyadmin
	"yum install -y phpmyadmin"

// c onfigure phpmyadmin in the configuration file.
. edit phpmyadmin configuration file
	"nano /etc/httpd/conf.d/phpMyAdmin.conf" 	- open configuration file
	<Directory /usr/share/phpMyAdmin/>
	<Directory /usr/share/phpMyAdmin/setup/>	- change following lines in these sections 
	// change following lines in these two above sections.
	# Require ip 127.0.0.1
      	# Require ip ::1				- comment this two line
	# Require all granted				- add this line

// Wget is a free and open source software package for retrieving files using HTTP, HTTPS, and FTP, the most widely-used Internet protocols.
// to download the files from a perticular link.
. install wget
	"yum install wget"

. update repository to include mysql
	"wget http://repo.mysql.com/mysql-community-release-el7-5.noarch.rpm" 	- download the mysql package
	"sudo rpm -ivh mysql-community-release-el7-5.noarch.rpm"		- add to red hat packages
	"yum update"								- update yum 

. install and start mysql
	"sudo yum install mysql-server"
	"sudo systemctl start mysqld"
	"sudo systemctl status mysqld"
	"sudo systemctl restart mysqld" - restart the mysql.

. secure mysql
	"mysql_secure_installation" - Follow this link: https://mariadb.com/kb/en/library/mysql_secure_installation/
	"sudo systemctl restart mysqld" - restart mysql server.
	"systemctl restart httpd" - restart the httpd instance.

. install and start ftp server
	"yum install vsftpd"
	"systemctl start vsftpd"
	"systemctl enable vsftpd"

. edit ftp server conf file
	"nano /etc/vsftpd/vsftpd.conf"  -Follow this link: https://linuxize.com/post/how-to-setup-ftp-server-with-vsftpd-on-centos-7/ 

// Reload the firewall.
	firewall-cmd --reload

Some useful Links:

https://www.digitalocean.com/community/tutorials/initial-server-setup-with-centos-7
https://www.digitalocean.com/community/tutorials/how-to-set-up-ssh-keys-on-centos7
https://www.digitalocean.com/community/tutorials/how-to-create-a-sudo-user-on-centos-quickstart
https://www.digitalocean.com/community/tutorials/how-to-set-up-a-firewall-using-firewalld-on-centos-7

https://linuxize.com/post/how-to-setup-ftp-server-with-vsftpd-on-centos-7/
https://mariadb.com/kb/en/library/mysql_secure_installation/