How to Install the Neos CMS on CentOS 7

Published on: Mon, Jan 29, 2018 at 5:57 pm EST

Neos is an innovative open source content management system which is great for creating and editing online content. With authors and editors in mind, Neos provides intuitive editing interface, structured content repository, multilingual content readiness, professional content workflows, and many more powerful features to facilitate content creation and management.

Prerequisites

  • A newly deployed Vultr CentOS 7 x64 server instance. Say its IP address is 203.0.113.1, and its hostname is neos.
  • A domain example.com have been configured to point to the server instance mentioned above. You can learn more details about this in another Vultr tutorial.
  • A sudo user.
  • The server instance has been updated to the latest stable status using the EPEL YUM repo.
  • In a production environment, it's recommended to setup a swap file in order to obtain better performance.

Step 1: Setup an up to date LAMP stack

When deploying a content site based on Neos 3.2.0, it's necessary to setup an up to date LAMP stack before you can get the site up and running. For example, a qualified LAMP stack for Neos 3.2.0 nowadays will consist of:

  • CentOS 7 x64, updated to the latest stable status,
  • Apache 2.4,
  • MariaDB 10.2, using the utf8_unicode_ci collation by default, and
  • PHP 7.1, or at least PHP 7.0.

There are many Vultr Docs to help you set up a LAMP stack, but the following is an example of the command line history for your information. Be aware that specific setting modifications for Neos will be included as well.

# Install and configure Apache 2.4.x
sudo yum install httpd -y
sudo sed -i 's/^/#&/g' /etc/httpd/conf.d/welcome.conf
sudo sed -i "s/Options Indexes FollowSymLinks/Options FollowSymLinks/" /etc/httpd/conf/httpd.conf
sudo systemctl start httpd.service
sudo systemctl enable httpd.service

# Install MariaDB 10.2.x
curl -sS https://downloads.mariadb.com/MariaDB/mariadb_repo_setup | sudo bash
sudo yum install MariaDB-server MariaDB-client -y
sudo systemctl start mariadb.service
sudo systemctl enable mariadb.service

# Secure MariaDB 10.2.x
sudo /usr/bin/mysql_secure_installation
# When prompted, answer questions as below:
# - Enter current password for root (enter for none): Just press the Enter button
# - Set root password? [Y/n]: Y
# - New password: your-MariaDB-root-password
# - Re-enter new password: your-MariaDB-root-password
# - Remove anonymous users? [Y/n]: Y
# - Disallow root login remotely? [Y/n]: Y
# - Remove test database and access to it? [Y/n]: Y
# - Reload privilege tables now? [Y/n]: Y

# Set the default collation of MariaDB as utf8_unicode_ci
cat <<EOF>> /tmp/collation.conf
[client]
default-character-set=utf8
[mysql]
default-character-set=utf8
[mysqld]
collation-server=utf8_unicode_ci
init-connect='SET NAMES utf8'
character-set-server=utf8
EOF
sudo cp /etc/my.cnf /etc/my.cnf.bak
sudo sed -i '/\[client-server\]/r /tmp/collation.conf' /etc/my.cnf
sudo systemctl restart mariadb.service

# Create a MariaDB database for Neos
mysql -u root -p
# For security purposes, be sure to replace "neos", "neosuser", and "yourpassword" with your own ones. 
CREATE DATABASE neos;
CREATE USER 'neosuser'@'localhost' IDENTIFIED BY 'yourpassword';
GRANT ALL PRIVILEGES ON neos.* TO 'neosuser'@'localhost' IDENTIFIED BY 'yourpassword' WITH GRANT OPTION;
FLUSH PRIVILEGES;
EXIT;

# Install required PHP 7.1.x packages and configure PHP for Neos
sudo rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm
sudo yum install -y php71w php71w-mysqlnd php71w-common php71w-cli php71w-xml php71w-mbstring php71w-pecl-imagick php71w-mcrypt php71w-opcache php71w-imap php71w-process php71w-intl
sudo cp /etc/php.ini /etc/php.ini.bak
sudo sed -i 's#;date.timezone =#date.timezone = America/Los_Angeles#' /etc/php.ini
sudo sed -i "s/memory_limit = 128M/memory_limit = 250M/" /etc/php.ini
sudo sed -i '$a\xdebug.max_nesting_level = 500' /etc/php.ini

Step 2: Download and install Composer

Neos requires the Composer PHP dependency manager. You can use the following commands to install Composer 1.5.2 on your machine.

Note: In the future, you can always get the latest stable release of Composer from its official download page.

cd
php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
php -r "if (hash_file('SHA384', 'composer-setup.php') === '544e09ee996cdf60ece3804abc52599c22b1f40f4323403c44d44fdfdd586475ca9813a858088ffbc1f233e9b180f061') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"
php composer-setup.php
php -r "unlink('composer-setup.php');"
sudo mv composer.phar /usr/local/bin/composer

Step 3: Install Neos using Composer

With the help of Composer, you can install Neos and all required dependencies into a designated location.

cd
mkdir neos
cd neos
composer create-project --no-dev neos/neos-base-distribution .

For management purposes, move all Neos files to the /opt directory, and then create a symbolic link from the web root directory /var/www/html to the /opt/neos directory, making all Neos files available for Apache.

sudo mv ~/neos /opt
sudo chown -R apache:apache /opt/neos
sudo ln -s /opt/neos /var/www/html/neos

Setup an Apache virtual host for the Neos site which will specify /var/www/html/neos/Web as the web root directory.

Note: When deploying on your own machine, be sure to replace all example values below with your own ones.

cat <<EOF | sudo tee /etc/httpd/conf.d/neos.conf
<VirtualHost *:80>
ServerAdmin admin@example.com
DocumentRoot /var/www/html/neos/Web
ServerName example.com
ServerAlias neos.example.com
<Directory /var/www/html/neos/Web>
Options FollowSymLinks
AllowOverride All
Order allow,deny
allow from all
</Directory>
ErrorLog /var/log/httpd/example.com-error_log
CustomLog /var/log/httpd/example.com-access_log common
</VirtualHost>
EOF

Restart Apache to apply all updates.

sudo systemctl restart httpd.service

Step 4: Modify firewall rules

In order to allow visitors to access your Neos site, you need to modify firewall rules as follows.

sudo firewall-cmd --zone=public --permanent --add-service=http
sudo firewall-cmd --zone=public --permanent --add-service=https
sudo firewall-cmd --reload

Step 5: Continue the installation from a web install wizard

Point your favorite web browser to http://example.com/setup, and then you will be brought into the Neos web install wizard interface.

On the Login page, you need to input the setup password and then click the Login button before you can enter the setup interface. The password is stored in the /var/www/html/neos/Data/SetupPassword.txt file, you can type the following command in your terminal window to get it.

cat /var/www/html/neos/Data/SetupPassword.txt

For security purposes, this file will be deleted after you successfully log in. Remember to write down the password for future reference.

On the Neos requirements check - Image Manipulation page, make sure that the imagick or gmagick PHP extension has been installed and chosen, and then click the Next > button to move on.

On the Configure database page, input or select database details as below.

  • DB Driver: MySQL/MariaDB via PDO
  • DB Username: neosuser
  • DB Password: yourpassword
  • DB Host: 127.0.0.1
  • DB Name: neos

Make sure that the database neos is using the utf8 character set, and then click the Next > button to move on.

On the Create administrator account page, input site administrator's first name, last name, username, and password (twice), and then click the Next > button to move on.

On the Create a new site page, as a beginner, you can select the Neos.Demo site package and then click the Next > button to finish the setup.

Note: When you get familiar with Neos in the future, you can run the Neos web install wizard again to create your own site package on this page, and then use the new site package to build a custom Neos site.

Now, you can visit the Neos site's frontend page or manage the site in the Neos site's backend page. For your reference, useful links are listed below.

  • Site frontend page: http://example.com
  • Site backend page: http://example.com/neos
  • Site setup page: http://example.com/setup

Step 6: Post-installation instructions

When deploying your Neos site in a production environment, you also need to change the Flow application context from Development (the default value) to Production by inserting the line SetEnv FLOW_CONTEXT Production to the Apache virtual host configuration as follows.

cat <<EOF | sudo tee /etc/httpd/conf.d/neos.conf
<VirtualHost *:80>
ServerAdmin admin@example.com
DocumentRoot /var/www/html/neos/Web
SetEnv FLOW_CONTEXT Production
ServerName example.com
ServerAlias neos.example.com
<Directory /var/www/html/neos/Web>
Options FollowSymLinks
AllowOverride All
Order allow,deny
allow from all
</Directory>
ErrorLog /var/log/httpd/example.com-error_log
CustomLog /var/log/httpd/example.com-access_log common
</VirtualHost>
EOF

Restart Apache to apply your modifications.

sudo systemctl restart httpd.service

If you create a site using the Neos.demo site package in public, be sure to remove the Create account button on the Try me page to prevent unauthorized access.

Step 7 (Optional): Enable HTTPS by deploying the Let's Encrypt certificate

To enhance the security of your Neos site, you can enable HTTPS on your site by deploying a Let's Encrypt certificate.

First, use the vi text editor to setup the FQDN (fully qualified domain name) on your server instance.

sudo vi /etc/hosts

Insert the following line before any existing lines.

203.0.113.1 neos.example.com neos

Save and quit.

:wq!

Use the hostname -f command to confirm the result which will look like this.

neos.example.com

Install the Certbot utility which can automatically deploy the Let's Encrypt certificate and enable HTTPS.

sudo yum install -y yum-utils
sudo yum-config-manager --enable rhui-REGION-rhel-server-extras rhui-REGION-rhel-server-optional
sudo yum install -y certbot-apache

Next, use the Certbot utility to deploy a Let's Encrypt certificate for the Apache web server running on your server instance.

sudo cp /etc/httpd/conf.d/neos.conf /etc/httpd/conf.d/neos.conf.bak
sudo certbot --apache

During the process, reply to questions, as shown below.

Enter email address (used for urgent renewal and security notices): `admin@example.com`
Agree Letsencrypt terms of service (A)gree/(Cancel): `A`
Would you be willing to share your email address (Y)es/(N)o: `Y`
Which names would you like to activate HTTPS for? 1: example.com 2:neos.example.com: `1,2`
Whether or not to redirect HTTP traffic to HTTPS, removing HTTP access? 1: No redirect/2: Redirect `2`

All HTTP connections will now be redirected to HTTPS.

Create a cron job as below to try to renew the Let's Encrypt certificate on your machine twice a day.

sudo crontab -e

Press "I" to enter the insert mode, and then input the following line.

0 1,13 * * * /usr/bin/certbot renew

Save and quit.

:wq!

This concludes the tutorial. Thanks for reading.