Neos is an innovative open source content management system which is great for creating and editing online content. With authors and editors in mind, Neos provides intuitive editing interface, structured content repository, multilingual content readiness, professional content workflows, and many more powerful features to facilitate content creation and management.
Prerequisites
- A newly deployed Rcs CentOS 7 x64 server instance. Say its IP address is
203.0.113.1
, and its hostname isneos
. - A domain
example.com
have been configured to point to the server instance mentioned above. You can learn more details about this in another Rcs tutorial. - A sudo user.
- The server instance has been updated to the latest stable status using the EPEL YUM repo.
- In a production environment, it's recommended to setup a swap file in order to obtain better performance.
Step 1: Setup an up to date LAMP stack
When deploying a content site based on Neos 3.2.0, it's necessary to setup an up to date LAMP stack before you can get the site up and running. For example, a qualified LAMP stack for Neos 3.2.0 nowadays will consist of:
- CentOS 7 x64, updated to the latest stable status,
- Apache 2.4,
- MariaDB 10.2, using the
utf8_unicode_ci
collation by default, and - PHP 7.1, or at least PHP 7.0.
There are many Rcs Docs to help you set up a LAMP stack, but the following is an example of the command line history for your information. Be aware that specific setting modifications for Neos will be included as well.
# Install and configure Apache 2.4.x
sudo yum install httpd -y
sudo sed -i 's/^/#&/g' /etc/httpd/conf.d/welcome.conf
sudo sed -i "s/Options Indexes FollowSymLinks/Options FollowSymLinks/" /etc/httpd/conf/httpd.conf
sudo systemctl start httpd.service
sudo systemctl enable httpd.service
# Install MariaDB 10.2.x
curl -sS https://downloads.mariadb.com/MariaDB/mariadb_repo_setup | sudo bash
sudo yum install MariaDB-server MariaDB-client -y
sudo systemctl start mariadb.service
sudo systemctl enable mariadb.service
# Secure MariaDB 10.2.x
sudo /usr/bin/mysql_secure_installation
# When prompted, answer questions as below:
# - Enter current password for root (enter for none): Just press the Enter button
# - Set root password? [Y/n]: Y
# - New password: your-MariaDB-root-password
# - Re-enter new password: your-MariaDB-root-password
# - Remove anonymous users? [Y/n]: Y
# - Disallow root login remotely? [Y/n]: Y
# - Remove test database and access to it? [Y/n]: Y
# - Reload privilege tables now? [Y/n]: Y
# Set the default collation of MariaDB as utf8_unicode_ci
cat <<EOF>> /tmp/collation.conf
[client]
default-character-set=utf8
[mysql]
default-character-set=utf8
[mysqld]
collation-server=utf8_unicode_ci
init-connect='SET NAMES utf8'
character-set-server=utf8
EOF
sudo cp /etc/my.cnf /etc/my.cnf.bak
sudo sed -i '/\[client-server\]/r /tmp/collation.conf' /etc/my.cnf
sudo systemctl restart mariadb.service
# Create a MariaDB database for Neos
mysql -u root -p
# For security purposes, be sure to replace "neos", "neosuser", and "yourpassword" with your own ones.
CREATE DATABASE neos;
CREATE USER 'neosuser'@'localhost' IDENTIFIED BY 'yourpassword';
GRANT ALL PRIVILEGES ON neos.* TO 'neosuser'@'localhost' IDENTIFIED BY 'yourpassword' WITH GRANT OPTION;
FLUSH PRIVILEGES;
EXIT;
# Install required PHP 7.1.x packages and configure PHP for Neos
sudo rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm
sudo yum install -y php71w php71w-mysqlnd php71w-common php71w-cli php71w-xml php71w-mbstring php71w-pecl-imagick php71w-mcrypt php71w-opcache php71w-imap php71w-process php71w-intl
sudo cp /etc/php.ini /etc/php.ini.bak
sudo sed -i 's#;date.timezone =#date.timezone = America/Los_Angeles#' /etc/php.ini
sudo sed -i "s/memory_limit = 128M/memory_limit = 250M/" /etc/php.ini
sudo sed -i '$a\xdebug.max_nesting_level = 500' /etc/php.ini
Step 2: Download and install Composer
Neos requires the Composer PHP dependency manager. You can use the following commands to install Composer 1.5.2 on your machine.
Note: In the future, you can always get the latest stable release of Composer from its official download page.
cd
php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
php -r "if (hash_file('SHA384', 'composer-setup.php') === '544e09ee996cdf60ece3804abc52599c22b1f40f4323403c44d44fdfdd586475ca9813a858088ffbc1f233e9b180f061') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"
php composer-setup.php
php -r "unlink('composer-setup.php');"
sudo mv composer.phar /usr/local/bin/composer
Step 3: Install Neos using Composer
With the help of Composer, you can install Neos and all required dependencies into a designated location.
cd
mkdir neos
cd neos
composer create-project --no-dev neos/neos-base-distribution .
For management purposes, move all Neos files to the /opt
directory, and then create a symbolic link from the web root directory /var/www/html
to the /opt/neos
directory, making all Neos files available for Apache.
sudo mv ~/neos /opt
sudo chown -R apache:apache /opt/neos
sudo ln -s /opt/neos /var/www/html/neos
Setup an Apache virtual host for the Neos site which will specify /var/www/html/neos/Web
as the web root directory.
Note: When deploying on your own machine, be sure to replace all example
values below with your own ones.
cat <<EOF | sudo tee /etc/httpd/conf.d/neos.conf
<VirtualHost *:80>
ServerAdmin admin@example.com
DocumentRoot /var/www/html/neos/Web
ServerName example.com
ServerAlias neos.example.com
<Directory /var/www/html/neos/Web>
Options FollowSymLinks
AllowOverride All
Order allow,deny
allow from all
</Directory>
ErrorLog /var/log/httpd/example.com-error_log
CustomLog /var/log/httpd/example.com-access_log common
</VirtualHost>
EOF
Restart Apache to apply all updates.
sudo systemctl restart httpd.service
Step 4: Modify firewall rules
In order to allow visitors to access your Neos site, you need to modify firewall rules as follows.
sudo firewall-cmd --zone=public --permanent --add-service=http
sudo firewall-cmd --zone=public --permanent --add-service=https
sudo firewall-cmd --reload
Step 5: Continue the installation from a web install wizard
Point your favorite web browser to http://example.com/setup
, and then you will be brought into the Neos web install wizard interface.
On the Login
page, you need to input the setup password and then click the Login
button before you can enter the setup interface. The password is stored in the /var/www/html/neos/Data/SetupPassword.txt
file, you can type the following command in your terminal window to get it.
cat /var/www/html/neos/Data/SetupPassword.txt
For security purposes, this file will be deleted after you successfully log in. Remember to write down the password for future reference.
On the Neos requirements check - Image Manipulation
page, make sure that the imagick
or gmagick
PHP extension has been installed and chosen, and then click the Next >
button to move on.
On the Configure database
page, input or select database details as below.
- DB Driver:
MySQL/MariaDB via PDO
- DB Username:
neosuser
- DB Password:
yourpassword
- DB Host:
127.0.0.1
- DB Name:
neos
Make sure that the database neos
is using the utf8
character set, and then click the Next >
button to move on.
On the Create administrator account
page, input site administrator's first name
, last name
, username
, and password
(twice), and then click the Next >
button to move on.
On the Create a new site
page, as a beginner, you can select the Neos.Demo
site package and then click the Next >
button to finish the setup.
Note: When you get familiar with Neos in the future, you can run the Neos web install wizard again to create your own site package on this page, and then use the new site package to build a custom Neos site.
Now, you can visit the Neos site's frontend page or manage the site in the Neos site's backend page. For your reference, useful links are listed below.
- Site frontend page:
http://example.com
- Site backend page:
http://example.com/neos
- Site setup page:
http://example.com/setup
Step 6: Post-installation instructions
When deploying your Neos site in a production environment, you also need to change the Flow application context from Development
(the default value) to Production
by inserting the line SetEnv FLOW_CONTEXT Production
to the Apache virtual host configuration as follows.
cat <<EOF | sudo tee /etc/httpd/conf.d/neos.conf
<VirtualHost *:80>
ServerAdmin admin@example.com
DocumentRoot /var/www/html/neos/Web
SetEnv FLOW_CONTEXT Production
ServerName example.com
ServerAlias neos.example.com
<Directory /var/www/html/neos/Web>
Options FollowSymLinks
AllowOverride All
Order allow,deny
allow from all
</Directory>
ErrorLog /var/log/httpd/example.com-error_log
CustomLog /var/log/httpd/example.com-access_log common
</VirtualHost>
EOF
Restart Apache to apply your modifications.
sudo systemctl restart httpd.service
If you create a site using the Neos.demo
site package in public, be sure to remove the Create account
button on the Try me
page to prevent unauthorized access.
Step 7 (Optional): Enable HTTPS
by deploying the Let's Encrypt certificate
To enhance the security of your Neos site, you can enable HTTPS
on your site by deploying a Let's Encrypt certificate.
First, use the vi
text editor to setup the FQDN (fully qualified domain name) on your server instance.
sudo vi /etc/hosts
Insert the following line before any existing lines.
203.0.113.1 neos.example.com neos
Save and quit.
:wq!
Use the hostname -f
command to confirm the result which will look like this.
neos.example.com
Install the Certbot utility which can automatically deploy the Let's Encrypt certificate and enable HTTPS
.
sudo yum install -y yum-utils
sudo yum-config-manager --enable rhui-REGION-rhel-server-extras rhui-REGION-rhel-server-optional
sudo yum install -y certbot-apache
Next, use the Certbot utility to deploy a Let's Encrypt certificate for the Apache web server running on your server instance.
sudo cp /etc/httpd/conf.d/neos.conf /etc/httpd/conf.d/neos.conf.bak
sudo certbot --apache
During the process, reply to questions, as shown below.
Enter email address (used for urgent renewal and security notices): `admin@example.com`
Agree Letsencrypt terms of service (A)gree/(Cancel): `A`
Would you be willing to share your email address (Y)es/(N)o: `Y`
Which names would you like to activate HTTPS for? 1: example.com 2:neos.example.com: `1,2`
Whether or not to redirect HTTP traffic to HTTPS, removing HTTP access? 1: No redirect/2: Redirect `2`
All HTTP
connections will now be redirected to HTTPS
.
Create a cron job as below to try to renew the Let's Encrypt certificate on your machine twice a day.
sudo crontab -e
Press "I
" to enter the insert mode, and then input the following line.
0 1,13 * * * /usr/bin/certbot renew
Save and quit.
:wq!
This concludes the tutorial. Thanks for reading.