How to Install Bolt CMS on CentOS 7

Bolt is a sophisticated, lightweight and simple CMS built with PHP. It is released under the open source MIT-license and source code is hosted as a public repository on Github. Bolt is a tool for Content Management, which strives to be as simple and straightforward as possible. It is quick to set up, easy to configure, uses elegant templates. Bolt is created using modern open source libraries and is best suited to build sites in HTML5 with modern markup. In this tutorial, we will go through the Bolt CMS installation on CentOS 7 system by using Nginx as a web server, MariaDB as a database server, and optionally you can secure transport layer by using acme.sh client and Let's Encrypt certificate authority to add SSL support.

Requirements

The system requirements for Bolt are modest, and it should run on any fairly modern web server:

  • PHP version 5.5.9 or higher with the following common PHP extensions: pdo, mysqlnd, pgsql, openssl, curl, gd, intl, json, mbstring, opcache, posix, xml, fileinfo, exif, zip.
  • Access to SQLite (which comes bundled with PHP), or MySQL or PostgreSQL.
  • Apache with mod_rewrite enabled (.htaccess files) or Nginx (virtual host configuration covered below).
  • A minimum of 32MB of memory allocated to PHP.

Prerequisites

  • An operating system running CentOS 7.
  • A non-root user with sudo privileges.

Initial steps

Check your CentOS version:

cat /etc/centos-release
# CentOS Linux release 7.6.1810 (Core)

Set up the timezone:

timedatectl list-timezones
sudo timedatectl set-timezone 'Region/City'

Update your operating system packages (software). This is an important first step because it ensures you have the latest updates and security fixes for your operating system's default software packages:

sudo yum update -y

Install some essential packages that are necessary for basic administration of the CentOS operating system:

sudo yum install -y curl wget vim git unzip socat bash-completion epel-release

Step 1 - Install PHP and necessary PHP extensions

Setup the Webtatic YUM repo:

sudo rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm

Install PHP, as well as the necessary PHP extensions:

sudo yum install -y php72w-cli php72w-fpm php72w-common php72w-mbstring php72w-zip php72w-pgsql php72w-sqlite3 php72w-curl php72w-gd php72w-mysql php72w-intl php72w-json php72w-opcache php72w-xml php72w-process

To show PHP compiled in modules, you can run:

php -m

ctype
curl
exif
fileinfo
. . .
. . .

Check the PHP version:

php --version

# PHP 7.2.14 (cli) (built: Jan 12 2019 12:47:33) ( NTS )
# Copyright (c) 1997-2018 The PHP Group
# Zend Engine v3.2.0, Copyright (c) 1998-2018 Zend Technologies
# with Zend OPcache v7.2.14, Copyright (c) 1999-2018, by Zend Technologies

Start and enable PHP-FPM service:

sudo systemctl start php-fpm.service
sudo systemctl enable php-fpm.service

We can move on to the next step, which is the database installation and setup.

Step 2 - Install MariaDB and create a database for Bolt CMS

Bolt CMS supports MySQL, MariaDB and PostgreSQL databases. In this tutorial, we will use MariaDB as a database server.

Install MariaDB database server:

sudo yum install -y mariadb-server

Check the MariaDB version:

mysql --version

Start and enable MariaDB service:

sudo systemctl start mariadb.service
sudo systemctl enable mariadb.service

Run mysql_secure installation script to improve MariaDB security and set the password for MariaDB root user:

sudo mysql_secure_installation

Answer each of the questions:

Would you like to setup VALIDATE PASSWORD plugin? N
New password: your_secure_password
Re-enter new password: your_secure_password
Remove anonymous users? [Y/n] Y
Disallow root login remotely? [Y/n] Y
Remove test database and access to it? [Y/n] Y
Reload privilege tables now? [Y/n] Y

Connect to MariaDB shell as the root user:

sudo mysql -u root -p
# Enter password

Create an empty MariaDB database and user for Bolt CMS and remember the credentials:

MariaDB> CREATE DATABASE dbname;
MariaDB> GRANT ALL ON dbname.* TO 'username' IDENTIFIED BY 'password';
MariaDB> FLUSH PRIVILEGES;

Exit from MariaDB:

MariaDB> exit

Replace dbname, username and password with your own names.

Step 3 - Install acme.sh client and obtain Let's Encrypt certificate (optional)

Securing your website with HTTPS is not necessary, but it is a good practice to secure your site traffic. In order to obtain a TLS certificate from Let's Encrypt we will use acme.sh client. Acme.sh is a pure UNIX shell software for obtaining TLS certificates from Let's Encrypt with zero dependencies. 

Download and install acme.sh:

sudo su - root
git clone https://github.com/Neilpang/acme.sh.git
cd acme.sh 
./acme.sh --install --accountemail [email protected]
source ~/.bashrc
cd ~

Check acme.sh version:

acme.sh --version
# v2.8.1

Obtain RSA and ECC/ECDSA certificates for your domain/hostname:

# RSA 2048
acme.sh --issue --standalone -d example.com --keylength 2048
# ECDSA
acme.sh --issue --standalone -d example.com --keylength ec-256

If you want fake certificates for testing you can add --staging flag to the above commands.

After running the above commands, your certificates and keys will be in:

  • For RSA: /home/username/example.com directory.
  • For ECC/ECDSA: /home/username/example.com_ecc directory.

To list your issued certs you can run:

acme.sh --list

Create directories to store your certs. We will use /etc/letsencrypt directory.

mkdir -p /etc/letsecnrypt/example.com
sudo mkdir -p /etc/letsencrypt/example.com_ecc

Install/copy certificates to /etc/letsencrypt directory.

# RSA
acme.sh --install-cert -d example.com --cert-file /etc/letsencrypt/example.com/cert.pem --key-file /etc/letsencrypt/example.com/private.key --fullchain-file /etc/letsencrypt/example.com/fullchain.pem --reloadcmd "sudo systemctl reload nginx.service"
# ECC/ECDSA
acme.sh --install-cert -d example.com --ecc --cert-file /etc/letsencrypt/example.com_ecc/cert.pem --key-file /etc/letsencrypt/example.com_ecc/private.key --fullchain-file /etc/letsencrypt/example.com_ecc/fullchain.pem --reloadcmd "sudo systemctl reload nginx.service"

All the certificates will be automatically renewed every 60 days.

After obtaining certs exit from the root user and return back to normal sudo user:

exit

Step 4 - Install NGINX and configure NGINX for Bolt CMS

Bolt CMS can work fine with many popular web server software. In this tutorial, we selected Nginx. If you prefer Apache web server over Nginx, check out https://docs.bolt.cm/3.6/installation/webserver/apache to learn more.

Download and install Nginx from the CentOS repository:

sudo yum install -y nginx

Check the Nginx version:

nginx -v
# nginx version: nginx/1.12.2

Start and enable Nginx service:

sudo systemctl start nginx.service
sudo systemctl enable nginx.service

Configure Nginx for Bolt CMS by running:

sudo vim /etc/nginx/conf.d/bolt.conf

And populate the file with the following configuration:

server {

listen 80;
listen 443 ssl http2;
server_name example.com;
root /var/www/bolt/public;
index index.php;

# RSA
ssl_certificate /etc/letsencrypt/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/example.com/private.key;
# ECC
ssl_certificate /etc/letsencrypt/example.com_ecc/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/example.com_ecc/private.key;

location / {
try_files $uri $uri/ /index.php?$query_string;
}

location = /bolt {
try_files $uri /index.php?$query_string;
}

location ^~ /bolt/ {
try_files $uri /index.php?$query_string;
}

location ~ /index.php/(.*) {
rewrite ^/index.php/(.*) /$1 permanent;
}

location ~ /\. { deny all; }
location ~ /\.(htaccess|htpasswd)$ { deny all; }
location ~ /\.(?:db)$ { deny all; }
location ~* /(.*)\.(?:markdown|md|twig|yaml|yml)$ { deny all; }

location ~ [^/]\.php(/|$) {
include default.d/php.conf;
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param HTTP_PROXY "";
fastcgi_param HTTPS $https if_not_empty;
fastcgi_pass 127.0.0.1:9000;
}

}

NOTE: For complete and production ready Nginx config for Bolt CMS check out https://docs.bolt.cm/3.6/installation/webserver/nginx.

Check Nginx configuration for syntax errors:

sudo nginx -t

Reload Nginx service:

sudo systemctl reload nginx.service

Step 5 - Install Bolt CMS

Create /var/www directory:

sudo mkdir -p /var/www/

Navigate to /var/www directory:

cd /var/www/

Download the latest release Bolt CMS via wget and unzip it:

sudo wget https://bolt.cm/distribution/bolt-latest.zip && sudo unzip bolt-latest.zip

Remove downloaded bolt-latest.zip file:

sudo rm bolt-latest.zip

Rename the bolt-v3.6.4 directory to just bolt:

sudo mv bolt-v3.6.4 bolt

Change directory to document root:

cd /var/www/bolt

To finish the installation you will need to rename the following files:

sudo mv .bolt.yml.dist .bolt.yml
sudo mv composer.json.dist composer.json
sudo mv composer.lock.dist composer.lock
sudo mv src/Site/CustomisationExtension.php.dist src/Site/CustomisationExtension.php

Provide the appropriate ownership:

sudo chown -R nginx:nginx /var/www/bolt

Run sudo vim /etc/php-fpm.d/www.conf and set the user and group to nginx. Initially, they will be set to apache:

sudo vim /etc/php-fpm.d/www.conf
# user = nginx
# group = nginx

Restart PHP-FPM service:

sudo systemctl restart php-fpm.service

Navigate to the folder where you uploaded Bolt CMS in your web browser and follow the instructions on the screen.

Step 6 - Complete the Bolt CMS Installation and Setup

After opening your site in a web browser, you should be redirected to the following page:

Bolt CMS setup wizard

Fill in the required information to create a user and click the "Create the first user" button to continue. After that Bolt CMS admin interface should show up:

Bolt CMS dashboard

Bolt CMS installation is now finished. To access Bolt CMS admin append /bolt to your site IP or domain.

Share this page:

1 Comment(s)