Bonjour,
Voici comment installer phpIPAM.
Installer les dépendances :
yum install -y nginx mariadb-server php php-cli php-gd php-common php-ldap php-pdo php-pear php-snmp php-xml php-mysqli php-mbstring php-fpm php-json php-gmp wget fping
systemctl enable --now php-fpm nginx mariadb
Configurer MariaDB :
mysql_secure_installation
mysql -u root -p
CREATE DATABASE ipam;
CREATE USER 'phpipam'@localhost IDENTIFIED BY 'my_password';
GRANT ALL PRIVILEGES ON phpipam.* TO 'phpipam'@localhost IDENTIFIED BY 'my_password';
FLUSH PRIVILEGES;
EXIT
Augmenter le nombre de connexion sur MariaDB :
echo "max_connections = 200" >> /etc/my.cnf.d/mariadb-server.cnf
echo "max_allowed_packet = 128M" >> /etc/my.cnf.d/mariadb-server.cnf
systemctl restart mariadb
mysql -u root -p
SELECT @@GLOBAL.max_connections;
SELECT @@GLOBAL.max_allowed_packet;
EXIT
Télécharger phpIPAM :
wget https://github.com/phpipam/phpipam/releases/download/v1.5.0/phpipam-v1.5.0.tgz
Installer phpIPAM :
tar -xvf phpipam-v1.5.0.tgz && rm -f phpipam-v1.5.0.tgz
mkdir -p /var/www /root/.ssl
mv phpipam /var/www
cp /var/www/phpipam/config.dist.php /var/www/phpipam/config.php
chown -R nginx: /var/www/phpipam
Configurer PHP :
grep timezone /etc/php.ini
sed -i "s@;date.timezone =@date.timezone = Europe/Paris@g" /etc/php.ini
sed -i "s@memory_limit = 128M@memory_limit = 2G@g" /etc/php.ini
sed -i "s@; max_input_vars = 1000@max_input_vars = 50000@g" /etc/php.ini
sed -i "s@max_execution_time = 30@max_execution_time = 600@g" /etc/php.ini
systemctl restart php-fpm
Nginx avec phpIPAM :
nano /etc/nginx/conf.d/phpipam.conf
server {
listen 443 ssl http2;
server_name phpipam.my_domain.com;
root /var/www/phpipam;
index index.php;
access_log /var/log/nginx/phpipam-access.log;
error_log /var/log/nginx/phpipam-error.log error;
# allow larger file uploads and longer script runtimes
#client_max_body_size 100m;
#client_body_timeout 120s;
#sendfile off;
# SSL Configuration
ssl_certificate /root/.ssl/phpipam.my_domain.com.crt;
ssl_certificate_key /root/.ssl/phpipam.my_domain.com.key;
ssl_session_cache shared:SSL:10m;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384";
ssl_prefer_server_ciphers on;
# See https://hstspreload.org/ before uncommenting the line below.
# add_header Strict-Transport-Security "max-age=15768000; preload;";
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
add_header Content-Security-Policy "frame-ancestors 'self'";
add_header X-Frame-Options DENY;
add_header Referrer-Policy same-origin;
# Deny all attempts to access hidden files
# such as .htaccess, .htpasswd, .DS_Store (Mac).
location ~ /\. {
deny all;
}
# phpipam - api
location /phpipam/api/ {
try_files $uri $uri/ /phpipam/api/index.php;
}
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ ^(.+\.php)(.*)$ {
fastcgi_split_path_info ^(.+\.php)(.*)$;
fastcgi_index index.php;
fastcgi_pass php-fpm;
include /etc/nginx/mime.types;
include fastcgi_params;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
location ~ /\.ht {
deny all;
}
}
systemctl restart nginx
Voilà vous pouvez vous connecter sur votre application.