How to Install YOURLS self-hosted URL shortener on CentOS 8
YOURLS is a free, open-source and self-hosted URL shortener written in PHP. It is very similar to TinyURL or Bitly and allows you to run your own URL shortening service. It also allows you to add branding to your short URLs. It offers a rich set of features including, Private and Public link, Custom URL keywords, Historical click reports, Ajaxed interface, Jsonp support and many more.
In this tutorial, we will show you how to install YOURLS on CentOS 8 with Let's Encrypt SSL.
Prerequisites
- A server running CentOS 8.
- A valid domain name pointed with your server IP.
- A root password is configured the server.
Install LEMP Server
First, you will need to install Nginx, MariaDB, PHP and required PHP extensions in your server. You can install all of them with the following command:
dnf install nginx mariadb-server php php-fpm php-json php-common php-mysqlnd php-zip php-gd php-mbstring php-curl php-xml php-pear php-bcmath git unzip wget -y
Once all the packages are installed, edit the PHP-FPM configuration file /etc/php-fpm.d/www.conf and change the user from apache to nginx:
nano /etc/php-fpm.d/www.conf
Change the following lines:
user = nginx group = nginx
Save and close the file then start Nginx, MariaDB, PHP-FPM service and enable them to start at system reboot with the following command:
systemctl start nginx
systemctl enable nginx
systemctl start mariadb
systemctl enable mariadb
systemctl start php-fpm
systemctl enable php-fpm
Once you are finished, you can proceed to the next step.
Create a Database For YOURLS
Next, you will need to create a database and user for YOURLS. First, log in to the MariaDB with the following command:
mysql
Once login, create a database and user with the following command:
MariaDB [(none)]> CREATE DATABASE yourlsdb;
MariaDB [(none)]> GRANT ALL PRIVILEGES ON yourlsdb.* TO 'yourlsuser'@'localhost' IDENTIFIED BY 'password';
Next, flush the privileges and exit from the MariaDB with the following command:
MariaDB [(none)]> FLUSH PRIVILEGES;
MariaDB [(none)]> \q
At this point, MariaDB is installed and configured.
Install YOURLS
First, change the directory to Nginx web root and download the latest version of YOURLS with the following command:
cd /var/www/html
git clone https://github.com/YOURLS/YOURLS.git
Next, rename the sample config file with the following command:
cd YOURLS/user/
cp config-sample.php config.php
Next, edit the config.php file and define your database settings:
nano config.php
Change the following lines:
/** MySQL database username */
define( 'YOURLS_DB_USER', 'yourlsuser' );
/** MySQL database password */
define( 'YOURLS_DB_PASS', 'password' );
/** The name of the database for YOURLS
** Use lower case letters [a-z], digits [0-9] and underscores [_] only */
define( 'YOURLS_DB_NAME', 'yourlsdb' );
/** MySQL hostname.
** If using a non standard port, specify it like 'hostname:port', eg. 'localhost:9999' or '127.0.0.1:666' */
define( 'YOURLS_DB_HOST', 'localhost' );
/** MySQL tables prefix
** YOURLS will create tables using this prefix (eg `yourls_url`, `yourls_options`, ...)
** Use lower case letters [a-z], digits [0-9] and underscores [_] only */
define( 'YOURLS_DB_PREFIX', 'yourls_' );
define( 'YOURLS_SITE', 'http://yourls.example.com' );
$yourls_user_passwords = array(
'admin' => 'yourpassword',
Save and close the file when you are finished. Next, create an .htaccess file with the following command:
nano /var/www/html/YOURLS/.htaccess
Add the following lines:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^.*$ /yourls-loader.php [L]
</IfModule>
Save and close the file then give proper permissions and ownership with the following command:
chown -R nginx:nginx /var/www/html/YOURLS
chmod -R 775 /var/www/html/YOURLS
Once you are finished, you can proceed to the next step.
Configure Nginx for YOURLS
Next, create a new Nginx virtual host configuration file for YOURLS:
nano /etc/nginx/conf.d/yourls.conf
Add the following lines:
server {
listen 80;
server_name yourls.example.com;
root /var/www/html/YOURLS;
index index.php index.html index.htm;
location / {
try_files $uri $uri/ /yourls-loader.php$is_args$args;
}
location ~ \.php$ {
include fastcgi.conf;
fastcgi_index index.php;
fastcgi_pass unix:/run/php-fpm/www.sock;
}
}
Save and close the file then restart the Nginx and PHP-FPM service with the following command:
systemctl restart nginx
systemctl restart php-fpm
You can also verify the status of the Nginx with the following command:
systemctl status nginx
You should get the following output:
? nginx.service - The nginx HTTP and reverse proxy server
Loaded: loaded (/usr/lib/systemd/system/nginx.service; disabled; vendor preset: disabled)
Drop-In: /usr/lib/systemd/system/nginx.service.d
??php-fpm.conf
Active: active (running) since Tue 2020-10-20 09:37:40 EDT; 5min ago
Process: 12864 ExecStart=/usr/sbin/nginx (code=exited, status=0/SUCCESS)
Process: 12862 ExecStartPre=/usr/sbin/nginx -t (code=exited, status=0/SUCCESS)
Process: 12860 ExecStartPre=/usr/bin/rm -f /run/nginx.pid (code=exited, status=0/SUCCESS)
Main PID: 12871 (nginx)
Tasks: 3 (limit: 12523)
Memory: 5.5M
CGroup: /system.slice/nginx.service
??12871 nginx: master process /usr/sbin/nginx
??12872 nginx: worker process
??12873 nginx: worker process
Oct 20 09:37:40 centos systemd[1]: Stopped The nginx HTTP and reverse proxy server.
Oct 20 09:37:40 centos systemd[1]: Starting The nginx HTTP and reverse proxy server...
Oct 20 09:37:40 centos nginx[12862]: nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
Oct 20 09:37:40 centos nginx[12862]: nginx: configuration file /etc/nginx/nginx.conf test is successful
Oct 20 09:37:40 centos systemd[1]: Started The nginx HTTP and reverse proxy server.
Configure SELinux and Firewall
By default, SELinux is enabled in CentOS 8. So you will need to configure it for your YOURLS website.
You can configure the SELinux with the following command:
setsebool httpd_can_network_connect on -P
chcon -R -u system_u -t httpd_sys_rw_content_t -r object_r /var/www/html/YOURLS
Next, allow port 80 and 443 through the firewall with the following command:
firewall-cmd --permanent --add-service=http
firewall-cmd --permanent --add-service=https
firewall-cmd --reload
Once you are done, you can proceed to the next step.
Access YOURLS
Now, open your web browser and access the YOURLS using the URL http://yourls.example.com/admin. You should see the following page:
Click on the Install YOURLS button. You should see the following page:
lick on the “YOURLS Administration Page”. You should see the YOURLS login page:
Provide your admin username and password which you have defined in the config.php then click on the Login button. You should see the YOURLS dashboard in the following page:
Secure YOURLS with Let's Encrypt SSL
Next, you will need to install the Certbot utility in your system to download and install Let's Encrypt SSL for your YOURLS website.
You can install the Certbot client with the following command:
wget https://dl.eff.org/certbot-auto
mv certbot-auto /usr/local/bin/certbot-auto
chown root /usr/local/bin/certbot-auto
chmod 0755 /usr/local/bin/certbot-auto
Next, obtain and install an SSL certificate for your YOURLS website with the following command:
certbot-auto --nginx -d yourls.example.com
The above command will first install all the required dependencies on your server. Once installed, you will be asked to provide an email address and accept the term of service as shown below:
Saving debug log to /var/log/letsencrypt/letsencrypt.log Plugins selected: Authenticator nginx, Installer nginx Enter email address (used for urgent renewal and security notices) (Enter 'c' to cancel): [email protected] - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Please read the Terms of Service at https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must agree in order to register with the ACME server at https://acme-v02.api.letsencrypt.org/directory - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - (A)gree/(C)ancel: A - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Would you be willing to share your email address with the Electronic Frontier Foundation, a founding partner of the Let's Encrypt project and the non-profit organization that develops Certbot? We'd like to send you email about our work encrypting the web, EFF news, campaigns, and ways to support digital freedom. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - (Y)es/(N)o: Y Obtaining a new certificate Performing the following challenges: http-01 challenge for yourls.example.com Waiting for verification... Cleaning up challenges Deploying Certificate to VirtualHost /etc/nginx/conf.d/yourls.conf
Select whether you want to redirect HTTP traffic to HTTPS or not as shown below:
Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 1: No redirect - Make no further changes to the webserver configuration. 2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for new sites, or if you're confident your site works on HTTPS. You can undo this change by editing your web server's configuration. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2
Type 2 and hit Enter to continue. Once the installation has been completed successfully, you should get the following output:
Redirecting all traffic on port 80 to ssl in /etc/nginx/conf.d/yourls.conf - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Congratulations! You have successfully enabled https://yourls.example.com You should test your configuration at: https://www.ssllabs.com/ssltest/analyze.html?d=yourls.example.com - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - IMPORTANT NOTES: - Congratulations! Your certificate and chain have been saved at: /etc/letsencrypt/live/yourls.example.com/fullchain.pem Your key file has been saved at: /etc/letsencrypt/live/yourls.example.com/privkey.pem Your cert will expire on 2020-06-11. To obtain a new or tweaked version of this certificate in the future, simply run certbot-auto again with the "certonly" option. To non-interactively renew *all* of your certificates, run "certbot-auto renew" - If you like Certbot, please consider supporting our work by: Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate Donating to EFF: https://eff.org/donate-le
You can now access YOURLS website securely using the URL https://yourls.example.com.
Conclusion
Congratulations! you have successfully installed YOURLS with Nginx and Let's Encrypt SSL on CentOS 8. You can now host your own URL shortener easily with YOURLS. Feel free to ask me if you have any questions.
