# Installer


The script closes all ports except current SSH port, 80, 443. If your SSH is installed on a non-standard port, you will lose access to the console.

# How to run

  1. Open Terminal and log in to the server:

    ssh root@x.x.x.x

  2. Change x.x.x.x to the server's ip-address.

  3. Enter the password. Don't worry abount not seen any feedback while typing the password.

  4. When you successfully logged in the server, copy and paste that command:

    yum update -y && curl keitaro.io/install.sh > run && bash run

  5. Enter the license key when the installer ask you, then Enter.

That's it. In 5-10 minutes, you'll get the admin panel URL, login and password.


# What will be installed?

Single-click installation will:

  • Install the latest versions of Nginx, MariaDB, Redis, PHP 7
  • Configure Nginx, PHP-FPM, MariaDB
  • Install Monit to monitor Nginx, MariaDB and PHP-FPM
  • Configure firewall
  • Connect a free SSL certificate from Let's Encrypt (with automatic extension)
  • Install Keitaro

# The installation stopped right after the license key input

Make sure the license IP is the correct and coincides with the IP of the server you are installing Keitaro on.

# How to continue the installation process after the error

Run again the installation command. All parameters which were previously entered will be restored automatically.

# How to share install.log

You can upload the file to transfer.sh, just run this command:

curl -H "Max-Downloads: 1" -H "Max-Days: 5" --upload-file ./install.log https://transfer.sh/install.log

You'll get the download link. It allows just single download, after that it delete the file.

# How to open a new port on the server

Open file /etc/firewall.bash:

nano /etc/firewall.bash

Find # Open ports and add new line with your port

iptables -A INPUT -p tcp -m tcp --dport 3306 -j ACCEPT

The example opens 3306 port.

Reload the firewall:

systemctl restart firewall


Server upgrade eliminates all the changes and it's necessary to open the port again

# How to establish an FTP connection to a server after the installation

Use WinSCP for Windows and https://update.cyberduck.io/Cyberduck- for MacOS applications. They allow to work with files via SSH as well as FTP.

# How to setup emails sending

There's no special email service on a server, all emails should be sent with the external service. For 100-150 emails daily use Gmail.

# How to upgrade server configuration


The upgrade will erase all custom nginx configs and rewrite them with the default values.

Use this command to switch from PHP-FM to RR, and to upgrade RoadRunner to a new version:

curl https://keitaro.io/install.sh > run; bash run -rt upgrade

In case you need to switch back to PHP-FM from RR, run the following command:

export PHP_ENGINE=php-fpm; curl keitaro.io/install.sh | bash -s -- -rt tune

# How to delete domain from the server

To delete the domain and its certificate from the web server run the command:

curl https://raw.githubusercontent.com/apliteni/centos_provision/current/scripts/delete-ssl.sh > delete-ssl; bash delete-ssl domain.com

where domain.com replace with your domain's name.

# How to set up the server after RAM or vCPU upgrade

Run the command: curl keitaro.io/install.sh | bash -s -- -rt upgrade

# How to block an access to Keitaro form definite IPs

You can set up your server in local configs at /etc/nginx/conf.d/local.

Use /etc/nginx/conf.d/local/keitaro/server.inc for the whole server settings.

To block an access add the following lines:

deny x.x.x.x;
allow all;

# How to begin the installation process without entering the license key

You need to enter the -K (the license key) and -P (server's IP):

yum update -y && curl keitaro.io/install.sh -s > run && bash run -K 1234-1234-1234-1234 -A
Last Updated: 12/28/2020, 1:02:30 PM