Introduction
Fedora Server stands as one of the most innovative Linux distributions, serving as the upstream development platform for Red Hat Enterprise Linux. It combines enterprise-grade stability with cutting-edge features, making it an excellent choice for modern server workloads.
In 2026, Fedora Server continues to lead in containerization, cloud deployment, and emerging technologies while maintaining strong security fundamentals. This comprehensive guide covers installation, configuration, package management, container tools, and production deployment best practices.
Understanding Fedora
Fedora vs RHEL vs CentOS
Fedora serves as the community-driven upstream project for Red Hat Enterprise Linux:
- Fedora: Fast-paced, innovative, 13-month release cycle
- RHEL: Enterprise stability, 10+ year support life cycle
- CentOS Stream: Downstream of Fedora, upstream of RHEL
Fedora Server provides:
- Latest kernel and GNU tools
- Modern container runtimes
- Cutting-edge security features
- Testing ground for enterprise technologies
Release Cycle
# Fedora releases occur every 6 months
# Supported for ~13 months (until next + 2 weeks)
# Check version
cat /etc/fedora-release
# Fedora release 42 (Server Edition)
# Check kernel
uname -r
Installation and Initial Setup
Server Installation
# Download Fedora Server ISO
# https://getfedora.org/server/
# Installation options:
# - Server with GUI
# - Server (minimal)
# - Custom operating system
# Post-installation setup
sudo dnf update -y
sudo systemctl reboot
Initial Configuration
# Set hostname
sudo hostnamectl set-hostname server1.example.com
# Configure timezone
sudo timedatectl set-timezone America/New_York
# Enable NTP
sudo timedatectl set-ntp true
# Configure firewall
sudo firewall-cmd --permanent --add-service=http
sudo firewall-cmd --permanent --add-service=https
sudo firewall-cmd --permanent --add-service=ssh
sudo firewall-cmd --reload
# Check status
sudo firewall-cmd --list-all
Package Management with DNF
DNF Fundamentals
DNF (Dandified YUM) is Fedora’s next-generation package manager:
# Update all packages
sudo dnf update
# Upgrade to new release
sudo dnf system-upgrade download --releasever=42
sudo dnf system-upgrade reboot
# Install package
sudo dnf install nginx
# Remove package
sudo dnf remove nginx
# Search packages
dnf search nginx
dnf provides /usr/sbin/nginx
# List installed
dnf list installed
dnf list installed | grep nginx
# Package information
dnf info nginx
# Check for updates
dnf check-update
NF Repositories
```bash
#```
### D List repositories
dnf repolist
dnf repolist enabled
# Repository information
dnf repoinfo fedora
# Enable/disable repository
sudo dnf config-manager --set-enabled fedora
sudo dnf config-manager --set-disabled fedora
# Add custom repository
sudo dnf config-manager --add-repo https://example.com/repo.repo
# Create custom repo file
sudo vim /etc/yum.repos.d/custom.repo
[custom]
name=Custom Repository
baseurl=https://example.com/repo/$releasever/$basearch/
enabled=1
gpgcheck=1
gpgkey=https://example.com/key.pub
Module Streams
Fedora uses AppStream modules for multiple software versions:
# List modules
dnf module list
# Enable module stream
sudo dnf module enable nodejs:20
# Install module
sudo dnf module install nodejs:20
# Reset module
sudo dnf module reset nodejs
Systemd and Service Management
Service Management
# Start/stop service
sudo systemctl start nginx
sudo systemctl stop nginx
# Enable/disable at boot
sudo systemctl enable nginx
sudo systemctl disable nginx
# Check status
systemctl status nginx
# View logs
journalctl -u nginx
journalctl -u nginx -f
journalctl --since "1 hour ago"
# List failed units
systemctl --failed
# Restart on failure
sudo systemctl edit nginx
[Service]
Restart=on-failure
RestartSec=5
SELinux on Fedora
SELinux Basics
Fedora enforces SELinux by default:
# Check SELinux status
getenforce
sestatus
# SELinux modes
# Enforcing (default) - enforces policy
# Permissive - logs but doesn't enforce
# Disabled - completely off
# Temporarily set permissive
sudo setenforce 0
# Permanently set mode
sudo setenforce 1
sudo vim /etc/selinux/config
# SELinux context
ls -Z /var/www/html
ps -Z nginx
# Restore default context
sudo restorecon -Rv /var/www/html
# Change context
sudo chcon -t httpd_sys_content_t /var/www/html/file.html
# Manage booleans
getsebool -a
sudo setsebool -P httpd_read_user_content 1
# Audit logs
sudo tail /var/log/audit/audit.log
sudo ausearch -m avc
Troubleshooting SELinux
# Install SELinux tools
sudo dnf install setools sepolicy
# Find boolean for service
seinfo -b | grep http
# Check denied access
sudo ausearch -m avc -c httpd
# Create local policy module
sudo dnf install policycoreutils-devel
sudo audit2allow -a -M mymodule
sudo semodule -i mymodule.pp
Container Tools
Podman
Fedora includes Podman as the default container runtime:
# Install Podman
sudo dnf install podman
# Basic commands (Docker-compatible)
podman pull docker.io/library/nginx
podman run -d --name web nginx
podman ps
podman logs web
podman exec -it web /bin/bash
# Rootless containers
podman run -d nginx # Runs without root
# Build images
podman build -t myapp .
podman push myapp:latest
# Compose
podman-compose up -d
# System containers (run systemd in container)
podman run -d --name=fedora fedora:latest /sbin/init
Buildah and Skopeo
# Install tools
sudo dnf install buildah skopeo
# Buildah - build container images
buildah from fedora
buildah run myfedora-1 dnf update -y
buildah commit myfedora-1 myfedora:latest
# Skopeo - inspect and copy images
skopeo inspect docker://docker.io/library/nginx
skopeo copy docker://nginx registry.example.com:5000/nginx
skopeo delete docker://localhost:5000/myimage:latest
Fedora CoreOS
# Fedora CoreOS for container workloads
# Download and run
curl -L https://getfedora.org/coreos/download/ | bash
# Install to disk
sudo fcos install /dev/sda
# Configuration with Butane
# https://docs.fedoraproject.org/en-US/fedora-coreos/producing-ign/
Cockpit Administration
Web-Based Management
Cockpit provides a web interface for server management:
# Install Cockpit
sudo dnf install cockpit
# Enable and start
sudo systemctl enable --now cockpit.socket
# Access via https://server:9090
# Enable additional features
sudo dnf install cockpit-storaged
sudo dnf install cockpit-networkmanager
sudo dnf install cockpit-packagekit
Cockpit Features
# Dashboard - system overview
# Logs - journal entries
# Services - systemd management
# Storage - disk/RAID management
# Networking - network configuration
# Accounts - user management
# Kernel dump - crash analysis
# Subscriptions - RHEL subscription management
# Terminal - web terminal
Web Server Configuration
Apache
# Install Apache
sudo dnf install httpd
# Configuration
sudo vim /etc/httpd/conf/httpd.conf
sudo vim /etc/httpd/conf.d/ssl.conf
# Create virtual host
sudo vim /etc/httpd/conf.d/example.com.conf
<VirtualHost *:80>
ServerName example.com
DocumentRoot /var/www/html
<Directory /var/www/html>
Options -Indexes +FollowSymLinks
AllowOverride All
Require all granted
</Directory>
ErrorLog /var/log/httpd/error.log
CustomLog /var/log/httpd/access.log combined
</VirtualHost>
Nginx
# Install Nginx
sudo dnf install nginx
# Configuration
sudo vim /etc/nginx/nginx.conf
sudo vim /etc/nginx/conf.d/example.com.conf
# Test configuration
sudo nginx -t
# Reload
sudo systemctl reload nginx
server {
listen 80;
server_name example.com;
root /var/www/html;
location / {
try_files $uri $uri/ =404;
}
location ~ \.php$ {
fastcgi_pass unix:/run/php-fpm/www.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
Database Installation
PostgreSQL
# Install PostgreSQL
sudo dnf install postgresql-server
# Initialize database
sudo postgresql-setup --initdb
# Start service
sudo systemctl enable --now postgresql
# Access database
sudo -u postgres psql
# Create user and database
sudo -u postgres createuser -s myuser
sudo -u postgres createdb mydb
MariaDB
# Install MariaDB
sudo dnf install mariadb-server
# Start service
sudo systemctl enable --now mariadb
# Secure installation
sudo mysql_secure_installation
# Access database
mysql -u root -p
Redis
# Install Redis
sudo dnf install redis
# Configure
sudo vim /etc/redis.conf
# Start service
sudo systemctl enable --now redis
Security Hardening
Firewall Configuration
# Using firewalld (default)
sudo firewall-cmd --permanent --add-service=http
sudo firewall-cmd --permanent --add-service=https
sudo firewall-cmd --permanent --add-service=ssh
sudo firewall-cmd --permanent --add-port=8080/tcp
sudo firewall-cmd --reload
# Check rules
sudo firewall-cmd --list-all
# Rich rules
sudo firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address="192.168.1.0/24" service name="http" accept'
Fail2ban
# Install Fail2ban
sudo dnf install fail2ban
# Configuration
sudo vim /etc/fail2ban/jail.local
[DEFAULT]
bantime = 3600
findtime = 600
maxretry = 5
[sshd]
enabled = true
port = ssh
maxretry = 3
[nginx-http-auth]
enabled = true
# Start service
sudo systemctl enable --now fail2ban
Automatic Updates
# Enable dnf-automatic
sudo dnf install dnf-automatic
# Configure
sudo vim /etc/dnf/automatic.conf
[commands]
upgrade_type = default
random_sleep = 60
[email]
email_from = [email protected]
email_to = [email protected]
# Enable timers
sudo systemctl enable --now dnf-automatic.timer
Performance Tuning
Kernel Parameters
# Network tuning
sudo sysctl -w net.core.rmem_max=16777216
sudo sysctl -w net.core.wmem_max=16777216
# Make permanent
sudo vim /etc/sysctl.d/99-custom.conf
# IO scheduler
cat /sys/block/sda/queue/scheduler
echo "mq-deadline" | sudo tee /sys/block/sda/queue/scheduler
# Transparent huge pages
cat /sys/kernel/mm/transparent_hugepage/enabled
Resource Limits
# Systemd resource limits
sudo systemctl edit nginx
[Service]
MemoryLimit=512M
CPUQuota=50%
TasksMax=100
Backup and Recovery
Backup Scripts
#!/bin/bash
# /usr/local/bin/backup.sh
DATE=$(date +%Y%m%d)
BACKUP_DIR="/backup"
DB_NAME="mydb"
DB_USER="backup"
# Database backup
pg_dump -U $DB_USER $DB_NAME | gzip > $BACKUP_DIR/db-$DATE.sql.gz
# Files backup
tar -czf $BACKUP_DIR/files-$DATE.tar.gz /var/www/html
# Keep 7 days
find $BACKUP_DIR -mtime +7 -delete
Restore Procedures
# Database restore
gunzip < backup.sql.gz | psql -U user dbname
# Files restore
tar -xzf files.tar.gz -C /
# Full system restore
# Use Kickstart for reinstallation
# Restore /home and /etc from backup
Monitoring and Logging
System Monitoring
# Install monitoring tools
sudo dnf install htop iotop atop
# Resource monitoring
htop
iotop
atop
# Network monitoring
sudo dnf install nethogs
nethogs eth0
Logging with Journald
# View logs
journalctl
journalctl -u nginx
journalctl --since "2026-01-01"
journalctl --until "2026-01-02"
journalctl -p err
# Persistent logging
sudo vim /etc/systemd/journald.conf
[Journal]
Storage=persistent
SystemMaxUse=1G
RuntimeMaxUse=100M
Conclusion
Fedora Server provides an excellent platform for modern infrastructure, combining innovation with enterprise features. Its cutting-edge packages, strong SELinux integration, and excellent container tools make it ideal for organizations seeking the latest technology with production-ready stability.
Whether deploying web applications, databases, or containerized workloads, Fedora Server delivers the tools and features needed for 2026 infrastructure requirements.
Comments