Project

General

Profile

Support #557

Install BeansBooks on FreeBSD FAMP Server

Added by Daniel Curtis almost 10 years ago. Updated almost 10 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
Accounting Server
Target version:
Start date:
02/09/2015
Due date:
% Done:

100%

Estimated time:
1.50 h
Spent time:

Description

This is a simple guide for setting up an instance of BeansBooks on a FAMP server, for help setting up the environment read through Issue #432.

Downloading BeansBooks

  • Make the BeansBooks directory:
    mkdir /usr/local/www/beans.example.com && cd /usr/local/www/
    
  • Clone BeansBooks
    git clone --recursive https://github.com/system76/beansbooks.git beans.example.com
    cd beans.example.com
    

Configure BeansBooks

  • Copy the example.htaccess file to .htaccess within your working directory
    cp example.htaccess .htaccess
    
  • Temporarily disable forced SSL connection by commenting out two lines in the .htaccess file. Open the file for editing:
    vi .htaccess
    
    • Look for the following two lines, and add a # character before them:
      #RewriteCond %{HTTPS} !=on
      #RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
      
  • Update the permissions on two directories before proceeding:
    chmod -R 770 application/logs
    chmod -R 770 application/cache
    
  • Create a configuration file:
    touch application/classes/beans/config.php
    chmod 660 application/classes/beans/config.php
    
  • Change the ownership to the apache24 user:
    chown -R www:www /usr/local/www/beans.example.com
    

Configure MySQL

  • Log into the MySQL console:
    mysql -h localhost -u root -p
    
    • Create the beans user with the beansdb password and the beans database:
      CREATE USER 'beans'@'localhost' IDENTIFIED BY 'beansdb';   
      CREATE DATABASE IF NOT EXISTS  `beans` CHARACTER SET utf8 COLLATE utf8_general_ci;
      GRANT ALL PRIVILEGES ON `beans`.* TO 'beans'@'localhost';
      
      flush privileges:
      exit
      

Configure Apache24 VirtualHost

  • Edit the apache24 config:
    vi /usr/local/etc/apache24/httpd.conf
    
    • And add the following VirtualHost block:
      <VirtualHost *:80>
          ServerName beans.example.com
      
          DocumentRoot /usr/local/www/beans.example.com            
          <Directory /usr/local/www/beans.example.com>
              Options FollowSymLinks
              AllowOverride All
              Require all granted
          </Directory>
      </VirtualHost>
      
  • Restart apache24:
    service apache24 restart
    

Securing BeansBooks with SSL

  • Generate a strong SSL key and a CSR to send for signing by a CA:
    mkdir /usr/local/etc/apache24/ssl && cd /usr/local/etc/apache24/ssl
    openssl req -sha512 -out beans.example.com.csr -new -newkey rsa:4096 -nodes -keyout beans.example.com.key
    
  • Make sure to securely copy the SSL certificate to beans.example.com.crt
  • Edit the apache24 config file:
    vi /usr/local/etc/apache24/httpd.conf
    
    • And Add the following:
      <VirtualHost *:443>
          ServerName beans.example.com
      
          DocumentRoot /usr/local/www/beans.example.com            
          <Directory /usr/local/www/beans.example.com>
              Options FollowSymLinks
              AllowOverride All
              Require all granted
          </Directory>
      
          SSLEngine on
      
          SSLCertificateFile /usr/local/etc/apache24/ssl/beans.example.com.crt
          SSLCertificateKeyFile /usr/local/etc/apache24/ssl/beans.example.com.key
      
          <FilesMatch "\.(cgi|shtml|phtml|php)$">
              SSLOptions +StdEnvVars
          </FilesMatch>
      
          BrowserMatch "MSIE [2-6]" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0
          BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
      </VirtualHost>
      
  • Enable forced SSL connection by uncommenting the two lines from earlier in the .htaccess file. Open the file for editing:
    vi .htaccess
    
    • Look for the following two lines, and add a # character before them:
      #RewriteCond %{HTTPS} !=on
      #RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
      
  • Restart apache24:
    service apache24 restart
    

Resources


Related issues

Related to FreeBSD Administration - Support #432: Install A FreeBSD, Apache 2.4, MariaDB 5.5, PHP 5 (FAMP) ServerClosedDaniel Curtis05/02/2014

Actions
Copied to GNU/Linux Administration - Support #566: Install BeansBooks on a Debian LAMP ServerClosedDaniel Curtis02/09/2015

Actions

Also available in: Atom PDF