Project

General

Profile

Support #557

Updated by Daniel Curtis almost 10 years ago

{{>toc}} 

 This is a simple guide for setting up an instance of BeansBooks on a FAMP server, for help setting up the environment read through Issue #432. 

 h2. Downloading BeansBooks 

 * Make the BeansBooks directory: 
 <pre> 
 mkdir /usr/local/www/beans.example.com && cd /usr/local/www/ 
 </pre> 

 * Clone BeansBooks 
 <pre> 
 git clone --recursive https://github.com/system76/beansbooks.git beans.example.com 
 cd beans.example.com 
 </pre> 

 h3. Configure BeansBooks 

 * Copy the example.htaccess file to .htaccess within your working directory 
 <pre> 
 cp example.htaccess .htaccess 
 </pre> 

 * Temporarily disable forced SSL connection by commenting 
 #* If you are not planning on hosting with SSL, then we need to comment out two lines in the @.htaccess@ file. Open the file for editing: 
 <pre> 
 vi .htaccess 
 </pre> 
 #* Look for the following two lines, and add a @#@ character before them: 
 <pre> 
 #RewriteCond %{HTTPS} !=on 
 #RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] 
 </pre> 

 * Update the permissions on two directories before proceeding: 
 <pre> 
 chmod 770 -R 770 application/logs 
 chmod 770 -R 770 application/cache 
 </pre> 

 * Create a configuration file: 
 <pre> 
 touch application/classes/beans/config.php 
 chmod 660 application/classes/beans/config.php 
 </pre> 

 * Change the ownership to the apache24 user: 
 <pre> 
 chown -R www:www /usr/local/www/beans.example.com 
 </pre> 

 h3. Configure MySQL 

 * Log into the MySQL console: 
 <pre> 
 mysql -h localhost -u root -p 
 </pre> 
 #* Create the *beans* user with the *beansdb* password and the *beans* database: 
 <pre> 
 CREATE USER 'beans'@'localhost' IDENTIFIED BY 'beansdb';    
 CREATE DATABASE IF NOT EXISTS    `beans` CHARACTER SET utf8 COLLATE utf8_general_ci; 
 GRANT ALL PRIVILEGES ON `beans`.* TO 'beans'@'localhost'; 

 flush privileges: 
 exit 
 </pre>  

 h2. Configure Apache24 VirtualHost 

 * Edit the apache24 config: 
 <pre> 
 vi /usr/local/etc/apache24/httpd.conf 
 </pre> 
 #* And add the following @VirtualHost@ block: 
 <pre> 
 <VirtualHost *:80> 
     ServerName beans.example.com 

     DocumentRoot /usr/local/www/beans.example.com             
     <Directory /usr/local/www/beans.example.com> 
         Options FollowSymLinks 
         AllowOverride All 
         Require all granted 
     </Directory> 
 </VirtualHost> 
 </pre> 

 * Restart apache24: 
 <pre> 
 service apache24 restart 
 </pre> 

 * Now navigate to http://beans.example.com to complete the setup using the setup wizard. 

 h2. Securing BeansBooks with SSL 

 * Generate a strong SSL key and a CSR to send for signing by a CA: 
 <pre> 
 mkdir /usr/local/etc/apache24/ssl && cd /usr/local/etc/apache24/ssl 
 openssl req -sha512 -out beans.example.com.csr -new -newkey rsa:4096 -nodes -keyout beans.example.com.key 
 </pre> 
 * Make sure to securely copy the SSL certificate to *beans.example.com.crt* 

 * Edit the apache24 config file: 
 <pre> 
 vi /usr/local/etc/apache24/httpd.conf 
 </pre> 
 #* And Add the following: 
 <pre> 
 <VirtualHost *:443> 
     ServerName beans.example.com 

     DocumentRoot /usr/local/www/beans.example.com             
     <Directory /usr/local/www/beans.example.com> 
         Options FollowSymLinks 
         AllowOverride All 
         Require all granted 
     </Directory> 

     SSLEngine on 

     SSLCertificateFile /usr/local/etc/apache24/ssl/beans.example.com.crt 
     SSLCertificateKeyFile /usr/local/etc/apache24/ssl/beans.example.com.key 

     <FilesMatch "\.(cgi|shtml|phtml|php)$"> 
         SSLOptions +StdEnvVars 
     </FilesMatch> 

     BrowserMatch "MSIE [2-6]" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0 
     BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown 
 </VirtualHost> 
 </pre> 

 * Enable forced SSL connection by uncommenting the two lines from earlier in the @.htaccess@ file. Open the file for editing: 
 <pre> 
 vi .htaccess 
 </pre> 
 #* Look for the following two lines, and add a @#@ character before them: 
 <pre> 
 #RewriteCond %{HTTPS} !=on 
 #RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] 
 </pre> 
 * Restart apache24: 
 <pre> 
 service apache24 restart 
 </pre> 

 * Now BeansBooks will be accessible from https://beans.example.com 

 h2. Resources 

 * https://github.com/system76/beansbooks

Back