Related Articles
Flarum is a free, open source forum software that makes it easy for you to start an online community. It is a simple, light, fast PHP program that is compatible with mobile devices.
It comes with a rich set of features including elegant user interface, two-part interface, infinite scrolling, floating composer, full response, and more.
In this tutorial, we will explain how to install Flarum Forum on CentOS 8 Server.
Tutorial requirements
- CentOS 8 server.
- A valid domain name is indicated by the server’s IP address
- Log in as root or a user with sudo privileges
Preparation
Before getting started, you’ll need to have the EPEL and Remi repositories installed on your system. First, install the EPEL repository with the following command:
dnf install epel-release -y
After that, download and install Remi repository with the following command:
wget http://rpms.remirepo.net/enterprise/remi-release-8.rpm rpm -Uvh remi-release-8.rpm
Install Nginx, MariaDB, and PHP
First, install the Nginx web server and MariaDB server with the following commands:
dnf install nginx mariadb-server -y
After installing both packages, you will need to activate the php: remi-7.3 module to install PHP 7.3. You can activate it with the following command:
dnf module enable php:remi-7.3
After that, install PHP along with the other required dependencies using the following command:
dnf install php php-fpm php-common php-opcache php-pecl-apcu php-cli php-pear php-pdo php-mysqlnd php-pgsql php-pecl-mongodb php-pecl-redis php-pecl-memcache php-pecl-memcached php-gd php-mbstring php-mcrypt php-xml -y
After installing all packages, start the Nginx, MariaDB and PHP-FPM services and enable them to start after restarting the system with the following command:
systemctl start nginx systemctl start mariadb systemctl start php-fpm systemctl enable nginx systemctl enable mariadb systemctl enable php-fpm
Once done, you can move on to the next step.
Create MariaDB Database
By default, MariaDB is not locked. You can secure it with the following script:
mysql_secure_installation
This command will change the root password, delete anonymous users, block remote root logins, and delete the test database.
Answer the questions as shown below and make sure to choose a secure root user password:
Enter current password for root (enter for none): Set root password? [Y/n] Y New password: Re-enter new password: Remove anonymous users? [Y/n] Y Disallow root login remotely? [Y/n] Y Remove test database and access to it? [Y/n] Y Reload privilege tables now? [Y/n] Y
Once MariaDB is secured, log into the MariaDB shell with the following command:
mysql -u root -p
Enter the root password, then create a database and database user for Flarum with the following command:
MariaDB [(none)]> CREATE DATABASE flarumdb;
MariaDB [(none)]> GRANT ALL PRIVILEGES on flarumdb.* to 'flarum'@'localhost' identified by 'g4nt!_d3n9an_p4$$w0rd';
After that, clear the privileges and exit MariaDB with the following command:
MariaDB [(none)]> FLUSH PRIVILEGES; MariaDB [(none)]> EXIT;
Once done, you can move on to the next step.
Configure PHP-FPM for Nginx
Next, you need to configure PHP-FPM to work with Nginx. You can do this by editing a file www.conf:
nano /etc/php-fpm.d/www.conf
Change username and group from apache To nginx as shown below:
user = nginx group = nginx listen.owner = nginx listen.group = nginx
Next, find the next line:
;listen = /run/php-fpm/www.sock
And replace it with the following line:
listen = 127.0.0.1:9000
Save and close the file when done. Then restart PHP-FPM service to apply the changes:
systemctl restart php-fpm
Install Flarum
Before installing Flarum, you must have Composer installed on your system.
You can install it via command curl next:
curl -sS https://getcomposer.org/installer | php
Once installed, you will get the following output:
All settings correct for using Composer Downloading... Composer (version 1.9.2) successfully installed to: /root/composer.phar Use it: php composer.phar
Next, move the Composer binary file to the directory /usr/local/bin And grant appropriate permissions:
mv composer.phar /usr/local/bin/composer chmod 755 /usr/local/bin/composer
Next, change directory to Nginx document root and create Flarum project with the following command:
cd /var/www/html composer create-project flarum/flarum . --stability=beta
Next, grant the appropriate permissions to the Nginx web root folder with the following command:
chown -R nginx:nginx /var/www/html chmod -R 755 /var/www/html chown -R nginx:nginx /var/lib/php
Once done, you can move on to the next step.
Form Nginx for Flarum
Next, we need to create an Nginx virtual host configuration file for Nginx. You can create it with the following command:
nano /etc/nginx/conf.d/flarum.conf
Add the following line:
server {
listen 80;
server_name flarum.example.com;
# lokasi untuk root document
root /var/www/html/public;
index index.php index.html index.htm;
location / { try_files $uri $uri/ /index.php?$query_string; }
location /api { try_files $uri $uri/ /api.php?$query_string; }
location /admin { try_files $uri $uri/ /admin.php?$query_string; }
location /flarum {
deny all;
return 404;
}
location ~ .php$ {
try_files $uri =404;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ~* .html$ {
expires -1;
}
location ~* .(css|js|gif|jpe?g|png)$ {
expires 1M;
add_header Pragma public;
add_header Cache-Control "public, must-revalidate, proxy-revalidate";
}
gzip on;
gzip_http_version 1.1;
gzip_vary on;
gzip_comp_level 6;
gzip_proxied any;
gzip_types application/atom+xml
application/javascript
application/json
application/vnd.ms-fontobject
application/x-font-ttf
application/x-web-app-manifest+json
application/xhtml+xml
application/xml
font/opentype
image/svg+xml
image/x-icon
text/css
#text/html -- text/html is gzipped by default by nginx
text/plain
text/xml;
gzip_buffers 16 8k;
gzip_disable "MSIE [1-6].(?!.*SV1)";
}
Save and close the file when done. Next, you need to increase the size hash_bucket in the file nginx.conf.
You can do this by editing a file /etc/nginx/nginx.conf:
nano /etc/nginx/nginx.conf
Add the following line directly above the last line:
server_names_hash_bucket_size 64;
Save and close the file. Next, check Nginx for any syntax errors with the following command:
nginx -t
You will see the following result:
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf test is successful
Finally, restart Nginx and PHP-FPM services to apply the changes:
systemctl restart php-fpm systemctl restart nginx
Configure SELinux and Firewall
First, you’ll need to create firewall rules to allow HTTP and HTTPS services from external networks. You can allow it with the following command:
firewall-cmd --permanent --add-service=http firewall-cmd --permanent --add-service=https firewall-cmd --reload
By default, SELinux is enabled in CentOS 8. So you need to configure SELinux for Flarum to work properly. You can configure SELinux with the following command:
setsebool httpd_can_network_connect on -P
Once done, you can move on to the next step.
Access the Flarum web user interface
Now, open your web browser and type the URL http://flarum.example.com. You will be directed to the following page:
Enter forum name, database details, admin username and password and click the button Installations Flarum. After the installation has finished successfully, you will see the Flarum dashboard on the following page:
Secure Flarum with Let’s Encrypt SSL
Flarum is now installed and configured. Time to secure it with Let’s Encrypt SSL.
To do this, you’ll need to download the certbot client to your server. You can download and set the correct permissions by running the following command:
wget https://dl.eff.org/certbot-auto mv certbot-auto /usr/local/bin/certbot-auto chown root /usr/local/bin/certbot-auto chmod 0755 /usr/local/bin/certbot-auto
Now, run the following commands to get and install SSL certificate for your flarum site.
certbot-auto --nginx -d flarum.example.com
The above command will install all required dependencies on your server. Once installed, you will be required to provide an email address and accept the Terms of Service as shown below:
Saving debug log to /var/log/letsencrypt/letsencrypt.log Plugins selected: Authenticator apache, Installer apache Enter email address (used for urgent renewal and security notices) (Enter 'c' to cancel): [email protected] - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Please read the Terms of Service at https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must agree in order to register with the ACME server at https://acme-v02.api.letsencrypt.org/directory - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - (A)gree/(C)ancel: A - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Would you be willing to share your email address with the Electronic Frontier Foundation, a founding partner of the Let's Encrypt project and the non-profit organization that develops Certbot? We'd like to send you email about our work encrypting the web, EFF news, campaigns, and ways to support digital freedom. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - (Y)es/(N)o: Y Obtaining a new certificate Performing the following challenges: http-01 challenge for flarum.example.com Waiting for verification... Cleaning up challenges Deploying Certificate to VirtualHost /etc/nginx/conf.d/flarum.conf
Next, you have to choose whether or not to redirect HTTP traffic to HTTPS, as shown below:
Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 1: No redirect - Make no further changes to the webserver configuration. 2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for new sites, or if you're confident your site works on HTTPS. You can undo this change by editing your web server's configuration. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2
Type 2 and hit Enter to continue. After the installation is complete, you will see the following output:
Redirecting all traffic on port 80 to ssl in /etc/nginx/conf.d/flarum.conf - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Congratulations! You have successfully enabled https://flarum.example.com You should test your configuration at: https://www.ssllabs.com/ssltest/analyze.html?d=flarum.example.com - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - IMPORTANT NOTES: - Congratulations! Your certificate and chain have been saved at: /etc/letsencrypt/live/flarum.example.com/fullchain.pem Your key file has been saved at: /etc/letsencrypt/live/flarum.example.com/privkey.pem Your cert will expire on 2020-03-23. To obtain a new or tweaked version of this certificate in the future, simply run certbot-auto again with the "certonly" option. To non-interactively renew *all* of your certificates, run "certbot-auto renew" - If you like Certbot, please consider supporting our work by: Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate Donating to EFF: https://eff.org/donate-le
At this point, the Let’s Encrypt installation for your website has completed and you can now access the Flarum website using the secure URL https://flarum.example.com.
.
Originally posted 2020-11-18 16:59:09.
