harukin/core
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Changes for Debian 9 (Stretch). Tested on a Raspberry 3 under Raspian (Debian 9.3) along with a FREE SUBDOMAIN registered at https://freedns.afraid.org. Changes for letsencrypt. Removed support for Debian 8.

Browse Source
This commit is contained in:
Einer von Vielen 2017-12-18 23:03:10 +01:00
parent a68e2999f1
commit 8c75ace6ec
3 changed files with 80 additions and 80 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

84
.homeinstall/README.md
View File

@ -2,10 +2,12 @@
Run hubzilla-setup.sh for an unattended installation of hubzilla. Run hubzilla-setup.sh for an unattended installation of hubzilla.
The script is known to work with Debian 8.3 stable (Jessie) The script is known to work with Debian 9 stable (Stretch)
+ Home-PC (Debian-8.3.0-amd64) + Home-PC (Debian-9.2-amd64)
+ DigitalOcean droplet (Debian 8.3 x64 / 512 MB Memory / 20 GB Disk / NYC3) + Raspian (Debian-9.3 on a Rapberry 3)
This script is not recommended for Debian 8 (Jessie) any longer.
# Step-by-Step Overwiew # Step-by-Step Overwiew
@ -14,12 +16,12 @@ The script is known to work with Debian 8.3 stable (Jessie)
Hardware Hardware
+ Internet connection and router at home + Internet connection and router at home
+ Mini-pc connected to your router + Mini-pc connected to your router (a Raspberry 3 will do it too)
+ USB drive for backups + USB drive for backups
Software Software
+ Fresh installation of Debian on your mini-pc + Fresh installation of Debian 9 (Stretch) on your mini-pc
+ Router with open ports 80 and 443 for your Debian + Router with open ports 80 and 443 for your Debian
## The basic steps (quick overview) ## The basic steps (quick overview)
@ -32,7 +34,8 @@ Software
- git clone https://github.com/redmatrix/hubzilla.git html - git clone https://github.com/redmatrix/hubzilla.git html
- cp .homeinstall/hubzilla-config.txt.template .homeinstall/hubzilla-config.txt - cp .homeinstall/hubzilla-config.txt.template .homeinstall/hubzilla-config.txt
- nano .homeinstall/hubzilla-config.txt - nano .homeinstall/hubzilla-config.txt
- Enter your values there: db pass, domain, values for dyn DNS - Read the comments carefully
- Enter your values: db pass, domain, values for dyn DNS
- hubzilla-setup.sh as root - hubzilla-setup.sh as root
- ... wait, wait, wait until the script is finised - ... wait, wait, wait until the script is finised
- reboot - reboot
@ -51,18 +54,36 @@ The installation will create a daily backup.
If the backup process does not find an external device than the backup goes to If the backup process does not find an external device than the backup goes to
the internal disk. the internal disk.
The USB drive must be compatible with an encrpyted filesystem LUKS + ext4. The USB drive must be compatible with the filesystems
- ext4 (if you do not want to encrypt the USB)
- LUKS + ext4 (if you want to encrypt the USB)
## Preparations Software ## Preparations Software
### Install Debian Linux on the Mini-PC ### Install Debian Linux on the Mini-PC
Download the stable Debian at https://www.debian.org/ Download the stable Debian at https://www.debian.org/
(Debian 8 is no longer supported.)
Create bootable USB drive with Debian on it. You could use the programm Create bootable USB drive with Debian on it.You could use
unetbootin, https://en.wikipedia.org/wiki/UNetbootin
Switch of your mini pc, plug in your USB drive and start the mini pc from the - unetbootin, https://en.wikipedia.org/wiki/UNetbootin
- or simply the linux command "dd"
Example for command dd...
su -
dd if=2017-11-29-raspbian-stretch.img of=/dev/mmcblk0
Do not forget to unmount the SD card before and check if unmounted like in this example...
su -
umount /dev/mmcblk0*
df -h
Switch off your mini pc, plug in your USB drive and start the mini pc from the
stick. Install Debian. Follow the instructions of the installation. stick. Install Debian. Follow the instructions of the installation.
### Configure your Router ### Configure your Router
@ -81,26 +102,21 @@ You can use subdomains as well
There are two way to get a domain There are two way to get a domain
- buy a domain (recommended) or - buy a domain, or
- register a free subdomain - register a free subdomain
### Method 1: Get yourself an own Domain (recommended) ### Method 1: Buy an own Domain
...for example at selfHOST.de ...for example buy at selfHOST.de
The cost are around 10,- € once and 1,50 € per month (2017).
### Method 2 Register a (free) Subdomain ### Method 2 Register a (free) Subdomain
Register a free subdomain for example at ...for example register at freeDNS
- freeDNS Follow the instructions in .homeinstall/hubzilla-config.txt.
- selfHOST
WATCH THIS: A free subdomain is not the prefered way to get a domain name. Why?
Let's encrpyt issues a limited number of certificates each
day. Possibly other users of this domain will try to issue a certificate
at the same day as you do. So make sure you choose a domain with as less subdomains as
possible.
## Install Hubzilla on your Debian ## Install Hubzilla on your Debian
@ -135,7 +151,7 @@ Copy the template file
cp hubzilla-config.txt.template hubzilla-config.txt cp hubzilla-config.txt.template hubzilla-config.txt
Change the file "hubzilla-config.txt". Read the instructions there and enter your values. Change the file "hubzilla-config.txt". Read the instructions there carefully and enter your values.
nano hubzilla-config.txt nano hubzilla-config.txt
@ -146,7 +162,7 @@ Run the script
Wait... The script should not finish with an error message. Wait... The script should not finish with an error message.
In a webbrowser open your domain. In a webbrowser open your domain.
Expected: A test page of hubzilla is shown. All checks there shoulg be Expected: A test page of hubzilla is shown. All checks there should be
successfull. Go on... successfull. Go on...
Expected: A page for the Hubzilla server configuration shows up. Expected: A page for the Hubzilla server configuration shows up.
@ -162,3 +178,21 @@ Leave db type "MySQL" untouched.
Follow the instructions in the next pages. Follow the instructions in the next pages.
## Note for the Rasperry
The script was tested with an Raspberry 3 under Raspian (Debian 9.3, 2017-11-29-raspbian-stretch.img).
It is recommended to deinstall these programms to avoid endless updates. Use...
sudo apt-get purge wolfram-engine sonic-pi
sudo apt-get autoremove
It is recommended to run the Raspi without graphical frontend (X-Server). Use...
sudo raspi-config
to boot the Rapsi to the client console.
DO NOT FORGET TO CHANGE THE DEFAULT PASSWORD FOR USER PI!

37
.homeinstall/hubzilla-config.txt.template
View File

@ -70,15 +70,17 @@ selfhost_pass=
# freedns_key=U1Z6aGt2R0NzMFNPNWRjbWxxZGpsd093OjE1Mzg5NDE5 # freedns_key=U1Z6aGt2R0NzMFNPNWRjbWxxZGpsd093OjE1Mzg5NDE5
# #
# #
#freedns_key= freedns_key=
############################################### ###############################################
### OPTIONAL - Backup to external device ###### ### OPTIONAL - Backup to external device ######
# #
# The script can use an external device for the daily backup. # The script can use an external device for the daily backup.
# The file system of the device (USB stick for example) must be compatible # The file system of the device (USB stick for example) must be compatible with
# with encrypted LUKS + ext4 #
# - encrypted LUKS + ext4, or
# - ext4
# #
# You should test to mount the device befor you run the script # You should test to mount the device befor you run the script
# (hubzilla-setup.sh). # (hubzilla-setup.sh).
@ -113,27 +115,21 @@ selfhost_pass=
# lsof /media/hubzilla_backup # lsof /media/hubzilla_backup
# #
# If you leave the following parameters # If you leave the following parameters
#
# - "backup_device_name" and # - "backup_device_name" and
# - "backup_device_pass" # - "backup_device_pass"
#
# empty the script will create daily backups on the internal disk (which could # empty the script will create daily backups on the internal disk (which could
# save you as well). # save you as well).
# #
# Example: backup_device_name=/dev/sdc1 # Example: backup_device_name=/dev/sdc1
# #
# Leave "backup_device_pass=" empty if the external device is not encrypted.
#
backup_device_name= backup_device_name=
backup_device_pass= backup_device_pass=
###############################################
### OPTIONAL - Owncloud - deprecated ##########
#
# To install owncloud: owncloud=y
# Leave empty if you don't want to install owncloud
#
#owncloud=
############################################### ###############################################
### OPTIONAL - do not mess with things below ## ### OPTIONAL - do not mess with things below ##
# (...if you are not certain) # (...if you are not certain)
@ -160,18 +156,3 @@ mysqlpass=$db_pass
# Example: phpmyadminpass="aber hallo has blanks in it" # Example: phpmyadminpass="aber hallo has blanks in it"
phpmyadminpass=$db_pass phpmyadminpass=$db_pass
# TODO Prepare hubzilla for programmers
# - install eclipse and plugins
# - install xdebug to debug the php with eclipse
# - weaken permissions on /var/www/html
# - manual steps after this script
# * in eclipse: install plugins for php git hub
# * in eclipse: configure firefox (chrome,...) as browser to run with the php debuger
# * in eclipse: switch php debugger from zend to xdebug
# * in eclipse: add local hubzilla github repository
#
# Which user will use eclipse?
# Leave this empty if you do not want to prepare hubzilla for debugging
#
#developer_name=

39
.homeinstall/hubzilla-setup.sh
View File

@ -43,15 +43,10 @@
# Security - password is the same for mysql-server, phpmyadmin and hubzilla db # Security - password is the same for mysql-server, phpmyadmin and hubzilla db
# - The script runs into installation errors for phpmyadmin if it uses # - The script runs into installation errors for phpmyadmin if it uses
# different passwords. For the sake of simplicity one singel password. # different passwords. For the sake of simplicity one singel password.
#
# Security - suhosin for PHP
# - The script does not install suhosin.
# - Is the security package suhosin usefull or not usefull?
# #
# Hubzilla - email verification # Hubzilla - email verification
# - The script switches off email verification off in all htconfig.tpl. # - The script switches off email verification off in all htconfig.tpl.
# Example: /var/www/html/view/en/htconfig.tpl # Example: /var/www/html/view/en/htconfig.tpl
# - Is this a silly idea or not?
# #
# #
# Remove Hubzilla (for a fresh start using the script) # Remove Hubzilla (for a fresh start using the script)
@ -253,11 +248,9 @@ function install_sendmail {
} }
function install_php { function install_php {
# openssl and mbstring are included in libapache2-mod-php5 # openssl and mbstring are included in libapache2-mod-php
# to_to: php5-suhosin
print_info "installing php..." print_info "installing php..."
nocheck_install "libapache2-mod-php5 php5 php-pear php5-xcache php5-curl php5-mcrypt php5-gd" nocheck_install "libapache2-mod-php php php-pear php-curl php-mcrypt php-gd"
php5enmod mcrypt
} }
function install_mysql { function install_mysql {
@ -277,18 +270,17 @@ function install_mysql {
# want to be prompted for it then this can be arranged by preseeding the # want to be prompted for it then this can be arranged by preseeding the
# DebConf database with the required information. # DebConf database with the required information.
# #
# echo mysql-server-5.5 mysql-server/root_password password xyzzy | debconf-set-selections # echo mysql-server mysql-server/root_password password xyzzy | debconf-set-selections
# echo mysql-server-5.5 mysql-server/root_password_again password xyzzy | debconf-set-selections # echo mysql-server mysql-server/root_password_again password xyzzy | debconf-set-selections
# #
print_info "installing mysql..." print_info "installing mysql..."
if [ -z "$mysqlpass" ] if [ -z "$mysqlpass" ]
then then
die "mysqlpass not set in $configfile" die "mysqlpass not set in $configfile"
fi fi
echo mysql-server-5.5 mysql-server/root_password password $mysqlpass | debconf-set-selections echo mysql-server mysql-server/root_password password $mysqlpass | debconf-set-selections
echo mysql-server-5.5 mysql-server/root_password_again password $mysqlpass | debconf-set-selections echo mysql-server mysql-server/root_password_again password $mysqlpass | debconf-set-selections
nocheck_install "php5-mysql mysql-server mysql-client" nocheck_install "php-mysql mysql-server mysql-client"
php5enmod mcrypt
} }
function install_phpmyadmin { function install_phpmyadmin {
@ -305,7 +297,7 @@ function install_phpmyadmin {
echo phpmyadmin phpmyadmin/reconfigure-webserver multiselect apache2 | debconf-set-selections echo phpmyadmin phpmyadmin/reconfigure-webserver multiselect apache2 | debconf-set-selections
nocheck_install "phpmyadmin" nocheck_install "phpmyadmin"
# It seems to be not neccessary to check rewrite.load because it comes # It seems not to be neccessary to check rewrite.load because it comes
# with the installation. To be sure you could check this manually by: # with the installation. To be sure you could check this manually by:
# #
# nano /etc/apache2/mods-available/rewrite.load # nano /etc/apache2/mods-available/rewrite.load
@ -327,6 +319,7 @@ function install_phpmyadmin {
echo "Include /etc/phpmyadmin/apache.conf" >> /etc/apache2/apache2.conf echo "Include /etc/phpmyadmin/apache.conf" >> /etc/apache2/apache2.conf
fi fi
service apache2 restart service apache2 restart
/etc/init.d/mysql start
} }
function create_hubzilla_db { function create_hubzilla_db {
@ -455,11 +448,6 @@ function configure_cron_selfhost {
fi fi
} }
function install_git {
print_info "installing git..."
nocheck_install "git"
}
function install_letsencrypt { function install_letsencrypt {
print_info "installing let's encrypt ..." print_info "installing let's encrypt ..."
# check if user gave domain # check if user gave domain
@ -511,6 +499,8 @@ END
then then
die "Failed to load $url_http" die "Failed to load $url_http"
fi fi
# accept terms of service of letsencrypt
./dehydrated --register --accept-terms
# run script dehydrated # run script dehydrated
# #
./dehydrated --cron --config $le_dir/config.sh ./dehydrated --cron --config $le_dir/config.sh
@ -607,7 +597,6 @@ function install_hubzilla_plugins {
echo "# cd /var/www/html/.homeinstall" >> $plugin_install echo "# cd /var/www/html/.homeinstall" >> $plugin_install
echo "# ./hubzilla-setup.sh" >> $plugin_install echo "# ./hubzilla-setup.sh" >> $plugin_install
echo "https://gitlab.com/zot/ownmapp.git ownMapp" >> $plugin_install echo "https://gitlab.com/zot/ownmapp.git ownMapp" >> $plugin_install
echo "https://gitlab.com/zot/hubzilla-chess.git chess" >> $plugin_install
fi fi
# install plugins # install plugins
while read -r line; do while read -r line; do
@ -801,10 +790,7 @@ echo "# update" >> /var/www/$hubzilladaily
echo "echo \"\$(date) - updating dehydrated...\"" >> /var/www/$hubzilladaily echo "echo \"\$(date) - updating dehydrated...\"" >> /var/www/$hubzilladaily
echo "git -C /var/www/letsencrypt/ pull" >> /var/www/$hubzilladaily echo "git -C /var/www/letsencrypt/ pull" >> /var/www/$hubzilladaily
echo "echo \"\$(date) - updating hubhilla core...\"" >> /var/www/$hubzilladaily echo "echo \"\$(date) - updating hubhilla core...\"" >> /var/www/$hubzilladaily
echo "git -C /var/www/html/ pull" >> /var/www/$hubzilladaily echo "(cd /var/www/html/ ; util/udall)" >> /var/www/$hubzilladaily
echo "echo \"\$(date) - updating hubhilla addons...\"" >> /var/www/$hubzilladaily
echo "git -C /var/www/html/addon/ pull" >> /var/www/$hubzilladaily
echo "bash /var/www/html/$plugins_update" >> /var/www/$hubzilladaily
echo "chown -R www-data:www-data /var/www/html/ # make all accessable for the webserver" >> /var/www/$hubzilladaily echo "chown -R www-data:www-data /var/www/html/ # make all accessable for the webserver" >> /var/www/$hubzilladaily
echo "chown root:www-data /var/www/html/.htaccess" >> /var/www/$hubzilladaily echo "chown root:www-data /var/www/html/.htaccess" >> /var/www/$hubzilladaily
echo "chmod 0644 /var/www/html/.htaccess # www-data can read but not write it" >> /var/www/$hubzilladaily echo "chmod 0644 /var/www/html/.htaccess # www-data can read but not write it" >> /var/www/$hubzilladaily
@ -894,7 +880,6 @@ install_run_selfhost
ping_domain ping_domain
configure_cron_freedns configure_cron_freedns
configure_cron_selfhost configure_cron_selfhost
install_git
install_letsencrypt install_letsencrypt
configure_apache_for_https configure_apache_for_https
check_https check_https