harukin/core
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Changes for Debian 9 (Stretch). Tested on a Raspberry 3 under Raspian (Debian 9.3) along with a FREE SUBDOMAIN registered at https://freedns.afraid.org. Changes for letsencrypt. Removed support for Debian 8.

Browse Source
This commit is contained in:
Einer von Vielen 2017-12-18 23:03:10 +01:00
parent a68e2999f1
commit 8c75ace6ec
3 changed files with 80 additions and 80 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

82
.homeinstall/README.md
View File

@ -2,10 +2,12 @@
Run hubzilla-setup.sh for an unattended installation of hubzilla.
The script is known to work with Debian 8.3 stable (Jessie)
The script is known to work with Debian 9 stable (Stretch)
+ Home-PC (Debian-8.3.0-amd64)
+ DigitalOcean droplet (Debian 8.3 x64 / 512 MB Memory / 20 GB Disk / NYC3)
+ Home-PC (Debian-9.2-amd64)
+ Raspian (Debian-9.3 on a Rapberry 3)
This script is not recommended for Debian 8 (Jessie) any longer.
# Step-by-Step Overwiew
@ -14,12 +16,12 @@ The script is known to work with Debian 8.3 stable (Jessie)
Hardware
+ Internet connection and router at home
+ Mini-pc connected to your router
+ Mini-pc connected to your router (a Raspberry 3 will do it too)
+ USB drive for backups
Software
+ Fresh installation of Debian on your mini-pc
+ Fresh installation of Debian 9 (Stretch) on your mini-pc
+ Router with open ports 80 and 443 for your Debian
## The basic steps (quick overview)
@ -32,7 +34,8 @@ Software
- git clone https://github.com/redmatrix/hubzilla.git html
- cp .homeinstall/hubzilla-config.txt.template .homeinstall/hubzilla-config.txt
- nano .homeinstall/hubzilla-config.txt
- Enter your values there: db pass, domain, values for dyn DNS
- Read the comments carefully
- Enter your values: db pass, domain, values for dyn DNS
- hubzilla-setup.sh as root
- ... wait, wait, wait until the script is finised
- reboot
@ -51,18 +54,36 @@ The installation will create a daily backup.
If the backup process does not find an external device than the backup goes to
the internal disk.
The USB drive must be compatible with an encrpyted filesystem LUKS + ext4.
The USB drive must be compatible with the filesystems
- ext4 (if you do not want to encrypt the USB)
- LUKS + ext4 (if you want to encrypt the USB)
## Preparations Software
### Install Debian Linux on the Mini-PC
Download the stable Debian at https://www.debian.org/
(Debian 8 is no longer supported.)
Create bootable USB drive with Debian on it. You could use the programm
unetbootin, https://en.wikipedia.org/wiki/UNetbootin
Create bootable USB drive with Debian on it.You could use
Switch of your mini pc, plug in your USB drive and start the mini pc from the
- unetbootin, https://en.wikipedia.org/wiki/UNetbootin
- or simply the linux command "dd"
Example for command dd...
su -
dd if=2017-11-29-raspbian-stretch.img of=/dev/mmcblk0
Do not forget to unmount the SD card before and check if unmounted like in this example...
su -
umount /dev/mmcblk0*
df -h
Switch off your mini pc, plug in your USB drive and start the mini pc from the
stick. Install Debian. Follow the instructions of the installation.
### Configure your Router
@ -81,26 +102,21 @@ You can use subdomains as well
There are two way to get a domain
- buy a domain (recommended) or
- buy a domain, or
- register a free subdomain
### Method 1: Get yourself an own Domain (recommended)
### Method 1: Buy an own Domain
...for example at selfHOST.de
...for example buy at selfHOST.de
The cost are around 10,- € once and 1,50 € per month (2017).
### Method 2 Register a (free) Subdomain
Register a free subdomain for example at
...for example register at freeDNS
- freeDNS
- selfHOST
Follow the instructions in .homeinstall/hubzilla-config.txt.
WATCH THIS: A free subdomain is not the prefered way to get a domain name. Why?
Let's encrpyt issues a limited number of certificates each
day. Possibly other users of this domain will try to issue a certificate
at the same day as you do. So make sure you choose a domain with as less subdomains as
possible.
## Install Hubzilla on your Debian
@ -135,7 +151,7 @@ Copy the template file
cp hubzilla-config.txt.template hubzilla-config.txt
Change the file "hubzilla-config.txt". Read the instructions there and enter your values.
Change the file "hubzilla-config.txt". Read the instructions there carefully and enter your values.
nano hubzilla-config.txt
@ -146,7 +162,7 @@ Run the script
Wait... The script should not finish with an error message.
In a webbrowser open your domain.
Expected: A test page of hubzilla is shown. All checks there shoulg be
Expected: A test page of hubzilla is shown. All checks there should be
successfull. Go on...
Expected: A page for the Hubzilla server configuration shows up.
@ -162,3 +178,21 @@ Leave db type "MySQL" untouched.
Follow the instructions in the next pages.
## Note for the Rasperry
The script was tested with an Raspberry 3 under Raspian (Debian 9.3, 2017-11-29-raspbian-stretch.img).
It is recommended to deinstall these programms to avoid endless updates. Use...
sudo apt-get purge wolfram-engine sonic-pi
sudo apt-get autoremove
It is recommended to run the Raspi without graphical frontend (X-Server). Use...
sudo raspi-config
to boot the Rapsi to the client console.
DO NOT FORGET TO CHANGE THE DEFAULT PASSWORD FOR USER PI!

37
.homeinstall/hubzilla-config.txt.template
View File

@ -70,15 +70,17 @@ selfhost_pass=
# freedns_key=U1Z6aGt2R0NzMFNPNWRjbWxxZGpsd093OjE1Mzg5NDE5
#
#
#freedns_key=
freedns_key=
###############################################
### OPTIONAL - Backup to external device ######
#
# The script can use an external device for the daily backup.
# The file system of the device (USB stick for example) must be compatible
# with encrypted LUKS + ext4
# The file system of the device (USB stick for example) must be compatible with
#
# - encrypted LUKS + ext4, or
# - ext4
#
# You should test to mount the device befor you run the script
# (hubzilla-setup.sh).
@ -113,27 +115,21 @@ selfhost_pass=
# lsof /media/hubzilla_backup
#
# If you leave the following parameters
#
# - "backup_device_name" and
# - "backup_device_pass"
#
# empty the script will create daily backups on the internal disk (which could
# save you as well).
#
# Example: backup_device_name=/dev/sdc1
#
# Leave "backup_device_pass=" empty if the external device is not encrypted.
#
backup_device_name=
backup_device_pass=
###############################################
### OPTIONAL - Owncloud - deprecated ##########
#
# To install owncloud: owncloud=y
# Leave empty if you don't want to install owncloud
#
#owncloud=
###############################################
### OPTIONAL - do not mess with things below ##
# (...if you are not certain)
@ -160,18 +156,3 @@ mysqlpass=$db_pass
# Example: phpmyadminpass="aber hallo has blanks in it"
phpmyadminpass=$db_pass
# TODO Prepare hubzilla for programmers
# - install eclipse and plugins
# - install xdebug to debug the php with eclipse
# - weaken permissions on /var/www/html
# - manual steps after this script
# * in eclipse: install plugins for php git hub
# * in eclipse: configure firefox (chrome,...) as browser to run with the php debuger
# * in eclipse: switch php debugger from zend to xdebug
# * in eclipse: add local hubzilla github repository
#
# Which user will use eclipse?
# Leave this empty if you do not want to prepare hubzilla for debugging
#
#developer_name=

39
.homeinstall/hubzilla-setup.sh
View File

@ -44,14 +44,9 @@
# - The script runs into installation errors for phpmyadmin if it uses
# different passwords. For the sake of simplicity one singel password.
#
# Security - suhosin for PHP
# - The script does not install suhosin.
# - Is the security package suhosin usefull or not usefull?
#
# Hubzilla - email verification
# - The script switches off email verification off in all htconfig.tpl.
# Example: /var/www/html/view/en/htconfig.tpl
# - Is this a silly idea or not?
#
#
# Remove Hubzilla (for a fresh start using the script)
@ -253,11 +248,9 @@ function install_sendmail {
}
function install_php {
# openssl and mbstring are included in libapache2-mod-php5
# to_to: php5-suhosin
# openssl and mbstring are included in libapache2-mod-php
print_info "installing php..."
nocheck_install "libapache2-mod-php5 php5 php-pear php5-xcache php5-curl php5-mcrypt php5-gd"
php5enmod mcrypt
nocheck_install "libapache2-mod-php php php-pear php-curl php-mcrypt php-gd"
}
function install_mysql {
@ -277,18 +270,17 @@ function install_mysql {
# want to be prompted for it then this can be arranged by preseeding the
# DebConf database with the required information.
#
# echo mysql-server-5.5 mysql-server/root_password password xyzzy | debconf-set-selections
# echo mysql-server-5.5 mysql-server/root_password_again password xyzzy | debconf-set-selections
# echo mysql-server mysql-server/root_password password xyzzy | debconf-set-selections
# echo mysql-server mysql-server/root_password_again password xyzzy | debconf-set-selections
#
print_info "installing mysql..."
if [ -z "$mysqlpass" ]
then
die "mysqlpass not set in $configfile"
fi
echo mysql-server-5.5 mysql-server/root_password password $mysqlpass | debconf-set-selections
echo mysql-server-5.5 mysql-server/root_password_again password $mysqlpass | debconf-set-selections
nocheck_install "php5-mysql mysql-server mysql-client"
php5enmod mcrypt
echo mysql-server mysql-server/root_password password $mysqlpass | debconf-set-selections
echo mysql-server mysql-server/root_password_again password $mysqlpass | debconf-set-selections
nocheck_install "php-mysql mysql-server mysql-client"
}
function install_phpmyadmin {
@ -305,7 +297,7 @@ function install_phpmyadmin {
echo phpmyadmin phpmyadmin/reconfigure-webserver multiselect apache2 | debconf-set-selections
nocheck_install "phpmyadmin"
# It seems to be not neccessary to check rewrite.load because it comes
# It seems not to be neccessary to check rewrite.load because it comes
# with the installation. To be sure you could check this manually by:
#
# nano /etc/apache2/mods-available/rewrite.load
@ -327,6 +319,7 @@ function install_phpmyadmin {
echo "Include /etc/phpmyadmin/apache.conf" >> /etc/apache2/apache2.conf
fi
service apache2 restart
/etc/init.d/mysql start
}
function create_hubzilla_db {
@ -455,11 +448,6 @@ function configure_cron_selfhost {
fi
}
function install_git {
print_info "installing git..."
nocheck_install "git"
}
function install_letsencrypt {
print_info "installing let's encrypt ..."
# check if user gave domain
@ -511,6 +499,8 @@ END
then
die "Failed to load $url_http"
fi
# accept terms of service of letsencrypt
./dehydrated --register --accept-terms
# run script dehydrated
#
./dehydrated --cron --config $le_dir/config.sh
@ -607,7 +597,6 @@ function install_hubzilla_plugins {
echo "# cd /var/www/html/.homeinstall" >> $plugin_install
echo "# ./hubzilla-setup.sh" >> $plugin_install
echo "https://gitlab.com/zot/ownmapp.git ownMapp" >> $plugin_install
echo "https://gitlab.com/zot/hubzilla-chess.git chess" >> $plugin_install
fi
# install plugins
while read -r line; do
@ -801,10 +790,7 @@ echo "# update" >> /var/www/$hubzilladaily
echo "echo \"\$(date) - updating dehydrated...\"" >> /var/www/$hubzilladaily
echo "git -C /var/www/letsencrypt/ pull" >> /var/www/$hubzilladaily
echo "echo \"\$(date) - updating hubhilla core...\"" >> /var/www/$hubzilladaily
echo "git -C /var/www/html/ pull" >> /var/www/$hubzilladaily
echo "echo \"\$(date) - updating hubhilla addons...\"" >> /var/www/$hubzilladaily
echo "git -C /var/www/html/addon/ pull" >> /var/www/$hubzilladaily
echo "bash /var/www/html/$plugins_update" >> /var/www/$hubzilladaily
echo "(cd /var/www/html/ ; util/udall)" >> /var/www/$hubzilladaily
echo "chown -R www-data:www-data /var/www/html/ # make all accessable for the webserver" >> /var/www/$hubzilladaily
echo "chown root:www-data /var/www/html/.htaccess" >> /var/www/$hubzilladaily
echo "chmod 0644 /var/www/html/.htaccess # www-data can read but not write it" >> /var/www/$hubzilladaily
@ -894,7 +880,6 @@ install_run_selfhost
ping_domain
configure_cron_freedns
configure_cron_selfhost
install_git
install_letsencrypt
configure_apache_for_https
check_https