Flarum Management (Script)

Kulga

mgilang real nice, hope theres for centos.

@Kulga I should put what I've done on a branch though if you're interested

Ok! Hopefully I did that correctly, there should now be a centos branch with what I have done. Feel free to experiment. It's not working all the way though (from what I last touched that part of it)

TorchPE

Kulga NGINX won't restart

TorchPE

When I go to my site it says 403? This is after running the script

Kulga

TorchPE more detail is needed, what OS are you running?

You're replying to my post about a centos branch which I've explicity mentioned is not functional.
For this script right now, you ~~need~~ should run on a 1024MB Ubuntu droplet (AKA the $10 droplet)
After testing, you may also run it on the $5 one (512MB droplet) on Ubuntu

EDIT:

I've now just tested it and it is indeed running successfully on a 1024MB Ubuntu 16.04 droplet with these commands

wget 'https://raw.githubusercontent.com/kulga/flarummanagement/master/flarum_management' -O flarum_management
chmod u+x flarum_management
./flarum_management -if ipaddrofserver # Eg 345.3464.234 or domain.tld

EDIT(2):
It also seems to work on a 512MB droplet!

TorchPE

Kulga What is the default MySQL DB and User that it made?

Kulga

TorchPE It tells you this at the end of the script.
It will look something like below. The password is always different. The username and database are partially taken from your domain or ip address and partially hashed (to reduce the odds that very similar domains crash in naming)

#############################

Database Credentials Generated!
Copy the below credentials to your website at
138.197.200.40

Flarum database -> flrm_138.197.abb
Flarum username -> flrm_138.197.abb
Flarum database password -> eith5ohMuL1Sahthahpi

Ensure you have completed the web install PRIOR to hitting enter
if you are installing flarum more then once

#############################

If this was unclear, is there anyway I should to make the above information more prevalent when running this script?

TorchPE

Kulga Also, can I make my own db and user? Will it still work?

TorchPE

Note that the details will be there, I was just skipping through everything and didn't think that they would be there

Kulga

TorchPE Note that the details will be there, I was just skipping through everything and didn't think that they would be there

Hmm. The issue is credentials are not always going to be generated as it can do other things (like enable ssl or install the software needed like nginx).
However, I can put it on this page.

TorchPE Also, can I make my own db and user? Will it still work?

yes, the script creates a empty database. You may use any that you like. But if you do, you will also need to manually remove them once done, and backups ~~(once I get them working)~~ won't use the manual one.
So yes, but responsibility of managing it is yours if you choose that path. You may also install phpmyadmin to make that easier (which this script does not do)

Ralkage

@Kulga The only thing I really had to do manually was to install php-zip on my own and it installed these for me as well:

libzip4 php7.0-cli php7.0-common php7.0-curl php7.0-fpm php7.0-gd php7.0-json php7.0-mbstring php7.0-mcrypt php7.0-mysql php7.0-opcache php7.0-readline
php7.0-xml php7.0-zip

It's just easier to run this script than to do everything manually ?

Chope

I want to install Flarum and ssl only using this script ( I already have a LAMP stack installed manually) but I have an error -

chown: invalid group: ‘chope:php_flarum’

How do you go about this? Will manually creating and adding the $user to the user group solve this?

Kulga

Chope

In the script look at this line

unprivileged_php_user="php_flarum"

Change this to the unprivileged php user you are actually using. It might be www-data
However, it expects a LEMP stack (Nginx not Apache) so when it enables ssl it'll be writing to a nginx file.

Chope

Yeah, it's LEMP stack not LAMP. Sorry for the mix up.
As per the edits, will sudo nano do it?

'php_flarum', is it a user or group?
Thought the user is always the one I am logged with which the user variable $user represents.

Kulga

Chope If you are using Nginx, you can run:

sudo useradd "php_flarum" --home-dir "/var/www/flarum" --system --shell /bin/false
sudo gpasswd -a "www-data" "php_flarum"
sudo gpasswd -a "php_flarum" "www-data"

Make sure to restart php-fpm and nginx after running these commands. Let me know if these commands resolve it

As you can see, php_flarum is a user but also has a group with the same name.

Chope Thought the user is always the one I am logged with which the user variable $user represents.

Correct. But linux transparently does a lot of privilege separation with services. Consider this:
The root user has access to everything. Only root may bind ports less than 1024.
Nginx binds to port 80 which requires root access.
However, you don't want nginx running as root. If it's compromised, your server is compromised.

Nginx binds to port 80 as root, then drops to a unprivileged user, often set as www-data

My script follows this approach. It uses its own user that has access to naught but critical portions of the flarum installs.

Chope

Kulga
Working fine, thanks.

tarvos21

Thanks for the great script, but when I try to execute it on my Ubuntu 16.04 compute engine, it says can not locate php7.0-curl, php7.0-dom ..... and about 8 packages, it can not find. What may be the problem?

Kulga

tarvos21 How did you call it? What are the exact errors.

The script explicitly calls for those to be installed if you run it with -i

 sudo apt-get install \
        nginx-full \
        mysql-server \
        mysql-client \
        php7.0-curl \
        php7.0-gd \
        php7.0-cli \
        php7.0-mysql \
        php7.0-mbstring \
        php7.0-dom \
        php7.0-fpm \
        pwgen \
        zip \
        unzip \
git

tarvos21

Kulga Thanks, I don't know why the script can not locate those packages. I just run it like: ./flarum_management.sh -if domain.com

After several hours of trying, I find that, if I install php manually by 'sudo apt-get install php-fpm php-mysql' before the script, there will be no problem, it works great.

So now I will first install Nginx, MySQL, PHP on Ubuntu 16.04, then I run the script with '-if' flag, it work as expected like this finally. And I can also remove one domain totally.

Great script!

Kulga

tarvos21 If possible, seeing actual errors or output would go a long way to fixing this for others and preventing hours of guessing for people who are trying to use it ❗
Otherwise, I'm stuck guessing the possible cause.
Also, what host were you using?

tarvos21

Kulga I am using Google Could Compute Engine instance, but now I cannot reproduce the problem.

Another problem, I tried to rename the domain after installing flarum, but it does not work. I change the nginx configuration file and sites-available directory, and the /var/www/flarum/ directory. When I go to the new domain in browser, it just gives an error. If I install flarum and want to change the domain, what do I need to do?

Kulga

tarvos21 check sites-enabled, not sites-available.
This script uses the domain as part of its database name as well, I would check to make sure that's updated as well.
Ideally, if it's a new install, just remove it and reinstall using the new name.

When I go to the new domain in browser, it just gives an error

As always, stating there is a error is not as helpful as providing the exact error itself ?