# Make sure that `passwd`, `group` and `shadow` have mysql in their lines
# You should place mysql at the end, so that it is queried after the other mechanisams
#
passwd: compat extrausers
group: compat extrausers
shadow: compat extrausers
hosts: files dns
networks: files dns
services: db files
protocols: db files
rpc: db files
ethers: db files
netmasks: files
netgroup: files
bootparams: files
automount: files
aliases: files
sudo service nscd restart
sudo nscd --invalidate=group
2a. Settings > System settings > Activate > Use libnss-extrausers instead of libnss-mysql
2c. Activate on Settings > Froxlor VirtualHost settings - Enable Let's Encrypt for the froxlor vhost - Enable SSL-redirect for the froxlor vhost - HTTP Strict Transport Security (HSTS) - Include HSTS for any subdomain
Question
みゆき
Warning, this is not an official guide!!!
1.
sudo mv /etc/apt/source.list /etc/apt/source.list.bak
1a. Create new Source.list
sudo nano /etc/apt/source.list
1b. insert (for Debian Stretch)
###### Debian Main Repos
deb http://ftp.de.debian.org/debian/ stable main contrib non-free
deb-src http://ftp.de.debian.org/debian/ stable main contrib non-free
deb http://ftp.de.debian.org/debian/ stable-updates main contrib non-free
deb-src http://ftp.de.debian.org/debian/ stable-updates main contrib non-free
deb http://security.debian.org/ stable/updates main
deb-src http://security.debian.org/ stable/updates main
deb http://ftp.debian.org/debian stretch-backports main
deb-src http://ftp.debian.org/debian stretch-backports main
###### Extra Repos
###Debian Multimedia
deb [arch=i386,amd64] http://www.deb-multimedia.org stretch main non-free
###nginx
deb [arch=amd64,i386] http://nginx.org/packages/debian/ stretch nginx
deb-src [arch=amd64,i386] http://nginx.org/packages/debian/ stretch nginx
###php7.X | curl https://packages.sury.org/php/apt.gpg | apt-key add -
deb https://packages.sury.org/php/ $(lsb_release -sc) main
### MariaDB 10.3
### http://downloads.mariadb.org/mariadb/repositories/
deb [arch=amd64,i386,ppc64el] http://ftp.hosteurope.de/mirror/mariadb.org/repo/10.3/debian stretch main
deb-src http://ftp.hosteurope.de/mirror/mariadb.org/repo/10.3/debian stretch main
1.2B (for Ubuntu Cosmic)
###### Ubuntu Main Repos
deb http://de.archive.ubuntu.com/ubuntu/ cosmic main restricted universe multiverse
deb-src http://de.archive.ubuntu.com/ubuntu/ cosmic main restricted universe multiverse
###### Ubuntu Update Repos
deb http://de.archive.ubuntu.com/ubuntu/ cosmic-security main restricted universe multiverse
deb http://de.archive.ubuntu.com/ubuntu/ cosmic-updates main restricted universe multiverse
deb http://de.archive.ubuntu.com/ubuntu/ cosmic-proposed main restricted universe multiverse
deb http://de.archive.ubuntu.com/ubuntu/ cosmic-backports main restricted universe multiverse
deb-src http://de.archive.ubuntu.com/ubuntu/ cosmic-security main restricted universe multiverse
deb-src http://de.archive.ubuntu.com/ubuntu/ cosmic-updates main restricted universe multiverse
deb-src http://de.archive.ubuntu.com/ubuntu/ cosmic-proposed main restricted universe multiverse
deb-src http://de.archive.ubuntu.com/ubuntu/ cosmic-backports main restricted universe multiverse
###### MariaDB 10.3 repository list - created 2019-01-25 21:01 UTC
###### http://downloads.mariadb.org/mariadb/repositories/
deb [arch=amd64] http://ftp.hosteurope.de/mirror/mariadb.org/repo/10.3/ubuntu cosmic main
deb-src http://ftp.hosteurope.de/mirror/mariadb.org/repo/10.3/ubuntu cosmic main
###### Nginx Mainline
###### https://launchpad.net/~nginx/+archive/ubuntu/development
deb http://ppa.launchpad.net/nginx/development/ubuntu cosmic main
deb-src http://ppa.launchpad.net/nginx/development/ubuntu cosmic main
###### PHP7.X
###### https://launchpad.net/~ondrej/+archive/ubuntu/php
deb http://ppa.launchpad.net/ondrej/php/ubuntu cosmic main
deb-src http://ppa.launchpad.net/ondrej/php/ubuntu cosmic main
1c.
sudo apt update && sudo apt dist-upgrade && sudo apt autoclean && sudo apt autoremove
1d.
sudo apt install curl wget apt-transport-https dirmngr git software-properties-common
Now you can start setting up your server
2. MariaDB install
Warning use sudo command für this install!
2a. MariaDB 10.3 Workround (Optional)
when you MariaDB install with not sudo command, have you Problems with your Froxlor install.
you can use this workround: (Thanks J-BBB for this Note )
3. nginx install
sudo apt install nginx
3a.
mkdir /etc/nginx/sites-available mkdir /etc/nginx/sites-enabled
3b. nano /etc/nginx/nginx.conf
user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
events {
worker_connections 768;
multi_accept on;
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
#include /etc/nginx/naxsi.rules;
#include /etc/nginx/naxsi-wp.rules;
default_type application/octet-stream;
##
# SSL Settings
##
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
##
# Gzip Settings
##
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_buffers 16 8k;
gzip_http_version 1.1;
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
#mail {
# # See sample authentication script at:
# # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
#
# # auth_http localhost/auth.php;
# # pop3_capabilities "TOP" "USER";
# # imap_capabilities "IMAP4rev1" "UIDPLUS";
#
# server {
# listen localhost:110;
# protocol pop3;
# proxy on;
# }
#
# server {
# listen localhost:143;
# protocol imap;
# proxy on;
# }
#}
4. PHP install
sudo apt-get -y install php7.3-fpm php7.3-mysql php7.3-curl php7.3-gd php7.3-intl php-pear php-imagick php7.3-imap php-memcache php7.3-pspell php7.3-recode php7.3-sqlite3 php7.3-tidy php7.3-xmlrpc php7.3-xsl php7.3-mbstring php-gettext php7.3-mysql php7.3-curl php7.3-gd php7.3-intl php-pear php-imagick php7.3-imap php-memcache php7.3-memcached php7.3-pspell php7.3-recode php7.3-sqlite3 php7.3-tidy php7.3-xmlrpc php7.3-xsl php7.3-mbstring php-gettext php7.3-fpm php7.3-cli php7.3-cgi php-bcmath php-zip php7.3-fpm php7.3-curl php7.3-gd php7.3-mysql php7.3-mbstring php7.3-zip php7.3-bcmath zip unzip
4a.
sudo service nginx restart sudo service php7.3-fpm restart
Froxlor install
There are two ways to get Froxlor. Stable (wget) and Beta Build (git / Master)
Stable Version
1.
cd /var/www/html/
1a.
sudo https://files.froxlor.org/releases/froxlor-latest.tar.gz && sudo tar xzfv froxlor-latest.tar.gz
or
Git Version (Beta Version)
sudo git clone https://github.com/Froxlor/Froxlor.git && sudo chown -HR www-data:www-data Froxlor/
sudo apt install composer
su - www-data -s /bin/bash
cd /var/www/html/Froxlor/
1a(2). Composer install in your Froxlor directory
composer install --no-dev
composer install --no-dev
Loading composer repositories with package information
Updating dependencies
Package operations: 5 installs, 0 updates, 0 removals
- Installing psr/log (1.1.0): Loading from cache
- Installing monolog/monolog (1.24.0): Downloading (100%)
- Installing mso/idna-convert (v1.1.0): Downloading (100%)
- Installing phpmailer/phpmailer (v6.0.7): Downloading (100%)
- Installing robthree/twofactorauth (1.6.5): Downloading (100%)
Writing lock file
Generating autoload files
> if [ -f ./vendor/bin/phpcs ]; then "vendor/bin/phpcs" --config-set installed_paths vendor/phpcompatibility/php-compatibility ; fi
1b.
sudo chown -R www-data:www-data Froxlor/
Set up Froxlor
2. Open Your Browser
2a.
http://your IP or Hostname/Froxlor
Install Froxlor finish
3d. Move userdata (Optional)
sudo mv /tmp/userdata.inc.php /var/www/html/Froxlor/lib/
2c.
sudo rm /etc/nginx/site-enable/default
don't restart nginx!
Froxlor Settings
1. Cronjob
sudo nano /etc/cron.d/froxlor
insert
# # Set PATH, otherwise restart-scripts won't find start-stop-daemon # PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin # # Regular cron jobs for the froxlor package # # Please check that all following paths are correct # */5 * * * * root /usr/bin/nice -n 5 /usr/bin/php -q /var/www/html/Froxlor/scripts/froxlor_master_cronjob.php
sudo chmod 0640 "/etc/cron.d/froxlor" sudo chown root:0 "/etc/cron.d/froxlor" sudo service cron restart
2. Nginx PHP Backend
Settings > Webserver settings > Nginx PHP backend
from 127.0.0.1:8888 to unix:/run/php/php7.3-fpm.sock
3.
sudo mkdir -p /var/customers/webs/ sudo mkdir -p /var/customers/logs/ sudo mkdir -p /var/customers/tmp sudo chmod 1777 /var/customers/tmp sudo service nginx restart
4. IPs and Ports > Add IP/Port
2a(1), SSL Port
Wait 5min for Autimatic Start Froxlor's cronjob or start the cronjob manually
sudo php /var/www/html/Froxlor/scripts/froxlor_master_cronjob.php --force --debug
Optional
PHP-FPM activate
1. User/Group add
sudo adduser froxlorlocal --disabled-password --no-create-home && sudo usermod -a -G www-data froxlorlocal
2. libnss-extrausers install
sudo apt install nscd libnss-extrausers
sudo mkdir -p /var/lib/extrausers sudo touch /var/lib/extrausers/{passwd,group,shadow}
sudo mv "/etc/nsswitch.conf" "/etc/nsswitch.conf.frx.bak"
sudo nano /etc/nsswitch.conf
# Make sure that `passwd`, `group` and `shadow` have mysql in their lines # You should place mysql at the end, so that it is queried after the other mechanisams # passwd: compat extrausers group: compat extrausers shadow: compat extrausers hosts: files dns networks: files dns services: db files protocols: db files rpc: db files ethers: db files netmasks: files netgroup: files bootparams: files automount: files aliases: files
sudo service nscd restart sudo nscd --invalidate=group
2a. Settings > System settings > Activate > Use libnss-extrausers instead of libnss-mysql
3. Settings > PHP-FPM > Activated:
Change from NO to YES
3a. PHP-FPM versions
Change > php-fpm restart command:
service php7.3-fpm restart
and
Configuration directory of php-fpm: > to
/etc/php/7.3/fpm/pool.d/
3b. Settings > Froxlor VirtualHost settings > Activate > Enable PHP-FPM for the Froxlor vHost
3c.
sudo chown -HR froxlorlocal:froxlorlocal /var/www/html/Froxlor
SSL / Let's Encrypt activate
1.
sudo apt install certbot
1a.
sudo mkdir /etc/nginx/ssl && cd /etc/nginx/ssl
1b. Create SSL File
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/nginx/ssl/nginx.key -out /etc/nginx/ssl/nginx.crt
1c.
sudo nano /etc/nginx/acme.conf
insert
location /.well-known/acme-challenge { alias /var/www/html/Froxlor/.well-known/acme-challenge; location ~ /.well-known/acme-challenge/(.*) { default_type text/plain; } }
2. Open your Froxlor Panel
Settings> SSL > Activated:
Change from NO to YES
2a. Settings > SSL > Settings
Change your path from your certificate / Keyfile
Path to the SSL certificate
insert
/etc/nginx/ssl/nginx.crt
Path to the SSL Keyfile
insert
/etc/nginx/ssl/nginx.key
2b. Settings > SSL > Settings
Activate > Enable Let's Encrypt
Change Path to the acme.conf snippet to >
/etc/nginx/acme.conf
2c. Activate on Settings > Froxlor VirtualHost settings
- Enable Let's Encrypt for the froxlor vhost
- Enable SSL-redirect for the froxlor vhost
- HTTP Strict Transport Security (HSTS)
- Include HSTS for any subdomain
2d. Activated HTTP2 Support on > Settings > Nginx
Link to comment
Share on other sites
35 answers to this question
Recommended Posts
Archived
This topic is now archived and is closed to further replies.