capsula-gemini/source/notes/flarum.gmi

## Flarum

Flarum es un software para foros moderno y ligero.

Instalación en un servidor Ubuntu 20.04. Ya debes de tener un dominio o subdominio apuntando a la IP de tu servidor.

### Instalar composer

* Actualizar el sistema

```
sudo apt update
sudo apt upgrade
```

* Instalar requisitos previos

```
sudo apt install php-cli unzip php-fpm
```

* Descargar `composer`, puede ser en `home`

```
curl -sS https://getcomposer.org/installer -o composer-setup.php
```

* Verificamos la descarga

```
HASH=`curl -sS https://composer.github.io/installer.sig`

php -r "if (hash_file('SHA384', 'composer-setup.php') === '$HASH') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"

Installer verified
```

"No continues" si no ves: `Installer verified`

* Instalamos

```
sudo php composer-setup.php --install-dir=/usr/local/bin --filename=composer
```

* Comprobamos

```
composer -V

Composer version 2.1.12 2021-11-09 16:02:04
```

* Se puede borrar el instalador

```
rm composer-setup.php
```


### Instalar las extensiones necesarias

```
sudo apt install php-curl php-dom php-gd php-mbstring php-mysql php-zip
```

### Instalamos Flarum

* Creamos la carpeta de instalación, cambiamos temporalmente el dueño, reemplaza USER por tu uuario y nos cambiamos a ella.

```
sudo mkdir /opt/flarum

sudo chown USER:USER /opt/flarum

cd /opt/flarum
```

* Instalamos Flarum

```
sudo composer create-project flarum/flarum .
```

### Instalamos Certbot

* Usa un correo que puedas consultar para registrarte, es importante para las notificaciones de vencimiento del certificado.

```
sudo apt install certbot

sudo certbot register --agree-tos -m YOUR_EMAIL
```

* Solicitamos el certificado, reemplaza DOMAIN por el dominio de tu foro.

```
sudo certbot certonly --standalone --preferred-challenges http-01 -d DOMAIN

    /etc/letsencrypt/live/DOMAIN/fullchain.pem
    /etc/letsencrypt/live/DOMAIN/privkey.pem
```

* Generamos el archivo: ssl-dhparams.pem

```
sudo openssl dhparam -dsaparam -out /etc/letsencrypt/ssl-dhparams.pem 4096
```

* Creamos el archivo: options-ssl-nginx.conf

```
sudo vim /etc/letsencrypt/options-ssl-nginx.conf

    ssl_session_cache shared:le_nginx_SSL:10m;
    ssl_session_timeout 1440m;

    ssl_protocols TLSv1.2 TLSv1.3;
    ssl_prefer_server_ciphers on;

    ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA38";

    add_header Strict-Transport-Security "max-age=63072000; preload";
    add_header X-Frame-Options "SAMEORIGIN";
    add_header X-Content-Type-Options nosniff;
    add_header X-XSS-Protection "1; mode=block";
    add_header Permissions-Policy interest-cohort=();
```

* Creamos el archivo: certbot.conf

```
sudo vim /etc/letsencrypt/live/DOMAIN/certbot.conf

    ssl_certificate /etc/letsencrypt/live/DOMAIN/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/DOMAIN/privkey.pem;
    include /etc/letsencrypt/options-ssl-nginx.conf;
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
```


### Instalamos Nginx

```
sudo apt install nginx
```

* Configuración general

```
sudo vim /etc/nginx/nginx.conf

    user  www-data;
    worker_processes  auto;
    worker_rlimit_nofile 20480;
    pid /run/nginx.pid;

    error_log  /var/log/nginx/error.log warn;

    events {
        worker_connections  5120;
    }

    http {
        include       /etc/nginx/mime.types;
        default_type  application/octet-stream;

        server_tokens off;
        log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                          '$status $body_bytes_sent "$http_referer" '
                          '"$http_user_agent" "$http_x_forwarded_for"';

        access_log  /var/log/nginx/access.log  main;

        sendfile        on;

        keepalive_timeout  65;

        include /etc/nginx/sites-enabled/*.conf;

        disable_symlinks off;

        client_max_body_size 100M;

    }
```

* Configuración para Flarum

```
sudo vim /etc/nginx/sites-available/flarum.cuates.net.conf

    server {
        listen 443 ssl http2;
        listen [::]:443 ssl http2;
        server_name flarum.cuates.net;
        charset     utf-8;

        include /etc/letsencrypt/live/cuates.net/certbot.conf;
        proxy_set_header X-Forwarded-For $remote_addr;
        server_tokens off;

        access_log      /var/log/nginx/foro.cuates.net.access.log;
        error_log       /var/log/nginx/foro.cuates.net.error.log;

        client_max_body_size 10M;

        root /opt/flarum/public;
        index index.php index.html;

        include /opt/flarum/.nginx.conf;

        location ~ \.php$ {
            fastcgi_pass unix:/run/php/php7.4-fpm.sock;
            fastcgi_index index.php;
            fastcgi_read_timeout 240;
            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
            include fastcgi_params;
            fastcgi_split_path_info ^(.+.php)(/.+)$;
        }

    }

```

* Creamos vínculo simbólico

```
sudo ln -s /etc/nginx/sites-available/flarum.cuates.net.conf /etc/nginx/sites-enabled/
```

* Borrar el sitio predeterminado

```
sudo rm /etc/nginx/sites-enabled/default
```

* Validamos la configuración.

```
sudo nginx -t

nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
```

No continues si obtienes cualquier error.


### Instalar y configurar MariaDB

```
sudo apt install mariadb-server

sudo mysql_secure_installation

    Set root password? [Y/n] Y
    Remove anonymous users? [Y/n] Y
    Disallow root login remotely? [Y/n] Y
    Remove test database and access to it? [Y/n] Y
    Reload privilege tables now? [Y/n] Y

    Cleaning up...

    All done!  If you've completed all of the above steps, your MariaDB
    installation should now be secure.

    Thanks for using MariaDB!

sudo mysql -u root -p

    use mysql;
    update user set plugin='mysql_native_password' where user='root';
    flush privileges;
```

* Crear usuario y base de datos, reemplaza USER por el usuario para la base de datos y usa una contraseña fuerte.

```
CREATE DATABASE flarum;

CREATE USER 'USER'@'localhost' IDENTIFIED BY 'CONTRASEÑA_FUERTE';

GRANT ALL PRIVILEGES ON flarum . * TO 'USER'@'localhost';

FLUSH PRIVILEGES;

exit;
```

* Quitar la mierda de Google, elimina la línea 10

```
vim /opt/flarum/vendor/flarum/core/views/install/app.php

      @import url(//fonts.googleapis.com/css?family=Open+Sans:400italic,700italic,400,700,600);
```

* Cambia el usuario y los permisos a la carpeta de instalación.

```
sudo chown -R www-data:www-data /opt/flarum

sudo chmod -R 775 /opt/flarum
```

* Reinicia nginx

```
sudo systemctl restart nginx
```

* En tu navegador ver a la URL de tu foro para continuar con la instalación.

```
https://foro.cuates.net
```

* Captura todos los datos solicitados.



=> gemini://elmau.net/chuletas.gmi Regresar el índice
=> gemini://elmau.net Regresar el inicio