How to Install FossBilling with Nginx on Debian 11
On this page
- Prerequisites
- Installing Nginx Web Server
- Installing and Configuring UFW Firewall
- Installing and Configuring MariaDB Server
- Installing and Configuring PHP-FPM 8.2
- Downloading FOSSBilling Source Code
- Setting up Nginx Server Block
- Securing FossBilling with SSL/TLS Certificates from Letsencrypt
- Start FOSSBilling Installation
- Conclusion
FOSSBilling is free and open-source billing designed to be easy for clients and sellers. FOSSBilling is a fork of BoxBilling. It provides an excellent experience for clients with an intuitive interface and supports multiple payment gateways. FOSSBilling is suitable for multiple businesses, from small to medium or even large businesses. FOSSBilling can help you to automate your invoicing, incoming payments, and client management and communication.
In this guide, you will install an open-source billing solution FossBilling on the Debian 11 server. You'll set up FossBilling with LEMP Stack (Linux, Nginx, MariaDB, and PHP-FPM) and secure FossBilling with SSL/TLS certificates via Certbot and Letsencrypt.
Prerequisites
To complete this guide, you will need the following requirements:
- A Debian 11 server - This example uses a Debian server with the hostname 'fossbilling-server'.
- A non-root user with sudo/root administrator privileges.
- A domain name pointed to a server IP address - This example uses a sub-domain 'fossbilling.howtoforge.local'.
With these requirements in place, you're ready to install FossBilling.
Installing Nginx Web Server
In this first step, you'll install the Nginx web server on your Debian system. Then, you'll verify the Nginx service to ensure it's running and enabled.
To start, run the below apt command to update and refresh your Debian package index.
sudo apt update
After the repository is updated, install the Nginx web server via the apt command below. When prompted, input y to confirm and press ENTER to proceed.
sudo apt install nginx
Output:
Once Nginx is installed, run the below systemctl command utility to verify the Nginx service status and ensure that it's running.
sudo systemctl is-enabled nginx
sudo systemctl status nginx
The following output confirms that the Nginx service is running and enabled, which means it will start automatically at system startup.
Installing and Configuring UFW Firewall
On Debian, the default firewall is iptables. To make it easier, you can install UFW for managing your system firewall.
In this step, you'll install UFW and open the SSH, HTTP, and HTTPS services to allow users/clients access.
Install UFW by executing the apt command below. Input y when prompted and press ENTER to proceed.
sudo apt install ufw
Output:
Once UFW is installed, run the below ufw command to open the OpenSSH and 'WWW Full' applications. The OpenSSH apps will open the default SSH port 22 and the 'WWW Full' apps will open both HTTP and HTTPS services on ports 80 and 443.
sudo ufw allow OpenSSH
sudo ufw allow "WWW Full"
When successful, you should get an output such as 'Rules updated'.
Next, run the below ufw command to start and enable the UFW firewall. When prompted, input y to confirm and press ENTER to proceed.
sudo ufw enable
The output 'Firewall is active and enabled on system startup' confirms that the UFW firewall is running and will be run automatically upon the bootup.
Lastly, run the below command to verify the UFW firewall status. You should see that the UFW firewall is 'active' with applications OpenSSH and 'WWW Full' added on top of it.
sudo ufw status
Output:
With the UFW firewall installed and configured, you'll start installing the MariaDB database server.
Installing and Configuring MariaDB Server
In this step, you'll install the MariaDB server, secure MariaDB deployment via 'mariadb-secure-installation', then you'll create a new MariaDB database and user that FossBilling will use.
Install the MariaDB server using the following apt command. When prompted, input y and press ENTER to proceed.
sudo apt install mariadb-server
Output:
Once MariaDB is installed, run the below systemctl command utility to verify the MariaDB service and ensure that the service is running.
sudo systemctl is-enabled mariadb
sudo systemctl status mariadb
The following output confirms that the MariaDB server is running and it's enabled, which means it's will start automatically on system startup.
With the MariaDB server running, you'll next secure the MariaDB deployment via the 'mariadb-secure-installation' command. Run the below 'mariadb-secure-installation' command to start securing your MariaDB server.
sudo mariadb-secure-installation
You'll be asked about some MariaDB configurations below:
- Switch local authentication to unix_socket? Input n for no.
- Set up MariaDB root password? Input y, then type the new MariaDB root password and repeat.
- Remove the default anonymous user? Input y to confirm.
- Disable remote login for the root user? Input y to confirm.
- Remove the default database test? Input y to confirm.
- Reload table privileges and apply changes? Input y to confirm.
Now that you've secured MariaDB deployment and configured the MariaDB root password, you'll next create a new database and user that will be used for the FossBilling installation.
To start, run the below 'mariadb' command to log in to the MariaDB shell. When prompted for the password, input your MariaDB root password.
sudo mariadb -u root -p
Next, run the below queries to create a new database and user for Fossbilling. In this example, you'll create a new database 'fossbillingdb', and the MariaDB user 'fossbilling'. Also, be sure to change the password in the below queries.
CREATE DATABASE fossbillingdb;
CREATE USER fossbilling@localhost IDENTIFIED BY 'password';
GRANT ALL ON fossbillingdb.* TO fossbilling@localhost WITH GRANT OPTION;
FLUSH PRIVILEGES;
Output:
Now verify the privileges of the MariaDB user 'fossbilling' and be sure that the user has privileges to access the database 'fossbillingdb'.
SHOW GRANTS FOR fossbilling@localhost;
quit
Now type quit to exit.
Output:
With this, you've now installed the MariaDB server, configured the MariaDB root user, and created the database and user for FossBilling. In the next step, you'll install and configure PHP-FPM on the Debian server.
Installing and Configuring PHP-FPM 8.2
In this step, you'll install and configure PHP-FPM on your Debian server. The latest version of FossBilling si supported with PHP 8.x. So, you'll now install PHP 8.2 for the FossBiling installation.
Before that, you must add a third-party PHP repository to your Debian server. It's because PHP 8.0 is still not yet available on the Debian 11 repository.
To start, run the below command to install basic dependencies to your Debian system. Input y when prompted and press ENTER to proceed.
sudo apt install ca-certificates gnupg2 apt-transport-https software-properties-common
Output:
Now run the below wget command to download the GPG key for the PHP repository.
wget -q -O /usr/share/keyrings/sury-php.gpg https://packages.sury.org/php/apt.gpg
Next, run the below command to add the PHP repository to your Debian server.
echo "deb [signed-by=/usr/share/keyrings/sury-php.gpg] https://packages.sury.org/php/ $(lsb_release -sc) main" | tee /etc/apt/sources.list.d/sury-php.list
Then refresh and update the package index using the below apt command. This will download the index of package lists for the new PHP repository.
sudo apt update
Output:
Now run the below apt command to install PHP and PHP-FPM packages. Input y when prompted and press ENTER to proceed. Also, ensure the PHP version that you'll be installing is PHP 8.1 or 8.2.
sudo apt install php php-fpm
Output:
Then you can install PHP extensions required by FossBilling via the below apt command. Input y to confirm the installation and press ENTER to proceed.
sudo apt install libcurl4-openssl-dev php-mysql php-curl php-cli php-zip php-common php-mbstring php-xml
Output:
When PHP packages are installed, open the file '/etc/php/8.2/fpm/php.ini' using the below nano editor command.
sudo nano /etc/php/8.2/fpm/php.ini
Change the default PHP configuration with the following lines.
upload_max_filesize = 16M
post_max_size = 32M
memory_limit = 256M
max_execution_time = 600
max_input_vars = 3000
max_input_time = 1000
Save and exit the file '/etc/php/8.2/fpm/php.ini' when finished.
Next, run the below systemctl command utility to restart the PHP-FPM service and apply the changes.
sudo systemctl restart php8.2-fpm
Then verify the PHP-FPM service to ensure that the service is enabled and running. The output 'active (running)' confirms that the PHP-FPM service is running, and the output 'loaded (.../php8.2.service; enabled;..)' confirms that the service is enabled and will be run automatically on system startup.
sudo systemctl is-enabled php8.2-fpm
sudo systemctl status php8.2-fpm
Output:
Lastly, run the below command to verify the PHP version and the list of enabled extensions on your Debian system. In your terminal, you should see an output such as 'PHP 8.2' which confirms you've installed PHP 8.2. And for the list of PHP extensions, ensure that extensions 'pdo_mysql', 'curl', 'openssl', and 'zlib' is enabled.
php --version
php -m
Output:
You've installed the LEMP Stack with the Nginx web server, MariaDB database server, and PHP-FPM. Now you're ready to download and install FossBilling.
Downloading FOSSBilling Source Code
In this step, you'll download the Fossbilling source code and set up the FossBilling installation directory, which will be located in the '/var/www/fossbilling' directory.
First, run the below apt command to install the unzip package.
sudo apt install unzip -y
Next, create a new directory '/var/www/fossbilling', and move your working directory into it. Then, download the latest stable version of FossBilling via the curl command below.
mkdir -p /var/www/fossbilling; cd /var/www/fossbilling
curl https://fossbilling.org/downloads/stable -L --output FOSSBilling.zip
After downloading FossBilling, you should get a new file 'FOSSBilling.zip' in your current working directory.
Run the unzip command below to extract the file 'FOSSBilling.zip'. Then, change the ownership of the FossBilling installation directory '/var/www/fossbilling' to the user and group 'www-data'.
unzip FOSSBilling.zip
sudo chown -R www-data:www-data /var/www/fossbilling
With the FossBilling source code downloaded and the installation directory properly configured. You'll next create a new Nginx server block configuration that will be used to run FossBilling.
Setting up Nginx Server Block
In this step, you'll create a new Nginx server block configuration that will be used to run FOSSBilling application. Before you start, ensure that you have a domain name pointed to your Debian server IP address. This example uses the domain 'fossbiling.howtoforge.local'.
Run the below nano editor command to create a new Nginx server block configuration '/etc/nginx/sites-available/fossbilling'.
sudo nano /etc/nginx/sites-available/fossbilling
Add the following server block configuration to the file. Be sure to change the domain name 'fossbilling.howtoforge.local' and ensure that you have the correct path of your PHP-FPM sock file.
server {
listen 80;
set $root_path '/var/www/fossbilling';
server_name fossbilling.howtoforge.local;
index index.html index.htm index.php;
root $root_path;
try_files $uri $uri/ @rewrite;
sendfile off;
include /etc/nginx/mime.types;
# Block access to sensitive files and return 404 to make it indistinguishable from a missing file
location ~* .(ini|sh|inc|bak|twig|sql)$ {
return 404;
}
# Block access to hidden files except for .well-known
location ~ /\.(?!well-known\/) {
return 404;
}
# Disable PHP execution in /uploads
location ~* /uploads/.*\.php$ {
return 404;
}
# Deny access to /data
location ~* /data/ {
return 404;
}
location @rewrite {
rewrite ^/page/(.*)$ /index.php?_url=/custompages/$1;
rewrite ^/(.*)$ /index.php?_url=/$1;
}
location ~ \.php {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
# fastcgi_pass need to be changed according to your server setup:
# phpx.x is your server setup
# examples: /var/run/phpx.x-fpm.sock, /var/run/php/phpx.x-fpm.sock or /run/php/phpx.x-fpm.sock are all valid options
# Or even localhost:port (Default 9000 will work fine)
# Please check your server setup
fastcgi_pass unix:/run/php/php-fpm.sock;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_intercept_errors on;
include fastcgi_params;
}
location ~* ^/(css|img|js|flv|swf|download)/(.+)$ {
root $root_path;
expires off;
}
}
Save the file and exit the editor when finished.
Next, run the below command to activate the Nginx server block file '/etc/nginx/sites-available/fossbilling'. Then, verify the Nginx configuration to ensure that you have proper config files.
sudo ln -s /etc/nginx/sites-available/fossbilling /etc/nginx/sites-enabled/
sudo nginx -t
If successful, you should get an output such as 'test successful - syntax ok'.
Lastly, run the below systemctl command utility to restart the Nginx service and apply the changes.
sudo systemctl restart nginx
Output:
With the Nginx server block created, you're now ready to access and start the FossBilling installation. But before that, it's always recommended to secure your FossBilling with SSL/TLS certificates that can be generated via Certbot and Letsencrypt.
Securing FossBilling with SSL/TLS Certificates from Letsencrypt
At this point, your FossBilling installation is accessible, but still on the insecure HTTP protocol. To secure FossBilling, you can implement a secure HTTPS connection by adding SSL/TLS certificates to your Nginx server block. To achieve this, you can generate free SSL/TLS certificates via Certbot and Letsencrypt.
Before you start, ensure that your domain name is pointed to the server IP address and ensure that you've got an email address that will be used to register to Letsencrypt.
Now run the below apt command to install the Certbot and the Certbot Nginx plugin. Input y when prompted and press ENTER to proceed.
sudo apt install certbot python3-certbot-nginx
Output:
After Certbot is installed, run the below command to generate SSL/TLS certificates for your domain name. Also, be sure to change the domain name and the email address in the following command.
sudo certbot --nginx --agree-tos --redirect --hsts --staple-ocsp --email [email protected] -d fossbilling.howtoforge.local
With this command, the new SSL/TLS certificates will be generated for your domain name. Also, this will automatically set up HTTPS on your Nginx server block and set up auto-redirect from HTTP to HTTPS. Your SSL/TLS certificates is generated to the directory '/etc/elstencrypt/live/fossbilling.howtoforge.local/'.
Start FOSSBilling Installation
Open your web browser and visit the domain name of your FosssBilling installation (i.e: https://fossbilling.howtoforge.local/).
The FossBilling installer should now check and verify your system details. Ensure that requirements get the status 'Ok' with green color. Click Next to continue.
Now input details MariaDB database and user that you've created and clicks Next again.
Next, input the new administrator details for the FossBilling. Input your username, email address, password, and default currency. Then, click Next to continue.
When the FossBilling installation is successful, you should get the message 'Congratulations! FOSSBilling was successfully installed.'.
You will also see some instructions to complete your FossBilling installation.
Return to your Debian server terminal and run the following commands to finish your FossBilling installation.
Remove the FossBilling 'install' directory.
sudo rm -rf /var/www/fossbilling/install
Change the permission of the FOssBilling config file 'config.php' to 0644. This will remove the 'write' permission for others and groups.
sudo chmod 0644 /var/www/fossbilling/config.php
Create a new cron for the FossBilling via the below command.
crontab -u www-data -e
Select the code editor that you want to use. Then input the following lines into the file.
*/5 * * * * php /var/www/fossbilling/cron.php
Save the file and exit the editor when finished.
Now back to the web browser and click Finish.
You'll now get the following page.
If you click the 'Client area' button, you'll be redirected to the FossBilling home page.
If you click on the 'Admin area' button, you'll be redirected to the admin login page.
Log in with your email address and password, then click 'Sign in'.
If successful, you should see the FossBilling administration dashboard.
With this, you've now finished the installation of FossBilling and secured with SSL/TLS certificates via Certbot and Letsencrypt.
Conclusion
In this guide, you've installed an open-source billing and user management FOSSBilling on a Debian 11 server. You also have configured the LEMP Stack (Nginx web server, MariaDB database, and PHP-FPM) on a Debian system. In addition to that, you've secured the FOSSBilling installation with SSL/TLS certificates generated via Certbot and Letsencrypt.
From here, you can now use FOSSBilling for your business. You can add more users, set up an SMTP server, and many more.