How to Install FossBilling with Nginx on Rocky Linux 9
FOSSBilling is free and open-source billing designed to be easy for clients and sellers. FOSSBilling is a fork of BoxBilling. It provides an excellent experience for clients with an intuitive interface and supports multiple payment gateways. FOSSBilling is suitable for multiple businesses, from small to medium or even large businesses. FOSSBilling can help you to automate your invoicing, incoming payments, and client management and communication.
I will install FOSSBilling on a Rocky Linux 9 server in this guide. This walkthrough includes the installation of the Nginx web server, MariaDB database server, PHP-FPM 8.2, and Certbot tool for generating SSL/TSL certificates. In the end, you'll have a billing and client management solution that can be used for your day-to-day business.
Prerequisites
To finish this guide, you will need the following requirements:
- A server with Rocky Linux 9 installed - This example uses a Rocky Linux with hostname 'fossbilling-rocky'.
- A non-root user with sudo/root administrator privileges.
- SELinux running with permissive mode.
- A domain name pointed to your server IP address - This example uses a sub-domain 'fossbilling.howtoforge.local'.
If these requirements are ready, you can complete the FOSSBilling installation.
Installing Nginx Web Server
FOSSBilling can be run with Nginx and Lighttpd web servers. This guide will be using Nginx as the web server. You will install Nginx from the official Rocky Linux AppStream repository in this step.
To start, ensure that the EPEL repository is added to your system. Or you can install it via the dnf command below.
sudo dnf install epel-release
Next, install the Nginx web server using the below dnf command. When prompted, input y to confirm and press ENTER to proceed.
sudo dnf install nginx
Output:
Once Nginx installed, run the below systemctl command to start and enable the Nginx service. This will start and run Nginx on the default HTTP port 80 and enable Nginx to run automatically on system startup.
sudo systemctl start nginx
sudo systemctl enable nginx
Now verify the Nginx service status using the below systemctl command utility. You should receive an output that the Nginx service is running and it's enabled.
sudo systemctl status nginx
Output:
The Nginx service is now running, you'll need to open both HTTP and HTTPS protocol on firewalld. To achieve this, you can run the below firewall-cmd command.
sudo firewall-cmd --add-service={http,https} --permanent
Once HTTP and HTTPS protocols are added to firewalld, run the below command to reload firewalld and apply the changes. Then, verify the list of enabled services on firewalld.
You should see that HTTP and HTTPS protocols added to the firewalld.
sudo firewall-cmd --reload
sudo firewall-cmd --list-all
Output:
With this, you've installed the Nginx web server and configured firewalld to open HTTP and HTTPS protocols. In the next step, you'll start the MariaDB database server installation.
Installing MariaDB Server
FOSSBilling is used MySQL/MariaDB to store users' data. It required at least the MySQL 8 or MariaDB server 10.x. In this step, you will install the MariaDB server from the official Rocky Linux repository, which is MariaDB 10.5 and it's compatible with the latest version of FOSSBilling.
Install the MariaDB database server to your Rocky Linux system via the dnf command below. Input y when prompted and press ENTER to proceed.
sudo install mariadb-server
Output:
Once MariaDB installed, run the below systemctl command utility to start and enable the MariaDB service.
sudo systemctl start mariadb
sudo systemctl enable mariadb
Next, run the below systemctl command to verify the MariaDB service and ensure that the service is running. The output 'active (running)' confirms that the MariaDB server is running. And the output 'loaded (../mariadb.service; enabled;)' confirms that the MariaDB service is enabled and will be run automatically on system startup.
sudo systemctl status mariadb
Output:
With the MariaDB server running, you'll now secure MariaDB via the 'mariadb-secure-installation' command. This includes setting up a root password for MariaDB, disabling remote login for the MariaDB root user, etc.
Run the below 'mariadb-secure-installation' command below to secure the MariaDB deployment.
sudo mariadb-secure-installation
You'll be asked about some MariaDB configurations below:
- Switch local authentication to unix_socket? Input n for no.
- Set up MariaDB root password? Input y, then type the new MariaDB root password and repeat.
- Remove the default anonymous user? Input y to confirm.
- Disable remote login for the root user? Input y to confirm.
- Remove the default database test? Input y to confirm.
- Reload table privileges and apply changes? Input y to confirm.
With the MariaDB server installed and running, you'll next create a new MariaDB database and user that will be used for the FOSSBilling installation.
Creating Database and User
In this step, you'll create a new MariaDB database and user that will be used for the FOSSBilling installation.
Run the below 'mariadb' command to log in to MariaDB via the root user. When asked for a password, input your MariaDB root password and press ENTER.
sudo mariadb -u root -p
After logging in to the MariaDB shell, run the following queries to create a new MariaDB database and user. In this example, you'll create a new database fossbillingdb with the user 'fossbilling'. Also, be sure to change the default password in the below query.
CREATE DATABASE fossbillingdb;
CREATE USER fossbilling@localhost IDENTIFIED BY 'password';
GRANT ALL ON fossbillingdb.* TO fossbilling@localhost WITH GRANT OPTION;
FLUSH PRIVILEGES;
Output:
Lastly, run the below query to verify the MariaDB user fossbilling@localhost to ensure that the user has privileges to access the 'fossbiilingdb' database.
The output 'GRANT ALL PRIVILEGES ON fossbillingdb.* to fossbilling@localhost' confirms that the user fossbilling@localhost has privileges to access the database 'fossbillingdb'.
Type quit to log out from the MariaDB shell.
SHOW GRANTS FOR fossbilling@localhost;
quit
Output:
Now that you've created the MariaDB database and user for FOSSBilling. In the next step, you'll install PHP and PHP-FPM on your Rocky Linux server.
Installing PHP-FPM 8.2
The latest version of FOSSBilling is supported with PHP 8.x. In this step, you will install PHP and PHP-FPM 8.2 via the Remi repository. So first, you will set up the Remi repository, install PHP and PHP-FPM packages, then set up PHP-FPM with the Nginx web server.
Add the PHP Remi repository via the dnf command below. This command will install the Remi repository to your Rocky Linux system. The RPM file 'remi-release-9.rpm' confirms that this is can be used for RHEL 9 distribution. Also, input y when prompted and press ENTER to proceed.
sudo dnf install dnf-utils http://rpms.remirepo.net/enterprise/remi-release-9.rpm
Output:
Next, run the below dnf command to reset the repository module for PHP. Then, verify the list of PHP repository modules that are available on your system.
sudo dnf module reset php
sudo dnf module list php
When prompted to set up the GPG key for the Remi repository, input y to confirm and press ENTER.
After the 'dnf module list php' command is executed, you'll see multiple PHP versions provided by the official Rocky Linux AppStream repository and Remi repository.
Run the below command to enable the PHP repository for 'remi-8.2'. With this, every time you install PHP packages, you'll be installing PHP 8.2 packages from the Remi repository.
Input y when prompted and press ENTER to enable it.
sudo dnf module enable php:remi-8.2
Output:
With the PHP Remi repository configured, you can install PHP packages.
Run the below dnf command to install PHP and PHP-FPM packages to your Rocky Linux server. Input y when prompted and press ENTER to proceed.
sudo dnf install php php-fpm php-mysql php-curl php-cli php-zip php-common php-mbstring php-xml
Output:
You will also be prompted to confirm the GPG key for Remi repository. Input y to confirm and press ENTER.
After PHP is installed, open the PHP config file '/etc/php.ini' using the below nano editor command.
sudo nano /etc/php.ini
Change the default PHP configuration with the following lines.
upload_max_filesize = 16M
post_max_size = 32M
memory_limit = 256M
max_execution_time = 600
max_input_vars = 3000
max_input_time = 1000
Save and exit the file '/etc/php.ini' when finished.
To run PHP-FPM with Nginx on RHEL-based distributions, you must ensure that the PHP-FPM is running with the default user and group 'nginx'.
On RHEL, the Nginx web server is running by default under the user 'nginx'. While on Debian-based distributions, both Nginx and Apache2 web servers are running on the same user and group 'www-data'.
Open the PHP-FPM pool configuration '/etc/php-fpm.d/www.conf' using the below nano editor command.
sudo nano /etc/php-fpm.d/www.conf
Change the default 'user' and 'group' parameters to 'nginx'.
user = nginx
group = nginx
Save and close the file when you're done.
Next, run the below systemctl command utility to start and enable the PHP-FPM service. This will start the PHP-FPM service with the defaul sock file '/run/php-fpm/www.sock' and enable the PHP-FPM to start automatically on system startup.
The output 'Created symlink ...' confirms that the PHP-FPM service is enabled.
sudo systemctl start php-fpm
sudo systemctl enable php-fpm
Output:
Now run the below systemctl command to verify the status of the PHP-FPM service. You should get an output that the PHP-FPM is 'active (running)', which confirms the PHP-FPM is running. And the output 'Loaded .../.../; enabled;' confirms that the PHP-FPM service is enabled.
sudo systemctl status php-fpm
Output:
Lastly, run the below php command to verify the PHP version that is installed on your system. Then, verify the list of enabled extensions on your system.
You'll receive an out PHP 8.2 and the list of PHP extensions that are enabled, and be sure these extensions 'curl', 'openssl', 'pdo_mysql', and 'zlib' is enabled.
php --version
php -m
Output:
With this, you've installed PHP and PHP-FPM 8.2 on the Rocky Linux system. You also have configured PHP-FPM to be run with the Nginx web server. In the next step, you'll start the FOSSBilling installation by downloading the source code.
Downloading FOSSBilling Source Code
In this step, you'll download the FOSSBilling source code and set up the FOSSBilling installation directory to '/var/www/fossbilling'.
Before you get started, run the below dnf command to install the unzip package to your system.
sudo dnf install unzip -y
Now create a new directory '/var/www/fossbilling' and move your working directory into it. Then, you can download the latest stable of FOSSBilling via the curl command as below.
mkdir -p /var/www/fossbilling; cd /var/www/fossbilling
curl https://fossbilling.org/downloads/stable -L --output FOSSBilling.zip
Output:
When the FOSSBilling source code is downloaded, you'll see the FOSSBilling.zip file in your working directory. Run the below unzip command to extract the file 'FOSSBilling.zip'. Then, change the ownership of the FOSSBilling installation directory '/var/www/fossbilling' to user and group 'nginx'.
unzip FOSSBilling.zip
sudo chown -R nginx:nginx /var/www/fossbilling
With the FOSSBilling source code downloaded and the installation directory configured, you'll next set up the Nginx server block that will be used to run the FOSSBilling web application.
Configuring Nginx Server Block
In this step, you'll set up a new Nginx server block configuration that will be used to run the FOSSBilling web application. Before you start, ensure that your domain name is pointed to the server IP address.
Create a new Nginx server block config file '/etc/nginx/conf.d/fossbilling.conf' using the below nano editor command.
sudo nano /etc/nginx/conf.d/fossbilling.conf
Add the following lines to the file. Be sure to change the target installation domain name 'fossbilling.howtoforge.local'.
server {
listen 80;
set $root_path '/var/www/fossbilling';
server_name fossbilling.howtoforge.local;
index index.html index.htm index.php;
root $root_path;
try_files $uri $uri/ @rewrite;
sendfile off;
include /etc/nginx/mime.types;
# Block access to sensitive files and return 404 to make it indistinguishable from a missing file
location ~* .(ini|sh|inc|bak|twig|sql)$ {
return 404;
}
# Block access to hidden files except for .well-known
location ~ /\.(?!well-known\/) {
return 404;
}
# Disable PHP execution in /uploads
location ~* /uploads/.*\.php$ {
return 404;
}
# Deny access to /data
location ~* /data/ {
return 404;
}
location @rewrite {
rewrite ^/page/(.*)$ /index.php?_url=/custompages/$1;
rewrite ^/(.*)$ /index.php?_url=/$1;
}
location ~ \.php {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
# fastcgi_pass need to be changed according your server setup:
# phpx.x is your server setup
# examples: /var/run/phpx.x-fpm.sock, /var/run/php/phpx.x-fpm.sock or /run/php/phpx.x-fpm.sock are all valid options
# Or even localhost:port (Default 9000 will work fine)
# Please check your server setup
fastcgi_pass unix:/run/php-fpm/www.sock;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_intercept_errors on;
include fastcgi_params;
}
location ~* ^/(css|img|js|flv|swf|download)/(.+)$ {
root $root_path;
expires off;
}
}
Save and exit the file when finished.
Next, run the below command to verify the Nginx configuration. Then restart the Nginx service to apply the changes. If the test of Nginx configuration is successful, you should get an output such as 'test successful - syntax ok'.
sudo nginx -t
sudo systemctl restart nginx
Output:
At this point, you have the FOSSBilling running with the Nginx web server. But, it's still in the insecure HTTP connection. In the next step, you'll secure FOSSBiling with SSL/TLS certificates via Certbot and Letsencrypt.
Securing FOSSBilling with SSL/TLS Letsencrypt
With the Nginx server block configuration created, you'll next secure the FOSSBilling installation with SSL/TLS certificates, and you can achieve this by using the Certbot tool and free SSL certificates from Letsencrypt.
Before you start, ensure that your domain name is pointed to the server IP address and ensure that you've got an email address that will be used to register to Letsencrypt.
Now run the below dnf command to install the Certbot and the Certbot Nginx plugin. Input y when prompted and press ENTER to proceed.
sudo dnf install certbot python3-certbot-nginx
Output:
After Certbot is installed, run the below command to generate SSL/TLS certificates for your domain name. Also, be sure to change the domain name and the email address in the following command.
sudo certbot --nginx --agree-tos --redirect --hsts --staple-ocsp --email [email protected] -d fossbilling.howtoforge.local
With this command, the new SSL/TLS certificates will be generated for your domain name. Also, this will automatically set up HTTPS on your Nginx server block and set up auto-redirect from HTTP to HTTPS. Your SSL/TLS certificates is generated to the directory '/etc/elstencrypt/live/fossbilling.howtoforge.local/'.
Start FOSSBilling Installation
Open your web browser and visit the domain name of your FosssBilling installation (i.e: https://fossbilling.howtoforge.local/).
The FOSSBilling installer should now check and verify your system details. Ensure that requirements get the status 'Ok' with green color. Click Next to continue.
Now input details MariaDB database and user that you've created and clicks Next again.
Next, input the new administrator details for the FOSSBilling. Input your username, email address, password, and default currency. Then, click Next to continue.
When the FOSSBilling installation is successful, you should get the message 'Congratulations! FOSSBilling was successfully installed.'.
You will also see some instructions to complete your FOSSBilling installation.
Back to your Rocky Linux server terminal and run the following commands to finish up your FOSSBilling installation.
Remove the FOSSBilling 'install' directory.
sudo rm -rf /var/www/fossbilling/install
Change the permission of the FOssBilling config file 'config.php' to 0644. This will remove the 'write' permission for others and groups.
sudo chmod 0644 /var/www/fossbilling/config.php
Create a new cron for the FOSSBilling via the below command.
crontab -u nginx -e
Select the code editor that you want to use. Then input the following lines into the file.
*/5 * * * * php /var/www/fossbilling/cron.php
Save the file and exit the editor when finished.
Now back to the web browser and click Finish.
You'll now get the following page.
If you click the 'Client area' button, you'll be redirected to the FOSSBilling home page.
If you click on the 'Admin area' button, you'll be redirected to the admin login page.
Log in with your email address and password, then click 'Sign in'.
If successful, you should see the FOSSBilling administration dashboard.
With this, you've now finished the installation of FOSSBilling and secured with SSL/TLS certificates via Certbot and Letsencrypt.
Conclusion
In this guide, you've installed an open-source billing and user management FOSSBilling on a Rocky Linux 9 server. You also have configured the LEMP Stack (Nginx web server, MariaDB database, and PHP-FPM) on a Rocky Linux system. In addition to that, you've secured the FOSSBilling installation with SSL/TLS certificates generated via Certbot and Letsencrypt.
From here, you can now use FOSSBilling for your business. You can add more users, set up an SMTP server, and many more.