How to Install Shopware with NGINX and Let's Encrypt on FreeBSD 12

Shopware is the next generation of open source e-commerce software. Based on bleeding edge technologies like Symfony 3, Doctrine2 and Zend Framework Shopware comes as the perfect platform for your next e-commerce project. This tutorial will walk you through the Shopware Community Edition (CE) installation on FreeBSD 12 system by using NGINX as a web server.

Requirements

Make sure your system meets the following minimum requirements:

  • Linux-based operating system with NGINX or Apache 2.x (with mod_rewrite) web server installed. 
  • PHP 5.6.4 or higher with ctype, gd, curl, dom, hash, iconv, zip, json, mbstring, openssl, session, simplexml, xml, zlib, fileinfo, and pdo/mysql extensions. PHP 7.1 or above is strongly recommended.
  • MySQL 5.5.0 or higher.
  • Possibility to set up cron jobs.
  • Minimum 4 GB available hard disk space.
  • IonCube Loader version 5.0.0 or higher (optional).

NOTE: Shopware 5 is currently up to PHP 7.2.x compatible.

Prerequisites

  • An operating system running FreeBSD 12.
  • A non-root user with sudo privileges.

I will be using the domain name example.com in this tutorial. Please replace the word example.com with your own domain name wherever it occurs in the commands and config files below (especially in the Nginx config file and the Let's encrypt commands).

Initial steps

Check your FreeBSD version:

uname -ro
# FreeBSD 12.0-RELEASE

Set up the timezone:

tzsetup

Update your operating system packages (software). This is an important first step because it ensures you have the latest updates and security fixes for your operating system's default software packages:

freebsd-update fetch install
pkg update && pkg upgrade -y

Install some essential packages that are necessary for basic administration of FreeBSD 12.0 operating system:

pkg install -y sudo vim unzip wget bash socat

Step 1 - Install PHP and PHP extensions

Install PHP, as well as the necessary PHP extensions for Shopware:

sudo pkg install -y php72 php72-ctype php72-curl php72-dom php72-hash php72-iconv php72-gd php72-json php72-mbstring php72-openssl php72-session php72-simplexml php72-xml php72-zip php72-zlib php72-pdo php72-pdo_mysql php72-filter php72-ftp php72-tokenizer php72-calendar php72-pecl-APCu php72-opcache

To show PHP compiled in modules, you can run:

php -m

ctype
curl
exif
fileinfo
. . .
. . .

Check the PHP version:

php --version

# PHP 7.2.16 (cli) (built: Apr 30 2019 08:37:17) ( NTS )
# Copyright (c) 1997-2018 The PHP Group
# Zend Engine v3.3.5, Copyright (c) 1998-2018 Zend Technologies
# with Zend OPcache v7.3.5, Copyright (c) 1999-2018, by Zend Technologies

Start and enable PHP-FPM service:

sudo sysrc php_fpm_enable=yes
sudo service php-fpm start

We can move on to the next step, which is the IonCube Loader installation.

Step 2 - Install IonCube Loader (optional)

This step is optional because Shopware works without IonCube now, but there might be still extensions or themes that use IonCube, so it does not hurt to install it. Download IonCube Loader:

cd /tmp && wget https://downloads.ioncube.com/loader_downloads/ioncube_loaders_fre_11_x86-64.tar.gz

Extract the loader:

tar xfz ioncube_loaders_fre_*.tar.gz

Find the PHP extensions directory on the system by running the command below:

php -i | grep extension_dir
# extension_dir => /usr/local/lib/php/20170718 => /usr/local/lib/php/20170718

Copy the ionCube Loader into the PHP extensions directory:

sudo cp /tmp/ioncube/ioncube_loader_fre_7.2.so /usr/local/lib/php/20170718

Include the loader via PHP configuration:

sudo vim /usr/local/etc/php.ini

Then add a line in the file to include ionCube loader. It can be anywhere in the file below [PHP] line:

zend_extension = /usr/local/lib/php/20170718/ioncube_loader_fre_7.2.so

Save the file and restart PHP-FPM:

sudo service php-fpm restart

Step 3 - Install MariaDB and create a database for Shopware

Install MariaDB database server:

sudo pkg install -y mariadb102-client mariadb102-server

Check the MariaDB version:

mysql --version
# mysql  Ver 15.1 Distrib 10.2.23-MariaDB, for Linux (x86_64) using readline 5.1

Start and enable MariaDB service:

sudo sysrc mysql_enable="yes"
sudo service mysql-server start

Run mysql_secure installation script to improve MariaDB security and set the password for MariaDB root user:

sudo mysql_secure_installation

Answer each of the questions:

Would you like to setup VALIDATE PASSWORD plugin? N
New password: your_secure_password
Re-enter new password: your_secure_password
Remove anonymous users? [Y/n] Y
Disallow root login remotely? [Y/n] Y
Remove test database and access to it? [Y/n] Y
Reload privilege tables now? [Y/n] Y

Connect to MariaDB shell as the root user:

sudo mysql -u root -p
# Enter password

Create an empty MariaDB database and user for Shopware and remember the credentials:

mysql> CREATE DATABASE dbname;
mysql> GRANT ALL ON dbname.* TO 'username' IDENTIFIED BY 'password';
mysql> FLUSH PRIVILEGES;

Exit from MariaDB:

mysql> exit

Replace dbname, username and password with your own names.

Step 4 - Install Acme.sh client and obtain Let's Encrypt certificate (optional)

Securing your website with HTTPS is not necessary, but it is a good practice to secure your site traffic. In order to obtain a TLS certificate from Let's Encrypt we will use acme.sh client. Acme.sh is a pure Unix shell software for obtaining TLS certificates from Let's Encrypt with zero dependencies. 

Download and install acme.sh:

sudo pkg install -y acme.sh

Check acme.sh version:

acme.sh --version
# v2.8.2

Obtain RSA and ECC/ECDSA certificates for your domain/hostname:

# RSA 2048
acme.sh --issue --standalone -d example.com --keylength 2048
# ECDSA
acme.sh --issue --standalone -d example.com --keylength ec-256

If you want fake certificates for testing you can add --staging flag to the above commands.

After running the above commands, your certificates and keys will be in:

  • For RSA: /home/username/example.com directory.
  • For ECC/ECDSA: /home/username/example.com_ecc directory.

To list your issued certs you can run:

acme.sh --list

Create a directory to store your certs. We will use a directory /etc/letsencrypt.

mkdir -p /etc/letsecnrypt/example.com
sudo mkdir -p /etc/letsencrypt/example.com_ecc

Install/copy certificates to /etc/letsencrypt directory.

# RSA
acme.sh --install-cert -d example.com --cert-file /etc/letsencrypt/example.com/cert.pem --key-file /etc/letsencrypt/example.com/private.key --fullchain-file /etc/letsencrypt/example.com/fullchain.pem --reloadcmd "sudo systemctl reload nginx.service"
# ECC/ECDSA
acme.sh --install-cert -d example.com --ecc --cert-file /etc/letsencrypt/example.com_ecc/cert.pem --key-file /etc/letsencrypt/example.com_ecc/private.key --fullchain-file /etc/letsencrypt/example.com_ecc/fullchain.pem --reloadcmd "sudo service nginx reload"

All the certificates will be automatically renewed every 60 days.

After obtaining certs exit from root user and return back to normal sudo user:

exit

Step 5 - Install and configure NGINX

Install the NGINX web server:

sudo pkg install -y nginx

Check the NGINX version:

nginx -v
# nginx version: nginx/1.14.2

Start and enable NGINX service:

sudo sysrc nginx_enable=yes
sudo service nginx start

Configure Nginx for Shopware by running:

sudo vim /usr/local/etc/nginx/shopware.conf

And populate the file with the following configuration:

server {
    listen 80;
    listen [::]:80;
    
    server_name example.com;
    root /usr/local/www/shopware;

    index shopware.php index.php;

    location / {
        try_files $uri $uri/ /shopware.php$is_args$args;
    }

    location /recovery/install {
      index index.php;
      try_files $uri /recovery/install/index.php$is_args$args;
    }

    location ~ \.php$ {
        include fastcgi.conf;
        fastcgi_pass 127.0.0.1:9000;
    }
}

Run sudo vim /usr/local/etc/nginx/nginx.conf and add the below line to http {} block to include Shopware config.

include shopware.conf;

Check Nginx configuration for syntax errors:

sudo nginx -t

Reload Nginx service:

sudo service nginx reload

Step 6 - Install Shopware

Create a document root directory for Shopware:

sudo mkdir -p /usr/local/www/shopware

Navigate to the document root directory:

cd /usr/local/www/shopware

Download and unzip Shopware:

sudo wget https://releases.shopware.com/install_5.5.8_d5bf50630eeaacc6679683e0ab0dcba89498be6d.zip?_ga=2.141661361.269357371.1556739808-1418008019.1556603459 -O shopware.zip
sudo unzip shopware.zip
sudo rm shopware.zip

NOTE: Update download URL if there is a newer release.

Provide the appropriate ownership:

sudo chown -R www:www /usr/local/www/shopware

Increase memory_limit = 256M and upload_max_filesize = 6M, and set allow_url_fopen = On if it is not already set in the /usr/local/etc/php.ini file:

sudo vim /usr/local/etc/php.ini

After making changes in the /etc/php/7.2/fpm/php.ini file, reload php-fpm.service:

sudo service php-fpm reload

Open your domain/IP in the web browser and follow the installation wizard. The backend of Shopware is located at /backend example: http://example.com/backend.

Step 7 - Complete the Shopware setup

Start by selecting the language and click Next:

Shopware Installation Wizard

Next, make sure you meet all the Shopware requirements:

Shopware System Requirements

Agree with Shopware TOS and click Next:

Terms of service from ShopWare

Enter database credentials and click Next:

Configure the database

Start the installation to create database tables:

Create database tables

After that, you will see a message about successful database import:

Installation successful

Choose a license and click Next:

Licensing

Fill in a few basic settings to finish up the setup and click Next:

Basic shop setup

Installation is complete.

Installation complete

To access admin area append /backend to your URL.

Shopware login

You have successfully installed Shopware. Enjoy your new online shop!

Share this page:

Suggested articles

1 Comment(s)

Add comment

Comments

By: Jake Roberts at: 2019-11-22 01:46:16

sudo systemctl?  WTF?