How to Install Vanilla Forum with Nginx and Let's Encrypt on FreeBSD 12
On this page
- Requirements
- Prerequisites
- Initial steps
- Step 1 - Install PHP and necessary PHP extensions
- Step 2 - Install MariaDB and create a database for Vanilla Forum
- Step 3 - Install acme.sh client and obtain Let's Encrypt certificate (optional)
- Step 4 - Install NGINX and configure NGINX for Vanilla Forum
- Step 5 - Install Vanilla Forum
- Step 6 - Complete the Vanilla Forum Installation and Setup
- Links
Vanilla is a free, open-source discussion forum written in PHP. Vanilla Forum software is distributed under the GNU GPL2 license. Its source code is available through Github. It has a rich add-on system that you can take advantage of to add custom features to your Vanilla forum. Content for Vanilla Forum can be written using the Markdown language. In this tutorial, I will show you how to install Vanilla Forum on FreeBSD 12 by using Nginx as the web server, MariaDB as the database server, and optionally you can secure the transport layer by using acme.sh client and Let's Encrypt certificate authority to add SSL support.
Requirements
Vanilla requires a server with PHP, MySQL/MariaDB, and web server software (like Apache or Nginx). You'll probably need to own a domain, and already have it configured on your server with DNS if you want to install on a production server, but if not then you don't need a domain.
Vanilla Forum minimum requirements are:
- PHP version 7.0 or newer.
- PHP extensions mbstring, cURL, GD, and PDO, MySQLi, OpenSSL.
- MySQL version 5.0 or newer (or Percona/MariaDB equivalent).
- Web Server software (Nginx, Apache ...).
- MySQL strict mode disabled.
Vanilla Forum strongly recommends:
- PHP version 7.2 or newer.
- PHP extensions mbstring, cURL, GD, and PDO, MySQLi, OpenSSL.
- MySQL version 5.7 or newer (or Percona/MariaDB equivalent).
- Web server software (Nginx, Apache ...).
- SSL encryption.
I will use PHP 7.3 with MariaDB 10.2 in this tutorial.
Prerequisites
- An operating system running FreeBSD 12.
- A non-root user with sudo privileges.
Initial steps
Check your FreeBSD version:
uname -ro
# FreeBSD 12.0-RELEASE
Set up the timezone:
tzsetup
Update your operating system packages (software). This is an important first step because it ensures you have the latest updates and security fixes for your operating system's default software packages:
freebsd-update fetch install
pkg update && pkg upgrade -y
Install some essential packages that are necessary for basic administration of FreeBSD 12.0 operating system:
pkg install -y sudo vim unzip wget bash socat
Step 1 - Install PHP and necessary PHP extensions
Install PHP, as well as the necessary PHP extensions:
sudo pkg install -y php73 php73-mbstring php73-curl php73-gd php73-pdo php73-mysqli php73-pdo_mysql php73-json php73-openssl php73-ctype php73-dom php73-hash php73-iconv php73-tokenizer php73-calendar php73-fileinfo php73-session php73-simplexml php73-xml php73-filter
Check the PHP version:
php --version
# PHP 7.3.9 (cli) (built: Jul 25 2019 01:28:53) ( NTS )
# Copyright (c) 1997-2018 The PHP Group
# Zend Engine v3.3.7, Copyright (c) 1998-2018 Zend Technologies
# with Zend OPcache v7.3.7, Copyright (c) 1999-2018, by Zend Technologies
Enable and start PHP-FPM service:
sudo sysrc php_fpm_enable=yes
sudo service php-fpm start
Step 2 - Install MariaDB and create a database for Vanilla Forum
Vanilla Forum supports MySQL, MariaDB and Percona databases. In this tutorial, we will use MariaDB as a database server.
Install MariaDB version 10.2 from the FreeBSD repository:
sudo pkg install -y mariadb102-client mariadb102-server
Check the MariaDB version:
mysql --version
Enable and start MySQL service:
sudo sysrc mysql_enable="yes"
sudo service mysql-server start
Run mysql_secure installation
script to improve MariaDB security and set the password for MariaDB root
user:
sudo mysql_secure_installation
Answer each of the questions:
Would you like to setup VALIDATE PASSWORD plugin? N
New password: your_secure_password
Re-enter new password: your_secure_password
Remove anonymous users? [Y/n] Y
Disallow root login remotely? [Y/n] Y
Remove test database and access to it? [Y/n] Y
Reload privilege tables now? [Y/n] Y
Connect to MariaDB shell as the root user:
sudo mysql -u root -p
# Enter password
Create an empty MariaDB database and user for Vanilla Forum and remember the credentials:
mariadb> CREATE DATABASE dbname;
mariadb> GRANT ALL ON dbname.* TO 'username' IDENTIFIED BY 'mypassword';
mariadb> FLUSH PRIVILEGES;
Replace the word my password with a secure password of your choice. Exit from MariaDB:
mariadb> exit
Replace dbname
, username
and password
with your names.
Step 3 - Install acme.sh client and obtain Let's Encrypt certificate (optional)
Securing your website with HTTPS is not necessary, but it is a good practice to secure your site traffic. To obtain a TLS certificate from Let's Encrypt we will use acme.sh client. Acme.sh is a pure Unix shell software for obtaining TLS certificates from Let's Encrypt with zero dependencies.
Download and install acme.sh:
sudo su - root
git clone https://github.com/Neilpang/acme.sh.git
cd acme.sh
./acme.sh --install --accountemail [email protected]
source ~/.bashrc
cd ~
Check acme.sh version:
acme.sh --version
# v2.8.2
Obtain RSA and ECC/ECDSA certificates for your domain/hostname:
# RSA 2048
acme.sh --issue --standalone -d example.com --keylength 2048
# ECDSA
acme.sh --issue --standalone -d example.com --keylength ec-256
If you want fake certificates for testing you can add --staging
flag to the above commands.
After running the above commands, your certificates and keys will be in:
- For RSA:
/home/username/example.com
directory. - For ECC/ECDSA:
/home/username/example.com_ecc
directory.
To list your issued certs you can run:
acme.sh --list
Create a directory to store your certs. We will use directory /etc/letsencrypt.
mkdir -p /etc/letsecnrypt/example.com
sudo mkdir -p /etc/letsencrypt/example.com_ecc
Install/copy certificates to /etc/letsencrypt directory.
# RSA
acme.sh --install-cert -d example.com \
--cert-file /etc/letsencrypt/example.com/cert.pem \
--key-file /etc/letsencrypt/example.com/private.key \
--fullchain-file /etc/letsencrypt/example.com/fullchain.pem \
--reloadcmd "sudo systemctl reload nginx.service"
# ECC/ECDSA
acme.sh --install-cert -d example.com --ecc \
--cert-file /etc/letsencrypt/example.com_ecc/cert.pem \
--key-file /etc/letsencrypt/example.com_ecc/private.key \
--fullchain-file /etc/letsencrypt/example.com_ecc/fullchain.pem \
--reloadcmd "sudo systemctl reload nginx.service"
All the certificates will be automatically renewed every 60 days.
After obtaining certs exit from root user and return to normal sudo user:
exit
Step 4 - Install NGINX and configure NGINX for Vanilla Forum
Vanilla Forum can work fine with many popular web server software. In this tutorial, we selected Nginx. If you prefer the Apache webserver over Nginx, please visit https://docs.vanillaforums.com/developer/backend/server-apache/ to learn more.
Download and install Nginx from the FreeBSD repository:
sudo pkg install -y nginx
Check the Nginx version:
nginx -v
Enable and start Nginx:
sudo sysrc nginx_enable=yes
sudo service nginx start
Configure Nginx for Vanilla by running:
sudo vim /usr/local/etc/nginx/vanilla.conf
And populate the file with the following configuration:
server {
listen 80;
listen 443 ssl;
server_name example.com;
root /usr/local/www/vanilla;
index index.php;
# RSA
ssl_certificate /etc/letsencrypt/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/example.com/private.key;
# ECC
ssl_certificate /etc/letsencrypt/example.com_ecc/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/example.com_ecc/private.key;
location ~* /\.git { deny all; return 403; }
location /build/ { deny all; return 403; }
location /cache/ { deny all; return 403; }
location /cgi-bin/ { deny all; return 403; }
location /uploads/import/ { deny all; return 403; }
location /conf/ { deny all; return 403; }
location /tests/ { deny all; return 403; }
location /vendor/ { deny all; return 403; }
location ~* ^/index\.php(/|$) {
include fastcgi_params;
fastcgi_param SCRIPT_NAME /index.php;
fastcgi_param SCRIPT_FILENAME $realpath_root/index.php;
fastcgi_param X_REWRITE 1;
fastcgi_pass 127.0.0.1:9000;
}
location ~* \.php(/|$) {
rewrite ^ /index.php$uri last;
}
location / {
try_files $uri $uri/ @vanilla;
}
location @vanilla {
rewrite ^ /index.php$uri last;
}
}
NOTE: For complete and production-ready Nginx config for Vanilla visit https://docs.vanillaforums.com/developer/backend/server-nginx/.
Run sudo vim /usr/local/etc/nginx/nginx.conf
and add the below line to http {}
block to include Vanilla config.
include vanilla.conf;
Check Nginx configuration for syntax errors:
sudo nginx -t
Reload Nginx service:
sudo service nginx reload
Step 5 - Install Vanilla Forum
Create a document root directory where Vanilla Forum should reside in:
sudo mkdir -p /usr/local/www/vanilla
Navigate to the document root directory:
cd /usr/local/www/vanilla
Download the Vanilla Forum zip archive:
sudo wget https://open.vanillaforums.com/get/vanilla-core-3.2.zip
Extract and remove Vanilla zip archive:
sudo unzip vanilla-core-3.2.zip
sudo rm vanilla-core-3.2.zip
sudo mv package/* . && mv package/.* .
Provide the appropriate ownership:
sudo chown -R www:www /usr/local/www/vanilla
Navigate to the folder where you uploaded Vanilla in your web browser and follow the instructions on the screen.
Step 6 - Complete the Vanilla Forum Installation and Setup
After opening your site in a web browser, you should be redirected to the following page:
Fill in the required information and click on the "Continue →" button to finish up the installation and setup. After that Vanilla Forum admin interface should appear.