How to Install WonderCMS with Nginx and Let's Encrypt on FreeBSD 12

WonderCMS is a free and open-source flat-file CMS, aimed to be extremely small, light and simple. It's built with PHP, jQuery, HTML/CSS and developed since 2008. No initial configuration required. The installation process is pretty straightforward - unzip and upload 5 files. All files can be easily moved, backed up and restored by copy/pasting all files to another location. Moving them to another host does not require any re-configuration. WonderCMS also doesn't require a traditional/relational database like MySQL. The flat file technology enables WonderCMS to save all data to a text file (flat file) called database.js which is structured in JSON format. In this tutorial, we will go through the WonderCMS installation and setup on the FreeBSD 12 system by using Nginx as a web server, and optionally you can secure the transport layer by using Acme.sh client and Let's Encrypt certificate authority to add SSL support.

Requirements

Requirements for installing and running WonderCMS are:

  • PHP version 7.1 or greater with the curl, mbstring and zip extensions.
  • Web server (Apache with mod_rewrite module enabled, Nginx, IIS).

Prerequisites

  • FreeBSD 12 operating system.
  • A non-root user with sudo privileges.

Initial steps

Check your FreeBSD version:

uname -ro
# FreeBSD 12.0-RELEASE

Set up the timezone:

tzsetup

Update your operating system packages (software). This is an important first step because it ensures you have the latest updates and security fixes for your operating system's default software packages:

freebsd-update fetch install
pkg update && pkg upgrade -y

Install some essential packages that are necessary for basic administration of FreeBSD 12.0 operating system:

pkg install -y sudo vim unzip wget bash socat

Step 1 - Install PHP and necessary PHP extensions

Install PHP, as well as the necessary PHP extensions:

sudo pkg install -y php72 php72-mbstring php72-curl php72-gd php72-pdo php72-mysqli php72-pdo_mysql php72-json php72-openssl php72-ctype php72-dom php72-hash php72-iconv php72-tokenizer php72-calendar php72-fileinfo php72-session php72-simplexml php72-xml php72-filter

To show PHP compiled in modules, you can run:

php -m

ctype
curl
exif
fileinfo
. . .
. . .

Check the PHP version:

php --version

# PHP 7.3.6 (cli) (built: May 28 2019 09:32:59) ( NTS )
# Copyright (c) 1997-2018 The PHP Group
# Zend Engine v3.3.6, Copyright (c) 1998-2018 Zend Technologies

Start and enable PHP-FPM service:

sudo sysrc php_fpm_enable=yes
sudo service php-fpm start

Step 2 - Install acme.sh client and obtain Let's Encrypt certificate ( optional )

Securing your forum with HTTPS is not necessary, but it is a good practice to secure your site traffic. In order to obtain a TLS certificate from Let's Encrypt we will use acme.sh client. Acme.sh is a pure UNIX shell software for obtaining TLS certificates from Let's Encrypt with zero dependencies.

Download and install acme.sh:

sudo pkg install -y acme.sh

Check acme.sh version:

acme.sh --version
# v2.8.2

Obtain RSA and ECC/ECDSA certificates for your domain/hostname:

# RSA 2048
acme.sh --issue --standalone -d example.com --keylength 2048
# ECDSA
acme.sh --issue --standalone -d example.com --keylength ec-256

If you want fake certificates for testing you can add --staging flag to the above commands.

After running the above commands, your certificates and keys will be in:

  • For RSA: /home/username/example.com directory.
  • For ECC/ECDSA: /home/username/example.com_ecc directory.

To list your issued certs you can run:

acme.sh --list

Create a directory to store your certs. We will use /etc/letsencrypt directory.

mkdir -p /etc/letsecnrypt/example.com
sudo mkdir -p /etc/letsencrypt/example.com_ecc

Install/copy certificates to /etc/letsencrypt directory.

# RSA
acme.sh --install-cert -d example.com --cert-file /etc/letsencrypt/example.com/cert.pem --key-file /etc/letsencrypt/example.com/private.key --fullchain-file /etc/letsencrypt/example.com/fullchain.pem --reloadcmd "sudo systemctl reload nginx.service"
# ECC/ECDSA
acme.sh --install-cert -d example.com --ecc --cert-file /etc/letsencrypt/example.com_ecc/cert.pem --key-file /etc/letsencrypt/example.com_ecc/private.key --fullchain-file /etc/letsencrypt/example.com_ecc/fullchain.pem --reloadcmd "sudo systemctl reload nginx.service"

All the certificates will be automatically renewed every 60 days.

After obtaining certs exit from root user and return back to normal sudo user:

exit

Step 3 - Install and configure NGINX

WonderCMS can work fine with many popular web server software. In this tutorial, we selected NGINX.

Install NGINX:

sudo pkg install -y nginx

Check the NGINX version:

nginx -v
# nginx version: nginx/1.16.1

Start and enable NGINX service:

sudo sysrc nginx_enable=yes
sudo service nginx start

Next, configure NGINX for WonderCMS. Run sudo vim /usr/local/etc/nginx/wondercms.conf and add the following configuration:

server {
  
  listen 80;
listen 443 ssl;

ssl_certificate /etc/letsencrypt/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/example.com/private.key;
ssl_certificate /etc/letsencrypt/example.com_ecc/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/example.com_ecc/private.key; server_name example.com; root /usr/local/www/wondercms; index index.php; location / { if (!-e $request_filename) { rewrite ^/(.+)$ /index.php?page=$1 last; } } location ~ database.js { return 403; } location ~ \.php(/|$) { fastcgi_index index.php;
fastcgi_pass 127.0.0.1:9000;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; } }

Run sudo vim /usr/local/etc/nginx/nginx.conf and add the below line to http {} block to include WonderCMS config.

include wondercms.conf;

Check Nginx configuration for syntax errors:

sudo nginx -t

Reload Nginx service:

sudo service nginx reload

Step 4 - Install WonderCMS

Create a document root directory for WonderCMS.

sudo mkdir -p /usr/local/www/wondercms

Navigate to the document root directory:

cd /usr/local/www/wondercms

Download and unzip WonderCMS source:

sudo wget https://github.com/robiso/wondercms/releases/download/2.7.0/WonderCMS-2.7.0.zip
sudo unzip WonderCMS-2.7.0.zip
sudo rm WonderCMS-2.7.0.zip

Move WonderCMS files to document root directory.

sudo mv wondercms/* .
sudo mv wondercms/.* .
sudo rmdir wondercms

Change ownership of the /usr/local/www/wondercms directory to nginx:

sudo chown -R nginx:nginx /usr/local/www/wondercms

Restart PHP-FPM service:

sudo service php-fpm restart

Open your site in a web browser and log in with default password admin and change the default password afterward.

WonderCMS on FreeBSD

Links

Share this page:

0 Comment(s)