Friendica Communications Platform (please note that this is a clone of the repository at github, issues are handled there) https://friendi.ca
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

347 lines
14 KiB

  1. # Friendica Installation
  2. We've tried very hard to ensure that Friendica will run on commodity hosting
  3. platforms - such as those used to host Wordpress blogs and Drupal websites.
  4. But be aware that Friendica is more than a simple web application. It is a
  5. complex communications system which more closely resembles an email server than
  6. a web server. For reliability and performance, messages are delivered in the
  7. background and are queued for later delivery when sites are down. This kind of
  8. functionality requires a bit more of the host system than the typical blog.
  9. Not every PHP/MySQL hosting provider will be able to support Friendica. Many will.
  10. But please review the requirements and confirm these with your hosting provider
  11. prior to installation.
  12. Before you begin: Choose a domain name or subdomain name for your server.
  13. Put some thought into this - because changing it is currently not-supported.
  14. Things will break, and some of your friends may have difficulty communicating with you.
  15. We plan to address this limitation in a future release. Also decide if you wish
  16. to connect with members of the Diaspora network, as this will impact the
  17. installation requirements.
  18. Decide if you will use SSL and obtain an SSL cert. Communications with the
  19. Diaspora network MAY require both SSL AND an SSL cert signed by a CA which is
  20. recognized by major browsers. Friendica will work with self-signed certs but
  21. Diaspora communication may not. For best results, install your cert PRIOR to
  22. installing Friendica and when visiting your site for the initial installation in
  23. step 5, please use the https: link. (Use the http: or non-SSL link if your cert
  24. is self-signed).
  25. ## 1. Requirements
  26. - Apache with mod-rewrite enabled and "Options All" so you can use a local .htaccess file
  27. - PHP 5.6.1+ (PHP 7.1+ recommended for performance and official support).
  28. - PHP *command line* with `register_argc_argv = true` in php.ini
  29. - curl, gd (with at least jpeg support), mysql, mbstring, xml, zip and openssl extensions
  30. - Some form of email server or email gateway such that PHP mail() works
  31. - The POSIX module of PHP needs to be activated (e.g. RHEL, CentOS have disabled it)
  32. - Composer for a Git install
  33. - Mysql 5.6+ or an equivalent alternative for MySQL (MariaDB 10.0.5+, Percona Server etc.)
  34. - Ability to schedule jobs with cron (Linux/Mac) or Scheduled Tasks (Windows)
  35. - Installation into a top-level domain or sub-domain (without a directory/path
  36. component in the URL) is preferred. This is REQUIRED if you wish to communicate
  37. with the Diaspora network.
  38. - For alternative server configurations (such as Nginx server and MariaDB database
  39. engine), refer to the [Friendica wiki](https://github.com/friendica/friendica/wiki).
  40. This guide will walk you through the manual installation process of Friendica.
  41. If this is nothing for you, you might be interested in:
  42. * the Friendica Docker image (https://github.com/friendica/docker) or
  43. * how install Friendica with YunoHost (https://github.com/YunoHost-Apps/friendica_ynh).
  44. ## 2. Install Friendica sources
  45. Unpack the Friendica files into the root of your web server document area.
  46. If you copy the directory tree to your webserver, make sure that you also copy
  47. `.htaccess-dist` - as "dot" files are often hidden and aren't normally copied.
  48. OR
  49. Clone the friendica/friendica GitHub repository and import dependencies
  50. git clone https://github.com/friendica/friendica -b master [web server folder]
  51. cd [web server folder]
  52. bin/composer.phar install --no-dev
  53. Make sure the folder view/smarty3 exists and is writable by the webserver user,
  54. in this case `www-data`
  55. mkdir view/smarty3
  56. chown www-data:www-data view/smarty3
  57. chmod 775 view/smarty3
  58. Get the addons by going into your website folder.
  59. cd mywebsite
  60. Clone the addon repository (separately):
  61. git clone https://github.com/friendica/friendica-addons.git -b master addon
  62. If you want to use the development version of Friendica you can switch to the
  63. develop branch in the repository by running
  64. git checkout develop
  65. bin/composer.phar install
  66. cd addon
  67. git checkout develop
  68. Please be aware that the develop branch is unstable.
  69. Exercise caution when pulling.
  70. If you encounter a bug, please let us know.
  71. Either way, if you use Apache, copy `.htaccess-dist` to `.htaccess` to enable
  72. URL rewriting.
  73. ## 3. Database
  74. Create an empty database and note the access details (hostname, username, password,
  75. database name).
  76. - Friendica needs the permission to create and delete fields and tables in its
  77. own database.
  78. - Please check the additional notes if running on MySQ 5.7.17 or newer
  79. ## 4. Config
  80. If you know in advance that it will be impossible for the web server to write or
  81. create files in the `config/` directory, please create an empty file called
  82. `local.config.php` in it and make it writable by the web server.
  83. ## 5a. Install Wizard
  84. Visit your website with a web browser and follow the instructions.
  85. Please note any error messages and correct these before continuing.
  86. If you are using SSL with a known signature authority (recommended), use the
  87. https: link to your website. If you are using a self-signed cert or no cert,
  88. use the http: link.
  89. If you need to specify a port for the connection to the database, you can do so
  90. in the host name setting for the database.
  91. ## 5b. Manual install
  92. *If* the automated installation fails for any reason, please check the following:
  93. - `config/local.config.php` exists
  94. - If not, copy `config/local-sample.config.php` to `config/local.config.php`
  95. and edit it with your settings.
  96. - Database is populated.
  97. - If not, import the contents of `database.sql` with phpMyAdmin or the mysql
  98. command line tool.
  99. ## 6. Register the admin account
  100. At this point visit your website again, and register your personal account with
  101. the same email as in the `config.admin_email` config value.
  102. Registration errors should all be recoverable automatically.
  103. If you get any *critical* failure at this point, it generally indicates the
  104. database was not installed correctly. You might wish to delete/rename
  105. `config/local.config.php` to another name and drop all the database tables so
  106. that you can start fresh.
  107. ## 7. Background tasks (IMPORTANT)
  108. Set up a cron job or scheduled task to run the worker once every 5-10 minutes to
  109. pick up the recent "public" postings of your friends. Example:
  110. cd /base/directory; /path/to/php bin/worker.php
  111. Change "/base/directory", and "/path/to/php" as appropriate for your situation.
  112. If you are using a Linux server, run "crontab -e" and add a line like the one
  113. shown, substituting for your unique paths and settings:
  114. */10 * * * * cd /home/myname/mywebsite; /usr/bin/php bin/worker.php
  115. You can generally find the location of PHP by executing "which php".
  116. If you have troubles with this section please contact your hosting provider for assistance.
  117. Friendica will not work correctly if you cannot perform this step.
  118. You should also be sure that `config.php_path` is set correctly, it should look
  119. like this: (changing it to the correct PHP location)
  120. 'config' => [
  121. 'php_path' => '/usr/local/php56/bin/php',
  122. ]
  123. Alternative: If you cannot use a cron job as described above, you can use the
  124. frontend worker and an external cron service to trigger the execution of the worker script.
  125. You can enable the frontend worker after the installation from the admin panel
  126. of your node and call:
  127. https://example.com/worker
  128. with the service of your choice.
  129. ## 8. (Recommended) Set up a backup plan
  130. Bad things will happen.
  131. Let there be a hardware failure, a corrupted database or whatever you can think of.
  132. So once the installation of your Friendica node is done, you should make yourself
  133. a backup plan.
  134. The most important file is the `config/local.config.php` file in the base directory.
  135. As it stores all your data, you should also have a recent dump of your Friendica
  136. database at hand, should you have to recover your node.
  137. ## 9. (Optional) Reverse-proxying and HTTPS
  138. Friendica looks for some well-known HTTP headers indicating a reverse-proxy
  139. terminating an HTTPS connection.
  140. While the standard from RFC 7239 specifies the use of the `Forwaded` header.
  141. Forwarded: for=192.0.2.1; proto=https; by=192.0.2.2
  142. Friendica also supports a number on non-standard headers in common use.
  143. X-Forwarded-Proto: https
  144. Front-End-Https: on
  145. X-Forwarded-Ssl: on
  146. It is however preferable to use the standard approach if configuring a new server.
  147. ## Troubleshooting
  148. ### "System is currently unavailable. Please try again later"
  149. Check your database settings.
  150. It usually means your database could not be opened or accessed.
  151. If the database resides on the same machine, check that the database server name
  152. is "localhost".
  153. ### 500 Internal Error
  154. This could be the result of one of our Apache directives not being supported by
  155. your version of Apache. Examine your apache server logs.
  156. You might remove the line "Options -Indexes" from the .htaccess file if you are
  157. using a Windows server as this has been known to cause problems.
  158. Also check your file permissions. Your website and all contents must generally
  159. be world-readable.
  160. It is likely that your web server reported the source of the problem in its error log files.
  161. Please review these system error logs to determine what caused the problem.
  162. Often this will need to be resolved with your hosting provider or (if self-hosted)
  163. your web server configuration.
  164. ### 400 and 4xx "File not found" errors
  165. First check your file permissions.
  166. Your website and all contents must generally be world-readable.
  167. Ensure that mod-rewite is installed and working, and that your `.htaccess` file
  168. is being used. To verify the latter, create a file `test.out` containing the
  169. word "test" in the top directory of Friendica, make it world readable and point
  170. your web browser to
  171. http://yoursitenamehere.com/test.out
  172. This file should be blocked. You should get a permission denied message.
  173. If you see the word "test" your Apache configuration is not allowing your
  174. `.htaccess` file to be used (there are rules in this file to block access to any
  175. file with .out at the end, as these are typically used for system logs).
  176. Make certain the `.htaccess` file exists and is readable by everybody, then look
  177. for the existence of "AllowOverride None" in the Apache server configuration for your site.
  178. This will need to be changed to "AllowOverride All".
  179. If you do not see the word "test", your `.htaccess` is working, but it is likely
  180. that mod-rewrite is not installed in your web server or is not working.
  181. On most Linux flavors:
  182. % a2enmod rewrite
  183. % /etc/init.d/apache2 restart
  184. Consult your hosting provider, experts on your particular Linux distribution or
  185. (if Windows) the provider of your Apache server software if you need to change
  186. either of these and can not figure out how. There is a lot of help available on
  187. the web. Search "mod-rewrite" along with the name of your operating system
  188. distribution or Apache package (if using Windows).
  189. ### Unable to write the file config/local.config.php due to permissions issues
  190. Create an empty `config/local.config.php`file with that name and give it
  191. world-write permission.
  192. On Linux:
  193. % touch config/local.config.php
  194. % chmod 664 config/local.config.php
  195. Retry the installation. As soon as the database has been created,
  196. ******* this is important *********
  197. % chmod 644 config/local.config.php
  198. ### Suhosin issues
  199. Some configurations with "suhosin" security are configured without an ability to
  200. run external processes. Friendica requires this ability. Following are some notes
  201. provided by one of our members.
  202. > On my server I use the php protection system Suhosin [http://www.hardened-php.net/suhosin/].
  203. > One of the things it does is to block certain functions like proc_open, as
  204. > configured in `/etc/php5/conf.d/suhosin.ini`:
  205. >
  206. > suhosin.executor.func.blacklist = proc_open, ...
  207. >
  208. > For those sites like Friendica that really need these functions they can be
  209. > enabled, e.g. in `/etc/apache2/sites-available/friendica`:
  210. >
  211. > <Directory /var/www/friendica/>
  212. > php_admin_value suhosin.executor.func.blacklist none
  213. > php_admin_value suhosin.executor.eval.blacklist none
  214. > </Directory>
  215. >
  216. > This enables every function for Friendica if accessed via browser, but not for
  217. > the cronjob that is called via php command line. I attempted to enable it for
  218. > cron by using something like:
  219. >
  220. > */10 * * * * cd /var/www/friendica/friendica/ && sudo -u www-data /usr/bin/php \
  221. > -d suhosin.executor.func.blacklist=none \
  222. > -d suhosin.executor.eval.blacklist=none -f bin/worker.php
  223. >
  224. > This worked well for simple test cases, but the friendica-cron still failed
  225. > with a fatal error:
  226. >
  227. > suhosin[22962]: ALERT - function within blacklist called: proc_open()
  228. > (attacker 'REMOTE_ADDR not set', file '/var/www/friendica/friendica/boot.php',
  229. > line 1341)
  230. >
  231. > After a while I noticed, that `bin/worker.php` calls further PHP script via `proc_open`.
  232. > These scripts themselves also use `proc_open` and fail, because they are NOT
  233. > called with `-d suhosin.executor.func.blacklist=none`.
  234. >
  235. > So the simple solution is to put the correct parameters into `config/local.config.php`:
  236. >
  237. > 'config' => [
  238. > //Location of PHP command line processor
  239. > 'php_path' => '/usr/bin/php -d suhosin.executor.func.blacklist=none \
  240. > -d suhosin.executor.eval.blacklist=none',
  241. > ],
  242. >
  243. > This is obvious as soon as you notice that the friendica-cron uses `proc_open`
  244. > to execute PHP scripts that also use `proc_open`, but it took me quite some time to find that out.
  245. > I hope this saves some time for other people using suhosin with function blacklists.
  246. ### Unable to create all mysql tables on MySQL 5.7.17 or newer
  247. If the setup fails to create all the database tables and/or manual creation from
  248. the command line fails, with this error:
  249. ERROR 1067 (42000) at line XX: Invalid default value for 'created'
  250. You need to adjust your my.cnf and add the following setting under the [mysqld]
  251. section:
  252. sql_mode = '';
  253. After that, restart mysql and try again.