Friendica Communications Platform (please note that this is a clone of the repository at github, issues are handled there) https://friendi.ca
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

329 lines
14 KiB

  1. Friendica Installation
  2. We've tried very hard to ensure that Friendica will run on commodity hosting
  3. platforms - such as those used to host Wordpress blogs and Drupal websites.
  4. But be aware that Friendica is more than a simple web application. It is a
  5. complex communications system which more closely resembles an email server
  6. than a web server. For reliability and performance, messages are delivered in
  7. the background and are queued for later delivery when sites are down. This
  8. kind of functionality requires a bit more of the host system than the typical
  9. blog. Not every PHP/MySQL hosting provider will be able to support Friendica.
  10. Many will. But please review the requirements and confirm these with your
  11. hosting provider prior to installation.
  12. Before you begin: Choose a domain name or subdomain name for your server.
  13. Put some thought into this - because changing it is currently not-supported.
  14. Things will break, and some of your friends may have difficulty communicating
  15. with you. We plan to address this limitation in a future release. Also decide
  16. if you wish to connect with members of the Diaspora network, as this will
  17. impact the installation requirements.
  18. Decide if you will use SSL and obtain an SSL cert. Communications with the
  19. Diaspora network MAY require both SSL AND an SSL cert signed by a CA which is
  20. recognised by the major browsers. Friendica will work with self-signed certs
  21. but Diaspora communication may not. For best results, install your cert PRIOR
  22. to installing Friendica and when visiting your site for the initial
  23. installation in step 5, please use the https: link. (Use the http: or non-SSL
  24. link if your cert is self-signed).
  25. 1. Requirements
  26. - Apache with mod-rewrite enabled and "Options All" so you can use a
  27. local .htaccess file
  28. - PHP 5.6+ (PHP 7 recommended for performance).
  29. - PHP *command line* access with register_argc_argv set to true in the
  30. php.ini file [or see 'poormancron' in section 8]
  31. - curl, gd (with at least jpeg support), mysql, mbstring, xml, zip and openssl extensions
  32. - some form of email server or email gateway such that PHP mail() works
  33. - The POSIX module of PHP needs to be activated (e.g. RHEL, CentOS have disabled it)
  34. - Mysql 5.5.3+ or an equivalant alternative for MySQL (MariaDB, Percona Server etc.)
  35. - ability to schedule jobs with cron (Linux/Mac) or Scheduled Tasks
  36. (Windows) [Note: other options are presented in Section 8 of this document]
  37. - Installation into a top-level domain or sub-domain (without a
  38. directory/path component in the URL) is preferred. This is REQUIRED if
  39. you wish to communicate with the Diaspora network.
  40. - For alternative server configurations (such as Nginx server and MariaDB
  41. database engine), refer to the wiki at https://github.com/friendica/friendica/wiki
  42. 2. Unpack the Friendica files into the root of your web server document area.
  43. - If you copy the directory tree to your webserver, make sure
  44. that you also copy .htaccess - as "dot" files are often hidden
  45. and aren't normally copied.
  46. OR
  47. 2b. Clone the friendica/friendica GitHub repository and import dependencies
  48. git clone https://github.com/friendica/friendica [web server folder]
  49. cd [web server folder]
  50. php util/composer.phar install
  51. 3. Create an empty database and note the access details (hostname, username,
  52. password, database name).
  53. - Friendica needs the permission to create and delete fields and tables in its own database.
  54. - Please check the additional notes if running on MySQ 5.7.17 or newer
  55. 4. If you know in advance that it will be impossible for the web server to
  56. write or create files in your web directory, create an empty file called
  57. .htconfig.php and make it writable by the web server.
  58. 5. Visit your website with a web browser and follow the instructions. Please
  59. note any error messages and correct these before continuing.
  60. If you are using SSL with a known signature authority (recommended), use the
  61. https: link to your website. If you are using a self-signed cert or no cert,
  62. use the http: link.
  63. If you need to specify a port for the connection to the database, you can do
  64. so in the host name setting for the database.
  65. 6. *If* the automated installation fails for any reason, check the following:
  66. - ".htconfig.php" exists
  67. If not, edit htconfig.php and change system settings. Rename
  68. to .htconfig.php
  69. - Database is populated.
  70. If not, import the contents of "database.sql" with phpmyadmin
  71. or mysql command line
  72. 7. At this point visit your website again, and register your personal account.
  73. Registration errors should all be recoverable automatically.
  74. If you get any *critical* failure at this point, it generally indicates the
  75. database was not installed correctly. You might wish to move/rename
  76. .htconfig.php to another name and empty (called 'dropping') the database
  77. tables, so that you can start fresh.
  78. ****************************************************************************
  79. ****************************************************************************
  80. ******** THIS NEXT STEP IS IMPORTANT!!!! ***********
  81. ****************************************************************************
  82. ****************************************************************************
  83. 8. Set up a cron job or scheduled task to run the worker once every 5-10
  84. minutes to pick up the recent "public" postings of your friends. Example:
  85. cd /base/directory; /path/to/php scripts/worker.php
  86. Change "/base/directory", and "/path/to/php" as appropriate for your situation.
  87. If you are using a Linux server, run "crontab -e" and add a line like the
  88. one shown, substituting for your unique paths and settings:
  89. */10 * * * * cd /home/myname/mywebsite; /usr/bin/php scripts/worker.php
  90. You can generally find the location of PHP by executing "which php". If you
  91. have troubles with this section please contact your hosting provider for
  92. assistance. Friendica will not work correctly if you cannot perform this step.
  93. You should also be sure that $a->config['php_path'] is set correctly, it should
  94. look like (changing it to the correct PHP location)
  95. $a->config['php_path'] = '/usr/local/php56/bin/php'
  96. Alternative: If you cannot use a cron job as described above, you can use
  97. the frontend worker and an external cron service to trigger the execution
  98. of the worker script. You can enable the frontend worker after the installation
  99. from the admin panel of your node and call
  100. https://example.com/worker
  101. with the service of your choice.
  102. 9. (Recommended) Set up a backup plan
  103. Bad things will happen. Let there be a hardware failure, a corrupted
  104. database or whatever you can think of. So once the installation of your
  105. Friendica node is done, you should make yoursef a backup plan.
  106. The most important file is the `.htconfig.php` file in the base directory.
  107. As it stores all your data, you should also have a recent dump of your
  108. Friendica database at hand, should you have to recover your node.
  109. 10. (Optional) Reverse-proxying and HTTPS
  110. Friendica looks for some well-known HTTP headers indicating a reverse-proxy
  111. terminating an HTTPS connection. While the standard from RFC 7239 specifies
  112. the use of the `Forwaded` header.
  113. Forwarded: for=192.0.2.1; proto=https; by=192.0.2.2
  114. Friendica also supports a number on non-standard headers in common use.
  115. X-Forwarded-Proto: https
  116. Front-End-Https: on
  117. X-Forwarded-Ssl: on
  118. It is however preferable to use the standard approach if configuring a new server.
  119. #####################################################################
  120. If things don't work...
  121. #####################################################################
  122. #####################################################################
  123. - If you get the message
  124. "System is currently unavailable. Please try again later"
  125. #####################################################################
  126. Check your database settings. It usually means your database could not
  127. be opened or accessed. If the database resides on the same machine, check that
  128. the database server name is "localhost".
  129. #####################################################################
  130. - 500 Internal Error
  131. #####################################################################
  132. This could be the result of one of our Apache directives not being
  133. supported by your version of Apache. Examine your apache server logs.
  134. You might remove the line "Options -Indexes" from the .htaccess file if
  135. you are using a Windows server as this has been known to cause problems.
  136. Also check your file permissions. Your website and all contents must generally
  137. be world-readable.
  138. It is likely that your web server reported the source of the problem in
  139. its error log files. Please review these system error logs to determine what
  140. caused the problem. Often this will need to be resolved with your hosting
  141. provider or (if self-hosted) your web server configuration.
  142. #####################################################################
  143. - 400 and 4xx "File not found" errors
  144. #####################################################################
  145. First check your file permissions. Your website and all contents must
  146. generally be world-readable.
  147. Ensure that mod-rewite is installed and working, and that your
  148. .htaccess file is being used. To verify the latter, create a file test.out
  149. containing the word "test" in the top directory of Friendica, make it world
  150. readable and point your web browser to
  151. http://yoursitenamehere.com/test.out
  152. This file should be blocked. You should get a permission denied message.
  153. If you see the word "test" your Apache configuration is not allowing
  154. your .htaccess file to be used (there are rules in this file to block access
  155. to any file with .out at the end, as these are typically used for system logs).
  156. Make certain the .htaccess file exists and is readable by everybody, then
  157. look for the existence of "AllowOverride None" in the Apache server
  158. configuration for your site. This will need to be changed to
  159. "AllowOverride All".
  160. If you do not see the word "test", your .htaccess is working, but it is
  161. likely that mod-rewrite is not installed in your web server or is not working.
  162. On most flavour of Linux,
  163. % a2enmod rewrite
  164. % /etc/init.d/apache2 restart
  165. Consult your hosting provider, experts on your particular Linux
  166. distribution or (if Windows) the provider of your Apache server software if
  167. you need to change either of these and can not figure out how. There is
  168. a lot of help available on the web. Google "mod-rewrite" along with the
  169. name of your operating system distribution or Apache package (if using
  170. Windows).
  171. #####################################################################
  172. - If you are unable to write the file .htconfig.php during installation
  173. due to permissions issues:
  174. #####################################################################
  175. create an empty file with that name and give it world-write permission.
  176. For Linux:
  177. % touch .htconfig.php
  178. % chmod 777 .htconfig.php
  179. Retry the installation. As soon as the database has been created,
  180. ******* this is important *********
  181. % chmod 755 .htconfig.php
  182. #####################################################################
  183. - Some configurations with "suhosin" security are configured without
  184. an ability to run external processes. Friendica requires this ability.
  185. Following are some notes provided by one of our members.
  186. #####################################################################
  187. On my server I use the php protection system Suhosin
  188. [http://www.hardened-php.net/suhosin/]. One of the things it does is to block
  189. certain functions like proc_open, as configured in /etc/php5/conf.d/suhosin.ini:
  190. suhosin.executor.func.blacklist = proc_open, ...
  191. For those sites like Friendica that really need these functions they can be
  192. enabled, e.g. in /etc/apache2/sites-available/friendica:
  193. <Directory /var/www/friendica/>
  194. php_admin_value suhosin.executor.func.blacklist none
  195. php_admin_value suhosin.executor.eval.blacklist none
  196. </Directory>
  197. This enables every function for Friendica if accessed via browser, but not for
  198. the cronjob that is called via php command line. I attempted to enable it for
  199. cron by using something like
  200. */10 * * * * cd /var/www/friendica/friendica/ && sudo -u www-data /usr/bin/php
  201. -d suhosin.executor.func.blacklist=none -d suhosin.executor.eval.blacklist=none
  202. -f scripts/worker.php
  203. This worked well for simple test cases, but the friendica-cron still failed with
  204. a fatal error:
  205. suhosin[22962]: ALERT - function within blacklist called: proc_open() (attacker
  206. 'REMOTE_ADDR not set', file '/var/www/friendica/friendica/boot.php', line 1341)
  207. After a while I noticed, that scripts/worker.php calls further php script via
  208. proc_open. These scripts themselves also use proc_open and fail, because they
  209. are NOT called with -d suhosin.executor.func.blacklist=none.
  210. So the simple solution is to put the correct parameters into .htconfig.php:
  211. // Location of PHP command line processor
  212. $a->config['php_path'] = '/usr/bin/php -d suhosin.executor.func.blacklist=none
  213. -d suhosin.executor.eval.blacklist=none';
  214. This is obvious as soon as you notice that the friendica-cron uses proc_open to
  215. execute php-scripts that also use proc_open, but it took me quite some time to
  216. find that out. I hope this saves some time for other people using suhosin with
  217. function blacklists.
  218. ########################################################################
  219. Unable to create all mysql tables on MySQL 5.7.17 or newer
  220. #######################################################################
  221. If the setup fails to create all the database tables and/or manual
  222. creation from the command line fails, with this error:
  223. ERROR 1067 (42000) at line XX: Invalid default value for 'created'
  224. You need to adjust your my.cnf and add the following setting under
  225. the [mysqld] section :
  226. sql_mode = '';
  227. After that, restart mysql and try again.