FoolFuuka/Install/EL8

Installing FoolFuuka (Pleebe fork)

 * 1) Create a non-root service user, such as   . For the benefit of SELinux, it is best to use /var/lib/asagi for daemon users so that systemd will be allowed to access that directory (it cannot access /home directory by default with SELinux).

useradd -m -s /bin/bash -d /var/lib/asagi asagi 1.Install nginx supported appstreams rather than EPEL

dnf --disablerepo=epel-modular module enable nginx:1.22 dnf install nginx 2.Install MariaDB (Warning: 10.5 and up do not support TokuDB, see the TokuDB guide regarding how to use it)

3.Install PHP7.4

Enable latest php appstream:

sudo dnf module enable php:7.4 sudo dnf install php dnf install php-cli php-fpm php-bcmath php-json php-opcache php-readline php-curl php-mysqli php-mbstring php-gd php-zip php-xml Start nginx:

systemctl restart php-fpm.service sudo nginx -s reload systemctl restart nginx 4.Edit /etc/php.ini

upload_max_filesize = 32M post_max_size = 32M max_execution_time = 240 max_file_uploads = 82 Also set /etc/php-fpm.d/www.conf to set  user and   group (easier to deal with than a separate group)

; Unix user/group of processes user = asagi group = asagi Make sure that if you have run php-fpm at least once, then the contents of  are owned by asagi group.
 * Note: The user is mandatory. If the group is not set, the default user's group
 * will be used.
 * RPM: apache user chosen to provide access to the same directories as httpd
 * NOTE: we configure it to have the same permissions as asagi user to simplify
 * user = apache
 * RPM: Keep a group allowed to write in log dir.
 * group = apache

Finally, start and enable php-fpm.

systemctl start php-fpm systemctl enable php-fpm If you’re using SELinux, make sure to enable the following policy (found by ):

setsebool -P httpd_unified 1 5.Edit /etc/nginx/nginx.conf

Add

to the http{} block

6.Install ImageMagick without the rest of X11 dependencies

dnf --setopt=install_weak_deps=False install imagemagick 7.Install composer using root user ( composer itself should not be used by root)

php -r &quot;copy('https://getcomposer.org/installer', 'composer-setup.php');&quot;

php -r &quot;if (hash_file('sha384', 'composer-setup.php') === '906a84df04cea2aa72f40b5f787e49f22d4c2f19492ac310e8cba5b96ac8b64115ac402c8cd292b8a03482574915d1a8') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;&quot;

php composer-setup.php

php -r &quot;unlink('composer-setup.php');&quot;

sudo mv composer.phar /usr/local/bin/composer test composer as a normal user

composer 8.MySQL entries

sudo nano /etc/my.cnf.d/client.cnf Add the following so the mysql client creates utf8mb4 by default

[client] default-character-set = utf8mb4 Create the  mariadb user used by the scraper, and the foolfuuka database and separate asagi databases. Replace YOUR_PASSWORD_HERE with the password to use, and keep that password in a safe place (if this is a shared server, place it in /root/pws.txt for only root users to read).

mysql -u root -pPassword

CREATE USER 'asagi'@'localhost' IDENTIFIED BY 'YOUR_PASSWORD_HERE';

CREATE DATABASE foolfuuka DEFAULT CHARACTER SET utf8mb4 DEFAULT COLLATE utf8mb4_general_ci; GRANT ALL PRIVILEGES ON `foolfuuka`. * TO 'asagi'@'localhost';

CREATE DATABASE asagi DEFAULT CHARACTER SET utf8mb4 DEFAULT COLLATE utf8mb4_general_ci; GRANT ALL PRIVILEGES ON `asagi`. * TO 'asagi'@'localhost';

CREATE USER 'backup'@'localhost' IDENTIFIED BY 'YOUR_PASSWORD_HERE'; GRANT ALL PRIVILEGES ON `foolfuuka`. * TO 'backup'@'localhost'; GRANT ALL PRIVILEGES ON `asagi`. * TO 'backup'@'localhost';

FLUSH PRIVILEGES;

EXIT; 6.Git clone and install FoolFuuka

Create a directory for this foolfuuka instance, we will call it  :

cd /var/www/ git clone https://github.com/pleebe/FoolFuuka chown asagi:asagi -R /var/www/foolfuuka

> Warning: All steps below MUST be run as the  user by becoming. Do not run composer as root anymore.

Become the service user, and then navigate to your public directory (/var/www/foolfuuka)

sudo su - asagi cd /var/www/foolfuuka Edit composer.json (lowercase error, should really ask pleebe about this)

replace

with

As the service user, add the github oauth token to  (or you can do it when prompted by composer):

{   &quot;github-oauth&quot;: { &quot;github.com&quot;: &quot;YOUR_TOKEN_HERE&quot; } } Follow this guide to obtain the Github Oauth token.

https://getcomposer.org/doc/articles/authentication-for-private-packages.md#github-oauth

composer dump-autoload --optimize composer install (with sudoer user, not root, this is required so you can overwrite the github token in the event that you need to) (generate your token on github and insert it if needed)

cd /var/www/foolfuuka/app/foolz/foolframe/plugins

git clone https://github.com/pleebe/foolfuuka-plugin-board-statistics.git git clone https://github.com/FoolCode/foolfuuka-plugin-dice-roll.git git clone https://github.com/pleebe/foolfuuka-plugin-intel-share.git git clone https://github.com/pleebe/foolfuuka-plugin-popup-report.git git clone https://github.com/FoolCode/foolfuuka-plugin-quests.git git clone https://github.com/pleebe/foolfuuka-plugin-spam-guard.git git clone https://github.com/pleebe/foolfuuka-plugin-thread-chunk.git git clone https://github.com/pleebe/foolfuuka-plugin-adverts.git git clone https://github.com/pleebe/foolfuuka-plugin-external-links.git git clone https://github.com/pleebe/foolfuuka-plugin-fortune.git git clone https://github.com/pleebe/foolfuuka-plugin-cloudflare-cache-purge.git git clone https://github.com/pleebe/foolfuuka-plugin-table.git git clone https://github.com/pleebe/foolframe-plugin-articles 9.Set Permissions and Group for FoolFuuka Directory. Also set up the  directory where full images are stored, you can symlink this to a different directory for storage on a RAID or NFS mount or something (can be set to 770 instead if giving global permissions). (or you can choose a different group for both nginx and asagi to be in.)

chown -Rf asagi:asagi /var/www/foolfuuka mkdir /var/www/foolfuuka/public/foolfuuka/boards/ chown -Rf asagi:nginx /var/www/foolfuuka/public/foolfuuka/boards chmod 775 /var/www/foolfuuka/public/foolfuuka/boards/ We do some even more stringent configurations too:

chmod 770 /var/www/foolfuuka/app/foolz/foolframe/logs/ 10.Create nginx configuration in sites-enabled

sudo nano /etc/nginx/conf.d/foolfuuka.conf Edit with the following (replace WEB_SITE_NAME with the name of the website):

server { listen    80; listen    [::]:80; server_name www.WEB_SITE_NAME.com WEB_SITE_NAME.com; #if ($server_protocol ~* &quot;HTTP/1.0&quot;) { #   return 400; #}        root /var/www/foolfuuka/public; index &quot;index.php&quot; &quot;index.html&quot;;

location ~* \.(?:cur|gz|js|css|ico)$ { expires 30d; access_log off; add_header Cache-Control &quot;public&quot;; }

location &quot;/&quot; { location ~ &quot;\.php$&quot; { fastcgi_pass &quot;unix:/run/php-fpm/www.sock&quot;; fastcgi_param &quot;SCRIPT_FILENAME&quot; &quot;$document_root$fastcgi_script_name&quot;; fastcgi_keep_conn on; fastcgi_index &quot;index.php&quot;; include &quot;fastcgi_params&quot;; fastcgi_buffering on; fastcgi_buffer_size 64k; fastcgi_buffers 128 64k; limit_req zone=limit_req__foolfuuka_php burst=5; }                                                                                                            if (!-e &quot;${request_filename}&quot;) { rewrite &quot;^&quot; &quot;/index.php&quot;; }                                             }   # listen [::]:443 ssl ipv6only=on; # managed by Certbot # listen 443 ssl; # managed by Certbot # ssl_certificate /etc/letsencrypt/live/www.WEB_SITE_NAME.net/fullchain.pem; # managed by Certbot # ssl_certificate_key /etc/letsencrypt/live/www.WEB_SITE_NAME.net/privkey.pem; # managed by Certbot # include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot # ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
 * 1) Certbot stuff

} Start nginx:

nginx -s reload

systemctl enable nginx systemctl status nginx   Go to your admin panel, it should prompt you with the requirement check, and enter your database/user/password (asagi/asagi/toor in this example case).   After the installation is finished and you have access to the panel go to 

your_site.net/admin/preferences/general/

In the database information, enter  as the database IP (unless for some reason your database is on another server). enter the  SQL database user and password, and keep that password in a safe place (if this is a shared server, place it in /root/pws.txt for only root users to read).

Do not change the table prefix: this is used in cases where multiple foolfuuka instances use the same database, which is strongly discouraged.

and set Imagemagick Convert path to  or wherever   is

Create an admin account that will be shared by all root users and put the password into /root/pws.txt. This admin account can be used to create more accounts later.

Also make sure to enable the articles page.

 That’s it, that installs the FoolFuuka frontend on RHEL8