These are my build notes for installing HumHub on a Debian server.
HumHub is lightweight social media framework, which allows the creation of spaces, where each space, out-of-the-box, offers calendars, wikis, task lists, streams, and polls.
For installing on Debian, I usually follow the expert installation process, and keep the package list down to the minimum of 'SSH Server' only, and perform a manual partition configuration. Here is one view on the partition style I use:
# df -h
Filesystem Size Used Avail Use% Mounted on
udev 494M 0 494M 0% /dev
tmpfs 100M 7.0M 93M 7% /run
tmpfs 100M 0 100M 0% /run/user/1000
tmpfs 499M 0 499M 0% /dev/shm
tmpfs 5.0M 0 5.0M 0% /run/lock
tmpfs 499M 0 499M 0% /sys/fs/cgroup
/dev/sda1 88M 22M 61M 27% /boot
/dev/sda2 2.7G 1.1G 1.6G 41% /
/dev/sda5 922M 2.4M 856M 1% /home
/dev/sda6 922M 2.4M 856M 1% /tmp
/dev/sda7 7.3G 213M 6.7G 4% /var/lib/mysql
/dev/sda8 18G 268M 17G 2% /var/www/html
An alternate refinement might be to put /var/www on a btrfs partition and make /var/www/html a subvolume. The humhub upgrade instructions require files to be copied, updated over top, then the copies brought back. With btrfs, the subvolume can be snapshotted before an upgrade, the upgrade performed, then files copied from the snapshot. Or if the snapshot fails, the snapshot can be rolled back. Now that I think of it, the same could be said of /var/lib/mysql.
In that case, maybe /var should be a btrfs partition with /var/lib/mysql and /var/www/html being sub-volumes. With this, then the subvolumes would need to be created prior to the applicable packages are installed.
The choice for how to create the btrfs partitions hinges on a) creating a /var/ partition with two subvolumes, where the subvolumes should have quotas assigned, which provides better partition utilisation, or b) creating two logical volume partitions, where the physical partition sizes enforce space utilization. With the general idea that the database is protected from web site file overflows
btrfs quota support: BTRFS Quota Support
Once the operating system has been installed and configured, login, and as root (or sudo equivalent), do the following:
cd /root
At this point, if the btrfs quotas will be used, this is where the btrfs sub volumes and quotas would be defined. I haven't
built it that way yet, so I don't have suitable commands to show here.
Moving on to the installation of packages:
apt install tcpdump less net-tools
apt install apache2
apt install php mariadb-server php-curl php-mbstring php-zip php-exif php-intl \
php-ldap libldap-2.4.2 php-apcu php-memcached php-gd php-sqlite3 php-mysql
apt install apache2 libapache2-mod-php7.0
apt install exim4-base
Change exim mailer so that it is internet based, and only listens on 127.0.0.1:
dpkg-reconfigure exim4-config
Download the software. This is an example. There are more recent versions.
wget --no-check-certificate -O humhub.1.2.0-beta.4.tar.gz https://www.humhub.org/en/download/default/start?version=1.2.0-beta.4&type=tar.gz&ee=0
tar zxvf humhub.1.2.0-beta.4.tar.gz
Move some files to the web directory:
mv humhub-1.2.0-beta.4/* /var/www/html
mv humhub-1.2.0-beta.4/.htaccess.dist /var/www/html/.htaccess
2018/05/14 - better mechanism of download:
wget https://www.humhub.org/en/download/package/humhub-1.2.6.tar.gz
tar zxvf humhub-1.2.6.tar.gz
Make some changes in the web directory:
cd /var/www/html
a2enmod rewrite
chown www-data.www-data assets
chown -R www-data.www-data protected/config
chown -R www-data.www-data protected/modules
chown -R www-data.www-data protected/runtime
chown -R www-data.www-data uploads
chmod +x protected/yii.bat
To provide some privacy on the front page, make a back up copy and edit:
cp protected/humhub/modules/directory/controllers/DirectoryController.php protected/humhub/modules/directory/controllers/DirectoryController.php.bak
vim.tiny protected/humhub/modules/directory/controllers/DirectoryController.php
Make a copy of the line, comment it out, and shorten it down to stream only (based upon https://github.com/humhub/humhub/issues/1954:
#'guestAllowedActions' => ['groups', 'index', 'members', 'spaces', 'user-posts', 'stream']
'guestAllowedActions' => ['stream']
Add the following to the indicated file:
/etc/apache2/sites-available/000-default.conf:
DirectoryIndex index.php
Run the mysql command
mysql
And build the database:
CREATE DATABASE `humhub` CHARACTER SET utf8 COLLATE utf8_general_ci;
GRANT ALL ON `humhub`.* TO `dbuser`@localhost IDENTIFIED BY 'password';
FLUSH PRIVILEGES;
quit
The restart the web browser
systemctl restart apache2
Add a certificate and turn the browser into https only:
apt install python-certbot-apache
certbot --apache
The chain file is located at:
/etc/letsencrypt/live/example.com/fullchain.pem
Test the web site certificate installation:
https://www.ssllabs.com/ssltest/analyze.html?d=example.com
Goto the web site and perform the installation procedure.
Then come back and update the cronjob:
crontab -e
With
30 * * * * /var/www/html/protected/yii cron/hourly >/dev/null 2>&1
00 18 * * * /var/www/html/protected/yii cron/daily >/dev/null 2>&1
As an end-note, when using ldap integration, and when using the github based install process, they recommend adding
zend ldap composer.