Destroyed Debian 8 Install (markdown)

2025-07-31 15:42:03 -04:00 · 2022-03-20 15:40:56 +11:00 · 2022-03-20 15:40:56 +11:00 · 028957290b
commit 028957290b
parent b75fb19115
1 changed files with 0 additions and 209 deletions
--- a/Debian-8-Install.md
+++ b/Debian-8-Install.md
@ -1,209 +0,0 @@
 # InvoiceNinja Self Hosted on Debain 8 
 InvoiceNinja Self Hosted on Debain 8
 Deploy Invoice Ninja On Debian 8 Securely:
 ## Login as root then Update and install dependencies:
 `apt-get update && apt-get -y upgrade`
 `apt-get install python-software-properties git curl openssl mariadb-server`
 Now lets secure the database, read the questions asked and reply Y to all of them in most cases. Remember the password you set.
 `mysql_secure_installation`
 ## Lets create the database for Invoice Ninja:
 `mysql -uroot -p`
 `CREATE DATABASE invoiceNinja;`
 `CREATE USER 'ninja'@'localhost' IDENTIFIED BY 'n1njaNinj@R0ck';`
 `GRANT ALL PRIVILEGES ON invoiceNinja.* TO 'ninja'@'localhost';`
 `FLUSH PRIVILEGES;`
 `exit`
 ## Now lets install php and nginx our webserver. I have choosen PHP version 7.1
 `apt-get install nginx php7.1 php7.1-fpm php7.1-cli php7.1-mcrypt php7.1-gd php7.1-curl php7.1-common php7.1-gmp php7.1-json php7.1-zip php7.1-xml php7.1-readline php7.1-opcache php7.1-mysql php7.1-mbstring`
 ## Install composer which manages the install of Invoice Ninja :
 `curl -sS https://getcomposer.org/installer | php`
 `sudo mv composer.phar /usr/local/bin/composer`
 ## Installing Invoice Ninja:
 Choose a location for your invoice ninja install. I choose to install it in my user's home folder.
 cd to your install location then
 `git clone https://github.com/hillelcoren/invoice-ninja.git ninja && cd ninja`
 `composer install --no-dev -o`
 ## Lets setup FAMP stack. Edit your user file for php-fpm
 `nano /etc/php/7.1/fpm/pool.d/`
 In that file find
 listen = /var/run/php-....
 and change it to this, if it already the same, continue.
 `listen = /var/run/php-fpm.sock`
 ## Next edit the Invoice Ninja config of your site.
 cd /etc/nginx/sites-available
 `touch **yoursitename**`
 Example: touch ninja.com or ninja.home
 `nano yoursitename`
 Copy the contents below. We will make the certificates in the next step just edit the name or path if you want.
 MAKE SURE TO EDIT THE FOLLOWING
 Replace yoursite with yourstie. Example ninja.myface.home
 Replace the root path with your install folder /public<br />
 Copy the whole thing!!<br /><br />
 server {
 listen 443 default;
 server_name yoursite;
 ssl on;
 ssl_certificate     /etc/nginx/ssl/ininja.crt;
 ssl_certificate_key /etc/nginx/ssl/ininja.key;
 ssl_session_timeout 5m;
 ssl_ciphers               'AES128+EECDH:AES128+EDH:!aNULL';
 ssl_protocols              TLSv1 TLSv1.1 TLSv1.2;
 ssl_prefer_server_ciphers on;
 root /home/user/invoice-ninja/public;
 index index.html index.htm index.php;
 charset utf-8;
 location / {
    try_files $uri $uri/ /index.php?$query_string;
 }
 location = /favicon.ico { access_log off; log_not_found off; }
 location = /robots.txt  { access_log off; log_not_found off; }
 access_log  /var/log/nginx/ininja.access.log;
 error_log   /var/log/nginx/ininja.error.log;
 sendfile off;
 location ~ \.php$ {
    fastcgi_split_path_info ^(.+\.php)(/.+)$;
    fastcgi_pass ;
    fastcgi_index index.php;
    include fastcgi_params;
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    fastcgi_intercept_errors off;
    fastcgi_buffer_size 16k;
    fastcgi_buffers 4 16k;
 }
 location ~ /\.ht {
    deny all;
 }
 }
 server {
 listen      80;
 server_name yoursite;
 add_header Strict-Transport-Security max-age=2592000;
 rewrite ^ ? permanent;
 }
 <br /><br /><br />
 If you notice, this file is created in the sites-available folder. But there is a sites-enabled folder, so we will link this file to that folder.
 `sudo ln -s /etc/nginx/sites-available/**your_ininja_site** /etc/nginx/sites-enabled/**your_ininja_site**`
 Now Invoice Ninja and the WebServer are configured to only allow https. In the file above under listen 443 we made references to certificates.
 ## Let us create those certificates now.
 `mkdir -p /etc/nginx/ssl`
 `cd /etc/nginx/ssl`
 `openssl genrsa -des3 -passout pass:x -out ininja.pass.key 2048`
 `openssl rsa -passin pass:x -in ininja.pass.key -out ininja.key`
 `rm ininja.pass.key`
 `openssl req -new -key ininja.key -out ininja.csr`
 `openssl x509 -req -days 365 -in ininja.csr -signkey ininja.key -out ininja.crt`
 ## Set correct permissions for Invoice Ninja:
 `cd /path/to/ninja/install`
 `touch .env`
 `sudo chown www-data:www-data .env`
 `sudo chmod -R 755 storage`
 `sudo chown -R www-data:www-data storage bootstrap public/logo`
 ### Ok lets see if this all works:
 `service php7.1-fpm restart`
 `service nginx restart`
 If you can restart those services then you are up and running securely!! Go to your ip or FQDN and hope for the best. If you see the Invoice Ninja setup GUI you are all done :) 
 Follow the on screen instructions to complete the setup.