Updated v4 Installation (markdown)

2025-07-31 15:42:03 -04:00 · 2022-03-20 15:41:30 +11:00 · 2022-03-20 15:41:30 +11:00 · 64b7f5c5e9
commit 64b7f5c5e9
parent 40307350f1
1 changed files with 156 additions and 0 deletions
--- a/v4-Installation.md
+++ b/v4-Installation.md
@ -1,5 +1,161 @@
 v4 installation guides
 # Host Invoice Ninja on FreeNAS with a self signed cert
 First lets create the iocage jail, you can do this through the new UI but its waaay faster to use CLI. ssh into freenas and lets get going.
 ### Create the iocage jail (Replace the ip and router ip with what works for you):
 `iocage create -n InvoiceNinja -r 11.2-RELEASE ip4_addr="vnet0|192.168.1.23/24" defaultrouter="192.168.1.1" vnet="on" allow_raw_sockets="1" boot="on"`
 ### Lets log into the jail:
 `iocage console InvoiceNinja`
 ### Install all the dependencies:
 `pkg install -y nginx nano git curl openssl mariadb103-server php71 php71-ctype php71-pdo php71-pdo_mysql php71-session php71-iconv php71-filter php71-openssl php71-phar php71-mysqli aws-sdk-php php71-simplexml php72-xmlreader php72-xmlwriter php72-fileinfo php72-pear-PHP_Parser php72-tokenizer php72-gd php72-curl php72-gmp php72-json php72-zip php72-xml php72-readline php72-opcache php72-mbstring php72-iconv-7.2.31 php72-simplexml-7.2.31`
 ### AutoStart php, mysql and nginx:
 `sysrc mysql_enable=YES`<br>
 `sysrc nginx_enable=YES`<br>
 `sysrc php_fpm_enable=YES`<br>
 `service nginx start`<br>
 `service mysql-server start`<br>
 `service php-fpm start`<br>
 ### Modify php files to host the web server using user www:
 `sed -i '' -e 's?listen = 127.0.0.1:9000?listen = /var/run/php-fpm.sock?g' /usr/local/etc/php-fpm.d/www.conf`<br><br>
 `sed -i '' -e 's/;listen.owner = www/listen.owner = www/g' /usr/local/etc/php-fpm.d/www.conf`<br><br>
 `sed -i '' -e 's/;listen.group = www/listen.group = www/g' /usr/local/etc/php-fpm.d/www.conf`<br><br>
 `sed -i '' -e 's/;listen.mode = 0660/listen.mode = 0600/g' /usr/local/etc/php-fpm.d/www.conf`<br><br>
 `cp /usr/local/etc/php.ini-production /usr/local/etc/php.ini`<br><br>
 `sed -i '' -e 's?;cgi.fix_pathinfo=1?cgi.fix_pathinfo=0?g' /usr/local/etc/php.ini`<br><br>
 ### Create the MySQL database for invoice ninja:
 `mysql -u root -e "CREATE DATABASE ninja;"`<br>
 `mysql -u root  -e "CREATE USER 'ninja'@'localhost' IDENTIFIED BY 'ninja';"`<br>
 `mysql -u root -e "GRANT ALL PRIVILEGES ON ninja.* TO 'ninja'@'localhost';"`<br>
 `mysql -u root -e "FLUSH PRIVILEGES;"`<br>
 ### Secure the database:
 Answer most of the questions with yes. Read them.
 `mysql_secure_installation`<br>
 ### Install Invoice Ninja (Installed to /usr/local/ninja):
 `curl -sS https://getcomposer.org/installer | php`<br>
 `mv composer.phar /usr/local/bin/composer`<br>
 `mkdir /usr/local/ninja`<br>
 `git clone https://github.com/hillelcoren/invoice-ninja.git /usr/local/ninja`<br>
 `cd /usr/local/ninja && composer install --no-dev -o `<br>
 ### Generate a self signed cert named "ininja":
 `mkdir -p /etc/nginx/ssl`<br>
 `openssl genrsa -des3 -passout pass:x -out /etc/nginx/ssl/ininja.pass.key 2048`<br>
 `openssl rsa -passin pass:x -in /etc/nginx/ssl/ininja.pass.key -out /etc/nginx/ssl/ininja.key`<br>
 `rm /etc/nginx/ssl/ininja.pass.key`<br>
 `openssl req -new -key /etc/nginx/ssl/ininja.key -out /etc/nginx/ssl/ininja.csr`<br><br>
 `openssl x509 -req -days 365 -in /etc/nginx/ssl/ininja.csr -signkey /etc/nginx/ssl/ininja.key -out /etc/nginx/ssl/ininja.crt` <br>
 ### Set correct permissions for invoice ninja:
 `touch /usr/local/ninja/.env`<br>
 `chown www:www /usr/local/ninja/.env`<br>
 `chmod -R 755 /usr/local/ninja/storage`<br>
 `cd /usr/local/ninja && chown -R www:www storage bootstrap public/logo`<br>
 ### Now lets create the nginx config. Replace the server_name with your IP or domain name:
 `rm /usr/local/etc/nginx/nginx.conf`<br>
 `nano /usr/local/etc/nginx/nginx.conf`<br>
 Copy the contents below and replace ip the wiki formatted it weird, copy everything after nginx.conf till the next heading:
 ### nginx.conf
 events {
    worker_connections  1024;
 }
 http {
    include       mime.types;
    default_type  application/octet-stream;
    sendfile        on;
    keepalive_timeout  65;
 	server {
 		listen      443 default;
 		server_name 192.168.1.23;
 		ssl on;
 		ssl_certificate     /etc/nginx/ssl/ininja.crt;
 		ssl_certificate_key /etc/nginx/ssl/ininja.key;
 		ssl_session_timeout 5m;
 		ssl_ciphers               'AES128+EECDH:AES128+EDH:!aNULL';
 		ssl_protocols              TLSv1 TLSv1.1 TLSv1.2;
 		ssl_prefer_server_ciphers on;
 		root /usr/local/ninja/public;
 		index index.html index.htm index.php;
 		charset utf-8;
 		location / {
 			try_files $uri $uri/ /index.php?$query_string;
 		}
 		location = /favicon.ico { access_log off; log_not_found off; }
 		location = /robots.txt  { access_log off; log_not_found off; }
 		access_log  /var/log/nginx/ininja.access.log;
 		error_log   /var/log/nginx/ininja.error.log;
 		sendfile off;
 		location ~ \.php$ {
 			fastcgi_split_path_info ^(.+\.php)(/.+)$;
 			fastcgi_pass unix:/var/run/php-fpm.sock;
 			fastcgi_index index.php;
 			include fastcgi_params;
 			fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
 			fastcgi_intercept_errors off;
 			fastcgi_buffer_size 16k;
 			fastcgi_buffers 4 16k;
 		}
 		location ~ /\.ht {
 			deny all;
 		}
 	}
 	server {
 		listen      80;
 		server_name 192.168.1.23;
 		add_header Strict-Transport-Security max-age=2592000;
 		rewrite ^ https://$server_name$request_uri? permanent;
 	}
 }
 ### Ok lets restart all the services you should be able to access the GUI setup on https://yourip
 **HTTPS!** 
 `service mysql-server restart`<br>
 `service php-fpm restart`<br>
 `service nginx restart`<br>
 # InvoiceNinja Self Hosted on Debain 8