Updated Debian 8 Install (markdown)

2025-08-11 15:34:21 -04:00 · 2018-07-01 19:52:58 -04:00 · 2018-07-01 19:52:58 -04:00 · ff35bda98c
commit ff35bda98c
parent 260f96f9c5
1 changed files with 75 additions and 92 deletions
--- a/Debian-8-Install.md
+++ b/Debian-8-Install.md
@ -1,48 +1,41 @@
 # InvoiceNinja Self Hosted on Debain 8 

+InvoiceNinja Self Hosted on Debain 8
 Deploy Invoice Ninja On Debian 8 Securely:

+Login as root: Update and install dependencies:

-Login as root:
-Update and install dependencies:
+apt-get update && apt-get -y upgrade

-
-`apt-get update && apt-get -y upgrade`
-
-`apt-get install python-software-properties git curl openssl mariadb-server`
+apt-get install python-software-properties git curl openssl mariadb-server

 Now lets secure the database, read the questions asked and reply Y to all of them in most cases. Remember the password you set.

-`mysql_secure_installation`
-
+mysql_secure_installation

 Lets create the database for Invoice Ninja:

-`mysql -uroot -p`
+mysql -uroot -p

-`CREATE DATABASE invoiceNinja;`
+CREATE DATABASE invoiceNinja;

-`CREATE USER 'ninja'@'localhost' IDENTIFIED BY 'ninja';`
+CREATE USER 'ninja'@'localhost' IDENTIFIED BY 'ninja';

-`GRANT ALL PRIVILEGES ON `invoiceNinja`.* TO 'ninja'@'localhost';`
+GRANT ALL PRIVILEGES ONinvoiceNinja.* TO 'ninja'@'localhost';

-`FLUSH PRIVILEGES;`
-
-`exit`
+FLUSH PRIVILEGES;

+exit

 Now lets install php and nginx our webserver. I have choosen PHP version 7.1

-`apt-get install nginx php7.1 php7.1-fpm php7.1-cli php7.1-mcrypt php7.1-gd php7.1-curl php7.1-common php7.1-gmp php7.1-json php7.1-zip php7.1-xml php7.1-readline php7.1-opcache php7.1-mysql php7.1-mbstring`
-
+apt-get install nginx php7.1 php7.1-fpm php7.1-cli php7.1-mcrypt php7.1-gd php7.1-curl php7.1-common php7.1-gmp php7.1-json php7.1-zip php7.1-xml php7.1-readline php7.1-opcache php7.1-mysql php7.1-mbstring

 Install composer which manages the install of Invoice Ninja :

-
 curl -sS https://getcomposer.org/installer | php

-`sudo mv composer.phar /usr/local/bin/composer`
-
+sudo mv composer.phar /usr/local/bin/composer

 Installing Invoice Ninja:

@ -52,11 +45,11 @@ cd to your install location

 git clone https://github.com/hillelcoren/invoice-ninja.git ninja

-`composer install --no-dev -o`
+composer install --no-dev -o

 Now edit your user file for php-fpm

-`nano /etc/php/7.1/fpm/pool.d/`
+nano /etc/php/7.1/fpm/pool.d/

 In that file find

@ -64,20 +57,17 @@ listen = /var/run/php-....

 and change it to this, if it already the same, continue.

-
-`listen = /var/run/php-fpm.sock`
-
+listen = /var/run/php-fpm.sock

 Next edit the Invoice Ninja config of your site.

-`cd /etc/nginx/sites-available`
+cd /etc/nginx/sites-available

-`touch **yoursitename**`
+touch **yoursitename**

-Example:   `touch ninja.com or ninja.home`
-
-`nano yoursitename`
+Example: touch ninja.com or ninja.home

+nano yoursitename

 Copy the contents below. We will make the certificates in the next step just edit the name or path if you want.

@ -89,46 +79,46 @@ Replace the root path with your install folder /public

 server {

-    listen 443 default;
+listen 443 default;

-    server_name yoursite;
+server_name yoursite;

-    ssl on;
+ssl on;

-    ssl_certificate     /etc/nginx/ssl/ininja.crt;
+ssl_certificate     /etc/nginx/ssl/ininja.crt;

-    ssl_certificate_key /etc/nginx/ssl/ininja.key;
+ssl_certificate_key /etc/nginx/ssl/ininja.key;

-    ssl_session_timeout 5m;
+ssl_session_timeout 5m;

-    ssl_ciphers               'AES128+EECDH:AES128+EDH:!aNULL';
+ssl_ciphers               'AES128+EECDH:AES128+EDH:!aNULL';

-    ssl_protocols              TLSv1 TLSv1.1 TLSv1.2;
+ssl_protocols              TLSv1 TLSv1.1 TLSv1.2;

-    ssl_prefer_server_ciphers on;
+ssl_prefer_server_ciphers on;

-    root /home/user/invoice-ninja/public;
+root /home/user/invoice-ninja/public;

-    index index.html index.htm index.php;
+index index.html index.htm index.php;

-    charset utf-8;
+charset utf-8;

-    location / {
+location / {

    try_files $uri $uri/ /index.php?$query_string;

-    }
-    location = /favicon.ico { access_log off; log_not_found off; }
+}
+location = /favicon.ico { access_log off; log_not_found off; }

-    location = /robots.txt  { access_log off; log_not_found off; }
+location = /robots.txt  { access_log off; log_not_found off; }

-    access_log  /var/log/nginx/ininja.access.log;
+access_log  /var/log/nginx/ininja.access.log;

-    error_log   /var/log/nginx/ininja.error.log;
+error_log   /var/log/nginx/ininja.error.log;

-    sendfile off;
+sendfile off;

-    location ~ \.php$ {
+location ~ \.php$ {

    fastcgi_split_path_info ^(.+\.php)(/.+)$;

@ -146,69 +136,62 @@ server {

    fastcgi_buffers 4 16k;

-    }
-    location ~ /\.ht {
+}
+location ~ /\.ht {

    deny all;

-    }
-
+}
 }

 server {

-    listen      80;
+listen      80;

-    server_name yoursite;
+server_name yoursite;

-    add_header Strict-Transport-Security max-age=2592000;
-
-    rewrite ^ ? permanent;
+add_header Strict-Transport-Security max-age=2592000;

+rewrite ^ ? permanent;
 }

-
-
-
 If you notice, this file is created in the sites-available folder. But there is a sites-enabled folder, so we will link this file to that folder.

-`sudo ln -s /etc/nginx/sites-available/**your_ininja_site** /etc/nginx/sites-enabled/**your_ininja_site**`
+sudo ln -s /etc/nginx/sites-available/**your_ininja_site** /etc/nginx/sites-enabled/**your_ininja_site**

 Now Invoice Ninja and the WebServer are configured to only allow https. In the file above under listen 443 we made references to certificates. Let us create those certificates now.

-`mkdir -p /etc/nginx/ssl`
+mkdir -p /etc/nginx/ssl

-`cd /etc/nginx/ssl`
+cd /etc/nginx/ssl

-`openssl genrsa -des3 -passout pass:x -out ininja.pass.key 2048`
+openssl genrsa -des3 -passout pass:x -out ininja.pass.key 2048

-`openssl rsa -passin pass:x -in ininja.pass.key -out ininja.key`
+openssl rsa -passin pass:x -in ininja.pass.key -out ininja.key

-`rm ininja.pass.key`
+rm ininja.pass.key

-`openssl req -new -key ininja.key -out ininja.csr`
+openssl req -new -key ininja.key -out ininja.csr

-`openssl x509 -req -days 365 -in ininja.csr -signkey ininja.key -out ininja.crt`
+openssl x509 -req -days 365 -in ininja.csr -signkey ininja.key -out ininja.crt

 Set correct permissions:

-`chown -R  www-data:www-data /yourinstallpath`
+cd /path/to/ninja/install

-`cd /path/to/ninja/install`
+touch .env
+sudo chown www-data:www-data .env

-`chmod -R 755 storage`
-
-`sudo chown -R www-data:www-data storage bootstrap public/logo`
+sudo chmod -R 755 storage

+sudo chown -R www-data:www-data storage bootstrap public/logo

 Ok lets see if this all works

-`service php7.1-fpm restart`
+service php7.1-fpm restart

-`service nginx restart`
+service nginx restart

-If you can restart those services then you are up and running securely!! 
-Go to your ip or FQDN and hope for the best. If you see the Invoice Ninja setup GUI you are all done :)
-Follow the on screen instructions to complete the setup.
+If you can restart those services then you are up and running securely!! Go to your ip or FQDN and hope for the best. If you see the Invoice Ninja setup GUI you are all done :) Follow the on screen instructions to complete the setup.