[Markdown] 

Hubzilla Installation On AWS: Home

Hubzilla Installation on AWS (Single Instance, Free Tier)

Prerequisites

  1. An Amazon Web Services Account
  2. A domain name. We'll be using example.com (You can get a domain name free for up to 12 months from Freenom)

Server Instance Configuration

Launch a new Amazon EC2 instance with the following steps

  1. Choose AMI: Ubuntu Server 18.04 LTS (HVM), SSD Volume Type
  2. Choose Instance Type: t2.micro (free tier)
  3. Configure Instance Details: Use the default settings, and check the Protect against accidental termination checkbox
  4. Add Storage: Use defaults
  5. Add Tags: A Name tag is always helpful e.g www.example.com
  6. Configure Security Group: Create a new security group to allow SSH, HTTP and HTTPS only
  7. Download new key pair (We'll call ours keypair.pem)

Once the instance has launched, obtain the IPv4 Public IP from the instance's Description Tab. We'll call this ip_address. Using a Bash Terminal in Linux (Git For Windows ships with a Bash emulator for Windows users)

chmod 400 keypair.pem
ssh -i keypair.pem ubuntu@ip_address

Once you have connected to the instance, run an update

sudo apt update && sudo apt upgrade -y

Webserver Installation

Basic Installation and Testing

Install Apache 2

sudo apt install apache2

Then configure a webspace for example.com (NB: remember, of course, to replace example.com with your own domain name in this and other steps)

sudo mkdir -p /var/www/example.com/html
sudo chown -R www-data:www-data /var/www/example.com/html/
sudo chmod -R 755 /var/www/example.com/html/

To configure the default Virtual Host for HTTP traffic, create a new configuation file:

sudo nano /etc/apache2/sites-available/example.com.conf

and add the following text:

<VirtualHost :80>
    ServerAdmin admin@example.com
    ServerName example.com
    ServerAlias www.example.com
    DocumentRoot /var/www/example.com/html
    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

Then, enable the new site

sudo a2ensite example.com.conf

and disable the default site that ships with Apache2

sudo a2dissite 000-default.conf

Check the configuration

sudo apache2ctl configtest

If you get a response "Syntax OK", you're good to go.

Restart apache2

sudo service apache2 restart

Next, create an 'index.html' file for the default site

sudo nano /var/www/example.com/html/index.html

and add the following text:

<!DOCTYPE html>
<html>
    <head>
        <meta charset="utf-8">
        <title>Welcome to Example.Com</title>
    </head>
    <body>
         <h2>It Works!!</h2>
         <p>You have been able to connect to your hubzilla server</p>
    </body>
</html>

Then navigate to http://example.com in your browser and check that you can see the test page

Configuring HTTPS with LetsEncrypt

Install Certbot

sudo certbot --apache -d example.com -d www.example.com

Answer the questions as required and certbot will automatically convert your site to an HTTPS version.

Navigate to your website, https://example.com to check that it works. You should see the same simple web page we created earlier, only this time there should be a padlock icon in the address bar. You can also verify the security status using SSL Labs Server Test.

Finally, test the certificate renewal process, to ensure that the site will be able to automatically renew it's certificate when required

sudo certbot renew --dry-run

Database Installation and Configuration

Install MySQL Server

sudo apt install mysql-server 

Secure your mysql install

sudo mysql_secure_installation

Create a strong root password and respond 'yes' to all the default secure settings when prompted i.e.

Remove anonymous users? [Y/n]: Y
Disallow root login remotely? [Y/n]: Y
Remove test database and access to it? [Y/n]:  Y
Reload privilege tables now? [Y/n]:  Y

Create the database

Login to mysql as root

sudo mysql -u root -p

At the mysql prompt, enter the following:

mysql> CREATE DATABASE hubzilla DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
mysql> CREATE USER 'hubzilla'@'localhost' IDENTIFIED BY 'strong_password';
mysql> GRANT SELECT,INSERT,UPDATE,DELETE,CREATE,CREATE TEMPORARY TABLES,DROP,INDEX,ALTER ON hubzilla.* TO hubzilla@localhost;
mysql> FLUSH PRIVILEGES;
mysql> EXIT;

replacing 'strong_password' with a password made of a mix of alphanumerics and special characters

Install PHP

sudo apt install php7.2 php7.2-mysql php7.2-curl php7.2-json php7.2-cli php7.2-gd php7.2-xml php7.2-mbstring php7.2-imagick php7.2-zip wget -y

Install Postfix for PHP mail

sudo apt install mailutils

During setup, choose the 'Internet Site' option (default) and use your domain name as the mail name. Then configure postfix by editing the main.cf configuration file

sudo nano /etc/postfix/main.cf

The entry for inet_interfaces, located toward the end of the file, should be set to equal loopback-only as

inet_interfaces = loopback-only

Then restart postfix

sudo service postfix restart

Install Hubzilla

We will install hubzilla in a separate folder under the webroot example.com

sudo apt install git
cd /var/www/example.com/
sudo git clone https://framagit.org/hubzilla/core.git -b master hubzilla
cd hubzilla
sudo util/add_addon_repo https://framagit.org/hubzilla/addons.git hzaddons

We then have two options:

  1. (Quick) We edit the DocumentRoot to point to '/var/www/example.com/hubzilla' in the following files:

    /etc/apache2/sites-available/example.com.conf

    /etc/apache2/sites-available/example.com-le-ssl.conf

    or

  2. (Formal) We create new sites-available configurations:

    sudo cp /etc/apache2/sites-available/example.com.conf /etc/apache2/sites-available/hubzilla.conf

    sudo cp /etc/apache2/sites-available/example.com-le-ssl.conf /etc/apache2/sites-available/hubzilla-le-ssl.conf

with both their DocumentRoot attribute pointing to '/var/www/example.com/hubzilla'. We then enable these files via

sudo a2ensite hubzilla.conf
sudo a2ensite hubzilla-le-ssl.conf

and disable the old sites

sudo a2dissite example.com.conf
sudo a2dissite example.com-le-ssl.conf

Restart apache after these changes:

sudo service apache2 restart

Configure the HTTPS site for rewrite

Edit the example.com SSL configuration file

sudo nano /etc/apache2/sites-available/example.com-le-ssl.conf

and add the following lines after the 'CustomLog' line:

<Directory /var/www/example.com/hubzilla/>
    Options FollowSymlinks
    AllowOverride All
    Require all granted
</Directory>

Now navigate to the hubzilla site at https://example.com and complete the installation

Configure CRON

sudo crontab -e

pick your favourite editor (nano is the easiest). Then add the line at the end of the file:

*/10 * * * * cd /var/www/example.com/hubzilla; /usr/bin/php Zotlabs/Daemon/Master.php Cron > /dev/null 2>&1