If you are looking for a guide on how to install wallabag on Rocky Linux 9, here’s everything you need to know.
Wallabag is a service installed on a server that allows a read-it-later feature for web pages. By using this feature, you can save web pages for reading it later in your leisure time. Some of the software that provides similar functionality as wallabag is Pocket and Instapaper. However, wallabag is different from this software as it is installed on the server end. The following are the objectives of today’s article:
- We will discuss in detail how to install wallabag on Rocky Linux 9.
- In addition, we will also talk about the installation of pre-requisite software such as nginx, MySQL, composer, and PHP.
In order to follow the article, you must have:
- A computer running Rocky Linux 9.
- Access to the root account or a user with sudo privileges.
- A fully qualified domain name.
Before moving towards installation instructions, we will briefly discuss wallabag and its features.
What is wallabag?
It is a web application that can be used to save web pages. You can then view the saved pages later on. The amazing part is that it extracts the content. So the user will not be distracted later on through pop-ups. It is free and open source. Even though you can create an account on wallabag. To use the service, the best approach is to install wallabag on Rocky Linux 9 on your own server.
How to Install Wallabag on Rocky Linux 9
We will now discuss the process to install wallabag on Rocky Linux 9 and set up the configuration of wallabag.
Step 1 – Update your system
The very first step is to update your system. Open your Terminal and type the following command:
$ sudo dnf update
Step 2- Installation of pre-requisite packages
Some of the pre-requisite packages that we will need throughout the tutorial can be installed using the following command:
$ sudo dnf install wget curl nano unzip yum-utils –y
Step 3- Configuration of firewall
We will now configure the firewall. Note that Rocky Linux uses the firewall firewalld. Follow the steps below to configure the firewall, after which you can proceed to install wallabag on Rocky Linux 9.
Check the status of the firewall
We will first check the status of the firewall using the following command:
$ sudo firewall-cmd --state
You should see an output such as ‘running’. This implies that the firewall is running. The firewall can work on different zones; however, we will use the default public zone.
Open HTTP and HTTPS port
First, see the list of all the services running and the active port on the firewall via the following command:
$ sudo firewall-cmd --permanent --list-services
Note that wallabag needs HTTP and HTTPS to function. So, we should open these ports. Open HTTP port via the following command:
$ sudo firewall-cmd --permanent --add-service=http
Then, open HTTPS using the command below:
$ sudo firewall-cmd --permanent --add-service=https
Apply the firewall changes
Now, reload the firewall to apply the changes. Type the following command on the Terminal:
$ sudo firewall-cmd --reload
Now, list down the services again:
$ sudo firewall-cmd --permanent --list-services
You should see that HTTP and HTTPS are now on the list of services.
Step 4- Install PHP and extensions
We will now install PHP and its extensions.
Install epel repository
Install the epel repository via the following command:
$ sudo dnf install epel-release –y
Install remi repository and enable the Remi PHP 8.1 repository
The remi repository can be installed via the following command:
$ sudo dnf install https://rpms.remirepo.net/enterprise/remi-release-9.rpm
Check for available PHP stream using the following command:
$ dnf module list php –y
Enable Remis PHP 8.1 repository via the following command:
$ sudo dnf module reset php -y
$ sudo dnf module enable php:remi-8.
Installation of PHP
Finally, we will install PHP and its required extensions using the following command:
$ sudo dnf install php-fpm php-mysql php-bcmath php-xml php-zip php-curl php-mbstring php-gd php-tidy php-intl php-cli php-opcache
To verify the installation, check the version of PHP using the following command:
$ php --version
Edit the configuration file
Now, we will edit www.conf file. First, open it in your favorite editor as follows:
$ sudo nano /etc/php-fpm.d/www.conf
Replace user=apache and group=apache as follows:
...
; Unix user/group of processes
; Note: The user is mandatory. If the group is not set, the default user's group
; will be used.
; RPM: apache user chosen to provide access to the same directories as httpd
user = nginx
; RPM: Keep a group allowed to write in log dir.
group = nginx
...
Now, edit the socket file owner, group, and default permission as follows:
; Set permissions for unix socket, if one is used. In Linux, read/write
; permissions must be set in order to allow connections from a web server.
; Default Values: user and group are set as the running user
; mode is set to 0660
listen.owner = nginx
listen.group = nginx
listen.mode = 0660
Now, comment on the following line:
;listen.acl_users = apache,nginx
Note: ‘;’ is used for commenting out the file
Save the file and then close the editor. You can close the editor by using Ctrl + X.
Setting permission for session directory
Now, set the permission for PHP session directory as follows:
$ sudo chown -R nginx:nginx /var/lib/php/session/
Finally, enable and start PHP-FPM service as follows:
$ sudo systemctl enable php-fpm --now
Step 5 – Installation of composer
We will need to install composer as it is required by Wallabag. Follow the steps below.
Download composer
The composer can be downloaded with the help of the following command:
$ php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
$ php composer-setup.php --2.2
$ php -r "unlink('composer-setup.php');"
Installation of composer
Move the binary composer.phar to /usr/local/bin using the following command:
$ sudo mv composer.phar /usr/local/bin/composer
Finally, verify the installation as follows:
$ composer –version
You should see the desired version of the composer.
Step 6 – Installation of MySQL
The next step is the installation of MySQL. Follow the steps below.
Installing and verifying MySQL
The installation of MySQL is very simple. Install it using the following command:
$ sudo dnf install mysql-server
Now, check and verify the version of MySQL as follows:
$ mysql –version
Start MySQL service
The service can be started using the following command:
$ sudo systemctl enable mysqld –now
Now, run the following command:
$ sudo mysql_secure_installation
You will see the following output:
You will also be asked to set up a new root password. Specify a new password according to the requirements. Then follow the steps below:
- Install the validate password component by pressing ‘Y’.
- Set the new root password.
- Finally, remove the anonymous user.
- Disallow remote root logins.
- Remove the test database.
- Reload the privilege table.
Step 7 – Configure MySQL
Now, we will configure MySQL. Follow the steps below.
Login to MySQL
Login to MySQL via the following command:
$ sudo mysql -u root –p
Create the database and user account
Now, run the following queries to create a database, user, and grant privileges:
mysql> CREATE DATABASE wallabag;
mysql> CREATE USER 'wallabaguser'@'localhost' IDENTIFIED BY 'Your_password2';
mysql> GRANT ALL PRIVILEGES ON wallabag.* TO 'wallabaguser'@'localhost';
mysql> FLUSH PRIVILEGES;
Finally, exit the shell via the following command:
mysql> exit
Step 8 – Install nginx
As a part of the process to install wallabag on Rocky Linux 9, you need to download the latest version of nginx. Follow the steps below.
Edit /etc/yum.repos.d/nginx.repo file
First, we will need to edit /etc/yum.repos.d/nginx.repo file. Type the following command:
$ sudo nano /etc/yum.repos.d/nginx.repo
Now, edit the file as follows:
[nginx-stable]
name=nginx stable repo
baseurl=http://nginx.org/packages/centos/$releasever/$basearch/
gpgcheck=1
enabled=1
gpgkey=https://nginx.org/keys/nginx_signing.key
module_hotfixes=true
[nginx-mainline]
name=nginx mainline repo
baseurl=http://nginx.org/packages/mainline/centos/$releasever/$basearch/
gpgcheck=1
enabled=0
gpgkey=https://nginx.org/keys/nginx_signing.key
module_hotfixes=true
Install nginx server
Finally, install the nginx server using the following command:
$ sudo dnf install -y nginx
You can verify the installation as follows:
$ nginx –v
Enable and start nginx server
You can enable and start nginx server through the following command:
$ sudo systemctl enable nginx –now
Finally, check the status using the following command:
$ sudo systemctl status nginx
You should see the following output:
Step 9 – Install SSL
We will also install SSL on the server. Follow the steps below.
Installation of Certbot
First, install snapd via the following command:
$ sudo dnf install -y snapd
Then, enable and start snapd as follows:
$ sudo systemctl enable snapd –now
Install snapcore package as follows:
$ sudo snap install core && sudo snap refresh core
Create necessary links for snapd as follows:
$ sudo ln -s /var/lib/snapd/snap /snap $ echo 'export PATH=$PATH:/var/lib/snapd/snap/bin' | sudo tee -a /etc/profile.d/snapd.sh
Finally, install Certbot as follows:
$ sudo snap install --classic certbot
Now, create a symbolic link:
$ sudo ln -s /snap/bin/certbot /usr/bin/certbot
To verify the installation, run the following command:
$ certbot –version
Generate SSL certificate
Generate an SSL certificate as follows:
$ sudo certbot certonly --nginx --agree-tos --no-eff-email --staple-ocsp --preferred-challenges http -m [email protected] -d wallabag.example.com
Generate a Diffie-Hellman group certificate as follows:
$ sudo openssl dhparam -dsaparam -out /etc/ssl/certs/dhparam.pem 4096
Check the scheduler service as follows:
$ sudo systemctl list-timers
You should see snap.certbot.renew.service in the list. Finally, run the following command to see if SSL renewal is working:
$ sudo certbot renew --dry-run
If you see no error, you are ready to go.
Step 10 – Install Wallabag
After installation and configuration of pre-requisite software, we are now ready to install wallabag.
Create HTML directory
First, create an HTML directory as follows:
$ sudo mkdir /var/www/html/wallabag –p
Download Wallabag
Using the wget command, download the latest version of Wallabag as follows:
$ wget https://wllbg.org/latest-v2-package
Once downloaded, extract the directory as follows:
$ tar xzf latest-v2-package
Move the directory and create asset directory
Now, move the downloaded package to the directory created earlier as follows:
$ sudo mv wallabag-2.5.4/* /var/www/html/wallabag
Create an asset directory as follows:
$ sudo mkdir /var/www/html/wallabag/data/assets
Also, change the permission of /var/www/html/wallabag to the currently logged-in user as follows:
$ sudo chown -R $USER:$USER /var/www/html/wallabag
Edit parameters.yaml file
Change the current directory to wallabag as follows:
$ cd /var/www/html/wallabag
Now, create parameters.yaml file using the following command:
$ cp app/config/parameters.yml.dist app/config/parameters.yml
Generate a secret key as follows:
$ openssl rand -base64 32
Now, we will open parameters.yaml file in our favorite editor for editing:
$ nano app/config/parameters.yml
Fill in the database details as follows:
..........
database_driver: pdo_mysql
database_host: 127.0.0.1
database_port: 3306
database_name: wallabag
database_user: wallabaguser
database_password: Your_password2
Provide the domain name:
domain_name: https://wallabag.example.com
server_name: "Howtoforge Wallabag"
Then, provide SMTP details:
mailer_transport: smtp
mailer_user: YOUR_AES_USERNAME
mailer_password: YOUR_AES_PASSWORD
mailer_host: email-smtp.us-west-2.amazonaws.com
mailer_port: 587
mailer_encryption: tls
Provide the secret key generated previously:
# A secret key that's used to generate certain security-related tokens
secret: QLV/GpZwDobQbyQZQ15FkM1Hvt+ZFJZXw8GW9F4KR3o=
# two factor stuff
twofactor_auth: true
twofactor_sender: [email protected]
# fosuser stuff
fosuser_registration: true
fosuser_confirmation: true
.....
from_email: [email protected]
.....
You may also provide the configuration for Redis, RabbitMQ, and Sentry. Save the file and close the editor.
Install dependencies for wallabag
Now, install the dependencies for wallabag using composer:
$ SYMFONY_ENV=prod composer install --no-dev -o --prefer-dist
Finish the installation by typing the following command:
$ php bin/console wallabag:install --env=prod
Then in the next few steps, do the following:
- When asked to reset the database and schema, press ‘no’
- You will be asked to create an administrator account. Press ‘Yes’. Then, provide a username, password, and email ID.
Finally, change the directory permission to nginx as follows:
$ sudo chown -R nginx:nginx /var/www/html/wallabag
Step 11 – Configuration of SELinux
The next step is the configuration of SELinux.
Change file security context
Change the file security context using the following commands:
$ sudo semanage fcontext -a -t httpd_sys_content_t "/var/www/html/wallabag(/.*)?"
$ sudo semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/html/wallabag/data(/.*)?"
$ sudo semanage fcontext -a -t httpd_log_t "/var/www/html/wallabag/var/logs(/.*)?"
$ sudo semanage fcontext -a -t httpd_cache_t "/var/www/html/wallabag/var/cache(/.*)?"
Apply policies
Apply the policy using the following command:
$ sudo restorecon -R -v /var/www/html/wallabag
Allow nginx to give the policy to MySQL as follows:
$ sudo setsebool -P httpd_can_network_connect_db 1
Step 12 – Configure nginx and PHP
The final step to install wallabag on Rocky Linux 9 is the configuration of nginx and PHP. Follow the steps below.
Edit www.conf
Edit the file /etc/php/8.1/fpm/pool.d/www.conf using your favorite editor as follows:
...
; Unix user/group of processes
; Note: The user is mandatory. If the group is not set, the default user's group
; will be used.
; RPM: apache user chosen to provide access to the same directories as httpd
user = nginx
; RPM: Keep a group allowed to write in log dir.
group = nginx
...
Change the socket file owner, group, and default permission line as follows:
; Set permissions for unix socket, if one is used. In Linux, read/write
; permissions must be set in order to allow connections from a web server.
; Default Values: user and group are set as the running user
; mode is set to 0660
listen.owner = nginx
listen.group = nginx
listen.mode = 0660
Change the line with listen.acl_users as follows:
;listen.acl_users = apache,nginx
Save the file and then exit.
Change the configuration parameters of PHP-FPM and PHP-CLI
Increase the execution time for PHP-FPM and PHP-CLI as follows:
$ sudo sed -i 's/max_execution_time = 30/max_execution_time = 60/' /etc/php/8.1/fpm/php.ini
$ sudo sed -i 's/max_execution_time = 30/max_execution_time = 60/' /etc/php/8.1/cli/php.ini
Increase the memory limit for PHP-FPM as follows:
$ sudo sed -i 's/memory_limit = 128M/memory_limit = 256M/' /etc/php/8.1/fpm/php.ini
Finally, restart the PHP-FPM service as follows:
$ sudo systemctl restart php8.1-fpm
In the last step, change the group of PHP sessions directory to nginx using the command below:
$ sudo chgrp -R nginx /var/lib/php/sessions
Edit wallabag.conf for nginx
Change the /etc/nginx/conf.d/wallabag.conf file as follows using your favorite editor:
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name wallabag.example.com;
access_log /var/log/nginx/wallabag.access.log;
error_log /var/log/nginx/wallabag.error.log;
# SSL
ssl_certificate /etc/letsencrypt/live/wallabag.example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/wallabag.example.com/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/wallabag.example.com/chain.pem;
ssl_session_timeout 5m;
ssl_session_cache shared:MozSSL:10m;
ssl_session_tickets off;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
ssl_ecdh_curve X25519:prime256v1:secp384r1:secp521r1;
ssl_stapling on;
ssl_stapling_verify on;
ssl_dhparam /etc/ssl/certs/dhparam.pem;
resolver 8.8.8.8;
root /var/www/html/wallabag/web;
location / {
try_files $uri /app.php$is_args$args;
}
# Pass PHP Scripts To FastCGI Server
location ~ ^/app\.php(/|$) {
fastcgi_split_path_info ^(.+\.php)(/.*)$;
fastcgi_pass unix:/run/php/php8.1-fpm.sock; # Depends On The PHP Version
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
fastcgi_param DOCUMENT_ROOT $realpath_root;
include fastcgi_params;
internal;
}
location ~ \.php$ {
return 404;
}
}
# enforce HTTPS
server {
listen 80;
listen [::]:80;
server_name wallabag.example.com;
return 301 https://$host$request_uri;
}
Save the file and close the editor.
Edit nginx.conf
Then, edit the /etc/nginx/nginx.conf file as follows:
server_names_hash_bucket_size 64; include /etc/nginx/conf.d/*.conf;
Save the file and close the editor. Now, verify the nginx configuration via the following command:
$ sudo nginx –t
Finally, restart the nginx service using the command below:
$ sudo systemctl restart nginx
Step 13- Access the wallabag
Finally, after you install wallabag on Rocky Linux 9 and configure it, we are now ready to use the service. Point your browser to the following URL:
https://wallabag.example.com
You should see the screen below:
Provide your username and password to log in. You will then see the dashboard. Now, you are ready to use wallabag.
In this article, we have talked about how to install wallabag on Rocky Linux 9. Wallbag is a server-based application that can be used to save web pages for reading later on. We have seen the essential steps for the installation of pre-requisites software and configuration of wallabag. We hope you have enjoyed the article about how to install wallabag on Rocky Linux 9. If you want more details, they can be seen here.
If this guide helped you, please share it.
