Flarum is a free and open-source forum application or discussion platform that is fast and easy to use. This guide explains how to install Flarum on a one-click LAMP application on Ubuntu 20.04 and secure it with a Let's Encrypt SSL using Certbot.
Prerequisites
- Deploy a one-click LAMP Application on Ubuntu 20.04 from Rcs Marketplace Apps
- Create a non-root user with sudo access then login.
- Update the Ubuntu Server
Install Flarum
1. Change PHP Settings
Edit php.ini with Nano.
$ sudo nano /etc/php/7.4/fpm/php.ini
Press Ctrl + W and search for these settings, then edit the values to match these:
memory_limit = 256M max_execution_time = 300 upload_max_filesize = 150M allow_url_fopen = On file_uploads = On
Save and exit the file.
2. Create a Database for Flarum
Log in to the MariaDB shell.
$ sudo mysql
Create a database for Flarum. Replace
flarum_db
with your preferred database name.MariaDB [(none)]> CREATE DATABASE flarum_db;
Create a new user. Replace
flarum_user
with your preferred username andflarum_pass
with your preferred strong password.MariaDB [(none)]> CREATE USER 'flarum_user'@'localhost' IDENTIFIED BY 'flarum_pass';
Grant the new user all the privileges to
flarum_db
.MariaDB [(none)]> GRANT ALL PRIVILEGES ON flarum_db.* TO 'flarum_user'@'localhost';
Flush Privileges.
MariaDB [(none)]> FLUSH PRIVILEGES;
Exit MariaDB.
MariaDB [(none)]> exit
3. Install Composer
Composer is a tool for dependency management in PHP. Composer will be used to install Flarum dependencies since Flarum is written in PHP.
Install Composer.
$ sudo curl -s https://getcomposer.org/installer | php
Move
composer.phar
to the/usr/local/bin/
directory.$ sudo mv composer.phar /usr/local/bin/composer
Verify Composer Installation by checking its version.
$ composer -V
4. Install Flarum
Create a new Flarum directory inside the Apache web root directory.
$ sudo mkdir /var/www/html/flarum
Change directory to
/var/www/html/flarum
$ cd /var/www/html/flarum
Download the latest version of Flarum. Enter
yes
when prompted to continue as root/superuser, or you will encounter an error otherwise.$ sudo composer create-project flarum/flarum . --stability=beta
Install all Flarum PHP dependencies. Enter
yes
when prompted to continue as root/superuser, or you will encounter an error otherwise.$ sudo composer install
Change the ownership of the Flarum directory
/var/www/html/flarum
towww-data
.$ sudo chown -R www-data:www-data /var/www/html/flarum/
Give proper permission to the Flarum directory
/var/www/html/flarum
.$ sudo chmod -R 755 /var/www/html/flarum/
5. Configure Apache for Flarum
Create an Apache virtual host config file for Flarum.
$ sudo nano /etc/apache2/sites-available/flarum.conf
Paste this to your
flarum.conf
file. Replaceyour-domain-name.com
with your domain name.<VirtualHost *:80> DocumentRoot /var/www/html/flarum/public ServerName your-domain-name.com DirectoryIndex index.php <Directory /var/www/html/flarum/public/> Options +FollowSymLinks AllowOverride All Order allow,deny allow from all </Directory> ErrorLog ${APACHE_LOG_DIR}/flarum-error.log CustomLog ${APACHE_LOG_DIR}/flarum-access.log combined </VirtualHost>
Save and exit the file.
Enable the Flarum virtual host.
$ sudo a2ensite flarum
Enable the Apache rewrite module, also known as
mod_rewrite
.$ sudo a2enmod rewrite
Restart the Apache Service.
$ sudo systemctl restart apache2
6. Enable the Ubuntu Firewall
Enable the Ubuntu Firewall. Enter `y' when prompted to proceed with the operation.
$ sudo ufw enable
Check the firewall status. Ensure that the ports that you will use (SSH - Port 22, HTTP - Port 80) are allowed.
$ sudo ufw status
If you don't see the ports listed above, you need to allow them.
$ sudo ufw allow 22,80/tcp
7. Finishing Flarum Installation
- Navigate to your server's IP address in your web browser.
- Fill out all the details such as the Forum Title, the Database name, the Database username and password, and the admin credentials.
- After filling out all the details, click Install Flarum to finish setting up Flarum.
- You will be redirected to your Forum once the installation is finished.
You have finished installing Flarum.
Optional: Configure Domain Name and Setup Let's Encrypt SSL
Proceeding with this part of the guide assumes that you have your domain name.
1. Point Your Domain to Your Flarum Server
- Log in to your Domain provider's panel.
- Go to DNS Management or something similar to manage your DNS records.
- Add an A Record and point it to your Flarum cloud server (its IP Address). Note that DNS propagation may take up to 72 hours to take effect. You can use online DNS checkers to check your DNS propagation.
2. Setup Let's Encrypt SSL using Certbot
Install Certbot for Apache.
$ sudo apt-get install python3-certbot-apache -y
Install Let's Encrypt SSL for your Flarum website. Replace
your-domain-name.com
with your domain name.$ sudo certbot --apache -d your-domain-name.com
You will be asked to input your email address. You also need to read and Agree to their Terms of Service.
Saving debug log to /var/log/letsencrypt/letsencrypt.log Plugins selected: Authenticator apache, Installer apache Enter email address (used for urgent renewal and security notices) (Enter 'c' to cancel): youremail@example.com - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Please read the Terms of Service at https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must agree in order to register with the ACME server at https://acme-v02.api.letsencrypt.org/directory - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - (A)gree/(C)ancel: A - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Would you be willing to share your email address with the Electronic Frontier Foundation, a founding partner of the Let's Encrypt project and the non-profit organization that develops Certbot? We'd like to send you email about our work encrypting the web, EFF news, campaigns, and ways to support digital freedom. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - (Y)es/(N)o: Y Obtaining a new certificate Performing the following challenges: http-01 challenge for your-domain-name.com Waiting for verification... Cleaning up challenges Created an SSL vhost at /etc/apache2/sites-available/flarum-le-ssl.conf Deploying Certificate to VirtualHost /etc/apache2/sites-available/flarum-le-ssl.conf Enabling available site: /etc/apache2/sites-available/flarum-le-ssl.conf
Choose whether you want to redirect HTTP traffic to HTTPS or not. It is recommended to redirect all HTTP traffic to HTTPS.
Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 1: No redirect - Make no further changes to the webserver configuration. 2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for new sites, or if you're confident your site works on HTTPS. You can undo this change by editing your web server's configuration. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2 Redirecting vhost in /etc/apache2/sites-enabled/flarum.conf to ssl vhost in /etc/apache2/sites-available/flarum-le-ssl.conf
You should get the same output after the installation is finished.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Congratulations! You have successfully enabled https://your-domain-name.com You should test your configuration at: https://www.ssllabs.com/ssltest/analyze.html?d=your-domain-name.com - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - IMPORTANT NOTES: - Congratulations! Your certificate and chain have been saved at: /etc/letsencrypt/live/your-domain-name.com/fullchain.pem Your key file has been saved at: /etc/letsencrypt/live/your-domain-name.com/privkey.pem Your cert will expire on 2022-03-26. To obtain a new or tweaked version of this certificate in the future, simply run certbot again with the "certonly" option. To non-interactively renew *all* of your certificates, run "certbot renew" - Your account credentials have been saved in your Certbot configuration directory at /etc/letsencrypt. You should make a secure backup of this folder now. This configuration directory will also contain certificates and private keys obtained by Certbot so making regular backups of this folder is ideal. - If you like Certbot, please consider supporting our work by: Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate Donating to EFF: https://eff.org/donate-le - We were unable to subscribe you the EFF mailing list because your e-mail address appears to be invalid. You can try again later by visiting https://act.eff.org.
On your SSH terminal, edit
config.php
from the Flarum directory.$ sudo nano /var/www/html/flarum/config.php
Find
'url'
then changehttp://
tohttps://
. You need to replace your server's IP Address with your domain name as well. For example:'url' => 'http://192.168.0.1',
should be:
'url' => 'https://your-domain-name.com',
Save and exit the file.
Allow HTTPS Port (Port 443) on the firewall.
$ sudo ufw allow 443
Test your SSL Configuration on SSL Labs.
You now have successfully installed and secured Flarum on your Rcs server.
More Information
For more information about Flarum, Certbot, and Let's Encrypt SSL, please see these resources: