Faruque Ahmed : MCP, MCSA, MCSE, MCTS, MCIT, CCNA, OCA, OCP, GCP

Rainloop

Install Nginx.

# apt install nginx

Check the installation:

# nginx -v

nginx version: nginx/1.22.0

Install and Configure PHP

# add-apt-repository ppa:ondrej/php

# apt install php8.0-fpm php8.0-curl php8.0-mbstring php8.0-mysql php8.0-xml php8.0-cli

# php --version

systemctl status php8.0-fpm

# vi /etc/php/8.0/fpm/php.ini

max_execution_time = 300

memory_limit = 512M;

post_max_size = 80M;

upload_max_filesize = 50M;

date.timezone = Asia/Dhaka

systemctl restart apache2

# vi /etc/php/8.0/fpm/pool.d/www.conf

...; Unix user/group of processes; Note: The user is mandatory. If the group is not set, the default user's group; will be used.; RPM: apache user chosen to provide access to the same directories as httpduser = nginx; RPM: Keep a group allowed to write in log dir.group = nginx
...; Set permissions for unix socket, if one is used. In Linux, read/write; permissions must be set in order to allow connections from a web server. Many; BSD-derived systems allow connections regardless of permissions. The owner; and group can be specified either by name or by their numeric IDs.; Default Values: user and group are set as the running user; mode is set to 0660listen.owner = nginx

listen.group = nginx

# systemctl restart php8.0-fpm

Configure MySQL

# mysql -u root -p

mysql> CREATE DATABASE rainloop;mysql> CREATE USER 'rainuser'@'localhost' IDENTIFIED BY 'YourPassword23';mysql> GRANT ALL ON rainloop.* TO 'rainuser'@'localhost';mysql> FLUSH PRIVILEGES;
mysql> exit

Install Rainloop

mkdir /var/www/html/rainloop -p

wget https://www.rainloop.net/repository/webmail/rainloop-latest.zip

unzip rainloop-latest.zip -d /var/www/html/rainloop

chown -R nginx:nginx /var/www/html/rainloop

find /var/www/html/rainloop -type d -exec chmod 755 {} \;

find /var/www/html/rainloop -type f -exec chmod 644 {} \;

Install SSL [Let's Encrypt, ]

Snapd is preinstalled in Ubuntu 22.04 by default. To ensure that your version of Snapd is up-to-date, run the following command:

snap install core

Install Certbot.

snap install --classic certbot

By making a symbolic link to the /usr/bin directory, the following command can be used to make sure that the Certbot command can be executed.

ln -s /snap/bin/certbot /usr/bin/certbot

For Rainloop, create an SSL certificate.

certbot certonly --standalone --agree-tos --no-eff-email --staple-ocsp --preferred-challenges http -m name@example.com -d rainloop.example.com

Create a Diffie-Hellman group certificate.

openssl dhparam -out /etc/ssl/certs/dhparam.pem 4096

Editing can be done by opening the file /etc/letsencrypt/renewal/rainloop.example.com.conf.

# vi /etc/letsencrypt/renewal/rainloop.example.com.conf

Add the next line of code to the bottom.

pre_hook = systemctl stop nginxpost_hook = systemctl start nginx

Configure Nginx

# vi /etc/nginx/nginx.conf

Paste the following code beneath the line include /etc/nginx/conf.d/*.conf; that you found.

server_names_hash_bucket_size 64;

# vi /etc/nginx/conf.d/rainloop.conf
----------------------------

Add the next line of code to it.

server {
    listen 443 ssl http2;    listen [::]:443 ssl http2;
    server_name rainloop.example.com;    root /var/www/html/rainloop;
    index index.php;    client_max_body_size 25M;
    access_log /var/log/nginx/rainloop.access.log;    error_log /var/log/nginx/rainloop.error.log;
    ssl_certificate /etc/letsencrypt/live/rainloop.example.com/fullchain.pem;    ssl_certificate_key /etc/letsencrypt/live/rainloop.example.com/privkey.pem;    ssl_trusted_certificate /etc/letsencrypt/live/rainloop.example.com/chain.pem;        ssl_session_timeout 5m;    ssl_session_cache shared:MozSSL:10m;    ssl_session_tickets off;        ssl_protocols TLSv1.2 TLSv1.3;    ssl_prefer_server_ciphers on;    ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;    ssl_ecdh_curve X25519:prime256v1:secp384r1:secp521r1;    ssl_stapling on;    ssl_stapling_verify on;    ssl_dhparam /etc/ssl/certs/dhparam.pem;
    location / {        try_files $uri $uri/ /index.php?$query_string;    }
    location ~ \.php$ {        fastcgi_index index.php;        fastcgi_split_path_info ^(.+\.php)(.*)$;        fastcgi_keep_conn on;        include fastcgi_params;        fastcgi_pass unix:/run/php/php8.0-fpm.sock;        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;    }
    location ~ /\.ht {        deny all;    }
    location ^~ /data {        deny all;    }}# enforce HTTPSserver {    listen 80;    listen [::]:80;    server_name rainloop.example.com;    return 301 https://$host$request_uri;}

By hitting Ctrl + X and typing Y when requested,

                                                                                                      --------------------------------------

If you don't have a domain, you can use the below configuration:

server {
    listen 80;    listen [::]:80;
    server_name rainloop.example.com;    root /var/www/html/rainloop;
    index index.php;    client_max_body_size 25M;
    access_log /var/log/nginx/rainloop.access.log;    error_log /var/log/nginx/rainloop.error.log;

    location / {        try_files $uri $uri/ /index.php?$query_string;    }
    location ~ \.php$ {        fastcgi_index index.php;        fastcgi_split_path_info ^(.+\.php)(.*)$;        fastcgi_keep_conn on;        include fastcgi_params;        fastcgi_pass unix:/run/php/php8.0-fpm.sock;        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;    }
    location ~ /\.ht {        deny all;    }
    location ^~ /data {        deny all;    }}

---------------------------------------

Check the syntax of the Nginx configuration, and remove default conf.

# nginx -t# rm /etc/nginx/conf.d/default.conf

Start the Nginx service again.

# systemctl restart nginx

Configure and Access Rainloop

URL https://rainloop.example.com/?admin.

LL

Page updated

Google Sites

Report abuse