meta data for this page
  •  

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision		Previous revision
installation [2023/02/04 16:32] – created - external edit 127.0.0.1installation [2024/05/04 16:08] (current) – add picture wrongecho
Line 1: Line 1:
-====== Installation - Local via apt ======+====== Requirements ====== 
 +  * [[https://ubuntu.com|Ubuntu]] Server with root shell access (SSH) 
 +  * Some packages: [[https://httpd.apache.org|Apache]], [[https://mariadb.org|MariaDB]], [[https://php.net|PHP]], etc 
 +  * Familiarity with the Linux shell 
 +  * A little patience and willingness to troubleshoot when things go wrong
  
-===== Security message ===== 
  
-  * This project is currently in **Beta** with many ongoing changes+====== Choose your Installation Method ======
  
-  * The current fast pace of development/change may unintentionally introduce bugs/security issues+ITFlow is written in PHP and works best on Apache with MariaDB as the back-end database. We recommend running ITFlow on Ubuntu using the installation script.
  
-  * **Whilst we are confident the code is safe, nothing in life is 100% safe or risk-free**+  * **[[installation_script|Installation via Script]] -- Recommended method ([[https://www.youtube.com/watch?v=kKz9NOU_1XE|video]])** 
 +  * [[installation_apt|Manual Installation on Ubuntu]] 
 +  [[installation_hestiacp| HestiaCP Install]] 
 +  [[installation_docker|Installation via Docker Container]] //(unsupported)//
  
-  * Use your best judgment before storing confidential information in the app+//You're more than welcome to try other methods and ways of running ITFlow, but it will be bumpy & have very limited support. We assume that if you're comfortable enough to deviate from the methods above, you're comfortable to debug the entire stack on your own.//
  
-  * Need to report a security issue? Check the [[https://github.com/itflow-org/itflow/security/policy|security policy]]+{{:itflow-setup.png?600|}}
  
-  * **ITFlow comes with ABSOLUTELY NO WARRANTY, to the extent permitted by applicable law** 
  
-===== Install Overview ===== +====== Post-installation essential housekeeping ====== 
-ITFlow runs on most "standard" Linux web servers. For the core functionality, you just need Apache, a database (MariaDB is highly recommended over MySQL) and PHP.+
  
-  - Install a LAMP stack (Linux, Apache, MariaDB & PHP) +A few steps to ensure everything stays running smoothly:
-  - Create a SQL database, username & password +
-  - Clone ITFlow (https://github.com/itflow-org/itflow.git) in your web directory root +
-  - Point your browser to https://itflow.yourdomain.com +
-  - Go!+
  
-There's also [[https://github.com/itflow-org/itflow_install_script/blob/main/itflow_install.sh|a script]] that automates this process for you and uses Let's Encrypt certificates.+  * [[backups|Backups]]: Especially your master encryption key 
 +  * [[config_php|Config.php]]: Check you don't need to add any specific variables (e.g. not using HTTPS) 
 +  * [[cron|Cron]]For scheduled activities //(the install script adds these for you)// 
 +  * [[email_config|Email Configuration]]: To send outbound emails (invoicing, tickets, etc) 
 +  * [[ticket_email_parse|Email to Ticket]]: To receive inbound ticketing emails
  
-===== Ubuntu Setup Guide ===== 
-**Update apt** 
- 
-  * ''sudo apt update'' 
- 
-**Install Apache** 
- 
-  * ''sudo apt install apache2 -y'' 
- 
-**Install MariaDB** 
- 
-  * ''sudo apt install mariadb-server -y'' 
- 
-**Install PHP** 
- 
-  * ''sudo apt install php php-intl php-imap php-mailparse php-mysqli php-curl libapache2-mod-php -y'' 
- 
-**Install Git & whois** 
- 
-  * ''sudo apt install git whois -y'' 
- 
-**Harden your Linux installation**. //As a starting point:// 
- 
-  * MariaDB: ''sudo mysql_secure_installation'' 
-  * UFW: ''sudo ufw allow ssh'' & ''sudo ufw allow "Apache Full"'' & ''sudo ufw enable'' 
-  * Consider setting up a web app firewall, like [[https://github.com/SpiderLabs/ModSecurity|ModSecurity]] 
- 
-**Enable PHP** //(hint: hit tab after typing php to get a suggested version number)// 
- 
-  * ''sudo a2enmod php8.1'' 
- 
-**Enable SSL** 
- 
-  * ''sudo a2enmod ssl'' 
- 
-**Add public/private TLS keys.** //You could also use LetsEncrypt, but setting this up is beyond the scope of this guide.// 
-  * Place public key at: ''/etc/ssl/certs/public.pem'' 
-  * Place private key at: ''/etc/ssl/private/private.key'' 
- 
-**Adjust Apache's default SSL config** to reflect the location of your keys: 
- 
-  * ''sudo nano /etc/apache2/sites-available/default-ssl.conf'' - Adjust: 
-    * ''SSLCertificateKeyFile /etc/ssl/certs/public.pem'' 
-    * ''SSLCertificateFile /etc/ssl/private/private.key'' 
- 
-**Check Apache config** 
- 
-  * ''sudo apachectl configtest'' 
- 
-**Enable the 00-default site** 
- 
-  * ''sudo a2ensite default-ssl'' 
- 
-**Reload Apache Service** to apply the changes 
- 
-  * ''sudo systemctl reload apache2'' 
- 
-**Test: HTTP & HTTPS** 
- 
-  * Check you can access the default Apache page using HTTP & HTTPS 
- 
-**Configure Apache to redirect HTTP to HTTPS** 
- 
-  * ''sudo nano /etc/apache2/sites-enabled/000-default.conf'' 
-    * Add the line ''Redirect permanent / https://itflow.yourdomain.com/'' (or similar) under the VirtualHost for port 80 
-  
-**Log in to the database** 
-  * ''sudo mysql -u root'' 
- 
-**Create a new database for ITFlow** 
-  * ''MariaDB> CREATE DATABASE itflow;'' 
-  * ''MariaDB> FLUSH PRIVILEGES;'' 
-   
-**Setup a user for the ITFlow app** 
-  * ''MariaDB> CREATE USER 'itflow'@'localhost' IDENTIFIED BY 'supersecurepassword';'' 
-  * ''MariaDB> GRANT ALL PRIVILEGES on itflow.* to 'itflow'@'localhost';'' 
-  * ''exit'' 
-   
-**Clone ITFlow to the Apache web directory** 
-  * ''cd /var/www/html'' 
-  * ''rm index.html'' 
-  * ''git clone https://github.com/johnnyq/itflow.git .'' 
-   
-**Set the web folder to be owned by Apache** 
-  * ''sudo chown -R www-data:www-data /var/www/html'' 
- 
-**Set web folder permissions** //(all, for now, we'll change this after setup)// 
-  * ''sudo chmod -R 777 /var/www/html'' 
- 
-**Run through the initial setup by navigating to your web server using HTTPS** 
-  * Provide the database name, username, and password you set up earlier when prompted 
-   
-**Once complete, tidy up the webserver permissions** 
-  * ''sudo find /var/www/html -type d -exec chmod 775 {} \;'' 
-  * ''sudo find /var/www/html -type f -exec chmod 664 {} \;'' 
-  * ''sudo chmod 640 /var/www/html/config.php'' 
-   
-==== Essential Housekeeping ==== 
- 
-  * [[wiki:backups|Backups]]: Especially your master encryption key 
-  * [[wiki:config_php|Config.php]]: Check you don't need to add any specific variables (e.g. not using HTTPS) 
-  * [[wiki:cron|Cron]]: For scheduled activities 
-  * [[wiki:email_config|Email Configuration]]: To send outbound emails (invoicing, tickets, etc) 
-  * [[wiki:ticket_email_parse|Email to Ticket]]: To receive inbound ticketing emails 
- 
-**Done!**