How To Install FileRun on CentOS 8
In this tutorial, we will install a FileRun instance on a CentOS 8 server running Apache, MariaDB 10 and PHP 7.4 as FPM.
DigitalOcean users: Start by preparing a Centos 8 server with this tutorial.
Prerequisites
Before you begin this tutorial you'll need a CentOS 8 server.
This guide assumes that you have some experience with editing text
files from the command line. We are using vim in our examples. Prior
experience with installing and configuring Apache, MariaDB or PHP is
however not necessary.
Step 1 --- Installing Apache
The following two commands will install, and start, the Apache web server:
1sudo yum install httpd
2sudo systemctl start httpd.service
3sudo systemctl enable httpd.service
You can verify that by visiting your server's public IP address in your web browser. You should see the Apache welcoming page, letting you know that it is working properly.
Step 2 --- Installing MariaDB 10
Now that we have our web server up and running, it is time to install a database server. This server will be managing the FileRun database which holds the application settings, the users settings and information about your files.
With two simple commands the database server MariaDB will be installed and running:
1sudo yum install mariadb-server
2sudo systemctl start mariadb
Now that our MariaDB server is running, we want to run a simple script which will improve the security of our database:
1sudo mysql_secure_installation
The prompt will ask you for your current MariaDB root password. Since
you just installed MariaDB, you won't have one, so leave it blank by
pressing ENTER. Then the prompt will help you set a password:
Enter current password for root (enter for none):
OK, successfully used password, moving on...
Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorization.
Set root password? [Y/n] y
New password: PASSWORD
Re-enter new password: PASSWORD
Password updated successfully!
Reloading privilege tables..
... Success!
For the rest of the questions, you should simply hit the ENTER key
through each prompt to accept the default values. This will remove some
sample users and databases, disable remote root logins, and load these
new rules, so that MariaDB immediately respects the changes we have made.
The last thing you will want to do is enable MariaDB to start on boot. Use the following command to do so:
1sudo systemctl enable mariadb.service
The database server is now configured and we can proceed with creating our FileRun database and the user account which will access it.
To get started, log into MariaDB with the root account:
1mysql -u root -p
Enter the password you set for the MariaDB root user when you installed the server.
FileRun requires a separate database for storing its data. While you can
call this database whatever you prefer, we will be using the name
filerun for this example.
1CREATE DATABASE filerun;
Next, create a separate MariaDB user account that will interact with the
newly created database. Creating one-function databases and accounts is
a good idea from a management and security standpoint. As with the
naming of the database, choose a username that you prefer. We chose to
go with the name filerun for this guide.
1GRANT ALL ON filerun.* to 'filerun'@'localhost' IDENTIFIED BY 'YOUR-DB-PASSWORD';
Note: Be sure to put an actual password where the command states: YOUR-DB-PASSWORD
With the user assigned access to the database, perform the flush-privileges operation to ensure that the running instance of MariaDB knows about the recent privilege assignment:
1FLUSH PRIVILEGES;
This concludes the configuration of MariaDB, therefore we will quit the session by typing:
1exit
Make a note of the database name filerun, the username filerun and
the password YOUR-DB-PASSWORD as we will need this information again
shortly.
Step 3 --- Installing PHP-FPM 7.4
Given that CentOS 8 still provides by default the older PHP version 7.2 we first need to enable the newer yum module:
1sudo yum module enable php:7.4
We can now install PHP 7.4:
1sudo yum install php-fpm
Next, create the system startup links for PHP-FPM and start it:
1sudo systemctl enable php-fpm.service
2sudo systemctl start php-fpm.service
PHP-FPM is a daemon process (with the init script /etc/init.d/php-fpm)
that runs a FastCGI server on port 9000.
To make Apache work with PHP-FPM we edit the Apache configuration file:
1sudo vi /etc/httpd/conf/httpd.conf
and adding this somewhere near the end (before the
IncludeOptional conf.d/*.conf line):
1<Proxy "unix:/run/php-fpm/www.sock|fcgi://php-fpm">
2 ProxySet disablereuse=off
3</Proxy>
4
5<FilesMatch \.php$>
6 SetHandler proxy:fcgi://php-fpm
7</FilesMatch>
Next, higher up in the same configuration file, locate the
DirectoryIndex directive and append index.php:
1DirectoryIndex index.html index.php
Restart Apache and now PHP is installed.
1sudo systemctl restart httpd.service
Step 4 --- Configuring PHP
The following command will install the PHP modules needed by FileRun:
1sudo yum install php-mbstring php-opcache php-pdo php-mysqlnd php-gd php-xml php-zip php-json
One last module which is not included in the yum repository is
ionCube. Download and extract the latest ionCube version using the
following commands:
1cd /usr/lib64/php/modules
2sudo wget http://downloads3.ioncube.com/loader_downloads/ioncube_loaders_lin_x86-64.tar.gz
3sudo tar xvfz ioncube_loaders_lin_x86-64.tar.gz
Next, let's create a file which will automatically get appended by PHP to its configuration. This will include all the settings needed by FileRun.
1sudo vi /etc/php.d/01_filerun.ini
Paste the following inside the created file:
1expose_php = Off
2error_reporting = E_ALL & ~E_NOTICE
3display_errors = Off
4display_startup_errors = Off
5log_errors = On
6ignore_repeated_errors = Off
7allow_url_fopen = On
8allow_url_include = Off
9variables_order = "GPCS"
10allow_webdav_methods = On
11memory_limit = 128M
12max_execution_time = 300
13output_buffering = Off
14output_handler = ""
15zlib.output_compression = Off
16zlib.output_handler = ""
17safe_mode = Off
18register_globals = Off
19magic_quotes_gpc = Off
20upload_max_filesize = 20M
21post_max_size = 20M
22enable_dl = Off
23disable_functions = ""
24disable_classes = ""
25session.save_handler = files
26session.use_cookies = 1
27session.use_only_cookies = 1
28session.auto_start = 0
29session.cookie_lifetime = 0
30session.cookie_httponly = 1
31date.timezone = "UTC"
32
33zend_extension = /usr/lib64/php/modules/ioncube/ioncube_loader_lin_7.4.so
Note: You can find the latest FileRun recommended PHP settings here.
Finally, we need to restart the PHP-FPM service for the changes to take effect:
1sudo systemctl restart php-fpm.service
Your server now meets all the requirements and we can proceed with installing FileRun.
Step 6 --- Installing FileRun
Download the FileRun installation zip archive from the FileRun client account: https://my.filerun.com
Place it in the root folder of your webserver (/var/www/html/).
And extract the files:
1unzip FileRun.zip
Make Apache the owner of the system/data folder so that it can make
change:
1sudo chown -R apache:apache system/data
If SElinux is installed and enabled, we need to change the context for Apache to be able to make changes inside that folder:
1chcon -t httpd_sys_rw_content_t -R system/data
Now, open your web browser and point it to http://YOUR-SERVER-IP/
From here you just have to follow the installer, which will help you get FileRun running with just a few clicks:
FileRun installer welcome screen
Click Next to proceed. Review the server requirements check and make
sure there is no red error message:
FileRun server requirements check
Click Next to proceed with the database connection setup:
- Type in the
Database nameyou used at the step 2 of this tutorial:filerun - Type in the
MySQL user:filerun - Type in the
Password:set_database_password - Then click
Next
FileRun database connection setup
You will be presented with the following screen, letting you know that FileRun has been successfully installed:
FileRun successfull installation
Important: Make sure you made a copy of the username and password displayed on the screen, before proceeding. The password is being randomly generated at this step. Do not use the password from this tutorial screenshot, it won't work on your install.
Click Next to open FileRun. You should see the login page:
FileRun login page
Type in the previously copied credentials and hit Sign in.
Additional configuration
Pointing a FileRun user account to an existing folder, you will most probably need to adjust the server's SE context to allow access:
1chcon -t httpd_sys_rw_content_t -R /your/folder
You might want to allow PHP to connect to external servers, for example to be able to update FileRun
1setsebool -P httpd_can_network_connect on
and also allow Apache to be accessible through the firewall:
1firewall-cmd --permanent --zone=public --add-service=http
2firewall-cmd --permanent --zone=public --add-service=https
3firewall-cmd βreload
Step 7 --- Securing the FileRun installation
As soon as you sign into FileRun you will be prompted to change the password. Although the automatically generated password is quite secure, it's still a good idea to set your own.
Important: The FileRun superuser is the only account not protected against brute force login attacks, so it is very important that you set a password that cannot be guessed by a computer. Set a long password, containing also uppercase letters, digits and symbols.
Next, connect to the MariaDB server again:
1mysql -u root -p
Update the configured MariaDB user account and remove the ALTER and
DROP privileges.
1REVOKE ALTER, DROP ON filerun.* FROM 'filerun'@'localhost';
2FLUSH PRIVILEGES;
You will need to add these permissions back before you will be installing any FileRun software update in the future. To do that, connect again to the database server and runt the following commands:
1GRANT ALTER, DROP ON filerun.* TO 'filerun'@'localhost';
2FLUSH PRIVILEGES;
Adding SSL
Install Certbot: https://certbot.eff.org/instructions?ws=apache&os=centosrhel8 Create an Apache virtual host: https://serverspace.io/support/help/apache-virtual-hosts-on-centos-8/ (You can point the virtual host to the same "/var/www/html") Run the certbot:
certbot --apache
Add HTTP to HTTPS redirect via /var/www/html/.htaccess:
1RewriteEngine On
2RewriteCond %{SERVER_PORT} 80
3RewriteRule ^(.*)$ https://yourdomain.com/$1 [R,L]
Conclusion
You have now successfully deployed FileRun on a CentOS 8 server. It's time to upload your files, photos, music or work documents and start sharing.