Skip to main content

BookStack on CentOS 7

BookStack is a simple, self-hosted, easy-to-use platform for sharing and storing information.

What you need:

Fresh install of CentOS 7 or other RHEL7 clone.

EPEL and IUS Community Project repositories.

Add the repositories

yum -y install epel-releaseĀ 

yum -y install

Update the system and install the packages

yum update -y && reboot

yum -y install git mariadb101u-server nginx php72u php72u-cli php72u-fpm php72u-gd php72u-json php72u-mbstring php72u-mysqlnd php72u-openssl php72u-tidy php72u-tokenizer php72u-xml php72u-ldap

Start and secure MySQL

systemctl restart mariadb.service   # Start MySQL service
mysql_secure_installation   # Set root password 
mysql -u root -p   # Enter root password 

Create database and user

GRANT ALL PRIVILEGES ON bookstackdb.* TO 'bookstackuser'@'localhost' IDENTIFIED BY 'YourAwesomePassword' WITH GRANT OPTION;

Configure Nginx

Update SOCKS permissions for php-fpm

Update /etc/php-fpm.d/www.conf configuration. Look for and update the following settings.

listen = /var/run/php-fpm.sock
listen.owner = nginx ; SOCKS permission = nginx ; SOCKS permission
listen.mode = 0660 ; SOCKS permission
user = nginx ; PHP-FPM running user
group = nginx ; PHP-FPM running group
php_value[session.save_path]    = /var/www/sessions

Backup original Nginx configuration file

mv /etc/nginx/nginx.conf /etc/nginx/nginx.conf.orig\

Create a new config file

vim /etc/nginx/nginx.conf

user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/;

include /usr/share/nginx/modules/*.conf;

events {
    worker_connections 1024;

http {
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile            on;
    tcp_nopush          on;
    tcp_nodelay         on;
    keepalive_timeout   65;
    types_hash_max_size 2048;

    include             /etc/nginx/mime.types;
    default_type        application/octet-stream;

    include /etc/nginx/conf.d/*.conf;

Bookstack configuration

vim /etc/nginx/conf.d/bookstack.conf

server {
  listen 80;
  server_name localhost;
  root /var/www/BookStack/public;

  access_log  /var/log/nginx/bookstack_access.log;
  error_log  /var/log/nginx/bookstack_error.log;

  client_max_body_size 1G;
  fastcgi_buffers 64 4K;

  index  index.php;

  location / {
    try_files $uri $uri/ /index.php?$query_string;

  location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README) {
    deny all;

  location ~ \.php(?:$|/) {
    fastcgi_split_path_info ^(.+\.php)(/.+)$;
    include fastcgi_params;
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    fastcgi_param PATH_INFO $fastcgi_path_info;
    fastcgi_pass unix:/var/run/php-fpm.sock;

  location ~* \.(?:jpg|jpeg|gif|bmp|ico|png|css|js|swf)$ {
    expires 30d;
    access_log off;

Setting up composer

cd /usr/local/bin   # Enter the directory where composer will be installed
curl -sS | php   # Install composer
mv composer.phar composer   # Rename composer

Download BookStack code

cd /var/www   # Change to where BookStack will be installed
mkdir /var/www/sessions   # Create php sessions directory
git clone --branch release --single-branch   # Clone the latest from the release branch
cd BookStack && composer install   # Change to the BookStack directory, and let composer do the rest

Create the .env file
Update the database settings. The rest of the parameters are safe defaults. A sample is available here:

cp .env.example .env   # Copy the example config
vim .env   # Update the new config with database.

Set permissions and generate the database. You should still be in the BookStack directory.

php artisan key:generate --force   # Generate and update APP_KEY 
chown -R nginx:nginx /var/www/{BookStack,sessions}   # Change ownership to the webserver
php artisan migrate --force   # Generate database tables

Setup Let's Encrypt

yum install -y certbot-nginx # Install certbot
certbot --nginx -d # Run certbot. Follow the prompts.

Final cleanup

firewall-cmd --permanent --add-service={http,https}
systemctl enable nginx.service mariadb.service php-fpm.service
systemctl reboot

Once the system has finished booting, open a browser and head to https://your.url