BooksStack on CentOS 7
BookStack is a simple, self-hosted, easy-to-use platform for organising and storing information.
What you need:
Fresh install of CentOS 7 or other RHEL7 clone.
EPEL and IUS Community Project repositories.
Add the repositories
yum -y install epel-releaseĀ
yum -y install https://centos7.iuscommunity.org/ius-release.rpm
Update the system and install the packages
yum update -y && reboot
yum -y install git mariadb101u-server nginx php72u php72u-cli php72u-fpm php72u-gd php72u-json php72u-mbstring php72u-mysqlnd php72u-openssl php72u-tidy php72u-tokenizer php72u-xml php72u-ldap
Start and secure MySQL
systemctl restart mariadb.service # Start MySQL service
mysql_secure_installation # Set root password
mysql -u root -p # Enter root password
Create database and user
CREATE DATABASE IF NOT EXISTS bookstackdb DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;
GRANT ALL PRIVILEGES ON bookstackdb.* TO 'bookstackuser'@'localhost' IDENTIFIED BY 'YourAwesomePassword' WITH GRANT OPTION;
FLUSH PRIVILEGES;
quit
Configure Nginx
Update SOCKS permissions for php-fpm
Update /etc/php-fpm.d/www.conf
configuration. Look for and update the following settings.
listen = /var/run/php-fpm.sock
listen.owner = nginx ; SOCKS permission
listen.group = nginx ; SOCKS permission
listen.mode = 0660 ; SOCKS permission
user = nginx ; PHP-FPM running user
group = nginx ; PHP-FPM running group
php_value[session.save_path] = /var/www/sessions
Backup original Nginx configuration file
mv /etc/nginx/nginx.conf /etc/nginx/nginx.conf.orig\
Create a new config file
vim /etc/nginx/nginx.conf
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
include /etc/nginx/conf.d/*.conf;
}
Bookstack configuration
vim /etc/nginx/conf.d/bookstack.conf
server {
listen 80;
server_name localhost;
root /var/www/BookStack/public;
access_log /var/log/nginx/bookstack_access.log;
error_log /var/log/nginx/bookstack_error.log;
client_max_body_size 1G;
fastcgi_buffers 64 4K;
index index.php;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README) {
deny all;
}
location ~ \.php(?:$|/) {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_pass unix:/var/run/php-fpm.sock;
}
location ~* \.(?:jpg|jpeg|gif|bmp|ico|png|css|js|swf)$ {
expires 30d;
access_log off;
}
}
Setting up composer
cd /usr/local/bin # Enter the directory where composer will be installed
curl -sS https://getcomposer.org/installer | php # Install composer
mv composer.phar composer # Rename composer
Download BookStack code
cd /var/www # Change to where BookStack will be installed
mkdir /var/www/sessions # Create php sessions directory
git clone https://github.com/BookStackApp/BookStack.git --branch release --single-branch # Clone the latest from the release branch
cd BookStack && composer install # Change to the BookStack directory, and let composer do the rest
Create the .env file
Update the database settings. The rest of the parameters are safe defaults.
cp .env.example .env # Copy the example config
vim .env # Update the new config with database.
Set permissions and generate the database. You should still be in the BookStack directory.
php artisan key:generate --force # Generate and update APP_KEY
chown -R nginx:nginx /var/www/{BookStack,sessions} # Change ownership to the webserver
php artisan migrate --force # Generate database tables
Setup Let's Encrypt
yum install -y certbot-nginx # Install certbot
certbot --nginx -d books.clusterapps.com # Run certbot. Follow the prompts.
Final cleanup
firewall-cmd --permanent --add-service={http,https}
systemctl enable nginx.service mariadb.service php-fpm.service
systemctl reboot
Once the system has finished booting, open a browser and head to https://your.url