====== Information ======
* Grav ((https://getgrav.org/))
* Grav Admin Panel ((https://learn.getgrav.org/17/admin-panel))
* [[information:realm_of_espionage|Realm of Espionage]]
* https://realmofespionage.xyz
* :!: WIP
===== Prerequisites =====
* [[bsd:server:freebsd_16.0|FreeBSD 16.0]]
* [[servers:bsd:freenginx_php_php-fpm|freenginx + PHP + PHP-FPM]]
* [[servers:bsd:nginx:lets_encrypt|Certbot (Let's Encrypt)]]
====== Dependencies ======
* https://learn.getgrav.org/18/basics/requirements#php-requirements
su -
pkg install git-lite php85-composer php85-curl php85-gd php85-gmp php85-pdo php85-mbstring php85-intl php85-mysqli php85-zip php85-fileinfo php85-posix php85-dom php85-iconv php85-simplexml php85-pdo_mysql
====== Download Source ======
* https://github.com/friendica/friendica/commits/develop/
* https://github.com/friendica/friendica-addons/commits/develop/ ((Required for ''composer install'' even without any addons enabled))
su -
git clone --branch 'develop' --depth '1' --recurse-submodules 'https://github.com/friendica/friendica.git' '/usr/local/www/social' && chown -R 'www':'www' '/usr/local/www/social'
git clone --branch 'develop' --depth '1' --recurse-submodules 'https://github.com/friendica/friendica-addons.git' '/usr/local/www/social/addon' && chown -R 'www':'www' '/usr/local/www/social/addon'
====== Environment ======
===== Composer =====
su -
cd '/tmp' && su -m 'www' -c "'/usr/local/bin/php' -c '/usr/local/etc/php-fpm.d/social.conf' '/usr/local/bin/composer.phar' --working-dir='/usr/local/www/social' --no-cache install --no-dev"
====== Database ======
su -
mariadb
CREATE DATABASE friendica;
CREATE USER friendica@localhost IDENTIFIED BY 'x';
GRANT ALL PRIVILEGES ON friendica.* to friendica@localhost;
FLUSH PRIVILEGES;EXIT;
====== nginx + PHP-FPM Configuration ======
===== PHP-FPM Socket =====
su -
ee '/usr/local/etc/php-fpm.d/social.conf' && service 'php_fpm' reload
[social]
; User/Group
user = "www"
group = "www"
; Socket
listen = "127.0.0.1:9005"
listen.allowed_clients = "127.0.0.1"
; Process Management
pm = "ondemand"
pm.max_children = "4"
pm.process_idle_timeout = "30"
; Logging
php_value[log_errors] = "Off"
php_value[error_reporting] = "~E_ALL"
php_value[display_errors] = "Off"
php_value[display_startup_errors] = "Off"
php_value[html_errors] = "Off"
; General
php_value[date.timezone] = "America/New_York"
; Friendica
php_value[max_execution_time] = "200"
php_value[memory_limit] = "512M"
php_value[post_max_size] = "10M"
php_value[upload_max_filesize] = "10M"
php_value[max_file_uploads] = "100"
php_value[register_argc_argv] = "On"
; End
===== FastCGI =====
su -
ee '/usr/local/etc/freenginx/default.d/social.conf'
location '~' '\.(php|phar)(/.*)?$' {
fastcgi_split_path_info '^(.+\.(?:php|phar))(/.*)$';
fastcgi_intercept_errors 'on';
fastcgi_index 'index.php';
include 'fastcgi_params';
fastcgi_param 'SCRIPT_FILENAME' '$document_root$fastcgi_script_name';
fastcgi_param 'PATH_INFO' '$fastcgi_path_info';
fastcgi_param 'HTTPS' 'on';
fastcgi_pass '127.0.0.1:9005';
}
# End
===== Server Block =====
su -
ee '/usr/local/etc/freenginx/vhosts.d/social.conf' && service 'nginx' reload
server {
listen '443' 'ssl';
http2 'on';
server_name 'social.realmofespionage.xyz';
root '/usr/local/www/social';
index 'index.php';
include '/usr/local/etc/freenginx/default.d/social.conf';
include '/usr/local/etc/freenginx/default.d/headers.conf';
client_max_body_size '10M';
# access_log '/var/log/nginx/social-access.log';
# error_log '/var/log/nginx/social-error.log';
location '/' {
try_files '$uri' '/index.php?pagename=$uri&$args';
}
location '^~' '/.well-known/' {
allow 'all';
rewrite '^' '/index.php?pagename=$uri';
}
location '~*' '\.(tpl|md|tgz|log|out)$' {
deny 'all';
}
location '~' '/\.' {
deny 'all';
}
}
# End
====== Initial Setup ======
===== Initialize =====
* https://wiki.friendi.ca/docs/install#option_brun_the_automatic_install_script
* :!: 2025/10/30: This failed to find a file and didn't seem to work ((:?: This might have been because of ''--dbhost'' being ''localhost'' before)) ((restoring a previous-install works fine bypassing this initial set-up))
* :!: Change ''--dbpass'', and ''--admin'' to email
* :?: Might be able to use ''--file'' on manually-created [[#localconfigphp|local.config.php]] instead
su -
cd '/usr/local/www/social' && su -m 'www' -c "'/usr/local/www/social/bin/console' autoinstall --dbhost '127.0.0.1' --dbport '3365' --dbuser 'friendica' --dbdata 'friendica' --url 'https://social.realmofespionage.xyz' --basepath '/usr/local/www/social' --dbpass 'x' --admin 'espionage724@x'"
===== Account Create =====
* https://social.realmofespionage.xyz/register
* :!: Be sure the email matches what was used on the above command
===== User =====
* :!: ''x'' is the **nickname** chosen at website registration
su -
cd '/usr/local/www/social' && su -m 'www' -c "'/usr/local/www/social/bin/console' user password x"
===== Disable Registration =====
su -
cd '/usr/local/www/social' && su -m 'www' -c "'/usr/local/bin/php' '/usr/local/www/social/bin/console.php' config 'config' 'register_policy' '0'"
===== Etc =====
su -
cd '/usr/local/www/social' && su -m 'www' -c "'/usr/local/bin/php' -c '/usr/local/etc/php-fpm.d/social.conf' '/usr/local/www/social/bin/console.php' worker"
cd '/usr/local/www/social' && su -m 'www' -c "'/usr/local/bin/php' -c '/usr/local/etc/php-fpm.d/social.conf' '/usr/local/www/social/bin/console.php' dbstructure update --force"
cd '/usr/local/www/social' && su -m 'www' -c "'/usr/local/bin/php' -c '/usr/local/etc/php-fpm.d/social.conf' '/usr/local/www/social/bin/console.php' dbstructure drop --execute"
cd '/usr/local/www/social' && su -m 'www' -c "'/usr/local/bin/php' -c '/usr/local/etc/php-fpm.d/social.conf' '/usr/local/www/social/bin/console.php' postupdate"
cd '/usr/local/www/social' && su -m 'www' -c "'/usr/local/bin/php' -c '/usr/local/etc/php-fpm.d/social.conf' '/usr/local/www/social/bin/console.php' cache clear"
cd '/usr/local/www/social' && su -m 'www' -c "'/usr/local/bin/php' -c '/usr/local/etc/php-fpm.d/social.conf' '/usr/local/www/social/bin/console.php' clearavatarcache"
cd '/usr/local/www/social' && su -m 'www' -c "'/usr/local/bin/php' -c '/usr/local/etc/php-fpm.d/social.conf' '/usr/local/www/social/bin/console.php' config 'system' 'basepath' '/usr/local/www/social'"
cd '/usr/local/www/social' && su -m 'www' -c "'/usr/local/bin/php' -c '/usr/local/etc/php-fpm.d/social.conf' '/usr/local/www/social/bin/console.php' config 'config' 'info' 'https://wiki.realmofespionage.xyz/servers:bsd:nginx:friendica'"
exit
====== Settings ======
===== frio Theme =====
* Navigation bar background color: ''3d8bff''
* Navigation bar icon color: ''ffffff''
* Link color: ''3d8bff''
* Set the background color: ''dedede''
* Login page background color: ''484848''
* Copy or paste schemestring:
{"nav_bg":"#3d8bff","nav_icon_color":"#ffffff","link_color":"#3d8bff","background_color":"#dedede","background_image":"","contentbg_transp":"100","login_bg_image":"","login_bg_color":"#484848"}
===== local.config.php =====
* :!: Change database ''password'' and config ''admin_email''
su -
su -m 'www' -c "ee '/usr/local/www/social/config/local.config.php'" && clear
[
'hostname' => '127.0.0.1',
'username' => 'friendica',
'password' => 'x',
'database' => 'friendica',
'charset' => 'utf8mb4',
],
'config' => [
'php_path' => '/usr/local/bin/php',
'admin_email' => 'espionage724@x',
'sitename' => 'RoE | Social',
'register_policy' => \Friendica\Module\Register::CLOSED,
'max_import_size' => 200000,
],
'system' => [
'url' => 'https://social.realmofespionage.xyz',
'basepath' => '/usr/local/www/social',
'default_timezone' => 'America/New_York',
'language' => 'en',
],
];
// End
====== Scripts ======
===== Worker =====
mkdir -p ~/'.local/scripts/www/social' && ee ~/'.local/scripts/www/social/worker.sh' && chmod +x ~/'.local/scripts/www/social/worker.sh'
#!/bin/sh
cd '/usr/local/www/social'
'/usr/bin/su' -m 'www' -c "'/usr/local/bin/php' -c '/usr/local/etc/php-fpm.d/social.conf' '/usr/local/www/social/bin/console.php' worker" > '/dev/null'
cd '/tmp'
# End
su 'root' -c ~/'.local/scripts/www/social/worker.sh'
===== Updater =====
mkdir -p ~/'.local/scripts/www/social' && ee ~/'.local/scripts/www/social/updater.sh' && chmod +x ~/'.local/scripts/www/social/updater.sh'
#!/bin/sh
cd '/tmp'
'/usr/bin/su' -m 'www' -c "'/usr/local/bin/git' -C '/usr/local/www/social' reset --hard 'origin/develop'"
'/usr/bin/su' -m 'www' -c "'/usr/local/bin/git' -C '/usr/local/www/social' pull 'origin' 'develop' --rebase"
'/usr/bin/su' -m 'www' -c "'/usr/local/bin/git' -C '/usr/local/www/social/addon' reset --hard 'origin/develop'"
'/usr/bin/su' -m 'www' -c "'/usr/local/bin/git' -C '/usr/local/www/social/addon' pull 'origin' 'develop' --rebase"
'/usr/bin/su' -m 'www' -c "'/usr/local/bin/php' -c '/usr/local/etc/php-fpm.d/social.conf' '/usr/local/bin/composer.phar' --working-dir='/usr/local/www/social' --no-cache install --no-dev"
cd '/usr/local/www/social'
'/usr/bin/su' -m 'www' -c "'/usr/local/bin/php' -c '/usr/local/etc/php-fpm.d/social.conf' '/usr/local/www/social/bin/console.php' dbstructure update --force" > '/dev/null'
'/usr/bin/su' -m 'www' -c "'/usr/local/bin/php' -c '/usr/local/etc/php-fpm.d/social.conf' '/usr/local/www/social/bin/console.php' dbstructure drop --execute" > '/dev/null'
'/usr/bin/su' -m 'www' -c "'/usr/local/bin/php' -c '/usr/local/etc/php-fpm.d/social.conf' '/usr/local/www/social/bin/console.php' postupdate" > '/dev/null'
cd '/tmp'
'/bin/sync'
# End
su 'root' -c ~/'.local/scripts/www/social/updater.sh'
===== Backup =====
mkdir -p ~/'backups' ~/'.local/scripts/www/social' && ee ~/'.local/scripts/www/social/backup.sh' && chmod +x ~/'.local/scripts/www/social/backup.sh'
#!/bin/sh
cd '/tmp'
'/usr/bin/tar' -czf '/home/espionage724/backups/friendica-files-auto-'$(date +%Y-%m-%d)'.tar.gz' -C '/usr/local/www' 'social'
'/usr/local/bin/mariadb-dump' --single-transaction --quick 'friendica' -r '/home/espionage724/backups/friendica-database-auto-'$(date +%Y-%m-%d)'.sql'
'/bin/sync'
# End
su 'root' -c ~/'.local/scripts/www/social/backup.sh'
===== Maintenance =====
mkdir -p ~/'.local/scripts/www/social' && ee ~/'.local/scripts/www/social/maintenance.sh' && chmod +x ~/'.local/scripts/www/social/maintenance.sh'
#!/bin/sh
cd '/tmp'
'/usr/bin/su' -m 'www' -c "'/usr/local/bin/git' -C '/usr/local/www/social' gc --aggressive --prune='all'"
'/usr/bin/su' -m 'www' -c "'/usr/local/bin/git' -C '/usr/local/www/social' fsck --full --strict"
'/usr/bin/su' -m 'www' -c "'/usr/local/bin/git' -C '/usr/local/www/social/addon' gc --aggressive --prune='all'"
'/usr/bin/su' -m 'www' -c "'/usr/local/bin/git' -C '/usr/local/www/social/addon' fsck --full --strict"
cd '/usr/local/www/social'
'/usr/bin/su' -m 'www' -c "'/usr/local/bin/php' -c '/usr/local/etc/php-fpm.d/social.conf' '/usr/local/www/social/bin/console.php' cache clear" > '/dev/null'
'/usr/bin/su' -m 'www' -c "'/usr/local/bin/php' -c '/usr/local/etc/php-fpm.d/social.conf' '/usr/local/www/social/bin/console.php' clearavatarcache" > '/dev/null'
cd '/tmp'
# End
su 'root' -c ~/'.local/scripts/www/social/maintenance.sh'
===== Git Fix =====
* :!: Set email for **both** ''user.email''
* :!: Requires [[#etc|Etc]] commands afterwards
mkdir -p ~/'.local/scripts/www/social' && ee ~/'.local/scripts/www/social/git-fix.sh' && chmod +x ~/'.local/scripts/www/social/git-fix.sh'
#!/bin/sh
cd '/tmp'
####################
# Friendica
####################
'/usr/bin/su' -m 'www' -c "'/bin/rm' -Rf '/usr/local/www/social/.git'"
'/usr/bin/su' -m 'www' -c "'/usr/local/bin/git' -C '/usr/local/www/social' init --initial-branch='develop'"
'/usr/bin/su' -m 'www' -c "'/usr/local/bin/git' -C '/usr/local/www/social' add '.'"
##################################################
'/usr/bin/su' -m 'www' -c "'/usr/local/bin/git' -C '/usr/local/www/social' config 'user.email' 'espionage724@x'"
##################################################
'/usr/bin/su' -m 'www' -c "'/usr/local/bin/git' -C '/usr/local/www/social' commit --message='x'"
'/usr/bin/su' -m 'www' -c "'/usr/local/bin/git' -C '/usr/local/www/social' remote add 'origin' 'https://github.com/friendica/friendica.git'"
'/usr/bin/su' -m 'www' -c "'/usr/local/bin/git' -C '/usr/local/www/social' pull --depth '1' --recurse-submodules 'origin' 'develop' --rebase"
'/usr/bin/su' -m 'www' -c "'/usr/local/bin/git' -C '/usr/local/www/social' reset --hard 'origin/develop'"
'/usr/bin/su' -m 'www' -c "'/usr/local/bin/git' -C '/usr/local/www/social' gc --aggressive --prune='all'"
'/usr/bin/su' -m 'www' -c "'/usr/local/bin/git' -C '/usr/local/www/social' fsck --full --strict"
####################
# Addons
####################
'/usr/bin/su' -m 'www' -c "'/bin/rm' -Rf '/usr/local/www/social/addon/.git'"
'/usr/bin/su' -m 'www' -c "'/usr/local/bin/git' -C '/usr/local/www/social/addon' init --initial-branch='develop'"
'/usr/bin/su' -m 'www' -c "'/usr/local/bin/git' -C '/usr/local/www/social/addon' add '.'"
##################################################
'/usr/bin/su' -m 'www' -c "'/usr/local/bin/git' -C '/usr/local/www/social/addon' config 'user.email' 'espionage724@x'"
##################################################
'/usr/bin/su' -m 'www' -c "'/usr/local/bin/git' -C '/usr/local/www/social/addon' commit --message='x'"
'/usr/bin/su' -m 'www' -c "'/usr/local/bin/git' -C '/usr/local/www/social/addon' remote add 'origin' 'https://github.com/friendica/friendica-addons.git'"
'/usr/bin/su' -m 'www' -c "'/usr/local/bin/git' -C '/usr/local/www/social/addon' pull --depth '1' --recurse-submodules 'origin' 'develop' --rebase"
'/usr/bin/su' -m 'www' -c "'/usr/local/bin/git' -C '/usr/local/www/social/addon' reset --hard 'origin/develop'"
'/usr/bin/su' -m 'www' -c "'/usr/local/bin/git' -C '/usr/local/www/social/addon' gc --aggressive --prune='all'"
'/usr/bin/su' -m 'www' -c "'/usr/local/bin/git' -C '/usr/local/www/social/addon' fsck --full --strict"
'/bin/sync'
# End
su 'root' -c ~/'.local/scripts/www/social/git-fix.sh'
====== cron ======
===== Worker =====
* https://wiki.friendi.ca/docs/install#required_background_tasks
* Every 10 minutes
su -
ee '/etc/cron.d/social-worker'
#
SHELL=/bin/sh
*/10 * * * * root '/home/espionage724/.local/scripts/www/social/worker.sh'
# End
===== Updater =====
* Daily ''04:00:00 AM''
su -
ee '/etc/cron.d/social-updater'
#
SHELL=/bin/sh
0 4 * * * root '/home/espionage724/.local/scripts/www/social/updater.sh'
# End
===== Backup =====
* Monthly (5th) ''04:10:00 AM''
su -
ee '/etc/cron.d/social-backup'
#
SHELL=/bin/sh
10 4 5 * * root '/home/espionage724/.local/scripts/www/social/backup.sh'
# End
===== Maintenance =====
* Monthly (5th) ''04:30:00 AM''
su -
ee '/etc/cron.d/social-maintenance'
#
SHELL=/bin/sh
30 4 5 * * root '/home/espionage724/.local/scripts/www/social/maintenance.sh'
# End
====== Backup ======
===== Folder =====
su -
tar -czf '/home/espionage724/friendica-files-manual-'$(date +%Y-%m-%d)'.tar.gz' -C '/usr/local/www' 'social'
===== Database =====
****
mariadb-dump -u root -p --single-transaction --quick 'friendica' -r '/home/espionage724/friendica-database-manual-'$(date +%Y-%m-%d)'.sql'
===== scp =====
****
scp espionage724@192.168.1.152:~/'friendica-files-'*'.tar.gz' espionage724@192.168.1.152:~/'friendica-database-'*'.sql' ~/'Downloads' && sync
====== Restore ======
===== scp =====
****
scp ~/'Downloads/friendica-files-'*'.tar.gz' ~/'Downloads/friendica'*'.sql' espionage724@192.168.1.152:~
===== Folder =====
su -
ls '/home/'$USER'/friendica-files-'*'.tar.gz' && rm -Rf '/usr/local/www/social'
tar -xzf '/home/'$USER'/friendica-files-'*'.tar.gz' -C '/usr/local/www' 'social' && chown -R 'www':'www' '/usr/local/www/social' && sync
===== Database =====
* [[#database|Initial set-up]]
su
mariadb --execute='CREATE DATABASE friendica;'
cat '/home/'$USER/'friendica'*'.sql' | mariadb 'friendica'
===== Settings =====
su -
su -m 'www' -c "ee '/usr/local/www/social/config/local.config.php'" && clear
'hostname' => '127.0.0.1',
'php_path' => '/usr/local/bin/php',
'basepath' => '/usr/local/www/social',