nabbisen
Posted on September 5, 2023
Summary
Joomla! is one of popular PHP content management systems (aka CMS). It is good for portal-like websites as well as blogging platforms.
The first version was released in 2005 and, after long progress, the latest major one was done two years ago (on 2021-08-17).
This post shows how to install Joomla! with PHP/PHP-FPM on OpenBSD, the solid OS. All of them are the latest as of today.
Environment
- OS: OpenBSD 7.3
- Database: MariaDB 10.9
- Web: OpenBSD's httpd
- managed with
httpd.conf
- managed with
- App: PHP 8.2
- PHP-FPM
- CMS: Joomla! 4.3.4
Reference posts
In case any of them are not done:
Notes on Joomla!'s system requirements
PHP 8.2 is not what is recommended officially by them today (See: their Technical Requirements). It got, however, "improved support" in 4.3 release, which is described in their "What’s new in Joomla 4.3.0 Stable?". Therefore, PHP 8.2 should be a better option than 8.1 now. Besides, as to the other option, 8.0, its support will come to an end soon (See: PHP's Supported Versions).
Tutorial
Prepare database
Connect to the server with client tool (for example, running mysql -u root -p
), and run:
-- create database
CREATE DATABASE <dbname> \
CHARACTER SET utf8mb4 \
COLLATE utf8mb4_unicode_ci;
-- create user
GRANT ALL PRIVILEGES \
ON <dbname>.* \
TO <dbuser>@'localhost' \
IDENTIFIED BY '<dbpass>';
-- flush
FLUSH PRIVILEGES;
Install and activate PHP extensions
Get mysqli
for MariaDB connection:
$ doas pkg_add php-mysqli
The output, my choice and the result were:
quirks-6.122 signed on 2023-09-01T21:25:11Z
Ambiguous: choose package for php-mysqli
a 0: <None>
1: php-mysqli-7.4.33
2: php-mysqli-8.0.30
3: php-mysqli-8.1.22
4: php-mysqli-8.2.9
Your choice: 4
php-mysqli-8.2.9: ok
It is necessary to activate it (and also opcache
). Run:
$ doas ln -s /etc/php-8.2.sample/* /etc/php-8.2/
Now they are activated:
$ ls -l /etc/php-8.2
total 0
lrwxr-xr-x 1 root wheel 30 Sep 2 10:09 mysqli.ini -> /etc/php-8.2.sample/mysqli.ini
lrwxr-xr-x 1 root wheel 31 Sep 2 10:09 opcache.ini -> /etc/php-8.2.sample/opcache.ini
Get Joomla! package
Suppose that our working directory is /var/www/joomla
.
Run to download from their releases in GitHub:
$ curl -LO https://github.com/joomla/joomla-cms/releases/download/4.3.4/Joomla_4.3.4-Stable-Full_Package.tar.gz
Decompress and extract it:
$ tar xzf Joomla_4.3.4-Stable-Full_Package.tar.gz
Set permissions for web user:
$ doas chown -R www:www ./*
Add httpd
(Web) server(s)
If you don't have the activated daemons of either httpd or PHP-FPM 8.2, you have to make them ready. (See Reference posts.)
If so, continue and add defition on Joomla! server(s):
$ doas nvim /etc/httpd.conf
Write like below in it. Here, <fqdn>
is up to you. <chroot-parent-dir>
must be empty. (It is up to your working directory.) In addition, TLS configuration files are necessary to enable TLS (see below).
server "<fqdn>" {
listen on egress tls port https
tls {
certificate "/etc/ssl/<fqdn>.crt"
key "/etc/ssl/private/<fqdn>.key"
}
log {
access "<fqdn>-access.log"
error "<fqdn>-error.log"
}
# it depends on your working directory under `/var/www` and `chroot` settings:
root "<chroot-parent-dir>/joomla"
directory index index.php
location "/*.php" {
fastcgi socket "/run/php-fpm.sock"
}
location "/*.php[/?]*" {
fastcgi socket "/run/php-fpm.sock"
}
}
Restart the daemon:
$ doas rcctl restart httpd
httpd(ok)
httpd(ok)
Now we can access to Joomla!'s web installer with web browser. Connect to https://<fqdn>/
!!
TLS configuration files
It is able to get them via requests to Let's Encrypt with acme-client
. (See: How to conifugre OpenBSD acme-client).
Alternatively, you can get them as self-signed certificates with command lines such as:
$ cd /etc/ssl
$ # [ consts ]
$ # case ksh:
$ export MY_DOMAIN="..."
$ export MY_COUNTRY_CODE="XX"
$ export MY_STATE="..."
$ export MY_ORGANIZATION="..."
$ # case fish:
$ # set -x MY_DOMAIN "..."; (...)
$ # [ generate ]
$ doas openssl req -newkey rsa:2048 -new -nodes -x509 -days 36500 -keyout private/$MY_DOMAIN.key -out $MY_DOMAIN.crt </span>
-subj "/C=$MY_COUNTRY_CODE/ST=$MY_STATE/L=/O=$MY_ORGANIZATION/OU=/CN=$MY_DOMAIN"
$ doas chmod 400 private/$MY_DOMAIN.key
$ # return to your working directory
Server without TLS connection (Optional)
You may build another server which uses http instead of https (less secure):
# httpd.conf
< listen on egress tls port https
< tls {
< certificate "/etc/ssl/<fqdn>.crt"
< key "/etc/ssl/private/<fqdn>.key"
< }
> listen on egress port http
Servers with and without TLS connection (Optional)
In addition, you can also redirect all http requests to https as needed:
# httpd.conf
server "<fqdn>" {
listen on egress http
# (...)
block return 301 "https://$SERVER_NAME$REQUEST_URI"
}
server "<fqdn>" {
listen on egress tls port https
# (...)
}
Set it up with web installer
All you have to do is just follow them. Well, in my case, the <fqdn>
above was 192.168.122.175
.
Select default language and enter site name:
Create the system administrator:
Enter database information, and clicking the button will start the actual installation:
Success messages will be shown:
Validate installation
You will see the front page when https://<fqdn>/
is accessed to:
The admin entrance will be shown with https://<fqdn>/administrator/
accessed to:
When authentication is successful, the admin panel will be shown:
Conclusion
Now you are ready to build your website with the latest Joomla! Here shows an example about a very small step. Upload a media file in Media view:
Click "Upload" and choose a file. I tried one of the OpenBSD logos. It was successful :)
As shown in this post, it is not tough work to build and serve PHP apps on OpenBSD, when httpd and PHP-FPM are configured. It's because their project and community support PHP and also components around web service.
🕊 Happy serving 💫
Posted on September 5, 2023
Join Our Newsletter. No Spam, Only the good stuff.
Sign up to receive the latest update from our blog.