Introduction
Wallabag is a self-hosted PHP web application allowing you to save web pages for later reading. It extracts content so that you can read it when you have time. This article will explain the installation of Wallabag on a Fedora 29 system.
Prerequisites
- Something running Fedora 29.
- Root access to your system (via a user with
sudo
privileges.) - A web server with PHP 7 (Instructions below.)
- A MySQL database (Instructions below.)
Preparations
Update your system:
sudo dnf update -y
Installing a web server stack:
We will be using Apache with PHP, and MariaDB for the database. Execute the following to install the required packages:
sudo dnf install -y httpd php php-common php-xml \
php-json php-curl php-zip php-mbstring php-mysqlnd \
php-pdo php-gd php-tidy php-bcmath mariadb-server mariadb
Make sure Apache and MariaDB are enabled and running:
sudo systemctl enable --now httpd.service mariadb.service
Install miscellaneous packages.
sudo dnf install -y git make composer unzip policycoreutils-python-utils
Git will be used to download Wallabag from its github repository and the make command, along with composer to complete the installation of Wallabag. The policy utilities package is needed for optional SELinux configuration (instructions below)
Configuring Apache
Using a text editor of your choice, create a new Apache configuration file. For instance:
sudo vim /etc/httpd/conf.d/wallabag.conf
Populate it with the following (insert your Vultr IP address or a domain name pointing to your IP for ServerName
):
<VirtualHost *:80>
ServerName IP_or_DOMAIN_NAME
DocumentRoot /var/www/wallabag/web
<Directory /var/www/wallabag/web>
AllowOverride None
Order Allow,Deny
Allow from All
<IfModule mod_rewrite.c>
Options -MultiViews
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.*)$ app.php [QSA,L]
</IfModule>
</Directory>
<Directory /var/www/wallabag/web/bundles>
<IfModule mod_rewrite.c>
RewriteEngine Off
</IfModule>
</Directory>
ErrorLog /var/log/httpd/wallabag_error.log
CustomLog /var/log/httpd/wallabag_access.log combined
</VirtualHost>
Save and exit.
Reload Apache configuration to apply changes:
sudo systemctl reload httpd.service
Configuring MariaDB
Start by securing your MySQL installation with this command:
sudo mysql_secure_installation
Answer the questions as shown:
Enter current password for root (enter for none): Enter
Set root password? [Y/n]: Y
New password: <your-password>
Re-enter new password: <your-password>
Remove anonymous users? [Y/n]: Y
Disallow root login remotely? [Y/n]: Y
Remove test database and access to it? [Y/n]: Y
Reload privilege tables now? [Y/n]: Y
Make sure you use a strong password.
Configuring MariaDB
Create a database and user for Wallabag:
sudo mysql -u root -p
MariaDB [(none)]> CREATE DATABASE wallabag;
MariaDB [(none)]> CREATE USER 'wallabaguser'@'localhost' IDENTIFIED BY 'wallabagpassword';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON wallabag.* TO 'wallabaguser'@'localhost';
MariaDB [(none)]> exit;
Make sure you replace wallabagpassword
with a secure password. It should be different from the password you chose for the MariaDB root user.
Installing Wallabag
Since Wallabag is hosted on github, we’ll clone the repository locally:
cd /var/www/
sudo git clone https://github.com/wallabag/wallabag.git
And transfer ownership to the apache user:
sudo chown -R apache:apache /var/www/wallabag
It is not recommended to run the installation scripts as root, so we will use the apache user:
sudo -u apache /bin/bash
cd /var/www/wallabag/
make install
You will be asked several questions regarding desired configuration:
database_driver (pdo_mysql): pdo_mysql
database_driver_class (null): Press Enter
database_host (127.0.0.1): 127.0.0.1
database_port (null): 3306
database_name (wallabag): wallabag
database_user (root): wallabaguser
database_password (null): wallabagpassword
database_path (null): Press Enter
database_table_prefix (wallabag_): Prefix of your choice or Press Enter for the default.
database_socket (null): Press Enter
database_charset (utf8mb4): Press Enter
domain_name ('https://your-wallabag-url-instance.com'): http://IP_or_DOMAIN_NAME
Choose the default (press Enter) for the remaining questions, then exit back to your own user shell session: exit
Security configuration:
SELinux (Security-Enhanced Linux) will interfere with the wallabag application. To disable it, open the file /etc/sysconfig/selinux
and replace SELINUX=enforcing
with SELINUX=disabled
. Reboot to apply changes. If you do not wish to disable SELinux entirely, follow the instrucions below to configure SELinux contexts for web directories.
Five labels are required:
sudo semanage fcontext -a -t httpd_sys_content_t "/var/www/wallabag(/.*)?"
sudo semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/wallabag/data(/.*)?"
sudo semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/wallabag/var(/.*)?"
sudo semanage fcontext -a -t httpd_log_t "/var/www/wallabag/var/logs(/.*)?"
sudo semanage fcontext -a -t httpd_cache_t "/var/www/wallabag/var/cache(/.*)"
And apply changes with:
sudo restorecon -R /var/www/wallabag
And set the following SELinux booleans to true:
sudo setsebool -P httpd_can_network_connect 1
sudo setsebool -P httpd_can_network_connect_db 1
Finally, enable HTTP traffic through the firewall:
sudo firewall-cmd --add-service http --permanent
sudo firewall-cmd --reload
You should now be able to access Wallabag on http://IP_or_DOMAIN_NAME
. For better security/privacy, you should consider using a domain name with HTTPS, however this is beyond the scope of this guide.
If you’d like to host your own music streaming server, check out these guides.