How to Install Grav CMS with Nginx on Fedora 30
Grav is a fast, simple, and flexible, file-based CMS platform. Grav comes with a powerful Package Management System to allow for simple installation and upgrading of plugins and themes, as well as simple updating of Grav itself.
The underlying architecture of Grav is designed to use well-established and best-in-class technologies to ensure that Grav is simple to use and easy to extend. Some of these key technologies include:
- Twig Templating: for robust control of the user interface
- Markdown: for easy content creation
- YAML: for simple configuration
- Parsedown: for fast Markdown and Markdown Extra support
- Doctrine Cache: layer for performance
- Simple Dependency Injection Container: for extensibility and maintainability
- Symfony Event Dispatcher: for plugin event handling
- Symfony Console: for CLI interface
- Gregwar Image Library: for dynamic image manipulation
In this tutorial, we will go through the Grav CMS installation and setup on the Fedora 30 system by using NGINX as a web server, and optionally you can secure the transport layer by using Acme.sh client and Let's Encrypt certificate authority to add SSL support.
Requirements
Grav is intentionally designed with few requirements. Grav is built with plain text files for your content. There is no database needed.
Make sure your system meets the following requirements:
- Web Server (Apache, Nginx, LiteSpeed, Lightly, IIS, etc.) We will use NGINX.
- PHP version 7.1.3 or higher
Prerequisites
- An operating system running Fedora 30.
- A non-root user with sudo privileges.
Initial steps
Check your Fedora version:
cat /etc/fedora-release
#
Set up the timezone:
timedatectl list-timezones
sudo timedatectl set-timezone 'Region/City'
Update your operating system packages (software). This is an important first step because it ensures you have the latest updates and security fixes for your operating system's default software packages:
sudo dnf update -y
Install some essential packages that are necessary for basic administration of the Fedora operating system:
sudo dnf install -y curl wget vim git unzip socat bash-completion epel-release
Step 1 - Install PHP and necessary PHP extensions
Install PHP, as well as the required PHP extensions:
sudo dnf install -y php-cli php-fpm php-common php-curl php-gd php-json php-mbstring php-xml php-zip php-opcache php-pecl-apcu
To show PHP compiled in modules, you can run:
php -m
ctype
curl
exif
fileinfo
. . .
. . .
Check the PHP version:
php --version
# PHP 7.3.17 (cli) (built: May 13 2019 18:03:04) ( NTS )
# Copyright (c) 1997-2018 The PHP Group
# Zend Engine v3.2.0, Copyright (c) 1998-2018 Zend Technologies
# with Zend OPcache v7.2.17, Copyright (c) 1999-2018, by Zend Technologies
Start and enable PHP-FPM service:
sudo systemctl start php-fpm.service
sudo systemctl enable php-fpm.service
Step 2 - Install acme.sh client and obtain Let's Encrypt certificate ( optional )
Securing your forum with HTTPS is not necessary, but it is a good practice to secure your site traffic. To obtain a TLS certificate from Let's Encrypt we will use Acme.sh client. Acme.sh is a simple UNIX shell software for obtaining TLS certificates from Let's Encrypt with zero dependencies.
Download and install acme.sh:
sudo su - root
git clone https://github.com/Neilpang/acme.sh.git
cd acme.sh
./acme.sh --install --accountemail [email protected]
source ~/.bashrc
cd ~
Check acme.sh version:
acme.sh --version
# v2.8.2
Obtain RSA and ECC/ECDSA certificates for your domain/hostname:
# RSA 2048
acme.sh --issue --standalone -d example.com --keylength 2048
# ECDSA
acme.sh --issue --standalone -d example.com --keylength ec-256
If you want fake certificates for testing, you can add --staging flag to the above commands.
After running the above commands, your certificates and keys will be in:
- For RSA:
/home/username/example.comdirectory. - For ECC/ECDSA:
/home/username/example.com_eccdirectory.
To list your issued certs you can run:
acme.sh --list
Create a directory to store your certs. We will use /etc/letsencrypt directory.
mkdir -p /etc/letsecnrypt/example.comsudo mkdir -p /etc/letsencrypt/example.com_ecc
Install/copy certificates to /etc/letsencrypt directory.
# RSA
acme.sh --install-cert -d example.com --cert-file /etc/letsencrypt/example.com/cert.pem --key-file /etc/letsencrypt/example.com/private.key --fullchain-file /etc/letsencrypt/example.com/fullchain.pem --reloadcmd "sudo systemctl reload nginx.service"
# ECC/ECDSA
acme.sh --install-cert -d example.com --ecc --cert-file /etc/letsencrypt/example.com_ecc/cert.pem --key-file /etc/letsencrypt/example.com_ecc/private.key --fullchain-file /etc/letsencrypt/example.com_ecc/fullchain.pem --reloadcmd "sudo systemctl reload nginx.service"
All the certificates are renewed automatically every 60 days.
After obtaining certs exit from root user and return to regular sudo user:
exit
Step 3 - Install and configure NGINX
Install NGINX:
sudo dnf install -y nginx
Check the NGINX version:
nginx -v
# nginx version: nginx/1.14.2
Start and enable NGINX service:
sudo systemctl start nginx.service
sudo systemctl enable nginx.service
Configure NGINX for Grav. Run sudo vim /etc/nginx/conf.d/grav.conf and add the following configuration.
server {
listen 80;
listen 443 ssl;
server_name example.com;
root /var/www/grav;
ssl_certificate /etc/letsencrypt/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/example.com/private.key;
ssl_certificate /etc/letsencrypt/example.com_ecc/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/example.com_ecc/private.key;
index index.html index.php;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~* /(\.git|cache|bin|logs|backup|tests)/.*$ { return 403; }
location ~* /(system|vendor)/.*\.(txt|xml|md|html|yaml|yml|php|pl|py|cgi|twig|sh|bat)$ { return 403; }
location ~* /user/.*\.(txt|md|yaml|yml|php|pl|py|cgi|twig|sh|bat)$ { return 403; }
location ~ /(LICENSE\.txt|composer\.lock|composer\.json|nginx\.conf|web\.config|htaccess\.txt|\.htaccess) { return 403; }
location ~ \.php$ {
fastcgi_pass unix:/run/php-fpm/www.sock;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root/$fastcgi_script_name;
}
}Check NGINX configuration for syntax errors:
sudo nginx -t
Reload NGINX service:
sudo systemctl reload nginx.service
Step 4 - Install Grav CMS
Create a document root directory:
sudo mkdir -p /var/www/grav
Change ownership of the /var/www/grav directory to the user you are logged in at the moment, in my case, the user is johndoe:
sudo chown -R johndoe:johndoe /var/www/grav
Navigate to the document root folder:
cd /var/www/grav
Download and unzip Grav:
wget https://getgrav.org/download/core/grav-admin/1.6.9
unzip 1.6.9
mv grav-admin/* . && mv grav-admin/.* .
rm -rf grav-admin 1.6.9
NOTE: Version 1.6.9 is the current version and may be different by the time you read this. Please check the Grav website for the latest information.
Change ownership of the /var/www/grav directory to nginx:
sudo chown -R nginx:nginx /var/www/grav
Run sudo vim /etc/php-fpm.d/www.conf and set user and group to nginx. Initially, it's set to user and group apache:
sudo vim /etc/php-fpm.d/www.conf
user = nginx
group = nginx
Restart the PHP-FPM service.
sudo systemctl restart php-fpm.service
Create /var/lib/php/session/ directory and change ownership to nginx:
sudo mkdir -p /var/lib/php/session/ && sudo chown -R nginx:nginx /var/lib/php/session/
Open http://example.com in your web browser and follow the on-screen instructions. To access Grav admin append /admin to your URL.
Step 5 - Complete Grav setup
Create a Grav admin user:
After the creation, you will be redirected to the admin dashboard:
