Title: How to install Kanboard on OpenBSD | |
Author: Solène | |
Date: 07 July 2023 | |
Tags: openbsd selfhosting nocloud | |
Description: In this article you will learn how to install the php web | |
application Kanboard on an OpenBSD server | |
# Introduction | |
Let me share an installation guide on OpenBSD for a product I like: | |
kanboard. It's a Kanban board written in PHP, it's easy of use, light, | |
effective, the kind of software I like. | |
While there is a docker image for easy deployment on Linux, there is no | |
guide to install it on OpenBSD. I did it successfuly, including httpd | |
for the web server. | |
Kanboard official project website | |
# Setup | |
We will need a fairly simple stack: | |
* httpd for the web server (I won't explain how to do TLS here) | |
* php 8.2 | |
* database backed by sqlite, if you need postgresql or mysql, adapt | |
## Kanboard files | |
Prepare a directory where kanboard will be extracted, it must be owned | |
by root: | |
``` | |
install -d -o root -g wheel -m 755 /var/www/htdocs/kanboard | |
``` | |
Download the latest version of kanboard, prefer the .tar.gz file | |
because it won't require an extra program. | |
Kanboard GitHub releases | |
Extract the archive, and move the extracted content into | |
`/var/www/htdocs/kanboard`; the file `/var/www/htdocs/kanboard/cli` | |
should exists if you did it correctly. | |
Now, you need to fix the permissions for a single directory inside the | |
project to allow the web server to write persistent data. | |
``` | |
install -d -o www -g www -m 755 /var/www/htdocs/kanboard/data | |
``` | |
## PHP configuration | |
For kanboard, we will need PHP and a few extensions. They can be | |
installed and enabled using the following command: (for the future, 8.2 | |
will be obsolete, adapt to the current PHP version) | |
``` | |
pkg_add php-zip--%8.2 php-curl--%8.2 php-zip--%8.2 php-pdo_sqlite--%8.2 | |
for mod in pdo_sqlite opcache gd zip curl | |
do | |
ln -s /etc/php-8.2.sample/${mod}.ini /etc/php-8.2/ | |
done | |
rcctl enable php82_fpm | |
rcctl start php82_fpm | |
``` | |
Now you have the service php82_fpm (chrooted in /var/www/) ready to be | |
used by httpd. | |
## HTTPD configuration | |
Configure the web server httpd, you can use nginx or apache if you | |
prefer, with the following piece of configuration: | |
``` | |
server "kanboard.my.domain" { | |
listen on * port 80 | |
location "*.php" { | |
fastcgi socket "/run/php-fpm.sock" | |
} | |
# don't rewrite for assets (fonts, images) | |
location "/assets/*" { | |
root "/htdocs/kanboard/" | |
pass | |
} | |
location match "/(.*)" { | |
request rewrite "/index.php%1" | |
} | |
location "/*" { | |
root "/htdocs/kanboard" | |
} | |
} | |
``` | |
Now, enable httpd if not already done, and (re)start httpd: | |
``` | |
rcctl enable httpd | |
rcctl restart httpd | |
``` | |
From now, Kanboard should be reachable and usable. The default | |
credentials are admin/admin. | |
## Sending emails | |
If you want to send emails, you have three choices: | |
* use php mail() which just use the local relay | |
* use sendmail command, which will also use the local relay | |
* configure an smtp server with authentication, can be a remote server | |
### Local email | |
If you want to use one of the first two methods, you will have to add a | |
few files to the chroot like `/bin/sh`; you can find accurate and up to | |
date information about the specific changes in the file | |
`/usr/local/share/doc/pkg-readms/php-8.2`. | |
### Using a remote smtp server | |
If you want to use a remote server with authentication (I made a | |
dedicated account for kanboard on my mail server): | |
Copy `/var/www/htdocs/kanboard/config.default.php` as | |
`/var/www/htdocs/kanboard/config.php`, and changes the variables below | |
accordingly: | |
``` | |
define('MAIL_TRANSPORT', 'smtp'); | |
define('MAIL_SMTP_HOSTNAME', 'my-server.local'); | |
define('MAIL_SMTP_PORT', 587); | |
define('MAIL_SMTP_USERNAME', 'YOUR_SMTP_USER'); | |
define('MAIL_SMTP_PASSWORD', 'XXXXXXXXXXXXXXXXXXXx'); | |
define('MAIL_SMTP_HELO_NAME', null); | |
define('MAIL_SMTP_ENCRYPTION', "tls"); | |
``` | |
Your kanboard should be able to send emails now. You can check by | |
creating a new task, and click on "Send by email". | |
NOTE: Your user also NEED to enable email notifications. | |
## Cronjob configuration | |
For some tasks like reminding emails or stats computation, Kanboard | |
requires to run a daily job by running a the CLI version. | |
You can do it as the www user in root crontab: | |
``` | |
0 1 * * * -ns su -m www -c 'cd /var/www/htdocs/kanboard && /usr/local/bin/php-8… | |
``` | |
# Conclusion | |
Kanboard is a fine piece of software, I really like the kanban workflow | |
to organize. I hope you'll enjoy it as well. | |
I'd also add that installing software without docker is still a thing, | |
this requires you to know exactly what you need to make it run, and how | |
to configure it, but I'd consider this a security bonus point. Think | |
that it will also have all its dependencies updated along with your | |
system upgrades over time. |