 |
Title: How to install Kanboard on OpenBSD |
|
Author: Solène |
|
Date: 07 July 2023 |
|
Tags: openbsd selfhosting nocloud |
|
Description: In this article you will learn how to install the php web |
|
application Kanboard on an OpenBSD server |
|
|
|
# Introduction |
|
|
|
Let me share an installation guide on OpenBSD for a product I like: |
|
kanboard. It's a Kanban board written in PHP, it's easy of use, light, |
|
effective, the kind of software I like. |
|
|
|
While there is a docker image for easy deployment on Linux, there is no |
|
guide to install it on OpenBSD. I did it successfuly, including httpd |
|
for the web server. |
|
|
 |
Kanboard official project website |
|
|
|
# Setup |
|
|
|
We will need a fairly simple stack: |
|
|
|
* httpd for the web server (I won't explain how to do TLS here) |
|
* php 8.2 |
|
* database backed by sqlite, if you need postgresql or mysql, adapt |
|
|
|
## Kanboard files |
|
|
|
Prepare a directory where kanboard will be extracted, it must be owned |
|
by root: |
|
|
|
``` |
|
install -d -o root -g wheel -m 755 /var/www/htdocs/kanboard |
|
``` |
|
|
|
Download the latest version of kanboard, prefer the .tar.gz file |
|
because it won't require an extra program. |
|
|
|
Kanboard GitHub releases |
|
|
|
Extract the archive, and move the extracted content into |
|
`/var/www/htdocs/kanboard`; the file `/var/www/htdocs/kanboard/cli` |
|
should exists if you did it correctly. |
|
|
|
Now, you need to fix the permissions for a single directory inside the |
|
project to allow the web server to write persistent data. |
|
|
|
``` |
|
install -d -o www -g www -m 755 /var/www/htdocs/kanboard/data |
|
``` |
|
|
|
## PHP configuration |
|
|
|
For kanboard, we will need PHP and a few extensions. They can be |
|
installed and enabled using the following command: (for the future, 8.2 |
|
will be obsolete, adapt to the current PHP version) |
|
|
|
``` |
|
pkg_add php-zip--%8.2 php-curl--%8.2 php-zip--%8.2 php-pdo_sqlite--%8.2 |
|
for mod in pdo_sqlite opcache gd zip curl |
|
do |
|
ln -s /etc/php-8.2.sample/${mod}.ini /etc/php-8.2/ |
|
done |
|
rcctl enable php82_fpm |
|
rcctl start php82_fpm |
|
``` |
|
|
|
Now you have the service php82_fpm (chrooted in /var/www/) ready to be |
|
used by httpd. |
|
|
|
## HTTPD configuration |
|
|
|
Configure the web server httpd, you can use nginx or apache if you |
|
prefer, with the following piece of configuration: |
|
|
|
``` |
|
server "kanboard.my.domain" { |
|
listen on * port 80 |
|
|
|
location "*.php" { |
|
fastcgi socket "/run/php-fpm.sock" |
|
} |
|
|
|
# don't rewrite for assets (fonts, images) |
|
location "/assets/*" { |
|
root "/htdocs/kanboard/" |
|
pass |
|
} |
|
|
|
location match "/(.*)" { |
|
request rewrite "/index.php%1" |
|
} |
|
|
|
location "/*" { |
|
root "/htdocs/kanboard" |
|
} |
|
} |
|
``` |
|
|
|
Now, enable httpd if not already done, and (re)start httpd: |
|
|
|
``` |
|
rcctl enable httpd |
|
rcctl restart httpd |
|
``` |
|
|
|
From now, Kanboard should be reachable and usable. The default |
|
credentials are admin/admin. |
|
|
|
## Sending emails |
|
|
|
If you want to send emails, you have three choices: |
|
|
|
* use php mail() which just use the local relay |
|
* use sendmail command, which will also use the local relay |
|
* configure an smtp server with authentication, can be a remote server |
|
|
|
### Local email |
|
|
|
If you want to use one of the first two methods, you will have to add a |
|
few files to the chroot like `/bin/sh`; you can find accurate and up to |
|
date information about the specific changes in the file |
|
`/usr/local/share/doc/pkg-readms/php-8.2`. |
|
|
|
### Using a remote smtp server |
|
|
|
If you want to use a remote server with authentication (I made a |
|
dedicated account for kanboard on my mail server): |
|
|
|
Copy `/var/www/htdocs/kanboard/config.default.php` as |
|
`/var/www/htdocs/kanboard/config.php`, and changes the variables below |
|
accordingly: |
|
|
|
``` |
|
define('MAIL_TRANSPORT', 'smtp'); |
|
|
|
define('MAIL_SMTP_HOSTNAME', 'my-server.local'); |
|
define('MAIL_SMTP_PORT', 587); |
|
define('MAIL_SMTP_USERNAME', 'YOUR_SMTP_USER'); |
|
define('MAIL_SMTP_PASSWORD', 'XXXXXXXXXXXXXXXXXXXx'); |
|
define('MAIL_SMTP_HELO_NAME', null); |
|
define('MAIL_SMTP_ENCRYPTION', "tls"); |
|
``` |
|
|
|
Your kanboard should be able to send emails now. You can check by |
|
creating a new task, and click on "Send by email". |
|
|
|
NOTE: Your user also NEED to enable email notifications. |
|
|
|
## Cronjob configuration |
|
|
|
For some tasks like reminding emails or stats computation, Kanboard |
|
requires to run a daily job by running a the CLI version. |
|
|
|
You can do it as the www user in root crontab: |
|
|
|
``` |
|
0 1 * * * -ns su -m www -c 'cd /var/www/htdocs/kanboard && /usr/local/bin/php-8… |
|
``` |
|
|
|
# Conclusion |
|
|
|
Kanboard is a fine piece of software, I really like the kanban workflow |
|
to organize. I hope you'll enjoy it as well. |
|
|
|
I'd also add that installing software without docker is still a thing, |
|
this requires you to know exactly what you need to make it run, and how |
|
to configure it, but I'd consider this a security bonus point. Think |
|
that it will also have all its dependencies updated along with your |
|
system upgrades over time. |
