Title: Hosting Shaarli on OpenBSD | |
Author: Solène | |
Date: 19 January 2024 | |
Tags: php openbsd rss | |
Description: In this article, you will learn how to deploy the PHP | |
bookmarking service Shaarli on OpenBSD | |
# Introduction | |
This guide explains how to install the PHP web service Shaarli on | |
OpenBSD. | |
Shaarli is a bookmarking service and RSS feed reader, you can easily | |
add new links and associate a text / tag and share it with other or | |
keep each entry private if you prefer. | |
Shaarli GitHub Project page | |
# Setup | |
The software is pretty easy to install using base system httpd and PHP | |
(included latest version available as of time of writing). | |
## Deploy Shaarli | |
Download the latest version of Shaarli available on their GitHub | |
project. | |
Shaarli releases on GitHub | |
Extract the archive and move the directory `Shaarli` in `/var/www/`. | |
Change the owner of the following directories to the user `www`. It's | |
required for Shaarli to work properly. For security’s sake, don't | |
chown all the files to Shaarli, it's safer when a program can't modify | |
itself. | |
``` | |
chown www /var/www/Shaarli/{cache,data,pagecache,tmp} | |
``` | |
## Install the packages | |
We need a few packages to make it work, I'm using php 8.3 in the | |
example, but you can replace with the current version you want: | |
``` | |
pkg_add php--%8.3 php-curl--%8.3 php-gd--%8.3 php-intl--%8.3 | |
``` | |
By default, on OpenBSD the PHP modules aren't enabled, you can do it | |
with: | |
``` | |
for i in gd curl intl opcache; do ln -s "/etc/php-8.3.sample/${i}.ini" /etc/php… | |
``` | |
Now, enable and start PHP service: | |
``` | |
rcctl enable php83_fpm | |
rcctl start php83_fpm | |
``` | |
If you want Shaarli to be able to do outgoing connections to fetch | |
remote content, you need to make some changes in the chroot directory | |
to make it work, everything is explained in the file | |
`/usr/local/share/doc/pkg-readmes/php-INSTALLED.VERSION`. | |
## Configure httpd | |
This guide won't cover the setup for TLS as it's always the same | |
procedure, and it may depend on how you prefer to generate the TLS | |
certificates. | |
Create the file `/etc/httpd.conf` and add the following content, make | |
sure to replace all the caps text with real values: | |
``` | |
server "YOUR_HOSTNAME_HERE" { | |
listen on * port 80 | |
# don't rewrite for assets (fonts, images) | |
location "/tpl/*" { | |
root "/Shaarli/" | |
} | |
location "/doc/*" { | |
root "/Shaarli/" | |
} | |
location "/cache/*" { | |
root "/Shaarli/" | |
} | |
location "*.php" { | |
fastcgi socket "/run/php-fpm.sock" | |
root "/Shaarli" | |
} | |
location "*index.php*" { | |
root "/Shaarli" | |
fastcgi socket "/run/php-fpm.sock" | |
} | |
location match "/(.*)" { | |
request rewrite "/index.php%1" | |
} | |
location "/*" { | |
root "/Shaarli" | |
} | |
} | |
``` | |
Enable and start httpd | |
``` | |
rcctl enable httpd | |
rcctl start httpd | |
``` | |
## Configure your firewall | |
If you configured PF to block by default, you have to open the ports 80 | |
and also 443 if you enable HTTPS. | |
# Installing Shaarli | |
Now you should have a working Shaarli upon opening | |
`http://YOUR_HOSTNAME_HERE/index.php/`, all lights should be green, and | |
you are now able to configure the instance as you wish. | |
# Conclusion | |
Shaarli is a really handy piece of software, especially for active RSS | |
readers who may have a huge stream of news to read. What's cool is the | |
share service, and you may allow some people to subscribe to your own | |
feed. |