Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

How to install on Ubuntu 16.04 using Apache #357

Closed
iamdoubz opened this issue Sep 12, 2019 · 3 comments

Comments

@iamdoubz
Copy link

@iamdoubz iamdoubz commented Sep 12, 2019

Hi. Took me a bit to get everything working so I wanted to post this.

Assumptions

  1. This guide assumes that you have already set up a website before
  2. Are using a subdomain

Feedback

Additions, subtractions, modifications, and suggestions are most certainly welcome.

Requirements

  1. Apache version > 2.4
  2. A bunch of mod's enabled (headers, proxy, proxy_balancer, proxy_http, proxy_wstunnel, rewrite, and there may be others but those are the ones I know off the top of my head)
  3. Protocols h2 http/1.1 needs apachectl -V 2.4.17 and higher...

First error:

[Thu Sep 12 15:05:27.822224 2019] [php7:error] [pid 24237] [client 0.0.0.0:30414] PHP Fatal error:  

Uncaught PDOException: could not find driver in /var/www/html/services/DatabaseService.php:17
Stack trace:
#0 /var/www/html/services/DatabaseService.php(17): PDO->__construct('sqlite:/var/www...')
#1 /var/www/html/services/DatabaseService.php(33): Grocy\\Services\\DatabaseService->GetDbConnectionRaw()
#2 /var/www/html/controllers/BaseController.php(14): Grocy\\Services\\DatabaseService->GetDbConnection()
#3 /var/www/html/controllers/LoginController.php(13): Grocy\\Controllers\\BaseController->__construct(Object(Slim\\Container))
#4 /var/www/html/app.php(64): Grocy\\Controllers\\LoginController->__construct(Object(Slim\\Container), 'grocy_session')
#5 /var/www/html/vendor/pimple/pimple/src/Pimple/Container.php(118): {closure}(Object(Slim\\Container))
#6 /var/www/html/vendor/slim/slim/Slim/Container.php(123): Pimple\\Container->offsetGet('LoginController...')
#7 /var/www/html/vendor/slim/slim/Slim/Container.php(172): Slim\\Container->get('LoginController...')
#8 /var/www/html/routes.php(112): Slim\\Container->__get in /var/www/html/services/DatabaseService.php on line 17

First error FIX:

sudo apt install php7.3-sqlite3

Second error:

# Not Found
The requested URL /stockoverview was not found on this server

Second error FIX:

sudo nano /etc/apache2/sites-enabled/grocy.conf

Add a <Directory> that looks like this:

<Directory /var/www/html/public>
    Options Indexes FollowSymLinks MultiViews
    AllowOverride All
    Order allow,deny
    allow from all
</Directory>

Contents of grocy.conf for your convenience:

    DEFINE base_url grocy.info
    DEFINE public_url demo.grocy.info
    DEFINE email admin@grocy.info
    ServerTokens Prod
    SSLStaplingCache "shmcb:${APACHE_LOG_DIR}/stapling-cache(150000)"
    SSLSessionCache "shmcb:${APACHE_LOG_DIR}/ssl_scache(512000)"
    SSLSessionCacheTimeout 300
<VirtualHost *:80>
    ServerName ${public_url}
    DocumentRoot /var/www/html
    ServerAdmin ${email}
    RewriteEngine on
    RewriteCond %{SERVER_NAME} =${public_url}
    RewriteCond %{HTTPS} off
    RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
<VirtualHost *:443>
    ServerName ${public_url}
    DocumentRoot /var/www/${public_url}/public
    ServerAdmin ${email}
    ErrorLog ${APACHE_LOG_DIR}/${public_url}.error.log
    CustomLog ${APACHE_LOG_DIR}/${public_url}.access.log combined
    SSLCertificateFile /etc/letsencrypt/live/${public_url}/fullchain.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/${public_url}/privkey.pem
    #Include /etc/letsencrypt/options-ssl-apache.conf
### Forbid the http1.0 protocol ###
    Protocols h2 http/1.1
    Timeout 360
    ProxyRequests Off
    ProxyPreserveHost On
    ProxyTimeout 600
    ProxyReceiveBufferSize 4096
    SSLProxyEngine On
    RequestHeader set Front-End-Https "On"
    ServerSignature Off
    SSLCompression Off
    SSLUseStapling On
    SSLStaplingResponderTimeout 5
    SSLStaplingReturnResponderErrors Off
    SSLSessionTickets Off
    RequestHeader set X-Forwarded-Proto 'https' env=HTTPS
    Header always set Strict-Transport-Security "max-age=15552000; preload"
    Header always set X-Content-Type-Options nosniff
    Header always set X-Robots-Tag none
    Header always set X-XSS-Protection "1; mode=block"
    Header always set X-Frame-Options "SAMEORIGIN"
    Header always set Referrer-Policy "strict-origin-when-cross-origin"
    Header always set Content-Security-Policy-Report-Only "default-src 'self' https:; font-src 'self' data: ${base_url} ${public_url}; media-src 'self' ${base_url} ${public_url}; script-src 'self' 'unsafe-inline' 'unsafe-eval' ${base_url} ${public_url} wasm wasm-eval; style-src 'self' ${base_url} ${public_url} 'unsafe-inline'; img-src 'self' https: data: blob: ${base_url} ${public_url}; worker-src *; frame-src 'none'; connect-src 'self' wss: https: ${base_url} ${public_url};"
    Header always set Feature-Policy "geolocation 'self'; midi 'self'; sync-xhr 'self'; microphone 'self'; camera 'self'; magnetometer 'self'; gyroscope 'self'; speaker 'self'; fullscreen 'self'; payment 'self';"
    SSLHonorCipherOrder On
### Use next two for very secure connections ###
    #SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH
    #SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
### Use next two for secure connections and supports more endpoints ###
    SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH:ECDHE-RSA-AES128-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA128:DHE-RSA-AES128-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA128:ECDHE-RSA-AES128-SHA384:ECDHE-RSA-AES128-SHA128:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA128:DHE-RSA-AES128-SHA128:DHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA384:AES128-GCM-SHA128:AES128-SHA128:AES128-SHA128:AES128-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4
    SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
</VirtualHost>
<Directory /var/www/${public_url}/public>
    Options Indexes FollowSymLinks MultiViews
    AllowOverride All
    Order allow,deny
    allow from all
</Directory>
@berrnd

This comment has been minimized.

Copy link
Member

@berrnd berrnd commented Sep 13, 2019

Thanks for sharing! :)

I think we should add/link this and #354 and maybe other issues about install problems for example on the subreddit sidebar/wiki and also add a hint to them on the website and README...

berrnd added a commit to grocy/grocy-website that referenced this issue Sep 16, 2019
@berrnd

This comment has been minimized.

Copy link
Member

@berrnd berrnd commented Sep 16, 2019

Thanks again, I added this now as a link on https://grocy.info/links.

@berrnd berrnd closed this Sep 16, 2019
@lepidas

This comment has been minimized.

Copy link

@lepidas lepidas commented Sep 22, 2019

Hi. Took me a bit to get everything working so I wanted to post this.

Assumptions

1. This guide assumes that you have already set up a website before

2. Are using a subdomain

Feedback

Additions, subtractions, modifications, and suggestions are most certainly welcome.

Requirements

1. Apache version > 2.4

2. A bunch of mod's enabled (headers, proxy, proxy_balancer, proxy_http, proxy_wstunnel, rewrite, and there may be others but those are the ones I know off the top of my head)

3. Protocols h2 http/1.1 needs apachectl -V 2.4.17 and higher...

First error:

[Thu Sep 12 15:05:27.822224 2019] [php7:error] [pid 24237] [client 0.0.0.0:30414] PHP Fatal error:  

Uncaught PDOException: could not find driver in /var/www/html/services/DatabaseService.php:17
Stack trace:
#0 /var/www/html/services/DatabaseService.php(17): PDO->__construct('sqlite:/var/www...')
#1 /var/www/html/services/DatabaseService.php(33): Grocy\\Services\\DatabaseService->GetDbConnectionRaw()
#2 /var/www/html/controllers/BaseController.php(14): Grocy\\Services\\DatabaseService->GetDbConnection()
#3 /var/www/html/controllers/LoginController.php(13): Grocy\\Controllers\\BaseController->__construct(Object(Slim\\Container))
#4 /var/www/html/app.php(64): Grocy\\Controllers\\LoginController->__construct(Object(Slim\\Container), 'grocy_session')
#5 /var/www/html/vendor/pimple/pimple/src/Pimple/Container.php(118): {closure}(Object(Slim\\Container))
#6 /var/www/html/vendor/slim/slim/Slim/Container.php(123): Pimple\\Container->offsetGet('LoginController...')
#7 /var/www/html/vendor/slim/slim/Slim/Container.php(172): Slim\\Container->get('LoginController...')
#8 /var/www/html/routes.php(112): Slim\\Container->__get in /var/www/html/services/DatabaseService.php on line 17

First error FIX:

sudo apt install php7.3-sqlite3

Second error:

# Not Found
The requested URL /stockoverview was not found on this server

Second error FIX:

sudo nano /etc/apache2/sites-enabled/grocy.conf

Add a <Directory> that looks like this:

<Directory /var/www/html/public>
    Options Indexes FollowSymLinks MultiViews
    AllowOverride All
    Order allow,deny
    allow from all
</Directory>

Contents of grocy.conf for your convenience:

    DEFINE base_url grocy.info
    DEFINE public_url demo.grocy.info
    DEFINE email admin@grocy.info
    ServerTokens Prod
    SSLStaplingCache "shmcb:${APACHE_LOG_DIR}/stapling-cache(150000)"
    SSLSessionCache "shmcb:${APACHE_LOG_DIR}/ssl_scache(512000)"
    SSLSessionCacheTimeout 300
<VirtualHost *:80>
    ServerName ${public_url}
    DocumentRoot /var/www/html
    ServerAdmin ${email}
    RewriteEngine on
    RewriteCond %{SERVER_NAME} =${public_url}
    RewriteCond %{HTTPS} off
    RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
<VirtualHost *:443>
    ServerName ${public_url}
    DocumentRoot /var/www/${public_url}/public
    ServerAdmin ${email}
    ErrorLog ${APACHE_LOG_DIR}/${public_url}.error.log
    CustomLog ${APACHE_LOG_DIR}/${public_url}.access.log combined
    SSLCertificateFile /etc/letsencrypt/live/${public_url}/fullchain.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/${public_url}/privkey.pem
    #Include /etc/letsencrypt/options-ssl-apache.conf
### Forbid the http1.0 protocol ###
    Protocols h2 http/1.1
    Timeout 360
    ProxyRequests Off
    ProxyPreserveHost On
    ProxyTimeout 600
    ProxyReceiveBufferSize 4096
    SSLProxyEngine On
    RequestHeader set Front-End-Https "On"
    ServerSignature Off
    SSLCompression Off
    SSLUseStapling On
    SSLStaplingResponderTimeout 5
    SSLStaplingReturnResponderErrors Off
    SSLSessionTickets Off
    RequestHeader set X-Forwarded-Proto 'https' env=HTTPS
    Header always set Strict-Transport-Security "max-age=15552000; preload"
    Header always set X-Content-Type-Options nosniff
    Header always set X-Robots-Tag none
    Header always set X-XSS-Protection "1; mode=block"
    Header always set X-Frame-Options "SAMEORIGIN"
    Header always set Referrer-Policy "strict-origin-when-cross-origin"
    Header always set Content-Security-Policy-Report-Only "default-src 'self' https:; font-src 'self' data: ${base_url} ${public_url}; media-src 'self' ${base_url} ${public_url}; script-src 'self' 'unsafe-inline' 'unsafe-eval' ${base_url} ${public_url} wasm wasm-eval; style-src 'self' ${base_url} ${public_url} 'unsafe-inline'; img-src 'self' https: data: blob: ${base_url} ${public_url}; worker-src *; frame-src 'none'; connect-src 'self' wss: https: ${base_url} ${public_url};"
    Header always set Feature-Policy "geolocation 'self'; midi 'self'; sync-xhr 'self'; microphone 'self'; camera 'self'; magnetometer 'self'; gyroscope 'self'; speaker 'self'; fullscreen 'self'; payment 'self';"
    SSLHonorCipherOrder On
### Use next two for very secure connections ###
    #SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH
    #SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
### Use next two for secure connections and supports more endpoints ###
    SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH:ECDHE-RSA-AES128-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA128:DHE-RSA-AES128-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA128:ECDHE-RSA-AES128-SHA384:ECDHE-RSA-AES128-SHA128:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA128:DHE-RSA-AES128-SHA128:DHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA384:AES128-GCM-SHA128:AES128-SHA128:AES128-SHA128:AES128-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4
    SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
</VirtualHost>
<Directory /var/www/${public_url}/public>
    Options Indexes FollowSymLinks MultiViews
    AllowOverride All
    Order allow,deny
    allow from all
</Directory>

Hi to all.
It was a very bumpy installation without docker.
For the 2nd problem/fix to work, mode rewrite should be enabled, otherwise no joy :)
sudo a2enmod rewrite
and restart apache
sudo systemctl restart apache2
It took me like 4 cups of coffee and a lot of hair to make it working.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
3 participants
You can’t perform that action at this time.