How to Install Hubzilla on Ubuntu 16.04

Published on: Fri, Aug 10, 2018 at 11:13 am EST

Hubzilla is an open source web-based platform to create internally connected websites. In Hubzilla's ecosystem, a server running Hubzilla is called a "hub" and a group of multiple hubs is called a "grid". Hubs within a grid communicate with each other to share information such as identities. Anyone can publish contents publicly or privately using a "channel", which can be a person, a blog, or a forum. It uses a JSON based Zot framework to implement secure decentralized communications and services. Hubzilla is packed with features such as social networking discussion threads, cloud file storage, calendar and contacts, web page hosting with a content management system, wiki and much more.

Prerequisites

  • A Vultr Ubuntu 16.04 server instance.
  • A sudo user.
  • A domain name pointed towards the instance.

For this tutorial, we will use hubzilla.example.com as the domain name pointed towards the Vultr instance. Please make sure to replace all occurrences of the example domain name with the actual one.

Update your base system using the guide How to Update Ubuntu 16.04. Once your system has been updated, proceed to install the dependencies.

Install Nginx

Nginx is a production web server to run web applications.

Install Nginx.

sudo apt -y install nginx

Start Nginx and enable it to automatically run at boot time.

sudo systemctl start nginx
sudo systemctl enable nginx

Install PHP 7.1

Hubzilla supports PHP versions above 5.6. We will install PHP 7.1 to ensure maximum speed, security, and compatibility. Add the Ubuntu repository for PHP 7.1.

sudo add-apt-repository --yes ppa:ondrej/php
sudo apt update

Install PHP version 7.1 along with the modules required by Hubzilla.

sudo apt -y install php7.1 php7.1-mysql php7.1-curl php7.1-json php7.1-cli php7.1-gd php7.1-xml php7.1-mbstring php7.1-fpm imagemagick php7.1-zip

Edit the PHP configuration file.

sudo nano /etc/php/7.1/fpm/php.ini

Find the following line. Uncomment it and set the appropriate timezone.

date.timezone = Asia/Kolkata
;Replace "Asia/Kolkata" with your appropriate time zone

Set an appropriate memory limit on the next configuration. Setting it to -1 will give unlimited available memory to a script. Also, increase the maximum file upload limits.

memory_limit = -1
upload_max_filesize = 100M
post_max_size = 100M

Next, find the following line and set its value to 0 after uncommenting it.

cgi.fix_pathinfo=0

Start php7.1-fpm and enable it to automatically start at boot time.

sudo systemctl restart php7.1-fpm
sudo systemctl enable php7.1-fpm

Create a session directory and provide writing permissions.

sudo mkdir /var/lib/php/session
sudo chmod -R 777 /var/lib/php/session

Now, proceed to the installation of MariaDB.

Install MariaDB

MariaDB is a fork of MySQL. Add the MariaDB repository to your system, as the default Ubuntu repository contains an older version of MariaDB.

sudo apt-key adv --recv-keys --keyserver hkp://keyserver.ubuntu.com:80 0xF1656F24C74CD1D8
sudo add-apt-repository 'deb [arch=amd64,i386,ppc64el] http://mirror.nodesdirect.com/mariadb/repo/10.2/ubuntu xenial main'
sudo apt update

Install MariaDB.

sudo apt -y install mariadb-server

Provide a strong password for the MariaDB root user when asked. Start MariaDB and enable it to automatically start at boot time.

sudo systemctl start mariadb
sudo systemctl enable mariadb

Before configuring the database, you will need to secure MariaDB. You can secure it by running the mysql_secure_installation script.

sudo mysql_secure_installation

You will be asked for the current MariaDB root password. Provide the password you have set during the installation. You will be asked if you wish to change the existing password of the root user of your MariaDB server. You can skip setting a new password, as you have already provided a strong password during installation. Answer "Y" to all of the other questions that are asked.

Log into the MySQL shell as root.

mysql -u root -p

Provide the password for the MariaDB root user to log in.

Run the following queries to create a database and a database user for the Hubzilla installation.

CREATE DATABASE hubzilla_data;
CREATE USER 'hubzilla_user'@'localhost' IDENTIFIED BY 'StrongPassword';
GRANT ALL PRIVILEGES ON hubzilla_data.* TO 'hubzilla_user'@'localhost';
FLUSH PRIVILEGES;
EXIT;

You can replace the database name hubzilla_data and username hubzilla_user according to your choice. Please make sure to change StrongPassword to a very strong password.

Install Hubzilla

Install Git. Git is required to clone the Hubzilla repository from Github.

sudo apt -y install git

Switch to the web root directory and clone the Hubzilla repository.

cd /var/www
sudo git clone https://github.com/redmatrix/hubzilla.git hubzilla

Create a new directory to store Hubzilla data.

cd hubzilla
sudo mkdir -p "store/[data]/smarty3"
sudo chmod -R 777 store

Clone and install Hubzilla addons.

sudo util/add_addon_repo https://github.com/redmatrix/hubzilla-addons.git hzaddons
sudo util/update_addon_repo hzaddons

Provide ownership of the directory and files to the Nginx user.

sudo chown -R www-data:www-data /var/www/hubzilla

Create a Virtual Host

It is important to have SSL installed on a Hubzilla site, as logins and other data may be compromised if not encrypted. In this tutorial, we will use SSL certificates obtained by Let's Encrypt certificate authority.

Add the Certbot repository.

sudo add-apt-repository --yes ppa:certbot/certbot
sudo apt-get update

Install Certbot, which is the client application for Let's Encrypt CA.

sudo apt -y install certbot

Note: To obtain certificates from Let's Encrypt CA, the domain for which the certificates are to be generated must be pointed towards the server. If not, make the necessary changes to the DNS records of the domain and wait for the DNS to propagate before making the certificate request again. Certbot checks the domain authority before providing the certificates.

Generate the SSL certificates.

sudo certbot certonly --webroot -w /var/www/html -d hubzilla.example.com

The generated certificates are likely to be stored in /etc/letsencrypt/live/hubzilla.example.com/. The SSL certificate will be stored as fullchain.pem and private key will be stored as privkey.pem.

Let's Encrypt certificates expire in 90 days, hence it is recommended to set up auto-renewal of the certificates using Cron jobs.

Open the cron job file.

sudo crontab -e

Add the following line at the end of the file.

30 5 * * * /usr/bin/certbot renew --quiet

The above cron job will run every day at 5:30 AM. If the certificate is due for expiration, it will be automatically renewed.

Create a new configuration file for Hubzilla Server.

sudo nano /etc/nginx/sites-available/hubzilla

Populate the file.

server {
  listen 80;
  server_name hubzilla.example.com;

  index index.php;
  root /var/www/hubzilla;
  rewrite ^ https://hubzilla.example.com$request_uri? permanent;
}

server {
  listen 443 ssl;
  server_name hubzilla.example.com;

  ssl on;
  ssl_certificate /etc/letsencrypt/live/hubzilla.example.com/fullchain.pem;
  ssl_certificate_key /etc/letsencrypt/live/hubzilla.example.com/privkey.pem;
  ssl_session_timeout 5m;
  ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
  ssl_ciphers ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS;
  ssl_prefer_server_ciphers on;

  fastcgi_param HTTPS on;

  index index.php;
  charset utf-8;
  root /var/www/hubzilla;
  access_log /var/log/nginx/hubzilla.log;
  client_max_body_size 20m;
  client_body_buffer_size 128k;

  location / {
    if ($is_args != "") {
        rewrite ^/(.*) /index.php?q=$uri&$args last;
    }
    rewrite ^/(.*) /index.php?q=$uri last;
  }

  location ^~ /.well-known/ {
    allow all;
    rewrite ^/(.*) /index.php?q=$uri&$args last;
  }

  location ~* \.(jpg|jpeg|gif|png|ico|css|js|htm|html|map|ttf|woff|woff2|svg)$ {
    expires 30d;
    try_files $uri /index.php?q=$uri&$args;
  }

  location ~* \.(tpl|md|tgz|log|out)$ {
    deny all;
  }

  location ~* \.php$ {

    try_files $uri =404;
    fastcgi_split_path_info ^(.+\.php)(/.+)$;    
    fastcgi_pass unix:/run/php/php7.1-fpm.sock;    
    include fastcgi_params;
    fastcgi_index index.php;
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
  }

  location ~ /\. {
    deny all;
  }

    location ~ /store {
        deny  all;
    }
}

Activate the configuration.

sudo ln -s /etc/nginx/sites-available/hubzilla /etc/nginx/sites-enabled/hubzilla

Test the Nginx web server configuration.

sudo nginx -t

You will see the following output.

user@vultr:~$ sudo nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

If you see no errors in the configuration, restart Nginx so that the new configuration can take effect.

sudo systemctl restart nginx

Wrapping Up

Navigate to https://hubzilla.example.com using your favorite browser and you will see the web page showing the "system check" interface. You will see that every requirement passes in the system check. On the next interface, provide the database details which you have created earlier. Next, provide the administrator email, website URL, and timezone. Hubzilla is now installed on your server, you can proceed to create the administrator user with the administrator email you used during installation.

Finally, you will need to set up cron to run the scheduled tasks every ten minutes.

Create a new file for the cron job.

sudo nano /etc/cron.d/hubzilla

Populate the file with the following.

*/10 * * * * www-data cd /var/www/hubzilla; /usr/bin/php Zotlabs/Daemon/Master.php Cron

Restart the cron service.

sudo systemctl restart cron

If you wish to create a local set of documentation, run the following commands.

cd /var/www/hubzilla
util/importdoc
sudo chown www-data:www-data -R /var/www/hubzilla

Hubzilla is now installed and configured, you can invite your friends and use the platform as desired.