How to Install Selfoss RSS Reader on a Debian 9 LAMP VPS

Selfoss RSS Reader is a free and open source self-hosted web-based multipurpose, live stream, mashup, news feed (RSS/Atom) reader and universal aggregator. Selfoss RSS Reader features OPML import, a restful JSON API, and its open plug-in system allows you to easily extend the default functionality by writing your own custom data connectors. You can use Selfoss to live stream and collect all of your posts, tweets, podcasts, and feeds in one central place that you can easily access from any desktop or mobile device.

In this tutorial, we are going to install Selfoss RSS Reader 2.17 on a Debian 9 LAMP VPS using Apache web server, PHP 7.1, and a MariaDB database.

Prerequisites

• A clean Vultr Debian 9 server instance with SSH access

Step 1: Add a Sudo User

We will start by adding a new sudo user.

First, log into your server as root:

ssh root@YOUR_VULTR_IP_ADDRESS

The sudo command isn't installed by default in the Vultr Debain 9 server instance, so we will first install sudo:

apt-get -y install sudo

Now add a new user called user1 (or your preferred username):

adduser user1

When prompted, enter a secure and memorable password. You will also be prompted for your "Full Name" and some other details, but you can simply leave them blank by pressing Enter.

Now check the /etc/sudoers file to make sure that the sudoers group is enabled:

visudo

Look for a section like this:

%sudo        ALL=(ALL:ALL)       ALL

This line tells us that users who are members of the sudo group can use the sudo command to gain root privileges. It will be uncommented by default so you can simply exit the file.

Next we need to add user1 to the sudo group:

usermod -aG sudo user1

We can verify the user1 group membership and check that the usermod command worked with the groups command:

groups user1

Now use the su command to switch to the new sudo user user1 account:

su - user1

The command prompt will update to indicate that you are now logged into the user1 account. You can verify this with the whoami command:

whoami

Now restart the sshd service so that you can login via ssh with the new non-root sudo user account you have just created:

sudo systemctl restart sshd

Exit the user1 account:

exit

Exit the root account (which will disconnect your ssh session):

exit

You can now ssh into the server instance from your local host using the new non-root sudo user user1 account:

ssh user1@YOUR_VULTR_IP_ADDRESS

If you want to execute sudo without having to type a password every time, then open the /etc/sudoers file again, using visudo:

sudo visudo

Edit the section for the sudo group so that it looks like this:

%sudo   ALL=(ALL) NOPASSWD: ALL

Please note: Disabling the password requirement for the sudo user is not a recommended practice, but it is included here as it can make server configuration much more convenient and less frustrating, especially during longer systems administration sessions. If you are concerned about the security implications, you can always revert the configuration change to the original after you finish your administration tasks.

Whenever you want to log into the root user account from within the sudo user account, you can use one of the following commands:

sudo -i
sudo su -

You can exit the root account and return back to your sudo user account at any time:

exit

Step 2: Update Debian 9 System

Before installing any packages on the Debian server instance, we will first update the system.

Make sure you are logged in to the server using a non-root sudo user and run the following commands:

sudo apt-get update
sudo apt-get -y upgrade

Step 3: Install Apache Web Server

Install the Apache web server:

sudo apt-get -y install apache2 

Then use the systemctl command to start and enable Apache to execute automatically at boot time:

sudo systemctl enable apache2
sudo systemctl start apache2

Check your Apache default site configuration file to ensure that the DocumentRoot directive points to the correct directory:

sudo vi /etc/apache2/sites-enabled/000-default.conf 

The DocumentRoot configuration option will look like this:

DocumentRoot "/var/www/html"

We now need to enable the mod_rewrite Apache module, so ensure that your Apache default site configuration file is still open, and add the following Directory Apache directives just before the closing </VirtualHost> tag, so that the end of your configuration file looks like this:

    <Directory /var/www/html/>
        Options Indexes FollowSymLinks MultiViews
        AllowOverride All
        Order allow,deny
        allow from all
    </Directory>
</VirtualHost>

The most important directive shown above is AllowOverride All.

Now save and exit the file, and enable the mod_rewrite, mod_authz_core and mod_headers Apache modules:

sudo a2enmod rewrite authz_core headers

We will restart Apache at the end of this tutorial, but restarting Apache regularly during installation and configuration is certainly a good habit, so let's do it now:

sudo systemctl restart apache2

Step 4: Install PHP 7.0

We can now install PHP 7.0 along with all of the necessary PHP modules required by Selfoss RSS Reader:

sudo apt-get -y install php php-gd php-mbstring php-common php-mysql php-imagick php-xml libapache2-mod-php php-curl php-tidy php-zip

Step 5: Install MariaDB (MySQL) Server

Debian 9 defaults to using MariaDB database server, which is an enhanced, fully open source, community developed, drop-in replacement for MySQL server.

Install MariaDB database server:

sudo apt-get -y install mariadb-server

Start and enable MariaDB server to execute automatically at boot time:

sudo systemctl enable mariadb
sudo systemctl start mariadb    

Secure your MariaDB server installation:

sudo mysql_secure_installation

The root password will be blank, so simply hit enter when prompted for the root password.

When prompted to create a MariaDB/MySQL root user, select "Y" (for yes) and then enter a secure root password. Simply answer "Y" to all of the other yes/no questions as the default suggestions are the most secure options.

Step 6: Create Database for Selfoss RSS Reader

Log into the MariaDB shell as the MariaDB root user by running the following command:

sudo mariadb -u root -p

To access the MariaDB command prompt, simply enter the MariaDB root password when prompted.

Run the following queries to create a MariaDB database and database user for Selfoss RSS Reader:

CREATE DATABASE selfoss_db CHARACTER SET utf8 COLLATE utf8_general_ci;
CREATE USER 'selfoss_user'@'localhost' IDENTIFIED BY 'UltraSecurePassword';
GRANT ALL PRIVILEGES ON selfoss_db.* TO 'selfoss_user'@'localhost';
FLUSH PRIVILEGES;
EXIT;

You can replace the database name selfoss_db and username selfoss_user with something more to your liking, if you prefer. Also, make sure that you replace "UltraSecurePassword" with an actually secure password.

Step 7: Install Selfoss RSS Reader Files

Change your current working directory to the default web directory:

cd /var/www/html/

If you get an error message saying something like 'No such file or directory' then try the following command:

cd /var/www/ ; sudo mkdir html ; cd html

Your current working directory will now be: /var/www/html/. You can check this with the pwd (print working directory) command:

pwd

Now use wget to download the Selfoss RSS Reader installation package:

sudo wget --content-disposition https://github.com/SSilence/selfoss/archive/2.17.zip

Please note: You should definitely check for the most recent version by visiting the Selfoss RSS Reader download page.

List the current directory to check that you have successfully downloaded the file:

ls -la

Remove index.html:

sudo rm index.html

Let's quickly install unzip so we can unzip the file:

sudo apt-get -y install unzip

Now uncompress the zip archive:

sudo unzip selfoss-2.17.zip

Move all of the installation files to the web root directory:

sudo mv -v selfoss-2.17/* selfoss-2.17/.* /var/www/html 2>/dev/null

Change ownership of the web files to avoid any permissions problems:

sudo chown -R www-data:www-data * ./

Restart Apache again:

sudo systemctl restart apache2

Step 8: Install and Run Composer

Selfoss RSS Reader requires us to use composer to download some plugins so let's install composer:

sudo apt-get -y install composer

Now make sure you are in the webroot directory:

cd /var/www/html

Run composer using the www-data user:

sudo -u www-data composer install 

You will see some warning messages from composer about not being able to write to the cache, but don't worry too much about that as everything will still install just fine.

We're now ready to move on to the final step.

Step 9: Complete Selfoss RSS Reader Installation

1. We first need to update the Selfoss RSS Reader configuration file config.ini with the correct database settings so make sure you are still in the webroot directory and copy defaults.ini to config.ini:

   sudo cp -iv defaults.ini config.ini
   

2. Next, open the config.ini configuration file and add the following database values:

   [globals]
   db_type=mysql
   db_host=localhost
   db_database=selfoss_db
   db_username=selfoss_user
   db_password=UltraSecurePassword
   db_port=3306
   

3. We now need to add a password hash to config.ini, but first we need to generate it, so visit the following URL in your browser:

   http://YOUR_VULTR_IP_ADDRESS/password
   

   Then enter your desired password into the Password field and click on Generate.

   Simply copy the resulting hash value to the password option in the config.ini file so the password section now looks something like this:

   username=admin
   password=b729a37c34ff9648c33d67de3b289b58b7486dd71236343a6c2c275c2cc0477bd1d254eb92248bfa753169547d4bd2e81c2c9e460ba5bba822af1e87722dd12a
   salt=<long string of random chracters>
   

   Note: Your password hash will obviously be different to the hash shown above and you are free to choose a different username.

4. Remove all of the other unedited options from the config.ini file so your complete configuration file looks similar to this:

   [globals]
   db_type=mysql
   db_host=localhost
   db_database=db1
   db_username=u1
   db_password=usecpass1
   db_port=3306
   username=admin
   password=b729a37c34ff9648c33d67de3b289b58b7486dd71236343a6c2c275c2cc0477bd1d254eb92248bfa753169547d4bd2e81c2c9e460ba5bba822af1e87722dd12a
   salt=<long string of random chracters>
   

   Note: If you want to change any of the defaults.ini options, you can simply add them to the list of options above.

   When you have finished editing the configuration file, you can save and exit the file.

5. You can now login to Selfoss RSS Reader by visiting the home page and entering your username and password:

    http://YOUR_VULTR_IP_ADDRESS/
   

6. If you want the reader to auto-update your feeds (and you almost certainly do), you will need to edit your crontab:

   sudo crontab -e
   

   Add the following line to refresh your feeds hourly:

   0 * * * * www-data cd /var/www/html && php cliupdate.php
   

If you haven't yet configured your Vultr DNS settings, you can do so using the Vultr DNS control panel.

It's also advisable to configure your site to use SSL as most modern browsers will give warnings when sites do not have SSL enabled and SSL certificates are now available for free.

In any case, you are now free to start adding your feeds and further customizing your reader, if you desire.