Starting from scratch on a fresh install of Ubuntu 20.04.
First, update the system:
apt update
apt upgrade -y
There may be a kernel update that requires a reboot, but don't reboot yet.
Our Kanboard server will be hosted at kanboard.example.com so…
Edit /etc/hostname
to be
kanboard
And add an entry to the hosts file pointing to your server's public IP, in this example 1.2.3.4:
127.0.0.1 localhost # The following lines are desirable for IPv6 capable hosts ::1 localhost ip6-localhost ip6-loopback ff02::1 ip6-allnodes ff02::2 ip6-allrouters # Public-facing IP 1.2.3.4 projects.example.com projects
# Create a regular user, follow the prompts adduser johndoe # Add user to sudo group usermod -aG sudo johndoe # Change to the user su - johndoe # Make the .ssh folder. Specifying the "mode" sets the permissions just like chmod. mkdir -m 700 ~/.ssh # Create the authorized_keys file and paste your public key in it. vim ~/.ssh/authorized_keys # Remove group/others permissions from authorized_keys chmod 600 ~/.ssh/authorized_keys
Test that you can log in via SSH using your key. After confirming that it works, disable root login and password authentication for SSH. Open /etc/ssh/sshd_config
and change PermitRootLogin
and PasswordAuthentication
to no
.
Change the SSH port from 22 to something random Restart ssh:
systemctl restart ssh
We'll be using the PostgreSQL (postgres) database for Kanboard.
# Install the postgres packages apt install postgresql-12 postgresql-contrib -y # Switch to the postgres user su - postgres # Create database user for Kanboard (you will prompted to set a password, make it a good one) createuser -P kanboard_user # Create database for Kanboard createdb kanboard_projects -O kanboard_user
Open /etc/postgresql/12/main/pg_hba.conf
and add an entry for the Kanboard user/database. I put it below the default administrative login, so my pg_hba.conf
looks like:
# ... other stuff above ... # Database administrative login by Unix domain socket local all postgres peer # Kanboard local kanboard_projects kanboard_user md5 # ... more stuff below ...
Try to connect to the database:
# Reload postgres configuration systemctl reload postgresql # Connect to the kanboard database, you'll be prompted for the password psql -U kanboard_user kanboard_projects
# Install apache packages apt install apache2 -y # Disable the auto-indexing module a2dismod autoindex # Create kanboard html folders mkdir -p /var/www/html/kanboard/{logs,public_html,public_html/plugins}
Create /etc/apache2/sites-available/kanboard.conf
and paste the following into it:
# Apache configuration for kanboard # John Woltman # Based on LAMP stack example from Linode KeepAlive On # Recommended by Linode for a 2GB server, which projects currently is. <IfModule prefork.c> StartServers 4 MinSpareServers 20 MaxSpareServers 40 MaxClients 200 MaxRequestsPerChild 4500 </IfModule> <VirtualHost kanboard.example.com:80> ServerAdmin admin@example.com ServerName kanboard.example.com DocumentRoot /var/www/html/kanboard/public_html/ ErrorLog /var/www/html/kanboard/logs/error.log CustomLog /var/www/html/kanboard/logs/access.log combined <Directory /var/www/html/kanboard/public_html/> AllowOverride FileInfo Options=All,MultiViews AuthConfig </Directory> </VirtualHost>
apt install -y php7.4 php7.4-cli php7.4-gd php7.4-json php7.4-pgsql php7.4-mbstring php7.4-xml
We'll install Kanboard under /opt
# Clone repo git clone https://github.com/kanboard/kanboard /opt/kanboard # Create data folders mkdir -p /opt/kanboard/data/files/{avatars,tasks,thumbnails} # Change the owner of the data folder to the apache user, www-data chown -Rv www-data /opt/kanboard/data/ ln -s /opt/kanboard/assets /var/www/html/kanboard/public_html/ ln -s /opt/kanboard/.htaccess /var/www/html/kanboard/public_html/.htaccess ln -s /opt/kanboard/index.php /var/www/html/kanboard/public_html/index.php ln -s /opt/kanboard/favicon.ico /var/www/html/kanboard/public_html/favicon.ico ln -s /opt/kanboard/jsonrpc.php /var/www/html/kanboard/public_html/jsonrpc.php ln -s /opt/kanboard/robots.txt /var/www/html/kanboard/public_html/robots.txt