This is the propeller-hat follow up post on yesterday's thoughts on replacing Google Reader with a local Selfoss RSS aggregator instance running on a Raspberry Pi. As it's not a 2 minute straight forward installation I thought the results of my efforts might be useful to some of you as well. And as a goodie, I have some tips at the end of how to disable http so only https is exposed to the outside world and how to do http digest authentication to ensure bad guys don't even get to try anything funny in case the Apache web server configuration is not quite water tight. So here we go:
- Most importantly, use a fresh Raspian image without Apache or PHP already installed
- Create a folder selfoss in your homefolder (mkdir selfoss) and download the file
mkdir selfoss
cd selfoss
wget http://selfoss.aditu.de/selfoss-2.X.zip into it (2.X -> replace with current version number, check here).
- Unzip the file
unzip selfoss-2.3.zip
- Make sure your .htaccess file has:
"RewriteEngine On" and
"RewriteBase /selfoss (double check there's no "#" at the beginning of the line)
- Change permissions via
chmod a+w data/cache data/favicons data/logs data/thumbnails data/sqlite public/
- Change the ownership of the "selfoss" folder and all content to www-data
cd ..
sudo chown -R www-data:www-data selfoss
- Now install apache2 with php:
sudo apt-get update && sudo apt-get upgrade
sudo apt-get install apache2 php5 sqlite libapache2-mod-php5 php5-sqlite php5-gd
- Enable rewrite and headers:
sudo a2enmod rewrite
sudo a2enmod headers
sudo a2enmod php5
sudo service apache2 restart
- Change rewrite-settings
in /etc/apache2/sites-available/default and also
in /etc/apache2/sites-available/default-ssl
by setting "AllowOverride All"
- Change directory to "/var/www" and create a link to your installation of selfoss via
sudo ln -s /home/pi/selfoss
At this point things should be working so give it a try by going to http://localhost/selfoss
Once you are happy with the setup, here are some additionl steps for privacy and security:
- Password Protect Basic HTTP Access Moin Moin Wiki via Apache Pwd Protection: Put the following Directory configuration in /etc/apache2/apache2.conf somewhere at the end:
<Directory />
AuthType Basic
AuthName "Wiki"
AuthBasicProvider file
AuthUserFile /etc/apache2/pwd.txt
Require user PUT_IN_YOUR_USERNAME
</Directory>
- For some reason this does not protect the root directory. Therefore create a .htaccess file in the root directory (in /var/www) and put the same info inside minus the directory xml lines.
- Give .htaccess the right owner:
sudo chown www-data:www-data /var/www/.htaccess
- Create the password file referenced above:
sudo htpasswd -c /etc/apache2/pwd.txt PUT_IN_YOUR_USERNAME
New password: mypassword
Re-type new password: mypassword
Adding password for user xxxxx
- And finally, block port 80 by commenting out 'Listen 80' in /etc/apache2/ports.conf by putting a # in front of the line.
- Finish with a sudo service apache2 restart
Auto Update The Feeds
- To always have the content on Selfoss updated put the following line in /etc/crontab to update once an hour at 41 minutes past the hour:
41 * * * * root wget –no-check-certificate –user=xxx –password="xxxx" https://localhost/selfoss/Update
- Note the upper case 'U' in Update, it won't work with a lower case.
- Also note that the no check certificate flag is necessary by the way as we use self generated https certificates that can't be validated.
* The pwd.txt file has to be created by using:
Thank you so much!
I managed to install selfoss with lighttpd before, but not with Apache.
You notes were really helpful!
Several informations are missing on the official website (for example the part with the AllowOverride All) as they probably consider everyone know this kind of stuff…