Ech0 - 00 / 00 / 00

FreshRSS Installation

In this tutorial we're going to install FreshRSS which is a self hostable aggregator.

Initial Setup

Now here before we start our CT, let's make sure it has the nesting feature:

Once that's done, start it and go into the console to setup the key-based SSH authentication:


root@freshrss:~# apt update -y ; apt upgrade -y ; apt install vim -y    
	

Once that's done, do the following:


wget https://raw.githubusercontent.com/ech1/serverside/master/ssh/ssh.sh ; chmod +x ssh.sh ; ./ssh.sh

This is going to setup a custom sshd config along with generating the private+public ssh keypair you're going to use:


Generating public/private ed25519 key pair.
Enter file in which to save the key (/root/.ssh/id_ed25519): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_ed25519.
Your public key has been saved in /root/.ssh/id_ed25519.pub.
The key fingerprint is:
SHA256:nXNoHBUKek4RF1vf7zkriit7j0P7HvsdTfvmJuv7hhQ root@freshrss
The key's randomart image is:
+--[ED25519 256]--+
|        +.o.+.   |
|       . + = . . |
|      . o +   . .|
|       + o +  E .|
|        S B .  .o|
|         o o  .o+|
|        . .. . *o|
|       . +o o.+ O|
|       .++**oo=%+|
+----[SHA256]-----+
* ssh.service - OpenBSD Secure Shell server
   Loaded: loaded (/lib/systemd/system/ssh.service; enabled; vendor preset: enabled)
   Active: active (running) since Wed 2021-04-14 18:22:47 UTC; 42s ago
     Docs: man:sshd(8)
           man:sshd_config(5)
  Process: 9261 ExecStartPre=/usr/sbin/sshd -t (code=exited, status=0/SUCCESS)
 Main PID: 9262 (sshd)
    Tasks: 1 (limit: 7372)
   Memory: 1.4M
   CGroup: /system.slice/ssh.service
           `-9262 /usr/sbin/sshd -D

Apr 14 18:22:47 freshrss systemd[1]: Starting OpenBSD Secure Shell server...
Apr 14 18:22:47 freshrss sshd[9262]: Server listening on 0.0.0.0 port 22.
Apr 14 18:22:47 freshrss sshd[9262]: Server listening on :: port 22.
Apr 14 18:22:47 freshrss systemd[1]: Started OpenBSD Secure Shell server.
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host 
    inet 10.0.0.170/16 brd 10.0.255.255 scope global eth0
    inet6 fe80::d48c:1ff:fe59:81c3/64 scope link 
[+] ON A REMOTE HOST RUN THE FOLLOWING:
[+] wget http://ip:8080/id25519 -O ~/.ssh/node.pkey
[+] chmod 600 ~/.ssh/node.pkey
Serving HTTP on 0.0.0.0 port 8080 (http://0.0.0.0:8080/) ...
	

Next just get the SSH key on your host:


[ 10.0.0.10/16 ] [ /dev/pts/22 ] [~]
→ curl http://10.0.0.170:8080




Directory listing for /


Directory listing for /



[ 10.0.0.10/16 ] [ /dev/pts/22 ] [~] → curl http://10.0.0.170:8080/id_ed25519 -----BEGIN OPENSSH PRIVATE KEY----- b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW QyNTUxOQAAACBLSalP3AIC6HgRJAWHAfY5Yy+D+QO6Zp848PD7vsV38gAAAJDLltvqy5bb 6gAAAAtzc2gtZWQyNTUxOQAAACBLSalP3AIC6HgRJAWHAfY5Yy+D+QO6Zp848PD7vsV38g AAAEDRtm6dia8H7JWV3rngRvo4Aq/oiIe2ViQb6uSBzNRZsEtJqU/cAgLoeBEkBYcB9jlj L4P5A7pmnzjw8Pu+xXfyAAAADXJvb3RAZnJlc2hyc3M= -----END OPENSSH PRIVATE KEY----- [ 10.0.0.10/16 ] [ /dev/pts/22 ] [~] → curl http://10.0.0.170:8080/id_ed25519 > ~/.ssh/freshrss % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 399 100 399 0 0 194k 0 --:--:-- --:--:-- --:--:-- 194k [ 10.0.0.10/16 ] [ /dev/pts/22 ] [~] → chmod 600 ~/.ssh/freshrss [ 10.0.0.10/16 ] [ /dev/pts/22 ] [~] → ssh root@10.0.0.170 -i ~/.ssh/freshrss Last login: Wed Apr 14 18:19:07 2021 The programs included with the Debian GNU/Linux system are free software; the exact distribution terms for each program are described in the individual files in /usr/share/doc/*/copyright. Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent permitted by applicable law. root@freshrss:~# id uid=0(root) gid=0(root) groups=0(root)

Now that's done, Hit CTRL+C on the proxmox CT TTY Console to end the python http server (where you got your private ssh keys).

Configurations



Let's install the required dependencies:


root@freshrss:~# apt install php7.3-{curl,pgsql,dom,mysql,json,gmp,mbstring,iconv,zip,xml} php-dompdf nginx postgresql git -y
	

First things first let's configure nginx and enable the site:


root@freshrss:~# vim /etc/nginx/sites-available/freshrss.conf
	
server {
	listen 80;
	listen 443 ssl;

	# HTTPS configuration
	#ssl on;
	#ssl_certificate /etc/nginx/server.crt;
	#ssl_certificate_key /etc/nginx/server.key;

	# your server’s URL(s)
	#server_name rss.example.net;

	# the folder p of your FreshRSS installation
	root /var/www/html/p/;

	index index.php index.html index.htm;

	# nginx log files
	access_log /var/log/nginx/rss.access.log;
	error_log /var/log/nginx/rss.error.log;

	# php files handling
	# this regex is mandatory because of the API
	location ~ ^.+?\.php(/.*)?$ {
		fastcgi_pass unix:/var/run/php/php7.3-fpm.sock;
		fastcgi_split_path_info ^(.+\.php)(/.*)$;
		# By default, the variable PATH_INFO is not set under PHP-FPM
		# But FreshRSS API greader.php need it. If you have a “Bad Request” error, double check this var!
		# NOTE: the separate $path_info variable is required. For more details, see:
		# https://trac.nginx.org/nginx/ticket/321
		set $path_info $fastcgi_path_info;
		fastcgi_param PATH_INFO $path_info;
		include fastcgi_params;
		fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
	}

	location / {
		try_files $uri $uri/ index.php;
	}
}

:wq

root@freshrss:~# ln -s /etc/nginx/sites-available/freshrss.conf /etc/nginx/sites-enabled/
root@freshrss:~# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

Next go into /usr/share to clone the FreshRSS git repository:


root@freshrss:~# cd /usr/share/
root@freshrss:/usr/share# git clone https://github.com/FreshRSS/FreshRSS.git
Cloning into 'FreshRSS'...
remote: Enumerating objects: 247, done.
remote: Counting objects: 100% (247/247), done.
remote: Compressing objects: 100% (172/172), done.
remote: Total 36720 (delta 111), reused 110 (delta 74), pack-reused 36473
Receiving objects: 100% (36720/36720), 16.24 MiB | 3.38 MiB/s, done.
Resolving deltas: 100% (26161/26161), done.
	
root@freshrss:/usr/share# cd FreshRSS/
root@freshrss:/usr/share/FreshRSS# chown -R :www-data .
root@freshrss:/usr/share/FreshRSS# chmod -R g+r .
root@freshrss:/usr/share/FreshRSS# chmod -R g+w ./data/
root@freshrss:/usr/share/FreshRSS# chmod -R g+w .
root@freshrss:/usr/share/FreshRSS# ln -s /usr/share/FreshRSS/p /var/www/html/


root@freshrss:/usr/share/FreshRSS# ls -lash /var/www/html/
total 24K
4.0K drwxr-xr-x 2 root root 4.0K Apr 14 18:48 .
4.0K drwxr-xr-x 3 root root 4.0K Apr 14 18:34 ..
 12K -rw-r--r-- 1 root root  11K Apr 14 18:35 index.html
4.0K -rw-r--r-- 1 root root  612 Apr 14 18:34 index.nginx-debian.html
   0 lrwxrwxrwx 1 root root   21 Apr 14 18:48 p -> /usr/share/FreshRSS/p

Once that's done we're going to setup the PostgreSQL database for FreshRSS:


root@freshrss:/usr/share/FreshRSS# su - postgres
postgres@freshrss:~$ psql
psql (11.11 (Debian 11.11-0+deb10u1))
Type "help" for help.

postgres=# create user freshrss password 'P@SSW0RD';
CREATE ROLE
postgres=# create database freshrss;
CREATE DATABASE
postgres=# alter database freshrss owner to freshrss;
ALTER DATABASE
postgres=# grant all privileges on database freshrss to freshrss;
GRANT
postgres=# \q
	

Once that's done, start nginx (don't forget to remove the default config if you're only going to use http and no domain name) and go to your web brower to continue the installation via frehrss's webGUI


root@freshrss:/usr/share/FreshRSS# rm /etc/nginx/sites-available/default

root@freshrss:/usr/share/FreshRSS# rm /etc/nginx/sites-enabled/default

root@freshrss:/usr/share/FreshRSS# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

root@freshrss:/usr/share/FreshRSS# systemctl restart nginx

root@freshrss:/usr/share/FreshRSS# systemctl status nginx

root@freshrss:/usr/share/FreshRSS# ip a | grep inet
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host
    inet 10.0.0.170/16 brd 10.0.255.255 scope global eth0
    inet6 fe80::d48c:1ff:fe59:81c3/64 scope link

So here we login to the PostgreSQL database at localhost with the credentials we set earlier freshrss:P@SSW0RD

And there you have it! We have been able to setup a FreshRSS instance.

Importing RSS Feeds



Let's add a few RSS feeds, for example the Ubuntu RSS feeds:

Paste the link in, and hit 'Add':

And there you go! We have been able to import a RSS feed.

My Bunker

Some Address 67120,
Duttlenheim, France.

About Ech0

This cute theme was created to showcase your work in a simple way. Use it wisely.