How to Install Flarum Community Software on Ubuntu 24.04

How to Install Flarum Community Software on Ubuntu 24.04

Flarum is an open-source discussion software that is the combined successor of esoTalk and FluxBB boards. It is written in PHP, and its interface is powered by Mithril, a JavaScript framework with a tiny footprint. It is responsive, fast, and supports extensions via a powerful Extension API. It is also lightweight, so it can run on a fairly cheaper server.

In this tutorial, we will learn how to install Flarum Community Software on a server based on Ubuntu 24.04.


  • A server running Ubuntu 24.04.

  • A non-root user with sudo privileges.

  • A Fully Qualified Domain Name (FQDN) like flarum.example.com pointing to your server.

  • Make sure your server has swap storage enabled if you are on a server with 1GB RAM.

  • Make sure everything is updated.$ sudo apt update && sudo apt upgrade

  • A few essential packages are required for the tutorial and Flarum to run. Some of these will already be on your server.$ sudo apt install wget curl nano ufw software-properties-common dirmngr apt-transport-https gnupg2 ca-certificates lsb-release ubuntu-keyring unzip -y

Step 1 – Configure Firewall

The first step is to configure the firewall. Debian comes with ufw (Uncomplicated Firewall) by default.

Check if the firewall is running.$ sudo ufw status

You will get the following output.Status: inactive

Allow SSH port so that the firewall doesn’t break the current connection upon enabling it.$ sudo ufw allow OpenSSH

Allow HTTP and HTTPS ports as well.$ sudo ufw allow http
$ sudo ufw allow https

Enable the Firewall$ sudo ufw enable
Command may disrupt existing ssh connections. Proceed with operation (y|n)? y
Firewall is active and enabled on system startup

Check the status of the firewall again.$ sudo ufw status

You should see a similar output.Status: active

To Action From
-- ------ ----
OpenSSH ALLOW Anywhere
80/tcp ALLOW Anywhere
443 ALLOW Anywhere
OpenSSH (v6) ALLOW Anywhere (v6)
80/tcp (v6) ALLOW Anywhere (v6)
443 (v6) ALLOW Anywhere (v6)

Step 2 – Install Nginx

Ubuntu 24.04 ships with an older version of Nginx. To install the latest version, you need to download the official Nginx repository.

Import Nginx’s signing key.$ curl https://nginx.org/keys/nginx_signing.key | gpg --dearmor
| sudo tee /usr/share/keyrings/nginx-archive-keyring.gpg >/dev/null

Add the repository for Nginx’s stable version.$ echo "deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] http://nginx.org/packages/ubuntu `lsb_release -cs` nginx"
| sudo tee /etc/apt/sources.list.d/nginx.list

Set up repository pinning to give preference to the official repository over the Ubuntu packages.echo -e "Package: *nPin: origin nginx.orgnPin: release o=nginxnPin-Priority: 900n"
| sudo tee /etc/apt/preferences.d/99nginx

Update the system repositories.$ sudo apt update

Install Nginx.$ sudo apt install nginx

Verify the installation.$ nginx -v
nginx version: nginx/1.26.1

Start the Nginx server.$ sudo systemctl start nginx

Check the service status.$ sudo systemctl status nginx
? nginx.service - nginx - high performance web server
Loaded: loaded (/usr/lib/systemd/system/nginx.service; enabled; preset: enabled)
Active: active (running) since Mon 2024-06-03 10:41:52 UTC; 2s ago
Docs: https://nginx.org/en/docs/
Process: 1817 ExecStart=/usr/sbin/nginx -c /etc/nginx/nginx.conf (code=exited, status=0/SUCCESS)
Main PID: 1818 (nginx)
Tasks: 3 (limit: 4543)
Memory: 2.9M (peak: 3.1M)
CPU: 15ms
CGroup: /system.slice/nginx.service
??1818 "nginx: master process /usr/sbin/nginx -c /etc/nginx/nginx.conf"
??1819 "nginx: worker process"
??1820 "nginx: worker process"

Jun 03 10:41:52 flarum systemd[1]: Starting nginx.service - nginx - high performance web server...
Jun 03 10:41:52 flarum systemd[1]: Started nginx.service - nginx - high performance web server.

Open your server’s IP address in your web browser. You should see the following page which means your server is up and running.

Step 3 – Install PHP

Ubuntu 24.04 ships with PHP 8.3 by default. You can install it by running the following command.$ sudo apt install php-cli php-fpm php-mysql php-xml php-gd php-json php-mbstring php-zip php-curl -y

To always stay on the latest version of PHP or if you want to install multiple versions of PHP, add Ondrej’s PHP repository.

Add Ondrej Sury’s PHP repository.$ sudo add-apt-repository ppa:ondrej/php

Update the system repository list.$ sudo apt update

You can ignore the following error. Launchpad doesn’t support the stronger encryption algorithm required by Ubuntu 24.04. The message should go away soon.

Next, install PHP and the extensions required by Flarum.$ sudo apt install php8.3-cli php8.3-fpm php8.3-mysql php8.3-xml php8.3-gd php8.3-mbstring php8.3-zip php8.3-curl -y

Check if PHP is working correctly.$ php --version

You should see a similar output.PHP 8.3.7 (cli) (built: May 23 2024 12:36:54) (NTS)
Copyright (c) The PHP Group
Zend Engine v4.3.7, Copyright (c) Zend Technologies
with Zend OPcache v8.3.7, Copyright (c), by Zend Technologies

Step 4 – Install Composer

Composer is a dependency manager for PHP. Composer is needed by Flarum to install various components it needs to install and run.

Run the following commands to install Composer. First, we grab the installer, check for the hash to verify it, and then run the installer using the PHP command line. Then, we move the binary to the /usr/local/bin directory.$ php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
$ php -r "if (hash_file('sha384', 'composer-setup.php') === 'dac665fdc30fdd8ec78b38b9800061b4150413ff2e3b6f88543c636f7cd84f6db9189d43a81e5503cda447da73c7e5b6') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"
$ php composer-setup.php
$ php -r "unlink('composer-setup.php');"
$ sudo mv composer.phar /usr/local/bin/composer

Check whether the Composer is installed properly.$ composer --version
Composer version 2.7.6 2024-05-04 23:03:15
PHP version 8.3.7 (/usr/bin/php8.3)
Run the "diagnose" command to get more detailed diagnostics output.

Step 5 – Install MariaDB

MariaDB is a drop-in replacement for MySQL, which means that the commands to run and operate MariaDB are the same as those for MySQL.

Ubuntu 24.04, by default, ships with MariaDB 10.11.7, which is a bit outdated. You need to use the official repository to get the latest stable version of MariaDB. The official repository for Ubuntu 24.04 is not listed on the MariaDB download page, but it worked when this tutorial was written.

Import MariaDB’s GPG key.$ sudo curl -o /etc/apt/keyrings/mariadb-keyring.pgp 'https://mariadb.org/mariadb_release_signing_key.pgp'

Create MariaDB’s repository file.$ echo "deb [signed-by=/etc/apt/keyrings/mariadb-keyring.pgp] https://deb.mariadb.org/10.11/ubuntu `lsb_release -cs` main" | sudo tee /etc/apt/sources.list.d/mariadb-server.list

Update the system repository list.$ sudo apt update

Issue the following command to install the MariaDB server.$ sudo apt install mariadb-server -y

Check if MariaDB is installed correctly.$ mysql --version

You should see the following output.mysql Ver 15.1 Distrib 10.11.8-MariaDB, for debian-linux-gnu (x86_64) using EditLine wrapper

You can also use mariadb --version to check the version.

MariaDB service is already enabled and running. Check its status using the following command.$ sudo systemctl status mariadb
? mariadb.service - MariaDB 10.11.8 database server
Loaded: loaded (/usr/lib/systemd/system/mariadb.service; enabled; preset: enabled)
Drop-In: /etc/systemd/system/mariadb.service.d
Active: active (running) since Mon 2024-06-03 11:31:09 UTC; 27s ago
Docs: man:mariadbd(8)
Process: 14981 ExecStartPre=/usr/bin/install -m 755 -o mysql -g root -d /var/run/mysqld (code=exited, status=0/SUCCESS)
Process: 14983 ExecStartPre=/bin/sh -c systemctl unset-environment _WSREP_START_POSITION (code=exited, status=0/SUCCESS)
Process: 14985 ExecStartPre=/bin/sh -c [ ! -e /usr/bin/galera_recovery ] && VAR= || VAR=`cd /usr/bin/..; /usr/bin/galera_recovery`; [ $? -eq 0 ] && systemctl set-environment _WSREP_START_POSITION=$VAR ||> Process: 15029 ExecStartPost=/bin/sh -c systemctl unset-environment _WSREP_START_POSITION (code=exited, status=0/SUCCESS)
Process: 15032 ExecStartPost=/etc/mysql/debian-start (code=exited, status=0/SUCCESS)
Main PID: 15015 (mariadbd)
Status: "Taking your SQL requests now..."
Tasks: 14 (limit: 29985)
Memory: 78.9M (peak: 81.8M)
CPU: 559ms
CGroup: /system.slice/mariadb.service
??15015 /usr/sbin/mariadbd

Run the following command to perform default configuration, such as giving a root password, removing anonymous users, disallowing root login remotely, and dropping test tables.$ sudo mariadb-secure-installation

You will be asked for your root password. Since we don’t have any root password set, press the Enter key to proceed.NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB

In order to log into MariaDB to secure it, we'll need the current
password for the root user. If you've just installed MariaDB, and
haven't set the root password yet, you should just press enter here.

Enter current password for root (enter for none): [PRESS ENTER] OK, successfully used password, moving on...

Next, you will be asked if you want to switch to the unix_socket plugin. The unix_socket plugin allows you to log in to MariaDB with your Linux user credentials. Choose n to skip switching to it since you already have a protected root account.Setting the root password or using the unix_socket ensures that nobody
can log into the MariaDB root user without the proper authorisation.

You already have your root account protected, so you can safely answer 'n'.

Switch to unix_socket authentication [Y/n] n
... skipping.

Next, you will be asked if you want to change your root password. On Ubuntu 24.04, the root account for MariaDB is tied closely to automated system maintenance, so you should not change the configured authentication methods for the account. Doing so would allow a package update to break the database system by removing access to the administrative account. Type n to proceed.You already have your root account protected, so you can safely answer 'n'.

Change the root password? [Y/n] n
... skipping.

From here on, press y and then Enter to accept defaults for all the following questions. This will remove access to anonymous users, test databases, disable remote root login, and load the changes.By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n] y
... Success!

Normally, root should only be allowed to connect from 'localhost'. This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n] y
... Success!

By default, MariaDB comes with a database named 'test' that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n] y
- Dropping test database...
... Success!
- Removing privileges on test database...
... Success!

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n] y
... Success!

Cleaning up...

All done! If you've completed all of the above steps, your MariaDB
installation should now be secure.

Thanks for using MariaDB!

That’s it. Next time you want to log in to the MariaDB shell, use the following command.$ sudo mysql

Enter your Linux root password when prompted.Welcome to the MariaDB monitor. Commands end with ; or g.
Your MariaDB connection id is 37
Server version: 10.11.8-MariaDB-ubu2404 mariadb.org binary distribution

Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or 'h' for help. Type 'c' to clear the current input statement.

MariaDB [(none)]>

Press exit to close the MariaDB shell.

Step 6 – Configure MariaDB

Login to MariaDB shell.$ sudo mysql

Create a new MySQL database, database user, and password for your Flarum installation.MariaDB> CREATE DATABASE flarum;
MariaDB> CREATE USER 'flarumuser'@'localhost' IDENTIFIED BY 'yourpassword';
MariaDB> GRANT ALL PRIVILEGES ON flarum.* TO 'flarumuser'@'localhost';

Replace flarum, flarumuser and yourpassword with the credentials of your choice. Choose a strong password.

Also, create an administrative user with the same capabilities as the root account.MariaDB> GRANT ALL ON *.* TO 'admin'@'localhost' IDENTIFIED BY 'password' WITH GRANT OPTION;

Flush the privileges to ensure that they are saved in the current session.MariaDB> FLUSH PRIVILEGES;

Exit the MariaDB shell.MariaDB> exit

Step 7 – Install Flarum

Create a directory where Flarum will live.$ sudo mkdir /var/www/flarum -p

Using the -p directive creates parent directories that didn’t exist before.

Change the ownership for the Flarum directory to the currently logged-in Linux user so you can perform commands without using sudo.$ sudo chown -R $USER:$USER /var/www/flarum

Allow write access to the directory.$ sudo chmod 775 -R /var/www/flarum

Navigate to the installation folder.$ cd /var/www/flarum

Download and Install Flarum using Composer.$ composer create-project flarum/flarum .

Change the ownership of the Flarum directory to nginx for the Nginx server.$ sudo chown -R nginx:nginx /var/www/flarum

From here on, Composer will need sudo permissions to run, which is not recommended. You can also change the directory’s group permissions to your Linux user and change them back to nginx after completing Composer. This is not an ideal solution as it requires you to perform the same commands repetitively. A more permanent solution is to add your username to the nginx group. Run the following command to add your currently logged-in Linux user to the nginx group.$ sudo usermod -a -G nginx $USER

To apply the new group membership, log out of the server and back in, or type the following.su - ${USER}

Step 8 – Install SSL

We need to install Certbot to generate the SSL certificate. You can either install Certbot using Debian’s repository or grab the latest version using the Snapd tool. We will be using the Snapd version. Ubuntu 24.04 comes with Snapd installed.

Run the following commands to ensure that your version of Snapd is up to date.$ sudo snap install core && sudo snap refresh core

Install Certbot.$ sudo snap install --classic certbot

Use the following command to ensure that the Certbot command can be run by creating a symbolic link to the /usr/bin directory.$ sudo ln -s /snap/bin/certbot /usr/bin/certbot

Verify if Certbot is functioning correctly.$ certbot --version
certbot 2.10.0

Generate the SSL certificate.$ sudo certbot certonly --nginx --agree-tos --no-eff-email --staple-ocsp --preferred-challenges http -m [email protected] -d flarum.example.com

The above command will download a certificate to the /etc/letsencrypt/live/flarum.example.com directory on your server.

Generate a Diffie-Hellman group certificate.$ sudo openssl dhparam -dsaparam -out /etc/ssl/certs/dhparam.pem 4096

Check the Certbot renewal scheduler service.$ sudo systemctl list-timers

You will find snap.certbot.renew.service as one of the services scheduled to run.NEXT LEFT LAST PASSED UNIT ACTIVATES
Mon 2024-06-03 11:39:00 UTC 36s Mon 2024-06-03 11:09:06 UTC 29min ago phpsessionclean.timer phpsessionclean.service
Mon 2024-06-03 13:09:56 UTC 1h 31min Mon 2024-06-03 10:34:09 UTC - motd-news.timer motd-news.service
Mon 2024-06-03 21:58:00 UTC 10h - - snap.certbot.renew.timer snap.certbot.renew.service

Do a dry run of the process to check whether the SSL renewal is working fine.$ sudo certbot renew --dry-run

If you see no errors, you are all set. Your certificate will renew automatically.

Step 9 – Configure PHP-FPM

Open the file /etc/php/8.3/fpm/pool.d/www.conf.$ sudo nano /etc/php/8.3/fpm/pool.d/www.conf

We must set the Unix user/group of PHP processes to nginx. Find the user=www-data and group=www-data lines in the file and change them to nginx.; Unix user/group of the child processes. This can be used only if the master
; process running user is root. It is set after the child process is created.
; The user and group can be specified either by their name or by their numeric
; IDs.
; Note: If the user is root, the executable needs to be started with
; --allow-to-run-as-root option to work.
; Default Values: The user is set to master process running user by default.
; If the group is not set, the user's group is used.
user = nginx
group = nginx

Find the listen.owner = www-data and listen.group = www-data lines in the file and change them to nginx.; Set permissions for unix socket, if one is used. In Linux, read/write
; permissions must be set in order to allow connections from a web server. Many
; BSD-derived systems allow connections regardless of permissions. The owner
; and group can be specified either by name or by their numeric IDs.
; Default Values: Owner is set to the master process running user. If the group
; is not set, the owner's group is used. Mode is set to 0660.
listen.owner = nginx
listen.group = nginx

Save the file by pressing Ctrl + X and entering Y when prompted.

Increase the file upload size to 8 MB.$ sudo sed -i 's/upload_max_filesize = 2M/upload_max_filesize = 8M/' /etc/php/8.3/fpm/php.ini

Restart the PHP-FPM service.$ sudo systemctl restart php8.3-fpm

Change the group of the PHP sessions directory to Nginx.$ sudo chgrp -R nginx /var/lib/php/sessions

Step 10 – Configure Nginx

Run the following command to add a configuration file for your site.$ sudo nano /etc/nginx/conf.d/flarum.conf

Paste the following code in the editor.server {
listen [::]:80;
listen 80;

server_name flarum.example.com;

# redirect http to https
return 301 https://flarum.example.com$request_uri;

server {
listen [::]:443 ssl;
listen 443 ssl;

http2 on;

server_name flarum.example.com;

access_log /var/log/nginx/flarum.access.log;
error_log /var/log/nginx/flarum.error.log;

root /var/www/flarum/public;
index index.php;

include /var/www/flarum/.nginx.conf;

client_max_body_size 8M;

if ($host != "flarum.example.com") {
return 301 $scheme://flarum.example.com$request_uri;

# SSL code
ssl_certificate /etc/letsencrypt/live/flarum.example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/flarum.example.com/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/flarum.example.com/chain.pem;
ssl_session_timeout 1d;
ssl_session_cache shared:MozSSL:10m;
ssl_session_tickets off;
ssl_prefer_server_ciphers off;
ssl_stapling on;
ssl_stapling_verify on;
ssl_dhparam /etc/ssl/certs/dhparam.pem;
resolver [2606:4700:4700::1111] [2606:4700:4700::1001] [2001:4860:4860::8888] [2001:4860:4860::8844] valid=60s;
resolver_timeout 2s;

ssl_protocols TLSv1.2 TLSv1.3;

tcp_nopush on;
types_hash_max_size 2048;

location ~ .php$ {
fastcgi_pass unix:/run/php/php8.3-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_index index.php;
include fastcgi_params;

This file assumes that we will be hosting example.com in the directory /var/www/flarum/public. Flarum ships with some default Nginx settings in the /var/www/flarum/.nginx.conf file which we have included in our Nginx configuration using the following directive.include /var/www/flarum/.nginx.conf;

Once finished, press Ctrl + X to close the editor and press Y when prompted to save the file.

Open the file /etc/nginx/nginx.conf for editing.$ sudo nano /etc/nginx/nginx.conf

Add the following line before the line include /etc/nginx/conf.d/*.conf;.server_names_hash_bucket_size 64;

Save the file by pressing Ctrl + X and entering Y when prompted. Test the Nginx configuration.$ sudo nginx -t

You should see the following output indicating your configuration is correct.nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

Reload the Nginx service.$ sudo systemctl reload nginx

Step 11 – Access and Complete Flarum Install

Open http://example.com in your browser to complete the installation.

Fill in the required database values we created above. You can leave the Table Prefix entry blank to allow Flarum to use the default prefix or you can enter any custom prefix like fla_. Choose a username, strong password, and email ID to install Flarum.

Click the Install Flarum button to finish the installation.

Once installed, you should be greeted with the default Flarum homepage.

Your forum is now installed and ready for use.

Enable 2FA

Two-factor authentication is an essential feature for any public forum. Flarum doesn’t ship with the feature natively but you can enable it by installing an extension for the same. The extension for the same is available via GitHub.

To install the plugin, first, switch to the Flarum directory.$ cd /var/www/flarum

Install the plugin using Composer.$ composer require ianm/twofactor:"*"

The next step is to enable the plugin from the Flarum administration panel. Click your name on the top right of the homepage and click on the Administration link from the drop-down menu.

You will be taken to the administration dashboard. Select the 2FA feature from the left menu and turn it on. You don’t need to change anything as the default settings should work fine.

If you want moderators on the forum to have 2FA enabled, click the Mods button and enable the 2FA required setting. Click the Save Changes button to finish.

To enable 2FA for your account, open your settings page from the top right menu on the forum homepage. Open the Security page by selecting from the left sidebar.

Click the Enable 2FA button and the following popup will open.

Scan the QR code or choose the manual option using your 2FA app and enter the code generated in the box. Click the Verify button when finished. You will be shown backup codes. Save them and click the button to proceed.

You will be asked for confirmation again. Click the Ok button to proceed. The process is now complete.

Configure Email Settings

You will also need to configure mail settings from the Administration panel. Flarum supports Mailgun SMTP service natively or you can use an external SMTP provider.

We are using Amazon SES service for which we have selected smtp from the email driver drop-down menu on the email page. Click the Save Changes button.

Before sending a test mail, you will need to install a composer package to make it work. Switch to the Flarum directory on the server.$ cd /var/www/flarum

Install the composer package.$ composer require guzzlehttp/guzzle:^7.0

Return to the email settings page and click the Send button to send a test email. The page will notify if the mail was sent successfully. You should get the following mail.

If you want to use Mailgun, choose mailgun from the drop-down menu. Fill in the required fields, and save the settings.

Step 12 – Update Flarum

You need to have the Extension Manager extension to be able to update Flarum from within the administration dashboard. Install the Extension Manager using the following command.$ cd /var/www/flarum
$ composer require flarum/extension-manager:*

Open the Administrator dashboard and enable the Extension Manager extension by switching the disabled button to the right.

On enabling the extension, it should look like the following.

Before updating the forum, you need to enable the forum’s maintenance mode. The configuration for this is not available via the Administration dashboard. Some of the settings are available via the config.php file in the Flarum’s root directory. Switch to the terminal and open the config.php file for editing.$ nano /var/www/flarum/config.php

Find the line 'debug' => false, and add the following line after it so that it looks like the following.'debug' => false,
'offline' => true,

Once finished, press Ctrl + X to close the editor and press Y when prompted to save the file.

Switch back to the dashboard and click the Check for updates button at the bottom page of the Extension manager to update the Flarum software. To use the extension manager to manage extension updates, check the Extension manager documentation.

Step 12 – Backup and Restore Flarum

The simplest way to back up Flarum is to back up the MariaDB database. To do it, use the mysqldump tool via the following command.$ sudo mysqldump flarum > flarumbackup.sql

To restore the database on the newer server, repeat all the commands in step 6 about configuring MariaDB. This will create a blank database (flarum) and a database user with access to it.

Next, run the following command to restore the forum.$ sudo mysql flarum < backup.sql

To backup the files, copy the entire /var/www/flarum folder and restore it on the new server. If you are changing the URL, modify the value for the variable url in the config.php file and reconfigure Nginx to serve the forum.


This concludes our tutorial on installing the Flarum Community forum software on a Ubuntu 24.04 server. If you have any queries or feedback, shoot them in the comments below.

Đăng ký liền tay Nhận Ngay Bài Mới

Subscribe ngay

Cám ơn bạn đã đăng ký !

Lỗi đăng ký !

Add Comment

Click here to post a comment

Đăng ký liền tay
Nhận Ngay Bài Mới

Subscribe ngay

Cám ơn bạn đã đăng ký !

Lỗi đăng ký !