How to Install InvoicePlane with Apache and Free Let's Encrypt SSL Certificate on Debian 11
On this page
- Prerequisites
- Install Apache, PHP, and MariaDB
- Create a Database for InvoicePlane
- Install InvoicePlane
- Configure Apache for InvoicePlane
- Access InvoicePlane Web UI
- Secure InvoicePlane with Let's Encrypt SSL
- Conclusion
- Prerequisites
- Install Apache, PHP, and MariaDB
- Create a Database for InvoicePlane
- Install InvoicePlane
- Configure Apache for InvoicePlane
- Access InvoicePlane Web UI
- Secure InvoicePlane with Let's Encrypt SSL
- Conclusion
InvoicePlane is a free, open-source, and self-hosted application for managing your quotes, invoices, clients, and payments. It is used by many organizations and freelancers to manage their payments and invoices. It offers custom templates, themes, and other tools that help you to increase the functionality of InvoicePlane. It also supports multiple languages and multiple payment providers such as Paypal, Stripe or even Bitcoin via Coinbase.
In this tutorial, we will show you how to install InvoicePlane with Apache on Debian 11.
Prerequisites
- A server running Debian 11.
- A valid domain name pointed with your server IP.
- A root password is configured on the server.
Install Apache, PHP, and MariaDB
First, you will need to install the Apache web server, MariaDB database server, PHP and other required PHP extensions to your server. You can install all of them by running the following command:
apt-get install apache2 mariadb-server php libapache2-mod-php php-common php-mbstring php-xmlrpc php-soap php-gd php-xml php-intl php-mysql wget unzip php-cli php-zip php-curl -y
Once all the packages are installed, edit the PHP configuration file and change the default settings:
nano /etc/php/7.4/apache2/php.ini
Change the following lines:
memory_limit = 256M upload_max_filesize = 128M max_execution_time = 360 date.timezone = UTC
Save and close the file then restart the Apache service to apply the changes:
systemctl restart apache2
Create a Database for InvoicePlane
Next, you will need to secure the MariaDB installation and create a database and user for InvoicePlane.
First, secure the MariaDB installation using the following command:
mysql_secure_installation
Answer all the questions as shown below:
Set root password? [Y/n] Y Remove anonymous users? [Y/n] y Disallow root login remotely? [Y/n] y Remove test database and access to it? [Y/n] y Reload privilege tables now? [Y/n] y
Next, connect to the MariaDB shell with the following command:
mysql -u root -p
Once you are connected, create a database and user for InvoicePlane with the following command:
MariaDB [(none)]> CREATE DATABASE invplanedb;
MariaDB [(none)]> CREATE USER 'invplane'@'localhost' IDENTIFIED BY 'password';
Next, grant all the privileges to the InvoicePlane with the following command:
MariaDB [(none)]> GRANT ALL PRIVILEGES ON invplanedb.* TO 'invplane'@'localhost';
Next, run the FLUSH PRIVILEGES command so that the privileges table will be reloaded by MariaDB:
MariaDB [(none)]> FLUSH PRIVILEGES;
Finally, exit from the MariaDB shell:
MariaDB [(none)]> EXIT
Install InvoicePlane
First, download the latest version of the InvoicePlane with the following command:
wget -c -O v1.5.11.zip https://invoiceplane.com/download/v1.5.11
Once the download is completed, create a directory for InvoicePlane and extract the downloaded file inside the InvoicePlane directory:
mkdir /var/www/html/invoiceplane
unzip v1.5.11.zip -d /var/www/html/invoiceplane
Next, navigate to the InvoicePlane directory and rename the configuration file and .htaccess file:
cd /var/www/html/invoiceplane
cp ipconfig.php.example ipconfig.php
cp htaccess .htaccess
Next, edit the ipconfig.php file with the following command:
nano ipconfig.php
Define your website URL and database settings as shown below:
IP_URL=http://invoice.example.com DB_HOSTNAME=localhost DB_USERNAME=invplane DB_PASSWORD=password DB_DATABASE=invplanedb DB_PORT=3306
Next, set proper permission and ownership to the InvoicePlane directory:
chown -R www-data:www-data /var/www/html/invoiceplane/
chmod -R 755 /var/www/html/invoiceplane/
Configure Apache for InvoicePlane
Next, you will need to create an Apache virtual host configuration file for InvoicePlane. You can create it with the following command:
nano /etc/apache2/sites-available/invoiceplane.conf
Add the following lines:
<VirtualHost *:80>
ServerAdmin admin@example.com
DocumentRoot /var/www/html/invoiceplane
ServerName invoice.example.com
<Directory /var/www/html/invoiceplane/>
Options +FollowSymlinks
AllowOverride All
Require all granted
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
Save and close the file then activate the Apache virtual host and rewrite module with the following command:
a2ensite invoiceplane.conf
a2enmod rewrite
Next, restart the Apache service to apply the configuration changes:
systemctl restart apache2
To verify the Apache status, run the following command:
systemctl status apache2
You will get the following output:
? apache2.service - The Apache HTTP Server
Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset: enabled)
Active: active (running) since Fri 2022-01-21 08:42:34 UTC; 5s ago
Docs: https://httpd.apache.org/docs/2.4/
Process: 15965 ExecStart=/usr/sbin/apachectl start (code=exited, status=0/SUCCESS)
Main PID: 15970 (apache2)
Tasks: 6 (limit: 2341)
Memory: 15.1M
CPU: 82ms
CGroup: /system.slice/apache2.service
??15970 /usr/sbin/apache2 -k start
??15971 /usr/sbin/apache2 -k start
??15972 /usr/sbin/apache2 -k start
??15973 /usr/sbin/apache2 -k start
??15974 /usr/sbin/apache2 -k start
??15975 /usr/sbin/apache2 -k start
Jan 21 08:42:34 debian11 systemd[1]: Starting The Apache HTTP Server...
Access InvoicePlane Web UI
Now, open your web browser and access the InvoicePlane web interface using the URL http://invoice.example.com. You should see the following page:
Click on the Setup button. You should see the Language selection page:
Select your language and click on the Continue button. You should see the prerequisites page:
Click on the Continue button. You should see the following page:
Provide your admin user account information, address and click on the Continue button. Once the InvoicePlane has been installed, you should see the following page:
Click on the Login button. You should see the following page:
Provide your admin username, password then click on the Login button. You should see the InvoicePlane dashboard on the following page:
Secure InvoicePlane with Let's Encrypt SSL
It is always a good idea to secure your website with Let's Encrypt SSL. You will need to install the Certbot client to install and manage the SSL. You can install it with the following command:
apt-get install python3-certbot-apache -y
Once the Certbot is installed, run the following command to secure your website with Let's Encrypt SSL:
certbot --apache -d invoice.example.com
You will be asked to provide your email and accept the term of service as shown below:
Saving debug log to /var/log/letsencrypt/letsencrypt.log Plugins selected: Authenticator standalone, Installer None Enter email address (used for urgent renewal and security notices) (Enter 'c' to cancel): hitjethva1981@gmail.com - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Please read the Terms of Service at https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must agree in order to register with the ACME server at https://acme-v02.api.letsencrypt.org/directory - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - (A)gree/(C)ancel: A - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Would you be willing to share your email address with the Electronic Frontier Foundation, a founding partner of the Let's Encrypt project and the non-profit organization that develops Certbot? We'd like to send you email about our work encrypting the web, EFF news, campaigns, and ways to support digital freedom. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - (Y)es/(N)o: Y Plugins selected: Authenticator apache, Installer apache Obtaining a new certificate Performing the following challenges: http-01 challenge for invoice.example.com Enabled Apache rewrite module Waiting for verification... Cleaning up challenges Created an SSL vhost at /etc/apache2/sites-available/invoice-le-ssl.conf Enabled Apache socache_shmcb module Enabled Apache ssl module Deploying Certificate to VirtualHost /etc/apache2/sites-available/invoice-le-ssl.conf Enabling available site: /etc/apache2/sites-available/invoice-le-ssl.conf
Next, select whether or not to redirect HTTP traffic to HTTPS as shown below:
Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 1: No redirect - Make no further changes to the webserver configuration. 2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for new sites, or if you're confident your site works on HTTPS. You can undo this change by editing your web server's configuration. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2
Type 2 and hit Enter to install the Let's Encrypt SSL for your website:
Enabled Apache rewrite module Redirecting vhost in /etc/apache2/sites-enabled/invoice.conf to ssl vhost in /etc/apache2/sites-available/invoice-le-ssl.conf - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Congratulations! You have successfully enabled https://invoice.example.com You should test your configuration at: https://www.ssllabs.com/ssltest/analyze.html?d=invoice.example.com - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - IMPORTANT NOTES: - Congratulations! Your certificate and chain have been saved at: /etc/letsencrypt/live/invoice.example.com/fullchain.pem Your key file has been saved at: /etc/letsencrypt/live/invoice.example.com/privkey.pem Your cert will expire on 2022-04-23. To obtain a new or tweaked version of this certificate in the future, simply run certbot again with the "certonly" option. To non-interactively renew *all* of your certificates, run "certbot renew" - If you like Certbot, please consider supporting our work by: Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate Donating to EFF: https://eff.org/donate-le
Conclusion
Congratulations! you have successfully installed InvoicePlane with Apache and Let's Encrypt SSL on Debian 11. You can now implement InvoicePlane in your company and start managing your payments and invoices from the web browser.
Posts
