How to Install Firefly III on Ubuntu 20.04

Introduction

This tutorial explains how to install Firefly III on Ubuntu 20.04. This tutorial will use Docker, docker-compose and Nginx to secure the setup.

Firefly III is a self-hosted personal finance manager that allows you to keep track of all your funds and assets.

Prerequisites

Before you begin, you should have:

• Deploy an Ubuntu 20.04 server.
• Updated the server.
• Created a non-root user with sudo privileges.
• Logged in to your server as a non-root user.
• Opened port 433 on your Vultr firewall or your ufw.

You should also have:

• A domain you own, pointing to your server. It can also be a subdomain if you wish.
  • Please note that Certbot/Let's Encrypt does not support certificates for IP addresses. Some tutorials may demonstrate how to self-sign your certificate; however, it is unsafe and not recommended to do so. You may need to use an alternative service that supports signing certificates for IP addresses.

Installation

Certbot and Git

1. Install Git using apt.

    $ sudo apt install git

2. Ensure that any apt versions of Certbot are uninstalled. It is okay if apt reports that none of these packages was installed.

    $ sudo apt remove certbot

3. Ensure that your version of snapd is up to date.

    $ sudo snap install core; sudo snap refresh core

4. Install Certbot using snap.

    $ sudo snap install --classic certbot

5. Run Certbot. You will need to follow the prompts to enter your domain name and redirect all traffic to HTTPS.

    $ sudo certbot certonly --standalone

6. Take note of your certificate and private key paths when provided. It may be different depending on the domain used.

    Certificate Path: /etc/letsencrypt/live/example.com/fullchain.pem
    Private Key Path: /etc/letsencrypt/live/example.com/privkey.pem

If you used a different SSL provider, please ensure they are on your server and know their full path. You may put them in the /etc/nginx/ directory if you wish.

Docker

1. Remove any older versions of Docker and the Docker engine.

    $ sudo apt remove docker docker-engine docker.io containerd runc

2. Install Docker using snap.

    $ sudo snap install docker

Configuration

.env File

1. Create a directory called firefly in your home directory and enter it.

    $ mkdir ~/firefly
    $ cd ~/firefly

2. Download Firefly III's .env file from GitHub.

    $ curl -o .env https://raw.githubusercontent.com/firefly-iii/firefly-iii/main/.env.example

3. Open the .env file in your text editor.

    $ nano .env

   You will need to edit some of the values in this file to set up and customize your installation. You should change the values listed below.

   • SITE_OWNER: Set this to your email address.
   • APP_KEY: Set this to a random string (must be 32 characters without special characters).
   • TZ: Set this to your timezone (must be in the Country/Location format).
   • TRUSTED_PROXIES: Set this to **.
   • APP_URL (at the very bottom of the file): Set this to your domain name.

   If you spot any other settings you wish to change, please do so.

4. Save and exit the text editor by using Control + X, then Y, followed by Enter.

Docker Container

1. Create and open a new docker-compose.yml file.

    $ nano docker-compose.yml

2. Add the following lines to the file.

    version: '3.3'
   
    services:
      app:
        image: fireflyiii/core:latest
        restart: always
        volumes:
          - firefly_iii_upload:/var/www/html/storage/upload
        env_file: .env
        ports:
          - 8080:8080
        depends_on:
          - db
      db:
        image: mariadb    
        hostname: fireflyiiidb
        restart: always
        environment:
          - MYSQL_RANDOM_ROOT_PASSWORD=yes
          - MYSQL_USER=firefly
          - MYSQL_PASSWORD=secret_firefly_password
          - MYSQL_DATABASE=firefly
        volumes:
          - firefly_iii_db:/var/lib/mysql
    volumes:
       firefly_iii_upload:
       firefly_iii_db:

3. Exit the file using Control + X, then press Y, followed by Enter.

4. Run Firefly III by using docker-compose in detached mode. This may take a few seconds.

    $ sudo docker-compose up -d

5. Check that Firefly III is running by using docker. The status should be Up.

    $ sudo docker ps
    STATUS
    Up x seconds/minutes

You have now successfully installed and configured Firefly III and have obtained a signed SSL certificate.

Setup an Nginx Reverse Proxy

You can now use your SSL certificate and Nginx to secure your Firefly III installation. Nginx will provide HTTPS support by using your SSL certificate and redirecting all traffic through port 443.

1. Remove the Nginx default configuration file. If you are using this file, then keep it.

    $ sudo rm /etc/nginx/conf.d/default.conf

2. Create and open a new configuration file in Nginx's conf.d directory.

    $ sudo nano /etc/nginx/conf.d/firefly.conf

3. Paste the following into the file and replace example.com with your chosen domain name. Ensure that the ssl_certificate and ssl_certificate_key lines point to your SSL certificate.

    upstream firefly {
      server localhost:8080;
    }
   
    server {
      listen 443 ssl http2;
      server_name example.com;
   
      gzip on;
   
      ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
      ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
      ssl_session_cache builtin:1000 shared:SSL:10m; 
      ssl_session_cache shared:MySSL:10m;
      ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
      ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
      ssl_prefer_server_ciphers on;
   
      location / {
           send_timeout 5m;
           proxy_read_timeout 240;
           proxy_send_timeout 240;
           proxy_connect_timeout 240;
           proxy_set_header Host $host:$server_port;
           proxy_set_header X-Real-IP $remote_addr;
           proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
           proxy_set_header X-Forwarded-Proto https;
           proxy_set_header X-Forwarded-Host $host;
           proxy_set_header X-Forwarded-Ssl on;
           proxy_set_header Connection "";
           proxy_cache_bypass $cookie_session;
           proxy_no_cache $cookie_session;
           proxy_buffers 32 4k;
           proxy_pass http://firefly;
      }
    }

4. Exit your text editor and save changes by pressing Control + X, then Y, followed by Enter.

5. Test the configuration file. If the test is successful, you will see the syntax is ok, and the test is successful messages.

    $ sudo nginx -t
    nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
    nginx: configuration file /etc/nginx/nginx.conf test is successful

6. Reload Nginx to apply your changes.

    $ sudo /etc/init.d/nginx reload

Finishing Steps

You should now navigate to your Firefly III installation and create an account.

https://example.com

Once logged in, you can set up your first savings account by following the steps on the welcome screen.

You have successfully installed Firefly III and secured it using an SSL certificate and an Nginx reverse proxy.

Documentation

• Firefly III Documentation and Repository
• Firefly III Website
• Nginx Documentation