InvoicePlane
InvoicePlane is a self-hosted open source application for managing your quotes, invoices, clients and payments.
Installation
Install the invoiceplaneAUR package.
Configuration
Database
Here is an example on how you could setup a database for Invoiceplane with MariaDB called invoiceplane
for the user invoiceplane
identified by the password password
:
CREATE DATABASE invoiceplane; GRANT ALL PRIVILEGES ON invoiceplane.* TO invoiceplane@'localhost' IDENTIFIED BY 'password'; FLUSH PRIVILEGES;
Web Server
Apache
Create the Apache HTTP Server configuration file:
/etc/httpd/conf/extra/invoiceplane.conf
Alias /invoiceplane "/usr/share/webapps/invoiceplane" <Directory "/usr/share/webapps/invoiceplane"> DirectoryIndex index.php AllowOverride All Options FollowSymlinks Require all granted </Directory>
And include it in /etc/httpd/conf/httpd.conf
:
# InvoicePlane configuration Include conf/extra/invoiceplane.conf
Lighttpd
Make an alias for invoiceplane in your Lighttpd configuration.
alias.url = ( "/invoiceplane" => "/usr/share/webapps/invoiceplane/")
Then enable mod_alias, mod_fastcgi and mod_cgi in your config ( server.modules section )
nginx
Here is an example config to include in nginx.conf for a subdomain with php-fpm:
/etc/nginx/sites-available/invoiceplane.conf
server { listen 443 ssl http2; listen [::]:443 ssl http2; #HTTPS Configuration ssl_certificate /etc/ssl/certs/cert.pem; ssl_certificate_key /etc/ssl/private/key.pem; ssl_stapling on; ssl_stapling_verify on; ssl_session_cache shared:SSL:10m; ssl_session_timeout 10m; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_dhparam /etc/nginx/conf/dhparams.pem; ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA'; ssl_prefer_server_ciphers on; keepalive_timeout 70; add_header Strict-Transport-Security "max-age=15552000; includeSubdomains"; add_header X-XSS-Protection "1; mode=block"; add_header X-Content-Type-Options "nosniff"; add_header X-Frame-Options "SAMEORIGIN"; root /usr/share/webapps/invoiceplane; index index.php; access_log /var/log/nginx/invoice.access.log; error_log /var/log/nginx/invoice.error.log; server_name invoice.example.com; client_body_timeout 60; location / { try_files $uri $uri/ /index.php?q=$uri&$args; } location ~ \.php$ { fastcgi_param PHP_ADMIN_VALUE open_basedir=/tmp:/usr/share/webapps/invoiceplane:/dev/urandom:/usr/share/php; fastcgi_split_path_info ^(.+\.php)(/.+)$; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name; fastcgi_param DOCUMENT_ROOT $realpath_root; fastcgi_param PATH_INFO $fastcgi_path_info; fastcgi_pass unix:/run/php-fpm/php-fpm.sock; client_max_body_size 100M; } }
Explicitly permit InvoicePlane directories for php-fpm
Since version 7.4 php-fpm is hardened per default and revokes read/write access on /usr
(and sub-directories). Therefore it is also necessary to explicitly give permissions on /usr/share/webapps/invoiceplane
directories.
Create an override.conf
for php-fpm
:
# systemctl edit php-fpm.service
Add and save following content.
/etc/systemd/system/php-fpm.service.d/override.conf
[Service] ReadWritePaths = /usr/share/webapps/invoiceplane/ipconfig.php ReadWritePaths = /usr/share/webapps/invoiceplane/uploads/ ReadWritePaths = /usr/share/webapps/invoiceplane/application/logs ReadWritePaths = /usr/share/webapps/invoiceplane/vendor/mpdf/mpdf/tmp
Afterwards restart the php-fpm
service and assign write permissions to the http
user.
Installation wizard
Once database and webserver have been setup, visit the installation wizard page at http://your-invoiceplane-domain.com/index.php/setup[dead link 2021-11-12 ⓘ] and follow the instructions.
Localization
If you want to choose a different language than English visit Translation / Localization.