Install Fever RSS Reader on Fedora, RHEL, or CentOS with SSL and SELinux

Saturday, May 10, 2014

Ever since Google Reader was surprisingly shutdown in July of 2013, some of the other RSS readers (Feedly, Tiny Tiny RSS, etc.) started to get more attention.

Coincidentally, I discovered and began using Fever just before I received news that Google Reader was shutting down.

Fever is a self-hosted, LAMP stack web application. It costs a one-time fee of $30. The cost may seem steep when TinyRSS, another self-hosted, LAMP stack web application is free, but I preferred the way Fever worked over TinyRSS, so I will leave you to decide if the cost is worth it.

In addition, the developer of Fever, Shaun Inman, also created the fantastic self-hosted, web based web analytics Mint. The steps to install and setup Mint are similar to Fever and can be found here.

Video Demo

As mentioned on Fever’s website, because Fever is a state based single-user system, a live demo is difficult, but Shaun Inman has created a video demo to show you how Fever works.

Server, Domain Name, and DNS

Before you do anything, you will need the following things setup and ready to go:

  • a server to host Fever on
  • a domain name
  • configured DNS records

Purchase Fever

Next, open a web browser, go to Fever’s website to create an account, and purchase Fever. An Activation Key will be emailed to you which you will use later.

Install Fever

Login to your server as the root user. The remainder of this post will assume you are the root user.

Repository Packages

Fever is your typical LAMP stack web application, so be sure you have the necessary repository packages installed:

yum install httpd mod_ssl php mysql-server unzip

Enable and Start the Services

Enable the httpd and mysqld services to start on boot and start them now.

On RHEL 6 and CentOS 6:

chkconfig httpd on
chkconfig mysqld on

service httpd start
service mysqld start

On Fedora 17 and newer:

systemctl enable httpd
systemctl enable mysqld

systemctl start httpd
systemctl start mysqld

Configure MySQL

Assuming you accept the defaults, the following mysql command will set the root MySQL password, remove anonymous MySQL users, disallow root login remotely, remove test databases and access to them, and reload the privileges table:

mysql_secure_installation

Login as root to MySQL (the password will be whatever you just set):

mysql -u root -p

Create the fever Database:

mysql> CREATE DATABASE fever;

Create the fever User and Set Permissions (change $PASSWORD to whatever password you want the fever user to have):

mysql> CREATE USER 'fever'@'localhost' IDENTIFIED BY '$PASSWORD';

mysql> GRANT ALL PRIVILEGES ON fever.* to 'fever'@'localhost';

mysql> FLUSH PRIVILEGES;

Apache Configuration

This decision is entirely up to you, but because you will be logging in to Fever with a username and password, you should put it behind SSL.

The following Apache VirtualHost file contains everything needed to always redirect to SSL and point to your self-signed SSL certificates (you will create these next).

Create file /etc/httpd/conf.d/fever.example.com.conf with the following contents:

<VirtualHost *:80>
    ServerAdmin admin@example.com
    DocumentRoot /var/www/html/fever.example.com
    ServerName fever.example.com
    ErrorLog logs/fever.example.com-error_log
    CustomLog logs/fever.example.com-access_log common

    RewriteEngine On

    RewriteCond %{SERVER_PORT} =80
    RewriteRule ^/(.*)$ https://%{SERVER_NAME}:443/$1 [R,L]
</VirtualHost>

<VirtualHost *:443>
    ServerAdmin admin@example.com
    DocumentRoot /var/www/html/fever.example.com
    ServerName fever.example.com
    ErrorLog logs/fever.example.com-ssl_error_log
    CustomLog logs/fever.example.com-ssl_access_log common

    SSLEngine On
    SSLCertificateFile "/etc/pki/tls/certs/fever.example.com.crt"
    SSLCertificateKeyFile "/etc/pki/tls/private/fever.example.com.key"

    <Directory /var/www/html/fever.example.com>
        Options None
    </Directory>
</VirtualHost>

Generate a Self-Signed SSL Certificate

Because you will probably be the only person using Fever, a self-signed SSL certificate is more than sufficient. You can create one with the following steps.

Change into root’s home directory:

cd /root

Create the Private Key and Certificate Signing Request:

openssl req -new -newkey rsa:2048 -nodes -keyout fever.example.com.key -out fever.example.com.csr

Create the SSL Certificate and sign it with the Private Key:

openssl x509 -req -days 365 -in fever.example.com.csr -signkey fever.example.com.key -out fever.example.com.crt

With the Private Key and SSL Certificate created, copy them into place:

cp /root/fever.example.com.key /etc/pki/tls/private/

cp /root/fever.example.com.crt /etc/pki/tls/certs/

Make sure each file has the proper permissions:

chmod 600 /etc/pki/tls/private/fever.example.com.key

chmod 644 /etc/pki/tls/certs/fever.example.com.crt

If you are using SELinux, set the proper SELinux Contexts:

restorecon -R /etc/pki/tls/private

restorecon -R /etc/pki/tls/certs

Download and Unzip Fever

You should already have downloaded Fever to your workstation and uploaded it to your server using scp, rsync, or sftp. I am going to assume you uploaded it to /tmp.

Unzip Fever to /tmp:

unzip /tmp/fever.zip -d /tmp

I highly advise you to read the README file located at /tmp/fever/README.txt.

Directory, Permissions, and SELinux Configuration

Create the web serving directory to put Fever:

mkdir -p /var/www/html/fever.example.com

Copy the entire contents of the fever directory you just unzipped to /var/www/html/fever.example.com:

cp -r /tmp/fever/* /var/www/html/fever.example.com/

Set the owner and group of the fever.example.com directory and its contents to apache:

chown -R apache:apache /var/www/html/fever.example.com

If you are using SELinux, set the proper SELinux Context:

chcon -Rv --type=httpd_sys_rw_content_t /var/www/html/fever.example.com

Also, when using SELinux, to ensure httpd can send mail for the Forgot Password function, set the following SELinux Boolean:

setsebool -P httpd_can_sendmail=1

Restart httpd

With all of the necessary Apache files in place, you will need to restart it for it all to begin working.

On RHEL 6 and CentOS 6:

service httpd restart

On Fedora 17 and newer:

systemctl restart httpd

With everything now in place, open a web browser, go to http://fever.example.com/boot.php, and follow the remaining instructions to finish installing Fever.

Post Setup

Fever has two ways it can refresh the RSS feeds: 1) leave Fever open in your browser and it will refresh at some interval, or 2) setup a cronjob to refresh Fever in the background at some interval.

cron Configuration

Create file /etc/cron.d/fever with the following contents to refresh the RSS feeds every 15 minutes:

00,15,30,45 * * * * apache curl -L -s -k https://fever.example.com/?refresh


comments powered by Disqus