3 Open Source PHP Services You Can Use Right Now
I’m always on the lookout for new open source projects that I can use on a day-to-day basis. While many open source projects are absolutely awesome, too often I find that, as much as I want to, I just have no real use case for them. And to me, the only thing cooler than an awesome open source project is an awesome open source project you can actually use.
Below, I’ve listed three open sources services that I’ve stood up in the past few weeks. I haven’t written out any guides for them, however, I have linked to the relevant guides and documentation.
Note on Security: When deploying any remote service, it is critical that you use https/tls. Letsencrypt makes this aggressively simple, and there are tools to automate this process provided by the EFF. In addition, you’ll also need to consider file permissions as well as other security basics (ssh config, firewall, logs). Assuming you manage to secure the server, you’ll also be responsible securing for the application itself. Many of the examples given in the referenced documentation are bare bones implementations so please be careful with what data you choose to store in these services and understand your responsibility in managing them.
Note on Difficulty: I’ve included the expected difficulty in installing these services. By far, the most time consuming aspect of installation was simply configuring apache/nginx as well as tls/letsencrypt. However, as long as you’re familiar with configuring a server (or confident enough to use google for help), installing packages with composer, using ssh, and changing file permissions, you should be fine.
Before I start, I should probably mention that I use AWS EC2 instances to run all these services. I appreciate how easy it can be to manage Security Groups, Access Control Lists, and Subnets. If you’re spinning up any of these (or other) services as an academic exercise, I recommend giving AWS a go. It can be intimidating (read: frustrating) at first, but eventually it becomes an extremely useful platform. In addition, it may be better to run these services locally if you’re unsure about whether they’re something you’d actually want to use and maintain.
A PHP Remote Storage Server that can be integrated with Laverna in order to synchronize notes.
Laverna is an open source and privacy focused note taking application which utilizes the electron platform (there’s also a webapp written in nodejs as well as an Android app possibly coming soon). It is relatively robust, allows for nested folders, and includes a markdown style editor. The user is required to provide an encryption key so that their local notes remain private and secure.
More importantly, and why I’ve mentioned Laverna here, it also offers the ability to sync notes with a remote server. Unfortunately, the only two available options for remote storage are Dropbox, and, appropriately named, RemoteStorage. RemoteStorage is an “An open protocol for per-user storage on the Web”. While there are many implementations of the RemoteStorage protocol in multiple languages, there’s a php implementation made available by fkooman.
My greatest concern for this setup was encryption on the server. From what I can tell, Laverna enforces encryption on the remote storage server and only presents notes in clear text within the client. However, when integrating remoteStorage with Laverna, it appears that Laverna does not force https. Although I’ve configured my remoteStorage server to redirect to 443, this still concerns me. Although I’ll have to investigate further to see how secure my data is at the transport layer, as long as the data remains encrypted by Laverna itself, I think I will still be comfortable using the application.
Edit: After reviewing the source code, it appears that Laverna intercepts http requests on the client side and reroutes them to https.
Installing remoteStorage’s php implantation is pretty straight forward. While the guide may leave out a few steps such as installing php’s mb_string and zip (for composer) on Ubuntu (it’s mentioned on the Fedora guide), the only manual steps required for configuring the application are init-ing the database and creating a user, both of which are completed using scripts provided in the bin/ directory. There’s also an apache conf template. As well, I’ll mention that I was able to get it up and running with php 7.0. Ultimately, it took me around 30 minutes to setup.
After setting up my php remote storage server, I was able to integrate it with Laverna’s front end without any issues. To ensure that your notes are syncing, you can check the data/ directory inside your remote storage project folder.
A PHP CalDav Server (with a web app plugin).
When it comes to synchronizing calendars, you have a few options, most of which include using an email provider (gmail, yahoo), a cloud provider (iCloud, NextCloud), or third party service. However, what if you don’t want to deploy a full cloud framework or share your data with a third party for the sole purpose of setting up a remote calendar?
Sabre offers a suite of services and packages including both a CalDav and CardDav framework. These frameworks are so powerful that fruux, a privacy focused third party service, actually uses sabre/caldav and sabre/carddav in its backend implementation as well as sponsors/contributes to their development (thanks!!).
Sabre is kind enough to provide an example of a bare bones implementation of the CalDav service. Getting started requires a few manual edits besides a git pull and composer install. While sabre provides a sqlite database that you can simply copy from the examples folder, you’ll need to manually populate the database with a new user which will involve some sql as well opening a php shell in order to calculate the hash.
Note that in your server setup, you’ll have to set the “realm”. This value will need to be included in the hash. You’ll also need to populate a few other rows (such as principals) which are mentioned in the documentation. In the end, it took me around an hour to get everything set up.
Overall, it’s a relatively straight forward process. The greatest concerns that I encountered were security related as I mentioned above (make sure to delete the default user if there is one!).
After setting up the server, you should be able to login through the web portal (assuming you included the browser plugin). The web portal is more for administration and less of a calendar app. Once you’ve verified that the service is functional, you’ll be able to integrate it into any calendar app which uses CalDav (Thunderbird, iCalendar etc).
A Music Streaming Application written in Laravel and Vuejs.
Koel is one of the most awesome and ambitious open source applications I’ve encountered (and yes that’s probably because I’m a big fan of Laravel and Vue). It’s a beautiful SPA streaming application with a Laravel backend. You can upload your audio files to a given folder on the server which Koel will then be able to stream.
The front end looks awesome, and setting up the streaming service is a very rewarding experience. Of course it’s no substitute for Spotify, but if you’re serious about Open Source, it’s definitely worth looking into. My only complaint is that (from my experience with the application) you cannot manage your music files from the front end (they say complaints are the first step to creating pull request). So you’ll have to manually transfer your music files when you wish to augment your library. However, it would be trivial to implement a secondary service to do this as Laravel’s File Manager is extremely robust.
In addition, you also have the option to use an S3 bucket to store you files. Koel provides a lamba function which will update the Koel server when a file is added to the bucket (though I have experienced some trouble syncing files from S3 when uploading in bulk).
Installation time will vary depending on what you want to do. If doing a straight forward implementation (where you store the files on the server and don’t edit the basic setup), I’d imagine it would take around 30 min to an hour. However, I was uncomfortable keeping the index.php in the project directory (as this required a specific nginx config in order to protect sensitive files), and I decided to move it to public/. This required that I do some rewrites in nginx in order to keep paths to assets consistent.
As well, I chose to set up an AWS S3 bucket with the included lambda function which added an extra two hours to my installation process (and serious debugging). Opting for the S3 route will add quite a bit more complexity to your installation process. Despite the extended installation time, I found the process to be quite rewarding as I was unfamiliar with Lamba functions prior to installing experience.
My greatest security concern with Koel was losing control of the AWS S3 bucket. While I’ve done everything I can to lock down the app and have no sensitive files in the bucket, I could see a malicious user driving up my bill by uploading large files if they were able to compromise the bucket. Overall, I’ve decided it’s worth the risk, and I use Koel for any music which I have a digital copy of.
Do be careful when streaming from an S3 bucket as, from what I can tell, Koel does not cache songs so it would be trivial to run up a large bill after extended use. This may merit opting for the straight forward installation.
And that’s it. I just wanted to share some of the services I’ve been experimenting with. It’s really easy to accidentally get “married” to a third party service (gmail, evernote, iCloud, iTunes, Spotify), and utilizing some of the awesome open source projects available to us is a great way to avoid doing that.
If you have any cool open source services that you’re currently running, please to leave a response and let me know.
“They’re not sending their best. They’re sending exploits, they’re sending spam. And some, I assume, are good packets” — @scriptjunkie1
Follow me on twitter? Maybe? @3lpsy
Feel free to comment down below or reach out to me on twitter if you have any comments, corrections, or suggestions for how I can improve this post.
Edit: Fixed many typos