Setup & Configuration
This section provides comprehensive setup instructions for administrators and advanced users to configure MediaBrain for optimal performance.
Initial System Setup
Prerequisites
Before setting up MediaBrain, ensure you have:
- PHP 8.2 or higher
- Composer for PHP dependency management
- Docker and Docker Compose (for containerized deployment)
- Google Cloud account (for cloud features)
- Web server (Apache/Nginx) or Docker
1
Download and Extract
Clone or download the MediaBrain repository to your server:
git clone https://github.com/jeffdavid8/mediabrain.net.git
cd mediabrain.net
2
Install Dependencies
Install PHP dependencies using Composer:
composer install --no-dev --optimize-autoloader
3
Configure Environment
Set up your environment variables in mediabrain.ini:
; Core configuration
version = "0.5"
domain = "yourdomain.com"
site_name = "MediaBrain"
environment = "production"
; Database settings (if applicable)
db_host = "localhost"
db_name = "mediabrain"
db_user = "your_db_user"
db_pass = "your_db_password"
; Storage configuration
storage_provider = "gcs" ; or "local"
gcs_bucket = "your-bucket-name"
4
Set File Permissions
Ensure proper file permissions for web server access:
# For Apache/Nginx
chmod -R 755 html/
chown -R www-data:www-data html/
# Create data directories
mkdir -p /var/data/mediabrain
chmod 755 /var/data/mediabrain
Docker Deployment
Docker deployment is the recommended method for production environments.
1
Configure Docker Compose
Review and modify docker-compose.yml for your environment:
version: '3.8'
services:
mediabrain-app:
build: .
ports:
- "8080:80"
environment:
- ENVIRONMENT=production
- GOOGLE_APPLICATION_CREDENTIALS=/tmp/service-account-key.json
volumes:
- ./data:/var/data/mediabrain
- ./service-account-key.json:/tmp/service-account-key.json:ro
restart: unless-stopped
2
Build and Start
Build the Docker image and start the containers:
# Build and start in detached mode
docker-compose up -d --build
# View logs
docker-compose logs -f mediabrain-app
# Check container status
docker-compose ps
3
Verify Installation
Access your MediaBrain installation:
# Local testing
curl -I http://localhost:8080
# Or open in browser
http://localhost:8080
Google Cloud Run Deployment
Deploy MediaBrain to Google Cloud Run for scalable, serverless hosting.
1
Setup Google Cloud Project
Create and configure your Google Cloud project:
# Install Google Cloud SDK
# https://cloud.google.com/sdk/docs/install
# Login and set project
gcloud auth login
gcloud config set project YOUR_PROJECT_ID
# Enable required APIs
gcloud services enable run.googleapis.com
gcloud services enable storage.googleapis.com
gcloud services enable iam.googleapis.com
2
Create Service Account
Create a service account with appropriate permissions:
# Create service account
gcloud iam service-accounts create mediabrain-service \\
--display-name="MediaBrain Service Account"
# Grant storage permissions
gcloud projects add-iam-policy-binding YOUR_PROJECT_ID \\
--member="serviceAccount:mediabrain-service@YOUR_PROJECT_ID.iam.gserviceaccount.com" \\
--role="roles/storage.admin"
# Create and download key
gcloud iam service-accounts keys create service-account-key.json \\
--iam-account=mediabrain-service@YOUR_PROJECT_ID.iam.gserviceaccount.com
3
Deploy to Cloud Run
Deploy your application to Google Cloud Run:
# Deploy from source
gcloud run deploy mediabrain-app \\
--source . \\
--region us-central1 \\
--allow-unauthenticated \\
--set-env-vars="ENVIRONMENT=production,GOOGLE_APPLICATION_CREDENTIALS=/tmp/service-account-key.json" \\
--memory 512Mi \\
--cpu 1 \\
--max-instances 10
OAuth Provider Configuration
Configure social login providers for enhanced user authentication.
Facebook OAuth
- Go to Facebook for Developers
- Create a new app or use existing
- Add Facebook Login product
- Configure OAuth redirect URI:
https://yourdomain.com/oauth/facebook.php
- Copy App ID and App Secret
Google OAuth
- Go to Google Cloud Console
- Create OAuth 2.0 credentials
- Add authorized redirect URI:
https://yourdomain.com/oauth/google.php
- Copy Client ID and Client Secret
1
Configure OAuth Settings
Add OAuth credentials to your configuration:
{
"facebook": {
"enabled": true,
"app_id": "YOUR_FACEBOOK_APP_ID",
"app_secret": "YOUR_FACEBOOK_APP_SECRET",
"redirect_uri": "https://yourdomain.com/oauth/facebook.php"
},
"google": {
"enabled": true,
"client_id": "YOUR_GOOGLE_CLIENT_ID",
"client_secret": "YOUR_GOOGLE_CLIENT_SECRET",
"redirect_uri": "https://yourdomain.com/oauth/google.php"
}
}
Storage Configuration
Configure storage backends for file management and data persistence.
Google Cloud Storage Setup
1
Create Storage Bucket
# Create bucket with appropriate naming
gsutil mb gs://mediabrain-prod-storage
# Set bucket permissions
gsutil iam ch serviceAccount:mediabrain-service@YOUR_PROJECT_ID.iam.gserviceaccount.com:roles/storage.admin gs://mediabrain-prod-storage
2
Configure Application
Update storage configuration:
{
"provider": "gcs",
"gcs": {
"bucket": "mediabrain-prod-storage",
"key_file": "/path/to/service-account-key.json"
},
"fallback": "local"
}
Local Storage Setup
1
Create Storage Directories
# Create storage directories
mkdir -p /var/data/mediabrain/{users,permissions,recipes,ancestry}
chmod -R 755 /var/data/mediabrain
chown -R www-data:www-data /var/data/mediabrain
2
Configure Application
{
"provider": "local",
"local": {
"base_path": "/var/data/mediabrain"
}
}
User Management Setup
1
Create Initial Admin User
Set up the first administrator account:
# Access admin setup (one-time only)
https://yourdomain.com/?app=admin&setup=true
# Or create via command line
php html/apps/admin/create_admin.php --username=admin --password=secure_password --email=admin@yourdomain.com
2
Configure User Roles
Define user roles and permissions in the admin panel:
- Login as administrator
- Navigate to User Management
- Configure role permissions
- Set default user role for new registrations
Security Settings
Security Checklist
- ✅ Enable HTTPS in production
- ✅ Use strong passwords for admin accounts
- ✅ Configure firewall rules
- ✅ Regular security updates
- ✅ Enable audit logging
- ✅ Secure file permissions
- ✅ Configure CSRF protection
- ✅ Set up backup procedures
1
Enable HTTPS
Configure SSL/TLS certificates:
# Using Let's Encrypt with Certbot
certbot --apache -d yourdomain.com
# Or configure in Apache/Nginx
# Ensure redirect from HTTP to HTTPS
2
Configure Session Security
Set secure session parameters in php.ini:
session.cookie_secure = 1
session.cookie_httponly = 1
session.use_strict_mode = 1
session.cookie_samesite = "Strict"
Setup Troubleshooting
Common Setup Issues
Permission Denied Errors
# Fix file permissions
sudo chown -R www-data:www-data /path/to/mediabrain
sudo chmod -R 755 /path/to/mediabrain
# Fix storage directory permissions
sudo mkdir -p /var/data/mediabrain
sudo chown -R www-data:www-data /var/data/mediabrain
Database Connection Issues
- Verify database credentials in configuration
- Check database server is running
- Ensure database user has proper permissions
- Test connection manually
Google Cloud Storage Issues
- Verify service account has storage.admin role
- Check bucket name matches configuration
- Ensure service account key file is accessible
- Verify GOOGLE_APPLICATION_CREDENTIALS environment variable
Performance Optimization
PHP Configuration
# Recommended php.ini settings
memory_limit = 256M
max_execution_time = 60
upload_max_filesize = 50M
post_max_size = 50M
opcache.enable = 1
opcache.memory_consumption = 128
Caching Setup
- Enable OPcache for PHP
- Configure browser caching headers
- Use CDN for static assets
- Enable gzip compression
Setup Complete!
Once setup is complete, verify your installation:
- Test login functionality
- Verify all applications load correctly
- Check file upload capabilities
- Test OAuth providers (if configured)
- Verify user role permissions
Need Additional Help?
Explore specific application help sections or troubleshooting guides.