1 <?xml version="1.0" encoding="UTF-8"?>
\r
2 <chapter version="5.0" xml:id="serversideinstallation" xml:lang="EN" xmlns="http://docbook.org/ns/docbook" xmlns:xi="http://www.w3.org/2001/XInclude" xmlns:xl="http://www.w3.org/1999/xlink">
\r
4 <title>Server-side Installation of Evergreen Software</title>
\r
6 <para>This section describes installation of the Evergreen server-side software and its associated components.
\r
7 Installation, configuration, testing and verification
\r
8 of the software is straightforward if you follow some simple directions.</para>
\r
11 <para>Installing, configuring and testing the Evergreen server-side software is straightforward with the current
\r
12 stable software release. </para>
\r
13 <para>The current version of the Evergreen server-side software runs as a native application on any of several
\r
14 well-known <systemitem class="osname">Linux</systemitem> distributions
\r
15 (e.g., <systemitem class="osname">Ubuntu</systemitem> and <systemitem class="osname">Debian</systemitem>).
\r
16 It does not currently run as a native application on the <systemitem class="osname">Microsoft Windows</systemitem>
\r
17 operating system (e.g., <systemitem class="osname">WindowsXP</systemitem>, <systemitem class="osname">WindowsXP
\r
18 Professional</systemitem>, <systemitem class="osname">Windows7</systemitem>), but the software can still be
\r
19 installed and run on <systemitem class="osname">Windows</systemitem> via a so-called
\r
20 <emphasis>virtualized</emphasis> Linux-guest Operating System (using, for example,
\r
21 <application>"VirtualBox"</application> or <application>"VMware"</application>
\r
22 to emulate a <systemitem class="osname">Linux</systemitem>
\r
23 environment). It can also be installed to run on other <systemitem class="osname">Linux</systemitem>
\r
24 systems via virtualized environments (using, for example, <application>"VirtualBox"</application> or
\r
25 <application>"VMware"</application>). More information on virtualized environments can be found in
\r
26 <xref linkend="serversideinstallation-virtual"/>.</para>
\r
27 <para>Installation of the Evergreen Staff Client software is reviewed in <xref linkend="staffclientinstallation"/>. </para>
\r
28 <para>The Evergreen server-side software has dependencies on particular versions of certain major software
\r
29 sub-components. Successful installation of Evergreen software requires that software versions agree with those
\r
31 <table xml:id="serversideinstall-software-dependencies">
\r
32 <?dbfo keep-together="always" ?>
\r
33 <title>Evergreen Software Dependencies</title>
\r
35 <primary>Evergreen software dependencies</primary>
\r
37 <tgroup align="left" cols="3" colsep="1" rowsep="1">
\r
38 <colspec colname="Evergreen" colnum="1" colwidth="1.0*"/>
\r
39 <colspec colname="OpenSRF" colnum="2" colwidth="1.0*"/>
\r
40 <colspec colname="PostgreSQL" colnum="3" colwidth="1.0*"/>
\r
43 <entry>Evergreen</entry>
\r
44 <entry>OpenSRF</entry>
\r
45 <entry>PostgreSQL</entry>
\r
51 <entry>1.6.2</entry>
\r
57 <section xml:id="serversideinstallation-all">
\r
58 <title>Installing Server-Side Software</title>
\r
59 <para>This section describes the installation of the major components of Evergreen server-side software.</para>
\r
60 <para>As far as possible, you should perform the following steps in the exact order given since the
\r
61 success of many steps relies on the successful completion of earlier steps. You should make backup
\r
62 copies of files and environments when you are instructed to do so. In the event of installation problems
\r
63 those copies can allow you to back out of a step gracefully and resume the installation from a known
\r
64 state. See <xref linkend="backingup"/> for further information.</para>
\r
65 <para>Of course, after you successfully complete and test the entire Evergreen installation you should
\r
66 take a final snapshot backup of your system(s). This can be the first in the series of regularly
\r
67 scheduled system backups that you should probably also begin.</para>
\r
68 <section xml:id="serversideinstallation-opensrf">
\r
70 <primary>OpenSRF</primary>
\r
71 <secondary>installation</secondary>
\r
73 <title>Installing OpenSRF 1.6.2 On <systemitem class="osname">Ubuntu</systemitem> or
\r
74 <systemitem class="osname">Debian</systemitem></title>
\r
76 <primary>Linux</primary>
\r
77 <secondary>Debian</secondary>
\r
80 <primary>Linux</primary>
\r
81 <secondary>Ubuntu</secondary>
\r
83 <para>This section describes the installation of the latest version of the Open Service Request
\r
84 Framework (OpenSRF), a major component of the Evergreen server-side software, on
\r
85 <systemitem class="osname">Ubuntu</systemitem> or <systemitem class="osname">Debian</systemitem>
\r
86 systems. Evergreen software is integrated with and depends on the OpenSRF software
\r
88 <para>Follow the steps outlined here and run the specified tests to ensure that OpenSRF is
\r
89 properly installed and configured. Do <emphasis><emphasis role="bold">not</emphasis></emphasis>
\r
90 continue with any further Evergreen installation steps
\r
91 until you have verified that OpenSRF has been successfully installed and tested.</para>
\r
93 <para>The following steps have been tested on the x86 (32-bit) and x86-64 (64-bit)
\r
94 platforms. OpenSRF 1.6.2 has been tested on <systemitem class="osname">Debian Lenny (5.0)</systemitem>, <systemitem class="osname">Debian Squeeze (6.0)</systemitem>
\r
95 and <systemitem class="osname">Ubuntu Lucid Lynx (10.04)</systemitem>, <systemitem class="osname">Debian Lenny (5.0)</systemitem>,
\r
96 <systemitem class="osname">CentOS 5</systemitem>, <systemitem class="osname">Red Hat Enterprise Linux 5</systemitem>.</para>
\r
97 <para>In the following instructions, you are asked to perform certain steps as
\r
98 either the <systemitem class="username">root</systemitem> user, the
\r
99 <systemitem class="username">opensrf</systemitem> user, or the
\r
100 <systemitem class="username">postgres</systemitem> user.</para>
\r
103 <para><systemitem class="osname">Debian</systemitem> -- To become the
\r
104 <systemitem class="username">root</systemitem> user, issue the command
\r
105 <command>su -</command> and enter the password of the
\r
106 <systemitem class="username">root</systemitem> user.</para>
\r
109 <para><systemitem class="osname">Ubuntu</systemitem> -- To become the
\r
110 <systemitem class="username">root</systemitem> user, issue the command
\r
111 <command>sudo su -</command> and enter the password of the
\r
112 <systemitem class="username">root</systemitem> user.</para>
\r
115 <para>To switch from the <systemitem class="username">root</systemitem> user to a
\r
116 different user, issue the command <command>su - USERNAME</command>. For example, to
\r
117 switch from the <systemitem class="username">root</systemitem> user to the
\r
118 <systemitem class="username">opensrf</systemitem> user, issue the command
\r
119 <command>su - opensrf</command>. Once you have become a non-root user, to become
\r
120 the <systemitem class="username">root</systemitem> user again, simply issue the command
\r
121 <command>exit</command>.</para>
\r
125 <title>Add New <systemitem class="username">opensrf</systemitem> User</title>
\r
126 <para>As the <systemitem class="username">root</systemitem> user, add the
\r
127 <systemitem class="username">opensrf</systemitem> user to the system.
\r
128 In the following example, the default shell for the
\r
129 <systemitem class="username">opensrf</systemitem> user is automatically set
\r
130 to <command>/bin/bash</command> to inherit a reasonable environment:</para>
\r
133 # as the root user:
\r
134 useradd -m -s /bin/bash opensrf
\r
135 passwd opensrf</userinput>
\r
139 <title>Download and Unpack Latest OpenSRF Version</title>
\r
141 <primary>OpenSRF</primary>
\r
142 <secondary>download</secondary>
\r
144 <para>The latest version of OpenSRF can be found here:
\r
145 <ulink url="http://evergreen-ils.org/downloads/OpenSRF-1.6.2.tar.gz"></ulink> .
\r
146 As the <systemitem class="username">opensrf</systemitem> user, change to
\r
147 the directory <filename class="directory">/home/opensrf</filename> then download
\r
148 and extract OpenSRF. The new subdirectory
\r
149 <filename class="directory">/home/opensrf/OpenSRF-1.6.2</filename> will be created:</para>
\r
152 # as the opensrf user:
\r
154 wget http://evergreen-ils.org/downloads/OpenSRF-1.6.2.tar.gz
\r
155 tar zxf OpenSRF-1.6.2.tar.gz</userinput>
\r
159 <title>Install Prerequisites to Build OpenSRF</title>
\r
160 <para>In this section you will install and configure a set of prerequisites that will be
\r
161 used to build OpenSRF. In a following step you will actually build the OpenSRF software
\r
162 using the <command>make</command> utility.</para>
\r
163 <para>As the <systemitem class="username">root</systemitem> user, enter the commands show
\r
164 below to build the prerequisites from the software distribution that you just downloaded
\r
165 and unpacked. Remember to replace <emphasis>[DISTRIBUTION]</emphasis> in the following
\r
166 example with the keyword corresponding to the name of one of the
\r
167 <systemitem class="osname">Linux</systemitem> listed distributions.
\r
168 For example, to install the prerequisites for Ubuntu version 10.04 (Lucid Lynx) you would
\r
169 enter this command: <command>make -f src/extras/Makefile.install ubuntu-lucid</command> .</para>
\r
172 # as the root user:
\r
173 cd /home/opensrf/OpenSRF-1.6.2
\r
174 make -f src/extras/Makefile.install [DISTRIBUTION]</userinput>
\r
178 <para><option>debian-squeeze</option> for <systemitem class="osname">Debian Squeeze (6.0)</systemitem>
\r
179 <indexterm><primary>Linux</primary><secondary>Debian</secondary></indexterm></para>
\r
182 <para><option>ubuntu-lucid</option> for <systemitem class="osname">Ubuntu Lucid Lynx
\r
183 (10.04)</systemitem></para>
\r
186 <para><option>centos</option> for <systemitem class="osname">CentOS 5</systemitem></para>
\r
189 <para><option>rhel</option> for <systemitem class="osname">Red Hat Enterprise Linux 5</systemitem></para>
\r
192 <para>This will install a number of packages on the system that are required by OpenSRF,
\r
193 including some Perl modules from CPAN. You can say <literal>No</literal> to the initial
\r
194 CPAN configuration prompt to allow it to automatically configure itself to download and
\r
195 install Perl modules from CPAN. The CPAN installer will ask you a number of times whether
\r
196 it should install prerequisite modules - say <literal>Yes</literal>.</para>
\r
199 <title>Build OpenSRF</title>
\r
200 <para>In this section you will configure, build and install the OpenSRF
\r
201 components that support other Evergreen services.</para>
\r
204 <title>Configure OpenSRF</title>
\r
206 <primary>OpenSRF</primary>
\r
207 <secondary>configure</secondary>
\r
209 <para>As the <systemitem class="username">opensrf</systemitem>
\r
210 user, return to the new OpenSRF build directory and use the
\r
211 <command>configure</command> utility to prepare for the next
\r
212 step of compiling and linking the software. If you wish to
\r
213 include support for Python and Java, add the configuration
\r
214 options <option>--enable-python</option> and
\r
215 <option>--enable-java</option>, respectively:</para>
\r
218 # as the opensrf user:
\r
219 cd /home/opensrf/OpenSRF-1.6.2
\r
220 ./configure --prefix=/openils --sysconfdir=/openils/conf
\r
223 <para>This step will take several minutes to complete.</para>
\r
226 <title>Compile, Link and Install OpenSRF</title>
\r
227 <para>As the <systemitem class="username">root</systemitem>
\r
228 user, return to the new OpenSRF build directory and use the
\r
229 <command>make</command> utility to compile, link and install
\r
233 # as the root user:
\r
234 cd /home/opensrf/OpenSRF-1.6.2
\r
235 make install</userinput>
\r
237 <para>This step will take several minutes to complete.</para>
\r
240 <title>Update the System Dynamic Library Path</title>
\r
241 <para>You must update the system dynamic library path to force
\r
242 your system to recognize the newly installed libraries. As the
\r
243 <systemitem class="username">root</systemitem> user, do this by
\r
244 creating the new file
\r
245 <filename>/etc/ld.so.conf.d/osrf.conf</filename> containing a
\r
246 new library path, then run the command
\r
247 <command>ldconfig</command> to automatically read the file and
\r
248 modify the system dynamic library path:</para>
\r
251 # as the root user:
\r
252 echo "/openils/lib" > /etc/ld.so.conf.d/osrf.conf
\r
253 ldconfig</userinput>
\r
256 <step xml:id="serversideinstallation-definedomains">
\r
257 <title>Define Public and Private OpenSRF Domains</title>
\r
258 <para>For security purposes, OpenSRF uses Jabber domains to separate services
\r
259 into public and private realms. On a single-server system the easiest way to
\r
260 define public and private OpenSRF domains is to define separate host names by
\r
261 adding entries to the file <filename>/etc/hosts</filename>.</para>
\r
262 <para>In the following steps we will use the example domains
\r
263 <systemitem class="domainname">public.localhost</systemitem> for the public
\r
264 domain and <systemitem class="domainname">private.localhost</systemitem>
\r
265 for the private domain. In an upcoming step, you will configure two special
\r
266 <systemitem class="service">ejabberd</systemitem> users
\r
267 to handle communications for these two domains.</para>
\r
268 <para>As the <systemitem class="username">root</systemitem> user, edit the file
\r
269 <filename>/etc/hosts</filename> and add the following example domains:</para>
\r
271 <primary>Jabber</primary>
\r
275 # as the root user:
\r
276 127.0.1.2 public.localhost public
\r
277 127.0.1.3 private.localhost private</userinput>
\r
281 <title>Change File Ownerships</title>
\r
282 <para>Finally, as the <systemitem class="username">root</systemitem>
\r
283 user, change the ownership of all files installed in the
\r
284 directory <filename class="directory">/openils</filename> to the
\r
285 user <systemitem class="username">opensrf</systemitem>:</para>
\r
288 # as the root user:
\r
289 chown -R opensrf:opensrf /openils</userinput>
\r
294 <step xml:id="stop-ejabberd-service">
\r
295 <title>Stop the <systemitem class="service">ejabberd</systemitem> Service</title>
\r
297 <primary>ejabberd</primary>
\r
299 <para>Before continuing with configuration of <systemitem class="service">ejabberd</systemitem>
\r
300 you must stop that service. As the <systemitem class="username">root</systemitem> user,
\r
301 execute the following command to stop the service:</para>
\r
304 # as the root user:
\r
305 /etc/init.d/ejabberd stop</userinput>
\r
307 <para>If <systemitem class="service">ejabberd</systemitem> reports that it
\r
308 is already stopped, there may have been a problem when it started back
\r
309 in the installation step. If there are any remaining daemon processes such as
\r
310 <systemitem class="daemon">beam</systemitem> or
\r
311 <systemitem class="daemon">epmd</systemitem>
\r
312 you may need to perform the following commands to kill them:</para>
\r
315 # as the root user:
\r
317 killall beam; killall beam.smp
\r
318 rm /var/lib/ejabberd/*
\r
319 echo 'ERLANG_NODE=ejabberd@localhost' >> /etc/default/ejabberd</userinput>
\r
323 <title>Edit the <systemitem class="service">ejabberd</systemitem> configuration</title>
\r
324 <para>You must make several configuration changes for the
\r
325 <systemitem class="service">ejabberd</systemitem> service before
\r
326 it is started again.
\r
327 As the <systemitem class="username">root</systemitem> user, edit the file
\r
328 <filename>/etc/ejabberd/ejabberd.cfg</filename> and make the following changes:</para>
\r
331 <para>Change the line:</para>
\r
332 <literal>{hosts, ["localhost"]}.</literal>
\r
333 <para>to instead read:</para>
\r
334 <literal>{hosts, ["localhost", "private.localhost", "public.localhost"]}.</literal>
\r
338 <para>Change the line:</para>
\r
339 <literal>{max_user_sessions, 10}</literal>
\r
340 <para>to instead read:</para>
\r
341 <literal>{max_user_sessions, 10000}</literal>
\r
343 <para>If the line looks something like this:</para>
\r
344 <literal>{access, max_user_sessions, [{10, all}]}</literal>
\r
345 <para>then change it to instead read:</para>
\r
346 <literal>{access, max_user_sessions, [{10000, all}]}</literal>
\r
349 <para>Change all three occurrences of:</para>
\r
350 <literal>max_stanza_size</literal>
\r
351 <para>to instead read:</para>
\r
352 <literal>2000000</literal>
\r
355 <para>Change both occurrences of:</para>
\r
356 <literal>maxrate</literal>
\r
357 <para>to instead read:</para>
\r
358 <literal>500000</literal>
\r
361 <para>Comment out the line:</para>
\r
362 <literal>{mod_offline, []}</literal>
\r
363 <para>by placing two <literal>%</literal> comment signs in front
\r
364 so it instead reads:</para>
\r
365 <literal>%%{mod_offline, []}</literal>
\r
369 <step xml:id="serversideinstallation-opensrf-continued">
\r
370 <title>Restart the <systemitem class="service">ejabberd</systemitem> service</title>
\r
371 <para>As the <systemitem class="username">root</systemitem> user, restart the
\r
372 <systemitem class="service">ejabberd</systemitem> service to test the
\r
373 configuration changes and to register your users:</para>
\r
376 # as the root user:
\r
377 /etc/init.d/ejabberd start</userinput>
\r
381 <title>Register <systemitem class="username">router</systemitem> and
\r
382 <systemitem class="username">opensrf</systemitem> as
\r
383 <systemitem class="service">ejabberd</systemitem> users</title>
\r
384 <para>The two <systemitem class="service">ejabberd</systemitem> users
\r
385 <systemitem class="username">router</systemitem> and
\r
386 <systemitem class="username">opensrf</systemitem> must be registered
\r
387 and configured to manage OpenSRF router service and communications
\r
388 for the two domains <literal>public.localhost</literal> and
\r
389 <literal>private.localhost</literal> that you added to the file
\r
390 <filename>/etc/hosts</filename> in a previous step
\r
391 (see <xref linkend="serversideinstallation-definedomains"/>).
\r
392 The users include:</para>
\r
395 <para>the <systemitem class="username">router</systemitem> user,
\r
396 to whom all requests to connect to an OpenSRF service will be
\r
400 <para>the <systemitem class="username">opensrf</systemitem> user,
\r
401 which clients use to connect to OpenSRF services (you may name
\r
402 the user anything you like, but we use
\r
403 <literal>opensrf</literal> in these examples)</para>
\r
406 <para>As the <systemitem class="username">root</systemitem> user, execute the
\r
407 <command>ejabberdctl</command> utility as shown below to register and create passwords
\r
408 for the users <systemitem class="username">router</systemitem> and
\r
409 <systemitem class="username">opensrf</systemitem> on each domain (remember to replace
\r
410 <emphasis>NEWPASSWORD</emphasis> with the appropriate password):</para>
\r
413 # as the root user:
\r
414 # Note: the syntax for registering a user with ejabberdctl is:
\r
415 # ejabberdctl register USER DOMAIN PASSWORD
\r
416 ejabberdctl register router private.localhost NEWPASSWORD
\r
417 ejabberdctl register router public.localhost NEWPASSWORD
\r
418 ejabberdctl register opensrf private.localhost NEWPASSWORD
\r
419 ejabberdctl register opensrf public.localhost NEWPASSWORD</userinput>
\r
421 <para>Note that the users <systemitem class="username">router</systemitem> and
\r
422 <systemitem class="username">opensrf</systemitem> and their respective passwords
\r
423 will be used again in <xref linkend="serversideinstallation-passwords"/> when
\r
424 we modify the OpenSRF configuration file <filename>/openils/conf/opensrf_core.xml</filename> .</para>
\r
426 <step xml:id="serversideinstallation-opensrf-createconfig">
\r
427 <title>Create OpenSRF configuration files</title>
\r
428 <para>As the <systemitem class="username">opensrf</systemitem> user,
\r
429 execute the following commands to create the new configuration files
\r
430 <filename>/openils/conf/opensrf_core.xml</filename> and
\r
431 <filename>/openils/conf/opensrf.xml</filename> from the example templates:</para>
\r
434 # as the opensrf user:
\r
436 cp opensrf.xml.example opensrf.xml
\r
437 cp opensrf_core.xml.example opensrf_core.xml</userinput>
\r
440 <step xml:id="serversideinstallation-passwords">
\r
441 <title>Update usernames and passwords in the OpenSRF configuration file</title>
\r
442 <para>As the <systemitem class="username">opensrf</systemitem> user, edit the
\r
443 OpenSRF configuration file <filename>/openils/conf/opensrf_core.xml</filename>
\r
444 and update the usernames and passwords to match the values shown in the
\r
445 following table. The left-hand side of <xref linkend="serversideinstallation-xpath-table-1"/>
\r
446 shows common XPath syntax to indicate the approximate position within the XML
\r
447 file that needs changes. The right-hand side of the table shows the replacement
\r
449 <table xml:id="serversideinstallation-xpath-table-1">
\r
450 <?dbfo keep-together="always" ?>
\r
451 <title>Sample XPath syntax for editing "opensrf_core.xml"</title>
\r
452 <tgroup align="left" cols="2" colsep="1" rowsep="1">
\r
453 <colspec colname="Xpath" colnum="1" colwidth="1.6*"/>
\r
454 <colspec colname="Value" colnum="2" colwidth="2.0*"/>
\r
457 <entry>XPath location</entry>
\r
458 <entry>Value</entry>
\r
463 <entry>/config/opensrf/username</entry>
\r
465 <systemitem class="username">opensrf</systemitem>
\r
469 <entry>/config/opensrf/passwd </entry>
\r
470 <entry><systemitem class="domainname">private.localhost</systemitem>
\r
472 <systemitem class="username">opensrf</systemitem> user
\r
476 <entry>/config/gateway/username</entry>
\r
478 <systemitem class="username">opensrf</systemitem>
\r
482 <entry>/config/gateway/passwd</entry>
\r
483 <entry><systemitem class="domainname">public.localhost</systemitem>
\r
485 <systemitem class="username">opensrf</systemitem> user
\r
489 <entry>/config/routers/router/transport/username,
\r
490 first entry where server == public.localhost</entry>
\r
492 <systemitem class="username">router</systemitem>
\r
496 <entry>/config/routers/router/transport/password,
\r
497 first entry where server == public.localhost</entry>
\r
498 <entry><systemitem class="domainname">public.localhost</systemitem>
\r
500 <systemitem class="username">router</systemitem> user
\r
504 <entry>/config/routers/router/transport/username,
\r
505 second entry where server == private.localhost</entry>
\r
507 <systemitem class="username">router</systemitem>
\r
511 <entry>/config/routers/router/transport/password,
\r
512 second entry where server == private.localhost</entry>
\r
513 <entry><systemitem class="domainname">private.localhost</systemitem>
\r
515 <systemitem class="username">router</systemitem> user
\r
521 <para>You may also need to modify the file to specify the domains from which
\r
522 <systemitem class="service">OpenSRF</systemitem> will accept connections,
\r
523 and to which it will make connections.
\r
524 If you are installing <application>OpenSRF</application> on a single server
\r
525 and using the <systemitem class="domainname">private.localhost</systemitem> and
\r
526 <systemitem class="domainname">public.localhost</systemitem> domains,
\r
527 these will already be set to the correct values. Otherwise, search and replace
\r
528 to match values for your own systems.</para>
\r
531 <title>Set location of the persistent database</title>
\r
532 <para>As the <systemitem class="username">opensrf</systemitem> user, edit the
\r
533 file <filename>/openils/conf/opensrf.xml</filename>, then find and modify the
\r
534 element <literal>dbfile</literal> (near the end of the file) to set the
\r
535 location of the persistent database. Change the default line:</para>
\r
536 <literal>/openils/var/persist.db</literal>
\r
537 <para>to instead read:</para>
\r
538 <literal>/tmp/persist.db</literal>
\r
539 <para>Following is a sample modification of that portion of the file:</para>
\r
540 <programlisting language="xml"><![CDATA[
\r
541 <!-- Example of an app-specific setting override -->
\r
544 <dbfile>/tmp/persist.db</dbfile>
\r
547 ]]></programlisting>
\r
549 <step xml:id="serversideinstallation-srfsh">
\r
550 <title>Create configuration files for users needing <command>srfsh</command></title>
\r
551 <para>In this section you will set up a special configuration file for each user
\r
552 who will need to run the <command>srfsh</command> (pronounced <emphasis>surf
\r
553 shell</emphasis>) utility.</para>
\r
555 <primary>srfsh</primary>
\r
557 <para>The software installation will automatically create the utility
\r
558 <command>srfsh</command> (surf shell), a command line diagnostic tool for
\r
559 testing and interacting with <application>OpenSRF</application>. It will be used
\r
560 in a future step to complete and test the Evergreen installation. See
\r
561 <xref linkend="serversideinstallation-testing"/> for further information.</para>
\r
562 <para>As the <systemitem class="username">root</systemitem> user, copy the
\r
563 sample configuration file <filename>/openils/conf/srfsh.xml.example</filename>
\r
564 to the home directory of each user who will use <command>srfsh</command>.
\r
565 For instance, do the following for the
\r
566 <systemitem class="username">opensrf</systemitem> user:</para>
\r
569 # as the root user:
\r
570 cp /openils/conf/srfsh.xml.example /home/opensrf/.srfsh.xml</userinput>
\r
572 <para>Edit each user's file <filename>~/.srfsh.xml</filename> and make the
\r
573 following changes:</para>
\r
576 <para>Modify <literal>domain</literal> to be the router hostname
\r
577 (following our domain examples,
\r
578 <systemitem class="domainname">private.localhost</systemitem> will give
\r
579 <command>srfsh</command> access to all OpenSRF services, while
\r
580 <systemitem class="domainname">public.localhost</systemitem>
\r
581 will only allow access to those OpenSRF services that are
\r
582 publicly exposed).</para>
\r
585 <para>Modify <literal>username</literal> and
\r
586 <literal>password</literal> to match the
\r
587 <literal>opensrf</literal> Jabber user for the chosen
\r
591 <para>Modify <literal>logfile</literal> to be the full path for
\r
592 a log file to which the user has write access</para>
\r
595 <para>Modify <literal>loglevel</literal> as needed for testing</para>
\r
598 <para>Change the owner of the file to match the owner of the home directory</para>
\r
601 <para>Following is a sample of the file:</para>
\r
602 <programlisting language="xml"><![CDATA[
\r
603 <?xml version="1.0"?>
\r
604 <!-- This file follows the standard bootstrap config file layout -->
\r
605 <!-- found in opensrf_core.xml -->
\r
607 <router_name>router</router_name>
\r
608 <domain>private.localhost</domain>
\r
609 <username>opensrf</username>
\r
610 <passwd>SOMEPASSWORD</passwd>
\r
612 <logfile>/tmp/srfsh.log</logfile>
\r
613 <!-- 0 None, 1 Error, 2 Warning, 3 Info, 4 debug, 5 Internal (Nasty) -->
\r
614 <loglevel>4</loglevel>
\r
616 ]]></programlisting>
\r
619 <title>Modify the environmental variable <envar>PATH</envar> for the
\r
620 <systemitem class="username">opensrf</systemitem> user</title>
\r
621 <para>As the <systemitem class="username">opensrf</systemitem> user, modify the
\r
622 environmental variable <envar>PATH</envar> by adding a new file path to the
\r
623 <systemitem class="username">opensrf</systemitem> user's shell configuration
\r
624 file <filename>~/.bashrc</filename>:</para>
\r
627 # as the opensrf user:
\r
628 echo "export PATH=/openils/bin:\$PATH" >> ~/.bashrc</userinput>
\r
632 <title>Start OpenSRF</title>
\r
633 <para>As the <systemitem class="username">root</systemitem> user, start the
\r
634 <systemitem class="service">ejabberd</systemitem> and
\r
635 <systemitem class="service">memcached</systemitem> services:</para>
\r
638 # as the root user:
\r
639 /etc/init.d/ejabberd start
\r
640 /etc/init.d/memcached start</userinput>
\r
642 <para>As the <systemitem class="username">opensrf</systemitem> user,
\r
643 start OpenSRF as follows:</para>
\r
646 # as the opensrf user:
\r
647 osrf_ctl.sh -l -a start_all</userinput>
\r
649 <para>The flag <option>-l</option> forces Evergreen to use
\r
650 <systemitem class="domainname">localhost</systemitem> (your current system)
\r
651 as the hostname. The flag <option>-a start_all</option> starts the other
\r
652 OpenSRF <systemitem class="service">router</systemitem> ,
\r
653 <systemitem class="service">Perl</systemitem> , and
\r
654 <systemitem class="service">C</systemitem> services.</para>
\r
657 <para>You can also start Evergreen without the
\r
658 <option>-l</option> flag, but the <command>osrf_ctl.sh</command>
\r
659 utility must know the fully qualified domain name for the system
\r
660 on which it will execute. That hostname was probably specified
\r
661 in the configuration file <filename>opensrf.xml</filename> which
\r
662 you configured in a previous step.</para>
\r
665 <para>If you receive an error message similar to
\r
666 <emphasis>osrf_ctl.sh: command not found</emphasis>, then your
\r
667 environment variable <envar>PATH</envar> does not include the
\r
668 directory <filename class="directory">/openils/bin</filename>.
\r
669 As the <systemitem class="username">opensrf</systemitem> user,
\r
670 edit the configuration file <filename>~/.bashrc</filename> and
\r
671 add the following line:
\r
672 <literal>export PATH=$PATH:/openils/bin</literal></para>
\r
677 <title>Test connections to OpenSRF</title>
\r
678 <para>Once you have installed and started OpenSRF, as the
\r
679 <systemitem class="username">root</systemitem> user, test your connection to
\r
680 <systemitem class="service">OpenSRF</systemitem> using the <command>srfsh</command>
\r
681 utility and trying to call the <command>add</command> method on the OpenSRF
\r
682 <systemitem class="service">math</systemitem> service:</para>
\r
685 # as the root user:
\r
686 /openils/bin/srfsh</userinput>
\r
688 srfsh# <userinput>request opensrf.math add 2 2</userinput></computeroutput>
\r
691 ------------------------------------
\r
692 Request Completed Successfully
\r
693 Request Time in seconds: 0.007519
\r
694 ------------------------------------</computeroutput>
\r
696 <para>For other <command>srfsh</command> commands, type in
\r
697 <userinput>help</userinput> at the prompt.</para>
\r
700 <title>Stop OpenSRF</title>
\r
701 <para>After OpenSRF has started, you can stop it at any time by using the
\r
702 <command>osrf_ctl.sh</command> again. As the
\r
703 <systemitem class="username">opensrf</systemitem>
\r
704 user, stop OpenSRF as follows:</para>
\r
707 # as the opensrf user:
\r
708 osrf_ctl.sh -l -a stop_all</userinput>
\r
713 <section xml:id="serversideinstallation-ubuntudebian">
\r
714 <title>Installing Evergreen 2.0 On <systemitem class="osname">Ubuntu</systemitem> or
\r
715 <systemitem class="osname">Debian</systemitem></title>
\r
717 <primary>Linux</primary>
\r
718 <secondary>Debian</secondary>
\r
721 <primary>Linux</primary>
\r
722 <secondary>Ubuntu</secondary>
\r
724 <para>This section outlines the installation process for the latest stable version of
\r
726 <para>In this section you will download, unpack, install, configure and test the Evergreen
\r
727 system, including the Evergreen server and the PostgreSQL database system. You will make several
\r
728 configuration changes and adjustments to the software, including updates to configure the system
\r
729 for your own locale, and some updates needed to work around a few known issues.</para>
\r
731 <para>The following steps have been tested on the x86 (32-bit) and x86-64 (64-bit)
\r
732 architectures. There may be differences between the Desktop and Server editions of
\r
733 <systemitem class="osname">Ubuntu</systemitem>. These instructions assume the Server
\r
735 <para>In the following instructions, you are asked to perform certain steps as
\r
736 either the <systemitem class="username">root</systemitem> user, the
\r
737 <systemitem class="username">opensrf</systemitem> user, or the
\r
738 <systemitem class="username">postgres</systemitem> user.</para>
\r
741 <para><systemitem class="osname">Debian</systemitem> -- To become the
\r
742 <systemitem class="username">root</systemitem> user, issue the command
\r
743 <command>su -</command> and enter the password of the
\r
744 <systemitem class="username">root</systemitem> user.</para>
\r
747 <para><systemitem class="osname">Ubuntu</systemitem> -- To become the
\r
748 <systemitem class="username">root</systemitem> user, issue the command
\r
749 <command>sudo su -</command> and enter the password of the
\r
750 <systemitem class="username">root</systemitem> user.</para>
\r
753 <para>To switch from the <systemitem class="username">root</systemitem> user to a
\r
754 different user, issue the command <command>su - USERNAME</command>. For example, to
\r
755 switch from the <systemitem class="username">root</systemitem> user to the
\r
756 <systemitem class="username">opensrf</systemitem> user, issue the command
\r
757 <command>su - opensrf</command>. Once you have become a non-root user, to become the
\r
758 <systemitem class="username">root</systemitem> user again, simply issue the command
\r
759 <command>exit</command>.</para>
\r
763 <title>Install OpenSRF</title>
\r
764 <para>Evergreen software is integrated with and depends on the Open Service
\r
765 Request Framework (OpenSRF) software system. For further information on
\r
766 installing, configuring and testing OpenSRF, see
\r
767 <xref linkend="serversideinstallation-opensrf"/>.</para>
\r
768 <para>Follow the steps outlined in that section and run the specified tests to
\r
769 ensure that OpenSRF is properly installed and configured. Do
\r
770 <emphasis><emphasis role="bold">not</emphasis></emphasis> continue with
\r
771 any further Evergreen installation steps until you have verified that OpenSRF
\r
772 has been successfully installed and tested.</para>
\r
775 <title>Download and Unpack Latest Evergreen Version</title>
\r
776 <para>The latest version of Evergreen can be found here:
\r
777 <ulink url="http://evergreen-ils.org/downloads/Evergreen-ILS-2.0.1.tar.gz"></ulink> .
\r
778 As the <systemitem class="username">opensrf</systemitem> user, change to
\r
779 the directory <filename class="directory">/home/opensrf</filename> then download
\r
780 and extract Evergreen. The new subdirectory
\r
781 <filename class="directory">/home/opensrf/Evergreen-ILS-2.0.1</filename> will be created:</para>
\r
784 # as the opensrf user:
\r
786 wget http://evergreen-ils.org/downloads/Evergreen-ILS-2.0.1.tar.gz
\r
787 tar zxf Evergreen-ILS-2.0.1.tar.gz</userinput>
\r
790 <step xml:id="serversideinstallation-installprereq">
\r
791 <title>Install Prerequisites to Build Evergreen</title>
\r
792 <para>In this section you will install and configure a set of prerequisites that will be
\r
793 used later in <xref linkend="serversideinstallation-configure"/> and
\r
794 <xref linkend="serversideinstallation-compile"/> to build the Evergreen software
\r
795 using the <command>make</command> utility.</para>
\r
796 <para>As the <systemitem class="username">root</systemitem> user, enter the commands show
\r
797 below to build the prerequisites from the software distribution that you just downloaded
\r
798 and unpacked. Remember to replace <emphasis>[DISTRIBUTION]</emphasis> in the following
\r
799 example with the keyword corresponding to the name of one of the
\r
800 <systemitem class="osname">Linux</systemitem> distributions listed in the following
\r
801 distribution keywords table <xref linkend="serversideinstallation-keywords-evergreen"/> .
\r
802 For example, to install the prerequisites for Ubuntu version 10.05 (Karmic Koala) you would
\r
803 enter this command: <command>make -f Open-ILS/src/extras/Makefile.install
\r
804 ubuntu-lucid</command>.</para>
\r
807 # as the root user:
\r
808 cd /home/opensrf/Evergreen-ILS-2.0.1
\r
809 make -f Open-ILS/src/extras/Makefile.install [DISTRIBUTION]</userinput>
\r
814 <para><option>debian-squeeze</option> for <systemitem class="osname">Debian Squeeze (6.0)</systemitem></para>
\r
818 <para><option>ubuntu-lucid</option> for <systemitem class="osname">Ubuntu Lucid Lynx
\r
819 (10.04)</systemitem></para>
\r
823 <step performance="optional" xml:id="serversideinstallation-postgresql-default">
\r
824 <title>(OPTIONAL) Install the PostgreSQL Server</title>
\r
826 <primary>databases</primary>
\r
827 <secondary>PostgreSQL</secondary>
\r
829 <para>Since the PostgreSQL server is usually a standalone server in multi-server
\r
830 production systems, the prerequisite installer Makefile in the previous section
\r
831 (see <xref linkend="serversideinstallation-installprereq"/>)
\r
832 does not automatically install PostgreSQL. You must install the PostgreSQL server
\r
833 yourself, either on the same system as Evergreen itself or on another system.
\r
834 If your PostgreSQL server is on a different system, just skip this step.
\r
835 If your PostgreSQL server will be on the same system as your Evergreen
\r
836 software, you can install the required PostgreSQL server packages as described
\r
837 in <xref linkend="InstallingPostgreSQL"/>, or you can visit the official
\r
838 web site <link xl:href="http://www.postgresql.org/">http://www.postgresql.org</link>
\r
839 for more information.</para>
\r
841 <para>PostgreSQL version 8.4 is the minimum supported version to work
\r
842 with Evergreen 2.0. If you have an older version of PostgreSQL,
\r
843 you should upgrade before installing Evergreen. To find your current version
\r
844 of PostgreSQL, as the <systemitem class="username">postgres</systemitem>
\r
845 user execute the command <command>psql</command>, then type
\r
846 <userinput>SELECT version();</userinput> to get detailed information
\r
847 about your version of PostgreSQL.</para>
\r
850 <step performance="optional">
\r
851 <title>Install Perl Modules on PostgreSQL Server</title>
\r
852 <para>If PostgreSQL is running on the same system as your Evergreen software,
\r
853 then the Perl modules will automatically be available. Just skip this step.
\r
854 Otherwise, continue if your PostgreSQL server is running on another system.</para>
\r
855 <para>You will need to install several Perl modules on the other system. As the
\r
856 <systemitem class="username">root</systemitem> user install the following Perl
\r
858 <para>as the root user, ensure the gcc compiler is installed:</para>
\r
860 <userinput>aptitude install gcc libxml-libxml-perl libxml-libxslt-perl</userinput>
\r
862 <para>then install the Perl modules:</para>
\r
864 <userinput>perl -MCPAN -e shell</userinput>
\r
865 <prompt>cpan></prompt> <userinput>Business::ISBN</userinput>
\r
866 <prompt>cpan></prompt> <userinput>install JSON::XS</userinput>
\r
867 <prompt>cpan></prompt> <userinput>Library::CallNumber::LC</userinput>
\r
868 <prompt>cpan></prompt> <userinput>install MARC::Record</userinput>
\r
869 <prompt>cpan></prompt> <userinput>install MARC::File::XML</userinput>
\r
870 <prompt>cpan></prompt> <userinput>cpan UUID::Tiny</userinput>
\r
872 <para>For more information on installing Perl Modules vist the official
\r
873 <link xl:href="http://www.cpan.org/">CPAN</link> site.</para>
\r
875 <primary>Perl</primary>
\r
876 <secondary>CPAN</secondary>
\r
880 <title>Update the System Dynamic Library Path</title>
\r
881 <para>You must update the system dynamic library path to force your system to recognize
\r
882 the newly installed libraries. As the <systemitem class="username">root</systemitem> user,
\r
883 do this by creating the new file <filename>/etc/ld.so.conf.d/osrf.conf</filename>
\r
884 containing a new library path, then run the command <command>ldconfig</command> to
\r
885 automatically read the file and modify the system dynamic library path:</para>
\r
888 # as the root user:
\r
889 echo "/usr/local/lib" >> /etc/ld.so.conf.d/osrf.conf
\r
890 echo "/usr/local/lib/dbd" >> /etc/ld.so.conf.d/osrf.conf
\r
891 ldconfig</userinput>
\r
894 <step performance="optional">
\r
895 <title>Restart the PostgreSQL Server</title>
\r
896 <para>If PostgreSQL is running on the same system as the rest of Evergreen, as
\r
897 the <systemitem class="username">root</systemitem> user you must restart
\r
898 PostgreSQL to re-read the new library paths just configured. If PostgreSQL is
\r
899 running on another system, you may skip this step.
\r
900 As the <systemitem class="username">opensrf</systemitem> user,
\r
901 execute the following command (remember to replace
\r
902 <emphasis>PGSQL_VERSION</emphasis> with your installed PostgreSQL version,
\r
903 for example <literal>8.4</literal>):</para>
\r
906 # as the opensrf user:
\r
907 /etc/init.d/postgresql-PGSQL_VERSION restart</userinput>
\r
910 <step xml:id="serversideinstallation-configure">
\r
911 <title>Configure Evergreen</title>
\r
912 <para>In this step you will use the <command>configure</command> and
\r
913 <command>make</command> utilities to configure Evergreen so it can be compiled
\r
914 and linked later in <xref linkend="serversideinstallation-compile"/>.</para>
\r
915 <para>As the <systemitem class="username">opensrf</systemitem> user, return to
\r
916 the Evergreen build directory and execute these commands:</para>
\r
919 # as the opensrf user:
\r
920 cd /home/opensrf/Evergreen-ILS-2.0.1
\r
921 ./configure --prefix=/openils --sysconfdir=/openils/conf
\r
925 <step xml:id="serversideinstallation-compile">
\r
926 <title>Compile, Link and Install Evergreen</title>
\r
927 <para>In this step you will actually compile, link and install Evergreen and the
\r
928 default Evergreen Staff Client.</para>
\r
929 <para>As the <systemitem class="username">root</systemitem> user, return to the
\r
930 Evergreen build directory and use the <command>make</command> utility as shown below:</para>
\r
933 # as the root user:
\r
934 cd /home/opensrf/Evergreen-ILS-2.0.1
\r
935 make STAFF_CLIENT_BUILD_ID=rel_2_0_1 install</userinput>
\r
937 <para>The Staff Client will also be automatically built, but you must remember
\r
938 to set the variable <envar>STAFF_CLIENT_BUILD_ID</envar> to match the version of the
\r
939 Staff Client you will use to connect to the Evergreen server.</para>
\r
940 <para>The above commands will create a new subdirectory
\r
941 <filename class="directory">/openils/var/web/xul/rel_2_0_1</filename>
\r
942 containing the Staff Client.</para>
\r
943 <para>To complete the Staff Client installation, as the
\r
944 <systemitem class="username">root</systemitem> user execute the following commands to
\r
945 create a symbolic link named <emphasis>server</emphasis> in the head of the Staff Client
\r
946 directory <filename class="directory">/openils/var/web/xul</filename> that points to the
\r
947 subdirectory <filename class="directory">/server</filename> of the new Staff Client
\r
951 # as the root user:
\r
952 cd /openils/var/web/xul
\r
953 ln -sf rel_2_0_1/server server</userinput>
\r
957 <title>Copy the OpenSRF Configuration Files</title>
\r
958 <para>In this step you will replace some OpenSRF configuration files that you set up in
\r
959 <xref linkend="serversideinstallation-opensrf-createconfig"/> when you installed and
\r
960 tested OpenSRF.</para>
\r
961 <para>You must copy several example OpenSRF configuration files into place after first
\r
962 creating backup copies for troubleshooting purposes, then change all the file ownerships
\r
963 to <systemitem class="username">opensrf</systemitem>.
\r
964 As the <systemitem class="username">root</systemitem> user, execute the following
\r
968 # as the root user:
\r
970 cp opensrf.xml opensrf.xml.BAK
\r
971 cp opensrf_core.xml opensrf_core.xml.BAK
\r
972 cp opensrf.xml.example opensrf.xml
\r
973 cp opensrf_core.xml.example opensrf_core.xml
\r
974 cp oils_web.xml.example oils_web.xml
\r
975 chown -R opensrf:opensrf /openils/</userinput>
\r
979 <title>Create and Configure PostgreSQL Database</title>
\r
981 <primary>databases</primary>
\r
982 <secondary>PostgreSQL</secondary>
\r
984 <para>In this step you will create the Evergreen database. In the commands
\r
985 below, remember to adjust the path of the <emphasis role="bold">contrib</emphasis>
\r
986 repository to match your PostgreSQL server
\r
987 layout. For example, if you built PostgreSQL from source the path would be
\r
988 <filename class="directory">/usr/local/share/contrib</filename> , and if you
\r
989 installed the PostgreSQL 8.4 server packages on <systemitem class="osname">Ubuntu</systemitem>,
\r
991 <systemitem class="directory">/usr/share/postgresql/8.4/contrib/</systemitem> .</para>
\r
995 <emphasis role="bold">Create and configure the database</emphasis>
\r
997 <para>As the <systemitem class="username">postgres</systemitem>
\r
998 user on the PostgreSQL system create the PostgreSQL database,
\r
999 then set some internal paths:</para>
\r
1002 # as the postgres user:
\r
1003 createdb evergreen -E UTF8 -T template0
\r
1004 createlang plperl evergreen
\r
1005 createlang plperlu evergreen
\r
1006 createlang plpgsql evergreen</userinput>
\r
1008 <para>Continue as the <systemitem class="username">postgres</systemitem> user
\r
1009 and execute the SQL scripts as shown below (remember to adjust the paths as needed,
\r
1010 where <emphasis>PGSQL_VERSION</emphasis> is your installed PostgreSQL
\r
1011 version, for example <literal>8.4</literal>).</para>
\r
1014 # as the postgres user:
\r
1015 psql -f /usr/share/postgresql/PGSQL_VERSION/contrib/tablefunc.sql evergreen
\r
1016 psql -f /usr/share/postgresql/PGSQL_VERSION/contrib/tsearch2.sql evergreen
\r
1017 psql -f /usr/share/postgresql/PGSQL_VERSION/contrib/pgxml.sql evergreen</userinput>
\r
1020 <step xml:id="serversideinstallation-postgresqlcreateuser">
\r
1021 <title>Create <systemitem class="username">evergreen</systemitem> PostgreSQL user</title>
\r
1022 <para>As the <systemitem class="username">postgres</systemitem>
\r
1023 user on the PostgreSQL system, create a new PostgreSQL user
\r
1024 named <systemitem class="username">evergreen</systemitem> and
\r
1025 assign a password (remember to replace <emphasis>NEWPASSWORD</emphasis>
\r
1026 with an appropriate new password):</para>
\r
1029 # as the postgres user:
\r
1030 createuser -P -s evergreen</userinput>
\r
1032 Enter password for new role: <userinput>NEWPASSWORD</userinput>
\r
1033 Enter it again: <userinput>NEWPASSWORD</userinput></computeroutput>
\r
1037 <title>Create database schema</title>
\r
1038 <para>In this step you will create the database schema and configure your
\r
1039 system with the corresponding database authentication details for the
\r
1040 <emphasis>evergreen</emphasis> database user that you just created in
\r
1041 <xref linkend="serversideinstallation-postgresqlcreateuser"/>.</para>
\r
1042 <para>As the <systemitem class="username">root</systemitem> user, enter
\r
1043 the following commands and replace <emphasis>HOSTNAME, PORT,
\r
1044 PASSWORD</emphasis> and <emphasis>DATABASENAME</emphasis> with appropriate
\r
1048 # as the root user:
\r
1049 cd /home/opensrf/Evergreen-ILS-2.0.1
\r
1050 perl Open-ILS/src/support-scripts/eg_db_config.pl --update-config \
\r
1051 --service all --create-schema --create-offline \
\r
1052 --hostname HOSTNAME --port PORT \
\r
1053 --user evergreen --password PASSWORD --database DATABASENAME</userinput>
\r
1055 <para>On most systems, <emphasis>HOSTNAME</emphasis> will be
\r
1056 <emphasis role="bold">localhost</emphasis> and
\r
1057 <emphasis>PORT</emphasis> will be <emphasis role="bold">5432</emphasis>.
\r
1058 Of course, values for <emphasis>PASSWORD</emphasis> and
\r
1059 <emphasis>DATABASENAME</emphasis> must match the values you used in
\r
1060 <xref linkend="serversideinstallation-postgresqlcreateuser"/>.</para>
\r
1061 <para>As the command executes, you may see warnings similar to:
\r
1062 <literal>ERROR: schema SOMENAME does not exist</literal> (in fact,
\r
1063 you may see one warning per schema) but they can be safely ignored.</para>
\r
1064 <note>If you are entering the above command on a single line, do not
\r
1065 include the <literal>\</literal> (backslash) characters. If you are using
\r
1066 the <command>bash</command> shell, these should only be used at the end of
\r
1067 a line at a <command>bash</command> prompt to indicate that the command is
\r
1068 continued on the next line.</note>
\r
1073 <title>Configure the Apache web server</title>
\r
1075 <primary>web server</primary>
\r
1076 <secondary>Apache</secondary>
\r
1078 <para>In this step you will configure the Apache web server to support Evergreen
\r
1080 <para>First, you must enable some built-in Apache modules and install some
\r
1081 additional Apache configuration files. Then you will create a new Security
\r
1082 Certificate. Finally, you must make several changes to the Apache configuration
\r
1086 <title>Enable the required Apache Modules</title>
\r
1087 <para>As the <systemitem class="username">root</systemitem>
\r
1088 user, enable some modules in the Apache server, then copy the
\r
1089 new configuration files to the Apache server directories:</para>
\r
1091 <primary>Apache modules</primary>
\r
1095 # as the root user:
\r
1096 a2enmod ssl # enable mod_ssl
\r
1097 a2enmod rewrite # enable mod_rewrite
\r
1098 a2enmod expires # enable mod_expires</userinput>
\r
1100 <para>As the commands execute, you may see warnings similar to:
\r
1101 <literal>Module SOMEMODULE already enabled</literal> but you can
\r
1102 safely ignore them.</para>
\r
1105 <title>Copy Apache configuration files</title>
\r
1106 <para>You must copy the Apache configuration files from the
\r
1107 Evergreen installation directory to the Apache directory. As the
\r
1108 <systemitem class="username">root</systemitem> user, perform the
\r
1109 following commands:</para>
\r
1112 # as the root user:
\r
1113 cd /home/opensrf/Evergreen-ILS-2.0.1
\r
1114 cp Open-ILS/examples/apache/eg.conf /etc/apache2/sites-available/
\r
1115 cp Open-ILS/examples/apache/eg_vhost.conf /etc/apache2/
\r
1116 cp Open-ILS/examples/apache/startup.pl /etc/apache2/</userinput>
\r
1119 <step xml:id="serversideinstallation-createsslcertificate">
\r
1120 <title>Create a Security Certificate</title>
\r
1121 <para>In this step you will create a new Security Certificate (SSL Key)
\r
1122 for the Apache server using the <command>openssl</command> command. For a
\r
1123 public production server you must configure or purchase a signed SSL
\r
1124 certificate, but for now you can just use a self-signed certificate and
\r
1125 accept the warnings in the Staff Client and browser during testing and
\r
1126 development. As the <systemitem class="username">root</systemitem> user,
\r
1127 perform the following commands:</para>
\r
1130 # as the root user:
\r
1131 mkdir /etc/apache2/ssl
\r
1132 cd /etc/apache2/ssl
\r
1133 openssl req -new -x509 -days 365 -nodes -out server.crt -keyout server.key</userinput>
\r
1135 <para>You will be prompted for several items of information; enter
\r
1136 the appropriate information for each item. The new files
\r
1137 <filename>server.crt</filename> and <filename>server.key</filename> will
\r
1138 be created in the directory
\r
1139 <filename class="directory">/etc/apache2/ssl</filename> .</para>
\r
1140 <note>This step generates a self-signed SSL certificate. You must install
\r
1141 a proper SSL certificate for a public production system to avoid warning
\r
1142 messages when users login to their account through the OPAC or when staff
\r
1143 login through the Staff Client. For further information on
\r
1144 installing a proper SSL certificate, see
\r
1145 <xref linkend="serversideinstallation-ssl"/>.</note>
\r
1147 <step xml:id="serversideinstallation-modify-apache">
\r
1148 <title>Update Apache configuration file</title>
\r
1149 <para>You must make several changes to the new Apache
\r
1150 configuration file
\r
1151 <filename>/etc/apache2/sites-available/eg.conf</filename> .
\r
1152 As the <systemitem class="username">root</systemitem> user,
\r
1153 edit the file and make the following changes:</para>
\r
1156 <para>In the section
\r
1157 <literal><Directory "/openils/var/cgi-bin"></literal>
\r
1158 replace the line:</para>
\r
1159 <literal>Allow from 10.0.0.0/8</literal>
\r
1160 <para>with the line:</para>
\r
1161 <literal>Allow from all</literal>
\r
1162 <warning>This change allows access to your configuration
\r
1163 CGI scripts from any workstation on any network. This is
\r
1164 only a temporary change to expedite testing and should be
\r
1165 removed after you have finished and successfully tested
\r
1166 the Evergreen installation. See
\r
1167 <xref linkend="serversideinstallation-postinstallation"/>
\r
1168 for further details on removing this change after the
\r
1169 Evergreen installation is complete.
\r
1173 <para>Comment out the line:</para>
\r
1174 <literal>Listen 443</literal>
\r
1175 <para>since it conflicts with the same declaration in
\r
1176 the configuration file:</para>
\r
1177 <para><filename>/etc/apache2/ports.conf</filename>.</para>
\r
1180 <para>The following updates are needed to allow the logs
\r
1181 to function properly, but it may break other Apache
\r
1182 applications on your server:</para>
\r
1184 <para>Edit the Apache configuration file and change the lines:</para>
\r
1187 export APACHE_RUN_USER=www-data
\r
1188 export APACHE_RUN_GROUP=www-data</userinput>
\r
1190 <para>to instead read:</para>
\r
1193 export APACHE_RUN_USER=opensrf
\r
1194 export APACHE_RUN_GROUP=opensrf</userinput>
\r
1199 <systemitem class="username">root</systemitem> user,
\r
1200 edit the Apache configuration file
\r
1201 <filename>/etc/apache2/apache2.conf</filename> and
\r
1202 modify the value for <literal>KeepAliveTimeout</literal>
\r
1203 and <literal>MaxKeepAliveRequests</literal> to match
\r
1204 the following:</para>
\r
1207 KeepAliveTimeout 1
\r
1208 MaxKeepAliveRequests 100</userinput>
\r
1212 <para>Further configuration changes to Apache may be
\r
1213 necessary for busy systems. These changes increase the
\r
1214 number of Apache server processes that are started to
\r
1215 support additional browser connections.</para>
\r
1217 <systemitem class="username">root</systemitem> user,
\r
1218 edit the Apache configuration file
\r
1219 <filename>/etc/apache2/apache2.conf</filename>, locate
\r
1220 and modify the section related to <emphasis>prefork
\r
1221 configuration</emphasis> to suit the load on your
\r
1223 <programlisting language="xml"><![CDATA[
\r
1224 <IfModule mpm_prefork_module>
\r
1227 MaxSpareServers 15
\r
1229 MaxRequestsPerChild 10000
\r
1231 ]]></programlisting>
\r
1236 <title>Enable the Evergreen web site</title>
\r
1237 <para>Finally, you must enable the Evergreen web site. As the
\r
1238 <systemitem class="username">root</systemitem> user, execute the
\r
1239 following Apache configuration commands to disable the default
\r
1240 <emphasis>It Works</emphasis> web page and enable the Evergreen
\r
1241 web site, and then restart the Apache server:</para>
\r
1244 # as the root user:
\r
1245 # disable/enable web sites
\r
1248 # restart the server
\r
1249 /etc/init.d/apache2 reload</userinput>
\r
1254 <step xml:id="serversideinstallation-opensrf-config">
\r
1255 <title>Update the OpenSRF Configuration File</title>
\r
1256 <para>As the <systemitem class="username">opensrf</systemitem> user, edit the
\r
1257 OpenSRF configuration file <filename>/openils/conf/opensrf_core.xml</filename>
\r
1258 to update the Jabber usernames and passwords, and to specify the domain from
\r
1259 which we will accept and to which we will make connections.</para>
\r
1260 <para>If you are installing Evergreen on a single server and using the
\r
1261 <systemitem class="domainname">private.localhost</systemitem> /
\r
1262 <systemitem class="domainname">public.localhost</systemitem> domains,
\r
1263 these will already be set to the correct values. Otherwise, search and replace
\r
1264 to match your customized values.</para>
\r
1265 <para>The left-hand side of <xref linkend="serversideinstallation-xpath-table-2"/>
\r
1266 shows common XPath syntax to indicate the approximate position within the XML
\r
1267 file that needs changes. The right-hand side of the table shows the replacement
\r
1269 <table xml:id="serversideinstallation-xpath-table-2">
\r
1270 <?dbfo keep-together="always" ?>
\r
1271 <title>Sample XPath syntax for editing "opensrf_core.xml"</title>
\r
1272 <tgroup align="left" cols="2" colsep="1" rowsep="1">
\r
1273 <colspec colname="Xpath" colnum="1" colwidth="1.6*"/>
\r
1274 <colspec colname="Value" colnum="2" colwidth="2.0*"/>
\r
1277 <entry>XPath location</entry>
\r
1278 <entry>Value</entry>
\r
1283 <entry>/config/opensrf/username</entry>
\r
1285 <systemitem class="username">opensrf</systemitem>
\r
1289 <entry>/config/opensrf/passwd </entry>
\r
1290 <entry><systemitem class="domainname">private.localhost</systemitem>
\r
1292 <systemitem class="username">opensrf</systemitem> user
\r
1296 <entry>/config/gateway/username</entry>
\r
1298 <systemitem class="username">opensrf</systemitem>
\r
1302 <entry>/config/gateway/passwd</entry>
\r
1303 <entry><systemitem class="domainname">public.localhost</systemitem>
\r
1305 <systemitem class="username">opensrf</systemitem> user
\r
1309 <entry>/config/routers/router/transport/username,
\r
1310 first entry where server == public.localhost</entry>
\r
1312 <systemitem class="username">router</systemitem>
\r
1316 <entry>/config/routers/router/transport/password,
\r
1317 first entry where server == public.localhost</entry>
\r
1318 <entry><systemitem class="domainname">public.localhost</systemitem>
\r
1320 <systemitem class="username">router</systemitem> user
\r
1324 <entry>/config/routers/router/transport/username,
\r
1325 second entry where server == private.localhost</entry>
\r
1327 <systemitem class="username">router</systemitem>
\r
1331 <entry>/config/routers/router/transport/password,
\r
1332 second entry where server == private.localhost</entry>
\r
1333 <entry><systemitem class="domainname">private.localhost</systemitem>
\r
1335 <systemitem class="username">router</systemitem> user
\r
1342 <step performance="optional">
\r
1343 <title>(OPTIONAL) Create Configuration Files for Users Needing <command>srfsh</command></title>
\r
1344 <para>When OpenSRF was installed in <xref linkend="serversideinstallation-opensrf"/>, the
\r
1345 software installation automatically created a utility named <command>srfsh</command> (surf
\r
1346 shell). This is a command line diagnostic tool for testing and interacting with
\r
1347 OpenSRF. It will be used in a future step to complete and test the Evergreen installation.
\r
1348 Earlier in <xref linkend="serversideinstallation-srfsh"/> you also created a configuration
\r
1349 file <filename>~/.srfsh.xml</filename> for each user that might need to use the utility.
\r
1350 See <xref linkend="serversideinstallation-testing"/> for further information.</para>
\r
1352 <step xml:id="serversideinstallation-opensrf-env">
\r
1353 <title>Modify the OpenSRF Environment</title>
\r
1354 <para>In this step you will make some minor modifications to the OpenSRF environment:</para>
\r
1357 <para>As the <systemitem class="username">opensrf</systemitem> user,
\r
1358 modify the shell configuration file <filename>~/.bashrc</filename> for
\r
1359 user <systemitem class="username">opensrf</systemitem> by adding a Perl
\r
1360 environmental variable, then execute the shell configuration file to load
\r
1361 the new variables into your current environment.</para>
\r
1362 <note>In a multi-server environment, you must add any
\r
1363 modifications to <filename>~/.bashrc</filename> to the top of the file
\r
1364 <emphasis>before</emphasis> the line <literal>[ -z "$PS1" ] &&
\r
1365 return </literal>. This will allow headless (scripted) logins to load the
\r
1366 correct environment.</note>
\r
1369 # as the opensrf user:
\r
1370 echo "export PERL5LIB=/openils/lib/perl5:\$PERL5LIB" >> ~/.bashrc
\r
1371 . ~/.bashrc</userinput>
\r
1376 <step performance="optional">
\r
1377 <title>(OPTIONAL) Enable and Disable Language Localizations</title>
\r
1378 <para>You can load translations such as Armenian (hy-AM), Canadian French
\r
1379 (fr-CA), and others into the database to complete the translations available in
\r
1380 the OPAC and Staff Client. For further information, see
\r
1381 <xref linkend="languagesandlocalization"/>.</para>
\r
1385 <section xml:id="serversideinstallation-starting">
\r
1386 <title>Starting Evergreen</title>
\r
1387 <para>In this section you will learn how to start the Evergreen services.
\r
1388 For completeness, instructions for stopping Evergreen can be found later in
\r
1389 <xref linkend="serversideinstallation-stopping"/>.</para>
\r
1392 <para>As the <systemitem class="username">root</systemitem>
\r
1393 user, start the <systemitem class="service">ejabberd</systemitem> and
\r
1394 <systemitem class="service">memcached</systemitem> services as follows:</para>
\r
1397 # as the root user:
\r
1398 /etc/init.d/ejabberd start
\r
1399 /etc/init.d/memcached start</userinput>
\r
1403 <para>As the <systemitem class="username">opensrf</systemitem> user,
\r
1404 start Evergreen as follows:</para>
\r
1407 # as the opensrf user:
\r
1408 osrf_ctl.sh -l -a start_all</userinput>
\r
1410 <para>The flag <option>-l</option> forces Evergreen to use
\r
1411 <systemitem class="domainname">localhost</systemitem> (your current system)
\r
1412 as the hostname. The flag <option>-a start_all</option> starts the other
\r
1413 OpenSRF <systemitem class="service">router</systemitem> ,
\r
1414 <systemitem class="service">Perl</systemitem> , and
\r
1415 <systemitem class="service">C</systemitem> services.</para>
\r
1418 <para>You can also start Evergreen without the
\r
1419 <option>-l</option> flag, but the <command>osrf_ctl.sh</command>
\r
1420 utility must know the fully qualified domain name for the system
\r
1421 on which it will execute. That hostname was probably specified
\r
1422 in the configuration file <filename>opensrf.xml</filename> which
\r
1423 you configured in a previous step.</para>
\r
1426 <para>If you receive an error message similar to
\r
1427 <emphasis>osrf_ctl.sh: command not found</emphasis>, then your
\r
1428 environment variable <envar>PATH</envar> does not include the
\r
1429 directory <filename class="directory">/openils/bin</filename>.
\r
1430 As the <systemitem class="username">opensrf</systemitem> user,
\r
1431 edit the configuration file <filename>~/.bashrc</filename> and
\r
1432 add the following line:
\r
1433 <literal>export PATH=$PATH:/openils/bin</literal></para>
\r
1436 <para>If you receive an error message similar to <emphasis>Can't
\r
1437 locate OpenSRF/System.pm in @INC ... BEGIN failed--compilation
\r
1438 aborted</emphasis>, then your environment variable
\r
1439 <emphasis role="bold">PERL5LIB</emphasis> does not include the
\r
1440 directory <filename class="directory">/openils/lib/perl5</filename>.
\r
1441 As the <systemitem class="username">opensrf</systemitem> user,
\r
1442 edit the configuration file <filename>~/.bashrc</filename> and
\r
1443 add the following line:
\r
1444 <literal>export PERL5LIB=$PERL5LIB:/openils/lib/perl5</literal></para>
\r
1449 <para>In this step you will generate the Web files needed by the Staff Client
\r
1450 and catalog, and update the proximity of locations in the Organizational Unit
\r
1451 tree (which allows <emphasis>Holds</emphasis> to work properly).</para>
\r
1452 <para>You must do this the first time you start Evergreen and after making any
\r
1453 changes to the library hierarchy.</para>
\r
1454 <para>As the <systemitem class="username">opensrf</systemitem> user, execute the
\r
1455 following command and review the results:</para>
\r
1458 # as the opensrf user:
\r
1460 ./autogen.sh -c /openils/conf/opensrf_core.xml -u</userinput>
\r
1462 Updating Evergreen organization tree and IDL using '/openils/conf/opensrf_core.xml'
\r
1463 Updating fieldmapper
\r
1464 Updating web_fieldmapper
\r
1466 removing OrgTree from the cache for locale hy-AM...
\r
1467 removing OrgTree from the cache for locale cs-CZ...
\r
1468 removing OrgTree from the cache for locale en-CA...
\r
1469 removing OrgTree from the cache for locale en-US...
\r
1470 removing OrgTree from the cache for locale fr-CA...
\r
1471 removing OrgTree from the cache for locale ru-RU...
\r
1472 Updating OrgTree HTML
\r
1473 Updating locales selection HTML
\r
1474 Updating Search Groups
\r
1475 Refreshing proximity of org units
\r
1476 Successfully updated the organization proximity
\r
1477 Done</computeroutput>
\r
1481 <para>As the <systemitem class="username">root</systemitem> user, restart the
\r
1482 Apache Web server:</para>
\r
1485 # as the root user:
\r
1486 /etc/init.d/apache2 restart</userinput>
\r
1488 <note>If the Apache Web server was running when you started the OpenSRF
\r
1489 services, you might not be able to successfully log into the OPAC or Staff
\r
1490 Client until the Apache Web server has been restarted.</note>
\r
1494 <section xml:id="serversideinstallation-testing">
\r
1495 <title>Testing Your Evergreen Installation</title>
\r
1496 <para>This section describes several simple tests you can perform to verify that the Evergreen
\r
1497 server-side software has been installed and configured properly and is running as
\r
1499 <simplesect xml:id="serversideinstallation-testing-connections">
\r
1500 <title>Testing Connections to Evergreen</title>
\r
1501 <para>Once you have installed and started Evergreen, test your connection to Evergreen. Start the
\r
1502 <command>srfsh</command> application and try logging onto the Evergreen server using the default
\r
1503 administrator username and password. Following is sample output generated by executing
\r
1504 <command>srfsh</command> after a successful Evergreen installation. For help with
\r
1505 <command>srfsh</command> commands, type <userinput>help</userinput> at the prompt.
\r
1506 As the <systemitem class="username">opensrf</systemitem> user,
\r
1507 execute the following commands to test your Evergreen connection:</para>
\r
1510 # as the opensrf user:
\r
1511 /openils/bin/srfsh</userinput>
\r
1513 srfsh% <userinput>login admin open-ils</userinput>
\r
1514 Received Data: "250bf1518c7527a03249858687714376"
\r
1515 ------------------------------------
\r
1516 Request Completed Successfully
\r
1517 Request Time in seconds: 0.045286
\r
1518 ------------------------------------
\r
1521 "textcode":"SUCCESS",
\r
1524 "stacktrace":"oils_auth.c:304",
\r
1526 "authtoken":"e5f9827cc0f93b503a1cc66bee6bdd1a",
\r
1530 ------------------------------------
\r
1531 Request Completed Successfully
\r
1532 Request Time in seconds: 1.336568
\r
1533 ------------------------------------</computeroutput>
\r
1535 <para>If this does not work, try the following:</para>
\r
1538 <para>As the <systemitem class="username">opensrf</systemitem> user, run the
\r
1539 <filename>settings-tester.pl</filename> utility to review your Evergreen
\r
1540 installation for any system configuration problems:</para>
\r
1543 # as the opensrf user:
\r
1545 ./Evergreen-ILS-2.0.1/Open-ILS/src/support-scripts/settings-tester.pl</userinput>
\r
1547 <para>If the output of <command>settings-tester.pl</command> does not help you
\r
1548 find the problem, please do not make any significant changes to your
\r
1549 configuration.</para>
\r
1552 <para>Follow the steps in the troubleshooting guide in
\r
1553 <xref linkend="troubleshooting"/>.</para>
\r
1556 <para>If you have followed the entire set of installation steps listed here
\r
1557 closely, you are probably extremely close to a working system. Gather your
\r
1558 configuration files and log files and contact the
\r
1559 <ulink url="http://open-ils.org/listserv.php">Evergreen Development Mailing List</ulink>
\r
1560 list for assistance before making any drastic changes to your system
\r
1561 configuration.</para>
\r
1565 <simplesect xml:id="serversideinstallation-running-staffclient">
\r
1566 <title>Testing the Staff Client on Linux</title>
\r
1567 <para>In this section you will confirm that a basic login on the Staff Client works
\r
1569 <para>Run the Evergreen Staff Client on a Linux system by using the application
\r
1570 <emphasis>XULRunner</emphasis> (installed automatically and by default with Firefox
\r
1571 version 3.0 and later on Ubuntu and Debian distributions).</para>
\r
1572 <para>As the <systemitem class="username">root</systemitem> user, start the Staff Client
\r
1576 # as the root user:
\r
1577 xulrunner /home/opensrf/Evergreen-ILS-2.0.1/Open-ILS/xul/staff_client/build/application.ini</userinput>
\r
1579 <para>A login screen for the Staff Client similar to this should appear:</para>
\r
1581 <alt>Logging into the Staff Client</alt>
\r
1583 <imagedata fileref="../media/serversideinstallation-staffclient-running-1.png" format="PNG" scalefit="1" width="70%"/>
\r
1586 <para>First, add the name of your Evergreen server to the field
\r
1587 <literal>Hostname</literal> in the <literal>Server</literal> section. You will probably
\r
1588 want to use <literal>127.0.0.1</literal>. After adding the server name, click Re-Test
\r
1589 Server. You should now see the messages <literal>200:OK</literal> in the fields
\r
1590 <literal>Status</literal> and <literal>Version</literal>.</para>
\r
1591 <para>Because this is the initial run of the Staff Client, you will see a warning in the
\r
1592 upper-right saying: <emphasis role="bold">Not yet configured for the specified
\r
1593 server</emphasis>. To continue, you must assign a workstation name. Refer to
\r
1594 <xref linkend="staffclientinstallation-workstationnames"/> for further details.</para>
\r
1595 <para>Try to log into the Staff Client with the username <literal>admin</literal> and
\r
1596 the password <literal>open-ils</literal>. If the login is successful, you will see the
\r
1597 following screen:</para>
\r
1599 <alt>Logging into the Staff Client</alt>
\r
1601 <imagedata fileref="../media/serversideinstallation-staffclient-running-4.png" format="PNG" scalefit="1" width="70%"/>
\r
1604 <para>Otherwise, you may need to click <guibutton>'Add SSL Exception'</guibutton> in the
\r
1605 main window. You should see a popup window titled <literal>Add Security Exception</literal>:</para>
\r
1607 <alt>Adding an SSL Exception in the Staff Client</alt>
\r
1609 <imagedata fileref="../media/serversideinstallation-staffclient-running-2.png" format="PNG" scalefit="1" width="70%"/>
\r
1612 <para>Click <guibutton>'Get Certificate'</guibutton>, then click <guibutton>'Confirm
\r
1613 Security Exception'</guibutton>, then click <guibutton>'Re-Test Server'</guibutton> in the
\r
1614 main window and try to log in again.</para>
\r
1616 <simplesect xml:id="serversideinstallation-starting-apache-server">
\r
1617 <title>Testing the Apache Web Server</title>
\r
1618 <para>In this section you will test the Apache configuration file(s), then restart the
\r
1619 Apache web server.</para>
\r
1620 <para>As the <emphasis role="bold">root</emphasis> user, execute the following
\r
1621 commands. Note the use of <emphasis>restart</emphasis> to force the new Evergreen
\r
1622 modules to be reloaded even if the Apache server is already running. Any problems found
\r
1623 with your configuration files should be displayed:</para>
\r
1626 # as the root user:
\r
1627 apache2ctl configtest && /etc/init.d/apache2 restart</userinput>
\r
1630 <simplesect xml:id="serversideinstallation-stopping">
\r
1631 <title>Stopping Evergreen</title>
\r
1632 <para>In <xref linkend="serversideinstallation-starting"/> you learned how to start the
\r
1633 Evergreen services. For completeness, following are instructions for stopping the
\r
1634 Evergreen services.</para>
\r
1635 <para>As the <systemitem class="username">opensrf</systemitem> user, stop all Evergreen
\r
1636 services by using the following command:</para>
\r
1639 # as the opensrf user
\r
1640 # stop the server; use "-l" to force hostname to be "localhost"
\r
1641 osrf_ctl.sh -l -a stop_all</userinput>
\r
1643 <note>You can also stop Evergreen services <emphasis role="bold">without</emphasis> the
\r
1644 <option>-l</option> flag, but the <command>osrf_ctl.sh</command> utility must know the
\r
1645 fully qualified domain name for the system on which it will execute. That hostname may
\r
1646 have been specified in the configuration file <filename>opensrf.xml</filename>, which
\r
1647 you configured in a previous step.</note>
\r
1650 <section xml:id="serversideinstallation-postinstallation">
\r
1651 <title>Post-Installation Chores</title>
\r
1652 <para>There are several additional steps you may need to complete after Evergreen has been
\r
1653 successfully installed and tested. Some steps may not be needed (e.g., setting up support for
\r
1656 <title>Remove temporary Apache configuration changes</title>
\r
1657 <para>You modified the Apache configuration file
\r
1658 <filename>/etc/apache2/sites-available/eg.conf</filename> in an earlier step as a
\r
1659 temporary measure to expedite testing (see
\r
1660 <xref linkend="serversideinstallation-modify-apache"/> for further information).
\r
1661 Those changes must now be reversed in order to deny unwanted access to your
\r
1662 CGI scripts from users on other public networks.</para>
\r
1665 <emphasis>This temporary network update was done to expedite
\r
1666 testing. You <emphasis role="bold">must</emphasis> correct
\r
1667 this for a public production system.</emphasis>
\r
1670 <para>As the <systemitem class="username">root</systemitem> user, edit the configuration
\r
1671 file again and comment out the line <literal>Allow from all</literal> and uncomment the
\r
1672 line <literal>Allow from 10.0.0.0/8</literal>, then change it to match your network
\r
1673 address scheme.</para>
\r
1675 <section xml:id="serversideinstallation-ssl">
\r
1676 <title>Configure a permanent SSL key</title>
\r
1677 <para>You used the command <command>openssl</command> in an earlier step to
\r
1678 temporarily create a new SSL key for the Apache server (see
\r
1679 <xref linkend="serversideinstallation-createsslcertificate"/> for further
\r
1680 information). This self-signed security certificate was adequate during
\r
1681 testing and development, but will continue to generate warnings in the Staff
\r
1682 Client and browser. For a public production server you should configure or
\r
1683 purchase a signed SSL certificate.</para>
\r
1684 <para>There are several open source software solutions that provide schemes to
\r
1685 generate and maintain public key security certificates for your library
\r
1686 system. Some popular projects are listed below; please review them for
\r
1687 background information on why you need such a system and how you can provide
\r
1691 <ulink url="http://www.openca.org/projects/openca/">http://www.openca.org/projects/openca/</ulink>
\r
1694 <ulink url="http://sourceforge.net/projects/ejbca/">http://sourceforge.net/projects/ejbca/</ulink>
\r
1697 <ulink url="http://pki.fedoraproject.org">http://pki.fedoraproject.org</ulink>
\r
1702 <emphasis>The temporary SSL key was only created to expedite
\r
1703 testing. You should install a proper SSL certificate for a public
\r
1704 production system.</emphasis>
\r
1709 <title>(OPTIONAL) IP-Redirection</title>
\r
1710 <para>By default, Evergreen is configured so searching the OPAC always starts in the
\r
1711 top-level (regional) library rather than in a second-level (branch) library. Instead,
\r
1712 you can use "IP-Redirection" to change the default OPAC search location to use the IP
\r
1713 address range assigned to the second-level library where the seach originates. You must
\r
1714 configure these IP ranges by creating the configuration file
\r
1715 <filename>/openils/conf/lib_ips.txt</filename> and modifying the Apache startup script
\r
1716 <filename>/etc/apache2/startup.pl</filename>.</para>
\r
1717 <para>First, copy the sample file
\r
1718 <filename>/home/opensrf/Evergreen-ILS-1.6.1.2/Open-ILS/examples/lib_ips.txt.example</filename>
\r
1719 to <filename>/openils/conf/lib_ips.txt</filename>. The example file contains the single
\r
1720 line: <literal>"MY-LIB 127.0.0.1 127.0.0.254"</literal>. You must modify the file to use
\r
1721 the IP address ranges for your library system. Add new lines to represent the IP address
\r
1722 range for each branch library. Replace the values for <literal>MY-LIB</literal> with the
\r
1723 values for each branch library found in the table
\r
1724 <literal>actor.org_unit</literal>.</para>
\r
1725 <para>Finally, modify the Apache startup script
\r
1726 <filename>/etc/apache2/startup.pl</filename> by uncommenting two lines as shown, then
\r
1727 restarting the Apache server:</para>
\r
1728 <programlisting language="xml"><![CDATA[
\r
1729 # - Uncomment the following 2 lines to make use of the IP redirection code
\r
1730 # - The IP file should contain a map with the following format:
\r
1731 # - actor.org_unit.shortname <start_ip> <end_ip>
\r
1732 # - e.g. LIB123 10.0.0.1 10.0.0.254
\r
1733 use OpenILS::WWW::Redirect qw(/openils/conf/opensrf_core.xml);
\r
1734 OpenILS::WWW::Redirect->parse_ips_file('/openils/conf/lib_ips.txt');
\r
1735 ]]></programlisting>
\r
1738 <title>(OPTIONAL) Set Up Support For Reports</title>
\r
1739 <para>Evergreen reports are extremely powerful but require some simple configuration.
\r
1740 See <xref linkend="report_starting_reporter_service"/> for information on starting and
\r
1741 stopping the Reporter daemon processes.</para>
\r