From af577cf0257a88bf4144fe822c885337730978d8 Mon Sep 17 00:00:00 2001 From: Steve Sheppard Date: Mon, 13 Dec 2010 10:09:33 -0500 Subject: [PATCH] more updates to bring into line with a real installation attempt; --- 1.6/admin/serversideinstallation.xml | 146 ++++++++++++++++++++++----- 1 file changed, 122 insertions(+), 24 deletions(-) diff --git a/1.6/admin/serversideinstallation.xml b/1.6/admin/serversideinstallation.xml index a6440415a8..bc57ab48c3 100644 --- a/1.6/admin/serversideinstallation.xml +++ b/1.6/admin/serversideinstallation.xml @@ -1,5 +1,6 @@ - - + + Server-side Installation of Evergreen Software @@ -572,6 +573,7 @@ opensrf user: cp /openils/conf/srfsh.xml.example /home/opensrf/.srfsh.xml + Edit each user's file ~/.srfsh.xml and make the following changes: @@ -1088,38 +1090,90 @@ - Configure the Apache web serverweb serverApacheIn this step you will configure the Apache web server to support Evergreen - software. First, you must enable some built-in Apache modules and - install some additional Apache configuration files. Then you will create a new - Security Certificate. Finally, you must make several changes to the Apache - configuration file.Enable the required Apache ModulesAs the root + + Configure the Apache web server + + web server + Apache + + In this step you will configure the Apache web server to support Evergreen + software. + First, you must enable some built-in Apache modules and install some + additional Apache configuration files. Then you will create a new Security + Certificate. Finally, you must make several changes to the Apache configuration + file. + + + Enable the required Apache Modules + As the root user, enable some modules in the Apache server, then copy the - new configuration files to the Apache server directories:Apachea2enmod ssl # enable mod_ssla2enmod rewrite # enable mod_rewritea2enmod expires # enable mod_expiresAs the commands execute, you may see warnings similar to: + new configuration files to the Apache server directories: + + Apache modules + + + a2enmod ssl # enable mod_ssl + a2enmod rewrite # enable mod_rewrite + a2enmod expires # enable mod_expires + + As the commands execute, you may see warnings similar to: Module SOMEMODULE already enabled but you can - safely ignore them.Copy Apache configuration filesYou must copy the Apache configuration files from the + safely ignore them. + + + Copy Apache configuration files + You must copy the Apache configuration files from the Evergreen installation directory to the Apache directory. As the root user, perform the - following commands:cd /home/opensrf/Evergreen-ILS-1.6.1.2cp Open-ILS/examples/apache/eg.conf /etc/apache2/sites-available/cp Open-ILS/examples/apache/eg_vhost.conf /etc/apache2/cp Open-ILS/examples/apache/startup.pl /etc/apache2/Create a Security CertificateYou must create a new Security Certificate (SSL Key) for + following commands: + + cd /home/opensrf/Evergreen-ILS-1.6.1.2 + cp Open-ILS/examples/apache/eg.conf /etc/apache2/sites-available/ + cp Open-ILS/examples/apache/eg_vhost.conf /etc/apache2/ + cp Open-ILS/examples/apache/startup.pl /etc/apache2/ + + + + Create a Security Certificate + You must create a new Security Certificate (SSL Key) for the Apache server using the openssl command. For a public production server you must configure or purchase a signed SSL certificate, but for now you can just use a self-signed certificate and accept the warnings in the Staff Client and browser during testing and development. As the root user, perform the - following commands:mkdir /etc/apache2/sslcd /etc/apache2/sslopenssl req -new -x509 -days 365 -nodes -out server.crt -keyout server.keyThis step generates a self-signed SSL + following commands: + + mkdir /etc/apache2/ssl + cd /etc/apache2/ssl + openssl req -new -x509 -days 365 -nodes -out server.crt -keyout server.key + + + This step generates a self-signed SSL certificate. You must install a proper SSL certificate for a public production system to avoid warning messages when users login to their account through the OPAC or - when staff login through the Staff Client.For further information on installing a proper SSL - certificate, see .Update Apache configuration fileYou must make several changes to the new Apache + when staff login through the Staff Client. + For further information on installing a proper SSL + certificate, see . + + + + Update Apache configuration file + You must make several changes to the new Apache configuration file /etc/apache2/sites-available/eg.conf . As the root user, - edit the file and make the following changes:In the section + edit the file and make the following changes: + + + In the section <Directory "/openils/var/cgi-bin"> replace this line: Allow from 10.0.0.0/8 - with this line: Allow from all.This change allows access to your configuration + with this line: Allow from all. + This change allows access to your configuration CGI scripts from any workstation on any network. This is only a temporary change to expedite testing and should be removed after you have finished and successfully tested @@ -1127,15 +1181,22 @@ for further details on removing this change after the Evergreen installation is complete. - Comment out the line Listen 443, + + + + Comment out the line Listen 443, since it conflicts with the same declaration in the configuration file: /etc/apache2/ports.conf. Note that Debian users should not do this since the conflict does not apply to - that operating system.The following updates are needed to allow the logs + that operating system. + + + The following updates are needed to allow the logs to function properly, but it may break other Apache - applications on your server:For the + applications on your server: + For the Linux distributions Ubuntu Hardy or Debian Etch, as @@ -1150,22 +1211,43 @@ Debian Lenny, as the root user, edit the Apache configuration file and change these - lines:export APACHE_RUN_USER=www-dataexport APACHE_RUN_GROUP=www-datato instead read:export APACHE_RUN_USER=opensrfexport APACHE_RUN_GROUP=opensrfAs the + lines: + + export APACHE_RUN_USER=www-data + export APACHE_RUN_GROUP=www-data + + to instead read: + + export APACHE_RUN_USER=opensrf + export APACHE_RUN_GROUP=opensrf + + + + As the root user, edit the Apache configuration file /etc/apache2/apache2.conf and modify the values for KeepAliveTimeout and MaxKeepAliveRequests to match - the following:KeepAliveTimeout 1MaxKeepAliveRequests 100Further configuration changes to Apache may be + the following: + + KeepAliveTimeout 1 + MaxKeepAliveRequests 100 + + + + Further configuration changes to Apache may be necessary for busy systems. These changes increase the number of Apache server processes that are started to - support additional browser connections.As the + support additional browser connections. + As the root user, edit the Apache configuration file /etc/apache2/apache2.conf, locate and modify the section related to prefork configuration to suit the load on your - system: + StartServers 20 MinSpareServers 5 @@ -1173,11 +1255,27 @@ MaxClients 150 MaxRequestsPerChild 10000 -]]>Enable the Evergreen web siteFinally, you must enable the Evergreen web site. As the +]]> + + + + + Enable the Evergreen web site + Finally, you must enable the Evergreen web site. As the root user, execute the following Apache configuration commands to disable the default It Works web page and enable the Evergreen - web site, and then restart the Apache server:# disable/enable web sitesa2dissite defaulta2ensite eg.conf# restart the server/etc/init.d/apache2 reload + web site, and then restart the Apache server: + + # disable/enable web sites + a2dissite default + a2ensite eg.conf + # restart the server + /etc/init.d/apache2 reload + + + + Update the OpenSRF Configuration File As the opensrf user, edit the -- 2.43.2