From: Steve Sheppard Date: Sat, 11 Dec 2010 16:54:57 +0000 (-0500) Subject: more updates to bring into line with a real installation attempt; X-Git-Url: https://old-git.evergreen-ils.org/?a=commitdiff_plain;h=f8fff7dd7e87e9293574c72a27695ea584261a18;p=contrib%2FConifer.git more updates to bring into line with a real installation attempt; --- diff --git a/1.6/admin/serversideinstallation.xml b/1.6/admin/serversideinstallation.xml index 94ac35e72e..a6440415a8 100644 --- a/1.6/admin/serversideinstallation.xml +++ b/1.6/admin/serversideinstallation.xml @@ -1,5 +1,5 @@ - + Server-side Installation of Evergreen Software @@ -110,8 +110,8 @@ platforms. OpenSRF 1.4.0 has been tested on Debian Etch (4.0), Debian Lenny (5.0) and Ubuntu Lucid Lynx (10.04). - In the following instructions, you are asked to perform certain steps as either - the root user, the + In the following instructions, you are asked to perform certain steps as + either the root user, the opensrf user, or the postgres user. @@ -138,9 +138,10 @@ - Add the OpenSRF User + Add New <systemitem class="username">opensrf</systemitem> User As the root user, add the - opensrf user to the system. The default shell for the new user is automatically + opensrf user to the system. + The default shell for the new user is automatically set to /bin/bash to inherit a reasonable environment: useradd -m -s /bin/bash opensrf @@ -158,7 +159,7 @@ and extract the latest version of OpenSRF. The latest version can be found here: - cd /home/opensrf/OpenSRF-1.4.0 + cd /home/opensrf wget http://evergreen-ils.org/downloads/OpenSRF-1.4.0.tar.gz tar zxf OpenSRF-1.4.0.tar.gz @@ -323,7 +324,7 @@ - + Stop the <systemitem class="service">ejabberd</systemitem> Service ejabberd @@ -354,14 +355,14 @@ it is started again. As the root user, edit the file /etc/ejabberd/ejabberd.cfg and make the following changes: - - + + Change the line: {hosts, ["localhost"]}. to: {hosts, ["localhost", "private.localhost", "public.localhost"]}. - - + + Change the line: {max_user_sessions, 10}. to: {max_user_sessions, 10000}. @@ -369,20 +370,20 @@ {access, max_user_sessions, [{10, all}]}. then change it to: {access, max_user_sessions, [{10000, all}]} - - + + Change all three occurrences of: max_stanza_size to: 2000000. - - + + Change both occurrences of: maxrate to: 500000. - - + + Comment out the line {mod_offline, []} by placing two % comment signs in front. - - + + Restart the <systemitem class="service">ejabberd</systemitem> service @@ -559,18 +560,21 @@ srfsh - The software installation will automatically create a utility named - srfsh (surf shell). This is a command line diagnostic tool for testing - and interacting with OpenSRF. It will be used in a future - step to complete and test the Evergreen installation. - See for further information. - As the root user, copy the short + The software installation will automatically create the utility + srfsh (surf shell), a command line diagnostic tool for + testing and interacting with OpenSRF. It will be used + in a future step to complete and test the Evergreen installation. See + for further information. + As the root user, copy the sample configuration file /openils/conf/srfsh.xml.example - to ~/.srfsh.xml (note the leading dot!), the home - directory of each user who will use srfsh. Finally, edit each - file ~/.srfsh.xml and make the following changes; when you - finish, remember to change the owner of the file to match the owner of the home - directory: + to the home directory of each user who will use srfsh. + For instance, do the following for the + opensrf user: + + cp /openils/conf/srfsh.xml.example /home/opensrf/.srfsh.xml + + Edit each user's file ~/.srfsh.xml and make the + following changes: Modify domain to be the router hostname @@ -594,7 +598,11 @@ Modify loglevel as needed for testing + + Change the owner of the file to match the owner of the home directory + + Following is a sample of the file: @@ -1071,176 +1079,93 @@ ERROR: schema SOMENAME does not exist (in fact, you may see one warning per schema) but they can be safely ignored. - If you are entering the above command on a single - line, do not include the \ - (backslash) characters. If you are using the - bash shell, these should only be used - at the end of a line at a bash prompt to indicate that - the command is continued on the next line. + If you are entering the above command on a single line, do + not include the \ (backslash) characters. If + you are using the bash shell, these should only + be used at the end of a line at a bash prompt + to indicate that the command is continued on the next line. - - Configure the Apache web server - - web server - Apache - - In this step you will configure the Apache web server to - support Evergreen software. - First, you must enable some built-in Apache modules and install - some additional Apache configuration files. Then you will create a new - Security Certificate. Finally, you must make several changes to the Apache - configuration file. - - - Enable the required Apache Modules - As the root - user, enable some modules in the Apache server, then - copy the new configuration files to the Apache server - directories: - - a2enmod ssl # enable mod_ssl - a2enmod rewrite # enable mod_rewrite - a2enmod expires # enable mod_expires - - As the commands execute, you may see warnings similar to: - Module SOMEMODULE already enabled - but you can safely ignore them. - - - Copy Apache configuration files - You must copy the Apache configuration - files from the Evergreen installation directory - to the Apache directory. As the - root - user, perform the following commands: - - cd /home/opensrf/Evergreen-ILS-1.6.1.2 - cp Open-ILS/examples/apache/eg.conf /etc/apache2/sites-available/ - cp Open-ILS/examples/apache/eg_vhost.conf /etc/apache2/ - cp Open-ILS/examples/apache/startup.pl /etc/apache2/ - - - - Create a Security Certificate - You must create a new Security Certificate (SSL Key) - for the Apache server using the openssl - command. For a public production server you must configure - or purchase a signed SSL certificate, but for now you can - just use a self-signed certificate and accept the warnings - in the Staff Client and browser during testing and - development. As the + + + Configure the Apache web serverweb serverApacheIn this step you will configure the Apache web server to support Evergreen + software. First, you must enable some built-in Apache modules and + install some additional Apache configuration files. Then you will create a new + Security Certificate. Finally, you must make several changes to the Apache + configuration file.Enable the required Apache ModulesAs the root + user, enable some modules in the Apache server, then copy the + new configuration files to the Apache server directories:Apachea2enmod ssl # enable mod_ssla2enmod rewrite # enable mod_rewritea2enmod expires # enable mod_expiresAs the commands execute, you may see warnings similar to: + Module SOMEMODULE already enabled but you can + safely ignore them.Copy Apache configuration filesYou must copy the Apache configuration files from the + Evergreen installation directory to the Apache directory. As the + root user, perform the + following commands:cd /home/opensrf/Evergreen-ILS-1.6.1.2cp Open-ILS/examples/apache/eg.conf /etc/apache2/sites-available/cp Open-ILS/examples/apache/eg_vhost.conf /etc/apache2/cp Open-ILS/examples/apache/startup.pl /etc/apache2/Create a Security CertificateYou must create a new Security Certificate (SSL Key) for + the Apache server using the openssl + command. For a public production server you must configure or + purchase a signed SSL certificate, but for now you can just use + a self-signed certificate and accept the warnings in the Staff + Client and browser during testing and development. As the + root user, perform the + following commands:mkdir /etc/apache2/sslcd /etc/apache2/sslopenssl req -new -x509 -days 365 -nodes -out server.crt -keyout server.keyThis step generates a self-signed SSL + certificate. You must install a proper SSL certificate + for a public production system to avoid warning messages + when users login to their account through the OPAC or + when staff login through the Staff Client.For further information on installing a proper SSL + certificate, see .Update Apache configuration fileYou must make several changes to the new Apache + configuration file + /etc/apache2/sites-available/eg.conf . + As the root user, + edit the file and make the following changes:In the section + <Directory "/openils/var/cgi-bin"> + replace this line: + Allow from 10.0.0.0/8 + with this line: Allow from all.This change allows access to your configuration + CGI scripts from any workstation on any network. This is + only a temporary change to expedite testing and should be + removed after you have finished and successfully tested + the Evergreen installation. See + + for further details on removing this change after the + Evergreen installation is complete. + Comment out the line Listen 443, + since it conflicts with the same declaration in the + configuration file: + /etc/apache2/ports.conf. Note that + Debian users + should not do this since the conflict does not apply to + that operating system.The following updates are needed to allow the logs + to function properly, but it may break other Apache + applications on your server:For the + Linux distributions + Ubuntu Hardy or + Debian Etch, as + the root user, + edit the Apache configuration file + /etc/apache2/apache2.conf and change + the line User www-data to User + opensrf. For the + Linux distributions + Ubuntu Karmic, + Ubuntu Lucid or + Debian Lenny, as + the root user, + edit the Apache configuration file and change these + lines:export APACHE_RUN_USER=www-dataexport APACHE_RUN_GROUP=www-datato instead read:export APACHE_RUN_USER=opensrfexport APACHE_RUN_GROUP=opensrfAs the + root user, + edit the Apache configuration file + /etc/apache2/apache2.conf and + modify the values for KeepAliveTimeout + and MaxKeepAliveRequests to match + the following:KeepAliveTimeout 1MaxKeepAliveRequests 100Further configuration changes to Apache may be + necessary for busy systems. These changes increase the + number of Apache server processes that are started to + support additional browser connections.As the root user, - perform the following commands: - - mkdir /etc/apache2/ssl - cd /etc/apache2/ssl - openssl req -new -x509 -days 365 -nodes -out server.crt -keyout server.key - - - This step generates a self-signed SSL - certificate. You must install a proper SSL - certificate for a public production system to - avoid warning messages when users login to their - account through the OPAC or when staff login - through the Staff Client. - For further information on installing - a proper SSL certificate, see - . - - - - Update Apache configuration file - You must make several changes to the new Apache - configuration file - /etc/apache2/sites-available/eg.conf . - As the root user, - edit the file and make the following changes: - - - In the section - <Directory "/openils/var/cgi-bin"> - replace this line: - Allow from 10.0.0.0/8 - with this line: Allow from all. - This change allows access to your - configuration CGI scripts from any workstation on - any network. This is only a temporary change to - expedite testing and should be removed after you - have finished and successfully tested the Evergreen - installation. See - - for further details on removing this change after - the Evergreen installation is complete. - - - - Comment out the line Listen - 443, since it conflicts with the - same declaration in the configuration file: - /etc/apache2/ports.conf. - Note that Debian - users should not do this - since the conflict does not apply to that - operating system. - - - The following updates are needed to allow - the logs to function properly, but it may break - other Apache applications on your server: - For the Linux - distributions Ubuntu - Hardy or - Debian Etch, - as the root - user, edit the Apache configuration file - /etc/apache2/apache2.conf and - change the line User www-data - to User opensrf. - For the Linux - distributions Ubuntu - Karmic, - Ubuntu Lucid - or Debian Lenny, - as the root - user, edit the Apache configuration file - and change these lines: - - export APACHE_RUN_USER=www-data - export APACHE_RUN_GROUP=www-data - - to instead read: - - export APACHE_RUN_USER=opensrf - export APACHE_RUN_GROUP=opensrf - - - - As the - root user, - edit the Apache configuration file - /etc/apache2/apache2.conf and - modify the values for KeepAliveTimeout - and MaxKeepAliveRequests to match - the following: - - KeepAliveTimeout 1 - MaxKeepAliveRequests 100 - - - - Further configuration changes to - Apache may be necessary for busy systems. These - changes increase the number of Apache server - processes that are started to support additional - browser connections. - As the root user, edit the - Apache configuration file - /etc/apache2/apache2.conf, - locate and modify the section related to - prefork configuration to suit - the load on your system: - /etc/apache2/apache2.conf, locate + and modify the section related to prefork + configuration to suit the load on your + system: StartServers 20 MinSpareServers 5 @@ -1248,29 +1173,11 @@ MaxClients 150 MaxRequestsPerChild 10000 -]]> - - - - - Enable the Evergreen web site - Finally, you must enable the Evergreen web site. As the - root user, execute - the following Apache configuration commands to disable the default - It Works web page and enable the - Evergreen web site, and then restart the Apache server: - - # disable/enable web sites - a2dissite default - a2ensite eg.conf - # restart the server - /etc/init.d/apache2 reload - - - - - - +]]>Enable the Evergreen web siteFinally, you must enable the Evergreen web site. As the + root user, execute the + following Apache configuration commands to disable the default + It Works web page and enable the Evergreen + web site, and then restart the Apache server:# disable/enable web sitesa2dissite defaulta2ensite eg.conf# restart the server/etc/init.d/apache2 reload Update the OpenSRF Configuration File As the opensrf user, edit the