Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
Next revision Both sides next revision
tutorial:adm:server_preparation [2019/06/04 11:57]
urbanl [Start Tomcat automatically after system startup - Debian] Selinux change on Centos 		tutorial:adm:server_preparation [2019/11/26 09:00]
fiserp [Tomcat]
Line 23: Line 23:
 yum update -y yum update -y
 # other recommended packages installation # other recommended packages installation
-yum install -y net-tools nano wget mc vim-enhanced screen sysstat bzip2 ssmtp bash-completion lsof haveged nmap zip unzip psmisc telnet+yum install -y net-tools nano wget mc vim-enhanced screen sysstat bzip2 ssmtp bash-completion lsof haveged nmap zip unzip psmisc telnet policycoreutils-python
 # enable haveged after OS start # enable haveged after OS start
 systemctl start haveged.service systemctl start haveged.service
Line 199: Line 199:
  
 ===== Tomcat ===== ===== Tomcat =====
 +
 +<note warning>This version of Tomcat install guide is suspected not to work properly with newer versions of IdM (we are currently investigating the issue). Please use [[https://wiki.czechidm.com/tutorial/adm/server_preparation?rev=1550580216|this revision]] of the guide to install and configure Tomcat.</note>
  
 Installation - CentOS7: Installation - CentOS7:
 <code bash> <code bash>
-yum install -y tomcat+yum install -y tomcat java-1.8.0-openjdk-headless java-1.8.0-openjdk-devel
 </code> </code>
  
Line 291: Line 293:
 <code bash> <code bash>
 systemctl enable tomcat8 systemctl enable tomcat8
-</code> 
- 
-=== On CentOS turn off Selinux === 
-On CentOS in Selinux you need to allow tomcat to connect to database through network. 
-<code bash> 
-setsebool -P tomcat_can_network_connect_db true 
-</code> 
-Then check it. 
-<code bash> 
-getsebool -a |grep tomcat 
-</code> 
-If it's set right you will se this line with "on" on the end. 
-<code> 
-tomcat_can_network_connect_db --> on 
 </code> </code>
 ====  Apache Tomcat configuration recommended for production usage ==== ====  Apache Tomcat configuration recommended for production usage ====
Line 321: Line 309:
   * Make Tomcat listen only on localhost:   * Make Tomcat listen only on localhost:
        * Add the ''address="127.0.0.1"'' property to configuration of ''8009'' and ''8080'' ports.        * Add the ''address="127.0.0.1"'' property to configuration of ''8009'' and ''8080'' ports.
 +       * On tomcat 7 add ''URIEncoding="UTF-8""'' property to configuration of ''8009'' and ''8080'' ports.
        * In Debian you need to uncoment AJP conector on port ''8009''.        * In Debian you need to uncoment AJP conector on port ''8009''.
   * Change logging into ''localhost\_access\_log''.   * Change logging into ''localhost\_access\_log''.
Line 559: Line 548:
 Again, restart the tomcat: Again, restart the tomcat:
 <code bash> <code bash>
-systemctl restart tomcat+service tomcat8 restart
 </code> </code>
 ====== Apache httpd as a reverse proxy ====== ====== Apache httpd as a reverse proxy ======
  • by koulaj