Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
Last revision Both sides next revision
tutorial:adm:server_preparation [2021/09/08 08:24]
urbanl Oprava nastaveni opravneni na temp certifikatu pro apache
tutorial:adm:server_preparation [2024/01/10 10:32]
koulaj [Basic system setup]
Line 11: Line 11:
       * It is possible to use Debian (we tested on Stretch) or other distributions, but you have to adjust steps in this guide accordingly.       * It is possible to use Debian (we tested on Stretch) or other distributions, but you have to adjust steps in this guide accordingly.
   * PostgreSQL 12.x - installed from OS packages.   * PostgreSQL 12.x - installed from OS packages.
-  * Java 11 - installed from OS packages. +  * Java 11 (Java 21 for CzechIdM 13.1.0+) - installed from OS packages. 
-  * Apache Tomcat 8.5.x - installed manually into ''/opt/tomcat''.+  * Apache Tomcat 9.0.x - installed manually into ''/opt/tomcat''.
   * Apache HTTPd 2.4.x - installed from OS packages. Can be replaced by nGinx.   * Apache HTTPd 2.4.x - installed from OS packages. Can be replaced by nGinx.
   * All services start via systemd.   * All services start via systemd.
   * Each service runs under dedicated non-privileged user.   * Each service runs under dedicated non-privileged user.
 +
  
 ===== Instalation and software configuration ===== ===== Instalation and software configuration =====
Line 240: Line 241:
 mkdir /opt/tomcat mkdir /opt/tomcat
 cd /opt/tomcat cd /opt/tomcat
 +
  
 </code> </code>
Line 250: Line 252:
 <code bash> <code bash>
 tar xzf apache-tomcat-9.0.45.tar.gz tar xzf apache-tomcat-9.0.45.tar.gz
 +
  
 </code> </code>
Line 257: Line 260:
 <code bash> <code bash>
 cd /opt/tomcat cd /opt/tomcat
-ln -s apache-tomcat-8.5.57 current+ln -s apache-tomcat-9.0.45 current 
  
 </code> </code>
Line 277: Line 281:
 chown tomcat:tomcat /opt/tomcat/current/conf/Catalina chown tomcat:tomcat /opt/tomcat/current/conf/Catalina
 chmod 750 /opt/tomcat/current/conf/Catalina chmod 750 /opt/tomcat/current/conf/Catalina
 +
  
 </code> </code>
 +
  
 ==== Start Tomcat automatically after system startup ==== ==== Start Tomcat automatically after system startup ====
Line 391: Line 397:
   <user username="admin" password="*****store it somewhere safe*****" roles="manager-gui,manager-status,admin-gui"/>   <user username="admin" password="*****store it somewhere safe*****" roles="manager-gui,manager-status,admin-gui"/>
 </tomcat-users> </tomcat-users>
 +
  
 </file> </file>
Line 407: Line 414:
          allow="127.d+.d+.d+|::1|0:0:0:0:0:0:0:1|192\.168.d+.d+" />          allow="127.d+.d+.d+|::1|0:0:0:0:0:0:0:1|192\.168.d+.d+" />
 </Context> </Context>
 +
  
 </file> </file>
Line 414: Line 422:
 <code bash> <code bash>
 systemctl restart tomcat systemctl restart tomcat
 +
  
 </code> </code>
Line 425: Line 434:
 <code bash> <code bash>
 rm -rf /opt/tomcat/current/webapps/{examples,docs,ROOT,host-manager,manager} rm -rf /opt/tomcat/current/webapps/{examples,docs,ROOT,host-manager,manager}
 +
  
 </code> </code>
Line 433: Line 443:
 <code xml> <code xml>
 <Server port="-1" shutdown="SHUTDOWN"> <Server port="-1" shutdown="SHUTDOWN">
 +
  
 </code> </code>
Line 475: Line 486:
         <load-on-startup>1</load-on-startup>         <load-on-startup>1</load-on-startup>
     </servlet>     </servlet>
 +
  
 </code> </code>
Line 480: Line 492:
 === Rotating Tomcat logs === === Rotating Tomcat logs ===
  
-Default Tomcat logger appneds to the logfile, it is therefore safe to use simple ''logrotate''  configuration. Save following as ''/etc/logrotate.d/tomcat'', adjust log retention (the ''rotate COUNT'') as necessary.+Default Tomcat logger appends to the logfile, it is therefore safe to use simple ''logrotate''  configuration. Save following as ''/etc/logrotate.d/tomcat'', adjust log retention (the ''rotate COUNT'') as necessary.
  
 <file txt tomcat> <file txt tomcat>
Line 492: Line 504:
     compress     compress
 } }
 +
  
 </file> </file>
Line 513: Line 526:
  
 </note> </note>
 +
  
 ====== Apache httpd as a reverse proxy ====== ====== Apache httpd as a reverse proxy ======
  • by koulaj