Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
tutorial:adm:server_preparation_tmp [2020/03/12 14:53] urbanl [Start Tomcat automatically after system startup] |
tutorial:adm:server_preparation_tmp [2020/03/24 08:15] urbanl |
||
---|---|---|---|
Line 1: | Line 1: | ||
- | <note important> | + | <note important> |
+ | |||
+ | This tutorial is in development | ||
Author: Ludek Urban | Author: Ludek Urban | ||
Line 5: | Line 7: | ||
- | ====== Server preparation - Linux ====== | + | ====== Server preparation - Linux - CentOS8 |
{{tag> | {{tag> | ||
Line 202: | Line 204: | ||
===== Tomcat ===== | ===== Tomcat ===== | ||
- | * Create a new group and add user for the tomcat to run under (for Debian, use / | + | * Create a new group and add user for the tomcat to run under: |
< | < | ||
Line 383: | Line 385: | ||
<Server port=" | <Server port=" | ||
</ | </ | ||
- | -! CHANGED | + | |
* Make Tomcat listen only on localhost: | * Make Tomcat listen only on localhost: | ||
* In the ''/ | * In the ''/ | ||
* In same file configure ajp port('' | * In same file configure ajp port('' | ||
- | | + | < |
+ | < | ||
address=" | address=" | ||
secretRequired=" | secretRequired=" | ||
Line 394: | Line 397: | ||
port=" | port=" | ||
redirectPort=" | redirectPort=" | ||
+ | </ | ||
* Do not show aplication server version: | * Do not show aplication server version: | ||
Line 447: | Line 450: | ||
* Adjust particular SELinux labels. Example ([[https:// | * Adjust particular SELinux labels. Example ([[https:// | ||
</ | </ | ||
- | |||
- | Please note that on Debian, the log is not rotate during the first day, but after the second day. | ||
Line 499: | Line 500: | ||
</ | </ | ||
- | Virtualhost configuration to forward the communication from port 80 to 443. Add following section and change string ' | + | Virtualhost configuration to forward the communication from port 80 to 443. Add following section and change string ' |
<code xml> | <code xml> | ||
< | < | ||
Line 507: | Line 508: | ||
</ | </ | ||
- | Set the proxy in the virtualhost for https (443/tcp) - at the end of the file ''/ | + | Set the proxy in the virtualhost for https (443/tcp) - at the end of the file ''/ |
< | < | ||
+ | Protocols | ||
ProxyRequests | ProxyRequests | ||
ProxyPreserveHost on | ProxyPreserveHost on | ||
Line 580: | Line 582: | ||
==== Disabling mod_security rules ==== | ==== Disabling mod_security rules ==== | ||
- | In the file ''/ | + | In the file ''/ |
<code xml> | <code xml> | ||
< | < | ||
Line 679: | Line 681: | ||
</ | </ | ||
</ | </ | ||
- | |||
- | ===== Workaround for slow HTTPD shutdown ===== | ||
- | In some RHEL/CentOS versions Apache HTTPD shutsdown or restarts itself very slowly. It is caused by [[https:// | ||
- | Workaround is to edit '''/ | ||
- | < | ||
- | KillMode=none | ||
- | </ | ||
- | Then reload systemd: | ||
- | |||
- | < | ||
- | systemctl daemon-reload | ||
- | </ | ||
- | |||
- | It is absolutely correct to create new versions of unity in /etc, that has the option: | ||
- | |||
- | < | ||
- | cp / | ||
- | vim / | ||
- | systemctl daemon-reload | ||
- | </ | ||
- | |||
- | The patch of httpd should come soon so the first option is OK too. | ||
- | |||
- | |||
- | |||
- | |||