Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
Next revision Both sides next revision
tutorial:adm:server_preparation_tmp [2020/06/24 12:00]
kolarikj [mod_security configuration - CentOS8]
tutorial:adm:server_preparation_tmp [2020/07/24 08:05]
fiserp [Instalation and software configuration]
Line 11: Line 11:
 {{tag>installation java tomcat quickstart "apache httpd"}} {{tag>installation java tomcat quickstart "apache httpd"}}
  
-This tutorial shows how to prepare the server for test or production usage of CzechIdM. If you are looking for much quicker way of how to start the CzechIdM, use the demo setup described here [[:getting-started|]]+This tutorial shows how to prepare the server for test or production use of CzechIdM. If you are looking for much quicker way of how to start the CzechIdM, use the demo setup described here [[:getting-started|]]
  
 ===== Basic system setup ===== ===== Basic system setup =====
-  * 1 server (can be virtualized) for all: backend, frontend and database.  +  * 1 server (can be virtualized) for everything: backend, frontend and database.  
-  * OS Linux with EPEL repository enabled - CENTOS, basic network enabled installation +  * OS Linux with EPEL repository enabled - CentOS, basic network enabled installation 
-    * It is possible to use Debian but you have to adjust the installation guide a little. We tested CzechIdM installation on Stretch+    * It is possible to use Debian (we tested on Stretch) or other distributions, but you have to adjust steps in this guide accordingly
-  * PostgreSQL - installed from a new repository +  * PostgreSQL 12.x - installed from OS packages. 
-  * Java - distribution repository (OpenJDK 1.8) +  * Java 11 installed from OS packages
-  * Apache Tomcat - manually installed into /opt/tomcat +  * Apache Tomcat 8.5.x - installed manually into ''/opt/tomcat''
-  * Services start via systemd in OS +  * Apache HTTPd 2.4.x - installed from OS packages. Can be replaced by nGinx. 
-  * Services run under dedicated user (non-privileged one) +  * All services start via systemd. 
 +  * Each service runs under dedicated non-privileged user.
 ===== Instalation and software configuration ===== ===== Instalation and software configuration =====
 Prerequisities - Basic installation of CentOS 8 Prerequisities - Basic installation of CentOS 8
 <code bash> <code bash>
 # EPEL installation # EPEL installation
-yum clean all +dnf clean all 
-yum install -y epel-release +dnf -y install epel-release 
-yum update -y+dnf update -y 
 # other recommended packages installation # other recommended packages installation
-yum install -y mc haveged nmap screen sysstat telnet net-tools nano wget  vim-enhanced bzip2 bash-completion lsof zip unzip psmisc policycoreutils-python-utils+dnf -y install mc haveged nmap screen sysstat telnet net-tools nano wget vim-enhanced bzip2 bash-completion lsof zip unzip psmisc policycoreutils-python-utils tar 
 # enable haveged after OS start # enable haveged after OS start
 systemctl start haveged.service systemctl start haveged.service
 systemctl enable haveged.service systemctl enable haveged.service
-# remove unnecessary software +
-yum remove -y postfix +
-systemctl stop avahi-daemon.socket avahi-daemon.service +
-systemctl disable avahi-daemon.socket avahi-daemon.service +
-yum remove -y avahi-autoipd avahi+
 # set the hostname # set the hostname
 hostnamectl set-hostname FQDN_server_name hostnamectl set-hostname FQDN_server_name