Documentos de Académico
Documentos de Profesional
Documentos de Cultura
Cmdbuild Install
Cmdbuild Install
1
Manual de instalacin
-Descargamos el ISO desde el URL de Ubuntu, muy recomendado usar la via torrent (mas rpida y no
recargamos un nico servidor) y generamos un DVD / USB booteable
-Hacemos boot de nuestro servidor y escogemos el idioma en que instalaremos, en este caso, English
presionando Enter
-Entramos a instalar por la primera opcin Instalar Ubuntu Server presionando Enter
-Se nos pide confirmar si auto detecta la distribucin del teclado, respondemos No y presionamos Enter
-Escribimos el hostname de nuestro servidor de la forma host (nombre) dominio (dominio internet) y
presionamos Enter sobre el botn Continuar
-Creamos una cuenta de usuario para administrar nuestro servidor. Escribimos el nombre del encargado
y presionamos Enter sobre el botn Continuar
-Escribimos el nombre de usuario con el que se logeara y presionamos Enter sobre el botn Continuar
-Escribimos la contrasea a usar (un nuevo detalle en esta versin, se puede activar la opcin Show
Password in Clear para ver lo que escribimos). Presionamos Enter sobre el botn Continuar
-Quieres cifrar tu carpeta de usuario? Elegimos la opcin y presionamos Enter sobre el botn
Continuar
-El sistema auto detecta nuestra ubicacin y sugiere la zona horaria, si es la correcta, elegimos Si y
presionamos Enter sobre el botn Continuar
-Tiempo para particionar el disco. Elegimos la segunda opcin, Guiado con LVM y presionamos Enter
-Nos mostraran discos detectados en el equipo, escogemos cual se usar y presionamos Enter
-Usaremos todo el espacio del disco. Presionamos Enter sobre el botn Continuar
-Usas un proxy para salir a internet? Escribela en la caja de texto (no usas proxy, dejalo en blanco).
Presionamos Enter en el botn Continuar
-Hora de escoger que paquetes instalar, para un modo minimal elegimos Standard system utilities y
OpenSSH server. Presionamos Enter sobre el botn Continuar
-Ya finalizamos la instalacin de Linux Ubuntu server Xenial Xerus. Reiniciamos el equipo y retiramos el
DVD / USB booteable desde la que instalamos
10
-Ingresamos con la cuenta creada en pasos anteriores y primer paso, actualizar nuestro OS con los
comandos
sudo apt-get update
sudo apt-get dist-upgrade
Ya tenemos listo nuestro servidor Linux Ubuntu server LTS Xenial Xerus 16.04.
In addition to configuring proxies, tell sudo to preserve the environment with the -E option:
export http_proxy=http://<proxy>:<port>
export https_proxy=http://<proxy>:<port>
sudo -E add-apt-repository ppa:webupd8team/java
with username and password:
11
export https_proxy=https://<username>:<password>@<proxy>:<port>
Then, depending on the version you want to install, execute one of the following
commands:
Oracle JDK 8
This is the latest stable version of Java at time of writing, and the recommended version to
install. You can do so using the following command:
Copy the path from your preferred installation and then open /etc/environment using
nano or your favorite text editor.
At the end of this file, add the following line, making sure to replace the highlighted path
with your own copied path.
/etc/environment
JAVA_HOME="/usr/lib/jvm/java-8-oracle"
source /etc/environment
You can now test whether the environment variable has been set by executing the following
command:
echo $JAVA_HOME
sudo -i -u postgres
psql
You will be logged in and able to interact with the database management system right
away.
Exit out of the PostgreSQL prompt by typing:
\q
If you are logged in as the postgres account, you can create a new user by typing:
createuser --interactive
If, instead, you prefer to use sudo for each command without switching from your normal
account, you can type:
The script will prompt you with some choices and, based on your responses, execute the
correct Postgres commands to create a user to your specifications.
Output
Enter name of role to add: cmdbuild
Shall the new role be a superuser? (y/n) y
For security purposes, Tomcat should be run as an unprivileged user (i.e. not root). We will
create a new user and group that will run the Tomcat service.
First, create a new tomcat group:
Next, create a new tomcat user. We'll make this user a member of the tomcat group, with
a home directory of /opt/tomcat (where we will install Tomcat), and with a shell of /bin/
false (so nobody can log into the account):
13
Now that our tomcat user is set up, let's download and install Tomcat.
cd /tmp
Use curl to download the link that you copied from the Tomcat website:
curl -O http://www-us.apache.org/dist/tomcat/tomcat-8/v8.0.35/bin/
apache-tomcat-8.0.35.tar.gz
We will install Tomcat to the /opt/tomcat directory. Create the directory, then extract the
archive to it with these commands:
Next, we can set up the proper user permissions for our installation.
Add tomcat user and group:
ln -s /opt/apache-tomcat-8.0.35 /opt/tomcat-latest
chown -hR tomcat: /opt/tomcat-latest /opt/apache-tomcat-8.5.4
Before starting Tomcat, configure CATALINA_HOME environment variable in your system
using following commands.
# echo "export CATALINA_HOME=\"apache-tomcat-8.5.4\"" >> ~/.bashrc
# source ~/.bashrc
If you need to start, stop or restart Tomcat you can use the following commands:
systemctl start tomcat
systemctl stop tomcat
systemctl restart tomcat
The tomcat user that we set up needs to have access to the Tomcat installation. We'll set
that up now.
Change to the directory where we unpacked the Tomcat installation:
cd /opt/tomcat
Give the tomcat user write access to the conf directory, and read access to the files in
that directory:
Make the tomcat user the owner of the webapps, work, temp, and logs directories:
Now that the proper permissions are set up, we can create a systemd service file to
manage the Tomcat process.
We want to be able to run Tomcat as a service, so we will set up systemd service file.
Tomcat needs to know where Java is installed. This path is commonly referred to as
"JAVA_HOME".
With this piece of information, we can create the systemd service file. Open a file called
tomcat.service in the /etc/systemd/system directory by typing:
Paste the following contents into your service file. Modify the value of JAVA_HOME if
necessary to match the value you found on your system. You may also want to modify the
memory allocation settings that are specified in CATALINA_OPTS:
/etc/systemd/system/tomcat.service
[Unit]
Description=Apache Tomcat Web Application Container
After=network.target
[Service]
Type=forking
Environment=JAVA_HOME=/usr/lib/jvm/oracle-java-8/jre
Environment=CATALINA_PID=/opt/tomcat/temp/tomcat.pid
Environment=CATALINA_HOME=/opt/tomcat
Environment=CATALINA_BASE=/opt/tomcat
Environment='CATALINA_OPTS=-Xms512M -Xmx1024M -server -XX:+UseParallelGC'
Environment='JAVA_OPTS=-Djava.awt.headless=true -Djava.security.egd=file:/
dev/./urandom'
ExecStart=/opt/tomcat/bin/startup.sh
ExecStop=/opt/tomcat/bin/shutdown.sh
User=tomcat
Group=tomcat
RestartSec=10
Restart=always
[Install]
WantedBy=multi-user.target
Enter in the following parameters for the database settings, tailoring when
you like (especially for the CMDBuild database).
16
Then you will be prompted to log in with the username admin and
password admin for the demo distribution.
17
18
Descargamos la aplicacin y la abrimos, nos aparecer la siguiente ventana en la cual debemos aceptar el
acuerdo de licencia para poder usarla. No tenemos ms que hacer click en I agree
19
Aceptamos el acuerdo de licencia y nos aparece la siguiente ventana en la cual debemos seleccionar nuestro
Pendrive, la distribucin a instalar desde el men desplegable y por ltimo buscamos nuestra imagen ISO
en nuestro sistema y hacemos click en Create. Tambin nos ofrece la opcin de marcar la opcin para
formatear nuestro Pendrive si no lo hemos hecho previamente.
20
Nos aparece un mensaje advirtindonos que se borrar toda la informacin en nuestro Pendrive,
comprobamos una vez ms que no hay nada valioso en l y aceptamos.
21
Esperamos a que acabe el proceso de copia de archivos al Pendrive y hacemos click en Next
22
Nos preguntar si queremos aadir ms distribuciones a nuestro Pendrive, si no vamos a aadir nada
ms le decimos que no y se acabael proceso, en este caso vamos a aadir una segunda distribucin por lo que
le decimos que s.
23
La instalacin comienza con una pantalla de bienvenida que a su vez hace la funcin deasistente de
instalacin en el que debemos seleccionar el idioma a usar y pulsar en instalar Ubuntu. Su instalacin ha
sido bastante rpida, nos ha llevado un total de 9 minutos.
En la siguiente pantalla nos da la opcin de descargar las actualizaciones e instalar software de terceros
para reproducir archivos multimedia y otros. Es recomendable marcar ambas opciones para que nuestro
sistema Ubuntu est a la ltima y podemos reproducir todo nuestro contenido multimedia nada ms que se
acabe de instalar. No obstante ninguno de los dos es obligatorio y podemos hacerlo una vez que el sistema ya
est instalado.
24
A continuacin nos saldr el asistente del particionado del disco duro, en este caso vamos a usar todo el
disco por lo que dejamos la opcin por defecto y pulsamos en instalar ahora.Desde aqu podemos hacer
un particionado avanzado de nuestro disco duro para una mejor organizacin. Tambin podremos instalar
Ubuntu junto a otros sistemas operativos como Windows.
25
Debemos aceptar el mensaje de confirmacin, pulsamos en continuar. Hasta que no aceptemos este
mensaje no se har ningn cambio en nuestro disco duro por lo que es mejor que nos aseguremos de que
hemos hecho todo como queremos antes de aplicar los cambios.
En caso de realizar particiones a mano, os recomendamos la siguiente configuracin de particiones:
1 /boot (150 megas).
2 / (10 GB)
3 Memoria SWAP (2GB si tu equipo tienes 4GB, en caso de tener menos debers multiplicar por dos la
cantidad que tienes. Por ejemplo, 512 MB seran 1 GB de memoria RAM).
4 /home (el resto del disco duro). Aqu es donde guardars todos tus datos personales.
Por qu esperamos la particin /home? Si te gusta probar muchas distribuciones linux, no te obliga hacer
copias de seguridad cada vez que reinstalas y simplemente debers instalar el nuevo sistema operativo con las
particiones: boot y /. Adems de mantener la memoria SWAP.
En nuestro caso hemos elegido la opcin fcil qu es Borrar disco e instalar ubuntu.
26
27
Elegimos nuestra distribucin del teclado y continuar. Existe un espacio para que podamos escribir y
comprobar que hemos elegido la opcin correcta. Ya nos queda poco para terminar este tutorial de como
instalar ubuntu paso a paso.
28
Luego nos saldr una ltima pantalla en la que deberemos poner nuestro nombre de usuario y contrasea.
Tambin podemos seleccionar la opcin de inicio de sesin automtico e incluso cifrar nuestra carpeta personal
para una mayor seguridad.
29
Finalmente reiniciamos nuestro sistema, arrancamos desde el disco duro y ya tendremos un Ubuntu 16.04 LTS
funcionando en todo su esplendor.
30
31
SECTION 1
Para las aplicaciones de terminal, como wget, winetrics, add-apt-repository, etc se requiere que la
configuracin del proxy este en las variables de ambiente. Es necesario abrir una terminal para realizar
las siguientes configuraciones.
$ export http_proxy=http://usuario:[email protected]:puerto/
$ export https_proxy=https://usuario:[email protected]:puerto/
Si el proxy no tiene contrasea se puede omitir la parte de usuario:contrasea@, y debe ser algo como:
$ export http_proxy=http://proxy.dominio:puerto/
32
$ export https_proxy=https://proxy.dominio:puerto/
Asiendo uso tambin de la terminal. Para dejar permanente estas variables sin tenerlas que estar
configurando todo el tiempo, modificamos el archivo /etc/environment
sudo gedit /etc/environment
Y por ultimo como utilizar proxy en Ubuntu Software Center, o los asistentes de instalacin de paquetes,
como instalacin de codecs, soporte a idiomas, apt-get, aptitude, etc. Para estos es necesario modificar
o crear el archivo si no existe: /etc/apt/apt.conf:
$ sudo gedit /etc/apt/apt.conf
33
34
Prerequisites
To follow this tutorial, you will need:
One Ubuntu 16.04 server.
A sudo non-root user, which you can set up by following the Ubuntu 16.04 initial server
setup guide.
Next, install Java. Specifically, this command will install the Java Runtime Environment
(JRE).
There is another default Java installation called the JDK (Java Development Kit). The JDK
is usually only needed if you are going to compile Java programs or if the software that will
use Java specifically requires it.
The JDK does contain the JRE, so there are no disadvantages if you install the JDK
instead of the JRE, except for the larger file size.
You can install the JDK with the following command:
In addition to configuring proxies, tell sudo to preserve the environment with the -E option:
export http_proxy=http://<proxy>:<port>
35
export https_proxy=http://<proxy>:<port>
sudo -E add-apt-repository ppa:webupd8team/java
with username and password:
export https_proxy=https://<username>:<password>@<proxy>:<port>
Then, depending on the version you want to install, execute one of the following
commands:
Oracle JDK 6 or 7
These are very old versions of Java which reached end of life in February 2013 and April
2015 respectively. It's not recommended to use them, but they might still be required for
some programs.
To install JDK 6, use the following command:
Oracle JDK 8
This is the latest stable version of Java at time of writing, and the recommended version to
install. You can do so using the following command:
Oracle JDK 9
This is a developer preview and the general release is scheduled for March 2017. It's not
recommended that you use this version because there may still be security issues and
bugs. There is more information about Java 9 on the official JDK 9 website.
To install JDK 9, use the following command:
Managing Java
There can be multiple Java installations on one server. You can configure which version is
the default for use in the command line by using update-alternatives, which manages
which symbolic links are used for different commands.
36
The output will look something like the following. In this case, this is what the output will
look like with all Java versions mentioned above installed.
Output
There are 5 choices for the alternative java (providing /usr/bin/java).
Selection
Path
Status
-----------------------------------------------------------* 0
/usr/lib/jvm/java-8-openjdk-amd64/jre/bin/java
auto mode
1
/usr/lib/jvm/java-6-oracle/jre/bin/java
manual mode
2
/usr/lib/jvm/java-7-oracle/jre/bin/java
manual mode
3
/usr/lib/jvm/java-8-openjdk-amd64/jre/bin/java
manual mode
4
/usr/lib/jvm/java-8-oracle/jre/bin/java
manual mode
5
/usr/lib/jvm/java-9-oracle/bin/java
manual mode
Priority
1081
1
2
1081
3
4
You can now choose the number to use as a default. This can also be done for other Java
commands, such as the compiler (javac), the documentation generator (javadoc), the
JAR signing tool (jarsigner), and more. You can use the following command, filling in the
command you want to customize.
Copy the path from your preferred installation and then open /etc/environment using
nano or your favorite text editor.
At the end of this file, add the following line, making sure to replace the highlighted path
with your own copied path.
/etc/environment
JAVA_HOME="/usr/lib/jvm/java-8-oracle"
37
source /etc/environment
You can now test whether the environment variable has been set by executing the following
command:
echo $JAVA_HOME
Conclusion
You have now installed Java and know how to manage different versions of it. You can now
install software which runs on Java, such as Tomcat, Jetty, Glassfish, Cassandra, or
Jenkins.
38
39
In this guide, we will demonstrate how to install Postgres on an Ubuntu 16.04 VPS instance
and go over some basic ways to use it.
Installation
Ubuntu's default repositories contain Postgres packages, so we can install these easily
using the apt packaging system.
Since this is our first time using apt in this session, we need to refresh our local package
index. We can then install the Postgres package and a -contrib package that adds some
additional utilities and functionality:
Now that our software is installed, we can go over how it works and how it may be different
from similar database management systems you may have used.
sudo -i -u postgres
psql
You will be logged in and able to interact with the database management system right
away.
Exit out of the PostgreSQL prompt by typing:
\q
This will log you directly into Postgres without the intermediary bash shell in between.
Again, you can exit the interactive Postgres session by typing:
\q
40
createuser --interactive
If, instead, you prefer to use sudo for each command without switching from your normal
account, you can type:
The script will prompt you with some choices and, based on your responses, execute the
correct Postgres commands to create a user to your specifications.
Output
Enter name of role to add: sammy
Shall the new role be a superuser? (y/n) y
You can get more control by passing some additional flags. Check out the options by
looking at the man page:
man createuser
createdb sammy
If, instead, you prefer to use sudo for each command without switching from your normal
account, you would type:
Once you have the appropriate account available, you can either switch over and connect
to the database by typing:
sudo -i -u sammy
psql
41
You will be logged in automatically assuming that all of the components have been properly
configured.
If you want your user to connect to a different database, you can do so by specifying the
database like this:
psql -d postgres
Once logged in, you can get check your current connection information by typing:
\conninfo
Output
You are connected to database "sammy" as user "sammy" via socket in "/var/
run/postgresql" at port "5432".
This can be useful if you are connecting to non-default databases or with non-default users.
As you can see, we give the table a name, and then define the columns that we want, as
well as the column type and the max length of the field data. We can also optionally add
table constraints for each column.
You can learn more about how to create and manage tables in Postgres here.
For our purposes, we're going to create a simple table like this:
CREATE TABLE playground (
equip_id serial PRIMARY KEY,
type varchar (50) NOT NULL,
color varchar (25) NOT NULL,
location varchar(25) check (location in ('north', 'south', 'west',
'east', 'northeast', 'southeast', 'southwest', 'northwest')),
install_date date
);
We have made a playground table that inventories the equipment that we have. This starts
with an equipment ID, which is of the serial type. This data type is an auto-incrementing
integer. We have given this column the constraint of primary key which means that the
values must be unique and not null.
For two of our columns (equip_id and install_date), we have not given a field length.
This is because some column types don't require a set length because the length is implied
by the type.
We then give columns for the equipment type and color, each of which cannot be empty.
We create a location column and create a constraint that requires the value to be one of
42
eight possible values. The last column is a date column that records the date that we
installed the equipment.
We can see our new table by typing:
\d
Output
List of relations
Schema |
Name
|
Type
| Owner
--------+-------------------------+----------+------public | playground
| table
| sammy
public | playground_equip_id_seq | sequence | sammy
(2 rows)
You should take care when entering the data to avoid a few common hangups. First, keep
in mind that the column names should not be quoted, but the column values that you're
entering do need quotes.
Another thing to keep in mind is that we do not enter a value for the equip_id column. This
is because this is auto-generated whenever a new row in the table is created.
We can then get back the information we've added by typing:
SELECT * FROM playground;
Output
equip_id | type | color | location | install_date
----------+-------+--------+-----------+-------------1 | slide | blue
| south
| 2014-04-28
2 | swing | yellow | northwest | 2010-08-16
(2 rows)
43
Here, you can see that our equip_id has been filled in successfully and that all of our
other data has been organized correctly.
If the slide on the playground breaks and we have to remove it, we can also remove the
row from our table by typing:
If we query our table again, we will see our slide is no longer a part of the table:
SELECT * FROM playground;
Output
equip_id | type | color | location | install_date
----------+-------+--------+-----------+-------------2 | swing | yellow | northwest | 2010-08-16
(1 row)
If you view your table information again, you will see the new column has been added (but
no data has been entered):
SELECT * FROM playground;
Output
equip_id | type | color | location | install_date | last_maint
----------+-------+--------+-----------+--------------+-----------2 | swing | yellow | northwest | 2010-08-16
|
(1 row)
We can delete a column just as easily. If we find that our work crew uses a separate tool to
keep track of maintenance history, we can get rid of the column here by typing:
We can verify that the operation was successful by querying our data again:
SELECT * FROM playground;
Output
equip_id | type | color | location | install_date
----------+-------+-------+-----------+-------------2 | swing | red
| northwest | 2010-08-16
(1 row)
44
45
Edit the /etc/postgresql/9.5/main/pg_hba.conf file, under the # "local" is for Unix domain
socket connections only header:
/etc/postgresql/9.5/main/pg_hba.conf
#
#
Replace peer with md5 on this line to activate password authentication using an MD5 hash.
To enable these changes, we need to restart PostgreSQL. However, we did not grant the
postgres user sudo privileges for security reasons. Return to the normal user shell:
#
#
exit
#
Restart PostgreSQL and switch back to the postgres user:
#
#
You will be prompted to enter the password for the examplerole user and given psql shell
access to the database. When using a database, you may check access privileges for each
of its tables with the \z command.
46
47
Prerequisites
Before you begin with this guide, you should have a non-root user with sudo privileges set
up on your server. You can learn how to do this by completing our Ubuntu 16.04 initial
server setup guide.
Now that Java is installed, we can create a tomcat user, which will be used to run the
Tomcat service.
Once you have verified if Java is installed or not, choose the type of Java installation that
you want with one the following:
sudo apt-get install openjdk-8-jre
sudo apt-get install openjdk-8-jdk
Another alternative Java install is with Oracle JRE and JDK. However, we would need to
install additional repositories for a proper installation:
sudo apt-get install python-software-properties
sudo add-apt-repository ppa:webupd8team/java
Then, you will need to fully update the system with the following command and install it:
sudo apt-get update
sudo apt-get install oracle-java8-installer
Verify Installed Java Version.
java -version
Result:
java version "1.8.0_74"
Java(TM) SE Runtime Environment (build 1.8.0_74-b02)
Java HotSpot(TM) 64-Bit Server VM (build 25.74-b02, mixed mode)
Setup JAVA_HOME on Ubuntu 16.04.
48
Since many programs now days need a JAVA_HOME environment variable to work
properly. We will need to find the appropriate path to make these changes. With the
following command, you can view your installs and their path:
sudo update-alternatives --config java
sudo nano /etc/profile
Now that you are in the user profile file, add the following code, along with the Path of your
installation from the previous step, to the bottom. ( Example:
JAVA_HOME=YOUR_PATH):
export JAVA_HOME="/usr/lib/jvm/java-oracle-jdk"
Reload the file so all your changes could take effect with the following command:
source /etc/profile
Verify that your implementations are correct with the following command:
echo $JAVA_HOME
Next, create a new tomcat user. We'll make this user a member of the tomcat group, with
a home directory of /opt/tomcat (where we will install Tomcat), and with a shell of /bin/
false (so nobody can log into the account):
Now that our tomcat user is set up, let's download and install Tomcat.
cd /tmp
Use curl to download the link that you copied from the Tomcat website:
curl -O http://www-us.apache.org/dist/tomcat/tomcat-8/v8.5.4/bin/apachetomcat-8.5.4.tar.gz
We will install Tomcat to the /opt/tomcat directory. Create the directory, then extract the
archive to it with these commands:
49
Next, we can set up the proper user permissions for our installation.
Add tomcat user and group:
ln -s /opt/apache-tomcat-8.0.35 /opt/tomcat-latest
chown -hR tomcat: /opt/tomcat-latest /opt/apache-tomcat-8.5.4
Before starting Tomcat, configure CATALINA_HOME environment variable in your system
using following commands.
# echo "export CATALINA_HOME=\"apache-tomcat-8.5.4\"" >> ~/.bashrc
# source ~/.bashrc
Optional: Install Apache Tomcat
Install Tomcat from the Ubuntu repository:
apt-get install tomcat8
OpenJDK will be installed as a dependency when you install the tomcat8 package.
OpenJDK is included with the default-java meta package in Ubuntu.
You may also want to install the tomcat8-docs, tomcat8-examples, and tomcat8-admin tools
which provide web-based applications that document, test, and allow you to administer
Tomcat. You can install all three with the following command:
apt-get install tomcat8-docs tomcat8-examples tomcat8-admin
If you need to start, stop or restart Tomcat you can use the following commands:
systemctl start tomcat8
systemctl stop tomcat8
systemctl restart tomcat8
cd /opt/tomcat
Give the tomcat user write access to the conf directory, and read access to the files in
that directory:
50
Make the tomcat user the owner of the webapps, work, temp, and logs directories:
Now that the proper permissions are set up, we can create a systemd service file to
manage the Tomcat process.
/usr/lib/jvm/java-1.8.0-openjdk-
The correct JAVA_HOME variable can be constructed by taking the output from the last
column (highlighted in red) and appending /jre to the end. Given the example above, the
correct JAVA_HOME for this server would be:
JAVA_HOME
/usr/lib/jvm/java-1.8.0-openjdk-amd64/jre
Paste the following contents into your service file. Modify the value of JAVA_HOME if
necessary to match the value you found on your system. You may also want to modify the
memory allocation settings that are specified in CATALINA_OPTS:
/etc/systemd/system/tomcat.service
[Unit]
Description=Apache Tomcat Web Application Container
After=network.target
[Service]
Type=forking
Environment=JAVA_HOME=/usr/lib/jvm/java-8-openjdk-amd64/jre
Environment=CATALINA_PID=/opt/tomcat-latest/temp/tomcat.pid
Environment=CATALINA_HOME=/opt/tomcat-latest
Environment=CATALINA_BASE=/opt/tomcat-latest
Environment='CATALINA_OPTS=-Xms512M -Xmx1024M -server -XX:+UseParallelGC'
Environment='JAVA_OPTS=-Djava.awt.headless=true -Djava.security.egd=file:/
dev/./urandom'
ExecStart=/opt/tomcat-latest/bin/startup.sh
ExecStop=/opt/tomcat-latest/bin/shutdown.sh
User=tomcat
Group=tomcat
RestartSec=10
51
Restart=always
[Install]
WantedBy=multi-user.target
With the firewall modified, you can access the default splash page by going to your domain
or IP address followed by :8080 in a web browser:
Open in web browser
http://server_domain_or_IP:8080
You will see the default Tomcat splash page, in addition to other information. However, if
you click the links for the Manager App, for instance, you will be denied access. We can
configure that access next.
If you were able to successfully accessed Tomcat, now is a good time to enable the service
file so that Tomcat automatically starts at boot:
You will want to add a user who can access the manager-gui and admin-gui (web apps
that come with Tomcat). You can do so by defining a user, similar to the example below,
between the tomcat-users tags. Be sure to change the username and password to
something secure:
tomcat-users.xml Admin User
<tomcat-users . . .>
<user username="admin" password="password" roles="manager-gui,admin-gui"/
>
52
</tomcat-users>
Save and close the file when you are finished. To put our changes into effect, restart the
Tomcat service:
The page you see should be the same one you were given when you tested earlier:
Let's take a
look at the
Manager App, accessible via the link or http://server_domain_or_IP:8080/manager/
html. You will need to enter the account credentials that you added to the tomcatusers.xml file. Afterwards, you should see a page that looks like this:
The Web
Manager is used
Application
to manage your
53
Java applications. You can Start, Stop, Reload, Deploy, and Undeploy here. You can also
run some diagnostics on your apps (i.e. find memory leaks). Lastly, information about your
server is available at the very bottom of this page.
Now let's take a look at the Host Manager, accessible via the link or http://
server_domain_or_IP:8080/host-manager/html/:
From the Virtual Host Manager page, you can add virtual hosts to serve your applications
from.
Conclusion
Your installation of Tomcat is complete! Your are now free to deploy your own Java web
applications!
Currently, your Tomcat installation is functional, but entirely unencrypted. This means that
all data, including sensitive items like passwords, are sent in plain text that can be
intercepted and read by other parties on the internet. In order to prevent this from
happening, it is strongly recommended that you encrypt your connections with SSL.
54
SECTION 1
TOMCAT DIRECTORIES
After installing Tomcat with apt-get on Ubuntu 12.04, Tomcat creates and uses these directories:
/etc/tomcat6/
/etc/tomcat6/
Catalina
localhost
ROOT.xml
/usr/share/tomcat6
/usr/share/tomcat6
bin
bootstrap.jar
catalina.sh
catalina-tasks.xml
digest.sh
setclasspath.sh
shutdown.sh
startup.sh
tomcat-juli.jar -> ../../java/tomcat-juli.jar
tool-wrapper.sh
version.sh
defaults.md5sum
defaults.template
lib
annotations-api.jar -> ../../java/annotations-api-6.0.35.jar
catalina-ant.jar -> ../../java/catalina-ant-6.0.35.jar
catalina-ha.jar -> ../../java/catalina-ha-6.0.35.jar
catalina.jar -> ../../java/catalina-6.0.35.jar
catalina-tribes.jar -> ../../java/catalina-tribes-6.0.35.jar
commons-dbcp.jar -> ../../java/commons-dbcp.jar
commons-pool.jar -> ../../java/commons-pool.jar
el-api.jar -> ../../java/el-api-2.1.jar
jasper-el.jar -> ../../java/jasper-el-6.0.35.jar
jasper.jar -> ../../java/jasper-6.0.35.jar
jasper-jdt.jar -> ../../java/ecj.jar
jsp-api.jar -> ../../java/jsp-api-2.1.jar
servlet-api.jar -> ../../java/servlet-api-2.5.jar
tomcat-coyote.jar -> ../../java/tomcat-coyote-6.0.35.jar
tomcat-i18n-es.jar -> ../../java/tomcat-i18n-es-6.0.35.jar
tomcat-i18n-fr.jar -> ../../java/tomcat-i18n-fr-6.0.35.jar
55
tomcat-i18n-ja.jar -> ../../java/tomcat-i18n-ja-6.0.35.jar
/usr/share/tomcat6-root/
This is the default Tomcat home page, that can be found on the local file system at:
/var/lib/tomcat7/webapps/ROOT/index.html
56
The third-party software used by Alfresco is installed when you use the setup wizards to install Alfresco.
If you wish to install the third-party software independently, this information describes the steps for
obtaining and installing the software. Some of the software can be installed any time before or after
installing Alfresco.
1 Installing LibreOce
In Alfresco, you can transform a document from one format to another, for example, a text file to a
PDF file. To have access to these transformation facilities in Alfresco, you must install LibreOce.
This is optional, and can be done any time after Alfresco is installed.
57
Installing ImageMagick
To enable image manipulation in Alfresco, you must install and configure ImageMagick. Alfresco
uses ImageMagick to manipulate images for previewing.
Installing Ghostscript
Alfresco uses Ghostscript for creating document thumbnails and previews. Use this information to
install Ghostscript on your system.
apt-get install ghostscript
58
Installing ImageMagick
To enable image manipulation in Alfresco, you must install and configure ImageMagick. Alfresco uses
ImageMagick to manipulate images for previewing.
1 Verify that ImageMagick, Ghostscript, and Ghostscript fonts are already installed on your system.
Use the ImageMagick convert command to check that you have the right software installed on
your machine. This command is usually located in /usr/bin: install Image.
2 If the ImageMagick and Ghostscript software is not available on your system, download and
install the appropriate package for your platform. To download ImageMagick, browse to
ImageMagick download website.
To download Ghostscript, browse to Ghostscript download website.
Note:
In next steps you will make changes to the Alfresco application configuration files to enable the
manually installed ImageMagick application. These steps can only be performed after Alfresco
has been installed.
3 Browse to the <classpathRoot> directory. See System paths for more information.
4 Open the alfresco-global.properties file.
5 Modify the ImageMagick properties to point to the ImageMagick root directory:
6
Table 1. ImageMagick properties
Property
Description
img.root
img.dyn
img.exe
img.coder
s
img.confi
g
19
Note:
Test that you are able to convert a PDF using the command convert filename.pdf[0]
filename.png.
59
Translations in Alfresco use the language packs supplied in the default install. The supported language
packs are: German (de), English (en), Spanish (es), French (fr), Italian (it), Japanese (ja), and Dutch (nl).
The language used switches according to the browser locale. Ensure that your browser is set up to
view the relevant locale, which ensures that the special characters display correctly in your installed
instance.
The source-localized files are encoded in ASCII, and the special and accented characters are displayed
using escape sequences. The source files have been renamed using the corresponding locale for each
language. For example, site-welcome.properties is called sitewelcome_ fr.properties for
the French version.
If you wish to use a translation that is not supplied with Alfresco, then you must add the appropriate
TinyMCE language pack for the translation to work correctly.
If you installed Alfresco using one of the setup wizards, the default language packs are already
installed. If you have installed Alfresco manually, you must install the supported language pack
manually.
1 Browse to the TinyMCE website: TinyMCE.
2 Download the required TinyMCE language pack.
Note:
The next step makes configuration changes to the Share application to configure the additional
language packs for TinyMCE. This step can only be performed after Alfresco has been installed.
3 Unpack the language file to: <TOMCAT_HOME>/webapps/share/modules/editors/
tiny_mce/langs.
4 Ensure that the browser cache is cleared or refresh the page.
60
Use this information to install Linux libraries manually on supported Linux distributions, such as
Ubuntu, SUSE and Red Hat.
LibreOce requires the following libraries to be installed on your system:
libfontconfig
libICE
libSM
libXrender
libXext
libXinerama
libcups
libGLU
On some Linux distributions, such as Ubuntu, SUSE, and Red Hat, the Alfresco setup wizard will
validate whether or not the required libraries are present. If the required libraries are missing, you will
get a warning message. You can install them using your package manager from the command line.
If LibreOce does not start up normally with Alfresco, test manually; for example, by running this
startup script:
start ex.
{installdir}/libreoffice/scripts/libreoffice_ctl.sh start
status ex. {installdir}
/libreoffice/scripts/libreoffice_ctl.sh status
If you receive errors that indicate that a library missing, work with your system administrator to add the
missing library or its equivalent from your configured repositories.
sudo apt-get install libsm6:i386
61
Use this information to install Alfresco on Linux where you do not have a graphical interface. The Linux
installation file can be run as a graphical setup wizard, but you can also run this file to install Alfresco
using text mode. Text mode is a keyboard-based installation method.
1 Download the installation file: alfresco-community-installer-201606-EA-linuxx64.bin Files are available from Download and install Alfresco.
2 Run the following file: alfresco-community-installer-201606-EA-linux-x64.bin
Follow the prompts on the screen to complete the install.
3 Choose a language for the installation steps. Enter the number that relates to your chosen
language.
4 Enter the folder where you'd like to install Alfresco.
Installation folder
5
6
7
8
The default is /opt/alfresco-community. You might need root (sudo) rights to access this
folder.
Enter a password to use for your Administrator user.
Admin Password
10
11 Please give a password to use for the Alfresco administrator account.
12
13 Admin Password: :
The Administrator user is called admin. The Administrator is the user account that can manages
Alfresco and its users.
14 Repeat the password.
15 Enter Y (yes) to continue with the installation.
16 (Optional) If you are logged in as root, you then see an option for installing Alfresco as a service.
Note:
If you are logged in as a standard user, you do not see this option.
You can optionally register Alfresco Enterprise as a service. This way it will
17 automatically be started every time the machine is started.
18
19 Install Alfresco Community as a service? [Y/n]:"
20
21 The alfresco service script file exists. Please insert a different name for
the
22 service script.
23
24 Service script name: [alfresco]:
Select Yes to register Alfresco as a service. The default name of the service is alfresco.
The server will then automatically be started every time the machine is started. If you select
Yes, when you click Next, you may be asked to provide the Alfresco service script name.
Enter a name for the script to run the service.
62
You'll then see a status bar showing the progress of the files being installed. When it is complete,
you'll see the following:
29
30
Installing
0% ______________ 50% ______________ 100%
########################################
31 To finish the install and show the README file, enter Y (yes).
32 Finally, press Enter to continue.
When you have finished, start the server and login using the user admin and the password you entered
in step 4.
Use the URL http://127.0.0.1:8080/share on this machine to verify that Alfresco is running successfully.
This is not an externally addressable URL, which means that it's not possible for users on other
machines to access this URL. To make sure that other users can access the machine where Alfresco is
installed, you need to define and create a publicly addressable name.
63
The setup wizard for Linux installs all the software and components that you require for running
Alfresco. This setup wizard installs Alfresco and additional software, including a Tomcat application
server, PostgreSQL database, JRE, and LibreOce.
1 Download the installation file: alfresco-community-installer-201606-EA-linuxx64.bin Files are available from Download and install Alfresco.
This Alfresco setup wizard is for 64-bit Linux systems.
2 Execute the downloaded file. You can do this by changing the file permissions:
chmod +x alfresco-community-installer-201606-EA-linux-x64.bin
and running the file:./alfresco-community-installer-201606-EA-linux-x64.bin
3
4
5
6
Description
Easy type installs Alfresco using the default options and configuration. This install
type requires you to enter information in only two fields: the Alfresco install
location and the administrator password. Choose this route to install Alfresco with
the default environment.Note:
If you have previously installed Alfresco and the server is running, when you run
this installation wizard again, you may be prompted to enter alternative port
numbers for the components and services that you install.
Advanced type installs Alfresco but lets you configure the server ports and service
properties. You can also choose which additional components to install.
O
pti
on
1
Ea
sy
1
A
dv
an
ce
d
a
b
d
e
Click Finish to complete the installation. Go to the step for the Completing the Alfresco
Community Setup Wizard window and launching Alfresco Share.
7 To complete the Advanced setup wizard, select Advanced and then click Next.
Follow the remaining steps in this task.
8 On the Select Components window, select the components that you want to install. Deselect the
components that you do not want to install.
a Java (this is JRE only)
b PostgreSQL
c LibreOce
d Solr 1
e Solr 4
f Alfresco Oce Services
g Web Quick Start
h Google Docs Integration
9 When you have finished selecting the components, click Next.
10 On the Installation Folder window, click Next to accept the default location. For example, the
default location is /opt/alfresco-community.
f
11
Note:
You must use ASCII characters only when setting the installation folder using the Alfresco setup
wizard.
The Database Server Parameters window prompts you to enter a port number for your
database.
On the Tomcat Port Configuration window, enter the following Tomcat configuration parameters:
a Web Server Domain For example, the default is 127.0.0.1.
The URL http://127.0.0.1:8080/share is based on the web server domain and the Tomcat
port number that you specify on the Tomcat Port Configuration window. The default of
127.0.0.1 can be used on this machine to verify that Alfresco is running successfully.
However, it is not an externally addressable URL, which means that it is not possible for
users on other machines to access this URL. To make sure that other users can access the
machine where Alfresco is installed, you need to define and create a publicly addressable
name.
b Tomcat Server Port For example, the default is 8080.
c Tomcat Shutdown Port For example, the default is 8005.
d Tomcat SSL Port For example, the default is 8443.
e Tomcat AJP Port For example, the default is 8009.
(Optional) If you are installing the LibreOce component, the LibreOce Server Port window
displays. Enter a port number on which the LibreOce server will listen.
On the Alfresco FTP Port window, enter a port number for the Alfresco FTP server.
On the Admin Password window, type a password. Repeat the password, and then click Next.
This sets the password for the Alfresco Administrator user account (admin).
12
13
14
15
CAUTION:
You must use ASCII characters only when setting the password using the Alfresco setup wizard. If
you need to reset the password (to include non-ASCII characters) after installation, see Changing
a user's password.
16 (Optional) If you are installing SharePoint Protocol Support, the Alfresco SharePoint Port
window displays. Enter a port number, and then click Next.
17 On the Ready to Install window, click Next. The Installing window displays, showing the
progress of the installation.
65
18 On the Completing the Alfresco Community Setup Wizard window, click Finish. This window
shows check boxes that determine whether you will see the Readme file, the Getting Started
web page, and also whether to launch Alfresco. By default, these options are selected and will
launch when you click Finish. If you do not want to start Alfresco at this point, deselect the
Launch Alfresco Community check box.
19 Click OK to close the Readme.
The Alfresco server starts and then Alfresco launches in your default browser.
Important:
It can take several minutes to start the Alfresco server and to launch Alfresco. Your browser
opens and tries to connect to http://127.0.0.1:8080/share.
20 Log on to Alfresco as the admin user. Enter the password that you specified in the Admin
Password window. The Alfresco server is launched automatically as a service called alfresco.
This service comprises the following individual services:
a
b
postgresql
Tomcat Server
21 If you did not automatically launch Alfresco at the end of the setup wizard, to start Alfresco, you
need to start all the services.
22 Manually start the Alfresco server: Browse to /opt/alfresco-community/ (the installation
folder that you created in 9). As an administrator, run
./alfresco.sh start
23 To fully stop Alfresco, you must stop all the services: Browse to /opt/alfrescocommunity/ (the installation folder that you created in 9). As an administrator, run
./alfresco.sh stop
66
Alfresco UI Interface
Nos conectamos desde un browser a http://10.10.10.5:8080/share y entramos con el usuario admin y la
contrasea que colocamos al instalar.
-Ya en el Dashboard de administrador damos click en More - Groups para crear grupos.
-Nos aparecen los grupos del sistema ya creados, damos click al botn redondo New group.
-Llenamos el campo Identifier con un nombre nico y el campo Display Name con un comentario.
Damos click al botn Create Group.
68
-Despus de ingresar los grupos ya debemos verlos en el listado junto a los del sistema.
-Ya podemos crear usuarios. Damos click al link izquierdo Users y despus en el botn New User.
69
-Llenamos los campos del nuevo usuario teniendo en cuenta que los campos obligatorios son los
terminados en * y debemos asignarle un group.
-Un usuario puede pertenecer a varios grupos a la vez al igual que tener una cuota de uso de disco.
Ademas, podemos en un caso dado deshabilitar una cuenta con la opcin Disable Account.
70
-Ya creado el usuario podemos buscarlo en Users escribiendo parte del nombre en el campo User
Search.
Ya tenemos nuestro Alfresco Community funcionando y listo para comenzar a crear sitios de
colaboracin y dems.
71
number of ways that we can incorporate SSL into our Tomcat installation. This guide will
cover how to set up a SSL-enabled proxy server to securely negotiate with clients and then
hand requests off to Tomcat.
We will cover how to set this up with both Apache and Nginx.
Prerequisites
In order to complete this guide, you will have to have Tomcat already set up on your server.
This guide will assume that you used the instructions in our Tomcat 8 on Ubuntu 16.04
installation guide to get set up.
When you have a Tomcat up and running, continue below with the section for your
preferred web server. Apache starts directly below, while the Nginx configuration can be
found by skipping ahead a bit.
73
The Apache web server has a module called mod_jk which can communicate directly with
Tomcat using the Apache JServ Protocol. A connector for this protocol is enabled by default
within Tomcat, so Tomcat is already ready to handle these requests.
Section Prerequisites
Before we can discuss how to proxy Apache web server connections to Tomcat, you must
install and secure an Apache web server.
You can install the Apache web server by following step 1 of this guide. Do not install
MySQL or PHP.
Afterwards, you will need to set up SSL on the server. The way you do this will depend on
whether you have a domain name or not.
If you have a domain name... the easiest way to secure your server is with Let's
Encrypt, which provides free, trusted certificates. Follow our Let's Encrypt guide for
Apache to set this up.
If you do not have a domain... and you are just using this configuration for testing or
personal use, you can use a self-signed certificate instead. This provides the same
type of encryption, but without domain validation. Follow our self-signed SSL guide for
Apache to get set up.
When you are finished with these steps, continue below to learn how to hook up the
Apache web server to your Tomcat installation.
Inside, find the workers.tomcat_home directive. Set this to your Tomcat installation home
directory. For our Tomcat installation, that would be /opt/tomcat:
/etc/libapache2-mod-jk/workers.properties
workers.tomcat_home=/opt/tomcat
If you set up SSL with Let's Encrypt, the file location will depend on what options you
selected during the certificate process. You can find which Virtual Hosts are involved in
serving SSL requests by typing:
74
sudo apache2ctl -S
. . .
Looking at the lines associated with SSL port 443 (lines 3-6 in this example), we can
determine which Virtual Hosts files are involved in serving those domains. Here, we see
that both the 000-default-le-ssl.conf file and the default-ssl.conf file are
involved, so you should edit both of these. Your results will likely differ:
Regardless of which files you have to open, the procedure will be the same. Somewhere
within the VirtualHost tags, you should enter the following:
<VirtualHost *:443>
. . .
JKMount /* ajp13_worker
. . .
</VirtualHost>
Save and close the file. Repeat the above process for any other files you identified that
need to be edited.
When you are finished, check your configuration by typing:
If the output contains Syntax OK, restart the Apache web server process:
You should now be able get to your Tomcat installation by visiting the SSL version of your
site in your web browser:
https://example.com
Next, skip past the Nginx configuration below and continue at the section detailing how to
restrict access to Tomcat in order to complete your configuration.
Section Prerequisites
Before we can discuss how to proxy Nginx connections to Tomcat, you must install and
secure Nginx.
You can install Nginx by following our guide on installing Nginx on Ubuntu 16.04.
Afterwards, you will need to set up SSL on the server. The way you do this will depend on
whether you have a domain name or not.
If you have a domain name... the easiest way to secure your server is with Let's
Encrypt, which provides free, trusted certificates. Follow our Let's Encrypt guide for
Nginx to set this up.
If you do not have a domain... and you are just using this configuration for testing or
personal use, you can use a self-signed certificate instead. This provides the same
type of encryption, but without domain validation. Follow our self-signed SSL guide for
Nginx to get set up.
When you are finished with these steps, continue below to learn how to hook up the Nginx
web server to your Tomcat installation.
Inside, towards the top of the file, we need to add an upstream block. This will outline the
connection details so that Nginx knows where our Tomcat server is listening. Place this
outside of any of the server blocks defined within the file:
/etc/nginx/sites-available/default
upstream tomcat {
server 127.0.0.1:8080 fail_timout=0;
}
server {
. . .
Next, within the server block defined for port 443, modify the location / block. We want
to pass all requests directly to the upstream block we just defined. Comment out the
current contents and use the proxy_pass directive to pass to the "tomcat" upstream we
just defined.
We will also need to include the proxy_params configuration within this block. This file
defines many of the details of how Nginx will proxy the connection:
/etc/nginx/sites-available/default
upstream tomcat {
server 127.0.0.1:8080 fail_timout=0;
}
server {
. . .
location / {
#try_files $uri $uri/ =404;
76
include proxy_params;
proxy_pass http://tomcat/;
}
. . .
}
sudo nginx -t
You should now be able get to your Tomcat installation by visiting the SSL version of your
site in your web browser:
https://example.com
Within this file, we need to modify the Connector definitions. Currently there are two
Connectors enabled within the configuration. One handles normal HTTP requests on port
8080, while the other handles Apache JServ Protocol requests on port 8009. The
configuration will look something like this:
/opt/tomcat/conf/server.xml
. . .
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
. . .
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />
In order to restrict access to the local loopback interface, we just need to add an "address"
attribute set to 127.0.0.1 in each of these Connector definitions. The end result will look
like this:
/opt/tomcat/conf/server.xml
. . .
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
address="127.0.0.1"
77
redirectPort="8443" />
. . .
<Connector port="8009" address="127.0.0.1" protocol="AJP/1.3"
redirectPort="8443" />
After you've made those two changes, save and close the file.
We need to restart our Tomcat process to implement these changes:
If you followed our Tomcat installation guide, you have a ufw firewall enabled on your
installation. Now that all of our requests to Tomcat are restricted to the local loopback
interface, we can remove the rule from our firewall that allowed external requests to
Tomcat.
Your Tomcat installation should now only be accessible through your web server proxy.
Conclusion
At this point, connections to your Tomcat instance should be encrypted with SSL with the
help of a web server proxy. While configuring a separate web server process might
increase the software involved in serving your applications, it simplifies the process of
securing your traffic significantly.
78