Neuen Server aufsetzen: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
imported>Mkurz Keine Bearbeitungszusammenfassung |
imported>Mkurz |
||
| (69 dazwischenliegende Versionen desselben Benutzers werden nicht angezeigt) | |||
| Zeile 1: | Zeile 1: | ||
== Tools == | == Tools == | ||
Copy the server-tools from our repository to the server e.g. to 'root/tools' | For the Heli overlays we need unzip | ||
<pre> | |||
apt-get install unzip | |||
</pre> | |||
Install subversion | |||
<pre> | |||
apt-get install subversion | |||
</pre> | |||
Install dos2unix: | |||
<pre> | |||
apt-get install dos2unix | |||
</pre> | |||
Copy the server-tools from our repository : | |||
<pre> | |||
'wmdev/tools/server-tools' to the server e.g. to 'root/tools' | |||
Alternatively you can checkout the tools from our subversion via: | |||
svn co --username=yourusername URL2Svn | |||
</pre> | |||
Remove all possible windows line endings: | |||
<pre> | |||
cd /root/tools | |||
dos2unix *.sh | |||
</pre> | |||
Make all shell scripts executable | |||
<pre> | |||
chmod a+x *.sh | |||
</pre> | |||
== Sqlite3 == | |||
Used to optimize the pois "eu.db" after creation. | |||
<pre> | |||
apt-get install sqlite3 | |||
</pre> | |||
== Sync Data == | |||
'''CAVE: 'lic.apemap.at' typically points to a failloverIP if your local server has this IP active as well lic.apemap.at will not work''' | |||
To access the server via SSH without entering a password, do the following: | |||
<pre> | |||
tools/sshnopassword.sh lic.apemap.at | |||
</pre> | |||
<pre> | |||
tools/rsync_mirror_all.sh & | |||
</pre> | |||
The progress can be shown via: | |||
<pre> | |||
tail -f sync_all.log | |||
</pre> | |||
== Manual DNS entries == | |||
add to 'etc/hosts': | |||
<pre> | |||
Entries from 'tools/info/hosts.fragment.txt' | |||
</pre> | |||
== SSH Setup == | |||
edit '/etc/ssh/sshd_config': | |||
<pre> | |||
Apply 'tools/info/ssh/sshd_config.fragment.txt' | |||
</pre> | |||
== Add Faillover IP == | |||
Edit '/etc/netplan/01-netcfg.yaml' | |||
<pre> | |||
network: | |||
version: 2 | |||
renderer: networkd | |||
ethernets: | |||
eth0: | |||
addresses: [ 10.100.1.38/24, FailloverIP/32 ] | |||
gateway4: 10.100.1.1 | |||
</pre> | |||
To apply the changes do: | |||
<pre> | |||
netplan apply | |||
</pre> | |||
== DB Setup == | == DB Setup == | ||
Create apemap DB user | === Install === | ||
<pre> | |||
apt-get install mysql-server | |||
</pre> | |||
===Create apemap DB user=== | |||
<pre> | <pre> | ||
tools/createdbuser.sh | tools/createdbuser.sh | ||
| Zeile 9: | Zeile 90: | ||
== Apache2 == | == Apache2 == | ||
=== Install === | |||
<pre> | <pre> | ||
apt-get install apache2 | apt-get install apache2 | ||
</pre> | </pre> | ||
===Enable required modules=== | |||
<pre> | |||
a2enmod proxy | |||
a2enmod proxy_http | |||
a2enmod ssl | |||
a2enmod rewrite | |||
a2enmod headers | |||
</pre> | |||
=== Change documents root === | |||
'etc/apache2/sites-enabled/000-default.conf', change document root to '/var/www' | |||
=== Enable HTTPs proxy engine === | |||
Add to 'etc/apache2/sites-enabled/000-default.conf' | |||
<pre> | |||
SSLProxyEngine on | |||
</pre> | |||
=== Proxy And Header config === | |||
'/etc/apache2/apache2.conf' at the end add: | |||
<pre> | |||
apply 'tools/info/apache2/apache2.conf.fragment.txt' | |||
</pre> | |||
=== SSL === | |||
<pre> | |||
a2ensite default-ssl | |||
</pre> | |||
Edit 'default-ssl': | |||
<pre> | |||
apply 'tools/info/apache2/default-ssl.fragment.txt' | |||
</pre> | |||
=== Heli config in protected folder === | |||
<pre> | |||
scp /etc/apache2/htpasswd/config_htpasswd new-server | |||
</pre> | |||
Open "/etc/apache2/apache2.conf" and add | |||
<pre> | |||
<Directory /var/www/config/protected> | |||
AuthType Basic | |||
AuthName "Authentication Required" | |||
AuthUserFile "/etc/apache2/htpasswd/config_htpasswd" | |||
Require valid-user | |||
Order allow,deny | |||
Allow from all | |||
</Directory> | |||
</pre> | |||
=== Restart === | |||
/etc/init.d/apache2 restart | |||
== Tomcat == | == Tomcat == | ||
=== Install === | |||
<pre> | <pre> | ||
apt-get install tomcat8 | apt-get install tomcat8 | ||
apt-get install openjdk-8-jdk | apt-get install openjdk-8-jdk | ||
</pre> | </pre> | ||
Configute tomcat policies 'etc/tomcat8/policy.d/04webapps.policy': | |||
<pre> | |||
add the permissions shown in tools/info/tomcat/04webapps.policy.fragment.txt | |||
</pre> | |||
=== Webapp apemap === | |||
Create a folder 'apemap' within '/var/lib/tomcat8/webapps' | |||
Create a link to this folder from /var/apemap | |||
<pre> | <pre> | ||
ln -s /var/lib/tomcat8/webapps/apemap/ /var/apemap | ln -s /var/lib/tomcat8/webapps/apemap/ /var/apemap | ||
| Zeile 25: | Zeile 168: | ||
Sync the apemap webapp from the old server to the new one: | Sync the apemap webapp from the old server to the new one: | ||
<pre> | <pre> | ||
tools/rsync_webapp.sh | |||
</pre> | |||
=== Logging === | |||
Create apemap logging folder for tomcat: | |||
<pre> | |||
mkdir /var/log/apemap | |||
chmod a+rw /var/log/apemap/ | |||
</pre> | |||
'''IMPORTANG''' | |||
Give read write access for all to '/var/log/apemap' | |||
<pre> | |||
chmod a+rw /var/log/apemap | |||
</pre> | |||
== PHP 5.6 == | |||
<pre> | |||
apt-get update | |||
apt-get install software-properties-common | |||
add-apt-repository -y ppa:ondrej/php | |||
apt-get install php5.6 | |||
apt-get install php5.6-mysql | |||
apt-get install php5.6-mbstring | |||
apt-get install php5.6-curl | |||
apt-get install php5.6-gd | |||
apt-get clean && sudo apt autoclean | |||
a2dismod php7.2 | |||
a2enmod php5.6 | |||
</pre> | |||
Our shop requires the following in 'php.ini' (e.g. '/etc/php/5.6/apache2/php.ini'): | |||
<pre> | |||
default_charset = "iso-8859-1" | |||
</pre> | |||
== Mailrelay for PHP == | |||
Install sendmail: | |||
<pre> | |||
apt-get install sendmail | |||
</pre> | |||
Install nullmailer: (For all settings you are asked use the default) | |||
<pre> | |||
apt-get install nullmailer | |||
</pre> | |||
edit '/etc/nullmailer/remotes': | |||
<pre> | |||
apply 'tools/info/nullmailer/remotes.fragment.txt' | |||
</pre> | |||
Restart nullmailer: | |||
<pre> | |||
/etc/init.d/nullmailer restart | |||
</pre> | |||
== osmium == | |||
For vector map creation osmium is required to split pbf files. | |||
<pre> | |||
apt-get install osmium-tool | |||
</pre> | |||
== PHP My Admin == | |||
Do not create the phpmyadmin databases the admin is asking for, do no enter any DB passwords. | |||
<pre> | |||
apt-get install phpmyadmin | |||
</pre> | |||
Change to a different folder, by editing: '/etc/apache2/conf-available/phpmyadmin.conf' change the alias to the alias currently | |||
used for phpmyadmin. | |||
== Create and import data bases == | |||
<pre> | |||
tools/createandimportdb.sh shop3 | |||
tools/createandimportdb.sh apemap | |||
</pre> | |||
== Add and start services == | |||
Copy services to '/etc/systemd/system' | |||
<pre> | |||
cp ~/tools/services/*.service /etc/systemd/system | |||
</pre> | |||
Reload the service daemon, so that its knows the new services: | |||
<pre> | |||
systemctl daemon-reload | |||
</pre> | |||
Enable the newly added services | |||
<pre> | |||
systemctl enable apemap-2 | |||
systemctl enable apemap-3 | |||
systemctl enable apemap-4 | |||
systemctl enable apemap-router | |||
</pre> | |||
Start the service | |||
<pre> | |||
systemctl start apemap-2 | |||
systemctl start apemap-3 | |||
systemctl start apemap-4 | |||
systemctl start apemap-router | |||
</pre> | |||
Investigate status of the services | |||
<pre> | |||
systemctl status apemap-2 | |||
systemctl status apemap-3 | |||
systemctl status apemap-4 | |||
systemctl status apemap-router | |||
</pre> | </pre> | ||
== Cron jobs == | |||
Remark: cron jobs are backuped daily into the share folder | |||
=== Master === | |||
add the following cron jobs | |||
<pre> | |||
apply tools/info/cron/cron.master.txt | |||
</pre> | |||
=== Slave === | |||
add the following cron jobs | |||
<pre> | |||
apply tools/info/cron/cron.slave.txt | |||
</pre> | |||
== Test Server == | |||
* Open the unit test "ApemapServerTest" | |||
* Adjust the server you want to test. | |||
* Execute the test. | |||
Aktuelle Version vom 2. Dezember 2025, 11:05 Uhr
Tools
For the Heli overlays we need unzip
apt-get install unzip
Install subversion
apt-get install subversion
Install dos2unix:
apt-get install dos2unix
Copy the server-tools from our repository :
'wmdev/tools/server-tools' to the server e.g. to 'root/tools' Alternatively you can checkout the tools from our subversion via: svn co --username=yourusername URL2Svn
Remove all possible windows line endings:
cd /root/tools dos2unix *.sh
Make all shell scripts executable
chmod a+x *.sh
Sqlite3
Used to optimize the pois "eu.db" after creation.
apt-get install sqlite3
Sync Data
CAVE: 'lic.apemap.at' typically points to a failloverIP if your local server has this IP active as well lic.apemap.at will not work
To access the server via SSH without entering a password, do the following:
tools/sshnopassword.sh lic.apemap.at
tools/rsync_mirror_all.sh &
The progress can be shown via:
tail -f sync_all.log
Manual DNS entries
add to 'etc/hosts':
Entries from 'tools/info/hosts.fragment.txt'
SSH Setup
edit '/etc/ssh/sshd_config':
Apply 'tools/info/ssh/sshd_config.fragment.txt'
Add Faillover IP
Edit '/etc/netplan/01-netcfg.yaml'
network:
version: 2
renderer: networkd
ethernets:
eth0:
addresses: [ 10.100.1.38/24, FailloverIP/32 ]
gateway4: 10.100.1.1
To apply the changes do:
netplan apply
DB Setup
Install
apt-get install mysql-server
Create apemap DB user
tools/createdbuser.sh
Apache2
Install
apt-get install apache2
Enable required modules
a2enmod proxy a2enmod proxy_http a2enmod ssl a2enmod rewrite a2enmod headers
Change documents root
'etc/apache2/sites-enabled/000-default.conf', change document root to '/var/www'
Enable HTTPs proxy engine
Add to 'etc/apache2/sites-enabled/000-default.conf'
SSLProxyEngine on
Proxy And Header config
'/etc/apache2/apache2.conf' at the end add:
apply 'tools/info/apache2/apache2.conf.fragment.txt'
SSL
a2ensite default-ssl
Edit 'default-ssl':
apply 'tools/info/apache2/default-ssl.fragment.txt'
Heli config in protected folder
scp /etc/apache2/htpasswd/config_htpasswd new-server
Open "/etc/apache2/apache2.conf" and add
<Directory /var/www/config/protected> AuthType Basic AuthName "Authentication Required" AuthUserFile "/etc/apache2/htpasswd/config_htpasswd" Require valid-user Order allow,deny Allow from all </Directory>
Restart
/etc/init.d/apache2 restart
Tomcat
Install
apt-get install tomcat8 apt-get install openjdk-8-jdk
Configute tomcat policies 'etc/tomcat8/policy.d/04webapps.policy':
add the permissions shown in tools/info/tomcat/04webapps.policy.fragment.txt
Webapp apemap
Create a folder 'apemap' within '/var/lib/tomcat8/webapps' Create a link to this folder from /var/apemap
ln -s /var/lib/tomcat8/webapps/apemap/ /var/apemap
Sync the apemap webapp from the old server to the new one:
tools/rsync_webapp.sh
Logging
Create apemap logging folder for tomcat:
mkdir /var/log/apemap chmod a+rw /var/log/apemap/
IMPORTANG Give read write access for all to '/var/log/apemap'
chmod a+rw /var/log/apemap
PHP 5.6
apt-get update apt-get install software-properties-common add-apt-repository -y ppa:ondrej/php apt-get install php5.6 apt-get install php5.6-mysql apt-get install php5.6-mbstring apt-get install php5.6-curl apt-get install php5.6-gd apt-get clean && sudo apt autoclean a2dismod php7.2 a2enmod php5.6
Our shop requires the following in 'php.ini' (e.g. '/etc/php/5.6/apache2/php.ini'):
default_charset = "iso-8859-1"
Mailrelay for PHP
Install sendmail:
apt-get install sendmail
Install nullmailer: (For all settings you are asked use the default)
apt-get install nullmailer
edit '/etc/nullmailer/remotes':
apply 'tools/info/nullmailer/remotes.fragment.txt'
Restart nullmailer:
/etc/init.d/nullmailer restart
osmium
For vector map creation osmium is required to split pbf files.
apt-get install osmium-tool
PHP My Admin
Do not create the phpmyadmin databases the admin is asking for, do no enter any DB passwords.
apt-get install phpmyadmin
Change to a different folder, by editing: '/etc/apache2/conf-available/phpmyadmin.conf' change the alias to the alias currently used for phpmyadmin.
Create and import data bases
tools/createandimportdb.sh shop3 tools/createandimportdb.sh apemap
Add and start services
Copy services to '/etc/systemd/system'
cp ~/tools/services/*.service /etc/systemd/system
Reload the service daemon, so that its knows the new services:
systemctl daemon-reload
Enable the newly added services
systemctl enable apemap-2 systemctl enable apemap-3 systemctl enable apemap-4 systemctl enable apemap-router
Start the service
systemctl start apemap-2 systemctl start apemap-3 systemctl start apemap-4 systemctl start apemap-router
Investigate status of the services
systemctl status apemap-2 systemctl status apemap-3 systemctl status apemap-4 systemctl status apemap-router
Cron jobs
Remark: cron jobs are backuped daily into the share folder
Master
add the following cron jobs
apply tools/info/cron/cron.master.txt
Slave
add the following cron jobs
apply tools/info/cron/cron.slave.txt
Test Server
- Open the unit test "ApemapServerTest"
- Adjust the server you want to test.
- Execute the test.