Installing Alfresco 3.4.d On Fedora 15 (+ Tomcat + PostgreSQL)
This document describes how to install and setup Alfresco Content Server Community Edition by "Alfresco Software inc." on a Fedora 15 based webserver from a WAR package on a Tomcat webserver with postgreSQL database as backend. For other distributions there might be minor changes as to the software prerequisites installation procedures. I took my time to write this tutorial up, since I was unable to find any complete setup procedure on the Internet, mainly because there is a .bin executable, which install all in one easy step. Therefore this guide is intended to those who, like me, want to have as much control and understanding as possible and for those, who would want to install this server into already existing infrastructure and do not wish to dig wiki pages much. Moreover, by default, server from .bin installation runs as root and this is a potential threat to security. This guide will not only help install the product, but also understand why certain points are done the way they are done (this is most helpful for users with little or no knowledge who, like me some time ago, have only started using Linux).
What is Alfresco?
Should I say it in simple manner, this is the Sharepoint open source competitor, which is fully compliant with sharepoint protocol, yet powerful enough that it would take a book to cover everything in detail.
There are two versions of it, non-free Enterprise edition which includes classic commercial support from developer and a free Community edition, whereas the only support you get are posts across the Internet from others brave souls.
Links to several sections of developer:
- Product homepage: http://www.alfresco.com/
- Forums: http://forums.alfresco.com/en/
- Documentation: http://docs.alfresco.com/3.4/index.jsp
- Support: http://support.alfresco.com/
I do not guarantee it will work for you, since later on there could be changes in software, both prerequisite and main, done in such a way that will break or anyhow else disallow procedures mentioned in this tutorial to complete successfully.
Preliminary Note
In this tutorial we use:
Fedora 15 DVD installation media
Hostname: alfresco.example.com
IP address: 192.168.1.100
Router address: 192.168.1.1
Netmask: 255.255.255.0
First system user (not root): alfadmin
Assume (imagine) that the server is connected to the public Internet.
We use our computer to administer the server remotely via ssh (putty on Windows), even if you have the server by your side, or have it as virtual machine ran under your main operating system
GNU nano as our primary text editor. But feel free to use any other of your liking
Requirements
We will need a working clean installation of Fedora 15 (x86 or x86_64 is irrelevant), i personally use x86_64 version and i strongly suggest you do the same.
If you do not have yet installed, or do not know how to install Fedora linux, please use first two pages of this tutorial by Falko up to the point where systems goes for reboot after initial installation as is shown on page two. Do alter the network settings accordingly, set software choice to 'minimal' rather than 'webserver' and in the packet customization screen select only Base System -> Base. We will install all we need later from terminal.
First Things First
If you did not set up static IP address during the installation, say you have a DHCP-enabled router, you need to do it now, otherwise proceed to the next step.
Login to the server console as root. You will be at the [root@alfresco ~]# prompt. Execute:
system-config-network
Do all the necessary alterations to both the controller and dns, save and exit. Then restart the network:
/etc/init.d/network restart
Check that network is reconfigured by executing:
ifconfig
Now you should be able to ssh to server on 192.168.1.100 as root. But don't do that just yet, first complete next step.
Securing The Server
Before we proceed any further, since we assumed that the server is, in fact, connected to the internet, we need to secure it. We will do three things.
- Reconfigure ssh-server so it will not allow root login and change default port 22 to something else, less common, i.e. 60606,
- Set up iptables to allow incoming connections on new port,
- Add our firs system user in order to login with him via ssh.
Securing remote login
If you are not yet logged in from the console to the server (i mean local console, not ssh yet), log in as root, then execute:
nano /etc/ssh/sshd_config
On the line twelve of unaltered default file there is Port 22 directive. Duplicate it, change the port number to 60606 and uncomment.
Then find PermitRootLogin yes directive duplicate again and change it's value to no and uncomment it as well, then save the file. Restart sshd afterwards:
service sshd restart
Setting iptables
First check already existing iptables:
iptables -L -v --line-numbers
In default installation at position '4' will be directive to accept new tcp connections on default ssh port, we need to get rid of it, thus execute:
iptables -D INPUT 4
Now we need to allow connections to port 60606 instead. Execute:
iptables -I INPUT 4 -p tcp --dport 60606 -j ACCEPT
Lastly to save current iptables state execute:
service iptables save
service iptables restart
Adding first user
All is good now, except for one thing, we've banned ourselves from ssh, since root is not permitted and there are no other system users yet. Time to correct:
useradd -c "Alfresco system user" -m -n alfadmin
Set password for this user:
passwd alfadmin
Done. You could set password for user in the first command, but this way password value will be visible during entry in terminal window and also be saved in .bash_history of root user, that is not desirable.
Now you can log in via ssh executing following command in your terminal window on local computer:
ssh [email protected] -p60606
Alfresco Server Setup
Software installation in most cases is pretty much straightforward and we could have 'checked' most of it upon initial install, but as I have mentioned earlier, I like to have maximum control over the system.
I intentionally divide installation into sections.
Software prerequisites
Logging as superuser
At this very moment you should be on the console prompt as alfadmin user. To gain root privileges execute:
su
Now we will create Downloads folder in root home and get there:
mkdir /root/Downloads && cd /root/Downloads
Java Runtime Environment
Open-jdk is available by default on Fedora, yet for alfresco I prefer SUN Java. Execute:
wget -O - http://download.oracle.com/otn-pub/java/jdk/6u27-b07/jre-6u27-linux-x64-rpm.bin > sunjava.bin
chmod +x sunjava.bin
./sunjava.bin
/usr/sbin/alternatives --install /usr/bin/java java /usr/java/default/bin/java 20000
ImageMagick
Execute:
yum install ImageMagick
Yum will install all software prerequisites for the package itself, so you should not bother yourself about forgetting something.
OpenOffice
I, again, prefer libreoffice. And it is default choice in Fedora 15, so, execute:
yum install libreoffice-calc libreoffice-draw libreoffice-graphicfilter libreoffice-impress libreoffice-math libreoffice-writer libreoffice-xsltfilter
Flash plugin
As it is not part of the package system we will download and install it ourselves. Moreover, x64 package is in development state, so we will have to wrap 32-bit version in 64-bit.
wget http://linuxdownload.adobe.com/adobe-release/adobe-release-i386-1.0-1.noarch.rpm
rpm -vhi adobe-release-i386-1.0-1.noarch.rpm
rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-adobe-linux
yum install flash-plugin nspluginwrapper.x86_64 nspluginwrapper.i686 alsa-plugins-pulseaudio.i686 libcurl.i686
SWFTools
These are opensource flash manipulation utilities. We install them mainly for PDF2SWF functionality. These have to be compiled, so we will first install devel packages, download swftools source and then compile.
yum install zlib-devel libjpeg-devel giflib-devel freetype-devel gcc gcc-c++ make
wget http://www.swftools.org/swftools-0.9.1.tar.gz
tar xvzf swftools-0.9.1.tar.gz
cd swftools-0.9.1
./configure
make && make install
cd ../
Backend and webserver
PostgreSQL
By default alfresco comes with MySQL but supports postgres just as good. To install, initialize and set to start on boot, execute:
yum install postgresql postgresql-libs postgresql-server
service postgresql initdb
service postgresql start
chkconfig postgresql on
Login to postgres as postgres system user, create database user, database and grant privileges:
su - -c "psql" postgres
CREATE USER alfrescouser WITH PASSWORD 'alfrescopass';
CREATE DATABASE alfrescodb OWNER alfrescouser ENCODING 'UTF8';
GRANT ALL PRIVILEGES ON DATABASE alfrescodb TO alfrescouser;
\q
Alter postgresql config file to allow password logins:
nano /var/lib/pgsql/data/pg_hba.conf
Search for
# IPv4 local connections:
host all all 127.0.0.1/32 ident
And alter it to
# IPv4 local connections:
host all all 127.0.0.1/32 password
Now restart the database:
service postgresql restart
Tomcat webserver
Install, set to start on boot and then stop it:
yum install tomcat6 tomcat-native
service tomcat6 start
chkconfig tomcat6 on
service tomcat6 stop
Prepare directory structure for alfresco:
mkdir -p /var/lib/tomcat6/shared/classes
mkdir -p /var/lib/tomcat6/shared/lib
mkdir -p /srv/www/alfresco/alf_data
Get and copy postgresql jdbc driver:
wget http://jdbc.postgresql.org/download/postgresql-9.0-801.jdbc4.jar
cp ~/Downloads/postgresql-9.0-801.jdbc4.jar /var/lib/tomcat6/shared/lib/
Alter tomcat configuration. File one:
nano /etc/tomcat6/tomcat6.conf
Search for these two entries (should not be far away from each other):
JAVA_HOME=
JAVA_OPTS=
And despite anything written there alter them to
JAVA_HOME="/usr/bin/java"
JAVA_OPTS="${JAVA_OPTS} -XX:MaxPermSize=512m -Xms128m -Xmx768m -Dalfresco.home=/srv/www/alfresco -Dcom.sun.management.jmxremote"
File two:
nano /etc/tomcat6/catalina.properties
Search for
shared.loader=
And alter it to
shared.loader=${catalina.home}/shared/classes,${catalina.home}/shared/lib/*.jar,/var/lib/tomcat6/shared/classes,/var/lib/tomcat6/shared/lib/
File three:
nano /etc/tomcat6/server.xml
Search for
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443">
And alter it to
<Connector port="8080" protocol="HTTP/1.1" URIEncoding="UTF-8"
connectionTimeout="20000"
redirectPort="8443">
Alfresco WAR package
Download and extract alfresco community archive:
wget http://dl.alfresco.com/release/community/build-3370/alfresco-community-3.4.d.zip
unzip -d alfresco alfresco-community-3.4.d.zip
Copy extracted files to their respective directories:
cp -r ~/Downloads/alfresco/web-server/shared /var/lib/tomcat6
cp -r ~/Downloads/alfresco/web-server/webapps /var/lib/tomcat6
cp -r ~/Downloads/alfresco/bin /var/lib/tomcat6/bin
cp -r ~/Downloads/alfresco/licenses /var/lib/tomcat6/licenses
cp -r ~/Downloads/alfresco/README.txt /var/lib/tomcat6/README.txt
cp /var/lib/tomcat6/shared/classes/alfresco/web-extension/share-config-custom.xml.sample /var/lib/tomcat6/shared/classes/alfresco/web-extension/share-config-custom.xml
Create and populate alfresco-global properties file:
nano /var/lib/tomcat6/shared/classes/alfresco-global.properties
Paste in:
############################### ## Common Alfresco Properties # ############################### dir.root=/srv/www/alfresco/alf_data web.application.context.url=http://127.0.0.1:8080/alfresco ### database connection properties ### db.driver=org.postgresql.Driver db.url=jdbc:postgresql://localhost:5432/alfrescodb db.username=alfrescouser db.password=alfrescopass ### External executable locations ### ooo.exe=/usr/lib64/libreoffice/program/ ooo.enabled=true img.exe=/usr/bin/convert swf.exe=/usr/local/bin/pdf2swf jodconverter.enabled=true jodconverter.officeHome=/usr/lib64/libreoffice/ jodconverter.portNumbers=8101 ### FTP Server Configuration ### ftp.enabled=true ftp.port=2221 ftp.ipv6.enabled=false ### RMI service ports ### alfresco.rmi.services.port=50500 avm.rmi.service.port=0 avmsync.rmi.service.port=0 attribute.rmi.service.port=0 authentication.rmi.service.port=0 repo.rmi.service.port=0 action.rmi.service.port=0 deployment.rmi.service.port=0
Modify share-config-custom file:
nano /var/lib/tomcat6/shared/classes/alfresco/web-extension/share-config-custom.xml
Find section:
<config evaluator="string-compare" condition="Remote"> ... </config>
Notice it is enclosed in <!-- comment --> tags. Delete those to uncomment section.
Repair permissions on tomcat files and folders:
chown -R tomcat:tomcat /var/lib/tomcat6 /srv/www/alfresco
And finally open access ports on firewall so you can connect to the server
iptables -I INPUT 4 -p tcp --dport 8080 -j ACCEPT
iptables -I INPUT 4 -p tcp --dport 2221 -j ACCEPT
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 21 -j REDIRECT --to-port 2221
service iptables save
service iptables restart
Test Run
As all that had to be done was done, last thing that remains is to run server for the first time and watch for log-files output.
On my setup, server took almost 20 minutes to start up, so don't give up prematurely. Execute:
service tomcat6 start
Open http://192.168.1.100:8080/alfresco or http://192.168.1.100:8080/share in your web-browser and go grab a coffee / tea / whatever you drink cup.
Troubleshooting
Log files are located as follows:
/var/log/tomcat6/catalina.out
/usr/share/tomcat6/alfresco.log
You might also be interested in installing "terminal task manager" and watching live what's happening:
yum install htop
htop