Installing Alfresco 3.4.d On Fedora 15 (+ Tomcat + PostgreSQL)

This document describes how to install and setup Alfresco Content Server Community Edition by "Alfresco Software inc." on a Fedora 15 based webserver from a WAR package on a Tomcat webserver with postgreSQL database as backend. For other distributions there might be minor changes as to the software prerequisites installation procedures. I took my time to write this tutorial up, since I was unable to find any complete setup procedure on the Internet, mainly because there is a .bin executable, which install all in one easy step. Therefore this guide is intended to those who, like me, want to have as much control and understanding as possible and for those, who would want to install this server into already existing infrastructure and do not wish to dig wiki pages much. Moreover, by default, server from .bin installation runs as root and this is a potential threat to security. This guide will not only help install the product, but also understand why certain points are done the way they are done (this is most helpful for users with little or no knowledge who, like me some time ago, have only started using Linux).

 

What is Alfresco?

Should I say it in simple manner, this is the Sharepoint open source competitor, which is fully compliant with sharepoint protocol, yet powerful enough that it would take a book to cover everything in detail.

There are two versions of it, non-free Enterprise edition which includes classic commercial support from developer and a free Community edition, whereas the only support you get are posts across the Internet from others brave souls.

Links to several sections of developer:

I do not guarantee it will work for you, since later on there could be changes in software, both prerequisite and main, done in such a way that will break or anyhow else disallow procedures mentioned in this tutorial to complete successfully.

 

Preliminary Note

In this tutorial we use:

Fedora 15 DVD installation media

Hostname: alfresco.example.com

IP address: 192.168.1.100

Router address: 192.168.1.1

Netmask: 255.255.255.0

First system user (not root): alfadmin

Assume (imagine) that the server is connected to the public Internet.

We use our computer to administer the server remotely via ssh (putty on Windows), even if you have the server by your side, or have it as virtual machine ran under your main operating system

GNU nano as our primary text editor. But feel free to use any other of your liking

 

Requirements

We will need a working clean installation of Fedora 15 (x86 or x86_64 is irrelevant), i personally use x86_64 version and i strongly suggest you do the same.
If you do not have yet installed, or do not know how to install Fedora linux, please use first two pages of this tutorial by Falko up to the point where systems goes for reboot after initial installation as is shown on page two. Do alter the network settings accordingly, set software choice to 'minimal' rather than 'webserver' and in the packet customization screen select only Base System -> Base. We will install all we need later from terminal.

 

First Things First

If you did not set up static IP address during the installation, say you have a DHCP-enabled router, you need to do it now, otherwise proceed to the next step.

Login to the server console as root. You will be at the [root@alfresco ~]# prompt. Execute:

system-config-network

Do all the necessary alterations to both the controller and dns, save and exit. Then restart the network:

/etc/init.d/network restart

Check that network is reconfigured by executing:

ifconfig

Now you should be able to ssh to server on 192.168.1.100 as root. But don't do that just yet, first complete next step.

 

Securing The Server

Before we proceed any further, since we assumed that the server is, in fact, connected to the internet, we need to secure it. We will do three things.

  • Reconfigure ssh-server so it will not allow root login and change default port 22 to something else, less common, i.e. 60606,
  • Set up iptables to allow incoming connections on new port,
  • Add our firs system user in order to login with him via ssh.

 

Securing remote login

If you are not yet logged in from the console to the server (i mean local console, not ssh yet), log in as root, then execute:

nano /etc/ssh/sshd_config

On the line twelve of unaltered default file there is Port 22 directive. Duplicate it, change the port number to 60606 and uncomment.

Then find PermitRootLogin yes directive duplicate again and change it's value to no and uncomment it as well, then save the file. Restart sshd afterwards:

service sshd restart

 

Setting iptables

First check already existing iptables:

iptables -L -v --line-numbers

In default installation at position '4' will be directive to accept new tcp connections on default ssh port, we need to get rid of it, thus execute:

iptables -D INPUT 4

Now we need to allow connections to port 60606 instead. Execute:

iptables -I INPUT 4 -p tcp --dport 60606 -j ACCEPT

Lastly to save current iptables state execute:

service iptables save 
service iptables restart

 

Adding first user

All is good now, except for one thing, we've banned ourselves from ssh, since root is not permitted and there are no other system users yet. Time to correct:

useradd -c "Alfresco system user" -m -n alfadmin

Set password for this user:

passwd alfadmin

Done. You could set password for user in the first command, but this way password value will be visible during entry in terminal window and also be saved in .bash_history of root user, that is not desirable.

Now you can log in via ssh executing following command in your terminal window on local computer:

ssh [email protected] -p60606

 

Alfresco Server Setup

Software installation in most cases is pretty much straightforward and we could have 'checked' most of it upon initial install, but as I have mentioned earlier, I like to have maximum control over the system.

I intentionally divide installation into sections.

 

Software prerequisites

Logging as superuser

At this very moment you should be on the console prompt as alfadmin user. To gain root privileges execute:

su

Now we will create Downloads folder in root home and get there:

mkdir /root/Downloads && cd /root/Downloads

 

Java Runtime Environment

Open-jdk is available by default on Fedora, yet for alfresco I prefer SUN Java. Execute:

wget -O - http://download.oracle.com/otn-pub/java/jdk/6u27-b07/jre-6u27-linux-x64-rpm.bin > sunjava.bin 
chmod +x sunjava.bin
./sunjava.bin
/usr/sbin/alternatives --install /usr/bin/java java /usr/java/default/bin/java 20000

 

ImageMagick

Execute:

yum install ImageMagick

Yum will install all software prerequisites for the package itself, so you should not bother yourself about forgetting something.

 

OpenOffice

I, again, prefer libreoffice. And it is default choice in Fedora 15, so, execute:

yum install libreoffice-calc libreoffice-draw libreoffice-graphicfilter libreoffice-impress libreoffice-math libreoffice-writer libreoffice-xsltfilter

 

Flash plugin

As it is not part of the package system we will download and install it ourselves. Moreover, x64 package is in development state, so we will have to wrap 32-bit version in 64-bit.

wget http://linuxdownload.adobe.com/adobe-release/adobe-release-i386-1.0-1.noarch.rpm 
rpm -vhi adobe-release-i386-1.0-1.noarch.rpm
rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-adobe-linux
yum install flash-plugin nspluginwrapper.x86_64 nspluginwrapper.i686 alsa-plugins-pulseaudio.i686 libcurl.i686

 

SWFTools

These are opensource flash manipulation utilities. We install them mainly for PDF2SWF functionality. These have to be compiled, so we will first install devel packages, download swftools source and then compile.

yum install zlib-devel libjpeg-devel giflib-devel freetype-devel gcc gcc-c++ make 
wget http://www.swftools.org/swftools-0.9.1.tar.gz
tar xvzf swftools-0.9.1.tar.gz
cd swftools-0.9.1
./configure
make && make install
cd ../

 

Backend and webserver

PostgreSQL

By default alfresco comes with MySQL but supports postgres just as good. To install, initialize and set to start on boot, execute:

yum install postgresql postgresql-libs postgresql-server 
service postgresql initdb
service postgresql start
chkconfig postgresql on

Login to postgres as postgres system user, create database user, database and grant privileges:

su - -c "psql" postgres 
CREATE USER alfrescouser WITH PASSWORD 'alfrescopass';
CREATE DATABASE alfrescodb OWNER alfrescouser ENCODING 'UTF8';
GRANT ALL PRIVILEGES ON DATABASE alfrescodb TO alfrescouser;
\q

Alter postgresql config file to allow password logins:

nano /var/lib/pgsql/data/pg_hba.conf

Search for

# IPv4 local connections: 
host all all 127.0.0.1/32 ident

And alter it to

# IPv4 local connections: 
host all all 127.0.0.1/32 password

Now restart the database:

service postgresql restart

 

Tomcat webserver

Install, set to start on boot and then stop it:

yum install tomcat6 tomcat-native 
service tomcat6 start
chkconfig tomcat6 on
service tomcat6 stop

Prepare directory structure for alfresco:

mkdir -p /var/lib/tomcat6/shared/classes 
mkdir -p /var/lib/tomcat6/shared/lib
mkdir -p /srv/www/alfresco/alf_data

Get and copy postgresql jdbc driver:

wget http://jdbc.postgresql.org/download/postgresql-9.0-801.jdbc4.jar 
cp ~/Downloads/postgresql-9.0-801.jdbc4.jar /var/lib/tomcat6/shared/lib/

Alter tomcat configuration. File one:

nano /etc/tomcat6/tomcat6.conf

Search for these two entries (should not be far away from each other):

JAVA_HOME= 
JAVA_OPTS=

And despite anything written there alter them to

JAVA_HOME="/usr/bin/java" 
JAVA_OPTS="${JAVA_OPTS} -XX:MaxPermSize=512m -Xms128m -Xmx768m -Dalfresco.home=/srv/www/alfresco -Dcom.sun.management.jmxremote"

File two:

nano /etc/tomcat6/catalina.properties

Search for

shared.loader=

And alter it to

shared.loader=${catalina.home}/shared/classes,${catalina.home}/shared/lib/*.jar,/var/lib/tomcat6/shared/classes,/var/lib/tomcat6/shared/lib/

File three:

nano /etc/tomcat6/server.xml

Search for

<Connector port="8080" protocol="HTTP/1.1" 
connectionTimeout="20000"
redirectPort="8443">

And alter it to

<Connector port="8080" protocol="HTTP/1.1" URIEncoding="UTF-8" 
connectionTimeout="20000"
redirectPort="8443">

 

Alfresco WAR package

Download and extract alfresco community archive:

wget http://dl.alfresco.com/release/community/build-3370/alfresco-community-3.4.d.zip 
unzip -d alfresco alfresco-community-3.4.d.zip

Copy extracted files to their respective directories:

cp -r ~/Downloads/alfresco/web-server/shared /var/lib/tomcat6 
cp -r ~/Downloads/alfresco/web-server/webapps /var/lib/tomcat6
cp -r ~/Downloads/alfresco/bin /var/lib/tomcat6/bin
cp -r ~/Downloads/alfresco/licenses /var/lib/tomcat6/licenses
cp -r ~/Downloads/alfresco/README.txt /var/lib/tomcat6/README.txt
cp /var/lib/tomcat6/shared/classes/alfresco/web-extension/share-config-custom.xml.sample /var/lib/tomcat6/shared/classes/alfresco/web-extension/share-config-custom.xml

Create and populate alfresco-global properties file:

nano /var/lib/tomcat6/shared/classes/alfresco-global.properties

Paste in:

###############################
## Common Alfresco Properties #
###############################
dir.root=/srv/www/alfresco/alf_data
web.application.context.url=http://127.0.0.1:8080/alfresco
### database connection properties ###
db.driver=org.postgresql.Driver
db.url=jdbc:postgresql://localhost:5432/alfrescodb
db.username=alfrescouser
db.password=alfrescopass
### External executable locations ###
ooo.exe=/usr/lib64/libreoffice/program/
ooo.enabled=true
img.exe=/usr/bin/convert
swf.exe=/usr/local/bin/pdf2swf
jodconverter.enabled=true
jodconverter.officeHome=/usr/lib64/libreoffice/
jodconverter.portNumbers=8101
### FTP Server Configuration ###
ftp.enabled=true
ftp.port=2221
ftp.ipv6.enabled=false
### RMI service ports ###
alfresco.rmi.services.port=50500
avm.rmi.service.port=0
avmsync.rmi.service.port=0
attribute.rmi.service.port=0
authentication.rmi.service.port=0
repo.rmi.service.port=0
action.rmi.service.port=0
deployment.rmi.service.port=0

Modify share-config-custom file:

nano /var/lib/tomcat6/shared/classes/alfresco/web-extension/share-config-custom.xml

Find section:

<config evaluator="string-compare" condition="Remote">
...
</config>

Notice it is enclosed in <!-- comment --> tags. Delete those to uncomment section.

Repair permissions on tomcat files and folders:

chown -R tomcat:tomcat /var/lib/tomcat6 /srv/www/alfresco

And finally open access ports on firewall so you can connect to the server

iptables -I INPUT 4 -p tcp --dport 8080 -j ACCEPT 
iptables -I INPUT 4 -p tcp --dport 2221 -j ACCEPT
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 21 -j REDIRECT --to-port 2221
service iptables save
service iptables restart

 

Test Run

As all that had to be done was done, last thing that remains is to run server for the first time and watch for log-files output.

On my setup, server took almost 20 minutes to start up, so don't give up prematurely. Execute:

service tomcat6 start

Open http://192.168.1.100:8080/alfresco or http://192.168.1.100:8080/share in your web-browser and go grab a coffee / tea / whatever you drink cup.

 

Troubleshooting

Log files are located as follows:

/var/log/tomcat6/catalina.out
/usr/share/tomcat6/alfresco.log

You might also be interested in installing "terminal task manager" and watching live what's happening:

yum install htop 
htop
Share this page:

1 Comment(s)