From 558e079b46cc5fcf23d70e10083817bb4e6a7a78 Mon Sep 17 00:00:00 2001 From: Didier Date: Tue, 12 Sep 2023 12:02:04 +0200 Subject: [PATCH 1/8] add Ubuntu 22.04 install procedure --- INSTALL/INSTALL.ubuntu2204.md | 218 ++++++++++++++++++++++++++++++++++ 1 file changed, 218 insertions(+) create mode 100644 INSTALL/INSTALL.ubuntu2204.md diff --git a/INSTALL/INSTALL.ubuntu2204.md b/INSTALL/INSTALL.ubuntu2204.md new file mode 100644 index 0000000..bafaa54 --- /dev/null +++ b/INSTALL/INSTALL.ubuntu2204.md @@ -0,0 +1,218 @@ +Installation on Ubuntu 22.04 +============================ + +# 1. Install LAMP & dependencies + +## 1.1. Install system dependencies + +```bash +sudo apt-get install zip unzip git gettext curl jq +``` + +Some might already be installed. + +## 1.2. Install MariaDB + +```bash +sudo apt-get install mariadb-client mariadb-server +``` + +### Secure the MariaDB installation + +```bash +sudo mysql_secure_installation +``` + +Especially by setting a strong root password. + +## 1.3. Install Apache2 + +```bash +sudo apt-get install apache2 +``` + +### Enable modules, settings, and default of SSL in Apache + +```bash +sudo a2dismod status +sudo a2enmod ssl +sudo a2enmod rewrite +sudo a2enmod headers +``` + +### Apache Virtual Host + +```conf + + ServerAdmin admin@localhost.lu + ServerName monarc.local + DocumentRoot /var/lib/monarc/fo/public + + + DirectoryIndex index.php + AllowOverride All + Require all granted + + + + Header always set X-Content-Type-Options nosniff + Header always set X-XSS-Protection "1; mode=block" + Header always set X-Robots-Tag none + Header always set X-Frame-Options SAMEORIGIN + + + SetEnv APP_ENV "development" + +``` + + +## 1.4. Install PHP and dependencies (It's recommended to install php8 or php8.1 and all the modules of the version) + +```bash +$ sudo apt-get install php apache2 libapache2-mod-php php-curl php-gd php-mysql php-pear php-xml php-mbstring php-intl php-imagick php-zip php-bcmath +``` + +## 1.5 Apply PHP configuration settings in your php.ini + +https://github.com/monarc-project/MonarcAppFO/blob/master/vagrant/bootstrap.sh#L22-L26 + +## 1.6 Change access risghts + +```bash +sudo chown -R www-data:www-data /var/lib/monarc +``` + +## 1.7 Apply all changes + +```bash +$ sudo systemctl restart apache2.service +``` + +# 2. Installation of MONARC + +```bash +PATH_TO_MONARC='/var/lib/monarc/fo' +PATH_TO_MONARC_DATA='/var/lib/monarc/fo-data' +MONARC_VERSION=$(curl --silent -H 'Content-Type: application/json' https://api.github.com/repos/monarc-project/MonarcAppFO/releases/latest | jq -r '.tag_name') +MONARCFO_RELEASE_URL="https://github.com/monarc-project/MonarcAppFO/releases/download/$MONARC_VERSION/MonarcAppFO-$MONARC_VERSION.tar.gz" + +mkdir -p /var/lib/monarc/releases/ +# Download release +curl -sL $MONARCFO_RELEASE_URL -o /var/lib/monarc/releases/`basename $MONARCFO_RELEASE_URL` +# Create release directory +mkdir /var/lib/monarc/releases/`basename $MONARCFO_RELEASE_URL | sed 's/.tar.gz//'` +# Unarchive release +tar -xzf /var/lib/monarc/releases/`basename $MONARCFO_RELEASE_URL` -C /var/lib/monarc/releases/`basename $MONARCFO_RELEASE_URL | sed 's/.tar.gz//'` +# Create release symlink +ln -s /var/lib/monarc/releases/`basename $MONARCFO_RELEASE_URL | sed 's/.tar.gz//'` $PATH_TO_MONARC +# Create data and caches directories +mkdir -p $PATH_TO_MONARC_DATA/cache $PATH_TO_MONARC_DATA/DoctrineORMModule/Proxy $PATH_TO_MONARC_DATA/LazyServices/Proxy $PATH_TO_MONARC_DATA/import/files +# Create data directory symlink +ln -s $PATH_TO_MONARC_DATA $PATH_TO_MONARC/data +``` + + +## 2.2. Databases + +### Create a MariaDB user for MONARC + +Start MariaDB as root: + +```bash +sudo mysql +``` + +Create a new user for MONARC: + +```sql +CREATE USER 'monarc'@'%' IDENTIFIED BY 'password'; +GRANT ALL PRIVILEGES ON * . * TO 'monarc'@'%'; +FLUSH PRIVILEGES; +``` + +### Create 2 databases + +In your MariaDB interpreter: + +```sql +CREATE DATABASE monarc_cli DEFAULT CHARACTER SET utf8 DEFAULT COLLATE utf8_general_ci; +CREATE DATABASE monarc_common DEFAULT CHARACTER SET utf8 DEFAULT COLLATE utf8_general_ci; +``` + +* monarc_common contains models and data created by CASES; +* monarc_cli contains all client risk analyses. Each analysis is based on CASES + model of monarc_common. + +### Initializes the database + +```bash +cd /var/lib/monarc/releases/MonarcAppFO-$MONARC_VERSION +mysql -u monarc -ppassword monarc_common < db-bootstrap/monarc_structure.sql +mysql -u monarc -ppassword monarc_common < db-bootstrap/monarc_data.sql +``` + +### Database connection + +Create the configuration file: + +```bash +$ sudo cp ./config/autoload/local.php.dist ./config/autoload/local.php +``` + +And configure the database connection: + +```php + return [ + 'doctrine' => [ + 'connection' => [ + 'orm_default' => [ + 'params' => [ + 'host' => 'localhost', + 'user' => 'monarc', + 'password' => 'password', + 'dbname' => 'monarc_common', + ], + ], + 'orm_cli' => [ + 'params' => [ + 'host' => 'localhost', + 'user' => 'monarc', + 'password' => 'password', + 'dbname' => 'monarc_cli', + ], + ], + ], + ], + ]; +``` + +# 3. Migrating MONARC DB + +```bash +$ php ./vendor/robmorgan/phinx/bin/phinx migrate -c module/Monarc/FrontOffice/migrations/phinx.php +$ php ./vendor/robmorgan/phinx/bin/phinx migrate -c module/Monarc/Core/migrations/phinx.php +``` + + +# 4. Create initial user + +```bash +$ php ./vendor/robmorgan/phinx/bin/phinx seed:run -c ./module/Monarc/FrontOffice/migrations/phinx.php +``` + +The username is *admin@admin.localhost* and the password is *admin*. + + +# 5. Statistics for Global Dashboard + +If you would like to use the global dashboard stats feature, you need to +configure a Stats Service instance on your server. + +The architecture, installation instructions and GitHub project can be found here: + +- https://www.monarc.lu/documentation/stats-service/master/architecture.html +- https://www.monarc.lu/documentation/stats-service/master/installation.html +- https://github.com/monarc-project/stats-service + +The communication of access to the StatsService is performed on each instance of +FrontOffice (clients). From 71abb662abc2dd1ed23356b2229bce66278cb451 Mon Sep 17 00:00:00 2001 From: Didier Date: Tue, 12 Sep 2023 12:46:54 +0200 Subject: [PATCH 2/8] fix typos --- INSTALL/INSTALL.ubuntu2204.md | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/INSTALL/INSTALL.ubuntu2204.md b/INSTALL/INSTALL.ubuntu2204.md index bafaa54..ef50c6a 100644 --- a/INSTALL/INSTALL.ubuntu2204.md +++ b/INSTALL/INSTALL.ubuntu2204.md @@ -65,27 +65,21 @@ sudo a2enmod headers ``` - ## 1.4. Install PHP and dependencies (It's recommended to install php8 or php8.1 and all the modules of the version) ```bash -$ sudo apt-get install php apache2 libapache2-mod-php php-curl php-gd php-mysql php-pear php-xml php-mbstring php-intl php-imagick php-zip php-bcmath +sudo apt-get install php apache2 libapache2-mod-php php-curl php-gd php-mysql php-pear php-xml php-mbstring php-intl php-imagick php-zip php-bcmath ``` ## 1.5 Apply PHP configuration settings in your php.ini https://github.com/monarc-project/MonarcAppFO/blob/master/vagrant/bootstrap.sh#L22-L26 -## 1.6 Change access risghts + +## 1.6 Apply all changes ```bash -sudo chown -R www-data:www-data /var/lib/monarc -``` - -## 1.7 Apply all changes - -```bash -$ sudo systemctl restart apache2.service +sudo systemctl restart apache2.service ``` # 2. Installation of MONARC @@ -111,6 +105,12 @@ mkdir -p $PATH_TO_MONARC_DATA/cache $PATH_TO_MONARC_DATA/DoctrineORMModule/Proxy ln -s $PATH_TO_MONARC_DATA $PATH_TO_MONARC/data ``` +## 2.1 Change access rights + +```bash +sudo chown -R www-data:www-data /var/lib/monarc +``` + ## 2.2. Databases From 00605434fff5d00b077290ea920106a50fc3aca3 Mon Sep 17 00:00:00 2001 From: Didier Date: Tue, 12 Sep 2023 12:50:11 +0200 Subject: [PATCH 3/8] fix typo --- INSTALL/INSTALL.ubuntu2204.md | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/INSTALL/INSTALL.ubuntu2204.md b/INSTALL/INSTALL.ubuntu2204.md index ef50c6a..103e5e3 100644 --- a/INSTALL/INSTALL.ubuntu2204.md +++ b/INSTALL/INSTALL.ubuntu2204.md @@ -42,6 +42,14 @@ sudo a2enmod headers ### Apache Virtual Host +Modify default Apache virtual host: + +```bash +sudo vi /etc/apache2/sites-enabled/000-default.conf +``` + +With this configuration: + ```conf ServerAdmin admin@localhost.lu @@ -189,15 +197,15 @@ And configure the database connection: # 3. Migrating MONARC DB ```bash -$ php ./vendor/robmorgan/phinx/bin/phinx migrate -c module/Monarc/FrontOffice/migrations/phinx.php -$ php ./vendor/robmorgan/phinx/bin/phinx migrate -c module/Monarc/Core/migrations/phinx.php +sudo php ./vendor/robmorgan/phinx/bin/phinx migrate -c module/Monarc/FrontOffice/migrations/phinx.php +sudo php ./vendor/robmorgan/phinx/bin/phinx migrate -c module/Monarc/Core/migrations/phinx.php ``` # 4. Create initial user ```bash -$ php ./vendor/robmorgan/phinx/bin/phinx seed:run -c ./module/Monarc/FrontOffice/migrations/phinx.php +sudo php ./vendor/robmorgan/phinx/bin/phinx seed:run -c ./module/Monarc/FrontOffice/migrations/phinx.php ``` The username is *admin@admin.localhost* and the password is *admin*. From dbeecff18525b9d770532e06519f2599d77e5c04 Mon Sep 17 00:00:00 2001 From: Didier Date: Tue, 12 Sep 2023 14:12:43 +0200 Subject: [PATCH 4/8] remove not needed sudo --- INSTALL/INSTALL.ubuntu2204.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/INSTALL/INSTALL.ubuntu2204.md b/INSTALL/INSTALL.ubuntu2204.md index 103e5e3..1bb9648 100644 --- a/INSTALL/INSTALL.ubuntu2204.md +++ b/INSTALL/INSTALL.ubuntu2204.md @@ -113,7 +113,7 @@ mkdir -p $PATH_TO_MONARC_DATA/cache $PATH_TO_MONARC_DATA/DoctrineORMModule/Proxy ln -s $PATH_TO_MONARC_DATA $PATH_TO_MONARC/data ``` -## 2.1 Change access rights +## 2.1 Change owner ```bash sudo chown -R www-data:www-data /var/lib/monarc @@ -164,7 +164,7 @@ mysql -u monarc -ppassword monarc_common < db-bootstrap/monarc_data.sql Create the configuration file: ```bash -$ sudo cp ./config/autoload/local.php.dist ./config/autoload/local.php +sudo cp ./config/autoload/local.php.dist ./config/autoload/local.php ``` And configure the database connection: @@ -197,15 +197,15 @@ And configure the database connection: # 3. Migrating MONARC DB ```bash -sudo php ./vendor/robmorgan/phinx/bin/phinx migrate -c module/Monarc/FrontOffice/migrations/phinx.php -sudo php ./vendor/robmorgan/phinx/bin/phinx migrate -c module/Monarc/Core/migrations/phinx.php +php ./vendor/robmorgan/phinx/bin/phinx migrate -c module/Monarc/FrontOffice/migrations/phinx.php +php ./vendor/robmorgan/phinx/bin/phinx migrate -c module/Monarc/Core/migrations/phinx.php ``` # 4. Create initial user ```bash -sudo php ./vendor/robmorgan/phinx/bin/phinx seed:run -c ./module/Monarc/FrontOffice/migrations/phinx.php +php ./vendor/robmorgan/phinx/bin/phinx seed:run -c ./module/Monarc/FrontOffice/migrations/phinx.php ``` The username is *admin@admin.localhost* and the password is *admin*. From 624c5a1fa64aca2a8f11cbe2e94e7dd53c95a62f Mon Sep 17 00:00:00 2001 From: Didier Date: Tue, 12 Sep 2023 18:58:33 +0200 Subject: [PATCH 5/8] update php.ini keys --- INSTALL/INSTALL.ubuntu2204.md | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/INSTALL/INSTALL.ubuntu2204.md b/INSTALL/INSTALL.ubuntu2204.md index 1bb9648..bc75a37 100644 --- a/INSTALL/INSTALL.ubuntu2204.md +++ b/INSTALL/INSTALL.ubuntu2204.md @@ -81,8 +81,21 @@ sudo apt-get install php apache2 libapache2-mod-php php-curl php-gd php-mysql ph ## 1.5 Apply PHP configuration settings in your php.ini -https://github.com/monarc-project/MonarcAppFO/blob/master/vagrant/bootstrap.sh#L22-L26 +Edit php.ini file +```bash +sudo vi /etc/php/8.1/apache2/php.ini +``` +Change these keys: + +```php +upload_max_filesize = 200M +post_max_size = 50M +max_execution_time = 100 +max_input_time = 223 +memory_limit = 512M +error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT & ~E_NOTICE & ~E_WARNING +``` ## 1.6 Apply all changes From e6f5d53412c1c7e7261fb8280b30da0859a4821c Mon Sep 17 00:00:00 2001 From: Didier Date: Wed, 13 Sep 2023 07:39:42 +0200 Subject: [PATCH 6/8] invalid path --- INSTALL/INSTALL.ubuntu2204.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/INSTALL/INSTALL.ubuntu2204.md b/INSTALL/INSTALL.ubuntu2204.md index bc75a37..1c801ae 100644 --- a/INSTALL/INSTALL.ubuntu2204.md +++ b/INSTALL/INSTALL.ubuntu2204.md @@ -84,7 +84,7 @@ sudo apt-get install php apache2 libapache2-mod-php php-curl php-gd php-mysql ph Edit php.ini file ```bash -sudo vi /etc/php/8.1/apache2/php.ini +sudo vi /etc/php/8.1/fpm/php.ini ``` Change these keys: From 00238844dfa31efbbece9459ec1d9140685e136d Mon Sep 17 00:00:00 2001 From: Didier Date: Wed, 13 Sep 2023 08:21:04 +0200 Subject: [PATCH 7/8] revert path --- INSTALL/INSTALL.ubuntu2204.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/INSTALL/INSTALL.ubuntu2204.md b/INSTALL/INSTALL.ubuntu2204.md index 1c801ae..bc75a37 100644 --- a/INSTALL/INSTALL.ubuntu2204.md +++ b/INSTALL/INSTALL.ubuntu2204.md @@ -84,7 +84,7 @@ sudo apt-get install php apache2 libapache2-mod-php php-curl php-gd php-mysql ph Edit php.ini file ```bash -sudo vi /etc/php/8.1/fpm/php.ini +sudo vi /etc/php/8.1/apache2/php.ini ``` Change these keys: From 4b23aeb68740551022f8fc9ea19d8d1fd821d6a4 Mon Sep 17 00:00:00 2001 From: Ruslan Baidan Date: Fri, 1 Dec 2023 08:33:49 +0100 Subject: [PATCH 8/8] Added a bit more info and updated vhost env to prod. --- INSTALL/INSTALL.ubuntu2204.md | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/INSTALL/INSTALL.ubuntu2204.md b/INSTALL/INSTALL.ubuntu2204.md index bc75a37..fbc0fc6 100644 --- a/INSTALL/INSTALL.ubuntu2204.md +++ b/INSTALL/INSTALL.ubuntu2204.md @@ -69,7 +69,7 @@ With this configuration: Header always set X-Frame-Options SAMEORIGIN - SetEnv APP_ENV "development" + SetEnv APP_ENV "production" ``` @@ -93,7 +93,7 @@ upload_max_filesize = 200M post_max_size = 50M max_execution_time = 100 max_input_time = 223 -memory_limit = 512M +memory_limit = 2048M error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT & ~E_NOTICE & ~E_WARNING ``` @@ -143,7 +143,7 @@ Start MariaDB as root: sudo mysql ``` -Create a new user for MONARC: +Create a new user for MONARC (please use more secured password): ```sql CREATE USER 'monarc'@'%' IDENTIFIED BY 'password'; @@ -180,7 +180,7 @@ Create the configuration file: sudo cp ./config/autoload/local.php.dist ./config/autoload/local.php ``` -And configure the database connection: +And configure the database connection (use the secured password set on the DB user creation step): ```php return [ @@ -235,5 +235,8 @@ The architecture, installation instructions and GitHub project can be found here - https://www.monarc.lu/documentation/stats-service/master/installation.html - https://github.com/monarc-project/stats-service +The Virtual Machine installation script could be used to detail more steps in case of additional configuration necessity: +https://github.com/monarc-project/monarc-packer/blob/ubuntu-22.04/scripts/bootstrap.sh + The communication of access to the StatsService is performed on each instance of FrontOffice (clients).