243 lines
6.4 KiB
Markdown
243 lines
6.4 KiB
Markdown
Installation on Ubuntu 22.04
|
|
============================
|
|
|
|
# 1. Install LAMP & dependencies
|
|
|
|
## 1.1. Install system dependencies
|
|
|
|
```bash
|
|
sudo apt-get install zip unzip git gettext curl jq
|
|
```
|
|
|
|
Some might already be installed.
|
|
|
|
## 1.2. Install MariaDB
|
|
|
|
```bash
|
|
sudo apt-get install mariadb-client mariadb-server
|
|
```
|
|
|
|
### Secure the MariaDB installation
|
|
|
|
```bash
|
|
sudo mysql_secure_installation
|
|
```
|
|
|
|
Especially by setting a strong root password.
|
|
|
|
## 1.3. Install Apache2
|
|
|
|
```bash
|
|
sudo apt-get install apache2
|
|
```
|
|
|
|
### Enable modules, settings, and default of SSL in Apache
|
|
|
|
```bash
|
|
sudo a2dismod status
|
|
sudo a2enmod ssl
|
|
sudo a2enmod rewrite
|
|
sudo a2enmod headers
|
|
```
|
|
|
|
### Apache Virtual Host
|
|
|
|
Modify default Apache virtual host:
|
|
|
|
```bash
|
|
sudo vi /etc/apache2/sites-enabled/000-default.conf
|
|
```
|
|
|
|
With this configuration:
|
|
|
|
```conf
|
|
<VirtualHost _default_:80>
|
|
ServerAdmin admin@localhost.lu
|
|
ServerName monarc.local
|
|
DocumentRoot /var/lib/monarc/fo/public
|
|
|
|
<Directory /var/lib/monarc/fo/public>
|
|
DirectoryIndex index.php
|
|
AllowOverride All
|
|
Require all granted
|
|
</Directory>
|
|
|
|
<IfModule mod_headers.c>
|
|
Header always set X-Content-Type-Options nosniff
|
|
Header always set X-XSS-Protection "1; mode=block"
|
|
Header always set X-Robots-Tag none
|
|
Header always set X-Frame-Options SAMEORIGIN
|
|
</IfModule>
|
|
|
|
SetEnv APP_ENV "production"
|
|
</VirtualHost>
|
|
```
|
|
|
|
## 1.4. Install PHP and dependencies (It's recommended to install php8 or php8.1 and all the modules of the version)
|
|
|
|
```bash
|
|
sudo apt-get install -y php8.1 php8.1-cli php8.1-common hp8.1-mysql php8.1-zip php8.1-gd php8.1-mbstring php8.1-curl php8.1-xml php8.1-bcmath php8.1-intl php8.1-imagic
|
|
```
|
|
|
|
## 1.5 Apply PHP configuration settings in your php.ini
|
|
|
|
Edit php.ini file
|
|
|
|
```bash
|
|
sudo vi /etc/php/8.1/apache2/php.ini
|
|
```
|
|
Change these keys:
|
|
|
|
```php
|
|
upload_max_filesize = 200M
|
|
post_max_size = 50M
|
|
max_execution_time = 100
|
|
max_input_time = 223
|
|
memory_limit = 2048M
|
|
error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT & ~E_NOTICE & ~E_WARNING
|
|
```
|
|
|
|
## 1.6 Apply all changes
|
|
|
|
```bash
|
|
sudo systemctl restart apache2.service
|
|
```
|
|
|
|
# 2. Installation of MONARC
|
|
|
|
```bash
|
|
PATH_TO_MONARC='/var/lib/monarc/fo'
|
|
PATH_TO_MONARC_DATA='/var/lib/monarc/fo-data'
|
|
MONARC_VERSION=$(curl --silent -H 'Content-Type: application/json' https://api.github.com/repos/monarc-project/MonarcAppFO/releases/latest | jq -r '.tag_name')
|
|
MONARCFO_RELEASE_URL="https://github.com/monarc-project/MonarcAppFO/releases/download/$MONARC_VERSION/MonarcAppFO-$MONARC_VERSION.tar.gz"
|
|
|
|
mkdir -p /var/lib/monarc/releases/
|
|
# Download release
|
|
curl -sL $MONARCFO_RELEASE_URL -o /var/lib/monarc/releases/`basename $MONARCFO_RELEASE_URL`
|
|
# Create release directory
|
|
mkdir /var/lib/monarc/releases/`basename $MONARCFO_RELEASE_URL | sed 's/.tar.gz//'`
|
|
# Unarchive release
|
|
tar -xzf /var/lib/monarc/releases/`basename $MONARCFO_RELEASE_URL` -C /var/lib/monarc/releases/`basename $MONARCFO_RELEASE_URL | sed 's/.tar.gz//'`
|
|
# Create release symlink
|
|
ln -s /var/lib/monarc/releases/`basename $MONARCFO_RELEASE_URL | sed 's/.tar.gz//'` $PATH_TO_MONARC
|
|
# Create data and caches directories
|
|
mkdir -p $PATH_TO_MONARC_DATA/cache $PATH_TO_MONARC_DATA/DoctrineORMModule/Proxy $PATH_TO_MONARC_DATA/LazyServices/Proxy $PATH_TO_MONARC_DATA/import/files
|
|
# Create data directory symlink
|
|
ln -s $PATH_TO_MONARC_DATA $PATH_TO_MONARC/data
|
|
```
|
|
|
|
## 2.1 Change owner
|
|
|
|
```bash
|
|
sudo chown -R www-data:www-data /var/lib/monarc
|
|
```
|
|
|
|
|
|
## 2.2. Databases
|
|
|
|
### Create a MariaDB user for MONARC
|
|
|
|
Start MariaDB as root:
|
|
|
|
```bash
|
|
sudo mysql
|
|
```
|
|
|
|
Create a new user for MONARC (please use more secured password):
|
|
|
|
```sql
|
|
CREATE USER 'monarc'@'%' IDENTIFIED BY 'password';
|
|
GRANT ALL PRIVILEGES ON * . * TO 'monarc'@'%';
|
|
FLUSH PRIVILEGES;
|
|
```
|
|
|
|
### Create 2 databases
|
|
|
|
In your MariaDB interpreter:
|
|
|
|
```sql
|
|
CREATE DATABASE monarc_cli DEFAULT CHARACTER SET utf8 DEFAULT COLLATE utf8_general_ci;
|
|
CREATE DATABASE monarc_common DEFAULT CHARACTER SET utf8 DEFAULT COLLATE utf8_general_ci;
|
|
```
|
|
|
|
* monarc_common contains models and data created by CASES;
|
|
* monarc_cli contains all client risk analyses. Each analysis is based on CASES
|
|
model of monarc_common.
|
|
|
|
### Initializes the database
|
|
|
|
```bash
|
|
cd /var/lib/monarc/releases/MonarcAppFO-$MONARC_VERSION
|
|
mysql -u monarc -ppassword monarc_common < db-bootstrap/monarc_structure.sql
|
|
mysql -u monarc -ppassword monarc_common < db-bootstrap/monarc_data.sql
|
|
```
|
|
|
|
### Database connection
|
|
|
|
Create the configuration file:
|
|
|
|
```bash
|
|
sudo cp ./config/autoload/local.php.dist ./config/autoload/local.php
|
|
```
|
|
|
|
And configure the database connection (use the secured password set on the DB user creation step):
|
|
|
|
```php
|
|
return [
|
|
'doctrine' => [
|
|
'connection' => [
|
|
'orm_default' => [
|
|
'params' => [
|
|
'host' => 'localhost',
|
|
'user' => 'monarc',
|
|
'password' => 'password',
|
|
'dbname' => 'monarc_common',
|
|
],
|
|
],
|
|
'orm_cli' => [
|
|
'params' => [
|
|
'host' => 'localhost',
|
|
'user' => 'monarc',
|
|
'password' => 'password',
|
|
'dbname' => 'monarc_cli',
|
|
],
|
|
],
|
|
],
|
|
],
|
|
];
|
|
```
|
|
|
|
# 3. Migrating MONARC DB
|
|
|
|
```bash
|
|
php ./vendor/robmorgan/phinx/bin/phinx migrate -c module/Monarc/FrontOffice/migrations/phinx.php
|
|
php ./vendor/robmorgan/phinx/bin/phinx migrate -c module/Monarc/Core/migrations/phinx.php
|
|
```
|
|
|
|
|
|
# 4. Create initial user
|
|
|
|
```bash
|
|
php ./vendor/robmorgan/phinx/bin/phinx seed:run -c ./module/Monarc/FrontOffice/migrations/phinx.php
|
|
```
|
|
|
|
The username is *admin@admin.localhost* and the password is *admin*.
|
|
|
|
|
|
# 5. Statistics for Global Dashboard
|
|
|
|
If you would like to use the global dashboard stats feature, you need to
|
|
configure a Stats Service instance on your server.
|
|
|
|
The architecture, installation instructions and GitHub project can be found here:
|
|
|
|
- https://www.monarc.lu/documentation/stats-service/master/architecture.html
|
|
- https://www.monarc.lu/documentation/stats-service/master/installation.html
|
|
- https://github.com/monarc-project/stats-service
|
|
|
|
The Virtual Machine installation script could be used to detail more steps in case of additional configuration necessity:
|
|
https://github.com/monarc-project/monarc-packer/blob/ubuntu-22.04/scripts/bootstrap.sh
|
|
|
|
The communication of access to the StatsService is performed on each instance of
|
|
FrontOffice (clients).
|