Alfresco
Iz Ganglij Wiki
Nameščanje Alfresco
Pomagal sem si z navodili iz:
http://www.turnkeylinux.org/forum/general/20100730/tklpatch-alfresco-33g-community-edition
http://www.howtoforge.com/how-to-install-alfresco-community-3.3-on-ubuntu-server-10.04-lucid-lynx
Predpriprave
- Odkomentiramo Partner repository v datoteki
sudo nano /etc/apt/sources.list
Tole:
## Uncomment the following two lines to add software from Canonical's ## 'partner' repository. ## This software is not part of Ubuntu, but is offered by Canonical and the ## respective vendors as a service to Ubuntu users. # deb http://archive.canonical.com/ubuntu lucid partner # deb-src http://archive.canonical.com/ubuntu lucid partner
Spremenimo v:
## Uncomment the following two lines to add software from Canonical's ## 'partner' repository. ## This software is not part of Ubuntu, but is offered by Canonical and the ## respective vendors as a service to Ubuntu users. deb http://archive.canonical.com/ubuntu lucid partner deb-src http://archive.canonical.com/ubuntu lucid partner
- Namestimo potrebne pakete:
apt-get install tomcat6 mysql-server libmysql-java openoffice.org-core openoffice.org-java-common imagemagick swftools postfix openoffice.org-impress openoffice.org-calc openoffice.org-writer jodconverter
- Samo osnove:
apt-get install tomcat6 mysql-server libmysql-java
Java
- Namestiti moramo javo. Uporabimo lahko odprtokodno različico ali pa prilagojeno "Oracle" verzijo (prej sun).
- Potrebujemo le eno od njiju. Sam bom izbral odprtokodno različico.
Oracle Java
- Namestimo javo:
sudo apt-get install sun-java6-jdk
- Uredimo okolje:
- Referenca: http://wiki.alfresco.com/wiki/JVM_Tuning#JVM_Settings
- Nastaviti moramo potrebe po spominu JVM-ja. V virtualni mašini imam 2048MB rama.
echo 'JAVA_HOME="/usr/lib/jvm/java-6-sun/"' >> /etc/environment
source /etc/environment
echo 'JAVA_OPTS="${JAVA_OPTS} -server -Xms1024m -Xmx1024m"' >> /etc/default/tomcat6
echo 'JAVA_OPTS="${JAVA_OPTS} -XX:MaxPermSize=256M"' >> /etc/default/tomcat6
- Trenutna različica:
max@ganglij:~$ java -version java version "1.6.0_26" Java(TM) SE Runtime Environment (build 1.6.0_26-b03) Java HotSpot(TM) 64-Bit Server VM (build 20.1-b02, mixed mode)
Open Java
- Namestimo javo:
sudo apt-get install openjdk-6-jdk
- Uredimo okolje:
- Referenca: http://wiki.alfresco.com/wiki/JVM_Tuning#JVM_Settings
- Nastaviti moramo potrebe po spominu JVM-ja. V virtualni mašini imam 2048MB rama.
echo 'JAVA_HOME="/usr/lib/jvm/java-6-openjdk/"' >> /etc/environment
source /etc/environment
echo 'JAVA_OPTS="${JAVA_OPTS} -server -Xms1024m -Xmx1024m"' >> /etc/default/tomcat6
echo 'JAVA_OPTS="${JAVA_OPTS} -XX:MaxPermSize=256M"' >> /etc/default/tomcat6
- Trenutna različica:
max@ganglij:~$ java -version java version "1.6.0_20" OpenJDK Runtime Environment (IcedTea6 1.9.10) (6b20-1.9.10-0ubuntu1~10.04.2) OpenJDK 64-Bit Server VM (build 19.0-b09, mixed mode)
Hostname
- Nastavimo Hostname računalnika (v tem primeru na "ganglij.net"):
sudo echo "ganglij.net" > /etc/hostname
- Še urejanje datoteke /etc/hosts:
sudo nano /etc/hosts
- Datoteka naj izgleda tako:
127.0.0.1 localhost.localdomain localhost 212.235.239.199 ganglij.net ganglij # The following lines are desirable for IPv6 capable hosts ::1 localhost ip6-localhost ip6-loopback fe00::0 ip6-localnet ff00::0 ip6-mcastprefix ff02::1 ip6-allnodes ff02::2 ip6-allrouters
Prenesemo Alfresco
- Prenesemo in namestimo Alfresco 3.4d WAR datoteke:
mkdir -p /opt/alfresco && cd /opt/alfresco wget -O alfresco-community-3.4.d.zip http://dl.alfresco.com/release/community/build-3370/alfresco-community-3.4.d.zip sudo apt-get install unzip unzip -x alfresco-community-3.4.d.zip rm alfresco-community-3.4.d.zip
- Seznam datotek in map (za referenco):
./README.txt ./licenses ./licenses/3rd-party ./licenses/3rd-party/mysql.txt ./licenses/3rd-party/freetype.txt ./licenses/3rd-party/zlib.txt ./licenses/3rd-party/tomcat.txt ./licenses/3rd-party/bouncycastle-license.txt ./licenses/3rd-party/ImageMagick-license.txt ./licenses/3rd-party/opensaml-license.txt ./licenses/3rd-party/libiconv.txt ./licenses/3rd-party/java.txt ./licenses/3rd-party/libpng.txt ./licenses/3rd-party/lgpl.txt ./licenses/3rd-party/openoffice.txt ./licenses/3rd-party/jpegsrc.txt ./licenses/notice.txt ./licenses/license.txt ./bin ./bin/alfresco-bm.jar ./bin/apply_amps.sh ./bin/clean_tomcat.bat ./bin/apply_amps.bat ./bin/Win32Utilsx64.dll ./bin/Win32NetBIOS.dll ./bin/Win32Utils.dll ./bin/alfresco-mmt.jar ./bin/Win32NetBIOSx64.dll ./bin/clean_tomcat.sh ./web-server ./web-server/shared ./web-server/shared/classes ./web-server/shared/classes/alfresco-global.properties.sample ./web-server/shared/classes/alfresco ./web-server/shared/classes/alfresco/messages ./web-server/shared/classes/alfresco/web-extension ./web-server/shared/classes/alfresco/web-extension/custom-slingshot-application-context.xml.sample ./web-server/shared/classes/alfresco/web-extension/share-config-custom.xml.sample ./web-server/shared/classes/alfresco/extension ./web-server/shared/classes/alfresco/extension/bootstrap ./web-server/shared/classes/alfresco/extension/bootstrap/split-person-cleanup-context.xml.sample ./web-server/shared/classes/alfresco/extension/lifecycle_processdefinition.xml.sample ./web-server/shared/classes/alfresco/extension/use-old-dm-alcs-context.xml.sample ./web-server/shared/classes/alfresco/extension/bm-remote-loader-context.xml.sample ./web-server/shared/classes/alfresco/extension/mt ./web-server/shared/classes/alfresco/extension/mt/mt-admin-context.xml.sample ./web-server/shared/classes/alfresco/extension/mt/mt-contentstore-context.xml.sample ./web-server/shared/classes/alfresco/extension/mt/mt-context.xml.sample ./web-server/shared/classes/alfresco/extension/content-expiration-debug-context.xml.sample ./web-server/shared/classes/alfresco/extension/custom-metadata-extrators-context.xml.sample ./web-server/shared/classes/alfresco/extension/remote-openoffice-context.xml.sample ./web-server/shared/classes/alfresco/extension/asynchronous-avm-indexing-context.xml.sample ./web-server/shared/classes/alfresco/extension/web-client-config-custom.xml.sample ./web-server/shared/classes/alfresco/extension/web-studio-preview-context.xml.sample ./web-server/shared/classes/alfresco/extension/wcm-xml-metadata-extracter-context.xml.sample ./web-server/shared/classes/alfresco/extension/custom-model-context.xml.sample ./web-server/shared/classes/alfresco/extension/web-client-config-custom.xml.unicode.sample ./web-server/shared/classes/alfresco/extension/index-tracking-context.xml.sample ./web-server/shared/classes/alfresco/extension/exampleModel.xml.sample ./web-server/shared/classes/alfresco/extension/mimetypes-extension.xml.sample ./web-server/shared/classes/alfresco/extension/lifecycleModel.xml.sample ./web-server/shared/classes/alfresco/extension/video-transformation-context.xml.sample ./web-server/shared/classes/alfresco/extension/disabled-avm-indexing-context.xml.sample ./web-server/shared/classes/alfresco/extension/lifecycle-workflow-context.xml.sample ./web-server/shared/classes/alfresco/extension/language-specific-index-and-search-context.xml.sample ./web-server/shared/classes/alfresco/extension/file-servers-custom.xml.sample ./web-server/shared/classes/alfresco/extension/mimetype-map-extension-context.xml.sample ./web-server/shared/classes/alfresco/extension/benchmark-override-context.xml.sample ./web-server/shared/classes/alfresco/extension/lifecycle-messages.properties.sample ./web-server/shared/classes/alfresco/extension/video-thumbnail-context.xml.sample ./web-server/shared/classes/alfresco/extension/web-scripts-config-custom.xml.sample ./web-server/shared/classes/alfresco/extension/unsecured-public-services-security-context.xml.sample ./web-server/shared/classes/alfresco/extension/scheduled-action-services-context.xml.sample ./web-server/shared/classes/alfresco/extension/network-protocol-context.xml.sample ./web-server/shared/classes/alfresco/extension/audit ./web-server/shared/classes/alfresco/extension/audit/alfresco-audit-example-extractors.xml.sample ./web-server/shared/classes/alfresco/extension/audit/alfresco-audit-example-login.xml.sample ./web-server/shared/classes/alfresco/extension/replicating-content-services-context.xml.sample ./web-server/shared/classes/alfresco/extension/deployment-attempt-cleaner-context.xml.sample ./web-server/shared/classes/alfresco/extension/example-model-context.xml.sample ./web-server/shared/classes/alfresco/extension/customModel.xml.sample ./web-server/shared/classes/alfresco/extension/ehcache-custom.xml.sample.cluster ./web-server/shared/classes/alfresco/extension/file-servers-custom.xml.sample2 ./web-server/conf ./web-server/conf/catalina.properties ./web-server/conf/context.xml ./web-server/conf/server.xml ./web-server/lib ./web-server/lib/mysql-connector-java-5.1.13-bin.jar ./web-server/webapps ./web-server/webapps/share.war ./web-server/webapps/alfresco.war
Baza podatkov
- Nastavimo da bo mysql imel privzeto utf-8 kodiranje znakov:
sudo nano /etc/mysql/my.cnf
Najdemo oddelek, ki izgleda takole:
[mysqld] # # * Basic Settings # # # * IMPORTANT # If you make changes to these settings and your system uses apparmor, you may # also need to also adjust /etc/apparmor.d/usr.sbin.mysqld. # user = mysql socket = /var/run/mysqld/mysqld.sock port = 3306 basedir = /usr datadir = /var/lib/mysql tmpdir = /tmp skip-external-locking
in ga spremenimo v
[mysqld] # # * Basic Settings # # # * IMPORTANT # If you make changes to these settings and your system uses apparmor, you may # also need to also adjust /etc/apparmor.d/usr.sbin.mysqld. # default-character-set = utf8 user = mysql socket = /var/run/mysqld/mysqld.sock port = 3306 basedir = /usr datadir = /var/lib/mysql tmpdir = /tmp skip-external-locking
Briši staro bazo
- Vsebina datoteke db_remove.sql, ki jo potrebujemo za izbris Alfresco baze:
sudo nano /tmp/db_remove.sql
drop database alfresco; revoke all privileges, grant option from 'alfresco'@'localhost'; drop user 'alfresco'@'localhost';
- Ukaz:
sudo service mysql start sudo mysql -u root -p < /tmp/db_remove.sql
Ustvarimo bazo podatkov
- Vsebina datoteke db_setup.sql, ki jo potrebujemo za ustvarjanje Alfresco baze:
sudo nano /tmp/db_setup.sql
create database alfresco default character set utf8 collate utf8_bin; grant all on alfresco.* to 'alfresco'@'localhost' identified by 'alfresco' with grant option; grant all on alfresco.* to 'alfresco'@'localhost.localdomain' identified by 'alfresco' with grant option;
sudo service mysql start sudo mysql -u root -p < /tmp/db_setup.sql
Alfresco mape in povezave
- Ustavimo mapo za Alfresco repository:
sudo mkdir -p /srv/alfresco/alf_data sudo chown -R tomcat6:tomcat6 /srv/alfresco
- Naredimo povezave Alfresco datotek do Tomcat strežnika:
sudo ln -s /opt/alfresco/web-server/webapps/alfresco.war /var/lib/tomcat6/webapps/ sudo ln -s /opt/alfresco/web-server/webapps/share.war /var/lib/tomcat6/webapps/ sudo mkdir -p /var/lib/tomcat6/lib/ sudo ln -s /opt/alfresco/web-server/lib/mysql-connector-java-5.1.13-bin.jar /var/lib/tomcat6/lib/ sudo cp /opt/alfresco/web-server/shared/classes/alfresco-global.properties.sample /var/lib/tomcat6/shared/classes/alfresco-global.properties sudo chown -R tomcat6:tomcat6 /var/lib/tomcat6 /srv/alfresco
Datoteke za Catalina strežnik
sudo cp /opt/alfresco/web-server/conf/catalina.properties /var/lib/tomcat6/conf/ sudo cp /opt/alfresco/web-server/conf/context.xml /var/lib/tomcat6/conf/ sudo cp /opt/alfresco/web-server/conf/server.xml /var/lib/tomcat6/conf/ sudo chown -R tomcat6:tomcat6 /var/lib/tomcat6
Uredimo privzeto konfiguracijsko datoteko
sudo nano /var/lib/tomcat6/shared/classes/alfresco-global.properties
- Nastavimo mapo v katero se bodo shranjevali podatki:
############################### ## Common Alfresco Properties # ############################### # # Sample custom content and index data location # dir.root=/srv/alfresco/alf_data
- Nastavimo uporabnika, geslo in bazo do katere se bo Alfresco povezoval:
# # Sample database connection properties # db.name=alfresco db.username=alfresco db.password=alfresco db.host=localhost db.port=3306
- Prepričamo se, da so povezave do pomožnih programov pravilno nastavljene:
# # External locations #------------- ooo.exe=/usr/bin/soffice ooo.enabled=true jodconverter.officeHome=/usr/lib/openoffice jodconverter.portNumbers=8101 jodconverter.enabled=true img.root=/usr swf.exe=/usr/bin/pdf2swf
- Naslednji del mora biti omogočen le ob nadgradnjah:
# # Property to control whether schema updates are performed automatically. # Updates must be enabled during upgrades as, apart from the static upgrade scripts, # there are also auto-generated update scripts that will need to be executed. After # upgrading to a new version, this can be disabled. # #db.schema.update=true
- Nastavimo povezavo do baze:
# # MySQL connection # db.driver=org.gjt.mm.mysql.Driver db.url=jdbc:mysql://localhost/alfresco?useUnicode=yes&characterEncoding=UTF-8
- Naslednji del pustimo pri miru:
#
# Oracle connection
#
#db.driver=oracle.jdbc.OracleDriver
#db.url=jdbc:oracle:thin:@localhost:1521:alfresco
#
# SQLServer connection
# Requires jTDS driver version 1.2.5 and SNAPSHOT isolation mode
# Enable TCP protocol on fixed port 1433
# Prepare the database with:
# ALTER DATABASE alfresco SET ALLOW_SNAPSHOT_ISOLATION ON;
#
#db.driver=net.sourceforge.jtds.jdbc.Driver
#db.url=jdbc:jtds:sqlserver://localhost:1433/alfresco
#db.txn.isolation=4096
#
# PostgreSQL connection (requires postgresql-8.2-504.jdbc3.jar or equivalent)
#
#db.driver=org.postgresql.Driver
#db.url=jdbc:postgresql://localhost:5432/alfresco
#
# Index Recovery Mode
#-------------
#index.recovery.mode=AUTO
#
# Outbound Email Configuration
#-------------
#mail.host=
#mail.port=25
#mail.username=anonymous
#mail.password=
#mail.encoding=UTF-8
#mail.from.default=alfresco@alfresco.org
#mail.smtp.auth=false
#
# Alfresco Email Service and Email Server
#-------------
# Enable/Disable the inbound email service. The service could be used by processes other than
# the Email Server (e.g. direct RMI access) so this flag is independent of the Email Service.
#-------------
#email.inbound.enabled=true
# Email Server properties
#-------------
#email.server.enabled=true
#email.server.port=25
#email.server.domain=alfresco.com
#email.inbound.unknownUser=anonymous
# A comma separated list of email REGEX patterns of allowed senders.
# If there are any values in the list then all sender email addresses
# must match. For example:
# .*\@alfresco\.com, .*\@alfresco\.org
# Allow anyone:
#-------------
#email.server.allowed.senders=.*
#
# The default authentication chain
# To configure external authentication subsystems see:
# http://wiki.alfresco.com/wiki/Alfresco_Authentication_Subsystems
#-------------
#authentication.chain=alfrescoNtlm1:alfrescoNtlm
#
# URL Generation Parameters (The ${localname} token is replaced by the local server name)
#-------------
#alfresco.context=alfresco
#alfresco.host=${localname}
#alfresco.port=8080
#alfresco.protocol=http
#share.context=share
#share.host=${localname}
#share.port=8080
#share.protocol=http
#imap.server.enabled=true
#imap.server.port=143
#imap.server.host=localhost
# The RMI registry host and port is defined in the alfresco-shared.properties file
#
# To make your RMI services available from other machines you will need to change
# alfresco.rmi.services.host from "localhost".
# alfresco.rmi.services.port=50500
# alfresco.rmi.services.host=localhost
#
# RMI service ports for the individual services.
# These seven services are available remotely.
#
# Assign individual ports for each service for best performance
# or run several services on the same port. You can even run everything on 50500 if needed.
#
# Select 0 to use a random unused port.
#
#avm.rmi.service.port=50501
#avmsync.rmi.service.port=50502
#attribute.rmi.service.port=50503
#authentication.rmi.service.port=50504
#repo.rmi.service.port=50505
#action.rmi.service.port=50506
#wcm-deployment-receiver.rmi.service.port=50507
#monitor.rmi.service.port=50508
- Dodatek za na konec (omogoči cifs in ftp):
cifs.enabled=true cifs.serverName=ganglij.net cifs.ipv6.enabled=false cifs.tcpipSMB.port=1445 cifs.netBIOSSMB.namePort=1137 cifs.netBIOSSMB.datagramPort=1138 cifs.netBIOSSMB.sessionPort=1139 cifs.broadcast=255.255.255.255 ftp.enabled=true ftp.port=2121
- Datoteko shranimo s ctrl+o in zapremo program nano s ctrl+x.
Preuredimo logiranje napak
sudo mkdir -p /var/lib/tomcat6/shared/classes/alfresco/extension/ sudo nano /var/lib/tomcat6/shared/classes/alfresco/extension/custom-log4j.properties
log4j.rootLogger=error, File
log4j.appender.File=org.apache.log4j.DailyRollingFileAppender
log4j.appender.File.File=/var/log/tomcat6/alfresco.log
log4j.appender.File.Append=true
log4j.appender.File.DatePattern='.'yyyy-MM-dd
log4j.appender.File.layout=org.apache.log4j.PatternLayout
log4j.appender.File.layout.ConversionPattern=%d{ABSOLUTE} %-5p [%c] %m%n
- Če želimo dodati logiranje za javascript dopišemo:
log4j.logger.org.alfresco.repo.jscript=debug
- Logiranje za fileserver:
log4j.logger.org.alfresco.fileserver=debug
- Logiranje za mail server:
log4j.logger.org.subethamail=debug
Uredimo preusmeritve
- Ker zaganjamo strežnik (tomcat) kot nepriviligiranega uporabnika, nima dostopa do nizkih vrat. To zagato rešimo tako, da podatke pošiljamo preko vrat z višjo številko (recimo 8080 namesto 80) in jih nato preusmerimo na nižjo s pomočjo iptables.
modprobe iptable_nat iptables -F iptables -t nat -F iptables -P INPUT ACCEPT iptables -P FORWARD ACCEPT iptables -P OUTPUT ACCEPT iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8080 iptables -t nat -A PREROUTING -p tcp --dport 443 -j REDIRECT --to-port 8443 iptables -t nat -A PREROUTING -p tcp --dport 445 -j REDIRECT --to-ports 1445 iptables -t nat -A PREROUTING -p tcp --dport 139 -j REDIRECT --to-ports 1139 iptables -t nat -A PREROUTING -p udp --dport 137 -j REDIRECT --to-ports 1137 iptables -t nat -A PREROUTING -p udp --dport 138 -j REDIRECT --to-ports 1138 iptables -t nat -A PREROUTING -p tcp --dport 21 -j REDIRECT --to-ports 2121 iptables-save > /etc/iptables.rules
sudo nano /etc/network/if-pre-up.d/iptablesload
#!/bin/sh iptables-restore < /etc/iptables.rules exit 0
sudo chmod +x /etc/network/if-pre-up.d/iptablesload
Mail inbound strežnik
Rad bi, da lahko uporabniki pošiljajo datoteke direktno preko emaila. Uredim datoteko:
sudo nano /var/lib/tomcat6/shared/classes/alfresco-global.properties
V njej spremenim:
# # Alfresco Email Service and Email Server #------------- # Enable/Disable the inbound email service. The service could be used by processes other than # the Email Server (e.g. direct RMI access) so this flag is independent of the Email Service. #------------- #email.inbound.enabled=true # Email Server properties #------------- #email.server.enabled=true #email.server.port=25 #email.server.domain=alfresco.com #email.inbound.unknownUser=anonymous # A comma separated list of email REGEX patterns of allowed senders. # If there are any values in the list then all sender email addresses # must match. For example: # .*\@alfresco\.com, .*\@alfresco\.org # Allow anyone: #------------- #email.server.allowed.senders=.*
na
# # Alfresco Email Service and Email Server #------------- # Enable/Disable the inbound email service. The service could be used by processes other than # the Email Server (e.g. direct RMI access) so this flag is independent of the Email Service. #------------- email.inbound.enabled=true # Email Server properties #------------- email.server.enabled=true email.server.port=2525 email.server.domain=ganglij.net email.inbound.unknownUser=gost # A comma separated list of email REGEX patterns of allowed senders. # If there are any values in the list then all sender email addresses # must match. For example: # .*\@alfresco\.com, .*\@alfresco\.org # Allow anyone: #------------- #email.server.allowed.senders=.*
- Poleg tega poskrbim za preusmeritve porta 2525 na port 25 (TCP only):
iptables -t nat -A PREROUTING -p tcp --dport 25 -j REDIRECT --to-port 2525 iptables-save > /etc/iptables.rules
- Alfresco želi komunicirati preko varnega protokola, zaradi tega moramo urediti, da java prepozna certifikat:
- Ustvari certifikat (ta je self-signed, možno je dobiti tudi uradnega: Brezplačen certifikat): (Keystore in keypass naj bosta v tem primeru ganglijadmin)
sudo keytool -genkey -alias http://ganglij.net -keystore /var/lib/tomcat6/webapps/ganglij.bin -dname "cn=ganglij.net, o=ganglij.net" -keyalg RSA -validity 3650
- Nato odpremo datoteko tomcat6:
sudo nano /etc/default/tomcat6
- Na konec dodamo:
JAVA_OPTS="${JAVA_OPTS} -Djavax.net.ssl.keyStore=/var/lib/tomcat6/webapps/ganglij.bin -Djavax.net.ssl.keyStorePassword=ganglijadmin"
- V DNS zapise dodamo MX zapis za naš strežnik:
ganglij.net MX(1) ganglij.net
- Da lahko "neznanci" pošiljajo pošto v določen directory, mora biti uporabnik, ki je naveden pod email.inbound.unknownUser=gost dodan tudi v skupino EMAIL_CONTRIBUTORS. Poleg tega mora biti še Contributor za mapo v katero želimo, da lahko vsi pošiljajo.
- Privzeto lahko datoteke/sporočila pošiljamo v določeno mapo, le če poznamo njen Object DBID. Prikažemo si ga lahko s pomočjo teh navodil. Tak email ima obliko 2404@ganglij.net
- Za vsakdanjo rabo, nam je bolj pri srcu ne-številčni email. Tega lahko določi administrator. Mapi mora dodati Aspect Email alias. Nato lahko preko Alfresco vmesnika ročno spremenimo vnos. Le-ta je občutljiv na velike/male črke in tako Ena@ganglij.net ni enako ena@ganglij.net
Dodamo prikaz Object DBID za potrebe pošte
sudo mkdir -p /var/lib/tomcat6/common/classes/alfresco/extension sudo nano /var/lib/tomcat6/shared/classes/alfresco/extension/web-client-config-custom.xml
vanj dodamo:
<alfresco-config>
<config evaluator="node-type" condition="content">
<property-sheet>
<show-property name="sys:node-dbid" display-label="Node DBID" />
</property-sheet>
</config>
<config evaluator="node-type" condition="folder">
<property-sheet>
<show-property name="sys:node-dbid" display-label="Node DBID" />
</property-sheet>
</config>
<config evaluator="node-type" condition="fm:forum">
<property-sheet>
<show-property name="sys:node-dbid" display-label="Node DBID" />
</property-sheet>
</config>
<config evaluator="node-type" condition="fm:topic">
<property-sheet>
<show-property name="sys:node-dbid" display-label="Node DBID" />
</property-sheet>
</config>
</alfresco-config>
Problemi?
Če imamo probleme, lahko omogočimo debug način in s tem dobimo več informacij:
sudo mkdir -p /var/lib/tomcat6/shared/classes/alfresco/extension/ sudo nano /var/lib/tomcat6/shared/classes/alfresco/extension/custom-log4j.properties
V datoteko dodamo:
log4j.logger.org.subethamail.smtp.server.ConnectionHandler=debug
Informacije nam bodo na voljo v log datotekah:
cat /var/lib/tomcat6/alfresco.log cat /var/lib/tomcat6/logs/catalina.out
Mail outbound strežnik
- Alfresco za outboud strežnik uporablja tuj strežnik. V tem primeru ga bom pripravil do delovanja s pomočjo google appsov (možno je uporabiti katerikoli gmail naslov).
- Sledil bom temu vodiču: http://wiki.alfresco.com/wiki/Outbound_E-mail_Configuration#SMTPS_Configuration_Example
- Najprej uredimo datoteko z nastavitvami:
sudo nano /var/lib/tomcat6/shared/classes/alfresco-global.properties
- V njej imamo privzeto sekcijo:
# # Outbound Email Configuration #------------- #mail.host= #mail.port=25 #mail.username=anonymous #mail.password= #mail.encoding=UTF-8 #mail.from.default=alfresco@alfresco.org #mail.smtp.auth=false
- Spremenimo jo v (ali pa ta oddelek ignoriramo in na konec dodamo):
# Sample Gmail settings mail.host=smtp.gmail.com mail.port=465 mail.protocol=smtps mail.username=mail@sym.ganglij.net mail.password=password # New Properties mail.smtps.starttls.enable=true mail.smtps.auth=true
- Ker gmail uporablja varno (smtps) povezavo, moramo dodati 2 novi java mail lastnosti:
- Ustvarimo datoteko custom-email-context.xml
sudo nano /var/lib/tomcat6/shared/classes/alfresco/extension/custom-email-context.xml
- Vanjo prilepimo:
<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE beans PUBLIC '-//SPRING//DTD BEAN//EN' 'http://www.springframework.org/dtd/spring-beans.dtd'>
<beans>
<!-- -->
<!-- MAIL SERVICE -->
<!-- -->
<bean id="mailService" class="org.springframework.mail.javamail.JavaMailSenderImpl">
<property name="host">
<value>${mail.host}</value>
</property>
<property name="port">
<value>${mail.port}</value>
</property>
<property name="protocol">
<value>${mail.protocol}</value>
</property>
<property name="username">
<value>${mail.username}</value>
</property>
<property name="password">
<value>${mail.password}</value>
</property>
<property name="defaultEncoding">
<value>${mail.encoding}</value>
</property>
<property name="javaMailProperties">
<props>
<prop key="mail.smtps.auth">${mail.smtps.auth}</prop>
<prop key="mail.smtps.starttls.enable">${mail.smtps.starttls.enable}</prop>
</props>
</property>
</bean>
</beans>
- Tomcat6 damo pravice do datoteke:
sudo chown -R tomcat6:tomcat6 /var/lib/tomcat6
FTP root
- Da spremenimo začetno mapo pri ftp dostopu:
sudo mkdir -p /var/lib/tomcat6/ganglij/alfresco/WEB-INF/classes/alfresco/subsystems/fileServers/default/ sudo cp /var/lib/tomcat6/webapps/alfresco/WEB-INF/classes/alfresco/subsystems/fileServers/default/file-servers-context.xml /var/lib/tomcat6/ganglij/alfresco/WEB-INF/classes/alfresco/subsystems/fileServers/default/file-servers-context.xml
sudo nano /var/lib/tomcat6/ganglij/alfresco/WEB-INF/classes/alfresco/subsystems/fileServers/default/file-servers-context.xml
- Med to:
<!-- FTP authentication -->
<property name="authenticator">
<ref bean="FtpAuthenticator" />
</property>
<!-- FTP server debug settings -->
- Dodamo:
<!-- Change root -->
<property name="rootDirectory">
<value>/Alfresco</value>
</property>
- Na koncu izgleda dela datoteke tako:
<!-- FTP authentication -->
<property name="authenticator">
<ref bean="FtpAuthenticator" />
</property>
<!-- Change root -->
<property name="rootDirectory">
<value>/Alfresco</value>
</property>
<!-- FTP server debug settings -->
- Uveljavimo spremembe:
sudo cp -r /var/lib/tomcat6/ganglij/* /var/lib/tomcat6/webapps/ sudo chown -R tomcat6:tomcat6 /var/lib/tomcat6
FTP preko SSL
- Da si omogočimo varno komuniciranje preko ftp protokola, moramo imeti ustvarjen certifikat.
- Nato odpremo glavno alfresco konfiguracijsko datoteko:
sudo nano /var/lib/tomcat6/shared/classes/alfresco-global.properties
- In na mestu, kjer smo predhodno imeli napisano:
ftp.enabled=true ftp.port=2121
- Dodamo (ftp.keyStore in ftp.trustStore zamenjamo z mestom našega certifikata, ftp.passphrase pa z našim geslom certifikata):
ftp.enabled=true ftp.port=2121 ftp.keyStore=/var/lib/tomcat6/certifikat.bin ftp.trustStore=/var/lib/tomcat6/certifikat.bin ftp.passphrase=geslo_certifikatov ftp.requireSecureSession=false ftp.sslEngineDebug=false
- Možnost ftp.requireSecureSession nam, če je nastavljena na true, omogoča da se morajo uporabniki na ftp strežnik prijavljati preko šifrirane povezave.
Alfresco CIFS ime
Pri mapiranju povezave v Windows, le-ta dobi privzeto ime Alfresco CIFS Server. Da bi to spremenili, uredimo datoteko file-servers-context.xml:
sudo nano /var/lib/tomcat6/ganglij/alfresco/WEB-INF/classes/alfresco/subsystems/fileServers/default/file-servers-context.xml
- in:
<property name="serverComment">
<value>Alfresco CIFS Server</value>
</property>
- zamenjamo z naprimer:
<property name="serverComment">
<value>Ganglij.net</value>
</property>
- Nato moramo urediti še eno datoteko:
sudo mkdir -p /var/lib/tomcat6/ganglij/alfresco/WEB-INF/classes/alfresco/ sudo cp /var/lib/tomcat6/webapps/alfresco/WEB-INF/classes/alfresco/file-servers.xml /var/lib/tomcat6/ganglij/alfresco/WEB-INF/classes/alfresco/file-servers.xml
sudo nano /var/lib/tomcat6/ganglij/alfresco/WEB-INF/classes/alfresco/file-servers.xml
- Originalni vrstici:
<host name="${cifs.localname}A" domain="${cifs.domain}"/>
<comment>Alfresco CIFS Server</comment>
- Zamenjamo z:
<host name="${cifs.localname}A" domain="${cifs.domain}"/>
<comment>Ganglij.net</comment>
- Uveljavimo spremembe:
sudo cp -r /var/lib/tomcat6/ganglij/* /var/lib/tomcat6/webapps/ sudo chown -R tomcat6:tomcat6 /var/lib/tomcat6
Odstrani actions iz SMB
- Da odstranimo dodatne datoteke ('__ShowDetails.exe', '__CheckInOut.exe', '__Alfresco.url')
sudo mkdir -p /var/lib/tomcat6/ganglij/alfresco/WEB-INF/classes/alfresco/subsystems/fileServers/default/ sudo cp /var/lib/tomcat6/webapps/alfresco/WEB-INF/classes/alfresco/subsystems/fileServers/default/file-servers-context.xml /var/lib/tomcat6/ganglij/alfresco/WEB-INF/classes/alfresco/subsystems/fileServers/default/file-servers-context.xml
sudo nano /var/lib/tomcat6/ganglij/alfresco/WEB-INF/classes/alfresco/subsystems/fileServers/default/file-servers-context.xml
- V datoteki zakomentiramo:
<!--
<bean class="org.alfresco.filesys.repo.desk.CheckInOutDesktopAction">
<property name="name">
<value>CheckInOut</value>
</property>
<property name="filename">
<value>__CheckInOut.exe</value>
</property>
</bean>
<bean class="org.alfresco.filesys.repo.desk.JavaScriptDesktopAction">
<property name="name">
<value>JavaScriptURL</value>
</property>
<property name="filename">
<value>__ShowDetails.exe</value>
</property>
<property name="scriptName">
<value>alfresco/desktop/showDetails.js</value>
</property>
<property name="attributeList">
<value>anyFiles</value>
</property>
<property name="preprocess">
<value>copyToTarget</value>
</property>
</bean>
-->
- in še:
<!-- Add a URL file to each folder that links back to the web client -->
<!--
<property name="URLFileName">
<value>__Alfresco.url</value>
</property>
-->
- Uveljavimo spremembe:
sudo cp -r /var/lib/tomcat6/ganglij/* /var/lib/tomcat6/webapps/ sudo chown -R tomcat6:tomcat6 /var/lib/tomcat6
Stabilnost
PDFBOX
- Problem: alfresco se sesuje pri določenih pdf datotekah.
- Rešitev: izbrišemo star pdfbox in fontbox, ter ju nadomestimo z novima:
- Premaknemo stare verzije datotek v temp:
sudo mv /var/lib/tomcat6/webapps/alfresco/WEB-INF/lib/pdfbox-1.2.1.jar /tmp sudo mv /var/lib/tomcat6/webapps/alfresco/WEB-INF/lib/fontbox-1.2.1.jar /tmp
- Prenesemo nove različice (vir: http://pdfbox.apache.org/download.html):
sudo wget http://www.apache.si//pdfbox/1.5.0/pdfbox-1.5.0.jar -O /var/lib/tomcat6/webapps/alfresco/WEB-INF/lib/pdfbox-1.5.0.jar sudo wget http://www.apache.si//pdfbox/1.5.0/fontbox-1.5.0.jar -O /var/lib/tomcat6/webapps/alfresco/WEB-INF/lib/fontbox-1.5.0.jar
- Spremenimo lastnika datotek:
sudo chown -R tomcat6:tomcat6 /var/lib/tomcat6
Imagemagick
- Privzet imagemagick v Lucid je kar star. Za dodati novega:
sudo apt-add-repository ppa:r0lf/stable sudo apt-get update sudo apt-get dist-upgrade
Performance
Referenca: http://wiki.alfresco.com/wiki/ASR_Performance_Optimization
Namestim dodatne MS pisave
sudo apt-get install msttcorefonts sudo fc-cache -fv
Dovolim odprtje večih datotek
Referenca: http://wiki.alfresco.com/wiki/Too_many_open_files
- Stvari opisane v referenci ne delujejo, zato naredimo tole:
sudo nano /etc/init.d/tomcat6
- in na začetku dodamo:
ulimit -Hn 16384 ulimit -Sn 16384
Več povezav na bazo
Omogočim več povezav v mysql:
Začasno
(postopek, ki ga ne uporabljam)
- Odpremo mysql konzolo:
sudo mysql -u root -p
- Pogledamo trenutno število max povezav: (išči max_connections)
show variables like "max_connections";
- Povečam število povezav:
set global max_connections=350;
- Izstopimo iz mysql:
exit
Trajno
- Odprem datoteko
sudo nano /etc/mysql/my.cnf
- Spremenim vrstico:
#max_connections = 100
- na:
max_connections = 350
- Uredimo alfresco config file:
sudo nano /var/lib/tomcat6/shared/classes/alfresco-global.properties
- Dodam
db.pool.initial=10
db.pool.max=350
Več povezav na tomacat
sudo nano /var/lib/tomcat6/conf/server.xml
- Odkomentiram in povečam število povezav:
<!--The connectors can use a shared executor, you can define one or more named thread pools-->
<!--
<Executor name="tomcatThreadPool" namePrefix="catalina-exec-"
maxThreads="150" minSpareThreads="4"/>
-->
- Narejeno:
<Executor name="tomcatThreadPool" namePrefix="catalina-exec-"
maxThreads="300" minSpareThreads="4"/>
- Zakomentiram originalne parametre:
<!--
<Connector port="8080" protocol="HTTP/1.1" URIEncoding="UTF-8"
connectionTimeout="20000"
redirectPort="8443"
server="Apache"/>
-->
- Odkomentiram in dodam možnost večih povezav (acceptCount ter disableUploadTimeout):
<Connector executor="tomcatThreadPool"
port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
acceptCount="200"
disableUploadTimeout="true"
redirectPort="8443" />
- +Dodam več threadov k https protokolu + dodatki, da se lahko prijavi več ljudi:
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="300" scheme="https" secure="true"
acceptCount="200"
disableUploadTimeout="true"
...
Gzipam podatke
- Podatki se pošiljajo stisnjeni
- V oba connectorja dodam:
compression="on"
compressableMimeType="text/html,text/xml,text/css,text/plain,text/javascript,application/javascript,application/x-javascript"
Tomcat6 APR native library
- Namestimo knjižico:
sudo apt-get install libtcnative-1
- Ustvarimo datoteko setenv.sh:
sudo mkdir -p /var/lib/tomcat6/bin/ sudo touch /var/lib/tomcat6/bin/setenv.sh sudo chown -R tomcat6:tomcat6 /var/lib/tomcat6
- Odpremo datoteko:
sudo nano /var/lib/tomcat6/bin/setenv.sh
- in vanjo vpišemo:
export LD_LIBRARY_PATH=/usr/lib:$LD_LIBRARY_PATH
- Urediti moramo še apache connector:
sudo nano /var/lib/tomcat6/conf/server.xml
- in zamenjati:
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
- z:
<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" SSLEnabled="true"
NGinX reverse proxy
- Vir navodil: http://www.neousong.com/2010/09/ubuntu-10-04-lts-alfresco-community-nginx-reverse-proxy-w-ssl/
- Namestimo nginx (http://wiki.nginx.org/Install):
- Najnovejši PPA:
sudo -s nginx=stable # use nginx=development for latest development version add-apt-repository ppa:nginx/$nginx apt-get update apt-get install nginx
- Oz. iz repository-ja:
sudo apt-get install nginx
- Onemogočimo default spletno stran:
sudo rm /etc/nginx/sites-enabled/default
- Naredimo vnos za novo spletno stran:
sudo nano /etc/nginx/sites-available/ganglij.net
- Vsebina vnosa:
server {
server_tokens off;
listen 81;
server_name ganglij.net;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
location / {
proxy_pass http://localhost:8080;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
}
location /alfresco {
proxy_pass http://localhost:8080/alfresco;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
}
location /share {
proxy_pass http://localhost:8080/share;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
}
}
- Omogočimo nov vnos:
sudo ln -s /etc/nginx/sites-available/ganglij.net /etc/nginx/sites-enabled/ganglij.net
- Restartamo nginx strežnik:
sudo /etc/init.d/nginx restart
- In nato je stran dosegljiva preko:
http://ganglij.net:81/share/page/site-index
SSL
Reference:
- http://conshell.net/wiki/index.php/Keytool_to_OpenSSL_Conversion_tips
- http://wiki.zimbra.com/wiki/4.x_Commercial_Certificates_Guide
- Rad bi imel tudi https promet preko nginx. Za to si moram urediti certifikate. Le-ti namreč že delajo na tomcat6, vendar nginx zahteva certifikate v PEM formatu (v sebi imajo -----BEGIN CERTIFICATE----- in -----END CERTIFICATE-----).
- Naredim kopijo delujočega certifikata, da ga ne bi "pokvaril"
cp /pot-do-certifikata/ganglij.bin /tmp/ganglij.bin
- Iz certifikata narejenega v keytool, bi radi dobili ven podatke, ki bodo delovali na nginx-u.
Javni certifikat
- Najprej dobim svoj javni certifikat: (der kodiranje)
keytool -export -alias http://ganglij.net -keystore /tmp/ganglij.bin -file /tmp/exported-der.crt
- Pogledam ga lahko z (če je v redu):
openssl x509 -noout -text -in /tmp/exported-der.crt -inform der
- Sedaj ga pretvorim v PEM format:
openssl x509 -out /tmp/ssl.pem -outform pem -in /tmp/exported-der.crt -inform der
- Naredimo "verigo" javnih certifikatov:
- Iz interneta povlečemo certifikate ponudnika:
cd /tmp wget http://www.startssl.com/certs/ca.pem -O /tmp/ca.pem wget http://www.startssl.com/certs/sub.class1.server.ca.pem -O /tmp/sub.class1.server.ca.pem
- Certifikate stlačimo v 1 datoteko (naš certifikat je ssl.pem)
cat ssl.pem sub.class1.server.ca.pem ca.pem > server.pem
- Premaknemo ga nekam na varno.
Zasebni ključ
- Sedaj želimo exporati svoj zasebni ključ certifikata.
- Prenesemo in zaženemo pripomoček: KeyTool-IUI
- Izberemo Export->Keystore's entry -> Private Key
- Originalni keystore datoteki spremenimo končnico na .jce.
- Pod format za (SOURCE) keystore datoteko določimo JCEKS
- Pod format za izhodni (TARGET) datoteki določimo PEM.
- Tako smo dobili svoj zasebni ključ.
Konfiguracija
- Odpremo predhodno ustvarjeno datoteko:
sudo nano /etc/nginx/sites-available/ganglij.net
- in ji dodamo:
server {
server_tokens off;
listen 444;
server_name ganglij.net;
access_log /var/log/nginx/ssl-access.log;
error_log /var/log/nginx/ssl-error.log;
ssl_certificate /var/lib/tomcat6/certifikati/server_chain.pem;
ssl_certificate_key /var/lib/tomcat6/certifikati/zasebni.pem;
keepalive_timeout 60;
ssl_ciphers HIGH:!ADH:!MD5;
ssl on;
ssl_protocols SSLv3 TLSv1;
location / {
proxy_pass http://localhost:8080;
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
}
location /alfresco {
proxy_pass http://localhost:8080/alfresco;
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
}
location /share {
proxy_pass http://localhost:8080/share;
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
}
}
- Restartamo nginx:
sudo /etc/init.d/nginx restart
- In nato je stran dosegljiva preko:
https://ganglij.net:444/share/page/site-index
Gremo Live
- Če želimo iti live z Nginx forwardingom, moramo najprej odstraniti redirecte v iptables, ki smo jih določili tukaj:
modprobe iptable_nat iptables -F iptables -t nat -F iptables -P INPUT ACCEPT iptables -P FORWARD ACCEPT iptables -P OUTPUT ACCEPT iptables -t nat -A PREROUTING -p tcp --dport 445 -j REDIRECT --to-ports 1445 iptables -t nat -A PREROUTING -p tcp --dport 139 -j REDIRECT --to-ports 1139 iptables -t nat -A PREROUTING -p udp --dport 137 -j REDIRECT --to-ports 1137 iptables -t nat -A PREROUTING -p udp --dport 138 -j REDIRECT --to-ports 1138 iptables -t nat -A PREROUTING -p tcp --dport 21 -j REDIRECT --to-ports 2121 iptables-save > /etc/iptables.rules
- Nato moramo spremeniti "vrata" v datoteki:
sudo nano /etc/nginx/sites-available/ganglij.net
- Iz: 81 na 80
- Iz: 444 na 443
- Izgled končne datoteke:
#preusmeri www.ganglij.net na ganglij.net
server {
server_tokens off;
listen 80;
server_name www.ganglij.net;
rewrite ^ http://ganglij.net$request_uri? permanent;
}
#preusmeri ganglij.net na https://ganglij.net
server {
server_tokens off;
listen 80;
server_name ganglij.net;
rewrite ^ https://ganglij.net$request_uri? permanent;
}
#preusmeri https://www.ganglij.net na https://ganglij.net
server {
server_tokens off;
listen 443;
server_name www.ganglij.net sym.ganglij.net;
ssl on;
ssl_certificate /var/lib/tomcat6/certifikati/server_chain.pem;
ssl_certificate_key /var/lib/tomcat6/certifikati/zasebni.pem;
rewrite ^ https://ganglij.net$request_uri? permanent;
}
#streznik za https://ganglij.net
server {
server_tokens off;
listen 443;
server_name ganglij.net;
access_log /var/log/nginx/ssl-access.log;
error_log /var/log/nginx/ssl-error.log;
ssl_certificate /var/lib/tomcat6/certifikati/server_chain.pem;
ssl_certificate_key /var/lib/tomcat6/certifikati/zasebni.pem;
keepalive_timeout 60;
ssl_ciphers HIGH:!ADH:!MD5;
ssl on;
ssl_protocols SSLv3 TLSv1;
location / {
proxy_pass http://localhost:8080;
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
}
location /alfresco {
proxy_pass http://localhost:8080/alfresco;
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
}
location /share {
proxy_pass http://localhost:8080/share;
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
}
}
- In ponovno zagnati nginx:
sudo /etc/init.d/nginx restart
Odstranitev
Prišel sem do omejitve 1GB pa nekaj za download večjih datotek... ni mi všeč, da je vse skupaj tako glomazno, zato bom odstranil nginx (poleg tega se mi ne zdi, da bistveno prispeva k hitrosti).
- Najprej sem zakomentiral (pred vsako vrstico dodal znak #, tako da "ne velja") datoteko:
sudo nano /etc/nginx/sites-available/ganglij.net
- Nato sem ustavil nginx:
sudo /etc/init.d/nginx stop
- In nastavil firewall nazaj na forwardanje porta 80 na 8080:
Uredimo preusmeritve (na tej strani)
Napredno
HTTPS
Najprej moramo ustvariti certifikat
- Lahko ga ustvarimo na spodnji način, ali pa se potrudimo in si dobimo pravega.
sudo keytool -genkey -keystore /var/lib/tomcat6/webapps/ganglij.bin -keyalg RSA -validity 3650 sudo chown -R tomcat6:tomcat6 /var/lib/tomcat6
Uredimo nastavitve strežnika
sudo nano /var/lib/tomcat6/conf/server.xml
- Najdemo del:
<!-- Define a SSL HTTP/1.1 Connector on port 8443
This connector uses the JSSE configuration, when using APR, the
connector should be using the OpenSSL style configuration
described in the APR documentation -->
<!--
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" />
-->
- in ga spremenimo v:
<!-- Define a SSL HTTP/1.1 Connector on port 8443
This connector uses the JSSE configuration, when using APR, the
connector should be using the OpenSSL style configuration
described in the APR documentation -->
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
keystoreFile="webapps/ganglij.bin"
keystorePass="ganglijadmin" />
Skrijemo verzijo Tomcat strežnika
Ime strežnika v error page
sudo mkdir -p /var/lib/tomcat6/lib/org/apache/catalina/util sudo touch /var/lib/tomcat6/lib/org/apache/catalina/util/ServerInfo.properties sudo chown -R tomcat6:tomcat6 /var/lib/tomcat6
- Uredimo datoteko in vanjo zapišemo:
sudo nano /var/lib/tomcat6/lib/org/apache/catalina/util/ServerInfo.properties
# Licensed to the Apache Software Foundation (ASF) under one or more # contributor license agreements. See the NOTICE file distributed with # this work for additional information regarding copyright ownership. # The ASF licenses this file to You under the Apache License, Version 2.0 # (the "License"); you may not use this file except in compliance with # the License. You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. server.info=Apache server.number=@VERSION_NUMBER@ server.built=@VERSION_BUILT@
Ime strežnika v http requestu
- Privzeto strežnik pošlje še svoje ime v obliki Apache-Coyote/1.1.
- To lahko (ker smo paranoični ;) ) spremenimo.
- Odpremo datoteko server.xml:
sudo nano /var/lib/tomcat6/conf/server.xml
- Najdemo vse omogočene sklope, ki se začnejo z <Connector in jim dodamo:
server="Apache"
- Primera:
<Connector port="8080" protocol="HTTP/1.1" URIEncoding="UTF-8"
connectionTimeout="20000"
redirectPort="8443"
server="Apache"/>
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
keystoreFile="webapps/ganglij.bin"
keystorePass="ganglijadmin"
server="Apache"/>
Ponovna namestitev
sudo /etc/init.d/tomcat6 stop sudo apt-get remove tomcat6 sudo apt-get autoremove sudo rm -fr /var/lib/tomcat6/ sudo rm -fr /srv/alfresco/
Reset namestitve
sudo /etc/init.d/tomcat6 stop sudo rm /var/lib/tomcat6/alfresco.log* sudo rm /var/lib/tomcat6/logs/alfresco.log* sudo rm /var/lib/tomcat6/logs/catalina.* sudo rm /var/lib/tomcat6/logs/localhost.* sudo rm -fr /var/lib/tomcat6/webapps/alfresco sudo rm -fr /var/lib/tomcat6/webapps/share sudo rm -fr /srv/alfresco/alf_data sudo mkdir -p /srv/alfresco/alf_data sudo chown -R tomcat6:tomcat6 /var/lib/tomcat6 /srv/alfresco echo -e 'drop database alfresco;\nrevoke all privileges, grant option from "alfresco"@"localhost";\ndrop user "alfresco"@"localhost";' > /tmp/db_remove.sql sudo mysql -u root -p < /tmp/db_remove.sql echo -e 'create database alfresco default character set utf8 collate utf8_bin;\ngrant all on alfresco.* to "alfresco"@"localhost" identified by "alfresco" with grant option;\ngrant all on alfresco.* to "alfresco"@"localhost.localdomain" identified by "alfresco" with grant option;' > /tmp/db_setup.sql sudo mysql -u root -p < /tmp/db_setup.sql sudo /etc/init.d/tomcat6 start
Brišemo rezultate prejšnjih war datotek
Če se kje zakvačkamo lahko izbrišemo mape, kjer so se predhovno razpakiral-e datoteke. Ob ponovnem zagonu se bodo iz datotek .war ponovno zgenerirale delavne mape:
sudo /etc/init.d/tomcat6 stop sudo rm -fr /var/lib/tomcat6/webapps/alfresco /var/lib/tomcat6/webapps/share sudo /etc/init.d/tomcat6 start
Disable Apparmor
- Če nekaj ne dela, krivimo apparmor ;). (V bistvu tega načeloma ne izklapljamo.)
sudo /etc/init.d/apparmor stop sudo update-rc.d -f apparmor remove sudo aptitude remove apparmor apparmor-utils
Tomcat strežniku damo dovoljenja za dostop do datotek
sudo chown -R tomcat6:tomcat6 /var/lib/tomcat6 /srv/alfresco
Upravljanje strežnika
- Strežnik (tomcat in s tem tudi alfresco) ugasnemo z:
sudo /etc/init.d/tomcat6 stop
- in zaženemo z:
sudo /etc/init.d/tomcat6 start
- Ponovno zaženemo ga z:
sudo /etc/init.d/tomcat6 restart
Lucene indexes
- Če želimo na novo poindeksirati stvari:
- Ugasnemo strežnik
sudo /etc/init.d/tomcat6 stop
- Premaknemo stare indekse drugam:
sudo mv /srv/alfresco/alf_data/lucene-indexes /srv/alfresco/alf_data/lucene-indexes-stari
- Vklopimo recovery:
sudo nano /var/lib/tomcat6/shared/classes/alfresco-global.properties
- Dodamo:
index.recovery.mode=FULL
- Ponovno zaženemo tomcat:
sudo /etc/init.d/tomcat6 start
- Počakamo, da dokonča, nato zakomentiramo #index.recovery.mode=FULL in ga restartamo
sudo /etc/init.d/tomcat6 restart
Privzete poti
- Alfresco mapa, kamor smo downloadali podatke:
cd /opt/alfresco
- Mapa strežnika tomcat:
cd /var/lib/tomcat6/
- Mapa z datotekami naloženimi v Alfreso:
cd /srv/alfresco/alf_data/
- Vse trajne spremembe delamo v mapi shared:
cd /var/lib/tomcat6/shared/classes/alfresco
cd /var/lib/tomcat6/shared/classes/alfresco/extension
- Začasne spremembe lahko naredimo v mapi webapps:
cd /var/lib/tomcat6/webapps/alfresco/
- Uporabil bom način z JAR datotekami.
- Prenesemo datoteko:
wget -O /tmp/alfresco-3.4-zip-and-download-action-1.0-JAR.zip http://labs.atolcd.com/attachments/download/29/alfresco-3.4-zip-and-download-action-1.0-JAR.zip
- Razširimo datoteko:
unzip /tmp/alfresco-3.4-zip-and-download-action-1.0-JAR.zip -d /tmp/
- Premaknemo dobljene datoteke na svoje mesto:
sudo mkdir -p /var/lib/tomcat6/shared/lib sudo mv /tmp/share-zip-contents-action.jar /var/lib/tomcat6/shared/lib/share-zip-contents-action.jar sudo mv /tmp/zip-contents-alfresco-webscript.jar /var/lib/tomcat6/webapps/alfresco/WEB-INF/lib/zip-contents-alfresco-webscript.jar
- Damo tomcat6 dovoljenje do datotek:
sudo chown -R tomcat6:tomcat6 /var/lib/tomcat6
- Ponovno zaženemo strežnik:
sudo /etc/init.d/tomcat6 restart
Omogočim google docs
- Omogočim to: Alfresco v Ganglij -> Google Docs
- Dodam v datoteko:
sudo nano /var/lib/tomcat6/shared/classes/alfresco-global.properties
# GoogleDocs configuration googledocs.googleeditable.enabled=true googledocs.username=mail@sym.ganglij.net googledocs.password=yourgooglepassword
Dodamo slovenščino na seznam jezikov
- Slovenski prevod: http://www.coks.si/index.php5/Alfresco
- Nameščanje language packa: http://wiki.alfresco.com/wiki/Language_Pack_Installation
- Uradno mesto za angleški prevod: /var/lib/tomcat6/webapps/alfresco/WEB-INF/classes/alfresco/messages
- Dodani prevodi gredo v mapo: /var/lib/tomcat6/shared/classes/alfresco/messages
sudo mkdir -p /var/lib/tomcat6/shared/classes/alfresco/messages sudo chown -R tomcat6:tomcat6 /var/lib/tomcat6
Prenesemo slovenščino in jo namestimo v pravo mapo:
cd /tmp wget http://www.coks.si/images/9/98/Slovenski_prevod_alfresco_3.2.rar sudo apt-get install unrar unrar x Slovenski_prevod_alfresco_3.2.rar sudo cp /tmp/slovenski_prevod/* /var/lib/tomcat6/shared/classes/alfresco/messages/ sudo chown -R tomcat6:tomcat6 /var/lib/tomcat6
- Omogočimo slovenščino:
sudo mkdir -p /var/lib/tomcat6/common/classes/alfresco/extension sudo nano /var/lib/tomcat6/shared/classes/alfresco/extension/web-client-config-custom.xml sudo chown -R tomcat6:tomcat6 /var/lib/tomcat6
Vsebina datoteke:
<alfresco-config>
<config evaluator="string-compare" condition="Languages">
<!-- the list of available language files -->
<languages>
<language locale="sl_SI">Slovenščina</language>
</languages>
</config>
</alfresco-config>
Če bi želeli samo slovenščino bi napisali:
<alfresco-config>
<config evaluator="string-compare" condition="Languages" replace="true">
<!-- the list of available language files -->
<languages>
<language locale="sl_SI">Slovenščina</language>
</languages>
</config>
</alfresco-config>
- Dodatek:
The language which Alfresco appears in when a user begins a new session is that of the server's current locale. For details of how to change this using the JAVA_OPTS variable, see this post: http://forums.alfresco.com/viewtopic.php?f=16&t=11265
Ne dela
Namesto OpenOffice uporabim LibreOffice
- Ustavimo tomcat:
sudo /etc/init.d/tomcat6 stop
- Naredimo potrebno:
sudo apt-get purge openoffice.org ure sudo apt-get install python-software-properties sudo add-apt-repository ppa:libreoffice/ppa sudo apt-get update sudo apt-get install libreoffice
Namestim nov jodconverter
- (Jodconverter v natty default podpira Libreoffice)
- Dodam pravilo, da se nebi paketi avtomatsko posodobili na nov repository:
sudo nano /etc/apt/preferences
Package: * Pin: release a=natty Pin-Priority: -10
- Dodam natty repository:
sudo nano /etc/apt/sources.list
#dodan repo za natty deb http://si.archive.ubuntu.com/ubuntu/ natty main restricted universe multiverse
- Povečam catche limit za apt:
- Na konec datoteke:
sudo nano /etc/apt/apt.conf.d/70debconf
- Dodam:
APT::Cache-Limit "50331648";
- Preizkus update:
sudo apt-get update
- Ponovno namestim jodconverter (iz natty repository-ja):
sudo apt-get install -t natty jodconverter
Uredim alfresco config
sudo nano /var/lib/tomcat6/shared/classes/alfresco-global.properties
- Prej:
# # External locations #------------- ooo.exe=/usr/bin/soffice ooo.enabled=true jodconverter.officeHome=/usr/lib/openoffice jodconverter.portNumbers=8101 jodconverter.enabled=true img.root=/usr swf.exe=/usr/bin/pdf2swf
- Spremenjen:
# # External locations #------------- #ooo.exe=/usr/bin/soffice ooo.exe=/usr/lib/libreoffice/program/soffice ooo.enabled=true #jodconverter.officeHome=/usr/lib/openoffice jodconverter.officeHome=/usr/lib/libreoffice jodconverter.portNumbers=8101 jodconverter.enabled=true img.root=/usr swf.exe=/usr/bin/pdf2swf
Izbris
Ker stvar ne dela najboljše, jo bom odstranil:
- Odstranim jodconverter:
sudo apt-get purge jodconverter
- Odstranim natty repository iz:
sudo nano /etc/apt/sources.list
sudo apt-get update sudo apt-get dist-upgrade
- Namestim PPA-Purge, da bom lahko odstranil libreoffice:
sudo add-apt-repository ppa:nilarimogard/webupd8 sudo apt-get update sudo apt-get install ppa-purge
- Odstranim libreoffice ppa:
sudo ppa-purge -d lucid ppa:libreoffice/ppa
- Ponovno namestim openoffice in ostalo:
aptitude install libmysql-java openoffice.org-core openoffice.org-java-common openoffice.org-impress openoffice.org-calc openoffice.org-writer jodconverter
Nepopolno
SMB/CIFS Strežnik
- Skopiramo privzet primer datoteke:
sudo mkdir -p /var/lib/tomcat6/shared/classes/extension sudo cp /opt/alfresco/web-server/shared/classes/alfresco/extension/file-servers-custom.xml.sample /var/lib/tomcat6/shared/classes/extension/file-servers-custom.xml sudo chown -R tomcat6:tomcat6 /var/lib/tomcat6
- Uredimo datoteko:
sudo nano /var/lib/tomcat6/shared/classes/extension/file-servers-custom.xml
Configure Virtual file system
sudo cp /var/lib/tomcat6/webapps/alfresco/WEB-INF/classes/alfresco/file-servers.xml /var/lib/tomcat6/shared/classes/alfresco/extension/file-servers-custom.xml sudo chown -R tomcat6:tomcat6 /var/lib/tomcat6
- Uredimo datoteko:
sudo gedit /var/lib/tomcat6/shared/classes/alfresco/extension/file-servers-custom.xml
Link:http://wiki.alfresco.com/wiki/File_Server_Configuration
Configure content store - neobvezno
- Skopiramo obstoječo nastavitev v custom mapo:
sudo cp /var/lib/tomcat6/webapps/alfresco/WEB-INF/classes/alfresco/repository.properties /var/lib/tomcat6/shared/classes/alfresco/extension/custom-repository.properties sudo chown -R tomcat6:tomcat6 /var/lib/tomcat6
- Uredimo datoteko:
sudo nano /var/lib/tomcat6/shared/classes/alfresco/extension/custom-repository.properties
- Originalni footer je na voljo tukaj:
sudo nano /var/lib/tomcat6/webapps/share/WEB-INF/classes/alfresco/site-webscripts/org/alfresco/components/footer/footer.get.properties
- Da bi ga "overrideali" dodamo: (ne dela... popravi)
sudo mkdir -p sudo /var/lib/tomcat6/shared/classes/alfresco/site-webscripts/org/alfresco/components/footer/ sudo cp /var/lib/tomcat6/webapps/share/WEB-INF/classes/alfresco/site-webscripts/org/alfresco/components/footer/footer.get.properties /var/lib/tomcat6/shared/classes/alfresco/site-webscripts/org/alfresco/components/footer/footer.get.properties sudo nano /var/lib/tomcat6/shared/classes/alfresco/site-webscripts/org/alfresco/components/footer/footer.get.properties sudo chown -R tomcat6:tomcat6 /var/lib/tomcat6
Mountanje FS-ja na drugem PC-ju
Na ubuntu-ju lahko ganglij.net priklopimo v eno mapo in nato delamo z njim kot s kateri koli drugim FS-jem:
#Namestimo davfs2
sudo apt-get install davfs2
#Ustvarimo mapo
sudo mkdir /media/ganglij.net
#ukaz za mount (''rok'' zamenjamo z našim uporabnikom)
sudo mount -t davfs http://ganglij.net/alfresco/webdav /media/ganglij.net -o uid=`whoami`
- Odjava FS-ja:
sudo umount /media/ganglij.net
- Dodatna navodila:
man mount.davfs
Trajno mountanje preko fstab
- V /etc/fstab dodamo:
- Za cifs:
//ganglij.net/Alfresco /var/www/clients/client4/web4/web/ganglij.net cifs rw,iocharset=utf8,uid=33,gid=33,file_mode=0777,dir_mode=0777,noperm,username=gost,password=gost
- Za webdav:
https://ganglij.net/alfresco/webdav /var/www/clients/client4/web4/web/ganglij.net davfs rw,uid=www-data,gid=www-data 0 0
- Če je potrebno spremeniti port (445 -> 1445):
//127.0.0.1/Alfresco /media/ganglij.net cifs rw,noserverino,iocharset=utf8,uid=1000,gid=1000,file_mode=0777,dir_mode=0777,noperm,port=1445,username=gost,password=gost
Forsiraj checking FS ob ponovnem zagonu
sudo touch /forcefsck
Spremembe, ki so alfresco spremenile v ganglij.net
- Dokumentacija je na voljo tukaj.
