Document toolboxDocument toolbox

(2022.1) Install the PCR-360 Application Files

Owned by Marty Goodrich
Sept 27, 2023
4 min read
  1. Get required files from the Installer Repo:

    https://bitbucket.pcr.com/projects/PCR/repos/install360/browse/lib?at=refs%2Fheads%2Fcentos8

  2. Extract and copy the application files to the Apache web directory:

    # extract the archive
tar -xzvf ./external/pcr360.tar.gz

# create the applicaton directory
mkdir -p /var/www/pcr360/prod
mkdir -p /var/www/pcr360/configs

# move the extracted files to the app
mv ./pcr360/* /var/www/pcr360/prod

# create data and misc folders
mkdir -p /var/www/pcr360/prod/logs /var/www/pcr360/prod/data/cache /var/www/pcr360/prod/data/cache/page
mkdir -p /var/www/pcr360/prod/data/tmp/prod /var/www/pcr360/prod/data/cache/prod /var/www/pcr360/prod/data/session/prod
mkdir -p /var/www/pcr360/prod/data/archive /var/www/pcr360/prod/data/emails /var/www/pcr360/prod/data/errors  /var/www/pcr360/prod/data/reports /var/www/pcr360/prod/data/reports/historical /var/www/pcr360/prod/data/search
mkdir -p /var/www/pcr360/prod/data/uploads /var/www/pcr360/prod/data/uploads/importfiles /var/www/pcr360/prod/data/uploads/vh
mkdir -p /var/www/pcr360/data/outbound /var/www/pcr360/data/inbound /var/www/pcr360/data/outbound-test /var/www/pcr360/data/inbound-test

# copy default vh data to the vh import directory
tar -xzvf vhdata.tar.gz -C /var/www/pcr360/prod/data/uploads/vh
  3. Set file permissions
    1. Allow read/write access to the PCR user for the entire folder

    2. Allow read/write access to Apache for the data and logs folders

      # set file permissions
chown -R pcr:pcr /var/www/pcr360/prod
chown -R apache:pcr /var/www/pcr360/prod/data /var/www/pcr360/prod/logs /var/www/pcr360/data
find /var/www/pcr360/prod -type f -exec chmod 644 {} +
find /var/www/pcr360/data -type f -exec chmod 664 {} +
find /var/www/pcr360/prod/data -type f -exec chmod 664 {} +
find /var/www/pcr360/prod/logs -type f -exec chmod 664 {} +
find /var/www/pcr360/prod -type d -exec chmod 755 {} +
find /var/www/pcr360/data -type d -exec chmod 775 {} +
find /var/www/pcr360/prod/data -type d -exec chmod 775 {} +
find /var/www/pcr360/prod/logs -type d -exec chmod 775 {} +
chown apache:pcr /var/www/pcr360/prod/external/syschk.sh /var/www/pcr360/prod/external/ssl-cert-info.sh
chmod 700 /var/www/pcr360/prod/external/syschk.sh /var/www/pcr360/prod/external/ssl-cert-info.sh

# set acl permissions
setfacl -Rm g:apache:rwx /var/www/pcr360/prod/data
setfacl -Rm u:pcr:rwx /var/www/pcr360/prod/data
  4. Set SE Linux Permissions
    1. Give Apache read access to the entire application folder

    2. Give Apache write access to the data and logs folders

      # set selinux permission
chcon -t httpd_sys_content_t /var/www/pcr360/prod -R
chcon -t httpd_sys_rw_content_t /var/www/pcr360/prod/logs -R
chcon -t httpd_sys_rw_content_t /var/www/pcr360/prod/data -R
chcon -t httpd_sys_rw_content_t /var/www/pcr360/data -R
chcon -t httpd_sys_content_t /var/www/pcr360/test -R
chcon -t httpd_sys_rw_content_t /var/www/pcr360/test/logs -R
chcon -t httpd_sys_rw_content_t /var/www/pcr360/test/data -R
chcon -t httpd_sys_rw_content_t /var/www/pcr360/data -R

  # allow apache to excute external programs like java and wkhtmltopdf
setsebool -P httpd_execmem on

  5. Create the PCR-360 configuration INI file. NOTE: "<>" indicates a value that needs to be filled in. For example: <DB_SERVER> could be replaced with mysql.pcr.com

    1. MySQL

      cat > /var/www/pcr360/configs/pcr360.ini << INI
[default]
[manatee : default]
[team360 : default]
[team360oracle : default]
[team360mysql : default]
[servicedesk : default]
[training : default]

[prod : default]
; the license key is available from PCR
licenseKey = "<PCR360_LICENSE_KEY>"

constants.SERV_HOST_NAME_CRON = "<VHOST_NAME>"
constants.ERROR_REPORT_EMAIL = "help@<VHOST_NAME>"
constants.IMPORT_FILES_PATH = "<OS_WEB_DIRECTORY>/<APP_NAME>/data/inbound/"
constants.EXPORT_PATH = "<OS_WEB_DIRECTORY>/<APP_NAME>/data/outbound/"
constants.PDF_CONVERTER_PATH = "<THIRD_WKTOHTMLPDF_PATH>"
constants.RUNTIME_DEBUG_ALLOWED = true

; This section is for MySQL Databases
resources.multidb.default.adapter = Pdo_Mysql
resources.multidb.default.host = <DB_SERVER>
resources.multidb.default.dbname = <CREATE_DB_NAME>
resources.multidb.default.username = <CREATE_DB_USERNAME>
resources.multidb.default.password = "<CREATE_DB_PASSWORD_ENCRYPTED>"

resources.multidb.metadata.adapter = Pdo_Mysql
resources.multidb.metadata.host = <DB_SERVER>
resources.multidb.metadata.dbname = <CREATE_DB_METADATA_NAME>
resources.multidb.metadata.username = <CREATE_DB_USERNAME>
resources.multidb.metadata.password = "<CREATE_DB_PASSWORD_ENCRYPTED>"

resources.multidb.report.adapter = Pdo_Mysql
resources.multidb.report.host = <DB_SERVER>
resources.multidb.report.dbname = <CREATE_DB_NAME>
resources.multidb.report.username = <CREATE_DB_USERNAME>
resources.multidb.report.password = "<CREATE_DB_PASSWORD_ENCRYPTED>"

resources.multidb.archive.adapter = Pdo_Mysql
resources.multidb.archive.dbname = <CREATE_DB_ARCHIVE_NAME>
resources.multidb.archive.host = <DB_SERVER>
resources.multidb.archive.username = <CREATE_DB_ARCHIVE_USERNAME>
resources.multidb.archive.password = "<CREATE_DB_PASSWORD_ARCHIVE_ENCRYPTED>"

; CRYSTAL REPORTS
; MySQL
crystal.jdbc.type = mysql
crystal.jdbc.host = <DB_SERVER>
crystal.jdbc.username = <CREATE_DB_USERNAME>
crystal.jdbc.password = "<CREATE_DB_PASSWORD>"
crystal.jdbc.dbname = <CREATE_DB_NAME>
crystal.jdbc.port = 3306

; EMAIL
email.DISPLAY_NAME = "PCR-360 <PCR360_CUSTOMER_NAME> Admin"
email.EMAIL = "pcr360@<VHOST_NAME>"
email.OUTGOING_TRANSPORT_TYPE = "SENDMAIL"
;email.OUTGOING_HOST = ""
;email.OUTGOING_PORT = ""
;email.OUTGOING_SSL = ""

[test : prod]
constants.SERV_HOST_NAME_CRON = "<VHOST_NAME_TEST>"
constants.ERROR_REPORT_EMAIL = "help@<VHOST_NAME_TEST>"
constants.IMPORT_FILES_PATH = "<OS_WEB_DIRECTORY>/<APP_NAME>/data/inbound-test/"
constants.EXPORT_PATH = "<OS_WEB_DIRECTORY>/<APP_NAME>/data/outbound-test/"

; This section is for MySQL Databases
resources.multidb.default.adapter = Pdo_Mysql
resources.multidb.default.host = <DB_SERVER>
resources.multidb.default.dbname = <CREATE_DB_NAME_TEST>
resources.multidb.default.username = <CREATE_DB_USERNAME_TEST>
resources.multidb.default.password = "<CREATE_DB_PASSWORD_ENCRYPTED_TEST>"

resources.multidb.metadata.adapter = Pdo_Mysql
resources.multidb.metadata.host = <DB_SERVER>
resources.multidb.metadata.dbname = <CREATE_DB_METADATA_NAME_TEST>
resources.multidb.metadata.username = <CREATE_DB_USERNAME_TEST>
resources.multidb.metadata.password = "<CREATE_DB_PASSWORD_ENCRYPTED_TEST>"

resources.multidb.report.adapter = Pdo_Mysql
resources.multidb.report.host = <DB_SERVER>
resources.multidb.report.dbname = <CREATE_DB_NAME_TEST>
resources.multidb.report.username = <CREATE_DB_USERNAME_TEST>
resources.multidb.report.password = "<CREATE_DB_PASSWORD_ENCRYPTED_TEST>"

resources.multidb.archive.adapter = Pdo_Mysql
resources.multidb.archive.dbname = <CREATE_DB_ARCHIVE_NAME_TEST>
resources.multidb.archive.host = <DB_SERVER>
resources.multidb.archive.username = <CREATE_DB_ARCHIVE_USERNAME_TEST>
resources.multidb.archive.password = "<CREATE_DB_PASSWORD_ARCHIVE_ENCRYPTED_TEST>"

; CRYSTAL REPORTS
; MySQL
crystal.jdbc.type = mysql
crystal.jdbc.host = <DB_SERVER>
crystal.jdbc.username = <CREATE_DB_USERNAME_TEST>
crystal.jdbc.password = "<CREATE_DB_PASSWORD_TEST>"
crystal.jdbc.dbname = <CREATE_DB_NAME_TEST>
crystal.jdbc.port = 3306

; EMAIL
email.DISPLAY_NAME = "PCR-360 Test <PCR360_CUSTOMER_NAME> Admin"
email.EMAIL = "pcr360-test@<VHOST_NAME_TEST>"
email.OUTGOING_TRANSPORT_TYPE = "SENDMAIL"
;email.OUTGOING_HOST = ""
;email.OUTGOING_PORT = ""
;email.OUTGOING_SSL = ""

INI

    2. Oracle

      cat > <APP_CONFIG> << INI
[default]
[manatee : default]
[team360 : default]
[team360oracle : default]
[team360mysql : default]
[servicedesk : default]
[training : default]

[prod : default]
// the license key is available from PCR
licenseKey = "<PCR360_LICENSE_KEY>"

constants.SERV_HOST_NAME_CRON = "<VHOST_NAME>"
constants.ERROR_REPORT_EMAIL = "help@<VHOST_NAME>"
constants.IMPORT_FILES_PATH = "<INSTALL_PATH>/data/inbound/"
constants.EXPORT_PATH = "<INSTALL_PATH>/data/outbound/"
constants.PDF_CONVERTER_PATH = "<THIRD_WKTOHTMLPDF_PATH>"
constants.RUNTIME_DEBUG_ALLOWED = true

// ORACLE CONFIG
resources.multidb.default.adapter = Oracle
resources.multidb.default.host = <DB_SERVER>
resources.multidb.default.username = <CREATE_DB_NAME>
resources.multidb.default.password = "<CREATE_DB_PASSWORD_ENCRYPTED>"
resources.multidb.default.schema = <CREATE_DB_NAME>^}
;resources.multidb.default.dbname = "//<DB_SERVER>:<DB_PORT_ORACLE>/<DB_SID>"
resources.multidb.default.dbname = "(DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST=<DB_SERVER>)(PORT=<DB_PORT_ORACLE>)))(CONNECT_DATA=(SID=<DB_SID>)(SERVER=DEDICATED)))"
resources.multidb.report.adapter = Oracle
resources.multidb.report.host = <DB_SERVER>
resources.multidb.report.username = <CREATE_DB_NAME>
resources.multidb.report.password = "<CREATE_DB_PASSWORD_ENCRYPTED>"
resources.multidb.report.schema = <CREATE_DB_NAME>^}
;resources.multidb.report.dbname = "//<DB_SERVER>:<DB_PORT_ORACLE>/<DB_SID>"
resources.multidb.report.dbname = "(DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST=<DB_SERVER>)(PORT=<DB_PORT_ORACLE>)))(CONNECT_DATA=(SID=<DB_SID>)(SERVER=DEDICATED)))"
resources.multidb.metadata.adapter = Oracle
resources.multidb.metadata.host = <DB_SERVER>
resources.multidb.metadata.username = <CREATE_DB_NAME_METADATA>
resources.multidb.metadata.password = "<CREATE_DB_PASSWORD_METADATA_ENCRYPTED>"
resources.multidb.metadata.schema = <CREATE_DB_NAME_METADATA>^}
;resources.multidb.metadata.dbname = "//<DB_SERVER>:<DB_PORT_ORACLE>/<DB_SID>"
resources.multidb.metadata.dbname = "(DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST=<DB_SERVER>)(PORT=<DB_PORT_ORACLE>)))(CONNECT_DATA=(SID=<DB_SID>)(SERVER=DEDICATED)))"
resources.multidb.archive.adapter = Oracle
resources.multidb.archive.host = <DB_SERVER>
resources.multidb.archive.username = <CREATE_DB_NAME_ARCHIVE>
resources.multidb.archive.password = "<CREATE_DB_PASSWORD_ARCHIVE_ENCRYPTED>"
resources.multidb.archive.schema = <CREATE_DB_NAME_ARCHIVE>^}
;resources.multidb.archive.dbname = "//<DB_SERVER>:<DB_PORT_ORACLE>/<DB_SID>"
resources.multidb.archive.dbname = "(DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST=<DB_SERVER>)(PORT=<DB_PORT_ORACLE>)))(CONNECT_DATA=(SID=<DB_SID>)(SERVER=DEDICATED)))"

// CRYSTAL REPORTS

// ORACLE
crystal.jdbc.type = oracle
crystal.jdbc.host = <DB_SERVER>
crystal.jdbc.username = <CREATE_DB_NAME>
crystal.jdbc.password = "<CREATE_DB_PASSWORD>"
crystal.jdbc.schema = <CREATE_DB_NAME>^}
crystal.jdbc.port = 1521
crystal.jdbc.dsn = DSN

// EMAIL
email.DISPLAY_NAME = "PCR-360 <PCR360_CUSTOMER_NAME> Admin"
email.EMAIL = "pcr360@<VHOST_NAME>"
email.OUTGOING_TRANSPORT_TYPE = "SENDMAIL"
;email.OUTGOING_HOST = ""
;email.OUTGOING_PORT = ""
;email.OUTGOING_SSL = ""

[test : prod]
email.OUTGOING_TRANSPORT_TYPE = "FILE"

// ORACLE CONFIG
resources.multidb.default.adapter = Oracle
resources.multidb.default.host = <DB_SERVER_TEST>
resources.multidb.default.username = <CREATE_DB_NAME_TEST>
resources.multidb.default.password = "<CREATE_DB_PASSWORD_ENCRYPTED_TEST>"
resources.multidb.default.schema = <CREATE_DB_NAME_TEST>^}
;resources.multidb.default.dbname = "//<DB_SERVER_TEST>:<DB_PORT_ORACLE>/<DB_SID>"
resources.multidb.default.dbname = "(DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST=<DB_SERVER_TEST>)(PORT=<DB_PORT_ORACLE>)))(CONNECT_DATA=(SID=<DB_SID>)(SERVER=DEDICATED)))"
resources.multidb.report.adapter = Oracle
resources.multidb.report.host = <DB_SERVER_TEST>
resources.multidb.report.username = <CREATE_DB_NAME_TEST>
resources.multidb.report.password = "<CREATE_DB_PASSWORD_ENCRYPTED_TEST>"
resources.multidb.report.schema = <CREATE_DB_NAME_TEST>^}
;resources.multidb.report.dbname = "//<DB_SERVER_TEST>:<DB_PORT_ORACLE>/<DB_SID>"
resources.multidb.report.dbname = "(DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST=<DB_SERVER_TEST>)(PORT=<DB_PORT_ORACLE>)))(CONNECT_DATA=(SID=<DB_SID>)(SERVER=DEDICATED)))"
resources.multidb.metadata.adapter = Oracle
resources.multidb.metadata.host = <DB_SERVER_TEST>
resources.multidb.metadata.username = <CREATE_DB_NAME_METADATA>
resources.multidb.metadata.password = "<CREATE_DB_PASSWORD_METADATA_ENCRYPTED>"
resources.multidb.metadata.schema = <CREATE_DB_NAME_METADATA>^}
;resources.multidb.metadata.dbname = "//<DB_SERVER_TEST>:<DB_PORT_ORACLE>/<DB_SID>"
resources.multidb.metadata.dbname = "(DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST=<DB_SERVER_TEST>)(PORT=<DB_PORT_ORACLE>)))(CONNECT_DATA=(SID=<DB_SID>)(SERVER=DEDICATED)))"
resources.multidb.archive.adapter = Oracle
resources.multidb.archive.host = <DB_SERVER_TEST>
resources.multidb.archive.username = <CREATE_DB_NAME_ARCHIVE>
resources.multidb.archive.password = "<CREATE_DB_PASSWORD_ARCHIVE_ENCRYPTED>"
resources.multidb.archive.schema = <CREATE_DB_NAME_ARCHIVE>^}
;resources.multidb.archive.dbname = "//<DB_SERVER_TEST>:<DB_PORT_ORACLE>/<DB_SID>"
resources.multidb.archive.dbname = "(DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST=<DB_SERVER_TEST>)(PORT=<DB_PORT_ORACLE>)))(CONNECT_DATA=(SID=<DB_SID>)(SERVER=DEDICATED)))"

// CRYSTAL REPORTS

// ORACLE
crystal.jdbc.type = oracle
crystal.jdbc.host = <DB_SERVER_TEST>
crystal.jdbc.username = <CREATE_DB_NAME_TEST>
crystal.jdbc.password = "<CREATE_DB_PASSWORD>"
crystal.jdbc.schema = <CREATE_DB_NAME_TEST>^}
crystal.jdbc.port = 1521
crystal.jdbc.dsn = DSN
INI

  6. Install Virtual Host Configurations. Example Configuration:

    cat >/etc/httpd/conf.d/pcr360_prod.conf <<CONF

ServerName pcr360.customeraddress.com
Protocols h2 h2c http/1.1
Header always set Strict-Transport-Security max-age=31536000

## PROTECT FILES ##
<FilesMatch "\.(htaccess|htpasswd|ini|phps|fla|psd|log|sh)$">
	Require all granted
</FilesMatch>

## HEADERS FOR MS EDGE ##
<IfModule headers_module>
	Header Set X-UA-Compatible: IE=Edge
</IfModule>

## LIMIT UPLOAD FILE SIZE TO PROTECT AGAINST DOS ATTACK ##
LimitRequestBody 10240000
#bytes, 0-2147483647(2GB)

RewriteEngine On
RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
RewriteRule .* - [F]

<VirtualHost *:80>
	ServerName pcr360.customeraddress.com
	DocumentRoot /var/www/pcr360/prod/public
	# rewrite to SSL
	RewriteEngine on
	RewriteCond %{SERVER_PORT} !^443$
	RewriteRule ^(.*) https://%{HTTP_HOST}%{REQUEST_URI}
</VirtualHost>

<VirtualHost *:443>
	ServerName pcr360.customeraddress.com
	DocumentRoot /var/www/pcr360/prod/public

	# logs
	ErrorLog logs/ssl_error_log
	TransferLog logs/ssl_access_log
	LogLevel warn

	# SSL
	SSLEngine on
	SSLCertificateFile /etc/pki/tls/certs/pcr360_test.crt
	SSLCertificateKeyFile /etc/pki/tls/private/pcr360_prod.key
	SSLProtocol -all +TLSv1.2 +TLSv1.3
    SSLCipherSuite HIGH:MEDIUM:!aNULL:+SHA1:+MD5:+HIGH:+MEDIUM
	SSLHonorCipherOrder on

	# environment variables
	SetEnv APPLICATION_ENV prod
	SetEnv APPLICATION_INI "/var/www/pcr360/configs/pcr360.ini"
	SetEnv APPLICATION_ENVDEBUG 0
	SetEnv APPLICATION_ENVPCR 0

	# file system
	<Directory /var/www/pcr360/prod/public>
        Options -Indexes
        DirectoryIndex index.php
    	AllowOverride None
    	Include /var/www/pcr360/prod/public/.htaccess
    	Require all granted
	</Directory>

	<Files ~ "\.(cgi|shtml|phtml|php3?)$">
	    SSLOptions +StdEnvVars
	</Files>
</VirtualHost>
CONF