Skip to end of metadata
Go to start of metadata
You are viewing an old version of this page. View the current version.
Compare with Current
View Page History
« Previous
Version 2
Next »
- Get required files from the Installer Repo:
https://bitbucket.pcr.com/projects/PCR/repos/install360/browse/lib?at=refs%2Fheads%2Fcentos8
Extract and copy the application files to the Apache web directory:
# extract the archive
tar -xzvf ./external/pcr360.tar.gz
# create the applicaton directory
mkdir -p /var/www/pcr360/prod
mkdir -p /var/www/pcr360/configs
# move the extracted files to the app
mv ./pcr360/* /var/www/pcr360/prod
# create data and misc folders
mkdir -p /var/www/pcr360/prod/logs /var/www/pcr360/prod/data/cache /var/www/pcr360/prod/data/cache/page
mkdir -p /var/www/pcr360/prod/data/tmp/prod /var/www/pcr360/prod/data/cache/prod /var/www/pcr360/prod/data/session/prod
mkdir -p /var/www/pcr360/prod/data/archive /var/www/pcr360/prod/data/emails /var/www/pcr360/prod/data/errors /var/www/pcr360/prod/data/reports /var/www/pcr360/prod/data/reports/historical /var/www/pcr360/prod/data/search
mkdir -p /var/www/pcr360/prod/data/uploads /var/www/pcr360/prod/data/uploads/importfiles /var/www/pcr360/prod/data/uploads/vh
mkdir -p /var/www/pcr360/data/outbound /var/www/pcr360/data/inbound /var/www/pcr360/data/outbound-test /var/www/pcr360/data/inbound-test
# copy default vh data to the vh import directory
tar -xzvf vhdata.tar.gz -C /var/www/pcr360/prod/data/uploads/vh
- Set file permissions
- Allow read/write access to the PCR user for the entire folder
Allow read/write access to Apache for the data and logs folders
# set file permissions
chown -R pcr:pcr /var/www/pcr360/prod
chown -R apache:pcr /var/www/pcr360/prod/data /var/www/pcr360/prod/logs /var/www/pcr360/data
find /var/www/pcr360/prod -type f -exec chmod 644 {} +
find /var/www/pcr360/data -type f -exec chmod 664 {} +
find /var/www/pcr360/prod/data -type f -exec chmod 664 {} +
find /var/www/pcr360/prod/logs -type f -exec chmod 664 {} +
find /var/www/pcr360/prod -type d -exec chmod 755 {} +
find /var/www/pcr360/data -type d -exec chmod 775 {} +
find /var/www/pcr360/prod/data -type d -exec chmod 775 {} +
find /var/www/pcr360/prod/logs -type d -exec chmod 775 {} +
chown apache:pcr /var/www/pcr360/prod/external/syschk.sh /var/www/pcr360/prod/external/ssl-cert-info.sh
chmod 700 /var/www/pcr360/prod/external/syschk.sh /var/www/pcr360/prod/external/ssl-cert-info.sh
# set acl permissions
setfacl -Rm g:apache:rwx /var/www/pcr360/prod/data
setfacl -Rm u:pcr:rwx /var/www/pcr360/prod/data
- Set SE Linux Permissions
- Give Apache read access to the entire application folder
Give Apache write access to the data and logs folders
# set selinux permission
chcon -t httpd_sys_content_t /var/www/pcr360/prod -R
chcon -t httpd_sys_rw_content_t /var/www/pcr360/prod/logs -R
chcon -t httpd_sys_rw_content_t /var/www/pcr360/prod/data -R
chcon -t httpd_sys_rw_content_t /var/www/pcr360/data -R
chcon -t httpd_sys_content_t /var/www/pcr360/test -R
chcon -t httpd_sys_rw_content_t /var/www/pcr360/test/logs -R
chcon -t httpd_sys_rw_content_t /var/www/pcr360/test/data -R
chcon -t httpd_sys_rw_content_t /var/www/pcr360/data -R
# allow apache to excute external programs like java and wkhtmltopdf
setsebool -P httpd_execmem on
Create the PCR-360 configuration INI file. NOTE: "<>" indicates a value that needs to be filled in. For example: <DB_SERVER> could be replaced with mysql.pcr.com
MySQL
cat > /var/www/pcr360/configs/pcr360.ini << INI
[default]
[manatee : default]
[team360 : default]
[team360oracle : default]
[team360mysql : default]
[servicedesk : default]
[training : default]
[prod : default]
; the license key is available from PCR
licenseKey = "<PCR360_LICENSE_KEY>"
constants.SERV_HOST_NAME_CRON = "<VHOST_NAME>"
constants.ERROR_REPORT_EMAIL = "help@<VHOST_NAME>"
constants.IMPORT_FILES_PATH = "<OS_WEB_DIRECTORY>/<APP_NAME>/data/inbound/"
constants.EXPORT_PATH = "<OS_WEB_DIRECTORY>/<APP_NAME>/data/outbound/"
constants.PDF_CONVERTER_PATH = "<THIRD_WKTOHTMLPDF_PATH>"
constants.RUNTIME_DEBUG_ALLOWED = true
; This section is for MySQL Databases
resources.multidb.default.adapter = Pdo_Mysql
resources.multidb.default.host = <DB_SERVER>
resources.multidb.default.dbname = <CREATE_DB_NAME>
resources.multidb.default.username = <CREATE_DB_USERNAME>
resources.multidb.default.password = "<CREATE_DB_PASSWORD_ENCRYPTED>"
resources.multidb.metadata.adapter = Pdo_Mysql
resources.multidb.metadata.host = <DB_SERVER>
resources.multidb.metadata.dbname = <CREATE_DB_METADATA_NAME>
resources.multidb.metadata.username = <CREATE_DB_USERNAME>
resources.multidb.metadata.password = "<CREATE_DB_PASSWORD_ENCRYPTED>"
resources.multidb.report.adapter = Pdo_Mysql
resources.multidb.report.host = <DB_SERVER>
resources.multidb.report.dbname = <CREATE_DB_NAME>
resources.multidb.report.username = <CREATE_DB_USERNAME>
resources.multidb.report.password = "<CREATE_DB_PASSWORD_ENCRYPTED>"
resources.multidb.archive.adapter = Pdo_Mysql
resources.multidb.archive.dbname = <CREATE_DB_ARCHIVE_NAME>
resources.multidb.archive.host = <DB_SERVER>
resources.multidb.archive.username = <CREATE_DB_ARCHIVE_USERNAME>
resources.multidb.archive.password = "<CREATE_DB_PASSWORD_ARCHIVE_ENCRYPTED>"
; CRYSTAL REPORTS
; MySQL
crystal.jdbc.type = mysql
crystal.jdbc.host = <DB_SERVER>
crystal.jdbc.username = <CREATE_DB_USERNAME>
crystal.jdbc.password = "<CREATE_DB_PASSWORD>"
crystal.jdbc.dbname = <CREATE_DB_NAME>
crystal.jdbc.port = 3306
; EMAIL
email.DISPLAY_NAME = "PCR-360 <PCR360_CUSTOMER_NAME> Admin"
email.EMAIL = "pcr360@<VHOST_NAME>"
email.OUTGOING_TRANSPORT_TYPE = "SENDMAIL"
;email.OUTGOING_HOST = ""
;email.OUTGOING_PORT = ""
;email.OUTGOING_SSL = ""
[test : prod]
constants.SERV_HOST_NAME_CRON = "<VHOST_NAME_TEST>"
constants.ERROR_REPORT_EMAIL = "help@<VHOST_NAME_TEST>"
constants.IMPORT_FILES_PATH = "<OS_WEB_DIRECTORY>/<APP_NAME>/data/inbound-test/"
constants.EXPORT_PATH = "<OS_WEB_DIRECTORY>/<APP_NAME>/data/outbound-test/"
; This section is for MySQL Databases
resources.multidb.default.adapter = Pdo_Mysql
resources.multidb.default.host = <DB_SERVER>
resources.multidb.default.dbname = <CREATE_DB_NAME_TEST>
resources.multidb.default.username = <CREATE_DB_USERNAME_TEST>
resources.multidb.default.password = "<CREATE_DB_PASSWORD_ENCRYPTED_TEST>"
resources.multidb.metadata.adapter = Pdo_Mysql
resources.multidb.metadata.host = <DB_SERVER>
resources.multidb.metadata.dbname = <CREATE_DB_METADATA_NAME_TEST>
resources.multidb.metadata.username = <CREATE_DB_USERNAME_TEST>
resources.multidb.metadata.password = "<CREATE_DB_PASSWORD_ENCRYPTED_TEST>"
resources.multidb.report.adapter = Pdo_Mysql
resources.multidb.report.host = <DB_SERVER>
resources.multidb.report.dbname = <CREATE_DB_NAME_TEST>
resources.multidb.report.username = <CREATE_DB_USERNAME_TEST>
resources.multidb.report.password = "<CREATE_DB_PASSWORD_ENCRYPTED_TEST>"
resources.multidb.archive.adapter = Pdo_Mysql
resources.multidb.archive.dbname = <CREATE_DB_ARCHIVE_NAME_TEST>
resources.multidb.archive.host = <DB_SERVER>
resources.multidb.archive.username = <CREATE_DB_ARCHIVE_USERNAME_TEST>
resources.multidb.archive.password = "<CREATE_DB_PASSWORD_ARCHIVE_ENCRYPTED_TEST>"
; CRYSTAL REPORTS
; MySQL
crystal.jdbc.type = mysql
crystal.jdbc.host = <DB_SERVER>
crystal.jdbc.username = <CREATE_DB_USERNAME_TEST>
crystal.jdbc.password = "<CREATE_DB_PASSWORD_TEST>"
crystal.jdbc.dbname = <CREATE_DB_NAME_TEST>
crystal.jdbc.port = 3306
; EMAIL
email.DISPLAY_NAME = "PCR-360 Test <PCR360_CUSTOMER_NAME> Admin"
email.EMAIL = "pcr360-test@<VHOST_NAME_TEST>"
email.OUTGOING_TRANSPORT_TYPE = "SENDMAIL"
;email.OUTGOING_HOST = ""
;email.OUTGOING_PORT = ""
;email.OUTGOING_SSL = ""
INI
Oracle
cat > <APP_CONFIG> << INI
[default]
[manatee : default]
[team360 : default]
[team360oracle : default]
[team360mysql : default]
[servicedesk : default]
[training : default]
[prod : default]
// the license key is available from PCR
licenseKey = "<PCR360_LICENSE_KEY>"
constants.SERV_HOST_NAME_CRON = "<VHOST_NAME>"
constants.ERROR_REPORT_EMAIL = "help@<VHOST_NAME>"
constants.IMPORT_FILES_PATH = "<INSTALL_PATH>/data/inbound/"
constants.EXPORT_PATH = "<INSTALL_PATH>/data/outbound/"
constants.PDF_CONVERTER_PATH = "<THIRD_WKTOHTMLPDF_PATH>"
constants.RUNTIME_DEBUG_ALLOWED = true
// ORACLE CONFIG
resources.multidb.default.adapter = Oracle
resources.multidb.default.host = <DB_SERVER>
resources.multidb.default.username = <CREATE_DB_NAME>
resources.multidb.default.password = "<CREATE_DB_PASSWORD_ENCRYPTED>"
resources.multidb.default.schema = <CREATE_DB_NAME>^}
;resources.multidb.default.dbname = "//<DB_SERVER>:<DB_PORT_ORACLE>/<DB_SID>"
resources.multidb.default.dbname = "(DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST=<DB_SERVER>)(PORT=<DB_PORT_ORACLE>)))(CONNECT_DATA=(SID=<DB_SID>)(SERVER=DEDICATED)))"
resources.multidb.report.adapter = Oracle
resources.multidb.report.host = <DB_SERVER>
resources.multidb.report.username = <CREATE_DB_NAME>
resources.multidb.report.password = "<CREATE_DB_PASSWORD_ENCRYPTED>"
resources.multidb.report.schema = <CREATE_DB_NAME>^}
;resources.multidb.report.dbname = "//<DB_SERVER>:<DB_PORT_ORACLE>/<DB_SID>"
resources.multidb.report.dbname = "(DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST=<DB_SERVER>)(PORT=<DB_PORT_ORACLE>)))(CONNECT_DATA=(SID=<DB_SID>)(SERVER=DEDICATED)))"
resources.multidb.metadata.adapter = Oracle
resources.multidb.metadata.host = <DB_SERVER>
resources.multidb.metadata.username = <CREATE_DB_NAME_METADATA>
resources.multidb.metadata.password = "<CREATE_DB_PASSWORD_METADATA_ENCRYPTED>"
resources.multidb.metadata.schema = <CREATE_DB_NAME_METADATA>^}
;resources.multidb.metadata.dbname = "//<DB_SERVER>:<DB_PORT_ORACLE>/<DB_SID>"
resources.multidb.metadata.dbname = "(DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST=<DB_SERVER>)(PORT=<DB_PORT_ORACLE>)))(CONNECT_DATA=(SID=<DB_SID>)(SERVER=DEDICATED)))"
resources.multidb.archive.adapter = Oracle
resources.multidb.archive.host = <DB_SERVER>
resources.multidb.archive.username = <CREATE_DB_NAME_ARCHIVE>
resources.multidb.archive.password = "<CREATE_DB_PASSWORD_ARCHIVE_ENCRYPTED>"
resources.multidb.archive.schema = <CREATE_DB_NAME_ARCHIVE>^}
;resources.multidb.archive.dbname = "//<DB_SERVER>:<DB_PORT_ORACLE>/<DB_SID>"
resources.multidb.archive.dbname = "(DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST=<DB_SERVER>)(PORT=<DB_PORT_ORACLE>)))(CONNECT_DATA=(SID=<DB_SID>)(SERVER=DEDICATED)))"
// CRYSTAL REPORTS
// ORACLE
crystal.jdbc.type = oracle
crystal.jdbc.host = <DB_SERVER>
crystal.jdbc.username = <CREATE_DB_NAME>
crystal.jdbc.password = "<CREATE_DB_PASSWORD>"
crystal.jdbc.schema = <CREATE_DB_NAME>^}
crystal.jdbc.port = 1521
crystal.jdbc.dsn = DSN
// EMAIL
email.DISPLAY_NAME = "PCR-360 <PCR360_CUSTOMER_NAME> Admin"
email.EMAIL = "pcr360@<VHOST_NAME>"
email.OUTGOING_TRANSPORT_TYPE = "SENDMAIL"
;email.OUTGOING_HOST = ""
;email.OUTGOING_PORT = ""
;email.OUTGOING_SSL = ""
[test : prod]
email.OUTGOING_TRANSPORT_TYPE = "FILE"
// ORACLE CONFIG
resources.multidb.default.adapter = Oracle
resources.multidb.default.host = <DB_SERVER_TEST>
resources.multidb.default.username = <CREATE_DB_NAME_TEST>
resources.multidb.default.password = "<CREATE_DB_PASSWORD_ENCRYPTED_TEST>"
resources.multidb.default.schema = <CREATE_DB_NAME_TEST>^}
;resources.multidb.default.dbname = "//<DB_SERVER_TEST>:<DB_PORT_ORACLE>/<DB_SID>"
resources.multidb.default.dbname = "(DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST=<DB_SERVER_TEST>)(PORT=<DB_PORT_ORACLE>)))(CONNECT_DATA=(SID=<DB_SID>)(SERVER=DEDICATED)))"
resources.multidb.report.adapter = Oracle
resources.multidb.report.host = <DB_SERVER_TEST>
resources.multidb.report.username = <CREATE_DB_NAME_TEST>
resources.multidb.report.password = "<CREATE_DB_PASSWORD_ENCRYPTED_TEST>"
resources.multidb.report.schema = <CREATE_DB_NAME_TEST>^}
;resources.multidb.report.dbname = "//<DB_SERVER_TEST>:<DB_PORT_ORACLE>/<DB_SID>"
resources.multidb.report.dbname = "(DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST=<DB_SERVER_TEST>)(PORT=<DB_PORT_ORACLE>)))(CONNECT_DATA=(SID=<DB_SID>)(SERVER=DEDICATED)))"
resources.multidb.metadata.adapter = Oracle
resources.multidb.metadata.host = <DB_SERVER_TEST>
resources.multidb.metadata.username = <CREATE_DB_NAME_METADATA>
resources.multidb.metadata.password = "<CREATE_DB_PASSWORD_METADATA_ENCRYPTED>"
resources.multidb.metadata.schema = <CREATE_DB_NAME_METADATA>^}
;resources.multidb.metadata.dbname = "//<DB_SERVER_TEST>:<DB_PORT_ORACLE>/<DB_SID>"
resources.multidb.metadata.dbname = "(DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST=<DB_SERVER_TEST>)(PORT=<DB_PORT_ORACLE>)))(CONNECT_DATA=(SID=<DB_SID>)(SERVER=DEDICATED)))"
resources.multidb.archive.adapter = Oracle
resources.multidb.archive.host = <DB_SERVER_TEST>
resources.multidb.archive.username = <CREATE_DB_NAME_ARCHIVE>
resources.multidb.archive.password = "<CREATE_DB_PASSWORD_ARCHIVE_ENCRYPTED>"
resources.multidb.archive.schema = <CREATE_DB_NAME_ARCHIVE>^}
;resources.multidb.archive.dbname = "//<DB_SERVER_TEST>:<DB_PORT_ORACLE>/<DB_SID>"
resources.multidb.archive.dbname = "(DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST=<DB_SERVER_TEST>)(PORT=<DB_PORT_ORACLE>)))(CONNECT_DATA=(SID=<DB_SID>)(SERVER=DEDICATED)))"
// CRYSTAL REPORTS
// ORACLE
crystal.jdbc.type = oracle
crystal.jdbc.host = <DB_SERVER_TEST>
crystal.jdbc.username = <CREATE_DB_NAME_TEST>
crystal.jdbc.password = "<CREATE_DB_PASSWORD>"
crystal.jdbc.schema = <CREATE_DB_NAME_TEST>^}
crystal.jdbc.port = 1521
crystal.jdbc.dsn = DSN
INI
Install Virtual Host Configurations. Example Configuration:
cat >/etc/httpd/conf.d/pcr360_prod.conf <<CONF
ServerName pcr360.customeraddress.com
Protocols h2 h2c http/1.1
Header always set Strict-Transport-Security max-age=31536000
## PROTECT FILES ##
<FilesMatch "\.(htaccess|htpasswd|ini|phps|fla|psd|log|sh)$">
Require all granted
</FilesMatch>
## HEADERS FOR MS EDGE ##
<IfModule headers_module>
Header Set X-UA-Compatible: IE=Edge
</IfModule>
## LIMIT UPLOAD FILE SIZE TO PROTECT AGAINST DOS ATTACK ##
LimitRequestBody 10240000
#bytes, 0-2147483647(2GB)
RewriteEngine On
RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
RewriteRule .* - [F]
<VirtualHost *:80>
ServerName pcr360.customeraddress.com
DocumentRoot /var/www/pcr360/prod/public
# rewrite to SSL
RewriteEngine on
RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^(.*) https://%{HTTP_HOST}%{REQUEST_URI}
</VirtualHost>
<VirtualHost *:443>
ServerName pcr360.customeraddress.com
DocumentRoot /var/www/pcr360/prod/public
# logs
ErrorLog logs/ssl_error_log
TransferLog logs/ssl_access_log
LogLevel warn
# SSL
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/pcr360_test.crt
SSLCertificateKeyFile /etc/pki/tls/private/pcr360_prod.key
SSLProtocol -all +TLSv1.2 +TLSv1.3
SSLCipherSuite HIGH:MEDIUM:!aNULL:+SHA1:+MD5:+HIGH:+MEDIUM
SSLHonorCipherOrder on
# environment variables
SetEnv APPLICATION_ENV prod
SetEnv APPLICATION_INI "/var/www/pcr360/configs/pcr360.ini"
SetEnv APPLICATION_ENVDEBUG 0
SetEnv APPLICATION_ENVPCR 0
# file system
<Directory /var/www/pcr360/prod/public>
Options -Indexes
DirectoryIndex index.php
AllowOverride None
Include /var/www/pcr360/prod/public/.htaccess
Require all granted
</Directory>
<Files ~ "\.(cgi|shtml|phtml|php3?)$">
SSLOptions +StdEnvVars
</Files>
</VirtualHost>
CONF