QuartzMap/docs/source/install.rst

259 lines
6.4 KiB
ReStructuredText

Install
=======
GeoSync is installed using the included installation script.
The script will attempt to provision an SSL certificate using Certbot.
Ensure that your hostname is properly set. If not set the hostname using 'hostnamectl set-hostname domain.com'
Basic Install
------------
Clone the repository::
git clone https://git.acugis.com/AcuGIS/GeoSync.git
Change to the GeoSync directory::
cd GeoSync
Execute the scripts in order::
$ ./installer/postgres.sh
$ ./installer/app-install.sh
Upon completion, you should see the message below::
Backend installation is finished.
Complete Setup
--------------
Go to https://domain.com/admin.setup.php to complete the installation.
.. image:: images/installer-2.png
Populate the required fields with whatever values you want to use.
Manual Installation on Ubuntu 22
====================================
Install PostgreSQL with PostGIS
------------------------------------------
QuartzMap requires PostgreSQL with PostGIS.
If you do not already have it installed, install it now.
.. code-block:: bash
#!/bin/bash -e
apt install postgresql postgresql-contrib
Install Prerequisties
------------------------------------------
For Community Edition:
.. code-block:: bash
apt-get -y install apache2 libapache2-mod-php php-{pgsql,zip,gd,simplexml} proftpd postfix python3-certbot-apache
For Commerical Edition:
.. code-block:: bash
apt-get -y install apache2 libapache2-mod-php php-{pgsql,zip,gd,simplexml} proftpd libapache2-mod-fcgid postfix python3-certbot-apache
install_qgis_server
Create the PostGIS Database
--------------------------------
.. code-block:: sql
CREATE USER quartz with password 'SuperSecret';
CREATE DATABASE quartz with OWNER quartz;
Create the Database Objects
--------------------------------
.. code-block:: sql
CREATE TYPE public.userlevel AS ENUM ('Admin', 'User');
CREATE TABLE public.user ( id SERIAL PRIMARY KEY,
name character varying(250),
email character varying(250),
password character varying(255),
ftp_user character varying(250),
accesslevel public.userlevel,
owner_id integer NOT NULL REFERENCES public.user(id),
UNIQUE(email)
);
CREATE TABLE public.access_groups ( id SERIAL PRIMARY KEY,
name character varying(255) NOT NULL,
owner_id integer NOT NULL REFERENCES public.user(id)
);
CREATE TABLE public.user_access ( id SERIAL PRIMARY KEY,
user_id integer NOT NULL REFERENCES public.user(id),
access_group_id integer NOT NULL REFERENCES public.access_groups(id),
UNIQUE(user_id, access_group_id)
);
CREATE TABLE public.map ( id SERIAL PRIMARY KEY,
name character varying(50) NOT NULL,
description character varying(50) NOT NULL,
is_public BOOLEAN DEFAULT false,
owner_id integer NOT NULL REFERENCES public.user(id)
);
CREATE TABLE public.map_access ( id SERIAL PRIMARY KEY,
map_id integer NOT NULL REFERENCES public.map(id),
access_group_id integer NOT NULL REFERENCES public.access_groups(id),
UNIQUE(map_id, access_group_id)
);
CREATE TABLE public.permalink ( id SERIAL PRIMARY KEY,
description character varying(255),
query character varying(255),
map_id integer NOT NULL REFERENCES public.map(id),
created TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
expires TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP + interval '1 hour',
visits integer NOT NULL DEFAULT 0,
visits_limit integer NOT NULL DEFAULT 1,
hash character varying(36) NOT NULL,
owner_id integer NOT NULL REFERENCES public.user(id)
);
CREATE TABLE public.signup ( id SERIAL PRIMARY KEY,
name character varying(250),
email character varying(250),
password character varying(250),
verify character varying(250),
UNIQUE(email)
);
Configure ProFTPD
----------------------------
.. code-block:: bash
sed -i.save '
s/#DefaultRoot~/DefaultRoot ~/
s/# RequireValidShelloff/RequireValidShell off/' /etc/proftpd/proftpd.conf
systemctl enable proftpd
systemctl restart proftpd
Configure Apache
----------------------------
.. code-block:: bash
a2enmod ssl headers expires fcgid cgi
cp installer/apache2.conf /etc/apache2/sites-available/default-ssl.conf
for f in 000-default default-ssl; do
sed -i.save "s/#ServerName example.com/#ServerName ${HNAME}/" /etc/apache2/sites-available/${f}.conf
done
a2ensite 000-default default-ssl
systemctl reload apache2
certbot --apache --agree-tos --email hostmaster@${HNAME} --no-eff-email -d ${HNAME}
Create Data and Cache Directories
----------------------------
.. code-block:: bash
mkdir -p "${APPS_DIR}"
mkdir -p "${CACHE_DIR}"
mkdir -p "${DATA_DIR}"
chown -R www-data:www-data "${APPS_DIR}"
chown -R www-data:www-data "${CACHE_DIR}"
chown -R www-data:www-data "${DATA_DIR}"
cp -r . /var/www/html/
chown -R www-data:www-data /var/www/html
rm -rf /var/www/html/installer
systemctl restart apache2
# create group for all FTP users
groupadd qatusers
create_ftp_user
# install ftp user creation script
for f in update; do
cp installer/${f}_ftp_user.sh /usr/local/bin/
chown www-data:www-data /usr/local/bin/${f}_ftp_user.sh
chmod 0550 /usr/local/bin/${f}_ftp_user.sh
done
cat >/etc/sudoers.d/q2w <<CAT_EOF
www-data ALL = NOPASSWD: /usr/local/bin/update_ftp_user.sh
CAT_EOF
echo -e "postgres and other passwords are saved in /root/auth.txt file"
Install More Stuff
---------------------------------------
.. code-block:: php
cat >admin/incl/const.php <<CAT_EOF
<?php
define("DB_HOST", "localhost");
define("DB_NAME", "${APP_DB}");
define("DB_USER", "${APP_DB}");
define("DB_PASS", "${APP_DB_PASS}");
define("DB_PORT", 5432);
define("DB_SCMA", 'public');
define("APPS_DIR", "${APPS_DIR}");
define("CACHE_DIR", "${CACHE_DIR}");
define("DATA_DIR", "${DATA_DIR}");
define("SUPER_ADMIN_ID", 1);
define("SESS_USR_KEY", 'q2w_user');
?>
CAT_EOF
.. note:: If you want to quickly install and test Lizmap Web Client in a few steps, you can follow those
`instructions <https://github.com/3liz/lizmap-docker-compose>`_ using Docker and Docker-Compose.
.. note:: In Debian distributions, you can work as administrator (log in with ``root``), without using ``sudo`` on contrary to Ubuntu.
.. code-block:: bash
ln -s /etc/nginx/sites-available/lizmap.conf /etc/nginx/sites-enabled/lizmap.conf
Restart Nginx
-------------
You must restart the Nginx server to validate the configuration.
.. code-block:: bash
service nginx restart