AcuGIS
/
QuartzMap
1
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
QuartzMap/docs/source/install.rst

335 lines
9.8 KiB
ReStructuredText
Raw Blame History

Install
=======
GeoSync is installed using the included installation script.
The script will attempt to provision an SSL certificate using Certbot.
Ensure that your hostname is properly set. If not set the hostname using 'hostnamectl set-hostname domain.com'
Basic Install
------------
Clone the repository::
git clone https://git.acugis.com/AcuGIS/GeoSync.git
Change to the GeoSync directory::
cd GeoSync
Execute the scripts in order::
$ ./installer/postgres.sh
$ ./installer/app-install.sh
Upon completion, you should see the message below::
Backend installation is finished.
Complete Setup
--------------
Go to https://domain.com/admin.setup.php to complete the installation.
.. image:: images/installer-2.png
Populate the required fields with whatever values you want to use.
Manual Installation on Ubuntu 22
------------
Install PostgreSQL with PostGIS
------------------------------------------
QuartzMap requires PostgreSQL with PostGIS.
If you do not already have it installed, install it now.
.. code-block:: bash
#!/bin/bash -e
PG_VER='16'
PG_PASS=$(< /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c32);
function install_postgresql(){
RELEASE=$(lsb_release -cs)
#3. Install PostgreSQL
echo "deb http://apt.postgresql.org/pub/repos/apt/ ${RELEASE}-pgdg main" > /etc/apt/sources.list.d/pgdg.list
wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | apt-key add -
apt-get update -y || true
apt-get install -y postgresql-${PG_VER} postgresql-client-${PG_VER} postgresql-contrib-${PG_VER} \
python3-postgresql postgresql-plperl-${PG_VER} \
postgresql-pltcl-${PG_VER} postgresql-${PG_VER}-postgis-3 \
odbc-postgresql libpostgresql-jdbc-java
if [ ! -f /usr/lib/postgresql/${PG_VER}/bin/postgres ]; then
echo "Error: Get PostgreSQL version"; exit 1;
fi
ln -sf /usr/lib/postgresql/${PG_VER}/bin/pg_config /usr/bin
ln -sf /var/lib/postgresql/${PG_VER}/main/ /var/lib/postgresql
ln -sf /var/lib/postgresql/${PG_VER}/backups /var/lib/postgresql
systemctl start postgresql
#5. Set postgres Password
if [ $(grep -m 1 -c 'pg pass' /root/auth.txt) -eq 0 ]; then
sudo -u postgres psql 2>/dev/null -c "alter user postgres with password '${PG_PASS}'"
echo "pg pass: ${PG_PASS}" > /root/auth.txt
fi
#4. Add Postgre variables to environment
if [ $(grep -m 1 -c 'PGDATA' /etc/environment) -eq 0 ]; then
cat >>/etc/environment <<CMD_EOF
PGDATA=/var/lib/postgresql/${PG_VER}/main
CMD_EOF
fi
#6. Configure ph_hba.conf
cat >/etc/postgresql/${PG_VER}/main/pg_hba.conf <<CMD_EOF
local all all trust
host all all 127.0.0.1 255.255.255.255 trust
host all all 0.0.0.0/0 scram-sha-256
host all all ::1/128 scram-sha-256
hostssl all all 127.0.0.1 255.255.255.255 scram-sha-256
hostssl all all 0.0.0.0/0 scram-sha-256
hostssl all all ::1/128 scram-sha-256
CMD_EOF
sed -i.save "s/.*listen_addresses.*/listen_addresses = '*'/" /etc/postgresql/${PG_VER}/main/postgresql.conf
sed -i.save "s/.*ssl =.*/ssl = on/" /etc/postgresql/${PG_VER}/main/postgresql.conf
#10. Create Symlinks for Backward Compatibility from PostgreSQL 9 to PostgreSQL 8
#ln -sf /usr/pgsql-9.4/bin/pg_config /usr/bin
mkdir -p /var/lib/pgsql
ln -sf /var/lib/postgresql/${PG_VER}/main /var/lib/pgsql
ln -sf /var/lib/postgresql/${PG_VER}/backups /var/lib/pgsql
#create SSL certificates
if [ ! -f /var/lib/postgresql/${PG_VER}/main/server.key -o ! -f /var/lib/postgresql/${PG_VER}/main/server.crt ]; then
SSL_PASS=$(< /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c32);
if [ $(grep -m 1 -c 'ssl pass' /root/auth.txt) -eq 0 ]; then
echo "ssl pass: ${SSL_PASS}" >> /root/auth.txt
else
sed -i.save "s/ssl pass:.*/ssl pass: ${SSL_PASS}/" /root/auth.txt
fi
openssl genrsa -des3 -passout pass:${SSL_PASS} -out server.key 2048
openssl rsa -in server.key -passin pass:${SSL_PASS} -out server.key
chmod 400 server.key
openssl req -new -key server.key -days 3650 -out server.crt -passin pass:${SSL_PASS} -x509 -subj '/C=CA/ST=Frankfurt/L=Frankfurt/O=acuciva-de.com/CN=acuciva-de.com/emailAddress=info@acugis.com'
chown postgres.postgres server.key server.crt
mv server.key server.crt /var/lib/postgresql/${PG_VER}/main
fi
systemctl restart postgresql
}
function install_webmin(){
echo "deb http://download.webmin.com/download/repository sarge contrib" > /etc/apt/sources.list.d/webmin.list
wget --quiet -qO - http://www.webmin.com/jcameron-key.asc | apt-key add -
apt-get -y update
apt-get -y install webmin
}
touch /root/auth.txt
export DEBIAN_FRONTEND=noninteractive
add-apt-repository -y universe
apt-get -y update || true
apt-get -y install wget unzip
install_postgresql;
#!/bin/bash -e
APP_DB='q2w'
APP_DB_PASS=$(< /dev/urandom tr -dc _A-Za-z0-9 | head -c32);
DATA_DIR='/var/www/data'
CACHE_DIR='/var/www/cache'
APPS_DIR='/var/www/html/apps'
# 1. Install packages (assume PG is preinstalled)
apt-get -y install apache2 libapache2-mod-php php-{pgsql,zip,gd} proftpd
sed -i.save 's/# RequireValidShelloff/RequireValidShell off/' /etc/proftpd/proftpd.conf
sed -i.save 's/#DefaultRoot~/DefaultRoot ~/' /etc/proftpd/proftpd.conf
systemctl enable proftpd
systemctl restart proftpd
# 2. Create db
su postgres <<CMD_EOF
createdb ${APP_DB}
createuser -sd ${APP_DB}
psql -c "alter user ${APP_DB} with password '${APP_DB_PASS}'"
psql -c "ALTER DATABASE ${APP_DB} OWNER TO ${APP_DB}"
CMD_EOF
echo "${APP_DB} pass: ${APP_DB_PASS}" >> /root/auth.txt
mkdir -p "${APPS_DIR}"
mkdir -p "${CACHE_DIR}"
mkdir -p "${DATA_DIR}"
chown -R www-data:www-data "${APPS_DIR}"
chown -R www-data:www-data "${CACHE_DIR}"
chown -R www-data:www-data "${DATA_DIR}"
cat >admin/incl/const.php <<CAT_EOF
<?php
define("DB_HOST", "localhost");
define("DB_NAME", "${APP_DB}");
define("DB_USER", "${APP_DB}");
define("DB_PASS", "${APP_DB_PASS}");
define("DB_PORT", 5432);
define("DB_SCMA", 'public');
define("APPS_DIR", "${APPS_DIR}");
define("CACHE_DIR", "${APPS_DIR}");
define("DATA_DIR", "${DATA_DIR}");
?>
CAT_EOF
systemctl restart apache2
# create group for all FTP users
groupadd qatusers
# install ftp user creation script
for f in create delete; do
cp installer/${f}_ftp_user.sh /usr/local/bin/
chown www-data:www-data /usr/local/bin/${f}_ftp_user.sh
chmod 0550 /usr/local/bin/${f}_ftp_user.sh
done
cat >/etc/sudoers.d/q2w <<CAT_EOF
www-data ALL = NOPASSWD: /usr/local/bin/create_ftp_user.sh, /usr/local/bin/delete_ftp_user.sh
CAT_EOF
.. note:: If you want to quickly install and test Lizmap Web Client in a few steps, you can follow those
`instructions <https://github.com/3liz/lizmap-docker-compose>`_ using Docker and Docker-Compose.
.. note:: In Debian distributions, you can work as administrator (log in with ``root``), without using ``sudo`` on contrary to Ubuntu.
Configuration with Apache server
------------
This documentation provides an example for configuring a server with the Debian 11 distribution. We assume you have base system installed and updated.
.. warning:: This page does not describe how to secure your Nginx server. It's just for a demonstration.
Configure Locales
-----------------
For simplicity, it is interesting to configure the server with UTF-8 default encoding.
.. code-block:: bash
# configure locales
locale-gen fr_FR.UTF-8 #replace fr with your language
dpkg-reconfigure locales
# define your timezone [useful for logs]
dpkg-reconfigure tzdata
apt install ntp ntpdate
.. note:: It is also necessary configure the other software so that they are using this default encoding if this is not the case.
Installing necessary packages
-----------------------------
.. warning:: Lizmap web client 3.6 is based on Jelix 1.8. You must install at least the **7.4** version of PHP. The **dom**, **simplexml**, **pcre**, **session**, **tokenizer** and **spl** extensions are required (they are generally turned on in a standard PHP 7/8 installation)
.. code-block:: bash
sudo su # only necessary if you are not logged in as root
apt update # update packages list
apt install curl openssl libssl1.1 nginx-full nginx nginx-common
On Debian 11 or Ubuntu 20.04 LTS, install these packages:
.. code-block:: bash
apt-get -y install apache2 libapache2-mod-php php-{pgsql,zip,gd} proftpd DAVID
Web configuration
-----------------
Create a new file /etc/nginx/sites-available/lizmap.conf:
.. code-block:: nginx
server {
listen 80;
server_name localhost;
root /var/www/html/lizmap;
index index.php index.html index.htm;
# compression setting
gzip_vary on;
gzip_proxied any;
gzip_comp_level 5;
gzip_min_length 100;
gzip_http_version 1.1;
gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript text/json;
location / {
try_files $uri $uri/ =404;
}
location ~ [^/]\.php(/|$) {
fastcgi_split_path_info ^(.+\.php)(/.*)$;
set $path_info $fastcgi_path_info; # because of bug http://trac.nginx.org/nginx/ticket/321
try_files $fastcgi_script_name =404;
include fastcgi_params;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $path_info;
fastcgi_param PATH_TRANSLATED $document_root$path_info;
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
fastcgi_param SERVER_NAME $http_host;
}
}
You should declare the lizmap.local domain name somewhere (in your /etc/hosts,
or into your DNS..), or replace it by your own domain name.
Enable the virtual host you just created:
.. code-block:: bash
ln -s /etc/nginx/sites-available/lizmap.conf /etc/nginx/sites-enabled/lizmap.conf
Restart Nginx
-------------
You must restart the Nginx server to validate the configuration.
.. code-block:: bash
service nginx restart
Reference in New Issue View Git Blame Copy Permalink