** The *user* Linux account is the account that you use to log onto the
Linux system as a regular user.
** The *root* Linux account is an account that has system administrator
- privileges. On Debian and Fedora you can switch to this account from
+ privileges. On Debian you can switch to this account from
your *user* account by issuing the `su -` command and entering the
password for the *root* account when prompted. On Ubuntu you can switch
to this account from your *user* account using the `sudo su -` command
Well-tested values for <osname> include:
- * `debian-jessie` for Debian 8.0
- * `debian-wheezy` for Debian 7.0
+ * `debian-stretch` for Debian 9
+ * `debian-jessie` for Debian 8
* `ubuntu-trusty` for Ubuntu 14.04
* `ubuntu-xenial` for Ubuntu 16.04
- * `fedora` for Fedora 17 and later
+ * `ubuntu-bionic` for Ubuntu 18.04
Patches and suggestions for improvement from users of these distributions,
or others, are welcome!
You can add the `--enable-python` option to the configure command
to build Python support and `--enable-java` for Java support.
+If you are planning on proxying WebSockets traffic (see below), you
+can add `--with-websockets-port=443` to specify that WebSockets traffic
+will be going through port 443. Without that option, the default port
+is 7682.
+
Installation instructions
-------------------------
Add `<PREFIX>/lib/` to the system's dynamic library path, and then run
`ldconfig` as the *root* Linux account.
-On Debian, Ubuntu, and Fedora systems, run the following commands as the *root*
+On Debian and Ubuntu systems, run the following commands as the *root*
Linux account:
.Adjusting the system dynamic library path
1. Stop ejabberd before making any changes to its configuration by issuing the
following command as the *root* Linux account:
+
-.(Debian / Ubuntu Trusty) Stopping ejabberd
+.(Ubuntu Trusty) Stopping ejabberd
[source, bash]
---------------------------------------------------------------------------
/etc/init.d/ejabberd stop
---------------------------------------------------------------------------
+
-.(Fedora / Ubuntu Xenial) Stopping ejabberd
+.(Debian / Ubuntu Xenial / Ubuntu Bionic) Stopping ejabberd
[source, bash]
---------------------------------------------------------------------------
systemctl stop ejabberd.service
+
2. Edit the ejabberd config file.
+
-(Debian Wheezy / Ubuntu Trusty) Ejabberd 2.x.x::
+(Ubuntu Trusty) Ejabberd 2.x.x::
Open `/etc/ejabberd/ejabberd.cfg` and make the following
changes:
a. Define your public and private domains in the `hosts` directive. For
##access_max_user_messages: max_user_offline_messages
-----------------------
+
-(Ubuntu Xenial) Ejabberd 16.x::
+(Debian Stretch / Ubuntu Xenial) Ejabberd 16.x::
Open `/etc/ejabberd/ejabberd.yml` and make the following
changes:
a. Define your public and private domains in the `hosts` directive. For
##access_max_user_messages: max_user_offline_messages
-----------------------
+
+(Ubuntu Bionic) Ejabberd 18.x::
+Open `/etc/ejabberd/ejabberd.yml` and make the following
+changes:
+ a. Define your public and private domains in the `hosts` directive. For
+ example:
++
+[source, bash]
+---------------------------------------------------------------------------
+hosts:
+ - "localhost"
+ - "private.localhost"
+ - "public.localhost"
+---------------------------------------------------------------------------
++
+ b. Change `auth_password_format` to plain
+ c. Change `shaper:` `normal` and `fast` values to 500000
+ d. Increase the `max_user_sessions:` `all:` value to 10000
+ e. Change `starttls_required` to false
+ f. Uncomment the `mod_legacy_auth` directive
+ g. Comment out the `mod_offline` directive
++
+-----------------------
+##mod_offline:
+ ##access_max_user_messages: max_user_offline_messages
+-----------------------
++
3. Restart the ejabberd server to make the changes take effect:
+
-.(Debian / Ubuntu Trusty) Starting ejabberd
+.(Ubuntu Trusty) Starting ejabberd
[source, bash]
---------------------------------------------------------------------------
/etc/init.d/ejabberd start
---------------------------------------------------------------------------
+
-.(Fedora / Ubuntu Xenial) Starting ejabberd
+.(Debian / Ubuntu Xenial / Ubuntu Bionic) Starting ejabberd
[source, bash]
---------------------------------------------------------------------------
systemctl start ejabberd.service
+
You should receive the value `4`.
-Optional: Websockets installation instructions
-----------------------------------------------
+Websockets installation instructions: Option #1 Apache
+-------------------------------------------------------
Websockets are new to OpenSRF 2.4+ and are required for operating the new web-based
staff client for Evergreen. Complete the following steps as the *root* Linux
account:
3. Create the websocket Apache instance (more information about this in
`/usr/share/doc/apache2/README.multiple-instances`)
+
-.(Debian)
-[source, bash]
----------------------------------------------------------------------------
-sh /usr/share/doc/apache2.2-common/examples/setup-instance websockets
----------------------------------------------------------------------------
-+
-.(Ubuntu Trusty / Xenial)
[source, bash]
---------------------------------------------------------------------------
sh /usr/share/doc/apache2/examples/setup-instance websockets
5. Change to the directory into which you unpacked OpenSRF, then copy into
place the config files
+
-.(Debian)
-[source, bash]
----------------------------------------------------------------------------
-cd /path/to/opensrf-OSRFVERSION
-cp examples/apache2/websockets/apache2.conf /etc/apache2-websockets/
----------------------------------------------------------------------------
-+
-.(Ubuntu Trusty / Xenial)
[source, bash]
---------------------------------------------------------------------------
cd /path/to/opensrf-OSRFVERSION
/etc/init.d/apache2-websockets start
---------------------------------------------------------------------------
+Websockets installation instructions: Option #2 Websocketd
+----------------------------------------------------------
+
+1. Install websocketd (latest stable release from http://websocketd.com/)
++
+.(Debian, Ubuntu)
+[source,bash]
+---------------------------------------------------------------------------
+cd /tmp
+wget 'https://github.com/joewalnes/websocketd/releases/download/v0.3.0/websocketd-0.3.0-linux_amd64.zip'
+unzip websocketd-0.3.0-linux_amd64.zip
+sudo cp websocketd /usr/local/bin/
+---------------------------------------------------------------------------
++
+2. Run websocketd
++
+Choose option a or b, below.
++
+a. Run websocketd as 'opensrf'
++
+[NOTE]
+===========================================================================
+This choice requires one of the proxy configurations mentioned below.
+===========================================================================
++
+.(Debian, Ubuntu)
+[source,bash]
+---------------------------------------------------------------------------
+/usr/local/bin/websocketd --port 7682 /openils/bin/osrf-websocket-stdio &
+
+# Other useful command line parameters include:
+# --loglevel debug|trace|access|info|error|fatal
+# --maxforks <n>
+# --sameorigin=true
+# --origin=host[:port][,host[:port]...]
+
+# See https://github.com/joewalnes/websocketd/blob/master/help.go
+---------------------------------------------------------------------------
++
+b. Run websocketd without a proxy
++
+.(Debian, Ubuntu)
+[source,bash]
+---------------------------------------------------------------------------
+sudo -b /usr/local/bin/websocketd --port 7682 --ssl --sslcert=/etc/apache2/ssl/server.crt \
+ --sslkey=/etc/apache2/ssl/server.key /openils/bin/osrf-websocket-stdio
+---------------------------------------------------------------------------
+
Optional: Using NGINX as a proxy
--------------------------------
NGINX can be used to proxy HTTP, HTTPS, and WebSockets traffic. Among other
The following instructions are a guide for setting this up on Debian
and Ubuntu systems, but expect general familiarity with various system
-administration and netwrok tasks. The steps should be run as the *root*
+administration and network tasks. The steps should be run as the *root*
Linux account, and assume that you already followed the instructions
for installing WebSockets support.
-1. Install NGINX if not already present:
+1. Configure the main Apache instance to listen on port 7080 for HTTP and
+ port 7443 for HTTPS and ensure that it is not listening on ports 80
+ and 443, then restart Apache.
++
+2. Install NGINX if not already present:
+
[source, bash]
---------------------------------------------------------------------------
apt-get install nginx
---------------------------------------------------------------------------
+
-2. Configure the main Apache instance to listen on port 7080 for HTTP and
- port 7443 for HTTPS and ensure that it is not listening on ports 80
- and 443, then restart Apache.
-3. Copy the example NGINX configuration file into place.
+3. Copy the example NGINX configuration file into place and remove default.
+
[source, bash]
---------------------------------------------------------------------------
cd /path/to/opensrf-OSRFVERSION
cp examples/nginx/osrf-ws-http-proxy /etc/nginx/sites-available/
ln -s /etc/nginx/sites-available/osrf-ws-http-proxy /etc/nginx/sites-enabled/osrf-ws-http-proxy
+rm /etc/nginx/sites-enabled/default
---------------------------------------------------------------------------
+
4. Edit `/etc/nginx/sites-available/osrf-ws-http-proxy` to set the location
/etc/init.d/nginx start
---------------------------------------------------------------------------
+
-6. Edit `<PREFIX>/javascript/opensrf_ws.js` and `<PREFIX>/javascript/opensrf_ws_shared.js`
+6. If you didn't run `configure` with the `--with-websockets-port=443` option,
+edit `<PREFIX>/javascript/opensrf_ws.js` and `<PREFIX>/javascript/opensrf_ws_shared.js`
and change
+
[source, javascript]
var WEBSOCKET_PORT_SSL = 443;
---------------------------------------------------------------------------
+Optional: Using HAProxy as a proxy
+----------------------------------
+HAProxy can also be used to proxy HTTP, HTTPS, and WebSockets traffic
+as an alternative to NGINX.
+
+The following instructions are a guide for setting this up on Debian
+and Ubuntu systems, but expect general familiarity with various system
+administration and network tasks. The steps should be run as the *root*
+Linux account, and assume that you already followed the instructions
+for installing WebSockets support.
+
+1. Install HAProxy if not already present:
++
+[source, bash]
+---------------------------------------------------------------------------
+apt-get install haproxy
+---------------------------------------------------------------------------
++
+2. Configure the main Apache instance to listen on port 7080 for HTTP and
+ port 7443 for HTTPS and ensure that it is not listening on ports 80
+ and 443, then restart Apache.
+3. Append the example HAProxy to `haproxy.cfg`.
++
+[source, bash]
+---------------------------------------------------------------------------
+cd /path/to/opensrf-OSRFVERSION
+cat examples/haproxy/osrf-ws-http-proxy >> /etc/haproxy/haproxy.cfg
+---------------------------------------------------------------------------
++
+4. Edit `/etc/haproxy/haproxy.cfg` to set the location
+ of the PEM file containing the SSL certificate and private key.
+5. Start HAProxy.
++
+[source, bash]
+---------------------------------------------------------------------------
+/etc/init.d/haproxy start
+---------------------------------------------------------------------------
++
+6. Edit `<PREFIX>/javascript/opensrf_ws.js` and `<PREFIX>/javascript/opensrf_ws_shared.js`
+ and change
++
+[source, javascript]
+---------------------------------------------------------------------------
+var WEBSOCKET_PORT_SSL = 7682;
+---------------------------------------------------------------------------
++
+to
++
+[source, javascript]
+---------------------------------------------------------------------------
+var WEBSOCKET_PORT_SSL = 443;
+---------------------------------------------------------------------------
Troubleshooting note for Python users
-------------------------------------
entry for localhost, and point your local DNS resolver to `dnsmasq`. For example,
on Ubuntu you can issue the following commands as the *root* Linux account:
-.(Debian / Ubuntu) Installing and starting `dnsmasq`
+.Installing and starting `dnsmasq`
[source, bash]
---------------------------------------------------------------------------
aptitude install dnsmasq
projects / opensrf-equinox.git / blobdiff