** The *user* Linux account is the account that you use to log onto the
Linux system as a regular user.
** The *root* Linux account is an account that has system administrator
- privileges. On Debian and Fedora you can switch to this account from
+ privileges. On Debian you can switch to this account from
your *user* account by issuing the `su -` command and entering the
password for the *root* account when prompted. On Ubuntu you can switch
to this account from your *user* account using the `sudo su -` command
of installing OpenSRF. You can switch to this account from the *root*
account by issuing the `su - opensrf` command.
+Download and unpack the code
+----------------------------
+
+Issue the following commands as the *user* Linux account.
+
+1. Acquire a stable release tarball from https://evergreen-ils.org/opensrf-downloads/
++
+[source, bash]
+------------------------------------------------------------------------------
+wget https://evergreen-ils.org/downloads/opensrf-OSRFVERSION.tar.gz
+------------------------------------------------------------------------------
++
+[NOTE]
+Developers can find the full source code at the OpenSRF Git repository:
+http://git.evergreen-ils.org/?p=OpenSRF.git
++
+2. Unpack the tarball, and move into that directory:
++
+[source, bash]
+------------------------------------------------------------------------------
+tar -xvf opensrf-OSRFVERSION.tar.gz
+cd opensrf-OSRFVERSION/
+------------------------------------------------------------------------------
+
Installing prerequisites
------------------------
On Debian and Ubuntu, the easiest way to install these prerequisites
is to use the Makefile.install prerequisite installer.
-Issue the following commands as the root user to install prerequisites
-using the Makefile.install prerequisite installer, substituting your
-operating system identifier for <osname> below:
+Issue the following commands as the *root* Linux account to install
+prerequisites using the Makefile.install prerequisite installer, substituting
+your operating system identifier for <osname> below:
+[source, bash]
---------------------------------------------------------------------------
apt-get install make
make -f src/extras/Makefile.install <osname>
Well-tested values for <osname> include:
- * `debian-wheezy` for Debian 7.0
- * `debian-squeeze` for Debian 6.0
- * `ubuntu-lucid` for Ubuntu 10.04
- * `ubuntu-precise` for Ubuntu 12.04
- * `fedora` for Fedora 17 and later
+ * `debian-buster` for Debian 10
+ * `debian-stretch` for Debian 9
+ * `debian-jessie` for Debian 8
+ * `ubuntu-xenial` for Ubuntu 16.04
+ * `ubuntu-bionic` for Ubuntu 18.04
Patches and suggestions for improvement from users of these distributions,
or others, are welcome!
[NOTE]
Skip this section if you are using an official release tarball downloaded
-from http://evergreen-ils.org/downloads
+from https://evergreen-ils.org/opensrf-downloads/
Developers working directly with the source code from the Git repository,
rather than an official release tarball, must install some extra packages
If you are building OpenSRF for Evergreen, issue the following commands as
the *user* Linux account to configure and build OpenSRF:
+[source, bash]
---------------------------------------------------------------------------
./configure --prefix=/openils --sysconfdir=/openils/conf
make
You can add the `--enable-python` option to the configure command
to build Python support and `--enable-java` for Java support.
+If you are planning on proxying WebSockets traffic (see below), you
+can add `--with-websockets-port=443` to specify that WebSockets traffic
+will be going through port 443. Without that option, the default port
+is 7682.
+
Installation instructions
-------------------------
example domains:
.Example added entries for `/etc/hosts`
+[source, bash]
---------------------------------------------------------------------------
127.0.1.2 public.localhost public
127.0.1.3 private.localhost private
Add `<PREFIX>/lib/` to the system's dynamic library path, and then run
`ldconfig` as the *root* Linux account.
-On Debian, Ubuntu, and Fedora systems, run the following commands as the *root*
+On Debian and Ubuntu systems, run the following commands as the *root*
Linux account:
.Adjusting the system dynamic library path
OpenSRF requires an XMPP (Jabber) server. For performance reasons, ejabberd is
the Jabber server of choice for the OpenSRF project. In most cases, you only
-have to make a few changes to the default `ejabberd.cfg` file to make ejabberd
+have to make a few changes to the default configuration file to make ejabberd
work for OpenSRF.
1. Stop ejabberd before making any changes to its configuration by issuing the
following command as the *root* Linux account:
+
-.(Debian / Ubuntu) Stopping ejabberd
+.(Debian / Ubuntu Xenial / Ubuntu Bionic) Stopping ejabberd
[source, bash]
---------------------------------------------------------------------------
-/etc/init.d/ejabberd stop
+systemctl stop ejabberd.service
---------------------------------------------------------------------------
+
-.(Fedora) Stopping ejabberd
+2. Edit the ejabberd config file.
++
+(Debian Jessie) Ejabberd 13.x and 14.x::
+Open `/etc/ejabberd/ejabberd.yml` and make the following
+changes:
+ a. Define your public and private domains in the `hosts` directive. For
+ example:
++
[source, bash]
---------------------------------------------------------------------------
-systemctl stop ejabberd.service
+hosts:
+ - "localhost"
+ - "private.localhost"
+ - "public.localhost"
---------------------------------------------------------------------------
+
-2. Open `/etc/ejabberd/ejabberd.cfg` and make the following
+ b. Change `shaper:` `normal` and `fast` values to 500000
+ c. Increase the `max_user_sessions:` `all:` value to 10000
+ d. Comment out the `mod_offline` directive
++
+-----------------------
+##mod_offline:
+ ##access_max_user_messages: max_user_offline_messages
+-----------------------
++
+(Debian Stretch / Ubuntu Xenial) Ejabberd 16.x::
+Open `/etc/ejabberd/ejabberd.yml` and make the following
changes:
a. Define your public and private domains in the `hosts` directive. For
example:
+
+[source, bash]
---------------------------------------------------------------------------
-{hosts, ["localhost", "private.localhost", "public.localhost"]}.
+hosts:
+ - "localhost"
+ - "private.localhost"
+ - "public.localhost"
---------------------------------------------------------------------------
+
- b. Comment out the `mod_offline` directive
- c. Increase the `max_user_sessions` value to 10000
- d. Change all `max_stanza_size` values to 2000000
- e. Change all `maxrate` values to 500000
+ b. Change `auth_password_format` to plain
+ c. Change `shaper:` `normal` and `fast` values to 500000
+ d. Increase the `max_user_sessions:` `all:` value to 10000
+ e. Comment out the `mod_offline` directive
+
-3. Restart the ejabberd server to make the changes take effect:
+-----------------------
+##mod_offline:
+ ##access_max_user_messages: max_user_offline_messages
+-----------------------
++
+(Debian Buster / Ubuntu Bionic) Ejabberd 18.x::
+Open `/etc/ejabberd/ejabberd.yml` and make the following
+changes:
+ a. Define your public and private domains in the `hosts` directive. For
+ example:
+
-.(Debian / Ubuntu) Starting ejabberd
[source, bash]
---------------------------------------------------------------------------
-/etc/init.d/ejabberd start
+hosts:
+ - "localhost"
+ - "private.localhost"
+ - "public.localhost"
---------------------------------------------------------------------------
+
-.(Fedora) Starting ejabberd
+ b. Change `starttls_required` to false
+ c. Change `auth_password_format` to plain
+ d. Change `shaper:` `normal` and `fast` values to 500000
+ e. Increase the `max_user_sessions:` `all:` value to 10000
+ f. Comment out the `mod_offline` directive
++
+-----------------------
+##mod_offline:
+ ##access_max_user_messages: max_user_offline_messages
+-----------------------
++
+ g. Uncomment or add the `mod_legacy_auth` directive under the `modules:` section
++
+-----------------------
+mod_legacy_auth: {}
+-----------------------
++
+3. Restart the ejabberd server to make the changes take effect:
++
+.(Debian / Ubuntu Xenial / Ubuntu Bionic) Starting ejabberd
[source, bash]
---------------------------------------------------------------------------
systemctl start ejabberd.service
to create your locally customizable OpenSRF configuration files:
+
.Copying the example OpenSRF configuration files
-[source,bash]
+[source, bash]
---------------------------------------------------------------------------
cd SYSCONFDIR
cp opensrf_core.xml.example opensrf_core.xml
To stop all OpenSRF services with a hostname of `localhost`, issue the
following command as the *opensrf* Linux account:
-[source,bash]
+[source, bash]
---------------------------------------------------------------------------
osrf_control --localhost --stop-all
---------------------------------------------------------------------------
command as the *opensrf* Linux account:
+
.Starting the `srfsh` interactive OpenSRF shell
-[source,bash]
+[source, bash]
---------------------------------------------------------------------------
srfsh
---------------------------------------------------------------------------
+
2. Issue the following request to test the `opensrf.math` service:
+
+[source, bash]
---------------------------------------------------------------------------
srfsh# request opensrf.math add 2,2
---------------------------------------------------------------------------
+
You should receive the value `4`.
+Websockets installation instructions
+------------------------------------
+
+1. Install websocketd (latest stable release from http://websocketd.com/)
++
+.(Debian, Ubuntu)
+[source,bash]
+---------------------------------------------------------------------------
+cd /tmp
+wget 'https://github.com/joewalnes/websocketd/releases/download/v0.3.0/websocketd-0.3.0-linux_amd64.zip'
+unzip websocketd-0.3.0-linux_amd64.zip
+sudo cp websocketd /usr/local/bin/
+---------------------------------------------------------------------------
++
+2. Run websocketd
++
+Choose option a or b, below.
++
+[NOTE]
+===========================================================================
+websocketd does not offer a configurable inactivity timeout, meaning
+websocket client connections will persist until each client disconnects
+or the service is restarted. However, a timeout can be achieved with
+the use of a proxy (option 'a' below). A proxy also allows websocketd
+to be exposed to web clients on port 443 instead of its internal port,
+which may simplify firewall configuration.
+===========================================================================
++
+a. Run websocketd as 'opensrf'
++
+[NOTE]
+===========================================================================
+This choice requires one of the proxy configurations mentioned below.
+===========================================================================
++
+.(Debian, Ubuntu)
+[source,bash]
+---------------------------------------------------------------------------
+/usr/local/bin/websocketd --port 7682 /openils/bin/osrf-websocket-stdio &
+
+# Other useful command line parameters include:
+# --loglevel debug|trace|access|info|error|fatal
+# --maxforks <n>
+# --sameorigin=true
+# --origin=host[:port][,host[:port]...]
+
+# See https://github.com/joewalnes/websocketd/blob/master/help.go
+---------------------------------------------------------------------------
++
+b. Run websocketd without a proxy
++
+.(Debian, Ubuntu)
+[source,bash]
+---------------------------------------------------------------------------
+sudo -b /usr/local/bin/websocketd --port 7682 --ssl --sslcert=/etc/apache2/ssl/server.crt \
+ --sslkey=/etc/apache2/ssl/server.key /openils/bin/osrf-websocket-stdio
+---------------------------------------------------------------------------
+
+Optional: Using a web proxy (Apache 2.4 and above)
+--------------------------------------------------
+When the OpenSRF HTTP Translator runs behind a proxy, Apache must be
+configured to read the IP address of the originating client instead
+of the proxy IP address.
+
+1. Enable mod_remoteip
++
+[source,bash]
+---------------------------------------------------------------------------
+sudo a2enmod remoteip
+---------------------------------------------------------------------------
++
+2. Enable remote IP settings by uncommenting and modifying as needed the
+ Apache configuration variables starting with RemoteIP* in the sample Apache
+ configuration file opensrf.conf.
++
+3. Configure Apache to listen on port 7080 for HTTP and port 7443 for HTTPS
+ and ensure that it is not listening on ports 80 and 443, then restart Apache.
++
+4. If you didn't run `configure` with the `--with-websockets-port=443` option,
+ edit `<PREFIX>/javascript/opensrf_ws.js` and `<PREFIX>/javascript/opensrf_ws_shared.js`
+ and change
++
+[source, javascript]
+---------------------------------------------------------------------------
+var WEBSOCKET_PORT_SSL = 7682;
+---------------------------------------------------------------------------
++
+to
++
+[source, javascript]
+---------------------------------------------------------------------------
+var WEBSOCKET_PORT_SSL = 443;
+---------------------------------------------------------------------------
+
+
+Optional: Using NGINX as a proxy
+--------------------------------
+NGINX can be used to proxy HTTP, HTTPS, and WebSockets traffic. Among other
+reasons, this can be useful for Evergreen setups that want to have both
+HTTPS and secure WebSockets traffic both go through port 443 while using
+two Apache instances (one for the WebSockets gateway and one for the more
+memory-intensive TPAC pages).
+
+The following instructions are a guide for setting this up on Debian
+and Ubuntu systems, but expect general familiarity with various system
+administration and network tasks. The steps should be run as the *root*
+Linux account, and assume that you already followed the instructions
+for installing WebSockets support.
+
+1. Install NGINX if not already present:
++
+[source, bash]
+---------------------------------------------------------------------------
+apt-get install nginx
+---------------------------------------------------------------------------
++
+2. Copy the example NGINX configuration file into place and remove default.
++
+[source, bash]
+---------------------------------------------------------------------------
+cd /path/to/opensrf-OSRFVERSION
+cp examples/nginx/osrf-ws-http-proxy /etc/nginx/sites-available/
+ln -s /etc/nginx/sites-available/osrf-ws-http-proxy /etc/nginx/sites-enabled/osrf-ws-http-proxy
+rm /etc/nginx/sites-enabled/default
+---------------------------------------------------------------------------
++
+3. Edit `/etc/nginx/sites-available/osrf-ws-http-proxy` to set the location
+ of the SSL certificate and private key.
+4. Generate a dhparam file in the directory specified in the nginx config.
++
+[source, bash]
+---------------------------------------------------------------------------
+# Default config stores dhparam.pem in the Apache2 ssl directory.
+openssl dhparam -out /etc/apache2/ssl/dhparam.pem 2048
+---------------------------------------------------------------------------
++
+5. Start NGINX
++
+[source, bash]
+---------------------------------------------------------------------------
+/etc/init.d/nginx start
+---------------------------------------------------------------------------
+
+Optional: Using HAProxy as a proxy
+----------------------------------
+HAProxy can also be used to proxy HTTP, HTTPS, and WebSockets traffic
+as an alternative to NGINX.
+
+The following instructions are a guide for setting this up on Debian
+and Ubuntu systems, but expect general familiarity with various system
+administration and network tasks. The steps should be run as the *root*
+Linux account, and assume that you already followed the instructions
+for installing WebSockets support.
+
+1. Install HAProxy if not already present:
++
+[source, bash]
+---------------------------------------------------------------------------
+apt-get install haproxy
+---------------------------------------------------------------------------
++
+2. Append the example HAProxy to `haproxy.cfg`.
++
+[source, bash]
+---------------------------------------------------------------------------
+cd /path/to/opensrf-OSRFVERSION
+cat examples/haproxy/osrf-ws-http-proxy >> /etc/haproxy/haproxy.cfg
+---------------------------------------------------------------------------
++
+3. Edit `/etc/haproxy/haproxy.cfg` to set the location
+ of the PEM file containing the SSL certificate and private key.
+4. Start HAProxy.
++
+[source, bash]
+---------------------------------------------------------------------------
+/etc/init.d/haproxy start
+---------------------------------------------------------------------------
+
Troubleshooting note for Python users
-------------------------------------
entry for localhost, and point your local DNS resolver to `dnsmasq`. For example,
on Ubuntu you can issue the following commands as the *root* Linux account:
-.(Debian / Ubuntu) Installing and starting `dnsmasq`
+.Installing and starting `dnsmasq`
[source, bash]
---------------------------------------------------------------------------
aptitude install dnsmasq
------------
Need help installing or using OpenSRF? Join the mailing lists at
-http://evergreen-ils.org/listserv.php or contact us on the Freenode
-IRC network on the #evergreen channel.
+http://evergreen-ils.org/communicate/mailing-lists/ or contact us
+on the Freenode IRC network on the #evergreen channel.