This posting will descibe the installation process of Alfresco 6 on an Ubuntu Server.
The following prequeries are required:
- Working Ubuntu server (18.04.3 LTS) with access to the internet
- SSH or Terminal access to Ubuntu
On another version of Ubuntu the installation process will be similiar.
We will use the following locations:
- Installation path Alfresco 6: /usr/local/alfresco
- Data path where alfresco should store the repository content: /mnt/data/alfresco-data/
1. Install the requirements
Alfresco requires the following software on the destination system:
- Java JDK (we use OpenJDK)
- PostgreSQL Server & Client (for managing the database)
- ImageMagick
- LibreOffice
- FFmpeg
Installing Java JDK
sudo apt-get install openjdk-11-jre
sudo apt-get install openjdk-11-jdk
Installing PostgreSQL
sudo apt-get install postgresql
Installing the client:
sudo apt-get install postgresql-client
Set admin password for Postgresql:
sudo -u postgres psql
Set the password:
\password postgres
Display the data-directory:
SHOW data_directory;
Quit the client:
\
q
Create alfresco db user:
sudo -u postgres createuser -P -d alfresco
Enter the password twice.
Create alfresco database:
sudo -u postgres createdb -O alfresco alfresco
Installing ImageMagick
sudo apt-get install imagemagick imagemagick-doc
Installing LibreOffice
sudo apt-get install libreoffice libreoffice-l10n-de libreoffice-help-de
Installing FFmpeg
sudo apt-get install ffmpeg
2. Download and extract Tomcat
- Create an folder where Alfresco and tomcat should be installed, e.g.: /usr/local/alfresco/ (This is also the ‘root’ or ‘base’ folder of the alfresco instance)
- Create an folder where the content of alfresco should be stored, e.g.: /data/alfresco/
- Download an extract tomcat: https://docs.alfresco.com/community/tasks/alf-tomcat-install.html
3. Download and extract the alfresco system
- Download and extract Alfresco system: https://docs.alfresco.com/community/tasks/alf-tomcat-install.html
- Copy the extracted tomcat and alfresco folders to the folder where the application should resist.
4. Configure Alfresco
- Follow this guide to install Alfresco (Step 7 of installing tomcat application server can be skipped beacuse we do not use mutual TLS): https://docs.alfresco.com/community/tasks/alf-tomcat-install.html
- Install Alfrsco search services without mutual TLS: https://docs.alfresco.com/search-community/tasks/solr-install-withoutSSL.html
- Define the location for storing solr content in alfresco-search-services/solrhome/conf/shared.properties:
#solr content store location
solr.content.dir=/mnt/data/alfresco-data/alf_data/solr/contentstore
- Start solr:
./solr/bin/solr start -a "-Dcreate.alfresco.defaults=alfresco,archive
“ - To execute the apply_amps.sh script it is necessary to set the $JAVA_HOME variable:
export JAVA_HOME=/usr/lib/jvm/java-11-openjdk-amd64
- Configure alfresco-global.properties, use this file as template and modify it. Finally copy it to:
usr/local/alfresco/tomcat/shared/classes/
- Install/Deploy the amp files using the following command:
sh ./bin/apply_amps.sh
- Check if you have the appropriate folder structure in the root folder of alfresco:
|– alf_data
|– alfresco-pdf-renderer
|– alfresco-search-services
|– amps
|– amps_share
|– bin
|– licenses
|– modules
|– platform
|– share
|– tomcat
5. Test alfresco
- Test if solr is running: http://localhost:8983
- Start Tomcat by executing the following command from the tomcate directory:
./bin/startup.sh
- Open http://localhost:8080 and login (Default: admin/admin)
- Tail with
tail -f ./logs/catalina.out
the log files of tomcat - With
ps -ef | grep tomcat
you can see if an instance of tomcat is running - With
kill PID
you can kill tomcat - Share and alfresco are creating its own log files, called alfresco.log and share.log
- Configure the storage path of the log files of alfresco: https://blyx.com/2014/02/18/alfresco-tip-logs/
6. Put an apache server in front of alfresco
- Install apache:
sudo apt-get install apache2
- After installing Apache2, the commands below can be used to stop, start and enable Apache2 service to automatically start up everytime the server starts:
sudo systemctl stop apache2.service
sudo systemctl start apache2.service
sudo systemctl enable apache2.service
- Enable Apache2 Proxy Modules:
sudo a2enmod proxy
sudo a2enmod proxy_http
- Restart Apache:
sudo systemctl restart apache2.service
- Create a new site configuration in
/etc/apache2/sites-available/
with the namealfresco.conf
- Put the following configuration into the file:
<VirtualHost *:80>
ServerName alfresco.mydomain.com
ServerAlias alfresco
ServerAdmin webmaster@example.com
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combinedProxyRequests Off
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPass / http://127.0.0.1:8080/
ProxyPassReverse / http://127.0.0.1:8080/<Location />
Order allow,deny
Allow from all
</Location>
</VirtualHost>
- Save the file.
- Enable the configuration and restart apache2.service:
sudo a2ensite alfresco.conf
sudo systemctl restart apache2.service
- With
a2dissite
and the conf file you can remove a site configuration - Now alfresco is reachable form apache on port 80.
- Change the url and the port in
alfresco-global.properties
- Add the following settings to the tomcat connector in
server.xml
(/usr/local/alfresco/tomat/conf/):proxyName="files.nettania.net" proxyPort="443"
- Restart tomcat
7. Install SSL Certificate and reconfigure apache to use https
- Install modul ssl:
sudo a2enmod ssl
- Restart apache service:
sudo service apache2 restart
- Create a csr request and get the crt and the key from your SSL Provider (You can use the csr generator from your SSL provider)
- Put/Copy the crt and key file to (this is the default storage location for certifcates):
/etc/ssl/certs/
- Configure the virtual host to support ssl. Change the content of /etc/apache2/sites-available/alfresco.conf to:
<VirtualHost *:443>
SSLEngine on
SSLCertificateFile /etc/ssl/certs/alfresco_nettania_net.crt
SSLCertificateKeyFile /etc/ssl/certs/alfresco.nettania.net.keyServerName alfresco.nettania.net
ServerAlias alfresco
ServerAdmin Administrator@mydomain.com
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combinedProxyRequests Off
<Proxy *>
Order deny,allow
Allow from all
</Proxy>ProxyPass / http://127.0.0.1:8080/
ProxyPassReverse / http://127.0.0.1:8080/<Location />
Order allow,deny
Allow from all
</Location>
</VirtualHost>
- Change the connector in tomcat´s server.xml to the following configuration:
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
proxyName="alfresco.mydomain.com"
proxyPort="443"
scheme="https"
secure="true" />
With this configuration you can prevent the following problems:- Possible CSRF attack noted when asserting referer header
- The browser informs that some content might be not secure
- Restart Apache and tomcat and test the configuration
Links
- PostgreSQL: https://wiki.ubuntuusers.de/PostgreSQL/
- Setup apache2 Proxy server for Tomcat on Ubuntu: https://websiteforstudents.com/setup-apache2-proxy-server-for-tomcat-9-on-ubuntu-16-04-17-10-18-04/
- Instralling mod_SSL: https://wiki.ubuntuusers.de/Apache/mod_ssl/