Skip to Content
Last modified by Samuel Pelletier on 2022/05/04 13:12
Show last authors
1 (% class="auto-cursor-target" %)
2 \\
3
4 {{info}}
5 The packages will work on CentOS and RedHat Enterprise 5.x or 6.x, or Amazon Linux, with Apache httpd 2.2 or 2.4.
6 {{/info}}
7
8 Installing a deployment environment on platforms that uses RPM packages is now even easier than ever.
9
10 1. Install a JDK. You can install openjdk with Yum (//yum install java-1.6.0-openjdk//) or get the JDK from [[Oracle>>url:http://www.oracle.com/technetwork/java/index.html||shape="rect"]].
11 1. (((
12 Install the Yum repository of the WOCommunity like this:
13
14 {{code language="bash"}}
15 sudo curl -o /etc/yum.repos.d/wocommunity.repo https://raw.githubusercontent.com/wocommunity/wonder/master/Utilities/Linux/wocommunity.repo
16 {{/code}}
17
18 (% class="auto-cursor-target" %)
19 \\
20 )))
21 1. (((
22 Once it's done, you can use Yum to install wotaskd and JavaMonitor.
23
24 {{code language="bash"}}
25 sudo yum install wotaskd; sudo yum install womonitor;
26 {{/code}}
27
28 (% class="auto-cursor-target" %)
29 \\
30 )))
31 1. (((
32 To install the module for Apache httpd 2.2, run:
33
34 {{code language="bash"}}
35 sudo yum install woadaptor
36 {{/code}}
37
38 for Apache httpd 2.4:
39
40 {{code language="bash"}}
41 sudo yum install woadaptor-httpd24
42 {{/code}}
43
44 (% class="auto-cursor-target" %)
45 \\
46 )))
47 1. (((
48 If SELinux is enabled on your system, wotaskd won't be reachable due to its preventing Apache from opening TCP connections. If you're comfortable with allowing Apache to connect to any TCP ports (including external hosts), you can run the following:
49
50 {{code language="bash"}}
51 sudo setsebool -P httpd_can_network_connect=1
52 {{/code}}
53
54 \\
55
56 Alternatively, [[Steven Klassen>>url:http://www.mrxinu.com/||rel="nofollow" shape="rect" class="external-link"]] has written a blog post ([[Custom SELinux Port Access>>url:http://www.mrxinu.com/2013/06/07/custom-selinux-port-access/||rel="nofollow" shape="rect" class="external-link"]]) that outlines how to create and install a wotaskd SELinux module that specifically allows connections to port 1085.
57 )))
58
59 And you're done! When the packages are installed, the services are started automatically. JavaMonitor will be running on port 56789. Your Project Wonder applications goes into ///opt/Local/Library/WebObjects/Applications//.
60
61 If you wish to restart wotaskd or Monitor, startup scripts are located in ///etc/init.d//. You can use the //service// tool to stop or restart them:
62
63 {{code language="bash"}}
64 sudo /sbin/service wotaskd stop
65 sudo /sbin/service womonitor stop
66
67 {{/code}}
68
69 (replace //stop// with //restart// to restart them in one step).
70
71 When Monitor is started, it will report to the console that is available at address like "ip-10-212-110-28" but that is the **internal** address of the Amazon server. The **external** address, which you must use, is available in the AWS console, and of the form "ec2-xx-vv-zz-ww.compute-1.amazonaws.com".
72
73 {{warning}}
74 Don't forget to change the password in JavaMonitor after you made the installation!
75 {{/warning}}
76
77 == Notes on CentOS 7 64/ Apache 2.4 ==
78
79 The yum repositories for deployment artifacts is a little out of date, so these instructions are based on wonder source and compiling the adaptor on the target system.
80
81 ==== Compiling the Apache Adaptor ====
82
83 {{code language="bash" title="Compiling Apache 2.4 WebObjects Adaptor"}}
84 $ sudo yum install httpd httpd-devel
85 $ #I had to use: sudo yum install httpd24 httpd24-devel
86 $ # get the latest wonder source
87 $ git clone https://github.com/wocommunity/wonder.git
88 $ cd wonder/Utilities/Adaptors
89 $ # thanks to alextu for these commands to fix the make.config file
90 $ # (from his docker recipe)
91 $ sed -ri 's/ADAPTOR_OS = MACOS/ADAPTOR_OS = LINUX/g' make.config
92 $ sed -ri 's/ADAPTORS = CGI Apache2.2/ADAPTORS = Apache2.4/g' make.config
93 $ make
94 $ # If you get error about make not found, install dev tools
95 $ sudo yum install gcc make
96 $ # If you get error about redhat-hardened-cc1: No such file or directory
97 $ sudo yum install redhat-rpm-config
98 # #
99 $ # but the default on CentOS7 is /usr/lib64/httpd/modules
100 $ sudo cp Apache2.4/mod_WebObjects.so /usr/lib64/httpd/modules/
101 {{/code}}
102
103 ==== Configuring Apache for WebObjects ====
104
105 The standard apache.conf (found in the wonder source at wonder/Utilities/Adaptors/Apache2.4/apache.conf) should work fine. Here are a couple of modifications that worked for me:
106
107 The authorization for Apache changed between 2.2 and 2.4. If you're used to "Allow from all" or "Deny from all" you should know that Apache 2.4 syntax has changed so this is how those allows/denies work now. This is a mostly permissive structure restricting some of the verbs that are not used (We have some configs that allow PUT, DELETE, PROPFIND, etc... but they don'tcall me "Little Paranoid Larry" for nothing.
108
109 {{code language="xml" title="Apache Permissions Config"}}
110 WebObjectsAlias /cgi-bin/WebObjects
111 <Location /cgi-bin/WebObjects/>
112 <Limit GET POST OPTIONS >
113 Require all granted
114 </Limit>
115 Require all denied
116 </Location>
117 {{/code}}
118
119 ==== FirewallD ====
120
121 CentOS7 switched to using FirewallD from IP Tables. I've tried to understand firewalld and I'm actually digging it even though it's a big change from IP Tables. Useful info on Firewalld can be found at [[Linux firewalld information at Oracle>>url:http://oracle-base.com/articles/linux/linux-firewall-firewalld.php||shape="rect"]] or [[FirewallD at Fedora>>url:https://fedoraproject.org/wiki/FirewallD||shape="rect"]].
122
123 The cheat sheet commands that help get started are:
124
125 {{panel title="FirewallD Cheat Sheet"}}
126 getting help on the command line: {{code language="none"}}# firewall-cmd --help{{/code}}
127
128 checking the state of the firewall: {{code language="none"}}# firewall-cmd --state{{/code}}
129
130 panic: firewall-cmd ~-~-panic-on{{code language="none"}}# {{/code}}
131
132 stop panic:{{code language="none"}} # firewall-cmd --panic-off{{/code}}
133
134 set a service to a zone for runtime (not persistent) : {{code language="none"}}# {{/code}}{{code language="none"}}firewall-cmd --zone=public --add-service=https{{/code}}
135
136 set a service to a zone permanently: {{code language="none"}}# {{/code}}{{code language="none"}}firewall-cmd --permanent --zone=public --add-service=https{{/code}}
137
138 setup specific ports (like for WO instances) # firewall-cmd ~-~-zone=public ~-~-permanent ~-~-add-port=2000-2020/tcp{{code language="none"}}{{/code}}
139
140 reload the configuration: {{code language="none"}}# {{/code}}{{code language="none"}}firewall-cmd --reload{{/code}}
141
142 find out what services the zone thinks should be handled at runtime (or permanently) :{{code language="none"}} # {{/code}}{{code language="none"}}firewall-cmd (–permanent) --zone=public --list-services{{/code}}
143
144 go nuts and specify rules to within an inch of their lives: # firewall-cmd ~-~-permanent ~-~-zone=public ~-~-add-rich-rule="rule family="ipv4" source address="192.168.0.4/24" service name="http" accept"{{code language="none"}}{{/code}}
145 {{/panel}}
146
147 \\
148
149 ==== SELinux ====
150
151 As is mentioned in [[https:~~/~~/wiki.wocommunity.org/display/documentation/Installing+a+deployment+environment+on+RedHat,+CentOS+or+Amazon+Linux>>doc:documentation.Installing a deployment environment on RedHat, CentOS or Amazon Linux||shape="rect"]],
152 you can open up apache to network connections using the command:
153 \\
154
155 {{code language="bash" title="SELinux "}}
156 $ # make sure you have the policy utils (yum install policycoreutils-python)
157 $ sudo setsebool -P httpd_can_network_connect=1
158 {{/code}}
159
160
161 If you have additional problems with the SELinux configuration, check the context and ownership of files. More useful information on SELinux can be found at [[http:~~/~~/wiki.centos.org/HowTos/SELinux>>url:http://wiki.centos.org/HowTos/SELinux||shape="rect"]].