├── README.md ├── alfinstall.sh ├── nginx ├── alfresco.conf ├── alfresco.conf.ssl ├── basic-settings.conf ├── letsencrypt │ ├── example.com.conf │ ├── letsencrypt.sh │ └── nginx.conf.snippet ├── maintenance.html └── nginx.conf ├── scripts ├── alfresco-iptables.conf ├── alfresco-iptables.service ├── alfresco-service.sh ├── ams.sh ├── apply.sh ├── createssl.sh ├── iptables.sh ├── libreoffice.sh ├── limitconvert.sh ├── mariadb.sh ├── mysql.sh └── postgresql.sh ├── search ├── alfresco-search.service ├── shared.properties └── solr.in.sh └── tomcat ├── alfresco-global.properties ├── alfresco.conf ├── alfresco.service ├── alfresco.xml ├── catalina.properties ├── context.xml ├── server.xml ├── share-config-custom.xml ├── share.xml └── tomcat-users.xml /README.md: -------------------------------------------------------------------------------- 1 | [](https://loftux.com?ref=ubuntuinstall) 2 | 3 | Alfresco Ubuntu Installer 4 | ======================= 5 | 6 | This install script and guide was created by Peter Löfgren, [Loftux AB](http://loftux.com). 7 | 8 | Please visit [https://loftux.com](https://loftux.com/en/?ref=ubuntuinstall "loftux.com") (English) [https://loftux.se](https://loftux.se/sv?ref=ubuntuinstall "loftux.se") (Swedish) for more information. 9 | 10 | 11 | Current version : **Alfresco Community 6.1 (6.1.1 Repository,6.1.0 Share)** or **LXCommunity ECM LX101** 12 | Ubuntu Version : **16.04** or later. 13 | 14 | Alfresco script based install for Ubuntu servers. 15 | ---------------------------- 16 | 17 | This script will help you set up an Alfresco server instance with all necessary third party components. Some will be installed via Ubuntu packages, some directly downloaded. The script will walk you through the process. In the end, there will be some manual tasks to complete the installation. 18 | 19 | Alfresco does have installers for Linux, and you may be better off with using those installers if you just want to do a quick test install. 20 | 21 | If you intend to run Alfresco in production, this script can help you both with the install. *By examining what the script does, you can also learn what components are involved running an Alfresco instance.* This is a must for any Alfresco administrator who runs Alfresco in production. 22 | 23 | For commercial support with your installation, upgrades and running a production server, contact [Loftux AB](https://loftux.com/contact) (Worldwide). 24 | 25 | 26 | 27 | Installing 28 | ---- 29 | To start the install, in Ubuntu terminal run; 30 | 31 | ``` 32 | curl -O https://raw.githubusercontent.com/loftuxab/alfresco-ubuntu-install/master/alfinstall.sh 33 | chmod u+x alfinstall.sh 34 | ./alfinstall.sh 35 | ``` 36 | 37 | All install options will be presented with an introduction. They default to 'y' (yes), so type n to skip install of that component. You need **sudo** access to install. 38 | 39 | Please read all of this README before you go ahead. 40 | 41 | There is also lots of documentation at [http://docs.alfresco.com/5.1](http://docs.alfresco.com/5.1). To get started to become an Alfresco server Administrator, read and make yourself familiar with the 'Administering' section. 42 | 43 | ## Notes 44 | - Only 64-bit Ubuntu is supported. Java cannot address enough memory to support running Alfresco on a 32-bit system. 45 | - Many components have their download urls pointed to specific version. Whenever a new version comes out, the older version is removed from the download server and this script breaks. These will be updated as soon as they are made known. This is known to happen with LibreOffice and Tomcat. The script will check if the needed components are available and break if they are not. 46 | 47 | More on the components/installation steps. 48 | ======= 49 | Once the script is downloaded you can modify (if necessary) it to fit your purpose. 50 | 51 | LXCommunity ECM 52 | -------- 53 | You will be asked to select if you want to install LXCommunity ECM or Alfresco Community. 54 | 55 | LXCommunity ECM is a custom build of Alfresco with additional fixes and enhancements and for which you can optionally buy support. You can find more information on this offering at [https://loftux.com/alfresco](https://loftux.se/en/products-and-add-ons/alfresco?ref=ubuntuinstalloffer). 56 | You can switch between Alfresco Community or LXCommunity ECM as long as they are based on the same schema, see [version overview](https://loftux.se/en/products-and-add-ons/alfresco/alfresco-versions). 57 | 58 | 59 | Alfresco User 60 | -------- 61 | The Alfresco user is the server account used to run tomcat. You should never run tomcat as `root`, so if you do not already have the alfresco (default in the install script) user, you should add the alfresco user. 62 | 63 | In this part of the install is also an update to make sure a specific locale is supported (`default sv_SE.utf8`). This is useful for LibreOffice date formatting to work correctly during transformations. 64 | 65 | Limits 66 | -------- 67 | Ubuntu default for number of allowed open files in the file system is too low for alfresco use and tomcat may because of this stop with the error "too many open files". You should update this value if you have not done so. 68 | 69 | Read more at [http://wiki.alfresco.com/wiki/Too_many_open_files](http://wiki.alfresco.com/wiki/Too_many_open_files). 70 | 71 | Starting/Stopping Alfresco and Search Services 72 | -------- 73 | Tomcat is the java application server used to actually run Alfresco. The script downloads the latest version of Tomcat 8, and then updates its configuration files to better support running Alfresco. 74 | 75 | Ubuntu systemd is used to stop and start tomcat. You **must** have a look and verify settings; 76 | `/opt/alfresco/alfresco-service.sh` 77 | 78 | Edit locale setting (LC_ALL) and the memory settings in this file to match your server. 79 | 80 | About memory, it has default max set to 2G. That is good enough if you have about 5 users. So add more ram (and then some) to your server, update then Xmx setting in alfresco.conf. Your Alfresco instance will run much smoother. 81 | 82 | You will be presented with the option to add either MySql or Postgresql jdbc libraries. You should probably add at least one of them. 83 | 84 | Once the install is complete (the entire script and the manual steps following that), to start run 85 | `sudo /opt/alfresco/alfresco-service.sh start` (16.04) - this is a wrapper, using `sudo systemctl start alfresco.service` will have the same result. 86 | It also starts/stops Alfresco Search Services, it can be started separately with `sudo systemctl start alfresco-search.service`. 87 | 88 | To stop Tomcat for Alfresco, just switch `start` to `stop` in the above command. Using `status` as a parameter will show status of the Alfresco Tomcat service 89 | 90 | Nginx 91 | -------- 92 | It is sometimes useful to have a front-end for your Tomcat Alfresco instance. Since Tomcat runs default on port 8080, you can use Nginx as proxy. It is also a lot easier to add ssl support. The default config includes sample configuration for this. Share resource files (anything loaded from /share/res/) is cached in nginx, so it doesn't need to be fetched from tomcat. 93 | 94 | The script will use the latest version of the Ubuntu package from Nginx instead of default Ubuntu nginx packages. This allows for http/2 support. 95 | 96 | The default config file is found in folder `/etc/nginx/conf.d/alfresco.conf`. If you want to use ssl, you can replace this file with the sample config in `alfresco.conf.ssl`. Common settings is found in file `basic-settings.conf`. 97 | 98 | **Caveat:** The upload progress bar in Share will show the upload as complete when the upload from client to nginx is complete, but the upload from nginx to Tomcat Share/Alfresco continues shortly. Usually this is barely noticeable, since server connections speeds are a lot faster than client server connections. 99 | 100 | ### Maintenance message support 101 | If you are using Nginx as front-end there is a built in fallback to a maintenance page when the Alfresco tomcat instance is stopped. Nginx will detect that tomcat is not responding and show this page. It will display expected downtime and a progress bar. 102 | 103 | To set the downtime (in minutes) and a custom message, call the ams.sh script found in script folder. 104 | `ams.sh 20 "Custom message displayed in page"` 105 | 106 | The above example will set the downtime to 20 minutes (from when you shut down) and with a custom message. If called without parameters it defaults to 10 minutes. Custom message is optional, but if used you also must set the timeout. 107 | 108 | The script will shut down Alfresco tomcat instance. To start it you must call `sudo /opt/alfresco/alfresco-service.sh start`. 109 | 110 | The `maintenance.html` page is found in its default location /opt/alfresco/www and can be customized to your needs. 111 | 112 | If you want to implement this support and already have run the `alfinstall.sh` script, compare your `nginx.conf` to what is currently in `git/master`. 113 | 114 | Java JDK 115 | -------- 116 | Download and install of Oracle Java 8. 117 | 118 | If you choose to use any other Java JDK, adjust paths setting in `/etc/init/alfresco.conf`. 119 | 120 | LibreOffice 121 | ------------- 122 | Downloads and install LibreOffice from libreoffice.org (technically from a mirror). Alfresco just use LibreOffice for transformations, and later versions have better (hopefully) conversion filters. 123 | 124 | In this step ImageMagick is also installed from Ubuntu standard packages, if you skip this step install ImageMagick separately. Some extra font packages like Microsoft true type fonts is also installed, since you likely will add documents to Alfresco that have used them, this will result in better transformations. 125 | 126 | ImageMagick 127 | ----------- 128 | Installed using the Ubuntu default package. 129 | 130 | If you get the error `no decode delegate for this image format` on start in the alfresco.log make sure to check that the path for `img.coders=` in alfresco-global.properties. The path may be version specific for the installed version. 131 | 132 | Alfresco 133 | --------- 134 | Download and install of Alfresco itself. Or rather, the alfresco.war and share.war and adds them to tomcat/webapps folder. 135 | 136 | You also have the option to install Google Docs and Sharepoint addons. Skip if you do not intend to use them, you can always add then later. 137 | You can completely skip this step if you intend to use Enterprise version or any other version. See also the special section about the addons directory. 138 | 139 | Solr 140 | --------- 141 | Install Solr as indexing engine. Solr runs as a separate application and is slightly more complex to configure. It is recommended that you install Solr. 142 | Solr can run on a separate server, you can use this script to install the core for what is needed for that. Refer to the official Alfresco documention for the configuration settings for such a setup. 143 | 144 | Addons - Manage amps and war files. 145 | ======== 146 | A special directory is created, `/opt/alfresco/addons`. This directory can be used to manage any addons and the core war files. 147 | * `addons/alfresco` - Alfresco amp files. 148 | * `addons/share` - Share amp files. 149 | * `addons/war` - alfresco.war and share.war files goes in here. 150 | The script `addons/apply.sh`is what you run to install amp files to war files, and then copy the war files to tomcat/webapps. The script has three parameter options 151 | * amp - just install the amp files to war files. 152 | * copy - Copy war files to tomcat/webapps. 153 | * all - Do both of the above. You can only do this if tomcat is **not** running. 154 | 155 | If you didn't install Alfresco war files with the install script you can use this script to manage your war files. If you for example want to use the Enterprise version, download the war files from Alfresco support portal and add them to the /war directory and the run apply.sh. Or you can always add them directly to tomcat/webapps. 156 | 157 | Scripts - Supporting scripts 158 | ============================ 159 | In the directory `/opt/alfresco/scripts` there are some useful scripts installed. Or if you did not run the install script, grab them from github. Here is what they do: 160 | * `libreoffice.sh` - Start/stop libreoffice manually. Sometimes libreoffice crashes during a transformation, use this script to start it again. Alfresco will re-connect when the server detects libreoffice is running. You can add this to crontab for automatic checks: 161 | NO LONGER NEEDED: Since version 6 or LX101, Alfresco uses JodConverter with built in process management. 162 | 163 | `*/10 * * * * /opt/alfresco/scripts/libreoffice.sh start 2>&1 >> /opt/alfresco/logs/office.log` 164 | `0 2 * * * /opt/alfresco/scripts/libreoffice.sh restart 2>&1 > /opt/alfresco/logs/office.log` 165 | 166 | This will make sure libreoffice is running (if not already started and tomcat is running). Once per night it will also do a complete restart (in case LibreOffice behaves badly). 167 | * `iptables.sh` - Script to add port forwarding. Useful if you want to use cifs, ftp that will not run on lower port numbers if not root. Or if you´re not using nginx as front end and want to forward port 80 to 8080. 168 | * `limitconvert.sh` - Script to limit the number of cpu:s ImageMagick convert can use during transformations. Some Document library views with large thumbnails can cause intensive transformation load, and this script make sure some resources are left for other work. 169 | * `createssl.sh` - Create self signed certificates, useful for testing purposes. Works well with nginx. 170 | * `mariadb.sh` - Install the mariadb database server (the MySql alternative). It is recommended that you instead use a dedicated database server. Seriously, do that. And do some database optimizations, out of scope for this install guide. 171 | * `mysql.sh` - Install the mysql database server (the original MySql). It is recommended that you instead use a dedicated database server. Seriously, do that. And do some database optimizations, out of scope for this install guide. 172 | * `postgresql.sh` - Same as for MariaDB, but the postgres version. 173 | * `ams.sh` - To do a maintenance shutdown. For more, see section under nginx. 174 | 175 | Alfresco BART - Backup and Recovery Tool 176 | ======================================== 177 | Alfresco BART is a third party tool to aid with your Backup and Recovery requirements. 178 | 179 | You can do the basic install using this script, but it is **highly recommended** that you visit [https://github.com/toniblyx/alfresco-backup-and-recovery-tool/](https://github.com/toniblyx/alfresco-backup-and-recovery-tool/) page to learn more on how to configure this tool. 180 | 181 | Frequently Asked Questions (FAQ) 182 | === 183 | 184 | Can this script be used for any version of Alfresco? 185 | --- 186 | 187 | Yes, see the Addon section. But do know that it uses latest version of many components, and they may not be Alfresco officially supported stack. 188 | 189 | Can I modify the scripts? 190 | --- 191 | 192 | Yes, you can either download the install script and modify as needed. Or you clone the entire thing at Github and create your own version. If you create/change anything that you think may be useful, please contribute back. 193 | 194 | Upgrading - Can I use this to upgrade an existing install? 195 | --- 196 | 197 | At this time, this is not the intended use. So short answer is no. 198 | 199 | Longer answer is, you can probably grab pieces of the script to upgrade individual components. Or as is recommended when upgrading, test your upgrade on a separate server. So install a new server with fresh install, then grab a copy of your data and do a test upgrade. If this works, switch to this server. Did you make a backup of your data first? 200 | 201 | I want Alfresco and Share on separate server, can this script be used? 202 | --- 203 | 204 | Yes (and is also recommended for best performance), but all components are not needed on both servers. The Alfresco server probably doesn't need nginx, the Share server doesn't need LibreOffice, ImageMagick, Swftools and Solr. The 'Alfresco' install step will download both alfresco.war and share.war if run, just remove the one that doesn't apply from tomcat/webapps and addons/war directory. 205 | 206 | The script does not use version x of component z, can you fix this? 207 | --- 208 | 209 | Probably, but you can also. Just edit the script with the version you want to use, most of the specific links can be found in the beginning of the script. 210 | 211 | Why does the script use the latest versions/not use Ubuntu packages? 212 | --- 213 | 214 | This combination of packages/downloaded install has been found to work well. But that may not hold true always. If you feel more confident to run a specific version of a component, or want to use a standard Ubuntu package, modify the script. Or skip that part in the install script, and just use this script as an install guide on what needs to be in place for a production server. 215 | 216 | 217 | License 218 | === 219 | Copyright 2013-2018 Loftux AB, Peter Löfgren 220 | Distributed under the Creative Commons Attribution-ShareAlike 3.0 Unported License (CC BY-SA 3.0) 221 | -------------------------------------------------------------------------------- /alfinstall.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # ------- 3 | # Script for install of Alfresco 4 | # 5 | # Copyright 2013-2017 Loftux AB, Peter Löfgren 6 | # Distributed under the Creative Commons Attribution-ShareAlike 3.0 Unported License (CC BY-SA 3.0) 7 | # ------- 8 | 9 | export ALF_HOME=/opt/alfresco 10 | export ALF_DATA_HOME=$ALF_HOME/alf_data 11 | export CATALINA_HOME=$ALF_HOME/tomcat 12 | export ALF_USER=alfresco 13 | export ALF_GROUP=$ALF_USER 14 | export APTVERBOSITY="-qq -y" 15 | export TMP_INSTALL=/tmp/alfrescoinstall 16 | export DEFAULTYESNO="y" 17 | 18 | # Branch name to pull from server. Use master for stable. 19 | BRANCH=master 20 | export BASE_DOWNLOAD=https://raw.githubusercontent.com/loftuxab/alfresco-ubuntu-install/$BRANCH 21 | export KEYSTOREBASE=https://svn.alfresco.com/repos/alfresco-open-mirror/alfresco/HEAD/root/projects/repository/config/alfresco/keystore 22 | 23 | #Change this to prefered locale to make sure it exists. This has impact on LibreOffice transformations 24 | #export LOCALESUPPORT=sv_SE.utf8 25 | export LOCALESUPPORT=en_US.utf8 26 | 27 | export TOMCAT_DOWNLOAD=http://archive.apache.org/dist/tomcat/tomcat-8/v8.0.53/bin/apache-tomcat-8.0.53.tar.gz 28 | export JDBCPOSTGRESURL=https://jdbc.postgresql.org/download 29 | export JDBCPOSTGRES=postgresql-42.2.5.jar 30 | export JDBCMYSQLURL=https://dev.mysql.com/get/Downloads/Connector-J 31 | export JDBCMYSQL=mysql-connector-java-5.1.47.tar.gz 32 | 33 | export LIBREOFFICE=https://download.documentfoundation.org/libreoffice/stable/6.4.0/deb/x86_64/LibreOffice_6.4.0_Linux_x86-64_deb.tar.gz 34 | export ALFRESCO_PDF_RENDERER=https://artifacts.alfresco.com/nexus/service/local/repositories/releases/content/org/alfresco/alfresco-pdf-renderer/1.1/alfresco-pdf-renderer-1.1-linux.tgz 35 | 36 | export ALFREPOWAR=https://downloads.loftux.net/public/content/org/alfresco/content-services-community/6.1.1/content-services-community-6.1.1.war 37 | export ALFSHAREWAR=https://downloads.loftux.net/public/content/org/alfresco/share/6.1.0/share-6.1.0.war 38 | export ALFSHARESERVICES=https://downloads.loftux.net/public/content/org/alfresco/alfresco-share-services/6.1.0/alfresco-share-services-6.1.0.amp 39 | export ALFMMTJAR=https://downloads.loftux.net/public/content/org/alfresco/alfresco-mmt/6.0/alfresco-mmt-6.0.jar 40 | 41 | export ASS_DOWNLOAD=https://downloads.loftux.net/public/content/org/alfresco/alfresco-search-services/1.3.0.1/alfresco-search-services-1.3.0.1.zip 42 | 43 | export LXALFREPOWAR=https://downloads.loftux.net/alfresco/alfresco-platform/LX101/alfresco-platform-LX101.war 44 | export LXALFSHAREWAR=https://downloads.loftux.net/alfresco/share/LX101/share-LX101.war 45 | export LXALFSHARESERVICES=https://downloads.loftux.net/alfresco/alfresco-share-services/LX101/alfresco-share-services-LX101.amp 46 | export LXAOS_AMP=https://downloads.loftux.net/alfresco/aos-module/alfresco-aos-module/1.2.0.1/alfresco-aos-module-1.2.0.1.amp 47 | 48 | 49 | export GOOGLEDOCSREPO=https://downloads.loftux.net/public/content/org/alfresco/integrations/alfresco-googledocs-repo/3.0.4.3/alfresco-googledocs-repo-3.0.4.3.amp 50 | export GOOGLEDOCSSHARE=https://downloads.loftux.net/public/content/org/alfresco/integrations/alfresco-googledocs-share/3.0.4.3/alfresco-googledocs-share-3.0.4.3.amp 51 | 52 | export AOS_VTI=https://downloads.loftux.net/public/content/org/alfresco/aos-module/alfresco-vti-bin/1.2.2/alfresco-vti-bin-1.2.2.war 53 | export AOS_SERVER_ROOT=https://downloads.loftux.net/public/content/org/alfresco/alfresco-server-root/6.0.1/alfresco-server-root-6.0.1.war 54 | export AOS_AMP=https://downloads.loftux.net/public/content/org/alfresco/aos-module/alfresco-aos-module/1.2.2/alfresco-aos-module-1.2.2.amp 55 | 56 | export BASE_BART_DOWNLOAD=https://raw.githubusercontent.com/toniblyx/alfresco-backup-and-recovery-tool/master/src/ 57 | 58 | export BART_PROPERTIES=alfresco-bart.properties 59 | export BART_EXECUTE=alfresco-bart.sh 60 | 61 | 62 | # Color variables 63 | txtund=$(tput sgr 0 1) # Underline 64 | txtbld=$(tput bold) # Bold 65 | bldred=${txtbld}$(tput setaf 1) # red 66 | bldgre=${txtbld}$(tput setaf 2) # red 67 | bldblu=${txtbld}$(tput setaf 4) # blue 68 | bldwht=${txtbld}$(tput setaf 7) # white 69 | txtrst=$(tput sgr0) # Reset 70 | info=${bldwht}*${txtrst} # Feedback 71 | pass=${bldblu}*${txtrst} 72 | warn=${bldred}*${txtrst} 73 | ques=${bldblu}?${txtrst} 74 | 75 | echoblue () { 76 | echo "${bldblu}$1${txtrst}" 77 | } 78 | echored () { 79 | echo "${bldred}$1${txtrst}" 80 | } 81 | echogreen () { 82 | echo "${bldgre}$1${txtrst}" 83 | } 84 | cd /tmp 85 | if [ -d "alfrescoinstall" ]; then 86 | rm -rf alfrescoinstall 87 | fi 88 | mkdir alfrescoinstall 89 | cd ./alfrescoinstall 90 | 91 | echo 92 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 93 | echogreen "Alfresco Ubuntu installer by Loftux AB." 94 | echogreen "Please read the documentation at" 95 | echogreen "https://github.com/loftuxab/alfresco-ubuntu-install." 96 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 97 | echo 98 | 99 | echo 100 | echo "${warn}${bldblu} - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ${warn}" 101 | echogreen "Do you want to install LXCommunity ECM build of Alfresco Community" 102 | echogreen "from Loftux AB?" 103 | echogreen "You can use this in place of Alfresco Community from Alfresco Software" 104 | echogreen "and optionally later buy a support package." 105 | echogreen "If you later prefer to use Alfresco Community you can always switch back" 106 | echogreen "by manually replacing war files." 107 | echo 108 | echogreen "Please visit https://loftux.com/alfresco for more information." 109 | echogreen "You are welcome to contact us at info@loftux.se" 110 | echo "${warn}${bldblu} - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ${warn}" 111 | echo 112 | read -e -p "Use LXCommunity ECM when installing${ques} [y/n] " -i "$DEFAULTYESNO" uselxcommunity 113 | if [ "$uselxcommunity" = "y" ]; then 114 | 115 | ALFREPOWAR=$LXALFREPOWAR 116 | ALFSHAREWAR=$LXALFSHAREWAR 117 | ALFSHARESERVICES=$LXALFSHARESERVICES 118 | AOS_AMP=$LXAOS_AMP 119 | 120 | echo 121 | echogreen "Thanks for choosing LXCommunity ECM" 122 | echo 123 | else 124 | echo "Installing Alfresco Community edition from Alfresco Software" 125 | echo 126 | fi 127 | 128 | echo 129 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 130 | echo "Checking for the availability of the URLs inside script..." 131 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 132 | echo 133 | 134 | echo 135 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 136 | echo "Preparing for install. Updating the apt package index files..." 137 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 138 | sudo apt-get $APTVERBOSITY update; 139 | echo 140 | 141 | if [ "`which systemctl`" = "" ]; then 142 | export ISON1604=n 143 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 144 | echo "You are installing for version 14.04 (using upstart for services)." 145 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 146 | read -e -p "Is this correct [y/n] " -i "$DEFAULTYESNO" useupstart 147 | if [ "$useupstart" = "n" ]; then 148 | export ISON1604=y 149 | fi 150 | else 151 | export ISON1604=y 152 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 153 | echo "You are installing for version 16.04 or later (using systemd for services)." 154 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 155 | read -e -p "Is this correct [y/n] " -i "$DEFAULTYESNO" useupstart 156 | if [ "$useupstart" = "n" ]; then 157 | export ISON1604=n 158 | fi 159 | fi 160 | 161 | if [ "$ISON1604" = "n" ]; then 162 | echored "Installing on version prior to 16.04 no longer supported" 163 | exit 1 164 | fi 165 | 166 | if [ "`which curl`" = "" ]; then 167 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 168 | echo "You need to install curl. Curl is used for downloading components to install." 169 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 170 | sudo apt-get $APTVERBOSITY install curl; 171 | fi 172 | 173 | if [ "`which wget`" = "" ]; then 174 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 175 | echo "You need to install wget. Wget is used for downloading components to install." 176 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 177 | sudo apt-get $APTVERBOSITY install wget; 178 | fi 179 | 180 | URLERROR=0 181 | 182 | for REMOTE in $TOMCAT_DOWNLOAD $JDBCPOSTGRESURL/$JDBCPOSTGRES $JDBCMYSQLURL/$JDBCMYSQL \ 183 | $LIBREOFFICE $ALFREPOWAR $ALFSHAREWAR $ALFSHARESERVICES $GOOGLEDOCSREPO \ 184 | $GOOGLEDOCSSHARE $ASS_DOWNLOAD $AOS_VTI $AOS_SERVER_ROOT 185 | 186 | do 187 | wget --spider $REMOTE --no-check-certificate >& /dev/null 188 | if [ $? != 0 ] 189 | then 190 | echored "In alfinstall.sh, please fix this URL: $REMOTE" 191 | URLERROR=1 192 | fi 193 | done 194 | 195 | if [ $URLERROR = 1 ] 196 | then 197 | echo 198 | echored "Please fix the above errors and rerun." 199 | echo 200 | exit 201 | fi 202 | 203 | echo 204 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 205 | echo "You need to add a system user that runs the tomcat Alfresco instance." 206 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 207 | read -e -p "Add alfresco system user${ques} [y/n] " -i "$DEFAULTYESNO" addalfresco 208 | if [ "$addalfresco" = "y" ]; then 209 | sudo adduser --system --disabled-login --disabled-password --group $ALF_USER 210 | echo 211 | echogreen "Finished adding alfresco user" 212 | echo 213 | else 214 | echo "Skipping adding alfresco user" 215 | echo 216 | fi 217 | 218 | echo 219 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 220 | echo "You need to set the locale to use when running tomcat Alfresco instance." 221 | echo "This has an effect on date formats for transformations and support for" 222 | echo "international characters." 223 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 224 | read -e -p "Enter the default locale to use: " -i "$LOCALESUPPORT" LOCALESUPPORT 225 | #install locale to support that locale date formats in open office transformations 226 | sudo locale-gen $LOCALESUPPORT 227 | echo 228 | echogreen "Finished updating locale" 229 | echo 230 | 231 | echo 232 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 233 | echo "Ubuntu default for number of allowed open files in the file system is too low" 234 | echo "for alfresco use and tomcat may because of this stop with the error" 235 | echo "\"too many open files\". You should update this value if you have not done so." 236 | echo "Read more at http://wiki.alfresco.com/wiki/Too_many_open_files" 237 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 238 | read -e -p "Add limits.conf${ques} [y/n] " -i "$DEFAULTYESNO" updatelimits 239 | if [ "$updatelimits" = "y" ]; then 240 | echo "alfresco soft nofile 8192" | sudo tee -a /etc/security/limits.conf 241 | echo "alfresco hard nofile 65536" | sudo tee -a /etc/security/limits.conf 242 | echo 243 | echogreen "Updated /etc/security/limits.conf" 244 | echo 245 | echo "session required pam_limits.so" | sudo tee -a /etc/pam.d/common-session 246 | echo "session required pam_limits.so" | sudo tee -a /etc/pam.d/common-session-noninteractive 247 | echo 248 | echogreen "Updated /etc/security/common-session*" 249 | echo 250 | else 251 | echo "Skipped updating limits.conf" 252 | echo 253 | fi 254 | 255 | echo 256 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 257 | echo "Tomcat is the application server that runs Alfresco." 258 | echo "You will also get the option to install jdbc lib for Postgresql or MySql/MariaDB." 259 | echo "Install the jdbc lib for the database you intend to use." 260 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 261 | read -e -p "Install Tomcat${ques} [y/n] " -i "$DEFAULTYESNO" installtomcat 262 | 263 | if [ "$installtomcat" = "y" ]; then 264 | echogreen "Installing Tomcat" 265 | echo "Downloading tomcat..." 266 | curl -# -L -O $TOMCAT_DOWNLOAD 267 | # Make sure install dir exists, including logs dir 268 | sudo mkdir -p $ALF_HOME/logs 269 | echo "Extracting..." 270 | tar xf "$(find . -type f -name "apache-tomcat*")" 271 | sudo mv "$(find . -type d -name "apache-tomcat*")" $CATALINA_HOME 272 | # Remove apps not needed 273 | sudo rm -rf $CATALINA_HOME/webapps/* 274 | # Create Tomcat conf folder 275 | sudo mkdir -p $CATALINA_HOME/conf/Catalina/localhost 276 | # Get Alfresco config 277 | echo "Downloading tomcat configuration files..." 278 | 279 | sudo curl -# -o $CATALINA_HOME/conf/server.xml $BASE_DOWNLOAD/tomcat/server.xml 280 | sudo curl -# -o $CATALINA_HOME/conf/catalina.properties $BASE_DOWNLOAD/tomcat/catalina.properties 281 | sudo curl -# -o $CATALINA_HOME/conf/tomcat-users.xml $BASE_DOWNLOAD/tomcat/tomcat-users.xml 282 | sudo curl -# -o $CATALINA_HOME/conf/context.xml $BASE_DOWNLOAD/tomcat/context.xml 283 | if [ "$ISON1604" = "y" ]; then 284 | sudo curl -# -o /etc/systemd/system/alfresco.service $BASE_DOWNLOAD/tomcat/alfresco.service 285 | sudo curl -# -o $ALF_HOME/alfresco-service.sh $BASE_DOWNLOAD/scripts/alfresco-service.sh 286 | sudo chmod 755 $ALF_HOME/alfresco-service.sh 287 | sudo sed -i "s/@@LOCALESUPPORT@@/$LOCALESUPPORT/g" $ALF_HOME/alfresco-service.sh 288 | # Enable the service 289 | sudo systemctl enable alfresco.service 290 | sudo systemctl daemon-reload 291 | fi 292 | 293 | # Create /shared 294 | sudo mkdir -p $CATALINA_HOME/shared/classes/alfresco/extension 295 | sudo mkdir -p $CATALINA_HOME/shared/classes/alfresco/web-extension 296 | sudo mkdir -p $CATALINA_HOME/shared/lib 297 | # Add endorsed dir 298 | sudo mkdir -p $CATALINA_HOME/endorsed 299 | 300 | echo 301 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 302 | echo "You need to add the dns name, port and protocol for your server(s)." 303 | echo "It is important that this is is a resolvable server name." 304 | echo "This information will be added to default configuration files." 305 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 306 | read -e -p "Please enter the public host name for Share server (fully qualified domain name)${ques} [`hostname`] " -i "`hostname`" SHARE_HOSTNAME 307 | read -e -p "Please enter the protocol to use for public Share server (http or https)${ques} [http] " -i "http" SHARE_PROTOCOL 308 | SHARE_PORT=80 309 | if [ "${SHARE_PROTOCOL,,}" = "https" ]; then 310 | SHARE_PORT=443 311 | fi 312 | read -e -p "Please enter the host name for Alfresco Repository server (fully qualified domain name) as shown to users${ques} [$SHARE_HOSTNAME] " -i "$SHARE_HOSTNAME" REPO_HOSTNAME 313 | read -e -p "Please enter the host name for Alfresco Repository server that Share will use to talk to repository${ques} [localhost] " -i "localhost" SHARE_TO_REPO_HOSTNAME 314 | # Add default alfresco-global.propertis 315 | ALFRESCO_GLOBAL_PROPERTIES=/tmp/alfrescoinstall/alfresco-global.properties 316 | sudo curl -# -o $ALFRESCO_GLOBAL_PROPERTIES $BASE_DOWNLOAD/tomcat/alfresco-global.properties 317 | sed -i "s/@@ALFRESCO_SHARE_SERVER@@/$SHARE_HOSTNAME/g" $ALFRESCO_GLOBAL_PROPERTIES 318 | sed -i "s/@@ALFRESCO_SHARE_SERVER_PORT@@/$SHARE_PORT/g" $ALFRESCO_GLOBAL_PROPERTIES 319 | sed -i "s/@@ALFRESCO_SHARE_SERVER_PROTOCOL@@/$SHARE_PROTOCOL/g" $ALFRESCO_GLOBAL_PROPERTIES 320 | sed -i "s/@@ALFRESCO_REPO_SERVER@@/$REPO_HOSTNAME/g" $ALFRESCO_GLOBAL_PROPERTIES 321 | sudo mv $ALFRESCO_GLOBAL_PROPERTIES $CATALINA_HOME/shared/classes/ 322 | 323 | read -e -p "Install Share config file (recommended)${ques} [y/n] " -i "$DEFAULTYESNO" installshareconfig 324 | if [ "$installshareconfig" = "y" ]; then 325 | SHARE_CONFIG_CUSTOM=/tmp/alfrescoinstall/share-config-custom.xml 326 | sudo curl -# -o $SHARE_CONFIG_CUSTOM $BASE_DOWNLOAD/tomcat/share-config-custom.xml 327 | sed -i "s/@@ALFRESCO_SHARE_SERVER@@/$SHARE_HOSTNAME/g" $SHARE_CONFIG_CUSTOM 328 | sed -i "s/@@SHARE_TO_REPO_SERVER@@/$SHARE_TO_REPO_HOSTNAME/g" $SHARE_CONFIG_CUSTOM 329 | sudo mv $SHARE_CONFIG_CUSTOM $CATALINA_HOME/shared/classes/alfresco/web-extension/ 330 | fi 331 | 332 | echo 333 | read -e -p "Install Postgres JDBC Connector${ques} [y/n] " -i "$DEFAULTYESNO" installpg 334 | if [ "$installpg" = "y" ]; then 335 | curl -# -O $JDBCPOSTGRESURL/$JDBCPOSTGRES 336 | sudo mv $JDBCPOSTGRES $CATALINA_HOME/lib 337 | fi 338 | echo 339 | read -e -p "Install Mysql JDBC Connector${ques} [y/n] " -i "$DEFAULTYESNO" installmy 340 | if [ "$installmy" = "y" ]; then 341 | cd /tmp/alfrescoinstall 342 | curl -# -L -O $JDBCMYSQLURL/$JDBCMYSQL 343 | tar xf $JDBCMYSQL 344 | cd "$(find . -type d -name "mysql-connector*")" 345 | sudo mv mysql-connector*.jar $CATALINA_HOME/lib 346 | fi 347 | sudo chown -R $ALF_USER:$ALF_GROUP $ALF_HOME 348 | echo 349 | echogreen "Finished installing Tomcat" 350 | echo 351 | else 352 | echo "Skipping install of Tomcat" 353 | echo 354 | fi 355 | 356 | echo 357 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 358 | echo "Nginx can be used as frontend to Tomcat." 359 | echo "This installation will add config default proxying to Alfresco tomcat." 360 | echo "The config file also have sample config for ssl." 361 | echo "You can run Alfresco fine without installing nginx." 362 | echo "If you prefer to use Apache, install that manually. Or you can use iptables" 363 | echo "forwarding, sample script in $ALF_HOME/scripts/iptables.sh" 364 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 365 | read -e -p "Install nginx${ques} [y/n] " -i "$DEFAULTYESNO" installnginx 366 | if [ "$installnginx" = "y" ]; then 367 | echoblue "Installing nginx. Fetching packages..." 368 | echo 369 | sudo -s << EOF 370 | echo "deb http://nginx.org/packages/ubuntu/ $(lsb_release -cs) nginx" >> /etc/apt/sources.list 371 | echo "deb-src http://nginx.org/packages/ubuntu/ $(lsb_release -cs) nginx" >> /etc/apt/sources.list 372 | sudo curl -# -o /tmp/alfrescoinstall/nginx_signing.key http://nginx.org/keys/nginx_signing.key 373 | apt-key add /tmp/alfrescoinstall/nginx_signing.key 374 | #echo "deb http://ppa.launchpad.net/nginx/stable/ubuntu $(lsb_release -cs) main" >> /etc/apt/sources.list 375 | #apt-key adv --keyserver keyserver.ubuntu.com --recv-keys C300EE8C 376 | # Alternate with spdy support and more, change apt install -> nginx-custom 377 | #echo "deb http://ppa.launchpad.net/brianmercer/nginx/ubuntu $(lsb_release -cs) main" >> /etc/apt/sources.list 378 | #apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 8D0DC64F 379 | EOF 380 | sudo apt-get $APTVERBOSITY update && sudo apt-get $APTVERBOSITY install nginx 381 | sudo service nginx stop 382 | sudo mv /etc/nginx/nginx.conf /etc/nginx/nginx.conf.backup 383 | sudo mv /etc/nginx/conf.d/default.conf /etc/nginx/conf.d/default.conf.sample 384 | sudo curl -# -o /etc/nginx/nginx.conf $BASE_DOWNLOAD/nginx/nginx.conf 385 | sudo curl -# -o /etc/nginx/conf.d/alfresco.conf $BASE_DOWNLOAD/nginx/alfresco.conf 386 | sudo curl -# -o /etc/nginx/conf.d/alfresco.conf.ssl $BASE_DOWNLOAD/nginx/alfresco.conf.ssl 387 | sudo curl -# -o /etc/nginx/conf.d/basic-settings.conf $BASE_DOWNLOAD/nginx/basic-settings.conf 388 | sudo mkdir -p /var/cache/nginx/alfresco 389 | # Make the ssl dir as this is what is used in sample config 390 | sudo mkdir -p /etc/nginx/ssl 391 | sudo mkdir -p $ALF_HOME/www 392 | if [ ! -f "$ALF_HOME/www/maintenance.html" ]; then 393 | echo "Downloading maintenance html page..." 394 | sudo curl -# -o $ALF_HOME/www/maintenance.html $BASE_DOWNLOAD/nginx/maintenance.html 395 | fi 396 | sudo chown -R www-data:root /var/cache/nginx/alfresco 397 | sudo chown -R www-data:root $ALF_HOME/www 398 | ## Reload config file 399 | sudo service nginx start 400 | 401 | echo 402 | echogreen "Finished installing nginx" 403 | echo 404 | else 405 | echo "Skipping install of nginx" 406 | fi 407 | 408 | echo 409 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 410 | echo "Install Java JDK." 411 | echo "This will install OpenJDK 8 version of Java. If you prefer Oracle Java 8 " 412 | echo "you need to download and install that manually." 413 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 414 | read -e -p "Install OpenJDK${ques} [y/n] " -i "$DEFAULTYESNO" installjdk 415 | if [ "$installjdk" = "y" ]; then 416 | echoblue "Installing OpenJDK..." 417 | sudo apt-get $APTVERBOSITY install openjdk-8-jre-headless 418 | echo 419 | echogreen "Make sure correct default java is selected!" 420 | echo 421 | sudo update-alternatives --config java 422 | #sudo apt-get $APTVERBOSITY install python-software-properties software-properties-common 423 | #sudo add-apt-repository ppa:webupd8team/java 424 | #sudo apt-get $APTVERBOSITY update 425 | #echo oracle-java8-installer shared/accepted-oracle-license-v1-1 select true | sudo /usr/bin/debconf-set-selections 426 | #sudo apt-get $APTVERBOSITY install oracle-java8-installer 427 | #sudo update-java-alternatives -s java-8-oracle 428 | echo 429 | echogreen "Finished installing OpenJDK " 430 | echo 431 | else 432 | echo "Skipping install of OpenJDK." 433 | echored "IMPORTANT: You need to install other JDK and adjust paths for the install to be complete" 434 | echo 435 | fi 436 | 437 | echo 438 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 439 | echo "Install LibreOffice." 440 | echo "This will download and install the latest LibreOffice from libreoffice.org" 441 | echo "Newer version of Libreoffice has better document filters, and produce better" 442 | echo "transformations. If you prefer to use Ubuntu standard packages you can skip" 443 | echo "this install." 444 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 445 | read -e -p "Install LibreOffice${ques} [y/n] " -i "$DEFAULTYESNO" installibreoffice 446 | if [ "$installibreoffice" = "y" ]; then 447 | 448 | cd /tmp/alfrescoinstall 449 | curl -# -L -O $LIBREOFFICE 450 | tar xf LibreOffice*.tar.gz 451 | cd "$(find . -type d -name "LibreOffice*")" 452 | cd DEBS 453 | rm *gnome-integration*.deb &&\ 454 | rm *kde-integration*.deb &&\ 455 | rm *debian-menus*.deb &&\ 456 | sudo dpkg -i *.deb 457 | echo 458 | echoblue "Installing some support fonts for better transformations." 459 | # libxinerama1 libglu1-mesa needed to get LibreOffice 4.4 to work. Add the libraries that Alfresco mention in documentatinas required. 460 | 461 | ###1604 fonts-droid not available, use fonts-noto instead 462 | sudo apt-get $APTVERBOSITY install ttf-mscorefonts-installer fonts-noto fontconfig libcups2 libfontconfig1 libglu1-mesa libice6 libsm6 libxinerama1 libxrender1 libxt6 libcairo2 463 | echo 464 | echogreen "Finished installing LibreOffice" 465 | echo 466 | else 467 | echo 468 | echo "Skipping install of LibreOffice" 469 | echored "If you install LibreOffice/OpenOffice separetely, remember to update alfresco-global.properties" 470 | echored "Also run: sudo apt-get install ttf-mscorefonts-installer fonts-droid libxinerama1" 471 | echo 472 | fi 473 | 474 | echo 475 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 476 | echo "Install ImageMagick." 477 | echo "This will ImageMagick from Ubuntu packages." 478 | echo "It is recommended that you install ImageMagick." 479 | echo "If you prefer some other way of installing ImageMagick, skip this step." 480 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 481 | read -e -p "Install ImageMagick${ques} [y/n] " -i "$DEFAULTYESNO" installimagemagick 482 | if [ "$installimagemagick" = "y" ]; then 483 | 484 | echoblue "Installing ImageMagick. Fetching packages..." 485 | sudo apt-get $APTVERBOSITY install imagemagick ghostscript libgs-dev libjpeg62 libpng16-16 486 | echo 487 | if [ "$ISON1604" = "y" ]; then 488 | echoblue "Creating symbolic link for ImageMagick-6." 489 | sudo ln -s /etc/ImageMagick-6 /etc/ImageMagick 490 | fi 491 | echo 492 | echogreen "Finished installing ImageMagick" 493 | echo 494 | else 495 | echo 496 | echo "Skipping install of ImageMagick" 497 | echored "Remember to install ImageMagick later. It is needed for thumbnail transformations." 498 | echo 499 | fi 500 | 501 | echo 502 | echoblue "Adding basic support files. Always installed if not present." 503 | echo 504 | # Always add the addons dir and scripts 505 | sudo mkdir -p $ALF_HOME/addons/war 506 | sudo mkdir -p $ALF_HOME/addons/share 507 | sudo mkdir -p $ALF_HOME/addons/alfresco 508 | if [ ! -f "$ALF_HOME/addons/apply.sh" ]; then 509 | echo "Downloading apply.sh script..." 510 | sudo curl -# -o $ALF_HOME/addons/apply.sh $BASE_DOWNLOAD/scripts/apply.sh 511 | sudo chmod u+x $ALF_HOME/addons/apply.sh 512 | fi 513 | if [ ! -f "$ALF_HOME/addons/alfresco-mmt.jar" ]; then 514 | sudo curl -# -o $ALF_HOME/addons/alfresco-mmt.jar $ALFMMTJAR 515 | fi 516 | 517 | # Add the jar modules dir 518 | sudo mkdir -p $ALF_HOME/modules/platform 519 | sudo mkdir -p $ALF_HOME/modules/share 520 | 521 | sudo mkdir -p $ALF_HOME/bin 522 | if [ ! -f "$ALF_HOME/bin/alfresco-pdf-renderer" ]; then 523 | echo "Downloading Alfresco PDF Renderer binary (alfresco-pdf-renderer)..." 524 | sudo curl -# -o $TMP_INSTALL/alfresco-pdf-renderer.tgz $ALFRESCO_PDF_RENDERER 525 | sudo tar -xf $TMP_INSTALL/alfresco-pdf-renderer.tgz -C $TMP_INSTALL 526 | sudo mv $TMP_INSTALL/alfresco-pdf-renderer $ALF_HOME/bin/ 527 | fi 528 | 529 | sudo mkdir -p $ALF_HOME/scripts 530 | if [ ! -f "$ALF_HOME/scripts/mariadb.sh" ]; then 531 | echo "Downloading mariadb.sh install and setup script..." 532 | sudo curl -# -o $ALF_HOME/scripts/mariadb.sh $BASE_DOWNLOAD/scripts/mariadb.sh 533 | fi 534 | if [ ! -f "$ALF_HOME/scripts/postgresql.sh" ]; then 535 | echo "Downloading postgresql.sh install and setup script..." 536 | sudo curl -# -o $ALF_HOME/scripts/postgresql.sh $BASE_DOWNLOAD/scripts/postgresql.sh 537 | fi 538 | 539 | if [ ! -f "$ALF_HOME/scripts/mysql.sh" ]; then 540 | echo "Downloading mysql.sh install and setup script..." 541 | sudo curl -# -o $ALF_HOME/scripts/mysql.sh $BASE_DOWNLOAD/scripts/mysql.sh 542 | fi 543 | 544 | if [ ! -f "$ALF_HOME/scripts/limitconvert.sh" ]; then 545 | echo "Downloading limitconvert.sh script..." 546 | sudo curl -# -o $ALF_HOME/scripts/limitconvert.sh $BASE_DOWNLOAD/scripts/limitconvert.sh 547 | fi 548 | if [ ! -f "$ALF_HOME/scripts/createssl.sh" ]; then 549 | echo "Downloading createssl.sh script..." 550 | sudo curl -# -o $ALF_HOME/scripts/createssl.sh $BASE_DOWNLOAD/scripts/createssl.sh 551 | fi 552 | if [ ! -f "$ALF_HOME/scripts/libreoffice.sh" ]; then 553 | echo "Downloading libreoffice.sh script..." 554 | sudo curl -# -o $ALF_HOME/scripts/libreoffice.sh $BASE_DOWNLOAD/scripts/libreoffice.sh 555 | sudo sed -i "s/@@LOCALESUPPORT@@/$LOCALESUPPORT/g" $ALF_HOME/scripts/libreoffice.sh 556 | fi 557 | if [ ! -f "$ALF_HOME/scripts/iptables.sh" ]; then 558 | echo "Downloading iptables.sh script..." 559 | sudo curl -# -o $ALF_HOME/scripts/iptables.sh $BASE_DOWNLOAD/scripts/iptables.sh 560 | fi 561 | if [ ! -f "$ALF_HOME/scripts/alfresco-iptables.conf" ]; then 562 | echo "Downloading alfresco-iptables.conf upstart script..." 563 | sudo curl -# -o $ALF_HOME/scripts/alfresco-iptables.conf $BASE_DOWNLOAD/scripts/alfresco-iptables.conf 564 | fi 565 | if [ ! -f "$ALF_HOME/scripts/ams.sh" ]; then 566 | echo "Downloading maintenance shutdown script..." 567 | sudo curl -# -o $ALF_HOME/scripts/ams.sh $BASE_DOWNLOAD/scripts/ams.sh 568 | fi 569 | sudo chmod 755 $ALF_HOME/scripts/*.sh 570 | 571 | # Keystore 572 | sudo mkdir -p $ALF_DATA_HOME/keystore 573 | # Only check for precesence of one file, assume all the rest exists as well if so. 574 | if [ ! -f " $ALF_DATA_HOME/keystore/ssl.keystore" ]; then 575 | echo "Downloading keystore files..." 576 | sudo curl -# -o $ALF_DATA_HOME/keystore/browser.p12 $KEYSTOREBASE/browser.p12 577 | sudo curl -# -o $ALF_DATA_HOME/keystore/generate_keystores.sh $KEYSTOREBASE/generate_keystores.sh 578 | sudo curl -# -o $ALF_DATA_HOME/keystore/keystore $KEYSTOREBASE/keystore 579 | sudo curl -# -o $ALF_DATA_HOME/keystore/keystore-passwords.properties $KEYSTOREBASE/keystore-passwords.properties 580 | sudo curl -# -o $ALF_DATA_HOME/keystore/ssl-keystore-passwords.properties $KEYSTOREBASE/ssl-keystore-passwords.properties 581 | sudo curl -# -o $ALF_DATA_HOME/keystore/ssl-truststore-passwords.properties $KEYSTOREBASE/ssl-truststore-passwords.properties 582 | sudo curl -# -o $ALF_DATA_HOME/keystore/ssl.keystore $KEYSTOREBASE/ssl.keystore 583 | sudo curl -# -o $ALF_DATA_HOME/keystore/ssl.truststore $KEYSTOREBASE/ssl.truststore 584 | fi 585 | 586 | echo 587 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 588 | echo "Install Alfresco war files." 589 | echo "Download war files and optional addons." 590 | echo "If you have already downloaded your war files you can skip this step and add " 591 | echo "them manually." 592 | echo 593 | echo "If you use separate Alfresco and Share server, only install the needed for each" 594 | echo "server. Alfresco Repository will need Share Services if you use Share." 595 | echo 596 | echo "This install place downloaded files in the $ALF_HOME/addons and then use the" 597 | echo "apply.sh script to add them to tomcat/webapps. Se this script for more info." 598 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 599 | read -e -p "Add Alfresco Repository war file${ques} [y/n] " -i "$DEFAULTYESNO" installwar 600 | if [ "$installwar" = "y" ]; then 601 | 602 | echogreen "Downloading alfresco war file..." 603 | sudo curl -# -o $ALF_HOME/addons/war/alfresco.war $ALFREPOWAR 604 | echo 605 | 606 | # Add default alfresco and share modules classloader config files 607 | sudo curl -# -o $CATALINA_HOME/conf/Catalina/localhost/alfresco.xml $BASE_DOWNLOAD/tomcat/alfresco.xml 608 | 609 | echogreen "Finished adding Alfresco Repository war file" 610 | echo 611 | else 612 | echo 613 | echo "Skipping adding Alfresco Repository war file and addons" 614 | echo 615 | fi 616 | 617 | read -e -p "Add Share Client war file${ques} [y/n] " -i "$DEFAULTYESNO" installsharewar 618 | if [ "$installsharewar" = "y" ]; then 619 | 620 | echogreen "Downloading Share war file..." 621 | sudo curl -# -o $ALF_HOME/addons/war/share.war $ALFSHAREWAR 622 | 623 | # Add default alfresco and share modules classloader config files 624 | sudo curl -# -o $CATALINA_HOME/conf/Catalina/localhost/share.xml $BASE_DOWNLOAD/tomcat/share.xml 625 | 626 | echo 627 | echogreen "Finished adding Share war file" 628 | echo 629 | else 630 | echo 631 | echo "Skipping adding Alfresco Share war file" 632 | echo 633 | fi 634 | 635 | if [ "$installwar" = "y" ] || [ "$installsharewar" = "y" ]; then 636 | cd /tmp/alfrescoinstall 637 | 638 | if [ "$installwar" = "y" ]; then 639 | echored "You must install Share Services if you intend to use Share Client." 640 | read -e -p "Add Share Services plugin${ques} [y/n] " -i "$DEFAULTYESNO" installshareservices 641 | if [ "$installshareservices" = "y" ]; then 642 | echo "Downloading Share Services addon..." 643 | curl -# -O $ALFSHARESERVICES 644 | sudo mv alfresco-share-services*.amp $ALF_HOME/addons/alfresco/ 645 | fi 646 | fi 647 | 648 | read -e -p "Add Google docs integration${ques} [y/n] " -i "$DEFAULTYESNO" installgoogledocs 649 | if [ "$installgoogledocs" = "y" ]; then 650 | echo "Downloading Google docs addon..." 651 | if [ "$installwar" = "y" ]; then 652 | curl -# -O $GOOGLEDOCSREPO 653 | sudo mv alfresco-googledocs-repo*.amp $ALF_HOME/addons/alfresco/ 654 | fi 655 | if [ "$installsharewar" = "y" ]; then 656 | curl -# -O $GOOGLEDOCSSHARE 657 | sudo mv alfresco-googledocs-share* $ALF_HOME/addons/share/ 658 | fi 659 | fi 660 | fi 661 | 662 | 663 | echo 664 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 665 | echo "Install Alfresco Office Services (Sharepoint protocol emulation)." 666 | echo "This allows you to open and save Microsoft Office documents online." 667 | echored "This module is not Open Source (Alfresco proprietary)." 668 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 669 | read -e -p "Install Alfresco Office Services integration${ques} [y/n] " -i "$DEFAULTYESNO" installssharepoint 670 | if [ "$installssharepoint" = "y" ]; then 671 | echogreen "Installing Alfresco Offices Services bundle..." 672 | echogreen "Downloading Alfresco Office Services amp file" 673 | # Sub shell to keep the file name 674 | (cd $ALF_HOME/addons/alfresco;sudo curl -# -O $AOS_AMP) 675 | echogreen "Downloading _vti_bin.war into tomcat/webapps" 676 | sudo curl -# -o $ALF_HOME/tomcat/webapps/_vti_bin.war $AOS_VTI 677 | echogreen "Downloading ROOT.war into tomcat/webapps" 678 | sudo curl -# -o $ALF_HOME/tomcat/webapps/ROOT.war $AOS_SERVER_ROOT 679 | fi 680 | 681 | # Install of war and addons complete, apply them to war file 682 | if [ "$installwar" = "y" ] || [ "$installsharewar" = "y" ] || [ "$installssharepoint" = "y" ]; then 683 | # Check if Java is installed before trying to apply 684 | if type -p java; then 685 | _java=java 686 | elif [[ -n "$JAVA_HOME" ]] && [[ -x "$JAVA_HOME/bin/java" ]]; then 687 | _java="$JAVA_HOME/bin/java" 688 | echored "No JDK installed. When you have installed JDK, run " 689 | echored "$ALF_HOME/addons/apply.sh all" 690 | echored "to install addons with Alfresco or Share." 691 | fi 692 | if [[ "$_java" ]]; then 693 | sudo $ALF_HOME/addons/apply.sh all 694 | fi 695 | fi 696 | 697 | echo 698 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 699 | echo "Install Solr6 Alfresco Search Services indexing engine." 700 | echo "You can run Solr6 on a separate server, unless you plan to do that you should" 701 | echo "install the Solr6 indexing engine on the same server as your repository server." 702 | echored "Alfresco Serch Services will be installed without SSL!" 703 | echored "Configure firewall to block port 8983 or install ssl, see" 704 | echored "https://docs.alfresco.com/community/tasks/solr6-install.html" 705 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 706 | read -e -p "Install Solr6 indexing engine${ques} [y/n] " -i "$DEFAULTYESNO" installsolr 707 | if [ "$installsolr" = "y" ]; then 708 | 709 | # Make sure we have unzip available 710 | sudo apt-get $APTVERBOSITY install unzip 711 | 712 | echogreen "Downloading Solr6 file..." 713 | sudo curl -# -o $ALF_HOME/solr6.zip $ASS_DOWNLOAD 714 | echogreen "Expanding Solr6 file..." 715 | cd $ALF_HOME 716 | sudo unzip -q solr6.zip 717 | sudo mv alfresco-search-services solr6 718 | sudo rm solr6.zip 719 | 720 | echogreen "Downloading Solr6 scripts and settings file..." 721 | sudo curl -# -o /etc/systemd/system/alfresco-search.service $BASE_DOWNLOAD/search/alfresco-search.service 722 | sudo curl -# -o $ALF_HOME/solr6/solrhome/conf/shared.properties $BASE_DOWNLOAD/search/shared.properties 723 | sudo curl -# -o $ALF_HOME/solr6/solr.in.sh $BASE_DOWNLOAD/search/solr.in.sh 724 | sudo chmod u+x $ALF_HOME/solr6/solr.in.sh 725 | # Enable the service 726 | sudo systemctl enable alfresco-search.service 727 | sudo systemctl daemon-reload 728 | 729 | echo 730 | echogreen "Finished installing Solr6 engine." 731 | echored "Verify your setting in alfresco-global.properties." 732 | echo "Set property value index.subsystem.name=solr6" 733 | echo 734 | else 735 | echo 736 | echo "Skipping installing Solr6." 737 | echo "You can always install Solr6 at a later time." 738 | echo 739 | fi 740 | 741 | echo 742 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 743 | echo "Alfresco BART - Backup and Recovery Tool" 744 | echo "Alfresco BART is a backup and recovery tool for Alfresco ECM. Is a shell script" 745 | echo "tool based on Duplicity for Alfresco backups and restore from a local file system," 746 | echo "FTP, SCP or Amazon S3 of all its components: indexes, data base, content store " 747 | echo "and all deployment and configuration files." 748 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 749 | read -e -p "Install B.A.R.T${ques} [y/n] " -i "$DEFAULTYESNO" installbart 750 | 751 | if [ "$installbart" = "y" ]; then 752 | echogreen "Installing B.A.R.T" 753 | 754 | 755 | sudo mkdir -p $ALF_HOME/scripts/bart 756 | sudo mkdir -p $ALF_HOME/logs/bart 757 | sudo curl -# -o $TMP_INSTALL/$BART_PROPERTIES $BASE_BART_DOWNLOAD$BART_PROPERTIES 758 | sudo curl -# -o $TMP_INSTALL/$BART_EXECUTE $BASE_BART_DOWNLOAD$BART_EXECUTE 759 | 760 | # Update bart settings 761 | ALFHOMEESCAPED="${ALF_HOME//\//\\/}" 762 | BARTLOGPATH="$ALF_HOME/logs/bart" 763 | ALFBRTPATH="$ALF_HOME/scripts/bart" 764 | INDEXESDIR="\$\{ALF_DIRROOT\}/solr6" 765 | # Escape for sed 766 | BARTLOGPATH="${BARTLOGPATH//\//\\/}" 767 | ALFBRTPATH="${ALFBRTPATH//\//\\/}" 768 | INDEXESDIR="${INDEXESDIR//\//\\/}" 769 | 770 | sed -i "s/ALF_INSTALLATION_DIR\=.*/ALF_INSTALLATION_DIR\=$ALFHOMEESCAPED/g" $TMP_INSTALL/$BART_PROPERTIES 771 | sed -i "s/ALFBRT_LOG_DIR\=.*/ALFBRT_LOG_DIR\=$BARTLOGPATH/g" $TMP_INSTALL/$BART_PROPERTIES 772 | sed -i "s/INDEXES_DIR\=.*/INDEXES_DIR\=$INDEXESDIR/g" $TMP_INSTALL/$BART_PROPERTIES 773 | sudo cp $TMP_INSTALL/$BART_PROPERTIES $ALF_HOME/scripts/bart/$BART_PROPERTIES 774 | sed -i "s/ALFBRT_PATH\=.*/ALFBRT_PATH\=$ALFBRTPATH/g" $TMP_INSTALL/$BART_EXECUTE 775 | sudo cp $TMP_INSTALL/$BART_EXECUTE $ALF_HOME/scripts/bart/$BART_EXECUTE 776 | 777 | sudo chmod 700 $ALF_HOME/scripts/bart/$BART_PROPERTIES 778 | sudo chmod 774 $ALF_HOME/scripts/bart/$BART_EXECUTE 779 | 780 | # Install dependency 781 | sudo apt-get $APTVERBOSITY install duplicity; 782 | 783 | # Add to cron tab 784 | tmpfile=/tmp/crontab.tmp 785 | 786 | # read crontab and remove custom entries (usually not there since after a reboot 787 | # QNAP restores to default crontab: http://wiki.qnap.com/wiki/Add_items_to_crontab#Method_2:_autorun.sh 788 | sudo -u $ALF_USER crontab -l | grep -vi "alfresco-bart.sh" > $tmpfile 789 | 790 | # add custom entries to crontab 791 | echo "0 5 * * * $ALF_HOME/scripts/bart/$BART_EXECUTE backup" >> $tmpfile 792 | 793 | #load crontab from file 794 | sudo -u $ALF_USER crontab $tmpfile 795 | 796 | # remove temporary file 797 | rm $tmpfile 798 | 799 | # restart crontab 800 | sudo service cron restart 801 | 802 | echogreen "B.A.R.T Cron is installed to run in 5AM every day as the $ALF_USER user" 803 | 804 | fi 805 | 806 | # Finally, set the permissions 807 | sudo chown -R $ALF_USER:$ALF_GROUP $ALF_HOME 808 | if [ -d "$ALF_HOME/www" ]; then 809 | sudo chown -R www-data:root $ALF_HOME/www 810 | fi 811 | 812 | echo 813 | echogreen "- - - - - - - - - - - - - - - - -" 814 | echo "Scripted install complete" 815 | echo 816 | echored "Manual tasks remaining:" 817 | echo 818 | echo "1. Add database. Install scripts available in $ALF_HOME/scripts" 819 | echored " It is however recommended that you use a separate database server." 820 | echo 821 | echo "2. Verify Tomcat memory and locale settings in the file" 822 | echo " $ALF_HOME/alfresco-service.sh." 823 | 824 | echo " Alfresco runs best with lots of memory. Add some more to \"lots\" and you will be fine!" 825 | echo " Match the locale LC_ALL (or remove) setting to the one used in this script." 826 | echo " Locale setting is needed for LibreOffice date handling support." 827 | echo 828 | echo "3. Update database and other settings in alfresco-global.properties" 829 | echo " You will find this file in $CATALINA_HOME/shared/classes" 830 | echored " Really, do this. There are some settings there that you need to verify." 831 | echo 832 | echo "4. Update properties for BART (if installed) in $ALF_HOME/scripts/bart/alfresco-bart.properties" 833 | echo " DBNAME,DBUSER,DBPASS,DBHOST,REC_MYDBNAME,REC_MYUSER,REC_MYPASS,REC_MYHOST,DBTYPE " 834 | echo 835 | echo "5. Update cpu settings in $ALF_HOME/scripts/limitconvert.sh if you have more than 2 cores." 836 | echo 837 | echo "6. Start nginx if you have installed it: sudo service nginx start" 838 | echo 839 | echo "7. Start Alfresco/tomcat:" 840 | 841 | echo " sudo $ALF_HOME/alfresco-service.sh start" 842 | 843 | echo 844 | 845 | echo 846 | echo "${warn}${bldblu} - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ${warn}" 847 | echogreen "Thanks for using Alfresco Ubuntu installer by Loftux AB." 848 | echogreen "Please visit https://loftux.com for more Alfresco Services and add-ons." 849 | echogreen "You are welcome to contact us at info@loftux.se" 850 | echo "${warn}${bldblu} - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ${warn}" 851 | echo 852 | -------------------------------------------------------------------------------- /nginx/alfresco.conf: -------------------------------------------------------------------------------- 1 | 2 | # Set proxy cache path 3 | proxy_cache_path /var/cache/nginx/alfresco levels=1 keys_zone=alfrescocache:256m max_size=512m inactive=1440m; 4 | 5 | # Alfresco Repository Tomcat instance 6 | upstream alfresco { 7 | server localhost:8080; 8 | } 9 | 10 | # Share Web client Tomcat instance 11 | upstream share { 12 | server localhost:8080; 13 | } 14 | 15 | # Default server config. Update server name. 16 | server { 17 | listen 80 ; 18 | listen [::]:80 ; 19 | server_name example.com www.example.com; 20 | 21 | root /opt/alfresco/www; 22 | index index.html index.htm; 23 | 24 | # Redirect root requests to Share. Do not do this if you use AOS 25 | # rewrite ^/$ /share; 26 | 27 | # redirect server error pages to the static page /50x.html 28 | # 29 | error_page 502 503 504 /maintenance.html; 30 | location = /maintenance.html { 31 | root /opt/alfresco/www; 32 | } 33 | 34 | # Access to old Alfresco web client. Remove this location if not needed. 35 | location /alfresco { 36 | 37 | # Allow for large file uploads 38 | client_max_body_size 0; 39 | 40 | # Proxy all the requests to Tomcat 41 | proxy_http_version 1.1; 42 | #proxy_buffering off; 43 | proxy_pass http://alfresco; 44 | 45 | proxy_set_header Proxy ""; 46 | proxy_set_header Host $http_host; 47 | proxy_set_header X-Real-IP $remote_addr; 48 | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 49 | proxy_set_header X-Forwarded-Host $http_host; 50 | proxy_set_header X-Forwarded-Server $host; 51 | } 52 | 53 | location /share { 54 | 55 | # Allow for large file uploads 56 | client_max_body_size 0; 57 | 58 | # Proxy all the requests to Tomcat 59 | proxy_http_version 1.1; 60 | #proxy_buffering off; 61 | proxy_pass http://share; 62 | 63 | proxy_set_header Proxy ""; 64 | proxy_set_header Host $http_host; 65 | proxy_set_header X-Real-IP $remote_addr; 66 | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 67 | proxy_set_header X-Forwarded-Host $http_host; 68 | proxy_set_header X-Forwarded-Server $host; 69 | } 70 | 71 | location /share/proxy/alfresco { 72 | # This section is for allowing to rewrite 50x response to 401 on Ajax req. 73 | # This forces Share to reload page, and thus display maintenance page 74 | 75 | # Allow for large file uploads 76 | client_max_body_size 0; 77 | 78 | # Proxy all the requests to Tomcat 79 | proxy_http_version 1.1; 80 | #proxy_buffering off; 81 | proxy_pass http://share; 82 | 83 | proxy_set_header Proxy ""; 84 | proxy_set_header Host $http_host; 85 | proxy_set_header X-Real-IP $remote_addr; 86 | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 87 | proxy_set_header X-Forwarded-Host $http_host; 88 | proxy_set_header X-Forwarded-Server $host; 89 | proxy_intercept_errors on; 90 | error_page 502 503 504 =401 /maintenance.html; 91 | } 92 | 93 | location /share/res/ { 94 | 95 | # Proxy all the requests to Tomcat 96 | proxy_http_version 1.1; 97 | proxy_pass http://share; 98 | proxy_set_header Host $http_host; 99 | 100 | proxy_set_header Proxy ""; 101 | proxy_cache alfrescocache; 102 | proxy_cache_min_uses 1; 103 | proxy_cache_valid 200 302 1440m; 104 | proxy_cache_valid 404 1m; 105 | proxy_cache_use_stale updating error timeout invalid_header http_500 http_502 http_503 http_504; 106 | } 107 | 108 | location / { 109 | # Allow for large file uploads 110 | client_max_body_size 0; 111 | 112 | # Proxy all the requests to Tomcat 113 | proxy_http_version 1.1; 114 | #proxy_buffering off; 115 | proxy_pass http://alfresco; 116 | 117 | proxy_set_header Proxy ""; 118 | proxy_set_header Host $http_host; 119 | proxy_set_header X-Real-IP $remote_addr; 120 | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 121 | proxy_set_header X-Forwarded-Host $http_host; 122 | proxy_set_header X-Forwarded-Server $host; 123 | } 124 | 125 | location /downtime.js { 126 | # Allow the maintenance page to pick up downtime.js script 127 | root /opt/alfresco/www; 128 | } 129 | } 130 | -------------------------------------------------------------------------------- /nginx/alfresco.conf.ssl: -------------------------------------------------------------------------------- 1 | 2 | # Set proxy cache path 3 | proxy_cache_path /var/cache/nginx/alfresco levels=1 keys_zone=alfrescocache:256m max_size=512m inactive=1440m; 4 | 5 | # Alfresco Repository Tomcat instance 6 | upstream alfresco { 7 | server localhost:8080; 8 | } 9 | 10 | # Share Web client Tomcat instance 11 | upstream share { 12 | server localhost:8080; 13 | } 14 | 15 | # Uncomment if you want redirect to https 16 | #server { 17 | # listen 80 ; 18 | # listen [::]:80 ; 19 | # server_name example.com www.example.com; 20 | # server_name_in_redirect off; 21 | # rewrite ^ https://$host$request_uri? permanent; 22 | #} 23 | 24 | # Default server config. Update servername. 25 | server { 26 | listen 443 ssl http2; 27 | listen [::]:443 ssl http2; 28 | server_name example.com www.example.com; 29 | 30 | root /opt/alfresco/www; 31 | index index.html index.htm; 32 | 33 | # Redirect root requests to Share. Do not do this if you use AOS 34 | # rewrite ^/$ /share; 35 | 36 | ssl on; 37 | ssl_certificate /etc/nginx/ssl/alfserver.crt; 38 | ssl_certificate_key /etc/nginx/ssl/alfserver.key; 39 | 40 | ssl_session_timeout 15m; 41 | ssl_session_cache shared:SSL:15m; 42 | 43 | ssl_stapling on; 44 | ssl_stapling_verify on; 45 | 46 | ssl_protocols TLSv1.2 TLSv1.1 TLSv1; 47 | ssl_prefer_server_ciphers on; 48 | ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA'; 49 | 50 | # redirect server error pages to the static page /50x.html 51 | # 52 | error_page 502 503 504 /maintenance.html; 53 | location = /maintenance.html { 54 | root /opt/alfresco/www; 55 | } 56 | 57 | # Access to old Alfresco web client. Remove this location if not needed. 58 | location /alfresco { 59 | 60 | # Allow for large file uploads 61 | client_max_body_size 0; 62 | 63 | # Proxy all the requests to Tomcat 64 | proxy_http_version 1.1; 65 | #proxy_buffering off; 66 | proxy_pass http://alfresco; 67 | 68 | proxy_set_header Proxy ""; 69 | proxy_set_header Host $http_host; 70 | proxy_set_header X-Real-IP $remote_addr; 71 | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 72 | proxy_set_header X-Forwarded-Host $http_host; 73 | proxy_set_header X-Forwarded-Server $host; 74 | } 75 | 76 | location /share { 77 | 78 | # Allow for large file uploads 79 | client_max_body_size 0; 80 | 81 | # Proxy all the requests to Tomcat 82 | proxy_http_version 1.1; 83 | #proxy_buffering off; 84 | proxy_pass http://share; 85 | 86 | proxy_set_header Proxy ""; 87 | proxy_set_header Host $http_host; 88 | proxy_set_header X-Real-IP $remote_addr; 89 | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 90 | proxy_set_header X-Forwarded-Host $http_host; 91 | proxy_set_header X-Forwarded-Server $host; 92 | } 93 | 94 | location /share/proxy/alfresco { 95 | # This section is for allowing to rewrite 50x response to 401 on Ajax req. 96 | # This forces Share to reload page, and thus display maintenance page 97 | 98 | # Allow for large file uploads 99 | client_max_body_size 0; 100 | 101 | # Proxy all the requests to Tomcat 102 | proxy_http_version 1.1; 103 | #proxy_buffering off; 104 | proxy_pass http://share; 105 | 106 | proxy_set_header Proxy ""; 107 | proxy_set_header Host $http_host; 108 | proxy_set_header X-Real-IP $remote_addr; 109 | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 110 | proxy_set_header X-Forwarded-Host $http_host; 111 | proxy_set_header X-Forwarded-Server $host; 112 | proxy_intercept_errors on; 113 | error_page 502 503 504 =401 /maintenance.html; 114 | } 115 | 116 | location /share/res/ { 117 | 118 | # Proxy all the requests to Tomcat 119 | proxy_http_version 1.1; 120 | proxy_pass http://share; 121 | 122 | proxy_set_header Proxy ""; 123 | proxy_set_header Host $http_host; 124 | 125 | proxy_cache alfrescocache; 126 | proxy_cache_min_uses 1; 127 | proxy_cache_valid 200 302 1440m; 128 | proxy_cache_valid 404 1m; 129 | proxy_cache_use_stale updating error timeout invalid_header http_500 http_502 http_503 http_504; 130 | } 131 | 132 | location / { 133 | # Allow for large file uploads 134 | client_max_body_size 0; 135 | 136 | # Proxy all the requests to Tomcat 137 | proxy_http_version 1.1; 138 | #proxy_buffering off; 139 | proxy_pass http://alfresco; 140 | 141 | proxy_set_header Proxy ""; 142 | proxy_set_header Host $http_host; 143 | proxy_set_header X-Real-IP $remote_addr; 144 | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 145 | proxy_set_header X-Forwarded-Host $http_host; 146 | proxy_set_header X-Forwarded-Server $host; 147 | } 148 | 149 | location /downtime.js { 150 | # Allow the maintenance page to pick up downtime.js script 151 | root /opt/alfresco/www; 152 | } 153 | } 154 | -------------------------------------------------------------------------------- /nginx/basic-settings.conf: -------------------------------------------------------------------------------- 1 | 2 | ## 3 | # Basic Settings 4 | ## 5 | 6 | sendfile on; 7 | #aio threads; 8 | tcp_nopush on; 9 | tcp_nodelay on; 10 | keepalive_timeout 65; 11 | types_hash_max_size 2048; 12 | # server_tokens off; 13 | 14 | ## 15 | # Logging Settings 16 | ## 17 | 18 | access_log off; 19 | #access_log /var/log/nginx/access.log; 20 | error_log /var/log/nginx/error.log; 21 | 22 | ## 23 | # Gzip Settings 24 | ## 25 | 26 | gzip on; 27 | gzip_disable "msie6"; 28 | gzip_http_version 1.1; 29 | gzip_comp_level 6; 30 | gzip_min_length 1400; 31 | gzip_buffers 16 8k; 32 | gzip_proxied any; 33 | gzip_types text/html text/xml text/plain text/css text/csv text/x-markdown text/x-web-markdown application/json text/javascript application/javascript application/x-javascript application/xhtml+xml application/atom+xml application/rss+xml application/atomsvc+xml; 34 | #gzip_vary on; 35 | 36 | -------------------------------------------------------------------------------- /nginx/letsencrypt/example.com.conf: -------------------------------------------------------------------------------- 1 | # Uncomment and update to generate certificates for the specified 2 | # domains. The first listed name will be the name of the certificate. 3 | domains = example.com, www.example.com 4 | 5 | # increase key size 6 | rsa-key-size = 4096 7 | 8 | # this address will receive renewal reminders, IIRC 9 | email = webmaster@example.com 10 | 11 | # turn off the ncurses UI, we want this to be run as a cronjob 12 | text = True 13 | 14 | # Automatically agree to Terms of Services 15 | agree-tos = True 16 | 17 | # authenticate by placing a file in the webroot (under .well-known/acme-challenge/) and then letting 18 | # LE fetch it 19 | authenticator = webroot 20 | # Absolut path to your webroot. Set the same config in nginx config file 21 | webroot-path = /usr/share/nginx/example.com 22 | -------------------------------------------------------------------------------- /nginx/letsencrypt/letsencrypt.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # Script for handling letsencrypt with Alfresco 4 | # 5 | # Copyright 2013 Loftux AB, Peter Löfgren 6 | # Distributed under the Creative Commons Attribution-ShareAlike 3.0 Unported License (CC BY-SA 3.0) 7 | # ------- 8 | 9 | export INSTALLDIR=/opt/letsencrypt/certbot 10 | # Location where you put your letsencrypt config files 11 | export CONFIGDIR=/etc/letsencrypt/configs/ 12 | # Location to webpath-root where letsencrypt places domain verification files. 13 | # Amended with the domain when using init. 14 | export BASECHALLENGELOCATION=/usr/share/nginx 15 | 16 | 17 | export APTVERBOSITY="-qq -y" 18 | # Branch name to pull from server. Use master for stable. 19 | BRANCH=experimental 20 | export BASE_DOWNLOAD=https://raw.githubusercontent.com/loftuxab/alfresco-ubuntu-install/$BRANCH 21 | 22 | # Color variables 23 | txtund=$(tput sgr 0 1) # Underline 24 | txtbld=$(tput bold) # Bold 25 | bldred=${txtbld}$(tput setaf 1) # red 26 | bldgre=${txtbld}$(tput setaf 2) # red 27 | bldblu=${txtbld}$(tput setaf 4) # blue 28 | bldwht=${txtbld}$(tput setaf 7) # white 29 | txtrst=$(tput sgr0) # Reset 30 | info=${bldwht}*${txtrst} # Feedback 31 | pass=${bldblu}*${txtrst} 32 | warn=${bldred}*${txtrst} 33 | ques=${bldblu}?${txtrst} 34 | 35 | echoblue () { 36 | echo "${bldblu}$1${txtrst}" 37 | } 38 | echored () { 39 | echo "${bldred}$1${txtrst}" 40 | } 41 | echogreen () { 42 | echo "${bldgre}$1${txtrst}" 43 | } 44 | 45 | init() { 46 | 47 | if [ ! -d "$INSTALLDIR" ]; then 48 | sudo mkdir -p $INSTALLDIR 49 | cd $INSTALLDIR 50 | sudo curl -# -O https://dl.eff.org/certbot-auto 51 | sudo chmod a+x certbot-auto 52 | sudo ./certbot-auto 53 | fi 54 | 55 | sudo mkdir -p $CONFIGDIR 56 | sudo mkdir -p $BASECHALLENGELOCATION 57 | sudo chown -R www-data:www-data $BASECHALLENGELOCATION 58 | 59 | if [ ! -f "$CONFIGDIR/letsencryptc.com.conf.sample" ]; then 60 | echo "Downloading sample domain config..." 61 | sudo curl -# -o $CONFIGDIR/example.com.conf.sample $BASE_DOWNLOAD/nginx/letsencrypt/example.com.conf 62 | fi 63 | 64 | } 65 | 66 | create() { 67 | echoblue "Creating certificates for $1" 68 | sudo mkdir -p $BASECHALLENGELOCATION/$1 69 | # Make sure we have correct permissions 70 | sudo chown -R www-data:www-data $BASECHALLENGELOCATION 71 | if [ -f "$CONFIGDIR/$1.conf" ]; then 72 | cd $INSTALLDIR 73 | sudo ./certbot-auto --config "$CONFIGDIR/$1.conf" certonly 74 | else 75 | echored "You must supply the config file to use without .sample ending." 76 | echored "Keept the config file the same as domain name." 77 | fi 78 | 79 | echoblue "You must now configure nginx manually to use" 80 | echoblue "the new certificates and restart." 81 | echoblue "Add to your nginx conf file" 82 | echoblue "ssl_certificate /etc/letsencrypt/live/$1/fullchain.pem;" 83 | echoblue "ssl_certificate_key /etc/letsencrypt/live/$1/privkey.pem;" 84 | } 85 | 86 | renew() { 87 | # Make sure we have correct permissions 88 | sudo chown -R www-data:www-data $BASECHALLENGELOCATION 89 | 90 | cd $INSTALLDIR 91 | sudo ./certbot-auto renew 92 | sudo service nginx restart 93 | } 94 | 95 | case "$1" in 96 | create) 97 | create $2 98 | ;; 99 | renew) 100 | renew 101 | ;; 102 | init) 103 | init 104 | ;; 105 | *) 106 | echored "Usage: $0 {init|create|renew}" 107 | echogreen "init: Install letsencrypt and sample config" 108 | echogreen "create: Create first time certificate. Require second parameter for domain." 109 | echogreen "renew: Renew existing certificates. Will loop all existing configs." 110 | exit 1 111 | esac 112 | 113 | exit $RETVAL 114 | -------------------------------------------------------------------------------- /nginx/letsencrypt/nginx.conf.snippet: -------------------------------------------------------------------------------- 1 | server { 2 | listen 80; 3 | listen [::]:80; 4 | server_name example.com www.example.com; 5 | 6 | location /.well-known/acme-challenge { 7 | alias /usr/share/nginx/example.com/.well-known/acme-challenge; 8 | location ~ /.well-known/acme-challenge/(.*) { 9 | add_header Content-Type application/jose+json; 10 | } 11 | } 12 | 13 | location / { 14 | server_name_in_redirect off; 15 | rewrite ^ https://$host$request_uri? permanent; 16 | } 17 | 18 | 19 | } 20 | -------------------------------------------------------------------------------- /nginx/maintenance.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 |
5 | 6 | 7 | 8 | 9 | 10 |While you are waiting, why not play a game of Asteroids. But only if boss is not looking! 303 |
304 | 305 | 306 |