├── README.md ├── alfinstall.sh ├── nginx ├── alfresco.conf ├── alfresco.conf.ssl ├── basic-settings.conf ├── letsencrypt │ ├── example.com.conf │ ├── letsencrypt.sh │ └── nginx.conf.snippet ├── maintenance.html └── nginx.conf ├── scripts ├── alfresco-iptables.conf ├── alfresco-iptables.service ├── alfresco-service.sh ├── ams.sh ├── apply.sh ├── createssl.sh ├── iptables.sh ├── libreoffice.sh ├── limitconvert.sh ├── mariadb.sh ├── mysql.sh └── postgresql.sh ├── search ├── alfresco-search.service ├── shared.properties └── solr.in.sh └── tomcat ├── alfresco-global.properties ├── alfresco.conf ├── alfresco.service ├── alfresco.xml ├── catalina.properties ├── context.xml ├── server.xml ├── share-config-custom.xml ├── share.xml └── tomcat-users.xml /README.md: -------------------------------------------------------------------------------- 1 | [![Loftux AB](https://loftux.com/files/static/images/ubuntu_installer.png?ref=ubuntuinstall)](https://loftux.com?ref=ubuntuinstall) 2 | 3 | Alfresco Ubuntu Installer 4 | ======================= 5 | 6 | This install script and guide was created by Peter Löfgren, [Loftux AB](http://loftux.com). 7 | 8 | Please visit [https://loftux.com](https://loftux.com/en/?ref=ubuntuinstall "loftux.com") (English) [https://loftux.se](https://loftux.se/sv?ref=ubuntuinstall "loftux.se") (Swedish) for more information. 9 | 10 | 11 | Current version : **Alfresco Community 6.1 (6.1.1 Repository,6.1.0 Share)** or **LXCommunity ECM LX101** 12 | Ubuntu Version : **16.04** or later. 13 | 14 | Alfresco script based install for Ubuntu servers. 15 | ---------------------------- 16 | 17 | This script will help you set up an Alfresco server instance with all necessary third party components. Some will be installed via Ubuntu packages, some directly downloaded. The script will walk you through the process. In the end, there will be some manual tasks to complete the installation. 18 | 19 | Alfresco does have installers for Linux, and you may be better off with using those installers if you just want to do a quick test install. 20 | 21 | If you intend to run Alfresco in production, this script can help you both with the install. *By examining what the script does, you can also learn what components are involved running an Alfresco instance.* This is a must for any Alfresco administrator who runs Alfresco in production. 22 | 23 | For commercial support with your installation, upgrades and running a production server, contact [Loftux AB](https://loftux.com/contact) (Worldwide). 24 | 25 | 26 | 27 | Installing 28 | ---- 29 | To start the install, in Ubuntu terminal run; 30 | 31 | ``` 32 | curl -O https://raw.githubusercontent.com/loftuxab/alfresco-ubuntu-install/master/alfinstall.sh 33 | chmod u+x alfinstall.sh 34 | ./alfinstall.sh 35 | ``` 36 | 37 | All install options will be presented with an introduction. They default to 'y' (yes), so type n to skip install of that component. You need **sudo** access to install. 38 | 39 | Please read all of this README before you go ahead. 40 | 41 | There is also lots of documentation at [http://docs.alfresco.com/5.1](http://docs.alfresco.com/5.1). To get started to become an Alfresco server Administrator, read and make yourself familiar with the 'Administering' section. 42 | 43 | ## Notes 44 | - Only 64-bit Ubuntu is supported. Java cannot address enough memory to support running Alfresco on a 32-bit system. 45 | - Many components have their download urls pointed to specific version. Whenever a new version comes out, the older version is removed from the download server and this script breaks. These will be updated as soon as they are made known. This is known to happen with LibreOffice and Tomcat. The script will check if the needed components are available and break if they are not. 46 | 47 | More on the components/installation steps. 48 | ======= 49 | Once the script is downloaded you can modify (if necessary) it to fit your purpose. 50 | 51 | LXCommunity ECM 52 | -------- 53 | You will be asked to select if you want to install LXCommunity ECM or Alfresco Community. 54 | 55 | LXCommunity ECM is a custom build of Alfresco with additional fixes and enhancements and for which you can optionally buy support. You can find more information on this offering at [https://loftux.com/alfresco](https://loftux.se/en/products-and-add-ons/alfresco?ref=ubuntuinstalloffer). 56 | You can switch between Alfresco Community or LXCommunity ECM as long as they are based on the same schema, see [version overview](https://loftux.se/en/products-and-add-ons/alfresco/alfresco-versions). 57 | 58 | 59 | Alfresco User 60 | -------- 61 | The Alfresco user is the server account used to run tomcat. You should never run tomcat as `root`, so if you do not already have the alfresco (default in the install script) user, you should add the alfresco user. 62 | 63 | In this part of the install is also an update to make sure a specific locale is supported (`default sv_SE.utf8`). This is useful for LibreOffice date formatting to work correctly during transformations. 64 | 65 | Limits 66 | -------- 67 | Ubuntu default for number of allowed open files in the file system is too low for alfresco use and tomcat may because of this stop with the error "too many open files". You should update this value if you have not done so. 68 | 69 | Read more at [http://wiki.alfresco.com/wiki/Too_many_open_files](http://wiki.alfresco.com/wiki/Too_many_open_files). 70 | 71 | Starting/Stopping Alfresco and Search Services 72 | -------- 73 | Tomcat is the java application server used to actually run Alfresco. The script downloads the latest version of Tomcat 8, and then updates its configuration files to better support running Alfresco. 74 | 75 | Ubuntu systemd is used to stop and start tomcat. You **must** have a look and verify settings; 76 | `/opt/alfresco/alfresco-service.sh` 77 | 78 | Edit locale setting (LC_ALL) and the memory settings in this file to match your server. 79 | 80 | About memory, it has default max set to 2G. That is good enough if you have about 5 users. So add more ram (and then some) to your server, update then Xmx setting in alfresco.conf. Your Alfresco instance will run much smoother. 81 | 82 | You will be presented with the option to add either MySql or Postgresql jdbc libraries. You should probably add at least one of them. 83 | 84 | Once the install is complete (the entire script and the manual steps following that), to start run 85 | `sudo /opt/alfresco/alfresco-service.sh start` (16.04) - this is a wrapper, using `sudo systemctl start alfresco.service` will have the same result. 86 | It also starts/stops Alfresco Search Services, it can be started separately with `sudo systemctl start alfresco-search.service`. 87 | 88 | To stop Tomcat for Alfresco, just switch `start` to `stop` in the above command. Using `status` as a parameter will show status of the Alfresco Tomcat service 89 | 90 | Nginx 91 | -------- 92 | It is sometimes useful to have a front-end for your Tomcat Alfresco instance. Since Tomcat runs default on port 8080, you can use Nginx as proxy. It is also a lot easier to add ssl support. The default config includes sample configuration for this. Share resource files (anything loaded from /share/res/) is cached in nginx, so it doesn't need to be fetched from tomcat. 93 | 94 | The script will use the latest version of the Ubuntu package from Nginx instead of default Ubuntu nginx packages. This allows for http/2 support. 95 | 96 | The default config file is found in folder `/etc/nginx/conf.d/alfresco.conf`. If you want to use ssl, you can replace this file with the sample config in `alfresco.conf.ssl`. Common settings is found in file `basic-settings.conf`. 97 | 98 | **Caveat:** The upload progress bar in Share will show the upload as complete when the upload from client to nginx is complete, but the upload from nginx to Tomcat Share/Alfresco continues shortly. Usually this is barely noticeable, since server connections speeds are a lot faster than client server connections. 99 | 100 | ### Maintenance message support 101 | If you are using Nginx as front-end there is a built in fallback to a maintenance page when the Alfresco tomcat instance is stopped. Nginx will detect that tomcat is not responding and show this page. It will display expected downtime and a progress bar. 102 | 103 | To set the downtime (in minutes) and a custom message, call the ams.sh script found in script folder. 104 | `ams.sh 20 "Custom message displayed in page"` 105 | 106 | The above example will set the downtime to 20 minutes (from when you shut down) and with a custom message. If called without parameters it defaults to 10 minutes. Custom message is optional, but if used you also must set the timeout. 107 | 108 | The script will shut down Alfresco tomcat instance. To start it you must call `sudo /opt/alfresco/alfresco-service.sh start`. 109 | 110 | The `maintenance.html` page is found in its default location /opt/alfresco/www and can be customized to your needs. 111 | 112 | If you want to implement this support and already have run the `alfinstall.sh` script, compare your `nginx.conf` to what is currently in `git/master`. 113 | 114 | Java JDK 115 | -------- 116 | Download and install of Oracle Java 8. 117 | 118 | If you choose to use any other Java JDK, adjust paths setting in `/etc/init/alfresco.conf`. 119 | 120 | LibreOffice 121 | ------------- 122 | Downloads and install LibreOffice from libreoffice.org (technically from a mirror). Alfresco just use LibreOffice for transformations, and later versions have better (hopefully) conversion filters. 123 | 124 | In this step ImageMagick is also installed from Ubuntu standard packages, if you skip this step install ImageMagick separately. Some extra font packages like Microsoft true type fonts is also installed, since you likely will add documents to Alfresco that have used them, this will result in better transformations. 125 | 126 | ImageMagick 127 | ----------- 128 | Installed using the Ubuntu default package. 129 | 130 | If you get the error `no decode delegate for this image format` on start in the alfresco.log make sure to check that the path for `img.coders=` in alfresco-global.properties. The path may be version specific for the installed version. 131 | 132 | Alfresco 133 | --------- 134 | Download and install of Alfresco itself. Or rather, the alfresco.war and share.war and adds them to tomcat/webapps folder. 135 | 136 | You also have the option to install Google Docs and Sharepoint addons. Skip if you do not intend to use them, you can always add then later. 137 | You can completely skip this step if you intend to use Enterprise version or any other version. See also the special section about the addons directory. 138 | 139 | Solr 140 | --------- 141 | Install Solr as indexing engine. Solr runs as a separate application and is slightly more complex to configure. It is recommended that you install Solr. 142 | Solr can run on a separate server, you can use this script to install the core for what is needed for that. Refer to the official Alfresco documention for the configuration settings for such a setup. 143 | 144 | Addons - Manage amps and war files. 145 | ======== 146 | A special directory is created, `/opt/alfresco/addons`. This directory can be used to manage any addons and the core war files. 147 | * `addons/alfresco` - Alfresco amp files. 148 | * `addons/share` - Share amp files. 149 | * `addons/war` - alfresco.war and share.war files goes in here. 150 | The script `addons/apply.sh`is what you run to install amp files to war files, and then copy the war files to tomcat/webapps. The script has three parameter options 151 | * amp - just install the amp files to war files. 152 | * copy - Copy war files to tomcat/webapps. 153 | * all - Do both of the above. You can only do this if tomcat is **not** running. 154 | 155 | If you didn't install Alfresco war files with the install script you can use this script to manage your war files. If you for example want to use the Enterprise version, download the war files from Alfresco support portal and add them to the /war directory and the run apply.sh. Or you can always add them directly to tomcat/webapps. 156 | 157 | Scripts - Supporting scripts 158 | ============================ 159 | In the directory `/opt/alfresco/scripts` there are some useful scripts installed. Or if you did not run the install script, grab them from github. Here is what they do: 160 | * `libreoffice.sh` - Start/stop libreoffice manually. Sometimes libreoffice crashes during a transformation, use this script to start it again. Alfresco will re-connect when the server detects libreoffice is running. You can add this to crontab for automatic checks: 161 | NO LONGER NEEDED: Since version 6 or LX101, Alfresco uses JodConverter with built in process management. 162 | 163 | `*/10 * * * * /opt/alfresco/scripts/libreoffice.sh start 2>&1 >> /opt/alfresco/logs/office.log` 164 | `0 2 * * * /opt/alfresco/scripts/libreoffice.sh restart 2>&1 > /opt/alfresco/logs/office.log` 165 | 166 | This will make sure libreoffice is running (if not already started and tomcat is running). Once per night it will also do a complete restart (in case LibreOffice behaves badly). 167 | * `iptables.sh` - Script to add port forwarding. Useful if you want to use cifs, ftp that will not run on lower port numbers if not root. Or if you´re not using nginx as front end and want to forward port 80 to 8080. 168 | * `limitconvert.sh` - Script to limit the number of cpu:s ImageMagick convert can use during transformations. Some Document library views with large thumbnails can cause intensive transformation load, and this script make sure some resources are left for other work. 169 | * `createssl.sh` - Create self signed certificates, useful for testing purposes. Works well with nginx. 170 | * `mariadb.sh` - Install the mariadb database server (the MySql alternative). It is recommended that you instead use a dedicated database server. Seriously, do that. And do some database optimizations, out of scope for this install guide. 171 | * `mysql.sh` - Install the mysql database server (the original MySql). It is recommended that you instead use a dedicated database server. Seriously, do that. And do some database optimizations, out of scope for this install guide. 172 | * `postgresql.sh` - Same as for MariaDB, but the postgres version. 173 | * `ams.sh` - To do a maintenance shutdown. For more, see section under nginx. 174 | 175 | Alfresco BART - Backup and Recovery Tool 176 | ======================================== 177 | Alfresco BART is a third party tool to aid with your Backup and Recovery requirements. 178 | 179 | You can do the basic install using this script, but it is **highly recommended** that you visit [https://github.com/toniblyx/alfresco-backup-and-recovery-tool/](https://github.com/toniblyx/alfresco-backup-and-recovery-tool/) page to learn more on how to configure this tool. 180 | 181 | Frequently Asked Questions (FAQ) 182 | === 183 | 184 | Can this script be used for any version of Alfresco? 185 | --- 186 | 187 | Yes, see the Addon section. But do know that it uses latest version of many components, and they may not be Alfresco officially supported stack. 188 | 189 | Can I modify the scripts? 190 | --- 191 | 192 | Yes, you can either download the install script and modify as needed. Or you clone the entire thing at Github and create your own version. If you create/change anything that you think may be useful, please contribute back. 193 | 194 | Upgrading - Can I use this to upgrade an existing install? 195 | --- 196 | 197 | At this time, this is not the intended use. So short answer is no. 198 | 199 | Longer answer is, you can probably grab pieces of the script to upgrade individual components. Or as is recommended when upgrading, test your upgrade on a separate server. So install a new server with fresh install, then grab a copy of your data and do a test upgrade. If this works, switch to this server. Did you make a backup of your data first? 200 | 201 | I want Alfresco and Share on separate server, can this script be used? 202 | --- 203 | 204 | Yes (and is also recommended for best performance), but all components are not needed on both servers. The Alfresco server probably doesn't need nginx, the Share server doesn't need LibreOffice, ImageMagick, Swftools and Solr. The 'Alfresco' install step will download both alfresco.war and share.war if run, just remove the one that doesn't apply from tomcat/webapps and addons/war directory. 205 | 206 | The script does not use version x of component z, can you fix this? 207 | --- 208 | 209 | Probably, but you can also. Just edit the script with the version you want to use, most of the specific links can be found in the beginning of the script. 210 | 211 | Why does the script use the latest versions/not use Ubuntu packages? 212 | --- 213 | 214 | This combination of packages/downloaded install has been found to work well. But that may not hold true always. If you feel more confident to run a specific version of a component, or want to use a standard Ubuntu package, modify the script. Or skip that part in the install script, and just use this script as an install guide on what needs to be in place for a production server. 215 | 216 | 217 | License 218 | === 219 | Copyright 2013-2018 Loftux AB, Peter Löfgren 220 | Distributed under the Creative Commons Attribution-ShareAlike 3.0 Unported License (CC BY-SA 3.0) 221 | -------------------------------------------------------------------------------- /alfinstall.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # ------- 3 | # Script for install of Alfresco 4 | # 5 | # Copyright 2013-2017 Loftux AB, Peter Löfgren 6 | # Distributed under the Creative Commons Attribution-ShareAlike 3.0 Unported License (CC BY-SA 3.0) 7 | # ------- 8 | 9 | export ALF_HOME=/opt/alfresco 10 | export ALF_DATA_HOME=$ALF_HOME/alf_data 11 | export CATALINA_HOME=$ALF_HOME/tomcat 12 | export ALF_USER=alfresco 13 | export ALF_GROUP=$ALF_USER 14 | export APTVERBOSITY="-qq -y" 15 | export TMP_INSTALL=/tmp/alfrescoinstall 16 | export DEFAULTYESNO="y" 17 | 18 | # Branch name to pull from server. Use master for stable. 19 | BRANCH=master 20 | export BASE_DOWNLOAD=https://raw.githubusercontent.com/loftuxab/alfresco-ubuntu-install/$BRANCH 21 | export KEYSTOREBASE=https://svn.alfresco.com/repos/alfresco-open-mirror/alfresco/HEAD/root/projects/repository/config/alfresco/keystore 22 | 23 | #Change this to prefered locale to make sure it exists. This has impact on LibreOffice transformations 24 | #export LOCALESUPPORT=sv_SE.utf8 25 | export LOCALESUPPORT=en_US.utf8 26 | 27 | export TOMCAT_DOWNLOAD=http://archive.apache.org/dist/tomcat/tomcat-8/v8.0.53/bin/apache-tomcat-8.0.53.tar.gz 28 | export JDBCPOSTGRESURL=https://jdbc.postgresql.org/download 29 | export JDBCPOSTGRES=postgresql-42.2.5.jar 30 | export JDBCMYSQLURL=https://dev.mysql.com/get/Downloads/Connector-J 31 | export JDBCMYSQL=mysql-connector-java-5.1.47.tar.gz 32 | 33 | export LIBREOFFICE=https://download.documentfoundation.org/libreoffice/stable/6.4.0/deb/x86_64/LibreOffice_6.4.0_Linux_x86-64_deb.tar.gz 34 | export ALFRESCO_PDF_RENDERER=https://artifacts.alfresco.com/nexus/service/local/repositories/releases/content/org/alfresco/alfresco-pdf-renderer/1.1/alfresco-pdf-renderer-1.1-linux.tgz 35 | 36 | export ALFREPOWAR=https://downloads.loftux.net/public/content/org/alfresco/content-services-community/6.1.1/content-services-community-6.1.1.war 37 | export ALFSHAREWAR=https://downloads.loftux.net/public/content/org/alfresco/share/6.1.0/share-6.1.0.war 38 | export ALFSHARESERVICES=https://downloads.loftux.net/public/content/org/alfresco/alfresco-share-services/6.1.0/alfresco-share-services-6.1.0.amp 39 | export ALFMMTJAR=https://downloads.loftux.net/public/content/org/alfresco/alfresco-mmt/6.0/alfresco-mmt-6.0.jar 40 | 41 | export ASS_DOWNLOAD=https://downloads.loftux.net/public/content/org/alfresco/alfresco-search-services/1.3.0.1/alfresco-search-services-1.3.0.1.zip 42 | 43 | export LXALFREPOWAR=https://downloads.loftux.net/alfresco/alfresco-platform/LX101/alfresco-platform-LX101.war 44 | export LXALFSHAREWAR=https://downloads.loftux.net/alfresco/share/LX101/share-LX101.war 45 | export LXALFSHARESERVICES=https://downloads.loftux.net/alfresco/alfresco-share-services/LX101/alfresco-share-services-LX101.amp 46 | export LXAOS_AMP=https://downloads.loftux.net/alfresco/aos-module/alfresco-aos-module/1.2.0.1/alfresco-aos-module-1.2.0.1.amp 47 | 48 | 49 | export GOOGLEDOCSREPO=https://downloads.loftux.net/public/content/org/alfresco/integrations/alfresco-googledocs-repo/3.0.4.3/alfresco-googledocs-repo-3.0.4.3.amp 50 | export GOOGLEDOCSSHARE=https://downloads.loftux.net/public/content/org/alfresco/integrations/alfresco-googledocs-share/3.0.4.3/alfresco-googledocs-share-3.0.4.3.amp 51 | 52 | export AOS_VTI=https://downloads.loftux.net/public/content/org/alfresco/aos-module/alfresco-vti-bin/1.2.2/alfresco-vti-bin-1.2.2.war 53 | export AOS_SERVER_ROOT=https://downloads.loftux.net/public/content/org/alfresco/alfresco-server-root/6.0.1/alfresco-server-root-6.0.1.war 54 | export AOS_AMP=https://downloads.loftux.net/public/content/org/alfresco/aos-module/alfresco-aos-module/1.2.2/alfresco-aos-module-1.2.2.amp 55 | 56 | export BASE_BART_DOWNLOAD=https://raw.githubusercontent.com/toniblyx/alfresco-backup-and-recovery-tool/master/src/ 57 | 58 | export BART_PROPERTIES=alfresco-bart.properties 59 | export BART_EXECUTE=alfresco-bart.sh 60 | 61 | 62 | # Color variables 63 | txtund=$(tput sgr 0 1) # Underline 64 | txtbld=$(tput bold) # Bold 65 | bldred=${txtbld}$(tput setaf 1) # red 66 | bldgre=${txtbld}$(tput setaf 2) # red 67 | bldblu=${txtbld}$(tput setaf 4) # blue 68 | bldwht=${txtbld}$(tput setaf 7) # white 69 | txtrst=$(tput sgr0) # Reset 70 | info=${bldwht}*${txtrst} # Feedback 71 | pass=${bldblu}*${txtrst} 72 | warn=${bldred}*${txtrst} 73 | ques=${bldblu}?${txtrst} 74 | 75 | echoblue () { 76 | echo "${bldblu}$1${txtrst}" 77 | } 78 | echored () { 79 | echo "${bldred}$1${txtrst}" 80 | } 81 | echogreen () { 82 | echo "${bldgre}$1${txtrst}" 83 | } 84 | cd /tmp 85 | if [ -d "alfrescoinstall" ]; then 86 | rm -rf alfrescoinstall 87 | fi 88 | mkdir alfrescoinstall 89 | cd ./alfrescoinstall 90 | 91 | echo 92 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 93 | echogreen "Alfresco Ubuntu installer by Loftux AB." 94 | echogreen "Please read the documentation at" 95 | echogreen "https://github.com/loftuxab/alfresco-ubuntu-install." 96 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 97 | echo 98 | 99 | echo 100 | echo "${warn}${bldblu} - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ${warn}" 101 | echogreen "Do you want to install LXCommunity ECM build of Alfresco Community" 102 | echogreen "from Loftux AB?" 103 | echogreen "You can use this in place of Alfresco Community from Alfresco Software" 104 | echogreen "and optionally later buy a support package." 105 | echogreen "If you later prefer to use Alfresco Community you can always switch back" 106 | echogreen "by manually replacing war files." 107 | echo 108 | echogreen "Please visit https://loftux.com/alfresco for more information." 109 | echogreen "You are welcome to contact us at info@loftux.se" 110 | echo "${warn}${bldblu} - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ${warn}" 111 | echo 112 | read -e -p "Use LXCommunity ECM when installing${ques} [y/n] " -i "$DEFAULTYESNO" uselxcommunity 113 | if [ "$uselxcommunity" = "y" ]; then 114 | 115 | ALFREPOWAR=$LXALFREPOWAR 116 | ALFSHAREWAR=$LXALFSHAREWAR 117 | ALFSHARESERVICES=$LXALFSHARESERVICES 118 | AOS_AMP=$LXAOS_AMP 119 | 120 | echo 121 | echogreen "Thanks for choosing LXCommunity ECM" 122 | echo 123 | else 124 | echo "Installing Alfresco Community edition from Alfresco Software" 125 | echo 126 | fi 127 | 128 | echo 129 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 130 | echo "Checking for the availability of the URLs inside script..." 131 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 132 | echo 133 | 134 | echo 135 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 136 | echo "Preparing for install. Updating the apt package index files..." 137 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 138 | sudo apt-get $APTVERBOSITY update; 139 | echo 140 | 141 | if [ "`which systemctl`" = "" ]; then 142 | export ISON1604=n 143 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 144 | echo "You are installing for version 14.04 (using upstart for services)." 145 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 146 | read -e -p "Is this correct [y/n] " -i "$DEFAULTYESNO" useupstart 147 | if [ "$useupstart" = "n" ]; then 148 | export ISON1604=y 149 | fi 150 | else 151 | export ISON1604=y 152 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 153 | echo "You are installing for version 16.04 or later (using systemd for services)." 154 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 155 | read -e -p "Is this correct [y/n] " -i "$DEFAULTYESNO" useupstart 156 | if [ "$useupstart" = "n" ]; then 157 | export ISON1604=n 158 | fi 159 | fi 160 | 161 | if [ "$ISON1604" = "n" ]; then 162 | echored "Installing on version prior to 16.04 no longer supported" 163 | exit 1 164 | fi 165 | 166 | if [ "`which curl`" = "" ]; then 167 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 168 | echo "You need to install curl. Curl is used for downloading components to install." 169 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 170 | sudo apt-get $APTVERBOSITY install curl; 171 | fi 172 | 173 | if [ "`which wget`" = "" ]; then 174 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 175 | echo "You need to install wget. Wget is used for downloading components to install." 176 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 177 | sudo apt-get $APTVERBOSITY install wget; 178 | fi 179 | 180 | URLERROR=0 181 | 182 | for REMOTE in $TOMCAT_DOWNLOAD $JDBCPOSTGRESURL/$JDBCPOSTGRES $JDBCMYSQLURL/$JDBCMYSQL \ 183 | $LIBREOFFICE $ALFREPOWAR $ALFSHAREWAR $ALFSHARESERVICES $GOOGLEDOCSREPO \ 184 | $GOOGLEDOCSSHARE $ASS_DOWNLOAD $AOS_VTI $AOS_SERVER_ROOT 185 | 186 | do 187 | wget --spider $REMOTE --no-check-certificate >& /dev/null 188 | if [ $? != 0 ] 189 | then 190 | echored "In alfinstall.sh, please fix this URL: $REMOTE" 191 | URLERROR=1 192 | fi 193 | done 194 | 195 | if [ $URLERROR = 1 ] 196 | then 197 | echo 198 | echored "Please fix the above errors and rerun." 199 | echo 200 | exit 201 | fi 202 | 203 | echo 204 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 205 | echo "You need to add a system user that runs the tomcat Alfresco instance." 206 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 207 | read -e -p "Add alfresco system user${ques} [y/n] " -i "$DEFAULTYESNO" addalfresco 208 | if [ "$addalfresco" = "y" ]; then 209 | sudo adduser --system --disabled-login --disabled-password --group $ALF_USER 210 | echo 211 | echogreen "Finished adding alfresco user" 212 | echo 213 | else 214 | echo "Skipping adding alfresco user" 215 | echo 216 | fi 217 | 218 | echo 219 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 220 | echo "You need to set the locale to use when running tomcat Alfresco instance." 221 | echo "This has an effect on date formats for transformations and support for" 222 | echo "international characters." 223 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 224 | read -e -p "Enter the default locale to use: " -i "$LOCALESUPPORT" LOCALESUPPORT 225 | #install locale to support that locale date formats in open office transformations 226 | sudo locale-gen $LOCALESUPPORT 227 | echo 228 | echogreen "Finished updating locale" 229 | echo 230 | 231 | echo 232 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 233 | echo "Ubuntu default for number of allowed open files in the file system is too low" 234 | echo "for alfresco use and tomcat may because of this stop with the error" 235 | echo "\"too many open files\". You should update this value if you have not done so." 236 | echo "Read more at http://wiki.alfresco.com/wiki/Too_many_open_files" 237 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 238 | read -e -p "Add limits.conf${ques} [y/n] " -i "$DEFAULTYESNO" updatelimits 239 | if [ "$updatelimits" = "y" ]; then 240 | echo "alfresco soft nofile 8192" | sudo tee -a /etc/security/limits.conf 241 | echo "alfresco hard nofile 65536" | sudo tee -a /etc/security/limits.conf 242 | echo 243 | echogreen "Updated /etc/security/limits.conf" 244 | echo 245 | echo "session required pam_limits.so" | sudo tee -a /etc/pam.d/common-session 246 | echo "session required pam_limits.so" | sudo tee -a /etc/pam.d/common-session-noninteractive 247 | echo 248 | echogreen "Updated /etc/security/common-session*" 249 | echo 250 | else 251 | echo "Skipped updating limits.conf" 252 | echo 253 | fi 254 | 255 | echo 256 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 257 | echo "Tomcat is the application server that runs Alfresco." 258 | echo "You will also get the option to install jdbc lib for Postgresql or MySql/MariaDB." 259 | echo "Install the jdbc lib for the database you intend to use." 260 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 261 | read -e -p "Install Tomcat${ques} [y/n] " -i "$DEFAULTYESNO" installtomcat 262 | 263 | if [ "$installtomcat" = "y" ]; then 264 | echogreen "Installing Tomcat" 265 | echo "Downloading tomcat..." 266 | curl -# -L -O $TOMCAT_DOWNLOAD 267 | # Make sure install dir exists, including logs dir 268 | sudo mkdir -p $ALF_HOME/logs 269 | echo "Extracting..." 270 | tar xf "$(find . -type f -name "apache-tomcat*")" 271 | sudo mv "$(find . -type d -name "apache-tomcat*")" $CATALINA_HOME 272 | # Remove apps not needed 273 | sudo rm -rf $CATALINA_HOME/webapps/* 274 | # Create Tomcat conf folder 275 | sudo mkdir -p $CATALINA_HOME/conf/Catalina/localhost 276 | # Get Alfresco config 277 | echo "Downloading tomcat configuration files..." 278 | 279 | sudo curl -# -o $CATALINA_HOME/conf/server.xml $BASE_DOWNLOAD/tomcat/server.xml 280 | sudo curl -# -o $CATALINA_HOME/conf/catalina.properties $BASE_DOWNLOAD/tomcat/catalina.properties 281 | sudo curl -# -o $CATALINA_HOME/conf/tomcat-users.xml $BASE_DOWNLOAD/tomcat/tomcat-users.xml 282 | sudo curl -# -o $CATALINA_HOME/conf/context.xml $BASE_DOWNLOAD/tomcat/context.xml 283 | if [ "$ISON1604" = "y" ]; then 284 | sudo curl -# -o /etc/systemd/system/alfresco.service $BASE_DOWNLOAD/tomcat/alfresco.service 285 | sudo curl -# -o $ALF_HOME/alfresco-service.sh $BASE_DOWNLOAD/scripts/alfresco-service.sh 286 | sudo chmod 755 $ALF_HOME/alfresco-service.sh 287 | sudo sed -i "s/@@LOCALESUPPORT@@/$LOCALESUPPORT/g" $ALF_HOME/alfresco-service.sh 288 | # Enable the service 289 | sudo systemctl enable alfresco.service 290 | sudo systemctl daemon-reload 291 | fi 292 | 293 | # Create /shared 294 | sudo mkdir -p $CATALINA_HOME/shared/classes/alfresco/extension 295 | sudo mkdir -p $CATALINA_HOME/shared/classes/alfresco/web-extension 296 | sudo mkdir -p $CATALINA_HOME/shared/lib 297 | # Add endorsed dir 298 | sudo mkdir -p $CATALINA_HOME/endorsed 299 | 300 | echo 301 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 302 | echo "You need to add the dns name, port and protocol for your server(s)." 303 | echo "It is important that this is is a resolvable server name." 304 | echo "This information will be added to default configuration files." 305 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 306 | read -e -p "Please enter the public host name for Share server (fully qualified domain name)${ques} [`hostname`] " -i "`hostname`" SHARE_HOSTNAME 307 | read -e -p "Please enter the protocol to use for public Share server (http or https)${ques} [http] " -i "http" SHARE_PROTOCOL 308 | SHARE_PORT=80 309 | if [ "${SHARE_PROTOCOL,,}" = "https" ]; then 310 | SHARE_PORT=443 311 | fi 312 | read -e -p "Please enter the host name for Alfresco Repository server (fully qualified domain name) as shown to users${ques} [$SHARE_HOSTNAME] " -i "$SHARE_HOSTNAME" REPO_HOSTNAME 313 | read -e -p "Please enter the host name for Alfresco Repository server that Share will use to talk to repository${ques} [localhost] " -i "localhost" SHARE_TO_REPO_HOSTNAME 314 | # Add default alfresco-global.propertis 315 | ALFRESCO_GLOBAL_PROPERTIES=/tmp/alfrescoinstall/alfresco-global.properties 316 | sudo curl -# -o $ALFRESCO_GLOBAL_PROPERTIES $BASE_DOWNLOAD/tomcat/alfresco-global.properties 317 | sed -i "s/@@ALFRESCO_SHARE_SERVER@@/$SHARE_HOSTNAME/g" $ALFRESCO_GLOBAL_PROPERTIES 318 | sed -i "s/@@ALFRESCO_SHARE_SERVER_PORT@@/$SHARE_PORT/g" $ALFRESCO_GLOBAL_PROPERTIES 319 | sed -i "s/@@ALFRESCO_SHARE_SERVER_PROTOCOL@@/$SHARE_PROTOCOL/g" $ALFRESCO_GLOBAL_PROPERTIES 320 | sed -i "s/@@ALFRESCO_REPO_SERVER@@/$REPO_HOSTNAME/g" $ALFRESCO_GLOBAL_PROPERTIES 321 | sudo mv $ALFRESCO_GLOBAL_PROPERTIES $CATALINA_HOME/shared/classes/ 322 | 323 | read -e -p "Install Share config file (recommended)${ques} [y/n] " -i "$DEFAULTYESNO" installshareconfig 324 | if [ "$installshareconfig" = "y" ]; then 325 | SHARE_CONFIG_CUSTOM=/tmp/alfrescoinstall/share-config-custom.xml 326 | sudo curl -# -o $SHARE_CONFIG_CUSTOM $BASE_DOWNLOAD/tomcat/share-config-custom.xml 327 | sed -i "s/@@ALFRESCO_SHARE_SERVER@@/$SHARE_HOSTNAME/g" $SHARE_CONFIG_CUSTOM 328 | sed -i "s/@@SHARE_TO_REPO_SERVER@@/$SHARE_TO_REPO_HOSTNAME/g" $SHARE_CONFIG_CUSTOM 329 | sudo mv $SHARE_CONFIG_CUSTOM $CATALINA_HOME/shared/classes/alfresco/web-extension/ 330 | fi 331 | 332 | echo 333 | read -e -p "Install Postgres JDBC Connector${ques} [y/n] " -i "$DEFAULTYESNO" installpg 334 | if [ "$installpg" = "y" ]; then 335 | curl -# -O $JDBCPOSTGRESURL/$JDBCPOSTGRES 336 | sudo mv $JDBCPOSTGRES $CATALINA_HOME/lib 337 | fi 338 | echo 339 | read -e -p "Install Mysql JDBC Connector${ques} [y/n] " -i "$DEFAULTYESNO" installmy 340 | if [ "$installmy" = "y" ]; then 341 | cd /tmp/alfrescoinstall 342 | curl -# -L -O $JDBCMYSQLURL/$JDBCMYSQL 343 | tar xf $JDBCMYSQL 344 | cd "$(find . -type d -name "mysql-connector*")" 345 | sudo mv mysql-connector*.jar $CATALINA_HOME/lib 346 | fi 347 | sudo chown -R $ALF_USER:$ALF_GROUP $ALF_HOME 348 | echo 349 | echogreen "Finished installing Tomcat" 350 | echo 351 | else 352 | echo "Skipping install of Tomcat" 353 | echo 354 | fi 355 | 356 | echo 357 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 358 | echo "Nginx can be used as frontend to Tomcat." 359 | echo "This installation will add config default proxying to Alfresco tomcat." 360 | echo "The config file also have sample config for ssl." 361 | echo "You can run Alfresco fine without installing nginx." 362 | echo "If you prefer to use Apache, install that manually. Or you can use iptables" 363 | echo "forwarding, sample script in $ALF_HOME/scripts/iptables.sh" 364 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 365 | read -e -p "Install nginx${ques} [y/n] " -i "$DEFAULTYESNO" installnginx 366 | if [ "$installnginx" = "y" ]; then 367 | echoblue "Installing nginx. Fetching packages..." 368 | echo 369 | sudo -s << EOF 370 | echo "deb http://nginx.org/packages/ubuntu/ $(lsb_release -cs) nginx" >> /etc/apt/sources.list 371 | echo "deb-src http://nginx.org/packages/ubuntu/ $(lsb_release -cs) nginx" >> /etc/apt/sources.list 372 | sudo curl -# -o /tmp/alfrescoinstall/nginx_signing.key http://nginx.org/keys/nginx_signing.key 373 | apt-key add /tmp/alfrescoinstall/nginx_signing.key 374 | #echo "deb http://ppa.launchpad.net/nginx/stable/ubuntu $(lsb_release -cs) main" >> /etc/apt/sources.list 375 | #apt-key adv --keyserver keyserver.ubuntu.com --recv-keys C300EE8C 376 | # Alternate with spdy support and more, change apt install -> nginx-custom 377 | #echo "deb http://ppa.launchpad.net/brianmercer/nginx/ubuntu $(lsb_release -cs) main" >> /etc/apt/sources.list 378 | #apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 8D0DC64F 379 | EOF 380 | sudo apt-get $APTVERBOSITY update && sudo apt-get $APTVERBOSITY install nginx 381 | sudo service nginx stop 382 | sudo mv /etc/nginx/nginx.conf /etc/nginx/nginx.conf.backup 383 | sudo mv /etc/nginx/conf.d/default.conf /etc/nginx/conf.d/default.conf.sample 384 | sudo curl -# -o /etc/nginx/nginx.conf $BASE_DOWNLOAD/nginx/nginx.conf 385 | sudo curl -# -o /etc/nginx/conf.d/alfresco.conf $BASE_DOWNLOAD/nginx/alfresco.conf 386 | sudo curl -# -o /etc/nginx/conf.d/alfresco.conf.ssl $BASE_DOWNLOAD/nginx/alfresco.conf.ssl 387 | sudo curl -# -o /etc/nginx/conf.d/basic-settings.conf $BASE_DOWNLOAD/nginx/basic-settings.conf 388 | sudo mkdir -p /var/cache/nginx/alfresco 389 | # Make the ssl dir as this is what is used in sample config 390 | sudo mkdir -p /etc/nginx/ssl 391 | sudo mkdir -p $ALF_HOME/www 392 | if [ ! -f "$ALF_HOME/www/maintenance.html" ]; then 393 | echo "Downloading maintenance html page..." 394 | sudo curl -# -o $ALF_HOME/www/maintenance.html $BASE_DOWNLOAD/nginx/maintenance.html 395 | fi 396 | sudo chown -R www-data:root /var/cache/nginx/alfresco 397 | sudo chown -R www-data:root $ALF_HOME/www 398 | ## Reload config file 399 | sudo service nginx start 400 | 401 | echo 402 | echogreen "Finished installing nginx" 403 | echo 404 | else 405 | echo "Skipping install of nginx" 406 | fi 407 | 408 | echo 409 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 410 | echo "Install Java JDK." 411 | echo "This will install OpenJDK 8 version of Java. If you prefer Oracle Java 8 " 412 | echo "you need to download and install that manually." 413 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 414 | read -e -p "Install OpenJDK${ques} [y/n] " -i "$DEFAULTYESNO" installjdk 415 | if [ "$installjdk" = "y" ]; then 416 | echoblue "Installing OpenJDK..." 417 | sudo apt-get $APTVERBOSITY install openjdk-8-jre-headless 418 | echo 419 | echogreen "Make sure correct default java is selected!" 420 | echo 421 | sudo update-alternatives --config java 422 | #sudo apt-get $APTVERBOSITY install python-software-properties software-properties-common 423 | #sudo add-apt-repository ppa:webupd8team/java 424 | #sudo apt-get $APTVERBOSITY update 425 | #echo oracle-java8-installer shared/accepted-oracle-license-v1-1 select true | sudo /usr/bin/debconf-set-selections 426 | #sudo apt-get $APTVERBOSITY install oracle-java8-installer 427 | #sudo update-java-alternatives -s java-8-oracle 428 | echo 429 | echogreen "Finished installing OpenJDK " 430 | echo 431 | else 432 | echo "Skipping install of OpenJDK." 433 | echored "IMPORTANT: You need to install other JDK and adjust paths for the install to be complete" 434 | echo 435 | fi 436 | 437 | echo 438 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 439 | echo "Install LibreOffice." 440 | echo "This will download and install the latest LibreOffice from libreoffice.org" 441 | echo "Newer version of Libreoffice has better document filters, and produce better" 442 | echo "transformations. If you prefer to use Ubuntu standard packages you can skip" 443 | echo "this install." 444 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 445 | read -e -p "Install LibreOffice${ques} [y/n] " -i "$DEFAULTYESNO" installibreoffice 446 | if [ "$installibreoffice" = "y" ]; then 447 | 448 | cd /tmp/alfrescoinstall 449 | curl -# -L -O $LIBREOFFICE 450 | tar xf LibreOffice*.tar.gz 451 | cd "$(find . -type d -name "LibreOffice*")" 452 | cd DEBS 453 | rm *gnome-integration*.deb &&\ 454 | rm *kde-integration*.deb &&\ 455 | rm *debian-menus*.deb &&\ 456 | sudo dpkg -i *.deb 457 | echo 458 | echoblue "Installing some support fonts for better transformations." 459 | # libxinerama1 libglu1-mesa needed to get LibreOffice 4.4 to work. Add the libraries that Alfresco mention in documentatinas required. 460 | 461 | ###1604 fonts-droid not available, use fonts-noto instead 462 | sudo apt-get $APTVERBOSITY install ttf-mscorefonts-installer fonts-noto fontconfig libcups2 libfontconfig1 libglu1-mesa libice6 libsm6 libxinerama1 libxrender1 libxt6 libcairo2 463 | echo 464 | echogreen "Finished installing LibreOffice" 465 | echo 466 | else 467 | echo 468 | echo "Skipping install of LibreOffice" 469 | echored "If you install LibreOffice/OpenOffice separetely, remember to update alfresco-global.properties" 470 | echored "Also run: sudo apt-get install ttf-mscorefonts-installer fonts-droid libxinerama1" 471 | echo 472 | fi 473 | 474 | echo 475 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 476 | echo "Install ImageMagick." 477 | echo "This will ImageMagick from Ubuntu packages." 478 | echo "It is recommended that you install ImageMagick." 479 | echo "If you prefer some other way of installing ImageMagick, skip this step." 480 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 481 | read -e -p "Install ImageMagick${ques} [y/n] " -i "$DEFAULTYESNO" installimagemagick 482 | if [ "$installimagemagick" = "y" ]; then 483 | 484 | echoblue "Installing ImageMagick. Fetching packages..." 485 | sudo apt-get $APTVERBOSITY install imagemagick ghostscript libgs-dev libjpeg62 libpng16-16 486 | echo 487 | if [ "$ISON1604" = "y" ]; then 488 | echoblue "Creating symbolic link for ImageMagick-6." 489 | sudo ln -s /etc/ImageMagick-6 /etc/ImageMagick 490 | fi 491 | echo 492 | echogreen "Finished installing ImageMagick" 493 | echo 494 | else 495 | echo 496 | echo "Skipping install of ImageMagick" 497 | echored "Remember to install ImageMagick later. It is needed for thumbnail transformations." 498 | echo 499 | fi 500 | 501 | echo 502 | echoblue "Adding basic support files. Always installed if not present." 503 | echo 504 | # Always add the addons dir and scripts 505 | sudo mkdir -p $ALF_HOME/addons/war 506 | sudo mkdir -p $ALF_HOME/addons/share 507 | sudo mkdir -p $ALF_HOME/addons/alfresco 508 | if [ ! -f "$ALF_HOME/addons/apply.sh" ]; then 509 | echo "Downloading apply.sh script..." 510 | sudo curl -# -o $ALF_HOME/addons/apply.sh $BASE_DOWNLOAD/scripts/apply.sh 511 | sudo chmod u+x $ALF_HOME/addons/apply.sh 512 | fi 513 | if [ ! -f "$ALF_HOME/addons/alfresco-mmt.jar" ]; then 514 | sudo curl -# -o $ALF_HOME/addons/alfresco-mmt.jar $ALFMMTJAR 515 | fi 516 | 517 | # Add the jar modules dir 518 | sudo mkdir -p $ALF_HOME/modules/platform 519 | sudo mkdir -p $ALF_HOME/modules/share 520 | 521 | sudo mkdir -p $ALF_HOME/bin 522 | if [ ! -f "$ALF_HOME/bin/alfresco-pdf-renderer" ]; then 523 | echo "Downloading Alfresco PDF Renderer binary (alfresco-pdf-renderer)..." 524 | sudo curl -# -o $TMP_INSTALL/alfresco-pdf-renderer.tgz $ALFRESCO_PDF_RENDERER 525 | sudo tar -xf $TMP_INSTALL/alfresco-pdf-renderer.tgz -C $TMP_INSTALL 526 | sudo mv $TMP_INSTALL/alfresco-pdf-renderer $ALF_HOME/bin/ 527 | fi 528 | 529 | sudo mkdir -p $ALF_HOME/scripts 530 | if [ ! -f "$ALF_HOME/scripts/mariadb.sh" ]; then 531 | echo "Downloading mariadb.sh install and setup script..." 532 | sudo curl -# -o $ALF_HOME/scripts/mariadb.sh $BASE_DOWNLOAD/scripts/mariadb.sh 533 | fi 534 | if [ ! -f "$ALF_HOME/scripts/postgresql.sh" ]; then 535 | echo "Downloading postgresql.sh install and setup script..." 536 | sudo curl -# -o $ALF_HOME/scripts/postgresql.sh $BASE_DOWNLOAD/scripts/postgresql.sh 537 | fi 538 | 539 | if [ ! -f "$ALF_HOME/scripts/mysql.sh" ]; then 540 | echo "Downloading mysql.sh install and setup script..." 541 | sudo curl -# -o $ALF_HOME/scripts/mysql.sh $BASE_DOWNLOAD/scripts/mysql.sh 542 | fi 543 | 544 | if [ ! -f "$ALF_HOME/scripts/limitconvert.sh" ]; then 545 | echo "Downloading limitconvert.sh script..." 546 | sudo curl -# -o $ALF_HOME/scripts/limitconvert.sh $BASE_DOWNLOAD/scripts/limitconvert.sh 547 | fi 548 | if [ ! -f "$ALF_HOME/scripts/createssl.sh" ]; then 549 | echo "Downloading createssl.sh script..." 550 | sudo curl -# -o $ALF_HOME/scripts/createssl.sh $BASE_DOWNLOAD/scripts/createssl.sh 551 | fi 552 | if [ ! -f "$ALF_HOME/scripts/libreoffice.sh" ]; then 553 | echo "Downloading libreoffice.sh script..." 554 | sudo curl -# -o $ALF_HOME/scripts/libreoffice.sh $BASE_DOWNLOAD/scripts/libreoffice.sh 555 | sudo sed -i "s/@@LOCALESUPPORT@@/$LOCALESUPPORT/g" $ALF_HOME/scripts/libreoffice.sh 556 | fi 557 | if [ ! -f "$ALF_HOME/scripts/iptables.sh" ]; then 558 | echo "Downloading iptables.sh script..." 559 | sudo curl -# -o $ALF_HOME/scripts/iptables.sh $BASE_DOWNLOAD/scripts/iptables.sh 560 | fi 561 | if [ ! -f "$ALF_HOME/scripts/alfresco-iptables.conf" ]; then 562 | echo "Downloading alfresco-iptables.conf upstart script..." 563 | sudo curl -# -o $ALF_HOME/scripts/alfresco-iptables.conf $BASE_DOWNLOAD/scripts/alfresco-iptables.conf 564 | fi 565 | if [ ! -f "$ALF_HOME/scripts/ams.sh" ]; then 566 | echo "Downloading maintenance shutdown script..." 567 | sudo curl -# -o $ALF_HOME/scripts/ams.sh $BASE_DOWNLOAD/scripts/ams.sh 568 | fi 569 | sudo chmod 755 $ALF_HOME/scripts/*.sh 570 | 571 | # Keystore 572 | sudo mkdir -p $ALF_DATA_HOME/keystore 573 | # Only check for precesence of one file, assume all the rest exists as well if so. 574 | if [ ! -f " $ALF_DATA_HOME/keystore/ssl.keystore" ]; then 575 | echo "Downloading keystore files..." 576 | sudo curl -# -o $ALF_DATA_HOME/keystore/browser.p12 $KEYSTOREBASE/browser.p12 577 | sudo curl -# -o $ALF_DATA_HOME/keystore/generate_keystores.sh $KEYSTOREBASE/generate_keystores.sh 578 | sudo curl -# -o $ALF_DATA_HOME/keystore/keystore $KEYSTOREBASE/keystore 579 | sudo curl -# -o $ALF_DATA_HOME/keystore/keystore-passwords.properties $KEYSTOREBASE/keystore-passwords.properties 580 | sudo curl -# -o $ALF_DATA_HOME/keystore/ssl-keystore-passwords.properties $KEYSTOREBASE/ssl-keystore-passwords.properties 581 | sudo curl -# -o $ALF_DATA_HOME/keystore/ssl-truststore-passwords.properties $KEYSTOREBASE/ssl-truststore-passwords.properties 582 | sudo curl -# -o $ALF_DATA_HOME/keystore/ssl.keystore $KEYSTOREBASE/ssl.keystore 583 | sudo curl -# -o $ALF_DATA_HOME/keystore/ssl.truststore $KEYSTOREBASE/ssl.truststore 584 | fi 585 | 586 | echo 587 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 588 | echo "Install Alfresco war files." 589 | echo "Download war files and optional addons." 590 | echo "If you have already downloaded your war files you can skip this step and add " 591 | echo "them manually." 592 | echo 593 | echo "If you use separate Alfresco and Share server, only install the needed for each" 594 | echo "server. Alfresco Repository will need Share Services if you use Share." 595 | echo 596 | echo "This install place downloaded files in the $ALF_HOME/addons and then use the" 597 | echo "apply.sh script to add them to tomcat/webapps. Se this script for more info." 598 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 599 | read -e -p "Add Alfresco Repository war file${ques} [y/n] " -i "$DEFAULTYESNO" installwar 600 | if [ "$installwar" = "y" ]; then 601 | 602 | echogreen "Downloading alfresco war file..." 603 | sudo curl -# -o $ALF_HOME/addons/war/alfresco.war $ALFREPOWAR 604 | echo 605 | 606 | # Add default alfresco and share modules classloader config files 607 | sudo curl -# -o $CATALINA_HOME/conf/Catalina/localhost/alfresco.xml $BASE_DOWNLOAD/tomcat/alfresco.xml 608 | 609 | echogreen "Finished adding Alfresco Repository war file" 610 | echo 611 | else 612 | echo 613 | echo "Skipping adding Alfresco Repository war file and addons" 614 | echo 615 | fi 616 | 617 | read -e -p "Add Share Client war file${ques} [y/n] " -i "$DEFAULTYESNO" installsharewar 618 | if [ "$installsharewar" = "y" ]; then 619 | 620 | echogreen "Downloading Share war file..." 621 | sudo curl -# -o $ALF_HOME/addons/war/share.war $ALFSHAREWAR 622 | 623 | # Add default alfresco and share modules classloader config files 624 | sudo curl -# -o $CATALINA_HOME/conf/Catalina/localhost/share.xml $BASE_DOWNLOAD/tomcat/share.xml 625 | 626 | echo 627 | echogreen "Finished adding Share war file" 628 | echo 629 | else 630 | echo 631 | echo "Skipping adding Alfresco Share war file" 632 | echo 633 | fi 634 | 635 | if [ "$installwar" = "y" ] || [ "$installsharewar" = "y" ]; then 636 | cd /tmp/alfrescoinstall 637 | 638 | if [ "$installwar" = "y" ]; then 639 | echored "You must install Share Services if you intend to use Share Client." 640 | read -e -p "Add Share Services plugin${ques} [y/n] " -i "$DEFAULTYESNO" installshareservices 641 | if [ "$installshareservices" = "y" ]; then 642 | echo "Downloading Share Services addon..." 643 | curl -# -O $ALFSHARESERVICES 644 | sudo mv alfresco-share-services*.amp $ALF_HOME/addons/alfresco/ 645 | fi 646 | fi 647 | 648 | read -e -p "Add Google docs integration${ques} [y/n] " -i "$DEFAULTYESNO" installgoogledocs 649 | if [ "$installgoogledocs" = "y" ]; then 650 | echo "Downloading Google docs addon..." 651 | if [ "$installwar" = "y" ]; then 652 | curl -# -O $GOOGLEDOCSREPO 653 | sudo mv alfresco-googledocs-repo*.amp $ALF_HOME/addons/alfresco/ 654 | fi 655 | if [ "$installsharewar" = "y" ]; then 656 | curl -# -O $GOOGLEDOCSSHARE 657 | sudo mv alfresco-googledocs-share* $ALF_HOME/addons/share/ 658 | fi 659 | fi 660 | fi 661 | 662 | 663 | echo 664 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 665 | echo "Install Alfresco Office Services (Sharepoint protocol emulation)." 666 | echo "This allows you to open and save Microsoft Office documents online." 667 | echored "This module is not Open Source (Alfresco proprietary)." 668 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 669 | read -e -p "Install Alfresco Office Services integration${ques} [y/n] " -i "$DEFAULTYESNO" installssharepoint 670 | if [ "$installssharepoint" = "y" ]; then 671 | echogreen "Installing Alfresco Offices Services bundle..." 672 | echogreen "Downloading Alfresco Office Services amp file" 673 | # Sub shell to keep the file name 674 | (cd $ALF_HOME/addons/alfresco;sudo curl -# -O $AOS_AMP) 675 | echogreen "Downloading _vti_bin.war into tomcat/webapps" 676 | sudo curl -# -o $ALF_HOME/tomcat/webapps/_vti_bin.war $AOS_VTI 677 | echogreen "Downloading ROOT.war into tomcat/webapps" 678 | sudo curl -# -o $ALF_HOME/tomcat/webapps/ROOT.war $AOS_SERVER_ROOT 679 | fi 680 | 681 | # Install of war and addons complete, apply them to war file 682 | if [ "$installwar" = "y" ] || [ "$installsharewar" = "y" ] || [ "$installssharepoint" = "y" ]; then 683 | # Check if Java is installed before trying to apply 684 | if type -p java; then 685 | _java=java 686 | elif [[ -n "$JAVA_HOME" ]] && [[ -x "$JAVA_HOME/bin/java" ]]; then 687 | _java="$JAVA_HOME/bin/java" 688 | echored "No JDK installed. When you have installed JDK, run " 689 | echored "$ALF_HOME/addons/apply.sh all" 690 | echored "to install addons with Alfresco or Share." 691 | fi 692 | if [[ "$_java" ]]; then 693 | sudo $ALF_HOME/addons/apply.sh all 694 | fi 695 | fi 696 | 697 | echo 698 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 699 | echo "Install Solr6 Alfresco Search Services indexing engine." 700 | echo "You can run Solr6 on a separate server, unless you plan to do that you should" 701 | echo "install the Solr6 indexing engine on the same server as your repository server." 702 | echored "Alfresco Serch Services will be installed without SSL!" 703 | echored "Configure firewall to block port 8983 or install ssl, see" 704 | echored "https://docs.alfresco.com/community/tasks/solr6-install.html" 705 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 706 | read -e -p "Install Solr6 indexing engine${ques} [y/n] " -i "$DEFAULTYESNO" installsolr 707 | if [ "$installsolr" = "y" ]; then 708 | 709 | # Make sure we have unzip available 710 | sudo apt-get $APTVERBOSITY install unzip 711 | 712 | echogreen "Downloading Solr6 file..." 713 | sudo curl -# -o $ALF_HOME/solr6.zip $ASS_DOWNLOAD 714 | echogreen "Expanding Solr6 file..." 715 | cd $ALF_HOME 716 | sudo unzip -q solr6.zip 717 | sudo mv alfresco-search-services solr6 718 | sudo rm solr6.zip 719 | 720 | echogreen "Downloading Solr6 scripts and settings file..." 721 | sudo curl -# -o /etc/systemd/system/alfresco-search.service $BASE_DOWNLOAD/search/alfresco-search.service 722 | sudo curl -# -o $ALF_HOME/solr6/solrhome/conf/shared.properties $BASE_DOWNLOAD/search/shared.properties 723 | sudo curl -# -o $ALF_HOME/solr6/solr.in.sh $BASE_DOWNLOAD/search/solr.in.sh 724 | sudo chmod u+x $ALF_HOME/solr6/solr.in.sh 725 | # Enable the service 726 | sudo systemctl enable alfresco-search.service 727 | sudo systemctl daemon-reload 728 | 729 | echo 730 | echogreen "Finished installing Solr6 engine." 731 | echored "Verify your setting in alfresco-global.properties." 732 | echo "Set property value index.subsystem.name=solr6" 733 | echo 734 | else 735 | echo 736 | echo "Skipping installing Solr6." 737 | echo "You can always install Solr6 at a later time." 738 | echo 739 | fi 740 | 741 | echo 742 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 743 | echo "Alfresco BART - Backup and Recovery Tool" 744 | echo "Alfresco BART is a backup and recovery tool for Alfresco ECM. Is a shell script" 745 | echo "tool based on Duplicity for Alfresco backups and restore from a local file system," 746 | echo "FTP, SCP or Amazon S3 of all its components: indexes, data base, content store " 747 | echo "and all deployment and configuration files." 748 | echoblue "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 749 | read -e -p "Install B.A.R.T${ques} [y/n] " -i "$DEFAULTYESNO" installbart 750 | 751 | if [ "$installbart" = "y" ]; then 752 | echogreen "Installing B.A.R.T" 753 | 754 | 755 | sudo mkdir -p $ALF_HOME/scripts/bart 756 | sudo mkdir -p $ALF_HOME/logs/bart 757 | sudo curl -# -o $TMP_INSTALL/$BART_PROPERTIES $BASE_BART_DOWNLOAD$BART_PROPERTIES 758 | sudo curl -# -o $TMP_INSTALL/$BART_EXECUTE $BASE_BART_DOWNLOAD$BART_EXECUTE 759 | 760 | # Update bart settings 761 | ALFHOMEESCAPED="${ALF_HOME//\//\\/}" 762 | BARTLOGPATH="$ALF_HOME/logs/bart" 763 | ALFBRTPATH="$ALF_HOME/scripts/bart" 764 | INDEXESDIR="\$\{ALF_DIRROOT\}/solr6" 765 | # Escape for sed 766 | BARTLOGPATH="${BARTLOGPATH//\//\\/}" 767 | ALFBRTPATH="${ALFBRTPATH//\//\\/}" 768 | INDEXESDIR="${INDEXESDIR//\//\\/}" 769 | 770 | sed -i "s/ALF_INSTALLATION_DIR\=.*/ALF_INSTALLATION_DIR\=$ALFHOMEESCAPED/g" $TMP_INSTALL/$BART_PROPERTIES 771 | sed -i "s/ALFBRT_LOG_DIR\=.*/ALFBRT_LOG_DIR\=$BARTLOGPATH/g" $TMP_INSTALL/$BART_PROPERTIES 772 | sed -i "s/INDEXES_DIR\=.*/INDEXES_DIR\=$INDEXESDIR/g" $TMP_INSTALL/$BART_PROPERTIES 773 | sudo cp $TMP_INSTALL/$BART_PROPERTIES $ALF_HOME/scripts/bart/$BART_PROPERTIES 774 | sed -i "s/ALFBRT_PATH\=.*/ALFBRT_PATH\=$ALFBRTPATH/g" $TMP_INSTALL/$BART_EXECUTE 775 | sudo cp $TMP_INSTALL/$BART_EXECUTE $ALF_HOME/scripts/bart/$BART_EXECUTE 776 | 777 | sudo chmod 700 $ALF_HOME/scripts/bart/$BART_PROPERTIES 778 | sudo chmod 774 $ALF_HOME/scripts/bart/$BART_EXECUTE 779 | 780 | # Install dependency 781 | sudo apt-get $APTVERBOSITY install duplicity; 782 | 783 | # Add to cron tab 784 | tmpfile=/tmp/crontab.tmp 785 | 786 | # read crontab and remove custom entries (usually not there since after a reboot 787 | # QNAP restores to default crontab: http://wiki.qnap.com/wiki/Add_items_to_crontab#Method_2:_autorun.sh 788 | sudo -u $ALF_USER crontab -l | grep -vi "alfresco-bart.sh" > $tmpfile 789 | 790 | # add custom entries to crontab 791 | echo "0 5 * * * $ALF_HOME/scripts/bart/$BART_EXECUTE backup" >> $tmpfile 792 | 793 | #load crontab from file 794 | sudo -u $ALF_USER crontab $tmpfile 795 | 796 | # remove temporary file 797 | rm $tmpfile 798 | 799 | # restart crontab 800 | sudo service cron restart 801 | 802 | echogreen "B.A.R.T Cron is installed to run in 5AM every day as the $ALF_USER user" 803 | 804 | fi 805 | 806 | # Finally, set the permissions 807 | sudo chown -R $ALF_USER:$ALF_GROUP $ALF_HOME 808 | if [ -d "$ALF_HOME/www" ]; then 809 | sudo chown -R www-data:root $ALF_HOME/www 810 | fi 811 | 812 | echo 813 | echogreen "- - - - - - - - - - - - - - - - -" 814 | echo "Scripted install complete" 815 | echo 816 | echored "Manual tasks remaining:" 817 | echo 818 | echo "1. Add database. Install scripts available in $ALF_HOME/scripts" 819 | echored " It is however recommended that you use a separate database server." 820 | echo 821 | echo "2. Verify Tomcat memory and locale settings in the file" 822 | echo " $ALF_HOME/alfresco-service.sh." 823 | 824 | echo " Alfresco runs best with lots of memory. Add some more to \"lots\" and you will be fine!" 825 | echo " Match the locale LC_ALL (or remove) setting to the one used in this script." 826 | echo " Locale setting is needed for LibreOffice date handling support." 827 | echo 828 | echo "3. Update database and other settings in alfresco-global.properties" 829 | echo " You will find this file in $CATALINA_HOME/shared/classes" 830 | echored " Really, do this. There are some settings there that you need to verify." 831 | echo 832 | echo "4. Update properties for BART (if installed) in $ALF_HOME/scripts/bart/alfresco-bart.properties" 833 | echo " DBNAME,DBUSER,DBPASS,DBHOST,REC_MYDBNAME,REC_MYUSER,REC_MYPASS,REC_MYHOST,DBTYPE " 834 | echo 835 | echo "5. Update cpu settings in $ALF_HOME/scripts/limitconvert.sh if you have more than 2 cores." 836 | echo 837 | echo "6. Start nginx if you have installed it: sudo service nginx start" 838 | echo 839 | echo "7. Start Alfresco/tomcat:" 840 | 841 | echo " sudo $ALF_HOME/alfresco-service.sh start" 842 | 843 | echo 844 | 845 | echo 846 | echo "${warn}${bldblu} - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ${warn}" 847 | echogreen "Thanks for using Alfresco Ubuntu installer by Loftux AB." 848 | echogreen "Please visit https://loftux.com for more Alfresco Services and add-ons." 849 | echogreen "You are welcome to contact us at info@loftux.se" 850 | echo "${warn}${bldblu} - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ${warn}" 851 | echo 852 | -------------------------------------------------------------------------------- /nginx/alfresco.conf: -------------------------------------------------------------------------------- 1 | 2 | # Set proxy cache path 3 | proxy_cache_path /var/cache/nginx/alfresco levels=1 keys_zone=alfrescocache:256m max_size=512m inactive=1440m; 4 | 5 | # Alfresco Repository Tomcat instance 6 | upstream alfresco { 7 | server localhost:8080; 8 | } 9 | 10 | # Share Web client Tomcat instance 11 | upstream share { 12 | server localhost:8080; 13 | } 14 | 15 | # Default server config. Update server name. 16 | server { 17 | listen 80 ; 18 | listen [::]:80 ; 19 | server_name example.com www.example.com; 20 | 21 | root /opt/alfresco/www; 22 | index index.html index.htm; 23 | 24 | # Redirect root requests to Share. Do not do this if you use AOS 25 | # rewrite ^/$ /share; 26 | 27 | # redirect server error pages to the static page /50x.html 28 | # 29 | error_page 502 503 504 /maintenance.html; 30 | location = /maintenance.html { 31 | root /opt/alfresco/www; 32 | } 33 | 34 | # Access to old Alfresco web client. Remove this location if not needed. 35 | location /alfresco { 36 | 37 | # Allow for large file uploads 38 | client_max_body_size 0; 39 | 40 | # Proxy all the requests to Tomcat 41 | proxy_http_version 1.1; 42 | #proxy_buffering off; 43 | proxy_pass http://alfresco; 44 | 45 | proxy_set_header Proxy ""; 46 | proxy_set_header Host $http_host; 47 | proxy_set_header X-Real-IP $remote_addr; 48 | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 49 | proxy_set_header X-Forwarded-Host $http_host; 50 | proxy_set_header X-Forwarded-Server $host; 51 | } 52 | 53 | location /share { 54 | 55 | # Allow for large file uploads 56 | client_max_body_size 0; 57 | 58 | # Proxy all the requests to Tomcat 59 | proxy_http_version 1.1; 60 | #proxy_buffering off; 61 | proxy_pass http://share; 62 | 63 | proxy_set_header Proxy ""; 64 | proxy_set_header Host $http_host; 65 | proxy_set_header X-Real-IP $remote_addr; 66 | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 67 | proxy_set_header X-Forwarded-Host $http_host; 68 | proxy_set_header X-Forwarded-Server $host; 69 | } 70 | 71 | location /share/proxy/alfresco { 72 | # This section is for allowing to rewrite 50x response to 401 on Ajax req. 73 | # This forces Share to reload page, and thus display maintenance page 74 | 75 | # Allow for large file uploads 76 | client_max_body_size 0; 77 | 78 | # Proxy all the requests to Tomcat 79 | proxy_http_version 1.1; 80 | #proxy_buffering off; 81 | proxy_pass http://share; 82 | 83 | proxy_set_header Proxy ""; 84 | proxy_set_header Host $http_host; 85 | proxy_set_header X-Real-IP $remote_addr; 86 | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 87 | proxy_set_header X-Forwarded-Host $http_host; 88 | proxy_set_header X-Forwarded-Server $host; 89 | proxy_intercept_errors on; 90 | error_page 502 503 504 =401 /maintenance.html; 91 | } 92 | 93 | location /share/res/ { 94 | 95 | # Proxy all the requests to Tomcat 96 | proxy_http_version 1.1; 97 | proxy_pass http://share; 98 | proxy_set_header Host $http_host; 99 | 100 | proxy_set_header Proxy ""; 101 | proxy_cache alfrescocache; 102 | proxy_cache_min_uses 1; 103 | proxy_cache_valid 200 302 1440m; 104 | proxy_cache_valid 404 1m; 105 | proxy_cache_use_stale updating error timeout invalid_header http_500 http_502 http_503 http_504; 106 | } 107 | 108 | location / { 109 | # Allow for large file uploads 110 | client_max_body_size 0; 111 | 112 | # Proxy all the requests to Tomcat 113 | proxy_http_version 1.1; 114 | #proxy_buffering off; 115 | proxy_pass http://alfresco; 116 | 117 | proxy_set_header Proxy ""; 118 | proxy_set_header Host $http_host; 119 | proxy_set_header X-Real-IP $remote_addr; 120 | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 121 | proxy_set_header X-Forwarded-Host $http_host; 122 | proxy_set_header X-Forwarded-Server $host; 123 | } 124 | 125 | location /downtime.js { 126 | # Allow the maintenance page to pick up downtime.js script 127 | root /opt/alfresco/www; 128 | } 129 | } 130 | -------------------------------------------------------------------------------- /nginx/alfresco.conf.ssl: -------------------------------------------------------------------------------- 1 | 2 | # Set proxy cache path 3 | proxy_cache_path /var/cache/nginx/alfresco levels=1 keys_zone=alfrescocache:256m max_size=512m inactive=1440m; 4 | 5 | # Alfresco Repository Tomcat instance 6 | upstream alfresco { 7 | server localhost:8080; 8 | } 9 | 10 | # Share Web client Tomcat instance 11 | upstream share { 12 | server localhost:8080; 13 | } 14 | 15 | # Uncomment if you want redirect to https 16 | #server { 17 | # listen 80 ; 18 | # listen [::]:80 ; 19 | # server_name example.com www.example.com; 20 | # server_name_in_redirect off; 21 | # rewrite ^ https://$host$request_uri? permanent; 22 | #} 23 | 24 | # Default server config. Update servername. 25 | server { 26 | listen 443 ssl http2; 27 | listen [::]:443 ssl http2; 28 | server_name example.com www.example.com; 29 | 30 | root /opt/alfresco/www; 31 | index index.html index.htm; 32 | 33 | # Redirect root requests to Share. Do not do this if you use AOS 34 | # rewrite ^/$ /share; 35 | 36 | ssl on; 37 | ssl_certificate /etc/nginx/ssl/alfserver.crt; 38 | ssl_certificate_key /etc/nginx/ssl/alfserver.key; 39 | 40 | ssl_session_timeout 15m; 41 | ssl_session_cache shared:SSL:15m; 42 | 43 | ssl_stapling on; 44 | ssl_stapling_verify on; 45 | 46 | ssl_protocols TLSv1.2 TLSv1.1 TLSv1; 47 | ssl_prefer_server_ciphers on; 48 | ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA'; 49 | 50 | # redirect server error pages to the static page /50x.html 51 | # 52 | error_page 502 503 504 /maintenance.html; 53 | location = /maintenance.html { 54 | root /opt/alfresco/www; 55 | } 56 | 57 | # Access to old Alfresco web client. Remove this location if not needed. 58 | location /alfresco { 59 | 60 | # Allow for large file uploads 61 | client_max_body_size 0; 62 | 63 | # Proxy all the requests to Tomcat 64 | proxy_http_version 1.1; 65 | #proxy_buffering off; 66 | proxy_pass http://alfresco; 67 | 68 | proxy_set_header Proxy ""; 69 | proxy_set_header Host $http_host; 70 | proxy_set_header X-Real-IP $remote_addr; 71 | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 72 | proxy_set_header X-Forwarded-Host $http_host; 73 | proxy_set_header X-Forwarded-Server $host; 74 | } 75 | 76 | location /share { 77 | 78 | # Allow for large file uploads 79 | client_max_body_size 0; 80 | 81 | # Proxy all the requests to Tomcat 82 | proxy_http_version 1.1; 83 | #proxy_buffering off; 84 | proxy_pass http://share; 85 | 86 | proxy_set_header Proxy ""; 87 | proxy_set_header Host $http_host; 88 | proxy_set_header X-Real-IP $remote_addr; 89 | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 90 | proxy_set_header X-Forwarded-Host $http_host; 91 | proxy_set_header X-Forwarded-Server $host; 92 | } 93 | 94 | location /share/proxy/alfresco { 95 | # This section is for allowing to rewrite 50x response to 401 on Ajax req. 96 | # This forces Share to reload page, and thus display maintenance page 97 | 98 | # Allow for large file uploads 99 | client_max_body_size 0; 100 | 101 | # Proxy all the requests to Tomcat 102 | proxy_http_version 1.1; 103 | #proxy_buffering off; 104 | proxy_pass http://share; 105 | 106 | proxy_set_header Proxy ""; 107 | proxy_set_header Host $http_host; 108 | proxy_set_header X-Real-IP $remote_addr; 109 | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 110 | proxy_set_header X-Forwarded-Host $http_host; 111 | proxy_set_header X-Forwarded-Server $host; 112 | proxy_intercept_errors on; 113 | error_page 502 503 504 =401 /maintenance.html; 114 | } 115 | 116 | location /share/res/ { 117 | 118 | # Proxy all the requests to Tomcat 119 | proxy_http_version 1.1; 120 | proxy_pass http://share; 121 | 122 | proxy_set_header Proxy ""; 123 | proxy_set_header Host $http_host; 124 | 125 | proxy_cache alfrescocache; 126 | proxy_cache_min_uses 1; 127 | proxy_cache_valid 200 302 1440m; 128 | proxy_cache_valid 404 1m; 129 | proxy_cache_use_stale updating error timeout invalid_header http_500 http_502 http_503 http_504; 130 | } 131 | 132 | location / { 133 | # Allow for large file uploads 134 | client_max_body_size 0; 135 | 136 | # Proxy all the requests to Tomcat 137 | proxy_http_version 1.1; 138 | #proxy_buffering off; 139 | proxy_pass http://alfresco; 140 | 141 | proxy_set_header Proxy ""; 142 | proxy_set_header Host $http_host; 143 | proxy_set_header X-Real-IP $remote_addr; 144 | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 145 | proxy_set_header X-Forwarded-Host $http_host; 146 | proxy_set_header X-Forwarded-Server $host; 147 | } 148 | 149 | location /downtime.js { 150 | # Allow the maintenance page to pick up downtime.js script 151 | root /opt/alfresco/www; 152 | } 153 | } 154 | -------------------------------------------------------------------------------- /nginx/basic-settings.conf: -------------------------------------------------------------------------------- 1 | 2 | ## 3 | # Basic Settings 4 | ## 5 | 6 | sendfile on; 7 | #aio threads; 8 | tcp_nopush on; 9 | tcp_nodelay on; 10 | keepalive_timeout 65; 11 | types_hash_max_size 2048; 12 | # server_tokens off; 13 | 14 | ## 15 | # Logging Settings 16 | ## 17 | 18 | access_log off; 19 | #access_log /var/log/nginx/access.log; 20 | error_log /var/log/nginx/error.log; 21 | 22 | ## 23 | # Gzip Settings 24 | ## 25 | 26 | gzip on; 27 | gzip_disable "msie6"; 28 | gzip_http_version 1.1; 29 | gzip_comp_level 6; 30 | gzip_min_length 1400; 31 | gzip_buffers 16 8k; 32 | gzip_proxied any; 33 | gzip_types text/html text/xml text/plain text/css text/csv text/x-markdown text/x-web-markdown application/json text/javascript application/javascript application/x-javascript application/xhtml+xml application/atom+xml application/rss+xml application/atomsvc+xml; 34 | #gzip_vary on; 35 | 36 | -------------------------------------------------------------------------------- /nginx/letsencrypt/example.com.conf: -------------------------------------------------------------------------------- 1 | # Uncomment and update to generate certificates for the specified 2 | # domains. The first listed name will be the name of the certificate. 3 | domains = example.com, www.example.com 4 | 5 | # increase key size 6 | rsa-key-size = 4096 7 | 8 | # this address will receive renewal reminders, IIRC 9 | email = webmaster@example.com 10 | 11 | # turn off the ncurses UI, we want this to be run as a cronjob 12 | text = True 13 | 14 | # Automatically agree to Terms of Services 15 | agree-tos = True 16 | 17 | # authenticate by placing a file in the webroot (under .well-known/acme-challenge/) and then letting 18 | # LE fetch it 19 | authenticator = webroot 20 | # Absolut path to your webroot. Set the same config in nginx config file 21 | webroot-path = /usr/share/nginx/example.com 22 | -------------------------------------------------------------------------------- /nginx/letsencrypt/letsencrypt.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # Script for handling letsencrypt with Alfresco 4 | # 5 | # Copyright 2013 Loftux AB, Peter Löfgren 6 | # Distributed under the Creative Commons Attribution-ShareAlike 3.0 Unported License (CC BY-SA 3.0) 7 | # ------- 8 | 9 | export INSTALLDIR=/opt/letsencrypt/certbot 10 | # Location where you put your letsencrypt config files 11 | export CONFIGDIR=/etc/letsencrypt/configs/ 12 | # Location to webpath-root where letsencrypt places domain verification files. 13 | # Amended with the domain when using init. 14 | export BASECHALLENGELOCATION=/usr/share/nginx 15 | 16 | 17 | export APTVERBOSITY="-qq -y" 18 | # Branch name to pull from server. Use master for stable. 19 | BRANCH=experimental 20 | export BASE_DOWNLOAD=https://raw.githubusercontent.com/loftuxab/alfresco-ubuntu-install/$BRANCH 21 | 22 | # Color variables 23 | txtund=$(tput sgr 0 1) # Underline 24 | txtbld=$(tput bold) # Bold 25 | bldred=${txtbld}$(tput setaf 1) # red 26 | bldgre=${txtbld}$(tput setaf 2) # red 27 | bldblu=${txtbld}$(tput setaf 4) # blue 28 | bldwht=${txtbld}$(tput setaf 7) # white 29 | txtrst=$(tput sgr0) # Reset 30 | info=${bldwht}*${txtrst} # Feedback 31 | pass=${bldblu}*${txtrst} 32 | warn=${bldred}*${txtrst} 33 | ques=${bldblu}?${txtrst} 34 | 35 | echoblue () { 36 | echo "${bldblu}$1${txtrst}" 37 | } 38 | echored () { 39 | echo "${bldred}$1${txtrst}" 40 | } 41 | echogreen () { 42 | echo "${bldgre}$1${txtrst}" 43 | } 44 | 45 | init() { 46 | 47 | if [ ! -d "$INSTALLDIR" ]; then 48 | sudo mkdir -p $INSTALLDIR 49 | cd $INSTALLDIR 50 | sudo curl -# -O https://dl.eff.org/certbot-auto 51 | sudo chmod a+x certbot-auto 52 | sudo ./certbot-auto 53 | fi 54 | 55 | sudo mkdir -p $CONFIGDIR 56 | sudo mkdir -p $BASECHALLENGELOCATION 57 | sudo chown -R www-data:www-data $BASECHALLENGELOCATION 58 | 59 | if [ ! -f "$CONFIGDIR/letsencryptc.com.conf.sample" ]; then 60 | echo "Downloading sample domain config..." 61 | sudo curl -# -o $CONFIGDIR/example.com.conf.sample $BASE_DOWNLOAD/nginx/letsencrypt/example.com.conf 62 | fi 63 | 64 | } 65 | 66 | create() { 67 | echoblue "Creating certificates for $1" 68 | sudo mkdir -p $BASECHALLENGELOCATION/$1 69 | # Make sure we have correct permissions 70 | sudo chown -R www-data:www-data $BASECHALLENGELOCATION 71 | if [ -f "$CONFIGDIR/$1.conf" ]; then 72 | cd $INSTALLDIR 73 | sudo ./certbot-auto --config "$CONFIGDIR/$1.conf" certonly 74 | else 75 | echored "You must supply the config file to use without .sample ending." 76 | echored "Keept the config file the same as domain name." 77 | fi 78 | 79 | echoblue "You must now configure nginx manually to use" 80 | echoblue "the new certificates and restart." 81 | echoblue "Add to your nginx conf file" 82 | echoblue "ssl_certificate /etc/letsencrypt/live/$1/fullchain.pem;" 83 | echoblue "ssl_certificate_key /etc/letsencrypt/live/$1/privkey.pem;" 84 | } 85 | 86 | renew() { 87 | # Make sure we have correct permissions 88 | sudo chown -R www-data:www-data $BASECHALLENGELOCATION 89 | 90 | cd $INSTALLDIR 91 | sudo ./certbot-auto renew 92 | sudo service nginx restart 93 | } 94 | 95 | case "$1" in 96 | create) 97 | create $2 98 | ;; 99 | renew) 100 | renew 101 | ;; 102 | init) 103 | init 104 | ;; 105 | *) 106 | echored "Usage: $0 {init|create|renew}" 107 | echogreen "init: Install letsencrypt and sample config" 108 | echogreen "create: Create first time certificate. Require second parameter for domain." 109 | echogreen "renew: Renew existing certificates. Will loop all existing configs." 110 | exit 1 111 | esac 112 | 113 | exit $RETVAL 114 | -------------------------------------------------------------------------------- /nginx/letsencrypt/nginx.conf.snippet: -------------------------------------------------------------------------------- 1 | server { 2 | listen 80; 3 | listen [::]:80; 4 | server_name example.com www.example.com; 5 | 6 | location /.well-known/acme-challenge { 7 | alias /usr/share/nginx/example.com/.well-known/acme-challenge; 8 | location ~ /.well-known/acme-challenge/(.*) { 9 | add_header Content-Type application/jose+json; 10 | } 11 | } 12 | 13 | location / { 14 | server_name_in_redirect off; 15 | rewrite ^ https://$host$request_uri? permanent; 16 | } 17 | 18 | 19 | } 20 | -------------------------------------------------------------------------------- /nginx/maintenance.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | Alfresco Maintenance 11 | 12 | 13 | 14 | 91 | 92 | 280 | 281 | 282 | 283 | 284 |
285 | 286 | 287 |

Alfresco down for maintenance

288 | 289 |

290 | 291 |

292 | 293 |
294 | 295 |
296 | 297 |

298 | 299 |

Load Alfresco Now

300 | 301 |

While you are waiting, why not play a game of Asteroids. But only if boss is not looking! 303 |

304 | 305 | 306 |
307 | 308 | 309 | 310 | 311 | -------------------------------------------------------------------------------- /nginx/nginx.conf: -------------------------------------------------------------------------------- 1 | user www-data; 2 | worker_processes auto; 3 | 4 | error_log /var/log/nginx/error.log warn; 5 | pid /var/run/nginx.pid; 6 | 7 | events { 8 | worker_connections 1024; 9 | } 10 | 11 | http { 12 | include /etc/nginx/mime.types; 13 | default_type application/octet-stream; 14 | 15 | log_format main '$remote_addr - $remote_user [$time_local] "$request" ' 16 | '$status $body_bytes_sent "$http_referer" ' 17 | '"$http_user_agent" "$http_x_forwarded_for"'; 18 | 19 | access_log /var/log/nginx/access.log main; 20 | 21 | include /etc/nginx/conf.d/*.conf; 22 | } 23 | -------------------------------------------------------------------------------- /scripts/alfresco-iptables.conf: -------------------------------------------------------------------------------- 1 | description "Alfresco IP Forwarding" 2 | # Very simple upstart script to invoke iptables forwarding script when starting 3 | # Move this script to /etc/init if you intend to use forwarding 4 | 5 | start on (local-filesystems and net-device-up IFACE!=lo) 6 | 7 | script 8 | exec /opt/alfresco/scripts/iptables.sh start 9 | end script -------------------------------------------------------------------------------- /scripts/alfresco-iptables.service: -------------------------------------------------------------------------------- 1 | # Alfresco IP Forwarding Startup 2 | # Authors: loftux, douglascrp 3 | # 4 | # If you intend to use forwarding, move this config file to /etc/systemd/system and execute: 5 | # sudo systemctl enable alfresco-iptables 6 | # sudo systemctl daemon-reload 7 | 8 | [Unit] 9 | Description=Alfresco IP Forwarding service 10 | 11 | [Service] 12 | Type=forking 13 | ExecStart=/opt/alfresco/scripts/iptables.sh start 14 | ExecStop=/opt/alfresco/scripts/iptables.sh stop 15 | Restart=always 16 | User=root 17 | Group=root 18 | WorkingDirectory=/opt/alfresco/logs 19 | StartLimitBurst=0 20 | 21 | [Install] 22 | WantedBy=multi-user.target -------------------------------------------------------------------------------- /scripts/alfresco-service.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # ------- 3 | # Script for starting/stopping Alfresco Tomcat from systemd 4 | # 5 | # Copyright 2013-2016 Loftux AB, Peter Löfgren 6 | # Distributed under the Creative Commons Attribution-ShareAlike 3.0 Unported License (CC BY-SA 3.0) 7 | # ------- 8 | 9 | export LC_ALL=@@LOCALESUPPORT@@ 10 | #export JAVA_HOME=/usr/lib/jvm/java-8-oracle/jre 11 | #export JAVA_HOME=/usr/lib/jvm/java-8-openjdk-amd64/jre 12 | export ALF_HOME=/opt/alfresco 13 | export CATALINA_HOME=/opt/alfresco/tomcat 14 | export CATALINA_TMPDIR=/opt/alfresco/tomcat/temp 15 | export JRE_HOME=$JAVA_HOME 16 | export PATH=$PATH:$HOME/bin:$JRE_HOME/bin 17 | export CATALINA_PID=$ALF_HOME/tomcat.pid 18 | 19 | # IMPORTANT Update to match memory available on your server. 20 | # For production, A server with at least 8G ram, and -Xmx6G is recommended. More is better! 21 | JAVA_OPTS="-Xms1G -Xmx2G -Xss1024k" 22 | # Below are options that can be used for dealing with memory and garbage collection 23 | # JAVA_OPTS="${JAVA_OPTS} -Xss1024k -XX:MaxPermSize=256m -XX:NewSize=512m -XX:+CMSIncrementalMode -XX:CMSInitiatingOccupancyFraction=80" 24 | 25 | JAVA_OPTS="${JAVA_OPTS} -XX:+UseG1GC -XX:+UseStringDeduplication" 26 | 27 | JAVA_OPTS="${JAVA_OPTS} -Duser.country=US -Duser.region=US -Duser.language=en -Duser.timezone=\"Europe/Stockholm\" -d64" 28 | # Enable this if you encounter problems with transformations of certain pdfs. Side effect is disable of remote debugging 29 | # JAVA_OPTS="${JAVA_OPTS} -Djava.awt.headless=true" 30 | 31 | # Enable if you wish to speed up startup 32 | # Possibly less secure random generation see http://wiki.apache.org/tomcat/HowTo/FasterStartUp#Entropy_Source 33 | JAVA_OPTS="${JAVA_OPTS} -Djava.security.egd=file:/dev/./urandom" 34 | 35 | # set tomcat temp location 36 | JAVA_OPTS="${JAVA_OPTS} -Djava.io.tmpdir=${CATALINA_TMPDIR}" 37 | 38 | #File encoding may be correct, but we specify them to be sure 39 | JAVA_OPTS="${JAVA_OPTS} -Dfile.encoding=UTF-8 -Dsun.jnu.encoding=UTF-8" 40 | JAVA_OPTS="${JAVA_OPTS} -Dalfresco.home=${ALF_HOME} -Dcom.sun.management.jmxremote=true" 41 | JAVA_OPTS="${JAVA_OPTS} -server" 42 | 43 | start(){ 44 | sudo systemctl start alfresco.service 45 | sudo systemctl start alfresco-search.service 46 | } 47 | 48 | stop(){ 49 | sudo systemctl stop alfresco-search.service 50 | sudo systemctl stop alfresco.service 51 | } 52 | servicestart() { 53 | export JAVA_OPTS 54 | $CATALINA_HOME/bin/startup.sh 55 | } 56 | 57 | servicestop(){ 58 | export JAVA_OPTS 59 | $CATALINA_HOME/bin/shutdown.sh 30 -force 60 | } 61 | 62 | cleanup(){ 63 | SHUTDOWN_PORT=`netstat -vatn|grep LISTEN|grep 8005|wc -l` 64 | 65 | if [ $SHUTDOWN_PORT -ne 0 ]; then 66 | logger -is -t "Alfresco Tomcat" "Warning: Alfresco started, cannot clean tomcat." 67 | else 68 | # cleanup temp directory before starting 69 | { 70 | sudo rm -rf $CATALINA_TMPDIR/* 71 | } || { 72 | logger -i -t "Alfresco Tomcat" "Warning: Failed to clean tomcat tempdirectory." 73 | } 74 | 75 | { 76 | sudo rm -rf $CATALINA_HOME/work/* 77 | } || { 78 | logger -i -t "Alfresco Tomcat" "Warning: Failed to clean tomcat work directory." 79 | } 80 | 81 | { 82 | sudo rm -rf $CATALINA_HOME/logs/* 83 | } || { 84 | logger -i -t "Alfresco Tomcat" "Warning: Failed to clean tomcat log directory." 85 | } 86 | fi 87 | 88 | } 89 | case "$1" in 90 | start) 91 | start 92 | ;; 93 | stop) 94 | stop 95 | ;; 96 | servicestart) 97 | servicestart 98 | ;; 99 | servicestop) 100 | servicestop 101 | ;; 102 | cleanup) 103 | cleanup 104 | ;; 105 | restart) 106 | stop 107 | sleep 5 108 | start 109 | ;; 110 | status) 111 | sudo systemctl status alfresco.service 112 | ;; 113 | *) 114 | echo "Usage: $0 {start|stop|restart|status|cleanup}" 115 | exit 1 116 | esac 117 | -------------------------------------------------------------------------------- /scripts/ams.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # ------- 3 | # Script for maintenance shutdown of Alfresco 4 | # 5 | # Copyright 2013-2016 Loftux AB, Peter Löfgren 6 | # Distributed under the Creative Commons Attribution-ShareAlike 3.0 Unported License (CC BY-SA 3.0) 7 | # ------- 8 | 9 | USER=www-data 10 | ALF_HOME_WWW=/opt/alfresco/www 11 | DOWNTIME=10 12 | 13 | #((!$#)) && echo Supply expected downtime in minutes as argument! && exit 1 14 | 15 | die () { 16 | echo >&2 "$@" 17 | exit 1 18 | } 19 | 20 | if [ "$#" -gt 0 ] 21 | then 22 | echo $1 | grep -E -q '^[0-9]+$' || die "Numeric argument required, $1 provided" 23 | DOWNTIME=$1 24 | fi 25 | 26 | echo "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 27 | echo "Updating maintenance message script file" 28 | echo "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 29 | echo 30 | echo "var downTime = ${DOWNTIME};" | sudo tee ${ALF_HOME_WWW}/downtime.js 31 | echo "var startTime = `date +%s`;" | sudo tee -a ${ALF_HOME_WWW}/downtime.js 32 | echo "var specialMessage = '$2';" | sudo tee -a ${ALF_HOME_WWW}/downtime.js 33 | sudo chown -R ${USER}:nogroup ${ALF_HOME_WWW} 34 | echo 35 | echo "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 36 | echo "Stopping the Alfresco tomcat instance" 37 | echo "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" 38 | echo 39 | sudo /opt/alfresco/alfresco-service.sh stop 40 | -------------------------------------------------------------------------------- /scripts/apply.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # ------- 3 | # Script for apply AMPs to installed WAR 4 | # 5 | # Copyright 2013-2016 Loftux AB, Peter Löfgren 6 | # Distributed under the Creative Commons Attribution-ShareAlike 3.0 Unported License (CC BY-SA 3.0) 7 | # ------- 8 | export JAVA_HOME="/usr/lib/jvm/java-8-oracle" 9 | export JRE_HOME=$JAVA_HOME/jre 10 | export PATH=$PATH:$HOME/bin:$JRE_HOME/bin 11 | export ALF_HOME=/opt/alfresco 12 | export CATALINA_HOME=$ALF_HOME/tomcat 13 | export CATALINA_PID="${ALF_HOME}/tomcat.pid" 14 | export USER=alfresco 15 | 16 | cd $ALF_HOME/addons 17 | 18 | #Create directories if not exist 19 | if [ ! -d "share" ]; then 20 | mkdir share 21 | fi 22 | if [ ! -d "alfresco" ]; then 23 | mkdir alfresco 24 | fi 25 | if [ ! -d "war" ]; then 26 | mkdir war 27 | fi 28 | 29 | amp(){ 30 | if [ -e war/alfresco.war ]; then 31 | if [ -e alfresco.war ]; then 32 | rm alfresco.war 33 | fi 34 | cp war/alfresco.war . 35 | # Use ls listing instead of -directory option, that way we can control order amps is applied 36 | for file in `ls -v alfresco/*.amp`; 37 | do 38 | if [[ ! -f "$file" ]] 39 | then 40 | continue 41 | fi 42 | echo "Applying $file" 43 | java -jar alfresco-mmt.jar install $file alfresco.war -force -nobackup 44 | done 45 | 46 | else 47 | echo "Skipping alfresco.war - not present in war directory" 48 | fi 49 | if [ -e war/share.war ]; then 50 | if [ -e share.war ]; then 51 | rm share.war 52 | fi 53 | cp war/share.war . 54 | # Use ls listing instead of -directory option, that way we can control order amps is applied 55 | for file in `ls -v share/*.amp`; 56 | do 57 | if [[ ! -f "$file" ]] 58 | then 59 | continue 60 | fi 61 | echo "Applying $file" 62 | java -jar alfresco-mmt.jar install $file share.war -force -nobackup 63 | done 64 | else 65 | echo "Skipping share.war - not present in war directory" 66 | fi 67 | 68 | # List the installed war files 69 | if [ -e alfresco.war ]; then 70 | java -jar alfresco-mmt.jar list alfresco.war 71 | fi 72 | if [ -e share.war ]; then 73 | java -jar alfresco-mmt.jar list share.war 74 | fi 75 | } 76 | 77 | copy(){ 78 | echo "------------------------" 79 | echo "Copying new war files..." 80 | SHUTDOWN_PORT=`netstat -vatn|grep LISTEN|grep 8005|wc -l` 81 | export JAVA_HOME=$JAVA_HOME 82 | if [ $SHUTDOWN_PORT -ne 0 ]; then 83 | echo "Alfresco is started, cannot copy while started" 84 | else 85 | if [ -e $CATALINA_PID ]; then 86 | echo "The process id file ${CATALINA_PID} exist even if Alfresco is not started." 87 | echo "This can happen with an unexpected shutdown or if you run this startup script twice before tomcat is fully started." 88 | echo "You need to manually remove this file if you are shure Alfresco tomcat is not running before copying again." 89 | else 90 | if [ -e $CATALINA_HOME/webapps/alfresco.war.old ]; then 91 | rm $CATALINA_HOME/webapps/alfresco.war.old 92 | fi 93 | if [ -e alfresco.war ]; then 94 | if [ -e $CATALINA_HOME/webapps/alfresco.war ]; then 95 | echo "Backing up existing alfresco.war" 96 | mv $CATALINA_HOME/webapps/alfresco.war $CATALINA_HOME/webapps/alfresco.war.old 97 | fi 98 | echo "Moving new alfresco.war to tomcat..." 99 | mv alfresco.war $CATALINA_HOME/webapps/alfresco.war 100 | fi 101 | if [ -e $CATALINA_HOME/webapps/share.war.old ]; then 102 | rm $CATALINA_HOME/webapps/share.war.old 103 | fi 104 | if [ -e share.war ]; then 105 | if [ -e $CATALINA_HOME/webapps/share.war ]; then 106 | echo "Backing up existing share.war" 107 | mv $CATALINA_HOME/webapps/share.war $CATALINA_HOME/webapps/share.war.old 108 | fi 109 | echo "Moving new share.war to tomcat..." 110 | mv share.war $CATALINA_HOME/webapps/share.war 111 | fi 112 | echo "Cleaning temporary Alfresco files from Tomcat..." 113 | rm -rf ${CATALINA_HOME}/temp/Alfresco 114 | rm -rf ${CATALINA_HOME}/work/Catalina/localhost 115 | rm -rf ${CATALINA_HOME}/webapps/alfresco 116 | rm -rf ${CATALINA_HOME}/webapps/share 117 | echo "Restoring permissions on Tomcat" 118 | chown -R ${USER}:nogroup ${CATALINA_HOME} 119 | fi 120 | fi 121 | } 122 | 123 | case "$1" in 124 | amp) 125 | amp 126 | ;; 127 | copy) 128 | copy 129 | ;; 130 | all) 131 | amp 132 | copy 133 | ;; 134 | *) 135 | echo "Apply amps to war files" 136 | echo "Put amp files in share and alfresco respectively. Put alfresco.war and share.war in source" 137 | echo "Completed war files will be put in ${PWD}" 138 | echo " amp: Merge amp files into war files" 139 | echo " copy: Copy the new war files to tomcat" 140 | echo " all: Run amp and copy targets" 141 | echo "Usage: $0 {amp|copy|all}" 142 | exit 1 143 | esac 144 | -------------------------------------------------------------------------------- /scripts/createssl.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # ------- 3 | # Script to generate self signed ssl certs 4 | # 5 | # Copyright 2013-2016 Loftux AB, Peter Löfgren 6 | # Distributed under the Creative Commons Attribution-ShareAlike 3.0 Unported License (CC BY-SA 3.0) 7 | # ------- 8 | 9 | sudo mkdir -p /etc/nginx/ssl 10 | cd /etc/nginx/ssl 11 | sudo openssl genrsa -des3 -out alfserver.key 1024 12 | sudo openssl req -new -key alfserver.key -out alfserver.csr 13 | sudo cp alfserver.key alfserver.key.org 14 | sudo openssl rsa -in alfserver.key.org -out alfserver.key 15 | sudo openssl x509 -req -days 1825 -in alfserver.csr -signkey alfserver.key -out alfserver.crt 16 | -------------------------------------------------------------------------------- /scripts/iptables.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # ------- 3 | # Script to set up iptables for Alfresco use 4 | # 5 | # Copyright 2013-2016 Loftux AB, Peter Löfgren 6 | # Distributed under the Creative Commons Attribution-ShareAlike 3.0 Unported License (CC BY-SA 3.0) 7 | # ------- 8 | 9 | # Change to public ip-adress on alfresco server 10 | export IPADRESS=192.168.0.10 11 | 12 | # redirect FROM TO PROTOCOL 13 | # setup port redirect using iptables 14 | redirect() { 15 | echo "Redirecting port $1 to $2 ($3)" 16 | iptables -t nat -A PREROUTING -p $3 --dport $1 -j REDIRECT --to-ports $2 17 | iptables -t nat -A OUTPUT -d localhost -p $3 --dport $1 -j REDIRECT --to-ports $2 18 | # Add all your local ip adresses here that you need port forwarding for 19 | iptables -t nat -A OUTPUT -d $IPADRESS -p $3 --dport $1 -j REDIRECT --to-ports $2 20 | } 21 | # 22 | # setup_iptables 23 | # setup iptables for redirection of CIFS and FTP 24 | setup_iptables () { 25 | 26 | echo "1" >/proc/sys/net/ipv4/ip_forward 27 | # Clear NATing tables 28 | iptables -t nat -F 29 | iptables -P INPUT ACCEPT 30 | iptables -P FORWARD ACCEPT 31 | iptables -P OUTPUT ACCEPT 32 | 33 | # FTP NATing 34 | redirect 21 2021 tcp 35 | 36 | # CIFS NATing 37 | redirect 445 1445 tcp 38 | redirect 139 1139 tcp 39 | redirect 137 1137 udp 40 | redirect 138 1138 udp 41 | 42 | # Forward http 43 | #redirect 80 8080 tcp 44 | } 45 | remove_iptables () { 46 | 47 | echo "0" >/proc/sys/net/ipv4/ip_forward 48 | # Clear NATing tables 49 | iptables -t nat -F 50 | iptables -P INPUT ACCEPT 51 | iptables -P FORWARD ACCEPT 52 | iptables -P OUTPUT ACCEPT 53 | 54 | } 55 | # start, debug, stop, and status functions 56 | start() { 57 | echo "Setting up iptables for Alfresco" 58 | setup_iptables 59 | } 60 | 61 | stop() { 62 | echo "Removing iptables" 63 | remove_iptables 64 | 65 | } 66 | 67 | case "$1" in 68 | start) 69 | start 70 | ;; 71 | stop) 72 | stop 73 | ;; 74 | restart) 75 | stop 76 | start 77 | ;; 78 | *) 79 | echo "Usage: $0 {start|stop|restart}" 80 | exit 1 81 | esac 82 | 83 | exit $RETVAL 84 | -------------------------------------------------------------------------------- /scripts/libreoffice.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # Script for starting/stopping LibreOffice without restarting Alfresco 4 | # 5 | # Copyright 2013-2016 Loftux AB, Peter Löfgren 6 | # Distributed under the Creative Commons Attribution-ShareAlike 3.0 Unported License (CC BY-SA 3.0) 7 | # ------- 8 | 9 | # JDK locations 10 | export JAVA_HOME="/usr/lib/jvm/java-8-oracle" 11 | export JRE_HOME=$JAVA_HOME/jre 12 | 13 | # User under which tomcat will run 14 | USER=alfresco 15 | ALF_HOME=/opt/alfresco 16 | cd "$ALF_HOME" 17 | # export LC_ALL else openoffice may use en settings on dates etc 18 | export LC_ALL=@@LOCALESUPPORT@@ 19 | export CATALINA_PID="${ALF_HOME}/tomcat.pid" 20 | 21 | RETVAL=0 22 | 23 | start() { 24 | OFFICE_PORT=`ps ax|grep office|grep 8100|wc -l` 25 | if [ $OFFICE_PORT -ne 0 ]; then 26 | echo "Alfresco Open Office service already started" 27 | CURRENT_PROCID=`ps axf|grep office|grep 8100|awk -F " " 'NR==1 {print $1}'` 28 | echo $CURRENT_PROCID 29 | else 30 | #Only start if Alfresco is already running 31 | SHUTDOWN_PORT=`netstat -vatn|grep LISTEN|grep 8005|wc -l` 32 | export JAVA_HOME=$JAVA_HOME 33 | if [ $SHUTDOWN_PORT -ne 0 ]; then 34 | /bin/su -s /bin/bash $USER -c "/opt/libreoffice6.4/program/soffice.bin \"--accept=socket,host=localhost,port=8100;urp;StarOffice.ServiceManager\" \"-env:UserInstallation=file:///opt/alfresco/alf_data/oouser\" --nologo --headless --nofirststartwizard --norestore --nodefault &" >/dev/null 35 | echo "Alfresco Open Office starting" 36 | logger Alfresco Open Office service started 37 | fi 38 | 39 | fi 40 | } 41 | stop() { 42 | # Start Tomcat in normal mode 43 | OFFICE_PORT=`ps ax|grep office|grep 8100|wc -l` 44 | if [ $OFFICE_PORT -ne 0 ]; then 45 | echo "Alfresco Open Office started, killing" 46 | CURRENT_PROCID=`ps axf|grep office|grep 8100|awk -F " " 'NR==1 {print $1}'` 47 | echo $CURRENT_PROCID 48 | kill $CURRENT_PROCID 49 | logger Alfresco Open Office service stopped 50 | fi 51 | } 52 | status() { 53 | # Start Tomcat in normal mode 54 | OFFICE_PORT=`ps ax|grep office|grep 8100|wc -l` 55 | if [ $OFFICE_PORT -ne 0 ]; then 56 | echo "Alfresco LibreOffice service started" 57 | else 58 | echo "Alfresco LibreOffice service NOT started" 59 | fi 60 | } 61 | 62 | case "$1" in 63 | start) 64 | start 65 | ;; 66 | stop) 67 | stop 68 | ;; 69 | restart) 70 | stop 71 | sleep 2 72 | start 73 | ;; 74 | status) 75 | status 76 | ;; 77 | *) 78 | echo "Usage: $0 {start|stop|restart|status}" 79 | exit 1 80 | esac 81 | 82 | exit $RETVAL 83 | -------------------------------------------------------------------------------- /scripts/limitconvert.sh: -------------------------------------------------------------------------------- 1 | #! /bin/bash 2 | # This file is to limit the number of cores used by Alfresco transformation 3 | # and prevent cpu throttling. The script limits ImageMagick convert to use less resources. 4 | # Check the number of available cpu:s with 5 | # cat /proc/cpuinfo | grep processor | wc -l 6 | # If you have more, change to -c 0,1 if you have 4, -c 0,1,2 if you have 6 and so on. 7 | # Check man taskset for more info. 8 | # 9 | # Copyright 2013-2016 Loftux AB, Peter Löfgren 10 | # Distributed under the Creative Commons Attribution-ShareAlike 3.0 Unported License (CC BY-SA 3.0) 11 | # ------- 12 | 13 | /usr/bin/taskset -c 0 /usr/bin/convert $@ 14 | -------------------------------------------------------------------------------- /scripts/mariadb.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # ------- 3 | # Script for install of Mariadb to be used with Alfresco 4 | # 5 | # Copyright 2013-2016 Loftux AB, Peter Löfgren 6 | # Distributed under the Creative Commons Attribution-ShareAlike 3.0 Unported License (CC BY-SA 3.0) 7 | # ------- 8 | 9 | export ALFRESCODB=alfresco 10 | export ALFRESCOUSER=alfresco 11 | 12 | echo 13 | echo "--------------------------------------------" 14 | echo "This script will install MariaDB." 15 | echo "and create alfresco database and user." 16 | echo "You may first be prompted for sudo password." 17 | echo "When prompted during MariaDB Install," 18 | echo "type the default root password for MariaDB." 19 | echo "--------------------------------------------" 20 | echo 21 | 22 | read -e -p "Install MariaDB? [y/n] " -i "n" installmariadb 23 | if [ "$installmariadb" = "y" ]; then 24 | sudo apt-get install software-properties-common 25 | sudo apt-key adv --recv-keys --keyserver hkp://keyserver.ubuntu.com:80 0xF1656F24C74CD1D8 26 | sudo add-apt-repository "deb [arch=amd64,i386,ppc64el] http://ftp.ddg.lth.se/mariadb/repo/10.1/ubuntu $(lsb_release -cs) main" 27 | sudo apt-get update 28 | sudo apt-get install mariadb-server 29 | fi 30 | 31 | read -e -p "Create Alfresco Database and user? [y/n] " -i "n" createdb 32 | if [ "$createdb" = "y" ]; then 33 | read -e -p "Enter the Alfresco database password:" ALFRESCOPASSWORD 34 | read -e -p "Re-Enter the Alfresco database password:" ALFRESCOPASSWORD2 35 | if [ "$ALFRESCOPASSWORD" == "$ALFRESCOPASSWORD2" ] 36 | then 37 | echo "Creating Alfresco database and user." 38 | echo "You must supply the root user password for MariaDB:" 39 | mysql -u root -p << EOF 40 | create database $ALFRESCODB default character set utf8 collate utf8_bin; 41 | grant all on $ALFRESCODB.* to '$ALFRESCOUSER'@'localhost' identified by '$ALFRESCOPASSWORD' with grant option; 42 | grant all on $ALFRESCODB.* to '$ALFRESCOUSER'@'localhost.localdomain' identified by '$ALFRESCOPASSWORD' with grant option; 43 | EOF 44 | echo 45 | echo "Remember to update alfresco-global.properties with the alfresco database password" 46 | echo 47 | else 48 | echo 49 | echo "Passwords do not match. Please run the script again for better luck!" 50 | echo 51 | fi 52 | fi 53 | -------------------------------------------------------------------------------- /scripts/mysql.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # ------- 3 | # Script for install of Mariadb to be used with Alfresco 4 | # 5 | # Copyright 2013-2016 Loftux AB, Peter Löfgren 6 | # Distributed under the Creative Commons Attribution-ShareAlike 3.0 Unported License (CC BY-SA 3.0) 7 | # ------- 8 | 9 | export ALFRESCODB=alfresco 10 | export ALFRESCODBBART=alfresco_rec 11 | export ALFRESCOUSER=alfresco 12 | 13 | echo 14 | echo "--------------------------------------------" 15 | echo "This script will install MYSQL-DB." 16 | echo "and create alfresco database and user." 17 | echo "You may first be prompted for sudo password." 18 | echo "When prompted during MYSQL-DB Install," 19 | echo "type the default root password for MYSQL-DB." 20 | echo "--------------------------------------------" 21 | echo 22 | 23 | read -e -p "Install MYSQL-DB? [y/n] " -i "n" installmysqldb 24 | if [ "$installmysqldb" = "y" ]; then 25 | sudo apt-get install mysql-server 26 | fi 27 | 28 | read -e -p "Create Alfresco Database and user? [y/n] " -i "n" createdb 29 | if [ "$createdb" = "y" ]; then 30 | read -e -p "Enter the Alfresco database password:" ALFRESCOPASSWORD 31 | read -e -p "Re-Enter the Alfresco database password:" ALFRESCOPASSWORD2 32 | if [ "$ALFRESCOPASSWORD" == "$ALFRESCOPASSWORD2" ] 33 | then 34 | echo "Creating Alfresco database and user." 35 | echo "You must supply the root user password for MYSQL-DB:" 36 | mysql -u root -p << EOF 37 | create database $ALFRESCODB default character set utf8 collate utf8_bin; 38 | create database $ALFRESCODBBART default character set utf8 collate utf8_bin; 39 | grant all on $ALFRESCODB.* to '$ALFRESCOUSER'@'localhost' identified by '$ALFRESCOPASSWORD' with grant option; 40 | grant all on $ALFRESCODB.* to '$ALFRESCOUSER'@'localhost.localdomain' identified by '$ALFRESCOPASSWORD' with grant option; 41 | 42 | grant all on $ALFRESCODBBART.* to '$ALFRESCOUSER'@'localhost' identified by '$ALFRESCOPASSWORD' with grant option; 43 | grant all on $ALFRESCODBBART.* to '$ALFRESCOUSER'@'localhost.localdomain' identified by '$ALFRESCOPASSWORD' with grant option; 44 | EOF 45 | echo 46 | echo "Remember to update alfresco-global.properties with the alfresco database password" 47 | echo 48 | else 49 | echo 50 | echo "Passwords do not match. Please run the script again for better luck!" 51 | echo 52 | fi 53 | fi 54 | -------------------------------------------------------------------------------- /scripts/postgresql.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # ------- 3 | # Script for install of Postgresql to be used with Alfresco 4 | # 5 | # Copyright 2013-2016 Loftux AB, Peter Löfgren 6 | # Distributed under the Creative Commons Attribution-ShareAlike 3.0 Unported License (CC BY-SA 3.0) 7 | # ------- 8 | 9 | export ALFRESCODB=alfresco 10 | export ALFRESCOUSER=alfresco 11 | 12 | echo 13 | echo "--------------------------------------------" 14 | echo "This script will install PostgreSQL." 15 | echo "and create alfresco database and user." 16 | echo "You may be prompted for sudo password." 17 | echo "--------------------------------------------" 18 | echo 19 | 20 | read -e -p "Install PostgreSQL database? [y/n] " -i "n" installpg 21 | if [ "$installpg" = "y" ]; then 22 | sudo add-apt-repository "deb http://apt.postgresql.org/pub/repos/apt/ $(lsb_release -sc)-pgdg main" 23 | wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | sudo apt-key add - 24 | sudo apt-get update 25 | sudo apt-get install postgresql-9.6 -y 26 | echo 27 | echo "You will now set the default password for the postgres user." 28 | echo "This will open a psql terminal, enter:" 29 | echo 30 | echo "\\password postgres" 31 | echo 32 | echo "and follow instructions for setting postgres admin password." 33 | echo "Press Ctrl+D or type \\q to quit psql terminal" 34 | echo "START psql --------" 35 | sudo -u postgres psql postgres 36 | echo "END psql --------" 37 | echo 38 | fi 39 | 40 | read -e -p "Create Alfresco Database and user? [y/n] " -i "n" createdb 41 | if [ "$createdb" = "y" ]; then 42 | sudo -u postgres createuser -D -A -P $ALFRESCOUSER 43 | sudo -u postgres createdb -O $ALFRESCOUSER $ALFRESCODB 44 | echo 45 | echo "Remember to update alfresco-global.properties with the alfresco database password" 46 | echo 47 | fi 48 | 49 | echo 50 | echo "You must update postgresql configuration to allow password based authentication" 51 | echo "(if you have not already done this)." 52 | echo 53 | echo "Add the following to pg_hba.conf or postgresql.conf (depending on version of postgresql installed)" 54 | echo "located in folder /etc/postgresql//main/" 55 | echo 56 | echo "host all all 127.0.0.1/32 password" 57 | echo 58 | echo "After you have updated, restart the postgres server: sudo service postgresql restart" 59 | echo 60 | -------------------------------------------------------------------------------- /search/alfresco-search.service: -------------------------------------------------------------------------------- 1 | [Unit] 2 | Description=Alfresco Solr6 Component 3 | After=network-online.target nfs.target 4 | 5 | [Service] 6 | ExecStartPre=/bin/mkdir -p -m 2755 /opt/alfresco/alf_data/solr6/content 7 | ExecStartPre=/bin/mkdir -p -m 2755 /opt/alfresco/alf_data/solr6/models 8 | ExecStartPre=/bin/mkdir -p -m 2755 /opt/alfresco/alf_data/solr6/index 9 | ExecStartPre=/bin/mkdir -p -m 2755 /opt/alfresco/alf_data/solr6/solrhome 10 | ExecStartPre=/bin/mkdir -p -m 2755 /opt/alfresco/logs/solr6 11 | ExecStartPre=/bin/cp -r /opt/alfresco/solr6/solrhome /opt/alfresco/alf_data/solr6/ 12 | ExecStart=/opt/alfresco/solr6/solr/bin/solr start 13 | ExecStop=/opt/alfresco/solr6/solr/bin/solr stop 14 | Type=forking 15 | Restart=always 16 | User=alfresco 17 | Group=nogroup 18 | RuntimeDirectory=alfresco-solr 19 | RuntimeDirectoryMode=750 20 | LimitNOFILE=8192:65536 21 | [Install] 22 | WantedBy=multi-user.target 23 | -------------------------------------------------------------------------------- /search/shared.properties: -------------------------------------------------------------------------------- 1 | # Shared Properties file 2 | 3 | #Host details an external client would use to connect to Solr 4 | solr.host=localhost 5 | #If not set then solr.port will be the jetty.port 6 | #solr.port=8983 7 | solr.baseurl=/solr 8 | 9 | # Properties treated as identifiers when indexed 10 | 11 | alfresco.identifier.property.0={http://www.alfresco.org/model/content/1.0}creator 12 | alfresco.identifier.property.1={http://www.alfresco.org/model/content/1.0}modifier 13 | alfresco.identifier.property.2={http://www.alfresco.org/model/content/1.0}userName 14 | alfresco.identifier.property.3={http://www.alfresco.org/model/content/1.0}authorityName 15 | 16 | # Suggestable Properties 17 | alfresco.suggestable.property.0={http://www.alfresco.org/model/content/1.0}name 18 | alfresco.suggestable.property.1={http://www.alfresco.org/model/content/1.0}title 19 | alfresco.suggestable.property.2={http://www.alfresco.org/model/content/1.0}description 20 | alfresco.suggestable.property.3={http://www.alfresco.org/model/content/1.0}content 21 | 22 | # Data types that support cross locale/word splitting/token patterns if tokenised 23 | alfresco.cross.locale.property.0={http://www.alfresco.org/model/content/1.0}name 24 | 25 | # Data types that support cross locale/word splitting/token patterns if tokenised 26 | alfresco.cross.locale.datatype.0={http://www.alfresco.org/model/dictionary/1.0}text 27 | alfresco.cross.locale.datatype.1={http://www.alfresco.org/model/dictionary/1.0}content 28 | alfresco.cross.locale.datatype.2={http://www.alfresco.org/model/dictionary/1.0}mltext 29 | -------------------------------------------------------------------------------- /search/solr.in.sh: -------------------------------------------------------------------------------- 1 | # Licensed to the Apache Software Foundation (ASF) under one or more 2 | # contributor license agreements. See the NOTICE file distributed with 3 | # this work for additional information regarding copyright ownership. 4 | # The ASF licenses this file to You under the Apache License, Version 2.0 5 | # (the "License"); you may not use this file except in compliance with 6 | # the License. You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | 16 | # Settings here will override settings in existing env vars or in bin/solr. The default shipped state 17 | # of this file is completely commented. 18 | 19 | # By default the script will use JAVA_HOME to determine which java 20 | # to use, but you can set a specific path for Solr to use without 21 | # affecting other Java applications on your server/workstation. 22 | #SOLR_JAVA_HOME="" 23 | 24 | # This controls the number of seconds that the solr script will wait for 25 | # Solr to stop gracefully or Solr to start. If the graceful stop fails, 26 | # the script will forcibly stop Solr. If the start fails, the script will 27 | # give up waiting and display the last few lines of the logfile. 28 | #SOLR_STOP_WAIT="180" 29 | 30 | # Increase Java Heap as needed to support your indexing / query needs 31 | #SOLR_HEAP="512m" 32 | 33 | # Expert: If you want finer control over memory options, specify them directly 34 | # Comment out SOLR_HEAP if you are using this though, that takes precedence 35 | SOLR_JAVA_MEM="-Xms512m -Xmx2192m" 36 | 37 | # Enable verbose GC logging 38 | GC_LOG_OPTS="" 39 | #GC_LOG_OPTS="-verbose:gc -XX:+PrintHeapAtGC -XX:+PrintGCDetails \ 40 | #-XX:+PrintGCDateStamps -XX:+PrintGCTimeStamps -XX:+PrintTenuringDistribution -XX:+PrintGCApplicationStoppedTime" 41 | 42 | # These GC settings have shown to work well for a number of common Solr workloads 43 | #GC_TUNE="-XX:NewRatio=3 -XX:SurvivorRatio=4 etc. 44 | 45 | # Set the ZooKeeper connection string if using an external ZooKeeper ensemble 46 | # e.g. host1:2181,host2:2181/chroot 47 | # Leave empty if not using SolrCloud 48 | #ZK_HOST="" 49 | 50 | # Set the ZooKeeper client timeout (for SolrCloud mode) 51 | #ZK_CLIENT_TIMEOUT="15000" 52 | 53 | # By default the start script uses "localhost"; override the hostname here 54 | # for production SolrCloud environments to control the hostname exposed to cluster state 55 | #SOLR_HOST="192.168.1.1" 56 | 57 | # By default the start script uses UTC; override the timezone if needed 58 | #SOLR_TIMEZONE="UTC" 59 | 60 | # Set to true to activate the JMX RMI connector to allow remote JMX client applications 61 | # to monitor the JVM hosting Solr; set to "false" to disable that behavior 62 | # (false is recommended in production environments) 63 | #ENABLE_REMOTE_JMX_OPTS="false" 64 | 65 | # The script will use SOLR_PORT+10000 for the RMI_PORT or you can set it here 66 | # RMI_PORT=18983 67 | 68 | # Alfresco configuration. This file is automatically included by solr. You can define your custom settings here 69 | SOLR_OPTS="$SOLR_OPTS -Dsolr.jetty.request.header.size=1000000 -Dsolr.jetty.threads.stop.timeout=300000 -Ddisable.configEdit=true" 70 | 71 | SOLR_OPTS="$SOLR_OPTS -Dsolr.content.dir=/opt/alfresco/alf_data/solr6/content -Dsolr.model.dir=/opt/alfresco/alf_data/solr6/models -Ddata.dir.root=/opt/alfresco/alf_data/solr6/index" 72 | #SSL Options 73 | SOLR_OPTS="$SOLR_OPTS -Dsolr.allow.unsafe.resourceloading=true -Djavax.net.ssl.keyStoreType=JCEKS -Djavax.net.ssl.trustStoreType=JCEKS -Dsolr.ssl.checkPeerName=false" 74 | #Use only at the first startup 75 | if [ ! -d "/opt/alfresco/alf_data/solr6/solrhome/alfresco/conf" ]; then 76 | SOLR_OPTS="$SOLR_OPTS -Dcreate.alfresco.defaults=alfresco,archive" 77 | fi 78 | 79 | #JMX 80 | #SOLR_OPTS="${SOLR_OPTS} -Dcom.sun.management.jmxremote" 81 | #SOLR_OPTS="${SOLR_OPTS} -Dcom.sun.management.jmxremote.port=8018" 82 | #SOLR_OPTS="${SOLR_OPTS} -Dcom.sun.management.jmxremote.ssl=false" 83 | #SOLR_OPTS="${SOLR_OPTS} -Dcom.sun.management.jmxremote.authenticate=true" 84 | #SOLR_OPTS="${SOLR_OPTS} -Dcom.sun.management.jmxremote.password.file=/opt/alfresco/jmx/jmxremote.password" 85 | #SOLR_OPTS="${SOLR_OPTS} -Dcom.sun.management.jmxremote.access.file=/opt/alfresco/jmx/jmxremote.access" 86 | 87 | # Anything you add to the SOLR_OPTS variable will be included in the java 88 | # start command line as-is, in ADDITION to other options. If you specify the 89 | # -a option on start script, those options will be appended as well. Examples: 90 | #SOLR_OPTS="$SOLR_OPTS -Dsolr.autoSoftCommit.maxTime=3000" 91 | #SOLR_OPTS="$SOLR_OPTS -Dsolr.autoCommit.maxTime=60000" 92 | #SOLR_OPTS="$SOLR_OPTS -Dsolr.clustering.enabled=true" 93 | 94 | # Location where the bin/solr script will save PID files for running instances 95 | # If not set, the script will create PID files in $SOLR_TIP/bin 96 | #SOLR_PID_DIR= 97 | 98 | # Path to a directory for Solr to store cores and their data. By default, Solr will use server/solr 99 | # If solr.xml is not stored in ZooKeeper, this directory needs to contain solr.xml 100 | SOLR_HOME=/opt/alfresco/alf_data/solr6/solrhome 101 | 102 | # Solr provides a default Log4J configuration properties file in server/resources 103 | # however, you may want to customize the log settings and file appender location 104 | # so you can point the script to use a different log4j.properties file 105 | #LOG4J_PROPS=/var/solr/log4j.properties 106 | 107 | # Changes the logging level. Valid values: ALL, TRACE, DEBUG, INFO, WARN, ERROR, FATAL, OFF. Default is INFO 108 | # This is an alternative to changing the rootLogger in log4j.properties 109 | #SOLR_LOG_LEVEL=INFO 110 | 111 | # Location where Solr should write logs to. Absolute or relative to solr start dir 112 | SOLR_LOGS_DIR=/opt/alfresco/logs/solr6 113 | LOG4J_PROPS=/opt/alfresco/solr6/logs/log4j.properties 114 | 115 | # Sets the port Solr binds to, default is 8983 116 | #SOLR_PORT=8983 117 | 118 | # Uncomment to set SSL-related system properties 119 | # Be sure to update the paths to the correct keystore for your environment 120 | #SOLR_SSL_KEY_STORE=/opt/alfresco/alf_data/keystore/ssl.keystore 121 | #SOLR_SSL_KEY_STORE_PASSWORD=kT9X6oe68t 122 | #SOLR_SSL_TRUST_STORE=/opt/alfresco/alf_data/keystore/ssl.truststore 123 | #SOLR_SSL_TRUST_STORE_PASSWORD=kT9X6oe68t 124 | #SOLR_SSL_NEED_CLIENT_AUTH=true 125 | #SOLR_SSL_WANT_CLIENT_AUTH=false 126 | 127 | # Uncomment if you want to override previously defined SSL values for HTTP client 128 | # otherwise keep them commented and the above values will automatically be set for HTTP clients 129 | #SOLR_SSL_CLIENT_KEY_STORE= 130 | #SOLR_SSL_CLIENT_KEY_STORE_PASSWORD= 131 | #SOLR_SSL_CLIENT_TRUST_STORE= 132 | #SOLR_SSL_CLIENT_TRUST_STORE_PASSWORD= 133 | 134 | # Settings for authentication 135 | #SOLR_AUTHENTICATION_CLIENT_CONFIGURER= 136 | #SOLR_AUTHENTICATION_OPTS= 137 | 138 | # Settings for ZK ACL 139 | #SOLR_ZK_CREDS_AND_ACLS="-DzkACLProvider=org.apache.solr.common.cloud.VMParamsAllAndReadonlyDigestZkACLProvider \ 140 | # -DzkCredentialsProvider=org.apache.solr.common.cloud.VMParamsSingleSetCredentialsDigestZkCredentialsProvider \ 141 | # -DzkDigestUsername=admin-user -DzkDigestPassword=CHANGEME-ADMIN-PASSWORD \ 142 | # -DzkDigestReadonlyUsername=readonly-user -DzkDigestReadonlyPassword=CHANGEME-READONLY-PASSWORD" 143 | #SOLR_OPTS="$SOLR_OPTS $SOLR_ZK_CREDS_AND_ACLS" 144 | 145 | # Hostname for Alfresco 146 | SOLR_ALFRESCO_HOST=localhost 147 | 148 | # Port for Alfresco 149 | SOLR_ALFRESCO_PORT=8080 150 | SOLR_SOLR_HOST=localhost -------------------------------------------------------------------------------- /tomcat/alfresco-global.properties: -------------------------------------------------------------------------------- 1 | ############################### 2 | ## Common Alfresco Properties # 3 | ############################### 4 | 5 | #----------------------- 6 | # File locations 7 | #----------------------- 8 | dir.root=/opt/alfresco/alf_data 9 | dir.contentstore=${dir.root}/contentstore 10 | dir.contentstore.deleted=${dir.root}/contentstore.deleted 11 | dir.cachedcontent=${dir.root}/cachedcontent 12 | dir.auditcontentstore=${dir.root}/audit.contentstore 13 | dir.keystore=${dir.root}/keystore 14 | solr.backup.alfresco.remoteBackupLocation=${dir.root}/backupsolr 15 | solr.backup.archive.remoteBackupLocation=${dir.root}/backupsolr 16 | 17 | #----------------------- 18 | # Database 19 | #----------------------- 20 | db.username=alfresco 21 | db.password=alfresco 22 | db.name=alfresco 23 | db.host=localhost 24 | db.port=3306 25 | db.driver=com.mysql.jdbc.Driver 26 | hibernate.dialect=org.hibernate.dialect.MySQLInnoDBDialect 27 | db.url=jdbc:mysql://${db.host}:${db.port}/${db.name}?useUnicode=yes&characterEncoding=UTF-8 28 | #db.driver=org.postgresql.Driver 29 | #db.port=5432 30 | #db.url=jdbc:postgresql://${db.host}:${db.port}/${db.name} 31 | db.pool.initial=10 32 | db.pool.min=10 33 | db.pool.idle=50 34 | # This values should be set higher than 90. Defaults to 90 until you have verified 35 | # max conenctions for your database. 36 | db.pool.max=90 37 | 38 | db.pool.validate.return=false 39 | db.pool.validate.borrow=true 40 | db.pool.validate.query=SELECT 1 41 | db.pool.evict.validate=false 42 | 43 | db.pool.abandoned.detect=false 44 | db.pool.abandoned.time=300 45 | # 46 | # db.pool.abandoned.log=true (logAbandoned) adds overhead (http://commons.apache.org/dbcp/configuration.html) 47 | # and also requires db.pool.abandoned.detect=true (removeAbandoned) 48 | # 49 | db.pool.abandoned.log=false 50 | 51 | 52 | # 53 | # The server mode. Set value in alfresco-global.properties 54 | # UNKNOWN | TEST | BACKUP | PRODUCTION 55 | # 56 | system.serverMode=UNKNOWN 57 | 58 | #----------------------- 59 | # System paramaters 60 | #----------------------- 61 | alfresco.context=alfresco 62 | alfresco.host=@@ALFRESCO_REPO_SERVER@@ 63 | alfresco.port=8080 64 | alfresco.protocol=http 65 | # 66 | share.context=share 67 | share.host=@@ALFRESCO_SHARE_SERVER@@ 68 | share.port=@@ALFRESCO_SHARE_SERVER_PORT@@ 69 | share.protocol=@@ALFRESCO_SHARE_SERVER_PROTOCOL@@ 70 | 71 | # Override if using proxy server, change to true 72 | # if true, the context path of OpenCMIS generated urls will be set to "opencmis.context.value", otherwise it will be taken from the request url 73 | opencmis.context.override=false 74 | opencmis.context.value= 75 | # if true, the servlet path of OpenCMIS generated urls will be set to "opencmis.servletpath.value", otherwise it will be taken from the request url 76 | opencmis.servletpath.override=false 77 | opencmis.servletpath.value= 78 | opencmis.server.override=false 79 | opencmis.server.value=@@ALFRESCO_SHARE_SERVER_PROTOCOL@@://@@ALFRESCO_SHARE_SERVER@@:@@ALFRESCO_SHARE_SERVER_PORT@@ 80 | 81 | # Alfresco Office Services override 82 | #aos.baseUrlOverwrite=@@ALFRESCO_SHARE_SERVER_PROTOCOL@@://@@ALFRESCO_SHARE_SERVER@@:@@ALFRESCO_SHARE_SERVER_PORT@@/alfresco/aos 83 | #aos.sitePathOverwrite=/alfresco/aos 84 | 85 | site.public.group=GROUP_EVERYONE 86 | 87 | #Performance 88 | system.usages.enabled=true 89 | 90 | # 91 | # Disable load of sample site. Set to false if you want to boostrap sample site and users. 92 | # 93 | sample.site.disabled=true 94 | 95 | #----------------------- 96 | # Messaging Queue 97 | #----------------------- 98 | # Disabled in Community install. See https://github.com/loftuxab/alfresco-ubuntu-install/issues/120 99 | messaging.subsystem.autoStart=false 100 | 101 | #----------------------- 102 | # External locations 103 | #----------------------- 104 | jodconverter.enabled=true 105 | jodconverter.officeHome=/opt/libreoffice6.4 106 | #Number of instances, add more port numbers for more 107 | jodconverter.portNumbers=2022,2023 108 | # The maximum number of OOo-related tasks to perform before a process restart 109 | jodconverter.maxTasksPerProcess=200 110 | 111 | # timeouts are in milliseconds 112 | jodconverter.taskExecutionTimeout=120000 113 | jodconverter.taskQueueTimeout=30000 114 | jodconverter.connectTimeout=25000 115 | 116 | # Alfresco PDF Renderer 117 | alfresco-pdf-renderer.root=/opt/alfresco/bin 118 | alfresco-pdf-renderer.exe=${alfresco-pdf-renderer.root}/alfresco-pdf-renderer 119 | #Shell script to limit cpu used by ImageMagick convert. Edit to match your number of cpu:s 120 | img.exe=/opt/alfresco/scripts/limitconvert.sh 121 | img.root=/etc/ImageMagick 122 | img.dyn=/usr/lib 123 | 124 | #----------------------- 125 | # Index 126 | #----------------------- 127 | index.subsystem.name=solr6 128 | solr.secureComms=none 129 | solr.host=localhost 130 | solr.port=8983 131 | solr.port.ssl=8443 132 | # Effectively turn off solr backup 133 | solr.backup.alfresco.cronExpression=0 0 2 * * ? 2099 134 | solr.backup.archive.cronExpression=0 0 4 * * ? 2099 135 | 136 | #----------------------- 137 | # Workflow engine 138 | #----------------------- 139 | system.workflow.engine.activiti.definitions.visible=true 140 | system.workflow.engine.activiti.enabled=true 141 | 142 | #----------------------- 143 | # Activties Feed and Subscriptions 144 | #----------------------- 145 | activities.feed.notifier.repeatIntervalMins=1440 146 | activities.feed.notifier.enabled=false 147 | activities.feed.max.size=100 148 | activities.feed.max.ageMins=44640 149 | # Enables the subscription service 150 | subscriptions.enabled=true 151 | # Feed notification period (every 24 hours at 08:30) 152 | activities.feed.notifier.cronExpression=0 30 8 * * ? 153 | 154 | #----------------------- 155 | # Traschcan-cleaner 156 | #----------------------- 157 | trashcan-cleaner.cron=0 0 2 * * ? 158 | # the period for which trashcan items are kept (in java.time.Duration format). 159 | # Default is 28 days, setting it to 90. 160 | trashcan-cleaner.keepPeriod=P90D 161 | # how many trashcan items to delete per job run 162 | trashcan-cleaner.deleteBatchCount=1000 163 | 164 | # Enable smart folders 165 | smart.folders.enabled=false 166 | 167 | #----------------------- 168 | # Email 169 | #----------------------- 170 | # Outbound Email Configuration 171 | mail.host=smtp.example.com 172 | mail.port=25 173 | mail.username=anonymous 174 | mail.password= 175 | mail.encoding=UTF-8 176 | mail.from.default=alfresco@demo.alfresco.org 177 | mail.protocol=smtp 178 | # Use mail.from.default as sender by default, some smtp servers doesn't allow for impersonation. 179 | mail.from.enabled=false 180 | # Additional Java Mail properties for SMTP protocol 181 | mail.smtp.auth=false 182 | mail.smtp.debug=false 183 | mail.smtp.timeout=5000 184 | mail.smtp.starttls.enable=false 185 | # Additional Java Mail properties for SMTPS protocol 186 | mail.smtps.auth=false 187 | mail.smtps.starttls.enable=false 188 | #use these properties to send test message during start of subsystem 189 | mail.testmessage.send=false 190 | mail.testmessage.to= 191 | mail.testmessage.subject=Outbound SMTP 192 | mail.testmessage.text=The Outbound SMTP email subsystem is working. 193 | 194 | ##IMAP 195 | #imap.server.enabled=true 196 | #imap.server.port=143 197 | #imap.server.host=localhost 198 | 199 | #----------------------- 200 | # File Servers 201 | #----------------------- 202 | # WebDAV initialization properties 203 | system.webdav.servlet.enabled=true 204 | system.webdav.rootPath=${protocols.rootPath} 205 | 206 | cifs.enabled=false 207 | cifs.tcpipSMB.port=1445 208 | cifs.netBIOSSMB.sessionPort=1139 209 | cifs.netBIOSSMB.namePort=1137 210 | cifs.netBIOSSMB.datagramPort=1138 211 | 212 | ftp.enabled=false 213 | ftp.port=2021 214 | 215 | #----------------------- 216 | # The default authentication chain 217 | # To configure external authentication subsystems see: 218 | # http://wiki.alfresco.com/wiki/Alfresco_Authentication_Subsystems 219 | #----------------------- 220 | #authentication.chain=alfrescoNtlm1:alfrescoNtlm 221 | 222 | 223 | 224 | #----------------------- 225 | # Configuration of max size for transformations. 226 | content.transformer.JodConverter.extensions.xlsm.pdf.maxSourceSizeKBytes=5120 227 | content.transformer.JodConverter.extensions.pptm.pdf.maxSourceSizeKBytes=5120 228 | content.transformer.JodConverter.extensions.xls.pdf.maxSourceSizeKBytes=10240 229 | content.transformer.JodConverter.extensions.sldm.pdf.maxSourceSizeKBytes=5120 230 | content.transformer.JodConverter.extensions.xltx.pdf.maxSourceSizeKBytes=5120 231 | content.transformer.JodConverter.extensions.potx.pdf.maxSourceSizeKBytes=5120 232 | content.transformer.JodConverter.extensions.docx.pdf.maxSourceSizeKBytes=10240 233 | content.transformer.JodConverter.extensions.xlsx.pdf.maxSourceSizeKBytes=10240 234 | content.transformer.JodConverter.extensions.pptx.pdf.maxSourceSizeKBytes=10240 235 | content.transformer.JodConverter.extensions.xlam.pdf.maxSourceSizeKBytes=5120 236 | content.transformer.JodConverter.extensions.ppt.pdf.maxSourceSizeKBytes=10240 237 | content.transformer.JodConverter.extensions.docm.pdf.maxSourceSizeKBytes=5120 238 | content.transformer.JodConverter.extensions.xltm.pdf.maxSourceSizeKBytes=5120 239 | content.transformer.JodConverter.extensions.dotx.pdf.maxSourceSizeKBytes=5120 240 | content.transformer.JodConverter.extensions.xlsb.pdf.maxSourceSizeKBytes=5120 241 | content.transformer.JodConverter.extensions.sldx.pdf.maxSourceSizeKBytes=5120 242 | content.transformer.JodConverter.extensions.ppsm.pdf.maxSourceSizeKBytes=5120 243 | content.transformer.JodConverter.extensions.potm.pdf.maxSourceSizeKBytes=5120 244 | content.transformer.JodConverter.extensions.txt.pdf.maxSourceSizeKBytes=5120 245 | content.transformer.JodConverter.extensions.ppam.pdf.maxSourceSizeKBytes=5120 246 | content.transformer.JodConverter.extensions.dotm.pdf.maxSourceSizeKBytes=5120 247 | content.transformer.JodConverter.extensions.doc.pdf.maxSourceSizeKBytes=10240 248 | content.transformer.JodConverter.extensions.vsd.pdf.maxSourceSizeKBytes=5120 249 | content.transformer.JodConverter.extensions.vsdx.pdf.maxSourceSizeKBytes=5120 250 | content.transformer.JodConverter.extensions.ppsx.pdf.maxSourceSizeKBytes=5120 251 | 252 | -------------------------------------------------------------------------------- /tomcat/alfresco.conf: -------------------------------------------------------------------------------- 1 | description "Alfresco Tomcat Server" 2 | 3 | start on (local-filesystems and net-device-up IFACE!=lo) 4 | stop on runlevel [!2345] 5 | respawn 6 | respawn limit 10 5 7 | 8 | # Increase the limit number of open files as it seems 9 | # /etc/security/limits.conf and /etc/security/common-session* are not enough in some cases 10 | limit nofile 8192 65536 11 | 12 | # Add some time to shutdown more gracefully 13 | kill timeout 60 14 | 15 | # run as non privileged user 16 | setuid alfresco 17 | setgid alfresco 18 | 19 | # Set limits for open file handles 20 | limit nofile 8192 65536 21 | limit nproc 8192 65536 22 | 23 | # export LC_ALL else openoffice may use en settings on dates etc 24 | env LC_ALL=@@LOCALESUPPORT@@ 25 | 26 | # adapt paths: 27 | env JAVA_HOME=/usr/lib/jvm/java-8-oracle 28 | env ALF_HOME=/opt/alfresco 29 | env CATALINA_HOME=/opt/alfresco/tomcat 30 | env CATALINA_TMPDIR=/opt/alfresco/tomcat/temp 31 | 32 | script 33 | # Variable expansion here, not supported by env above 34 | export JAVA_HOME 35 | export JRE_HOME=$JAVA_HOME/jre 36 | export PATH=$PATH:$HOME/bin:$JRE_HOME/bin 37 | export CATALINA_HOME 38 | export CATALINA_TMPDIR 39 | export ALF_HOME 40 | 41 | # Change to directory, this is where alfresco default log files will go 42 | if [ ! -d "$ALF_HOME/logs" ]; then 43 | mkdir -p $ALF_HOME/logs 44 | fi 45 | cd $ALF_HOME/logs 46 | 47 | # IMPORTANT Updated to match memory available on your server. 48 | # For production, A server with at least 8G ram, and -Xmx6G is recommended. More is better! 49 | JAVA_OPTS="-Xms1G -Xmx2G -Xss1024k" 50 | # Below are options that can be used for dealing with memory and garbage collection 51 | # JAVA_OPTS="${JAVA_OPTS} -Xss1024k -XX:MaxPermSize=256m -XX:NewSize=512m -XX:+CMSIncrementalMode -XX:CMSInitiatingOccupancyFraction=80" 52 | 53 | # Recommended for Solr4 54 | JAVA_OPTS="${JAVA_OPTS} -XX:+UseConcMarkSweepGC -XX:+UseParNewGC" 55 | 56 | JAVA_OPTS="${JAVA_OPTS} -Duser.country=US -Duser.region=US -Duser.language=en -Duser.timezone=\"Europe/Stockholm\" -d64" 57 | # Enable this if you encounter problems with transformations of certain pdfs. Side effect is disable of remote debugging 58 | # JAVA_OPTS="${JAVA_OPTS} -Djava.awt.headless=true" 59 | 60 | # Enable if you wish to speed up startup 61 | # Possibly less secure random generation see http://wiki.apache.org/tomcat/HowTo/FasterStartUp#Entropy_Source 62 | # JAVA_OPTS="${JAVA_OPTS} -Djava.security.egd=file:/dev/./urandom" 63 | 64 | # set tomcat temp location 65 | JAVA_OPTS="${JAVA_OPTS} -Djava.io.tmpdir=${CATALINA_TMPDIR}" 66 | 67 | #File encoding may be correct, but we specify them to be sure 68 | JAVA_OPTS="${JAVA_OPTS} -Dfile.encoding=UTF-8 -Dsun.jnu.encoding=UTF-8" 69 | JAVA_OPTS="${JAVA_OPTS} -Dalfresco.home=${ALF_HOME} -Dcom.sun.management.jmxremote=true" 70 | JAVA_OPTS="${JAVA_OPTS} -server" 71 | 72 | # cleanup temp directory before starting 73 | { 74 | rm -rf $CATALINA_TMPDIR/* 75 | } || { 76 | logger -is -t "$UPSTART_JOB" "Warning: Failed to clean tomcat tempdirectory." 77 | } 78 | 79 | { 80 | rm -rf $CATALINA_HOME/work/* 81 | } || { 82 | logger -is -t "$UPSTART_JOB" "Warning: Failed to clean tomcat work directory." 83 | } 84 | 85 | export JAVA_OPTS 86 | 87 | logger -is -t "$UPSTART_JOB" "Alfresco tomcat started" 88 | 89 | exec $CATALINA_HOME/bin/catalina.sh run 90 | 91 | end script 92 | 93 | pre-stop script 94 | SHUTDOWN_PORT=`netstat -vatn|grep LISTEN|grep 8005|wc -l` 95 | if [ $SHUTDOWN_PORT -eq 0 ]; then 96 | logger -is -t "$UPSTART_JOB" "*** A stop was issued before Alfresco was properly started. In 120 seconds server will stop. ***" 97 | sleep 120 98 | # Best would be to cancel stop event, but that doesn't seem to work. Now let it start properly before stop 99 | else 100 | export JRE_HOME=$JAVA_HOME/jre 101 | export PATH=$PATH:$HOME/bin:$JRE_HOME/bin 102 | exec $CATALINA_HOME/bin/catalina.sh stop 103 | sleep 6 104 | fi 105 | script 106 | 107 | post-stop script 108 | logger -is -t "$UPSTART_JOB" "Alfresco tomcat stopped" 109 | end script 110 | -------------------------------------------------------------------------------- /tomcat/alfresco.service: -------------------------------------------------------------------------------- 1 | # Alfresco Tomcat Systemd Startup script 2 | # Authors: loftux, housni, cuspycode 3 | 4 | [Unit] 5 | Description=Alfresco Community Tomcat service 6 | 7 | [Service] 8 | Type=forking 9 | ExecStart=/opt/alfresco/alfresco-service.sh servicestart 10 | ExecStop=/opt/alfresco/alfresco-service.sh servicestop 11 | Restart=always 12 | User=alfresco 13 | WorkingDirectory=/opt/alfresco/logs 14 | LimitNOFILE=8192:65536 15 | 16 | [Install] 17 | WantedBy=multi-user.target -------------------------------------------------------------------------------- /tomcat/alfresco.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | -------------------------------------------------------------------------------- /tomcat/catalina.properties: -------------------------------------------------------------------------------- 1 | # Licensed to the Apache Software Foundation (ASF) under one or more 2 | # contributor license agreements. See the NOTICE file distributed with 3 | # this work for additional information regarding copyright ownership. 4 | # The ASF licenses this file to You under the Apache License, Version 2.0 5 | # (the "License"); you may not use this file except in compliance with 6 | # the License. You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | 16 | # 17 | # List of comma-separated packages that start with or equal this string 18 | # will cause a security exception to be thrown when 19 | # passed to checkPackageAccess unless the 20 | # corresponding RuntimePermission ("accessClassInPackage."+package) has 21 | # been granted. 22 | package.access=sun.,org.apache.catalina.,org.apache.coyote.,org.apache.jasper.,org.apache.tomcat. 23 | # 24 | # List of comma-separated packages that start with or equal this string 25 | # will cause a security exception to be thrown when 26 | # passed to checkPackageDefinition unless the 27 | # corresponding RuntimePermission ("defineClassInPackage."+package) has 28 | # been granted. 29 | # 30 | # by default, no packages are restricted for definition, and none of 31 | # the class loaders supplied with the JDK call checkPackageDefinition. 32 | # 33 | package.definition=sun.,java.,org.apache.catalina.,org.apache.coyote.,\ 34 | org.apache.jasper.,org.apache.naming.,org.apache.tomcat. 35 | 36 | # 37 | # 38 | # List of comma-separated paths defining the contents of the "common" 39 | # classloader. Prefixes should be used to define what is the repository type. 40 | # Path may be relative to the CATALINA_HOME or CATALINA_BASE path or absolute. 41 | # If left as blank,the JVM system loader will be used as Catalina's "common" 42 | # loader. 43 | # Examples: 44 | # "foo": Add this folder as a class repository 45 | # "foo/*.jar": Add all the JARs of the specified folder as class 46 | # repositories 47 | # "foo/bar.jar": Add bar.jar as a class repository 48 | # 49 | # Note: Values are enclosed in double quotes ("...") in case either the 50 | # ${catalina.base} path or the ${catalina.home} path contains a comma. 51 | # Because double quotes are used for quoting, the double quote character 52 | # may not appear in a path. 53 | common.loader="${catalina.base}/lib","${catalina.base}/lib/*.jar","${catalina.home}/lib","${catalina.home}/lib/*.jar" 54 | 55 | # 56 | # List of comma-separated paths defining the contents of the "server" 57 | # classloader. Prefixes should be used to define what is the repository type. 58 | # Path may be relative to the CATALINA_HOME or CATALINA_BASE path or absolute. 59 | # If left as blank, the "common" loader will be used as Catalina's "server" 60 | # loader. 61 | # Examples: 62 | # "foo": Add this folder as a class repository 63 | # "foo/*.jar": Add all the JARs of the specified folder as class 64 | # repositories 65 | # "foo/bar.jar": Add bar.jar as a class repository 66 | # 67 | # Note: Values may be enclosed in double quotes ("...") in case either the 68 | # ${catalina.base} path or the ${catalina.home} path contains a comma. 69 | # Because double quotes are used for quoting, the double quote character 70 | # may not appear in a path. 71 | server.loader= 72 | 73 | # 74 | # List of comma-separated paths defining the contents of the "shared" 75 | # classloader. Prefixes should be used to define what is the repository type. 76 | # Path may be relative to the CATALINA_BASE path or absolute. If left as blank, 77 | # the "common" loader will be used as Catalina's "shared" loader. 78 | # Examples: 79 | # "foo": Add this folder as a class repository 80 | # "foo/*.jar": Add all the JARs of the specified folder as class 81 | # repositories 82 | # "foo/bar.jar": Add bar.jar as a class repository 83 | # Please note that for single jars, e.g. bar.jar, you need the URL form 84 | # starting with file:. 85 | # 86 | # Note: Values may be enclosed in double quotes ("...") in case either the 87 | # ${catalina.base} path or the ${catalina.home} path contains a comma. 88 | # Because double quotes are used for quoting, the double quote character 89 | # may not appear in a path. 90 | shared.loader="${catalina.base}/shared/classes","${catalina.base}/shared/lib/*.jar" 91 | 92 | # Default list of JAR files that should not be scanned using the JarScanner 93 | # functionality. This is typically used to scan JARs for configuration 94 | # information. JARs that do not contain such information may be excluded from 95 | # the scan to speed up the scanning process. This is the default list. JARs on 96 | # this list are excluded from all scans. The list must be a comma separated list 97 | # of JAR file names. 98 | # The list of JARs to skip may be over-ridden at a Context level for individual 99 | # scan types by configuring a JarScanner with a nested JarScanFilter. 100 | # The JARs listed below include: 101 | # - Tomcat Bootstrap JARs 102 | # - Tomcat API JARs 103 | # - Catalina JARs 104 | # - Jasper JARs 105 | # - Tomcat JARs 106 | # - Common non-Tomcat JARs 107 | # - Test JARs (JUnit, Cobertura and dependencies) 108 | tomcat.util.scan.StandardJarScanFilter.jarsToSkip=\ 109 | bootstrap.jar,commons-daemon.jar,tomcat-juli.jar,\ 110 | annotations-api.jar,el-api.jar,jsp-api.jar,servlet-api.jar,websocket-api.jar,\ 111 | catalina.jar,catalina-ant.jar,catalina-ha.jar,catalina-storeconfig.jar,\ 112 | catalina-tribes.jar,\ 113 | jasper.jar,jasper-el.jar,ecj-*.jar,\ 114 | tomcat-api.jar,tomcat-util.jar,tomcat-util-scan.jar,tomcat-coyote.jar,\ 115 | tomcat-dbcp.jar,tomcat-jni.jar,tomcat-websocket.jar,\ 116 | tomcat-i18n-en.jar,tomcat-i18n-es.jar,tomcat-i18n-fr.jar,tomcat-i18n-ja.jar,\ 117 | tomcat-juli-adapters.jar,catalina-jmx-remote.jar,catalina-ws.jar,\ 118 | tomcat-jdbc.jar,\ 119 | tools.jar,\ 120 | commons-beanutils*.jar,commons-codec*.jar,commons-collections*.jar,\ 121 | commons-dbcp*.jar,commons-digester*.jar,commons-fileupload*.jar,\ 122 | commons-httpclient*.jar,commons-io*.jar,commons-lang*.jar,commons-logging*.jar,\ 123 | commons-math*.jar,commons-pool*.jar,\ 124 | jstl.jar,taglibs-standard-spec-*.jar,\ 125 | geronimo-spec-jaxrpc*.jar,wsdl4j*.jar,\ 126 | ant.jar,ant-junit*.jar,aspectj*.jar,jmx.jar,h2*.jar,hibernate*.jar,httpclient*.jar,\ 127 | jmx-tools.jar,jta*.jar,log4j*.jar,mail*.jar,slf4j*.jar,\ 128 | xercesImpl.jar,xmlParserAPIs.jar,xml-apis.jar,\ 129 | junit.jar,junit-*.jar,ant-launcher.jar,\ 130 | cobertura-*.jar,asm-*.jar,dom4j-*.jar,icu4j-*.jar,jaxen-*.jar,jdom-*.jar,\ 131 | jetty-*.jar,oro-*.jar,servlet-api-*.jar,tagsoup-*.jar,xmlParserAPIs-*.jar,\ 132 | xom-*.jar 133 | 134 | # Default list of JAR files that should be scanned that overrides the default 135 | # jarsToSkip list above. This is typically used to include a specific JAR that 136 | # has been excluded by a broad file name pattern in the jarsToSkip list. 137 | # The list of JARs to scan may be over-ridden at a Context level for individual 138 | # scan types by configuring a JarScanner with a nested JarScanFilter. 139 | tomcat.util.scan.StandardJarScanFilter.jarsToScan=\ 140 | log4j-web*.jar,log4j-taglib*.jar,log4javascript*.jar,slf4j-taglib*.jar 141 | 142 | # String cache configuration. 143 | tomcat.util.buf.StringCache.byte.enabled=true 144 | #tomcat.util.buf.StringCache.char.enabled=true 145 | #tomcat.util.buf.StringCache.trainThreshold=500000 146 | #tomcat.util.buf.StringCache.cacheSize=5000 147 | 148 | # This system property is deprecated. Use the relaxedPathChars relaxedQueryChars 149 | # attributes of the Connector instead. These attributes permit a wider range of 150 | # characters to be configured as valid. 151 | # Allow for changes to HTTP request validation 152 | # WARNING: Using this option may expose the server to CVE-2016-6816 153 | #tomcat.util.http.parser.HttpParser.requestTargetAllow=| 154 | -------------------------------------------------------------------------------- /tomcat/context.xml: -------------------------------------------------------------------------------- 1 | 2 | 18 | 19 | 20 | 21 | 22 | 23 | WEB-INF/web.xml 24 | ${catalina.base}/conf/web.xml 25 | 26 | 27 | 30 | 31 | 32 | 37 | 38 | 40 | 43 | 44 | -------------------------------------------------------------------------------- /tomcat/server.xml: -------------------------------------------------------------------------------- 1 | 2 | 18 | 22 | 23 | 24 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 37 | 38 | 41 | 46 | 47 | 48 | 53 | 54 | 55 | 56 | 60 | 61 | 62 | 69 | 85 | 86 | 92 | 97 | 118 | 119 | 120 | 121 | 122 | 123 | 128 | 129 | 132 | 133 | 134 | 137 | 140 | 141 | 143 | 144 | 148 | 150 | 151 | 152 | 154 | 155 | 157 | 160 | 161 | 164 | 169 | 170 | 171 | 172 | 173 | -------------------------------------------------------------------------------- /tomcat/share-config-custom.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | false 8 | 10 | false 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | production 19 | 20 | 21 | 22 | 23 | 24 | 25 | Alfresco-CSRFToken 26 | https?:\/\/@@ALFRESCO_SHARE_SERVER@@\/.* 27 | https?:\/\/@@ALFRESCO_SHARE_SERVER@@.* 28 | 29 | 30 | 31 | 32 | 33 | 34 | alfresco-noauth 35 | Alfresco - unauthenticated access 36 | Access to Alfresco Repository WebScripts that do not require authentication 37 | alfresco 38 | http://@@SHARE_TO_REPO_SERVER@@:8080/alfresco/s 39 | none 40 | 41 | 42 | 43 | alfresco 44 | Alfresco - user access 45 | Access to Alfresco Repository WebScripts that require user authentication 46 | alfresco 47 | http://@@SHARE_TO_REPO_SERVER@@:8080/alfresco/s 48 | user 49 | 50 | 51 | 52 | alfresco-feed 53 | Alfresco Feed 54 | Alfresco Feed - supports basic HTTP authentication via the EndPointProxyServlet 55 | http 56 | http://@@SHARE_TO_REPO_SERVER@@:8080/alfresco/s 57 | true 58 | user 59 | 60 | 61 | 62 | activiti-admin 63 | Activiti Admin UI - user access 64 | Access to Activiti Admin UI, that requires user authentication 65 | activiti-admin-connector 66 | http://@@SHARE_TO_REPO_SERVER@@:8080/alfresco/activiti-admin 67 | user 68 | 69 | 70 | 71 | alfresco-api 72 | alfresco 73 | Alfresco Public API - user access 74 | Access to Alfresco Repository Public API that require user authentication. 75 | This makes use of the authentication that is provided by parent 'alfresco' endpoint. 76 | alfresco 77 | http://@@SHARE_TO_REPO_SERVER@@:8080/alfresco/api 78 | user 79 | 80 | 81 | 82 | 83 | -------------------------------------------------------------------------------- /tomcat/share.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | -------------------------------------------------------------------------------- /tomcat/tomcat-users.xml: -------------------------------------------------------------------------------- 1 | 2 | 18 | 22 | 30 | 37 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | --------------------------------------------------------------------------------