====== Installation ======

Voraussetzung ist ein installiertes Linux Basissystem, Java Server VM > 1.8.0 und MariaDB/MySQL.

Die Installation erfolgt im Ordner ''/opt/webserver''. Das Dateilayout sieht folgendermaßen aus:

<file>
drwxr-xr-x 4 ec2-user root     4096 Jul 25 16:54 .
drwxr-xr-x 4 root     root     4096 Mar  3 14:30 ..
-rw-r--r-- 1 root     root     1344 Jul 25 16:38 application.properties
drwxr-xr-x 2 root     root     4096 May  4 17:00 backup
-rw----r-- 1 root     root     5257 Apr 25 10:34 datareporter.jks
-rw-r--r-- 1 root     root 69332573 Jul  1 12:08 datareporter-server-1.0-SNAPSHOT.jar
-rwxr--r-- 1 root     root     1451 May  4 16:59 service.sh
-rw----r-- 1 root     root     5745 Mar  4 09:09 traunau.jks
drwxr-xr-x 2 root     root     4096 Jul 25 08:30 update
-rwxr--r-- 1 root     root      321 Jul 25 16:54 webserver.sh
</file>
===== application.properties =====
Konfiguration des Systems, einen Beispielkonfiguration (inkl. SSL) wäre:

<file>

logging.level.org.springframework.web: ERROR
logging.level.org.thymeleaf: ERROR
logging.level.org.hibernate: ERROR
logging.level.org.reflections: ERROR

multipart.maxFileSize=10Mb


# Productive settings
application.debug=false

server.port: 443
server.ssl.key-store: datareporter.jks
server.ssl.key-store-password: datareporter
server.ssl.keyStoreType: jks
server.ssl.keyAlias: datareporter
server.ssl.ciphers=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_DSS_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_SHA256,TLS_ECDHE_RSA_WITH_AES_128_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_SHA,TLS_ECDHE_RSA_WITH_AES_256_SHA384,TLS_ECDHE_ECDSA_WITH_AES_256_SHA384,TLS_ECDHE_RSA_WITH_AES_256_SHA,TLS_ECDHE_ECDSA_WITH_AES_256_SHA,TLS_DHE_RSA_WITH_AES_128_SHA256,TLS_DHE_RSA_WITH_AES_128_SHA,TLS_DHE_DSS_WITH_AES_128_SHA256,TLS_DHE_RSA_WITH_AES_256_SHA256,TLS_DHE_DSS_WITH_AES_256_SHA,TLS_DHE_RSA_WITH_AES_256_SHA


i# absolute URL of own application (without trailing /, including protocol)
application.url=https://dsdev.datareporter.eu

</file>

===== datareporter-server-1.0-SNAPSHOT.jar =====
Der aktuelle Build des DataReporter Serversystems

===== service.sh =====
Dient zum Start des .jar files als Service. Prüft auch, ob der Webserver eventuell nicht mehr läuft obwohl er laufen sollte (PID file existiert, aber Prozess läuft nicht). Zum Start wird das Hilfsskript ''webserver.sh'' benötigt.

<code>
#!/bin/sh
SERVICE_NAME=Datareporter
PATH_TO_SH=/opt/webserver/webserver.sh
PID_PATH_NAME=/tmp/datareporter-pid


if [ -f $PID_PATH_NAME ]; then
  PID=$(cat $PID_PATH_NAME);
  if ps -p $PID > /dev/null
  then
    # runs and pid file there, all ok
    echo "Running OK"
  else
    echo "PID file but no running process, starting.."
    rm $PID_PATH_NAME
    su root -c $PATH_TO_SH
    echo "$SERVICE_NAME started ..."
  fi

fi



case $1 in
    start)
        echo "Starting $SERVICE_NAME ..."
        if [ ! -f $PID_PATH_NAME ]; then
            su root -c $PATH_TO_SH
            echo "$SERVICE_NAME started ..."
        else
            echo "$SERVICE_NAME is already running ..."
        fi
    ;;
    stop)
        if [ -f $PID_PATH_NAME ]; then
            PID=$(cat $PID_PATH_NAME);
            echo "$SERVICE_NAME stoping ..."
            kill $PID;
            echo "$SERVICE_NAME stopped ..."
            rm $PID_PATH_NAME
        else
            echo "$SERVICE_NAME is not running ..."
        fi
    ;;
    check)
      if [ -f $PID_PATH_NAME ]; then
        PID=$(cat $PID_PATH_NAME);
        if ps -p $PID > /dev/null
          then
          # runs and pid file there, all ok
            echo "Check result: running OK"
            exit 0
          else
            echo "Check: PID file but no running process"
            exit 1
          fi
        else
          echo "Check: Not running"
          exit 1
        fi
    ;;
esac

</code>
===== traunau.jks =====
Der Java Keystore für das SSL Zertifikat.

===== webserver.sh =====
Hilfsskript für service.sh:
<code>
#!/bin/bash

JAR_NAME=datareporter-server-1.0-SNAPSHOT.jar
PATH_TO_JAR=/opt/webserver
PID_PATH_NAME=/tmp/datareporter-pid
PATH_TO_LOG=/var/log


cd $PATH_TO_JAR
nohup java -Xmx512m -Djdk.tls.ephemeralDHKeySize=2048 -jar $PATH_TO_JAR/$JAR_NAME 2>>$PATH_TO_LOG/ds_server.err >>$PATH_TO_LOG/ds_server.log  &
echo $! > $PID_PATH_NAME
</code>
====== Installation des Services (initd) ======
Um den Webserver bei Systemstart zu starten, muss folgender symbolische Link in ''/etc/init.d'' gesetzt werden:
<code>
lrwxrwxrwx  1 root root    25 Mar  3 14:44 datenschutz -> /opt/webserver/service.sh
</code>

Um den Watchdog für den Service laufen zu lassen wird folgende Crontab (als root) benötigt:
<code>
* * * * * /opt/webserver/service.sh
</code>