Dies ist eine alte Version des Dokuments!
Installation
Voraussetzung ist ein installiertes Linux Basissystem, Java Server VM > 1.8.0 und MariaDB/MySQL.
Die Installation erfolgt im Ordner /opt/webserver. Das Dateilayout sieht folgendermaßen aus:
-rw-r--r-- 1 root root 397 Mar 4 09:12 application.properties drwxr-xr-x 2 root root 4096 Mar 30 09:29 backup -rw-r--r-- 1 root root 68093168 Apr 3 17:52 datareporter-server-1.0-SNAPSHOT.jar -rwxr--r-- 1 root root 1449 Apr 3 17:28 service.sh -rw------- 1 root root 5745 Mar 4 09:09 traunau.jks drwxr-xr-x 2 root root 4096 Apr 3 17:54 update -rwxr--r-- 1 root root 285 Mar 3 14:35 webserver.sh
application.properties
Konfiguration des Systems, einen Beispielkonfiguration (inkl. SSL) wäre:
logging.level.org.springframework.web: ERROR logging.level.org.thymeleaf: ERROR logging.level.org.hibernate: ERROR logging.level.org.reflections: ERROR multipart.maxFileSize=10Mb # Productive settings application.debug=false server.port: 443 server.ssl.key-store: datareporter.jks server.ssl.key-store-password: datareporter server.ssl.keyStoreType: jks server.ssl.keyAlias: datareporter server.ssl.ciphers=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_DSS_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_SHA256,TLS_ECDHE_RSA_WITH_AES_128_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_SHA,TLS_ECDHE_RSA_WITH_AES_256_SHA384,TLS_ECDHE_ECDSA_WITH_AES_256_SHA384,TLS_ECDHE_RSA_WITH_AES_256_SHA,TLS_ECDHE_ECDSA_WITH_AES_256_SHA,TLS_DHE_RSA_WITH_AES_128_SHA256,TLS_DHE_RSA_WITH_AES_128_SHA,TLS_DHE_DSS_WITH_AES_128_SHA256,TLS_DHE_RSA_WITH_AES_256_SHA256,TLS_DHE_DSS_WITH_AES_256_SHA,TLS_DHE_RSA_WITH_AES_256_SHA i# absolute URL of own application (without trailing /, including protocol) application.url=https://dsdev.datareporter.eu
datareporter-server-1.0-SNAPSHOT.jar
Der aktuelle Build des DataReporter Serversystems
service.sh
Dient zum Start des .jar files als Service. Prüft auch, ob der Webserver eventuell nicht mehr läuft obwohl er laufen sollte (PID file existiert, aber Prozess läuft nicht). Zum Start wird das Hilfsskript webserver.sh benötigt.
#!/bin/sh
SERVICE_NAME=Datenschutz
PATH_TO_SH=/opt/webserver/webserver.sh
PID_PATH_NAME=/tmp/datenschutz-pid
if [ -f $PID_PATH_NAME ]; then
PID=$(cat $PID_PATH_NAME);
if ps -p $PID > /dev/null
then
# runs and pid file there, all ok
echo "Running OK"
else
echo "PID file but no running process, starting.."
rm $PID_PATH_NAME
su root -c $PATH_TO_SH
echo "$SERVICE_NAME started ..."
fi
fi
case $1 in
start)
echo "Starting $SERVICE_NAME ..."
if [ ! -f $PID_PATH_NAME ]; then
su root -c $PATH_TO_SH
echo "$SERVICE_NAME started ..."
else
echo "$SERVICE_NAME is already running ..."
fi
;;
stop)
if [ -f $PID_PATH_NAME ]; then
PID=$(cat $PID_PATH_NAME);
echo "$SERVICE_NAME stoping ..."
kill $PID;
echo "$SERVICE_NAME stopped ..."
rm $PID_PATH_NAME
else
echo "$SERVICE_NAME is not running ..."
fi
;;
check)
if [ -f $PID_PATH_NAME ]; then
PID=$(cat $PID_PATH_NAME);
if ps -p $PID > /dev/null
then
# runs and pid file there, all ok
echo "Check result: running OK"
exit 0
else
echo "Check: PID file but no running process"
exit 1
fi
else
echo "Check: Not running"
exit 1
fi
;;
esac
traunau.jks
Der Java Keystore für das SSL Zertifikat.
webserver.sh
Hilfsskript für service.sh:
#!/bin/bash JAR_NAME=datenschutz-server-1.0-SNAPSHOT.jar PATH_TO_JAR=/opt/webserver PID_PATH_NAME=/tmp/datenschutz-pid PATH_TO_LOG=/var/log cd $PATH_TO_JAR nohup java -jar $PATH_TO_JAR/$JAR_NAME 2>>$PATH_TO_LOG/ds_server.err >>$PATH_TO_LOG/ds_server.log & echo $! > $PID_PATH_NAME
Installation des Services
Um den Webserver bei Systemstart zu starten, muss folgender symbolische Link in /etc/init.d gesetzt werden:
lrwxrwxrwx 1 root root 25 Mar 3 14:44 datenschutz -> /opt/webserver/service.sh
Um den Watchdog für den Service laufen zu lassen wird folgende Crontab (als root) benötigt:
* * * * * /opt/webserver/service.sh
