Monday, July 28, 2008

Installing Matrix on Centos 5 - part 2 - Matrix Install

In the previous post, we installed a basic CentOS 5.1 system with the requirements for installing MySource Matrix 3.18+. In this post, we'll install Matrix itself... If you haven't read the previous post, please do, paying particular attention to the caveats at the beginning of the post.

Let's continue:

23. Set permissions on PostgreSQL. To do this we need to edit the file /var/lib/pgsql/data/pg_hba.conf and restart Postgresql. Using your favourite editor (there is a link to a vi tutorial in the previous post) edit /var/lib/pgsql/data/pg_hba.conf. We want to add two lines above the line that begins with 'local'. When you begin to edit, the end of the file should look like this:

We want to change it to look like this:

So we've added the two lines to allow the 'matrix' and 'matrix_secondary' users to access the database named 'matrix', but only from the local machine, and only with password authentication. You can use md5 as the authentication method if you like, but since we're only using unix sockets on a local machine, plaintext password authentication is ok.

24. Now we want to create the 'matrix' and 'matrix_secondary' users within postgres. To do this we need to become the postgres user. We use the 'su' command to do this, and then run the createuser command to create the db user accounts:


lets take a look at what happened there...

* the 'su' command changed the active user from 'root' to 'postgres'.
* the 'cd' command changed the current working directory to /var/lib/pgsql (it avoids a niggling warning about being in the /root directory)
* the 'createuser -P matrix' command tells postgres to create a db user account called 'matrix' and prompt for a password to authenticate the user. (For the purpose of this post I've used 'password' as the password. Not very original, I know ;) )
* we don't want the matrix user to be a superuser (security reasons)
* we don't want the matrix user to be able to create databases (security reasons)
* we don't want the matrix user to be able to create new roles (security reasons)
* we create another db user account called 'matrix_secondary' with the same options as the 'matrix' user

25. Now it's time to create the database where matrix will store its data. We do this using the postgres user as well...


lets take a look at what this does... the 'createdb -O matrix -E SQL_ASCII matrix' command tells PostgreSQL to create a database called 'matrix', owned (-O) by the db user 'matrix', and using the SQL_ASCII encoding scheme for its data.

26. We need to add the plpgsql programming language to the newly created database. We use the 'createlang' command to do this. This command is self-explanatory ;)


Now that we've done that, we need to 'exit' so that we are logged in as 'root' again, and restart the postgresql server to make the changes to pg_hba.conf 'stick'. To do this we use '/etc/init.d/postgresql restart' from the prompt...


Now we need to grant permissions to the matrix_secondary user to access the database. The matrix user will have access permissions already.

We'll access the database as the postgres user (so we'll need to 'su postgres' again) use the 'psql' sql shell, and run the 'grant all on database matrix to matrix_secondary;' command, and then '\q' to exit psq, and 'exit' to become the root user again.


27. With that done, we can go ahead and download Matrix. First, we'll 'exit' to get back to being the root user, then we'll use wget to download the 3.18.3 version of Matrix. I got the url for the download from the Matrix website.


This downloads the tarball of the matrix install into /root.

28. Now we create the directory /home/websites to throw our matrix install into, change into the directory, and extract matrix there:


Running this command will create the mysource_matrix directory as it extracts. When it's done, we can get into the interesting stuff...

29. Change directories into the mysource_matrix directory, and run the php script in install/step_01.php. We need to pass the matrix root directory as the first argument, so we use `pwd` (it's shorter). Please note that the ` is not a normal inverted comma, it's the reverse inverted comma found (usually) next to the '1' key.


This will generate a whole bunch of "interesting" information that you can basically ignore, unless it indicates that there are errors.

If it returns successfully, you'll see something like this:


30. Now, we need to edit some configuration files... First, we'll set up /home/websites/mysource_matrix/data/private/conf/db.inc. Using your favourite editor, make it look like this (with the appropriate password set, of course, and I haven't removed the lines at the end, they're just not showing on the screen...)


31. Now we need to edit /home/websites/mysource_matrix/data/private/conf/main.inc. You'll need to change the following:

* You need to set at least one System root url. The system root urls are a list of URLs that Matrix will answer to. In the following, I've set 3 system root urls that Matrix will respond to:

Down the track, we'll configure apache to answer to these URL's. If these are hostnames that will not resolve to the machine using DNS (in my example I'm just creating a testing system) you'll need to add host entries to any machines that you want to connect to the matrix system.

* You need to set default and tech email addresses:


* You probably want to set your web and cron memory limits to something larger than 16Mb, I've chosen 64:


* You may also want to set a different System Name, I've chosen 'Matrix Test System':

* I've chosen to leave the system owner field empty, but you can put in a personal or company name there if you like.

When you're happy with the main.inc configuration, save your changes.

32. Now we run step_02.php by running 'php install/step_02.php `pwd`'. Check to make sure you are in the /home/websites/mysource_matrix directory before you do this.


This will (again) generate a large amount of interesting information. Again, you can ignore it unless it indicates an error. If it's successful you'll see something like this:


33. Now we run compile_locale.php using 'php install/compile_locale.php `pwd`'. We will have to do this again after step_03.php.


It will give a warning about not having specified a locale, which can be ignored. When it completes you should see something like this:


34. Now we run step_03.php with the command 'php install/step_03.php `pwd`'.


While it's running you'll get a warning about call by reference being deprecated. You can ignore the warning. When it's done, you'll see something like this:

35. Once more through compile_locale...


36. We need to fix the filesystem permissions so httpd has write access to the data and cache directories. To do this we run three commands: 'chown -R apache:apache *', 'chmod -R 500 *', and 'chmod -R 700 data cache'.


37. Now we need to configure apache to send requests to our system root urls to the matrix system. To do this, we create the file '/etc/httpd/conf.d/matrix.conf' and put in the content as described on the the Squiz Matrix installation page.

38. Now we just need to reload apache to activate the changes, and we're away!

39. A couple more things need to be done... Adding cron entries is one, we need to add one for Matrix's core/cron/run.php script, and one for session_cleanup.sh... To do this we use 'crontab -e -u apache', and configure it like so (pls excuse the line breaks):


40. The other thing that should be done is postgresql optimisation. However, this is an arcane art, with many twists and turns. Matrix will run without postgresql optimised, but when your site gets large it will slow down. You'll either need to get help on this one, or read up the Postgresql documentation and forums and have a stab at it yourself.


That aside, we now have a running Matrix system. We should be able to access it on the url we assigned it in the virtualhost entry (you may need to add a hosts entry to get it resolving correctly). The administration interface is reached by appending /_admin to the URL.

Enjoy!
Posted by at 1 comment:

Saturday, July 26, 2008

Installing Matrix on Centos 5 - part 1 - OS preparation

I've had a couple of goes at installing Matrix 3.18.3 on a CentOS 5.1 and have it down fairly well now, so I thought I'd document it in case anyone else wants step-by-step instructions. Matrix 3.18+ have been designed to work with stock standard RH packages, so you should find installing on CentOS and other RedHat-based boxes a breeze.

There are a couple of caveats here:
  • I'm doing this in a VM. Shouldn't make too much difference procedurally, but I wouldn't recommend putting a production system on a vm. Postgresql generates a huge amount of I/O, and hypervisors tend to get clunky when you push their I/O throughput. The advantage of installing on a VM is that I can take screenshots for your viewing pleasure.
  • I'm using default partitioning. Again, not recommended for a live, public-facing web server, where performance is essential, but if you're a person who knows enough to want to use a different partitioning scheme then you are also a person who knows enough to set that up yourself ;)
  • I'm keeping the install as minimal as possible. This means some of your favourite management tools/languages/shells may have been left out. If you want to install more, go for it. That's your call.
  • I'll be using postgresql as the database of choice, located on the same machine as apache. If you are already using Oracle, then you should find enough information between the Squiz.net installation documentation and the matrix forums to make the necessary changes. Note that you will need to compile and install PHP5.2.6 or later.
  • I'll be installing the GPL version of Matrix. If you have specialised packages developed by Squiz that have other requirements, you may need to install more CentOS packages. Further details can be found in the Squiz installation documentation.
  • I'd like to do a doco like this on installing Matrix 3.18+ on RHEL5, but don't have a licence. If anyone wants to spring for one, I'd be more than happy to accept ;) If you're using RHEL5, this document should work, although you'll have to do the licence registration stuff.

I'm assuming you've already got the installation iso's (I couldn't find a dvd image on my ISP's mirror, so I'm using the 6 CDRom iso's). Now down to business...

1. Boot up from the installation medium. I have chosen the graphical install:



Press Enter.

2. If you want to, check the integrity of the installation images, otherwise skip... Since I'm using the iso's directly from my hdd, I chose to skip. If you burned your media, it's a good idea to test them/it.


3. The system will start Anaconda, probe for video hardware etc, then give you this.


Click 'Next'.

4. Choose your language...


Click 'Next'.

5. Choose your keyboard layout.


Click 'Next'.

6. If you're installing on an unformatted drive (like a vm) you'll get this message:


If you know the drive should be blank, it's safe to click 'Yes'. In this case, since I'm using a vm, it's all good.

7. You'll be presented with options for partitioning. I've gone with the default. As I said before, this one's up to you... If you want to use separate partitions, you'll need sizeable partitions for /home and /var (assuming you use the recommendation on the Squiz Matrix Installation guide about putting your matrix system in /home/websites) because postgresql will store it's data in /var/pgsql. If you're going to put matrix somewhere in /var, you'll obviously need to allocate most of your volume to /var.



When you've got your partitioning scheme sorted, click 'Next'. If you want to go with the default, just click 'Next' straight away.

8. You'll get the safety warning - be sure you're happy with your partitioning scheme and blowing away all the data on the drive. If you have any doubts, now is the time to chicken out...


Otherwise, you can click 'Next'.

9. You'll now be presented with a network setup screen. You can go with dhcp if you like, particularly if you can allocate a specific IP for the machine on your dhcp server, but generally for a webserver it's best to allocate a fixed IP. I've set these appropriately for my network, if you're not sure what to do, go with the default.


Click 'Next'.

10. Now you need to select your region of the world to set the timezone for your machine... Pinpoint the nearest location to you.

Click 'Next'.

11. You'll be asked to enter a root password. Make sure you choose a secure password that you can remember easily. Type the password into both fields.


Click 'Next'.

12. Next you get package selection. This is where it gets interesting, so pay close attention. For starters, deselect the default Gnome install. We don't want XWindows on a server! (Of course, if you have a machine with more resources and it's just for playing with and you REALLY want to manage it in a GUI environment, it's your choice. But if you're planning on running a webserver on linux, it's a good idea to get acquainted with the shell, here is a gentle introduction, and you'll also want to get to know vi better, so here's an introduction to vi.)

For this minimal install, I'm going to uncheck everything in the top section, and select the 'Customize now' radio button.


Click 'Next'.

13. You'll see a screen like this:


We don't want any graphical environments, so let's go straight to the "Servers" section. For starters, we'll want to select the "PostgreSQL Database" option.

Click on the 'Optional packages' button, and deselect perl-DBD-pg, postgresql-python, rhdb-utils and unixODBC. You should end up with only the postgresql-server package selected.

Click 'Close'.

Now, select the 'Web Server' option:

Click on 'Optional packages'. You'll only want the php, php-pear and php-pgsql packages (deselect everything else, unless of course you see something you want). We'll install more later, but at this point in the process these are the only ones we can select.

Click 'Close'. There are some other options that are selected by default in various groups, but they are all small, and some of them are useful/necessary (e.g. vi, sudo). You may want to deselct the 'Dialup Networking' option in the 'Base' group, though. When you're satisfied with your selections, click 'Next'.

Anaconda will check dependencies, and comes back with this:


Click 'Next' and the installer checks you have the right cd's. When it's done, click "Continue". The installer will format the filesystem and carry out the install. Make yourself a cup of coffee... You'll need to change the CD's as the installation progresses (unless your ISP carries a mirror of the DVD), but it's pretty straightforward.

Eventually you'll get this screen:

Remove any optical media and click on Reboot.

14. The system will reboot, go through some initialisation stuff, and eventually give you this screen:


Go to the Firewall configuration (arrow down), select 'Run Tool' (tab) and hit enter. You'll get a firewall config screen. Set Security Level to Enabled (use space to select/unselect), and SELinux to Disabled. (As far as I know, nobody has figured out how to get Matrix to work with SELinux. If you have, I'd be happy to hear how it's done.)


Select 'Customize' and hit Enter. On the next screen, we want to enable incoming www (http) traffic to the server.

Select Ok, then Ok on the Firewall configuration screen. Go into the System Services config, and deselect 'apmd' (unless you're running your server on a laptop), 'bluetooth', 'hidd', 'cups', 'gpm', 'pcscd', 'mcstrans', 'restorecond', 'portmap', 'nfslock', 'rpcidmapd', 'rpcgssd' (don't disable the last four if you're planning to use NFS, don't disable portmap if you're planning on using or anything that uses rpc) and 'isdn'. (I'm open for other suggestions here as to other services that can be removed).

Enable 'httpd' and 'postgresql'.

Select Ok. From the Setup Agent screen select 'Exit'. You will be presented with a login prompt.


15. Login as root. You *do* remember the root password you set, don't you?

16. We need to install some additional packages to support Matrix. We're going to use 'yum' to do that. First of all, we need to update yum's package list. To do this we run 'yum makecache' from the prompt. This will take a while.

17. Now we want to make sure all our packages are up to date with 'yum update'.


This will take a while too... I hope you like coffee ;) You will need to tell it that it's ok to download the updates (press 'y' then Enter), and that it's ok to import the signing key (press 'y' then Enter). Once it's done, you'll have to reboot to activate the updated kernel packages. Use 'shutdown -r now' from the prompt to reboot.


19. Once the server comes back up, you'll need to log in as the root user again. We're going to install some packages, first the php and pear packages we'll need (php-bcmath, php-gd, php-mbstring, php-tidy, php-xml, php-pear-Mail, and php-pear-Mail-Mime) :

You'll need to ok the downloads ('y' then Enter).

20. Update PEAR and install other Pear packages we'll need...

First, run 'pear upgrade-all' from the prompt:


NB: *** You'll need to run it twice, as the first time some dependencies will not be satisfied ***

Then install the other needed packages -XML_HTMLSax, XML_Parser, and Text_Diff, with 'pear install XML_HTMLSax XML_Parser Text_Diff' from the prompt:

21. Install external applications - html tidy, pdftohtml and antiword... 'yum install tidy poppler poppler-utils' will work for html tidy and pdftohtml, but we'll need to download and install the rpm for antiword ourselves. First pdftohtml. Again, you'll need to ok the download.


Next, antiword. We need to download the rpm from http://dag.wieers.com/rpm/packages/antiword/antiword-0.37-3.el5.rf.i386.rpm (or http://dag.wieers.com/rpm/packages/antiword/antiword-0.37-3.el5.rf.x86_64.rpm if you're using 64bit.) We'll use wget to download it. The command is 'wget http://dag.wieers.com/rpm/packages/antiword/antiword-0.37-3.el5.rf.i386.rpm'


When the download is done, install it with 'rpm -ivh antiword-0.37-3.el5.rf.i386.rpm'


22. Ok, that should do it for the OS preparation. In part 2, we install and configure Matrix! Stay tuned.
Posted by at 2 comments:
Subscribe to: Posts (Atom)