User Tools

Site Tools


amazon_web_services
no way to compare when less than two revisions

Differences

This shows you the differences between two versions of the page.


Previous revision
amazon_web_services [2014/12/30 15:00] (current) – external edit 127.0.0.1
Line 1: Line 1:
 +====== Step by Step Installation: Amazon Web Services ======
  
 +This manual was tested with Amazon Linux AMI 2011-02.1 Beta. Its intention is to show how to set up a simple SQL-Ledger server and to make you familiar with cloud servers, but it doesn't mention any of the security measures that are required to protect a system that is publicly accessible.
 +
 +Amazon Web Services is a commercial service, you'll have to pay for computer time, data transfer and disk storage. The actual prices are found [[here]]. To test a server as described in this guide will cost you not more than around USD 0.10; just don't forget to terminate the virtual machine at the end, so the server and its hard disk can be deleted.
 +
 +
 +
 +
 +===== SSH client for Windows =====
 +
 +To connect to the server, you will need a Secure Shell (SSH) client that is able to work with key files. While Linux and MacOS contain such a program, you have to install it first on Windows. The recommended SSH program for Windows is **Putty**. You get it from the [[Putty download page]]. Install either the full package or at least **putty.exe** and **puttygen.exe**.
 +
 +===== Cloud Server =====
 +
 +To start a server, go to the [[AWS Management Console]]. You need an Amazon.com account to log in. If you already bought books or CDs at Amazon.com, you can use your existing account, otherwise create a new one. In the Management Console in the EC2 tab
 +
 +  * check your region
 +  * click on Launch Instance
 +  * select the Basic 32-bit Amazon Linux AMI
 +  * change the instance type to "Micro"
 +  * accept the two pages of instance details (Instance Options and Tags)
 +  * click on Create a new Key Pair, give it the name "SQL-Ledger", create and download it
 +
 +You get a file named "SQL-Ledger.pem". Remember the place where you save it. On **Windows**, you have to convert it using **PuTTYgen**:
 +
 +  * start puttygen.exe
 +  * click on the Load button
 +  * change file types to "All Files (*.*)"
 +  * open the previously saved "SQL-Ledger.pem"
 +  * click on Save private key
 +  * save the file as "SQL-Ledger.ppk"
 +  * close PuTTYgen
 + 
 +The key files contain secret information. Take care to store them at a secure place.
 +
 +Let's continue in the Management Console:
 +
 +  * click on Create a new Security Group
 +  * give it the name "SQL-Ledger" and the description "Firewall settings for SQL-Ledger" or something similar
 +  * add a "Custom TCP Rule" with port range 22
 +  * add a second rule with port range 80
 +  * add a third rule with port range 10000
 +  * continue to the Review page
 +  * check if you start a Micro instance and use the key pair "SQL-Ledger"
 +  * click on Launch, then Close
 +  * move to menu entry Instances and wait until the status of the server is "running"
 +
 +Virtual servers on Amazon can have different statuses. The most important are:
 +
 +  * **running**
 +  * **stopped:** the server is powered off and can be restarted
 +  * **terminated:** the server is definitely shut down, its content will be deleted within the next minutes
 +
 +You can restart, stop and terminate a server from within the Management Console.
 +
 +===== Software packages =====
 +
 +Copy the IP address of the virtual server from "Public DNS" in the Description tag of the Management Console. From now on, these address will be referred as <amazon_ip>.
 +
 +Login to the server:
 +
 +**Linux**
 +
 +Change to the folder where you saved the key file, change the file permissions and connect to the server.
 +
 +   cd <path_to_key_file>
 +   chmod 400 SQL-Ledger.pem
 +   ssh -i SQL-Ledger.pem ec2-user@<amazon_ip>
 +**Windows**
 +
 +
 +  * open Putty
 +  * copy <amazon_ip> to "Host Name (or IP address)"
 +  * in Connection--Data enter the user name "ec2-user"
 +  * in Connection--SSH--Auth click on Browse and open to the private key file "SQL-Ledger.ppk"
 +  * click Open
 +  * accept the connection
 +  
 +To be able to install the software, we have to change to the "root" account. In this way, we get administrator rights. Type:
 +
 +    sudo bash
 +Try neither from Linux nor from Windows to log in directly as root to your Amazon Linux AMI.
 +
 +With the following command, we install the packages we need for SQL-Ledger:
 +
 +   yum install httpd postgresql-server perl-DBD-Pg git-core texlive-latex
 +   
 +Answer yes ("y") to all questions. Next we have to start the web server and the database:
 +
 +  service httpd start
 +  service postgresql initdb
 +  servive postgresql start
 +  To set these servers to automatic starting at boot time, we open the program
 +
 +  ntsysv
 +  
 +and select "httpd" and "postgresql" as services that should be started automatically.
 +
 +===== SQL-Ledger =====
 +
 +We will install SQL-Ledger in the folder /usr/local/sql-ledger. For this, we change to /usr/local:
 +
 +  cd /usr/local
 +  
 +You have two versions to choose between, either the **original SQL-Ledger**, developed by [[ DWS systems]], or the Enhanced SQL-Ledger, provided by[[ Ledger123]].
 +
 +To install the **original SQL-Ledger**, type:
 +
 +  git clone git://github.com/Tekki/sql-ledger.git
 +
 +Because of a security leak , the template editor is disabled in the above repository. It is recommended not to use the //master//, but the //full// branch:
 +
 +  cd /usr/local/sql-ledger
 +  git checkout -b full origin/full
 +  
 +The //full// branch contains some additional features like WLprinter (see below) or an extended admin interface.
 +
 +For the **Ledger123** type:
 +
 +  git clone git://github.com/ledger123/ledger123.git sql-ledger
 +
 +Next, you have to create a spool directory, change the access rights to some files and folders and copy //sql-ledger.conf.default to sql-ledger.conf.//
 +
 +  cd /usr/local/sql-ledger
 +  mkdir spool
 +  chown -hR apache.apache users templates css spool
 +  cp sql-ledger.conf.default sql-ledger.conf
 +
 +If the remote repositories changed, you update your installation with
 +
 +  cd /usr/local/sql-ledger
 +  pull
 +   
 +In the Community Version, you have the possibility to update the software using the Software Administration function in the Admin interface. Before it works, you have to give the web server the right to call the git commands. For this, type
 +
 +  visudo
 +  
 +Then add the following line to the user privilege section:
 +
 +  apache ALL=(ALL) NOPASSWD: /usr/bin/git
 +  
 +===== Mail transport =====
 +
 +In this example, we don't set up a mail server.
 +
 +===== Printing =====
 +
 +The virtual server has no access to your local network and by that no connection to your printers. For this reason we delete the example printers from sql-ledger.conf with
 +
 +  nano /usr/local/sql-ledger.conf
 +  
 +Move to "# available printers" and change the printer definition to
 +
 +  %printer = ( );
 +  
 +To print out documents, you either have to open PDF files and send them manually to the printer, or you have to install the WLprinter plugin.
 +
 +==== WLprinter ====
 +
 +
 +WLprinter is a program that allows to print from SQL-Ledger directly and without further installation or configuration to printers connected to client computers. On the client side, it requires Java and on Windows machines Adobe Reader. After the installation, SQL-Ledger automatically provides an additional printer "WLprinter".
 +
 +===Original Version===
 +
 +WLprinter is part of the full branch. If you followed the above instructions, this program already installed on your server. It is recommended that you copy the config file wlprinter.conf.default to wlprinter.conf, so you can edit it:
 +
 +  cp wlprinter.conf.default wlprinter.conf
 +  
 +===Ledger123===
 +
 +WLprinter isn't available for Ledger123.
 +===== Database set up =====
 +
 +Edit the Postgresql database configuration.
 +
 +  nano /var/lib/pgsql/data/pg_hba.conf
 +  
 +Change the line
 +
 +  local    all    all    ident
 +  
 +to
 +
 +  local    all    all    trust
 +  
 +Restart the database
 +
 +  service postgresql restart
 +  
 +Create a user for SQL-Ledger
 +
 +  su postgres -c "createuser -d -S -R sql-ledger"
 +  
 +===== Web server set up =====
 +
 +Your web server has to know where to find SQL-Ledger. We add a new configuration file and restart the server.
 +
 +  cd /etc/httpd/conf.d
 +  wget http://redmine.sql-ledger-network.com/redmine/attachments/9/sql-ledger -O sql-ledger.conf
 +  service httpd restart
 +  
 +It should now be possible to access the SQL-Ledger login screen with
 +
 +  http://<amazon_ip>/sql-ledger
 +  
 +===== Optional components and settings =====
 +
 +There are some additional components that make working with the SQL-Ledger server more comfortable.
 +
 +====Webmin====
 +
 +Webmin is a web based administration interface for Linux. It is very convenient for a lot of administration tasks. The following code is for 1.580, you may have to change the version number. Check the actual version at the [[Webmin homepage]].
 +
 +  cd /tmp
 +  wget http://prdownloads.sourceforge.net/webadmin/webmin-1.580.tar.gz
 +  tar -xvzf webmin-1.580.tar.gz
 +  cd webmin-1.580
 +  ./setup.sh /usr/local/webmin
 +  
 +Enter an admin name and password, answer yes to start at boot time. Webmin is now available at
 +
 +  http://<amazon_ip>:10000
amazon_web_services.txt · Last modified: 2014/12/30 15:00 by 127.0.0.1