UNHCEMS Install Procedure =============================================================================== These instructions detail downloading, and installing UNHCEMS. Please contact cems-support@unh.edu for support. ############################################################################### # 1) Install Software Dependencies ############################################################################### sudo yum install -y epel-release sudo yum update -y sudo yum install -y httpd mod_ssl openssl mariadb \ mariadb-server perl-CGI-Session perl-DBD-MySQL perl-Config-Simple \ perl-JSON perl-Date-Calc perl-File-Copy-Recursive \ perl-Mail-Sendmail perl-JSON-XS perl-Text-CSV inkscape \ perl-libwww-perl perl-MIME-Types ImageMagick-perl \ perl-Digest-SHA perl-LDAP mod_perl ntp p7zip sudo systemctl enable mariadb.service sudo systemctl enable httpd.service sudo systemctl enable ntpd sudo systemctl start ntpd sudo systemctl restart mariadb.service ############################################################################### # 2) Download UNHCEMS ############################################################################### # install latest version of UNHCEMS su mkdir /opt/UNHCEMS cd /opt/UNHCEMS curl -u cems:REDACTED https://cems.unh.edu/dist/UNHCEMS-latest.zip > UNHCEMS-latest.zip 7za x UNHCEMS-latest.zip # install starter data set # Note: If you are rebuilding an existing system, unzip your backup file instead of UNHCEMS-data-latest.zip. curl -u cems:REDACTED https://cems.unh.edu/dist/UNHCEMS-data-latest.zip > UNHCEMS-data-latest.zip 7za x UNHCEMS-data-latest.zip ############################################################################### # 3) Configure Software ############################################################################### # run the following command if using SELinux (run sestatus to check) setsebool -P httpd_builtin_scripting=true httpd_can_network_connect=true httpd_can_network_connect_db=true httpd_can_sendmail=true httpd_enable_cgi=true # create cems system account adduser --no-user-group --system --home-dir /opt/UNHCEMS cems chown -R cems.root /opt/UNHCEMS # create cems.conf from sample config, and edit cp /opt/UNHCEMS/conf/cems.conf.sample /opt/UNHCEMS/conf/cems.conf vi /opt/UNHCEMS/conf/cems.conf # install CEMS starter data bin/restore.pl UNHCEMS-data-latest.zip perl /opt/UNHCEMS/bin/upgrade.pl --backup=n # configure Apache cd /opt/UNHCEMS/conf/apache cp apache.conf.sample apache.conf vi apache.conf ln -s apache.conf /etc/httpd/conf.d/cems.conf apachectl configtest apachectl restart # create initial CEMS administrator accounts /opt/UNHCEMS/bin/manage_account.pl -fname "John" -lname "Smith" -email "John.Smith@xyz.edu" -admin 1 -password "secret" ####### configure IP access /opt/UNHCEMS/bin/allow_ip.pl usage: allow_ip.pl examples: allow_ip.pl 'campus domain' '123.43.*.*' allow_ip.pl 'for Art Dept offsite access' '155.23.43.*' ####### test the new site in a web browser # You should be presented with the guest account access, where you can search # for MSDS. Try searching for Chemical Name "acetone". # Try logging in with your email/password. firefox http://xyz.edu/CEMS # If you are having problems make sure the server firewall allows your web server ports (80, 443) firewall-cmd --zone=public --add-port=80/tcp --permanent firewall-cmd --zone=public --add-port=443/tcp --permanent firewall-cmd --reload ####### setup crontab and email forwarding su - cems echo 'email.address@xyz.edu' > .forward crontab -e # add entry 0,15,30,45 * * * * perl /opt/UNHCEMS/bin/run_scheduled_tasks.pl exit ####### Final Steps - Make sure the system is backed up. At a minimum, your mysql data files and /opt/UNHCEMS should be backed up. - Run the test install script to find potential problems /opt/UNHCEMS/bin/test_install.pl - turn off testing mode, this will enable CEMS to send email instead of logging email vi /opt/UNHCEMS/conf/cems.conf # find dev_mode, set to 0 - test sendmail capability /opt/UNHCEMS/bin/test_sendmail.pl 'your.email@xyz.edu' - Install an SSL certificate See example at conf/apache/apache_ssl.conf.sample - If you don't have a mysql root user password create one. mysql -u root -p mysql SET PASSWORD FOR 'root'@'localhost' = PASSWORD('a_super_secret_password'); quit - Change the mysql cems user password mysql -u cems -pcems cems SET PASSWORD FOR 'cems'@'localhost' = PASSWORD('a_super_secret_password'); quit # update the mysql cems user password in cems.conf vi /opt/UNHCEMS/conf/cems.conf - Enable LDAP integration (optional) # configure conf/cems.conf "ldap_" vars # test the LDAP configuration using bin/test_ldap.pl Please contact cems-support@unh.edu for support.