Sonora Communications, Inc.

  • Increase font size
  • Default font size
  • Decrease font size

SQL-Ledger Installation Notes

Sunday, 03 September 2006 10:31 Gene Cooper
E-mail Print PDF

Server Configuration

These are some very rough notes on installing SQ-Ledger on a base Centos Linux server. Adjust to fit your needs.

Some of these are very long commands on one line.

Optional: Uninstall some unneeded packages (narrow down scope as necessary):

for group in "Office/Productivity" "Engineering and Scientific" "Development Libraries" "GNOME Software Development" \
"Text-based Internet" "X Software Development" "Virtualization" "DNS Name Server" "GNOME Desktop Environment" \
"Dialup Networking Support" "FTP Server" "Network Servers" "Games and Entertainment" "XFCE-4.4" "Legacy Software Development" \
"Java" "Java Development" "Emacs" "Legacy Software Support" "X Window System" "Ruby" "Windows File Server" "Printing Support" \
"KDE Software Development" "KDE (K Desktop Environment)" "Mail Server" "Server Configuration Tools" "Horde" "Sound and Video" \
"Administration Tools" "News Server" "Development Tools" "FreeNX and NX" "Graphical Internet"; do yum -y groupremove $group; done
pkg="xorg-x11-libs xorg-x11-Mesa-libGL libtiff up2date system-config-mouse bind-utils bind-libs ypbind yp-tools htmlview \
pinfo ppp rp-pppoe wvdial redhat-lsb mdadm portmap nfs-utils irda-utils isdn4k-utils pcmcia-cs NetworkManager pam_smb \
dos2unix samba-common ghostscript system-config-printer xorg-x11-xfs xorg-x11-font-utils VFlib2 urw-fonts ghostscript-fonts \
hpijs chkfontpath samba-client ghostscript-fonts libgnomeui startup-notification libwnck libbonoboui gnome-python2 \
usermode-gtk qt arts kdelibs gd pango gtk2 xorg-x11-xauth system-config-samba system-config-nfs system-config-services \
system-config-users system-logviewer system-config-date system-config-printer-gui samba gnome-python2-bonobo \
gnome-python2-canvas gnome-python2-gtkhtml2 system-config-httpd system-config-network system-config-packages \
system-config-lvm tora webalizer libglade2 pygtk2 GConf2 gnome-keyring libgnomecanvas gail gtkhtml2 gnome-python2-bonobo \
gnome-python2-canvas gnome-python2-gtkhtml2 pygtk2-libglade system-config-securitylevel system-config-language \
system-config-rootpassword system-config-soundcard gnome-vfs2 libgnome authconfig-gtk firstboot gnome-mount \
gnome-python2-gnomevfs system-config-display pirut setroubleshoot system-config-kdump gnome-mount metacity \
notification-daemon gnome-python2-gconf gnome-python2-gnomevfs bluez-gnome bluez-utils sabayon notify-python \
libnotify system-config-keyboard gtk2-engines xsri cups-libs xorg-x11-fonts-base gnome-python2-extras paps \
redhat-artwork cups xorg-x11-server-Xnest xorg-x11-server-Xorg sabayon-apply xorg-x11-drv-void xorg-x11-drv-evdev \
xorg-x11-drv-keyboard xorg-x11-drv-vesa rhpxl xorg-x11-drv-mouse Deployment_Guide-en-US"

for x in $pkg; do yum remove -y $x; done

yum clean all

Optional: Delete some backup files:

rm -f /etc/samba/smb.conf.rpmsave /etc/pam_smb.conf.rpmsave /etc/sysconfig/pcmcia.rpmsave /etc/sysconfig/rhn/up2date-uuid.rpmsave \
/etc/sysconfig/system-config-securitylevel.rpmsave /etc/ppp/chap-secrets.rpmsave /etc/ppp/pap-secrets.rpmsave

Optional: Make sure certain processes are turned off:

chkconfig --list

chkconfig sendmail off
chkconfig cpuspeed off
chkconfig anacron off
chkconfig atd off
chkconfig bluetooth off
chkconfig openibd off
chkconfig autofs off
chkconfig gpm off

Install LAMP packages (one long line):

yum install httpd perl php openssl openssl-perl mysql mysql-server postgresql postgresql-server postgresql-libs perl-DBD-Pg \
perl-DBD-MySQL perl-DBI mod_perl mod_ssl webalizer tetex tetex-latex vim-enhanced cups*

Automatically start some processes at boot:

chkconfig httpd on
chkconfig postgresql on

Start PostgreSQL:

service postgresql restart

Configure networking and set hostname:

setup
vi /etc/sysconfig/network

Allow access to PostgreSQL database:

vi /var/lib/pgsql/data/pg_hba.conf

First entry in list - order is important:

"local    all         all        trust"

Generate a CSR (certificate request):

cd ~
openssl genrsa -out server.yourdomain.com.key 1024
openssl req -new -key server.yourdomain.com.key -out server.yourdomain.com.csr
Use a free cacert.org SSL certificate or any certificate you choose.

To generate a self-signed certificate (one long line):

openssl x509 -days 365 -req -in server.yourdomain.com.csr -signkey server.yourdomain.com.key -out server.yourdomain.com.crt

Back up the original cerificate and key files:

cp /etc/httpd/conf/ssl.crt/server.crt /etc/httpd/conf/ssl.crt/server.crt.orig
cp /etc/httpd/conf/ssl.key/server.key /etc/httpd/conf/ssl.key/server.key.orig

Then paste in the new certifiacte and key contents:

vi /etc/httpd/conf/ssl.crt/server.crt
vi /etc/httpd/conf/ssl.key/server.key

Now we have to add or un-comment the following entries in /etc/httpd/conf/httpd.conf (in the section where document types are handled; there should be entries like AddHandler or AddType). Note: these settings may also already exist in /etc/httpd/conf.d/php.conf and may no longer be necessary.

AddHandler cgi-script .cgi
AddHandler cgi-script .pl
AddType text/html .shtml
AddOutputFilter INCLUDES .shtml
AddType application/x-httpd-php .php .php5 .php4 .php3

Sample /etc/httpd/conf/sql-ledger-http.conf that forces all connections to be encrypted:

Alias /sql-ledger /opt/sql-ledger/
  AllowOverride All
  AddHandler cgi-script .pl
  Options ExecCGI Includes FollowSymlinks
  Order Allow,Deny
  Allow from All
  RewriteEngine On
  RewriteCond %{HTTPS} off
  RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
  Order Deny,Allow
  Deny from All

Restart services:

service httpd restart
service postgresql restart

Upgrade SQL-Ledger

cd /var/www/html/sql-ledger
rm setup.pl
wget -nc http://www.sql-ledger.com/source/setup.pl
perl setup.pl

Choose "Upgrade".

Install SQL-Ledger

mkdir /var/www/html/sql-ledger
cd /var/www/html/sql-ledger
wget -nc http://www.sql-ledger.com/source/setup.pl
perl setup.pl

Access SQL-Ledger Using a Browser

URLs for administration and use:

https://ip.or.server.name/sql-ledger/admin.pl
https://ip.or.server.name/sql-ledger/login.pl

Resources

http://www.sql-ledger.org/

http://www.cacert.org/

http://www.aerospacesoftware.com/sql-ledger.html

http://www.nerdgirl.dk/accounting/installation_sql-ledger.php

Notes for Self-Signed Certificates

openssl genrsa -des3 -passout pass:yourpassword \
-out /root/ispconfig/httpd/conf/ssl.key/server.key2 1024

openssl req -new -passin pass:yourpassword -passout pass:yourpassword \
-key /root/ispconfig/httpd/conf/ssl.key/server.key2 \
-out /root/ispconfig/httpd/conf/ssl.csr/server.csr -days 365

openssl req -x509 -passin pass:yourpassword -passout pass:yourpassword \
-key /root/ispconfig/httpd/conf/ssl.key/server.key2 \
-in /root/ispconfig/httpd/conf/ssl.csr/server.csr \
-out /root/ispconfig/httpd/conf/ssl.crt/server.crt -days 365

openssl rsa -passin pass:yourpassword \
-in /root/ispconfig/httpd/conf/ssl.key/server.key2 \
-out /root/ispconfig/httpd/conf/ssl.key/server.key

chmod 400 /root/ispconfig/httpd/conf/ssl.key/server.key
< Prev   Next >
Last Updated on Monday, 25 May 2009 17:39  

Main Menu

Your external IP

You are connecting to this site from: 38.107.179.230

Secure Client Login

Email Address:

Password: