Historique de la page

allow to 0/0 to udp/53   # DNS request
allow to 0/0 to udp/123  # Network Time Protocol
allow to 157.159.0.0/16 to tcp/22 # SSH vers le réseau de l'établissement
#
# Récupération de packages
allow to 0/0 to tcp/21     # FTP
allow from 0/0 from tcp/20 # FTP-data
allow to 0/0 to tcp/80     # HTTP YUM
allow to 0/0 to tcp/11371  # PGP-keys
#
# Portail
allow to 157.159.10.29/32 to tcp/443  # Accès https au CAS de l'établissement
allow to 157.159.10.76/32 to tcp/3306 # Requêtes mysql vers un serveur central (pas nécessaire a priori)
allow to 157.159.0.0/16 to tcp/389    # LDAP (tcp/636 pour du LDAPS)
allow to 157.159.0.0/16 to tcp/25     # SMTP
allow to 0/0 to tcp/8443              # HTTPS tomcat pour shibboleth
allow to 0/0 to tcp/443               # HTTPS pour shibboleth
allow to 0/0 to tcp/445               # CIFS stockage
allow to 0/0 to tcp/137               # CIFS stockage
allow to 0/0 to tcp/138               # CIFS stockage
allow to 0/0 to tcp/139               # CIFS stockage
allow to 157.159.10.88/32 to tcp/143  # Accès au serveur de boites aux lettres pour Canal IMAP

allow from 0/0 to tcp/80              # HTTP
allow from 157.159.0.0/16 to tcp/8080 # HTTP tomcat
allow from 0/0 to tcp/443             # HTTPS
allow from 0/0 to tcp/8443            # HTTPS tomcat
allow from 0/0 to tcp/22              # Local SSH
allow from 0/0 to udp/161             # SNMP

cd /etc/yum.repos.d/
wget http://www.jpackage.org/jpackage50.repo
wget http://www.jpackage.org/jpackage.asc
rpm --import jpackage.asc

wget http://download.fedora.redhat.com/pub/epel/5/i386/epel-release-5-3.noarch.rpm
wget http://rpms.famillecollet.com/RPM-GPG-KEY-remi
rpm --import RPM-GPG-KEY-remi
wget http://rpms.famillecollet.com/enterprise/remi-release-5.rpm
rpm -ihv remi-release-5.rpm

updatedb

[root@gaspar-dev ~]# more /etc/hosts
157.159.10.200          gaspar-dev.int-evry.fr localhost

Afin de ne pas obtenir une erreur de type "/usr/bin/rebuild-security-providers is needed by package java-1.4.2-gcj-compat..", éditez /etc/yum.repos.d/jpackage50.repo et mettez le repository jpackage-generic à enabled=0.

yum install ant java-sun java-sun-devel
yum install ant-apache-regexp ant-contrib
yum install java-1.6.0-sun-fonts java-1.6.0-openjdk-devel java-1.6.0-openjdk
yum install httpd mod_ssl
yum install mysql-server

chkconfig --level 345 mysqld on
chkconfig --level 345 tomcat6  on
chkconfig --level 345 httpd  on

cd ~
wget http://sourcesup.cru.fr/frs/download.php/2874/esupdev-3.1.2-esup-0.5-RC3.tar.gz
wget http://sourcesup.cru.fr/frs/download.php/2875/esup-3.1.2-esup-0.5-RC3.tar.gz

useradd esup

cd /home/esup/
chgrp -R apache .bash_logout .bash_profile .bashrc .mozilla
chown esup:tomcat esup-3.1.2-esup-0.5-RC3.tar.gz  esupdev-3.1.2-esup-0.5-RC3.tar.gz

/etc/init.d/mysqld start
/usr/bin/mysqladmin -u root password 'motdepasse'
mysql -u root -p
Enter password:
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 2
Server version: 5.0.77 Source distribution

Type 'help;' or '\h' for help. Type '\c' to clear the buffer.

mysql> create database esup;
mysql> GRANT ALL PRIVILEGES ON esup.* TO 'esup'@'localhost' IDENTIFIED BY 'motdepasse' WITH GRANT OPTION;
mysql> GRANT ALL PRIVILEGES ON esup.* TO 'esup'@'gaspar-dev.int-evry.fr' IDENTIFIED BY 'motdepasse' WITH GRANT OPTION;

/etc/init.d/mysqld restart

yum install nrpe
yum install nagios-of-plugins nagios-plugins-ntp nagios-plugins-load nagios-plugins-users nagios-int-plugins nagios-plugins nagios-plugins-disk nagios-plugins-perl nagios-plugins-procs
vi /etc/nagios/nrpe.cfg
chkconfig --level 345 nrpe on
/etc/init.d/nrpe start

su - esup
vi /home/esup/.bash_profile

...
# User specific environment and startup programs
PATH=$PATH:$HOME/bin:/usr/local/:/usr/local/apache-maven-2.2.1/bin

Il faut que votre serveur CAS soit également signé par Terena.

[root@gaspar-dev /etc/pki/tls/certs] ( cat ca-chain-tmspca2_itca2_itrootca2.crt ; cat tmspca.crt.1 ; cat itca.crt.1 ; cat itrootca.crt.1; cat cachain-tcs-addtrust.pem ) > ca-pkiit1-pkiit2-chain-tcs-addtrust-bundle.crt

cp gaspardev.key /etc/pki/tls/private/.
cp cert-593-gaspar-dev.int-evry.fr.pem /etc/pki/tls/certs/.
cp chain-593-gaspar-dev.int-evry.fr.pem /etc/pki/tls/certs/.

cp gaspardev_ca-pkiit1-pkiit2-chain-tcs-addtrust-bundle.p12 /etc/pki/tls/certs/.

cd
gunzip esup-3.1.2-esup-0.5-RC3.tar.gz
tar xvf esup-3.1.2-esup-0.5-RC3.tar
mkdir Archive
gzip -9 esup-3.1.2-esup-0.5-RC3.tar
mv esup-3.1.2-esup-0.5-RC3.tar.gz Archive/.

cd esup-3.1.2-esup-0.5-RC3
cp config.sample.properties config.properties
cp build.sample.properties build.properties

# Components Options
use.embedded.ant=true
use.embedded.maven=true
use.embedded.tomcat=true
# Tomcat Options
tomcat.update=true
tomcat.reloadable=true
tomcat.port.shutdown=8005
tomcat.port.http=8080
tomcat.port.jk=8009
# URL Options
esup.public.host=gaspar-dev.int-evry.fr
esup.public.proto=http
esup.public.port=:8080
esup.public.uri=/uPortal
esup.public.guest.uri=/Guest
esup.public.ressource.uri=/ResourceServingWebapp
esup.real.host=${esup.public.host}
esup.real.uri=${esup.public.uri}
esup.real.port.https=
# LDAP Options
esup.ldap.auth=false
esup.ldap.url=ldap://ldap4.int-evry.fr:389 ldap://ldap3.int-evry.fr:389
esup.ldap.baseDN=dc=int-evry,dc=fr
esup.ldap.bindDN=cn=mcibind,ou=system,dc=int-evry,dc=fr
esup.ldap.bindPasswd=motdepassebindldap
esup.ldap.persondirs.use=true
esup.ldap.uid=uid
# CAS Options
esup.cas.auth=true
esup.cas.proto=https
esup.cas.proxy=true
esup.cas.host=cas.it-sudparis.eu
esup.cas.port.https=
esup.cas.port.http=
esup.cas.uri=/cas
esup.cas.withoutSSL=false
esup.cas.uri.login=/login
esup.cas.uri.validate=/serviceValidate
esup.cas.uri.proxy=/proxy
esup.cas.uri.logout=/logout
esup.real.uri.callbackCas=/CasProxyServlet
# DB Options
esup.db.auth=true
esup.db.persondirs.use=true
esup.db.username=sa
esup.db.password=
#esup.db.username=esup
#esup.db.password=motdepassemysql
# db type : mysql, hsql, postgresql
esup.db.type=hsql
esup.db.url=jdbc:hsqldb:hsql://localhost:8887
esup.db.className=org.hsqldb.jdbcDriver
#esup.db.type=mysql
#esup.db.className=com.mysql.jdbc.Driver
#esup.db.jdbcDriverJar=mysql-connector-java-5.1.6
#esup.db.db-version=5.0.77
#esup.db.poolPreparedStatements=true
# XSL Options
esup.xsl.debug=false
esup.xsl.cache=false
esup.xsl.help.url=http://www.esup-portail.org/display/ESUPMU/Documentations+%28esup-3%29
esup.xsl.help.login=http://www.esup-portail.org/display/ESUPMU/Documentations+%28esup-3%29
esup.xsl.use.sidebar=false
esup.xsl.use.sidebar.focused=false
esup.xsl.use.sidebar.guest=false
# LOG Options
esup.log.dir=${esup.root}/logs
esup.log.file=${esup.log.dir}/portal.log
esup.log.size=500000KB
esup.log.level=DEBUG
# STATS Options
esup.stats.file=${esup.log.dir}/stats.log
esup.stats.attributeType=eduPersonPrimaryAffiliation
esup.stats.channelFnames=all
esup.stats.size=200000KB
# MISC Optionsesup.title.main=eSup DEVEL ${uportal.ver} - [${esup.host.logicalName}]
esup.host.logicalName=gaspar-dev
esup.session.lifetime=30
esup.languages=fr_FR,en_US
esup.default.language=fr
esup.upload-maxsize=300000   
esup.ws.groups=trueesup.monitor=true
esup.userprefs.save=false
esup.keystore=/etc/pki/tls/certs/gaspardev_ca-pkiit1-pkiit2-chain-tcs-addtrust-bundle.p12

#java_home=/usr/java/jdk1.6.0_16
java_home=/usr/lib/jvm/java
# CURRENT FOLDER
esup.root=${basedir.conv}
esup.base=${esup.root}/Portail
ant_home=${basedir.conv}/resources/${ant.package.final}
mvn_home=${esup.base}/${mvn.package.final}
esup.sources=${esup.base}/uPortal_rel-${uportal.ver}
esup.deploy=${esup.base}/webapps
#esup.deploy=/var/lib/tomcat6/webapps
server.home=${esup.base}/apache-tomcat-${tomcat.ver}
#server.home=/usr/share/tomcat6
server.temp=${server.home}/temp
esup.custom=${esup.root}/custom
esup.update=${esup.root}/update
esup.resources=${basedir.conv}/resources
esup.packages=${esup.root}/packages
esup.tmp=${esup.root}/temp
config.file=${esup.root}/config.properties
mvn_repo=${esup.base}/maven-repo
mvn_offline=false
mvn_skiptest=true
mvn_esuprepo=${esup.resources}/esup-maven-repo

 ant -p

cd ~/esup-3.1.2-esup-0.5-RC3
ant getcomponents
ant unzip

ls logs/
ls -al logs
touch logs/portal.log
touch logs/stats.log

cd /home/esup/esup-3.1.2-esup-0.5-RC3/Portail/uPortal-3.1.1
vi build.properties

cd ../..

cd /home/esup/esup-3.1.2-esup-0.5-RC3/resources/
gunzip apache-ant-1.7.1-bin.tar.gz
tar xvf apache-ant-1.7.1-bin.tar
rm apache-ant-1.7.1-bin.tar
cp ant.sample.sh ant.sh
vi ant.sh

----
#!/bin/sh

export LANG=fr_FR
# export JAVA_HOME=/usr/java/jdk1.6
export JAVA_HOME=/usr/lib/jvm/java
export ANT_HOME=./resources/apache-ant-1.7.1

# chmod 755 $ANT_HOME/bin/ant
$ANT_HOME/bin/ant $@

----
chmod u+x ant.sh
dos2unix ant.sh

cd  /home/esup/esup-3.1.2-esup-0.5-RC3
./ant.sh init
./ant.sh getcomponents
./ant.sh unzip

./ant.sh db.test
./ant.sh db.init
./ant.sh deploy

vi ~/restart_esup.sh
----
#!/bin/bash
#
/usr/bin/sudo /etc/init.d/tomcat6 stop
cd ~/esup-3.1.2-esup-0.5-RC3
./ant.sh init
./ant.sh db.import -Dchannel=all
./ant.sh db.import -Dusername=monuser-lo
./ant.sh deploy
/usr/bin/sudo /etc/init.d/tomcat6 start
cd
vi /etc/sudoers
chmod u+x restart_esup.sh
~/restart_esup.sh
----

wget http://archive.apache.org/dist/tomcat/tomcat-connectors/native/1.1.9/source/tomcat-native-1.1.9-src.tar.gz
tar xvf tomcat-native-1.1.9-src.tar.gz
cd tomcat-native-1.1.9-src/jni/native/
./configure --with-apr=/usr/bin/apr-1-config --with-java-home=/usr/lib/jvm/java --with-ssl=yes
make
make install

export CATALINA_HOME=/usr/share/tomcat6
export LD_LIBRARY_PATH=/usr/local/apr/lib