After attempting to install OpenEMM on several different operating systems, following several guides listed at https://wiki.openemm.org/doku.php , for about 2 weeks. I have finally managed to get it running. Below is a guide I have tested by rebuilding a working OpenEMM at least 5 times to make sure I have all the steps documented correctly:
On a brand new install of CentOS/Rocky/Alma, after you've set up networking to your preferences (I will be using Rocky linux for this guide, some commands such as dnf can be replaced with yum, no functionality will be lost):
### Initial settings & config changes
Code: Select all
hostnamectl set-hostname hostname
echo 'export PATH=$PATH:/usr/sbin' >> /etc/skel/.bash_profile;
sed -i -e 's/SELINUX=enforcing/SELINUX=permissive/' /etc/sysconfig/selinux;
Code: Select all
dnf module enable python38 -y;
dnf install wget xorg-x11-fonts-75dpi zlib fontconfig freetype libX11 libXext libXrender urw-fonts vim java-11-openjdk sendmail-milter python38 -y;
dnf install mariadb-server mariadb mariadb-devel mariadb-connector-c gcc-c++ bzip2-devel gdbm-devel libgcrypt-devel python38-devel postfix -y;
dnf install libffi-devel libxml2-devel ncurses-devel openssl-devel readline-devel sqlite-devel zlib-devel xz xz-devel python38-pip procmail -y;
dnf install rsyslog unixODBC unixODBC-devel openssl-devel apr-devel redhat-rpm-config java-11-openjdk-devel gcc make python38-requests -y;
dnf install https://github.com/wkhtmltopdf/packaging/releases/download/0.12.6-1/wkhtmltox-0.12.6-1.centos8.x86_64.rpm -y;
pip3.8 install py3dns xlrd xlwt xlutils paramiko pyspf dnspython dkimpy pycrypto requests httpie setproctitle inotify aiodns aiohttp aiohttp-xmlrpc aiosmtpd mariadb;
alternatives --set python3 /usr/bin/python3.8;
Code: Select all
dnf update -y;
Code: Select all
firewall-cmd --zone=public --add-port=8080/tcp --permanent && firewall-cmd --zone=public --add-port=25/tcp --permanent;
firewall-cmd --zone=public --add-forward-port=port=80:proto=tcp:toport=8080 --permanent && firewall-cmd --reload;
Code: Select all
groupadd openemm && useradd -m -g openemm -s /bin/bash openemm;
passwd openemm;
mkdir /home/openemm/opt;
cd /home/openemm/opt;
Code: Select all
wget https://dlcdn.apache.org/tomcat/tomcat-connectors/native/1.2.31/source/tomcat-native-1.2.31-src.tar.gz
Code: Select all
tar -xvf tomcat-native-1.2.31-src.tar.gz
rm -rf tomcat-native-1.2.31-src.tar.gz
cd tomcat-native-1.2.31-src/native/
./configure --with-apr=/usr/bin/apr-1-config --with-ssl=yes --prefix=/home/openemm/opt/tomcat-native-1.2.31 --with-java-home=/usr/lib/jvm/java
make
make install
ln -s /home/openemm/opt/tomcat-native-1.2.31 /home/openemm/opt/tomcat-native
Code: Select all
scp -rp openemm-runtime-21.10.XXX.tar.gz root@host:/home/openemm/
systemctl enable mariadb;
systemctl start mariadb;
mysql_secure_installation;
Set root password? [Y/n] y
Remove anonymous users? [Y/n] Yyour password here
Disallow root login remotely? [Y/n] n
Remove test database and access to it? [Y/n] Y
Reload privilege tables now? [Y/n] Y
### journalctl changes:
Code: Select all
echo 'module(load="imjournal" StateFile="imjournal.state" ratelimit.interval="10" ratelimit.burst="10000")' >> /etc/systemd/journald.conf;
systemctl restart systemd-journald
# open and override the following file with the contents below:
# vim /etc/logrotate.d/syslog
Code: Select all
/var/log/cron
/var/log/maillog
/var/log/messages
/var/log/secure
/var/log/spooler
{
missingok
sharedscripts
chmod 0644
postrotate
/usr/bin/systemctl kill -s HUP rsyslog.service >/dev/null 2>&1 || true
endscript
}
Code: Select all
chmod 644 /var/log/maillog
Code: Select all
alternatives --set mta /usr/sbin/sendmail.postfix
Code: Select all
inet_interfaces = all
inet_protocols = all
mailbox_command = /usr/bin/procmail
mailbox_size_limit = 0
message_size_limit = 0
maximal_queue_lifetime = 1d
bounce_queue_lifetime = 1d
smtp_tls_security_level = may
smtp_tls_protocols = !SSLv2, !SSLv3
smtp_tls_ciphers = high
smtp_tls_mandatory_ciphers = $smtp_tls_ciphers
hash_queue_depth = 2
enable_long_queue_ids = yes
relay_domains = /home/openemm/var/run/relay.domains
transport_maps = hash:/home/openemm/var/run/transport.maps
smtpd_milters = unix:/home/openemm/var/run/bav.sock
myhostname = hostname
Code: Select all
mailloop unix - n n - - pipe
flags=RX user=openemm argv=/usr/bin/procmail /home/openemm/lib/bav.rc
Code: Select all
systemctl enable postfix;
systemctl restart postfix;
Code: Select all
cd /home/openemm
chown -R openemm:openemm .
tar -xvf openemm-runtime-21.10.030.tar.gz
rm -rf openemm-runtime-21.10.030.tar.gz
### and adjust the permissions accordingly:
Code: Select all
touch /home/openemm/tomcat/logs/catalina.out && chmod 0660 /home/openemm/tomcat/logs/catalina.out
### config files in /home/console. This can be fixed by simply linking console to openemm.
Code: Select all
ln -s /home/openemm/ /home/console
Code: Select all
cd /home/openemm
bin/OMT.sh
# Change it now (N/y, Blank => Cancel):
> y
reboot < -- required by system after changing system limits
### Continued in the next post