Ubuntu 22.04 LTS#
This chapter provides instructions for installing Allegra on a Ubuntu 22.04 server, including a Postgres database server and an Apache Tomcat 9 servlet container.
This chapter describes
How to obtain the Allegra installation script
How to run the installation script
Preparation#
Hardware requirements#
Make sure that the requirements concerning the runtime environment are met.
Permissions#
You must have sudo permission on all commands.
Installation script#
You can get the installation script for Ubuntu 22.04 from the
Allegra download page.
The script is called install.sh.
Download it somewhere on the server where you want to install Allegra.
Then call it as superuser:
sudo ./install.sh <context>
where the context is the last part of the URL of the application, like
https://www.yourServer.com/context
That’s it. After you run the script, you should have a working Allegra server at http://yourserver:8080/context.
Hint
login name: admin
password: tissi
Send e-mails#
You should have access to an SMTP server before setting up Allegra. For testing purposes you can use your own email account or a free service account that you have set up for this purpose.
For a production environment, you should set up a dedicated email account for your Allegra installation.
Attention
If you are running your own SMTP server on Amazon’s EC2 or Lightsail web service you need to contact Amazon to allow you to send more than 100 emails per day via port 25.
Security#
For security reasons, you should set up a standard Apache HTTP server as the front-end for the Tomcat servlet container.
You can use an existing installation of an Apache 2.4 web server or you can install Apache 2.4 on the same instance as the Tomcat server:
sudo apt-get install apache2 apache2-utils
Activate modules proxy, proxy_http, and proxy_ajp:
sudo a2enmod proxy
sudo a2enmod proxy_ajp
sudo a2enmod proxy_http
Add the following statements to your Apache server configuration at
/etc/apache2/sites-available/default:
##
# Always set some headers
##
<IfModule mod_headers.c>
Header set X-Frame-Options SAMEORIGIN
Header append X-Content-Type-Options nosniff
Header set X-XSS-Protection "1; mode=block"
Header unset X-Powered-By
Header set Strict-Transport-Security "max-age=31556926, includeSubDomains"
Header set Expect-CT "max-age=0; report-uri=https://allegra-cloud.com/reportOnly"
Header set Content-Security-Policy "default-src 'self' https://fonts.googleapis.com/
https://fonts.gstatic.com/ ; script-src 'self' 'unsafe-inline' 'unsafe-eval';
connect-src 'self'; img-src 'self' data: https://seal.beyondsecurity.com/ ;
style-src 'self' 'unsafe-inline';"
</IfModule>
ProxyPreserveHost On
RewriteEngine On
RewriteRule ^(/[a-z][a-z0-9\-]*)$ $1/ [R=301,L]
# CONTEXT
RewriteCond %{HTTP:Upgrade} =websocket [NC]
# If the Apache web server is on a different machine
# than the Apache Tomcat with Allegra, you have to enter here the
# IP number of the Tomcat server instead of 127.0.0.1!
RewriteRule /context/(.*) ws://127.0.0.1:8080/context/$1 [P,L]
RewriteCond %{HTTP:Upgrade} !=websocket [NC]
RewriteRule /context/(.*) http://127.0.0.1:8080/context/$1 [P,L]
ProxyPassReverse /context/ https://yourdomain.com/context/
ProxyPassReverse /context/ ws://yourdomain.com/context/
#
Alternatively, you can use the ajp protocol for connecting the Apache server to
Tomcat.
# If the Apache web server is on a different machine
# than the Apache Tomcat with Allegra, you have to enter here the
# IP number of the Tomcat server instead of 127.0.0.1!
ProxyPass /context ajp://127.0.0.1:8009/context
ProxyPassReverse /context/ https://<yourdomain.com>/context/
In the Tomcat configuration file /etc/tomcat9/server.xml, remove
the comment to enable the ajp connector:
<!-- Define an AJP 1.3 Connector on port 8009 -->
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />
Thereafter restart Apache and Tomcat:
sudo service tomcat9 restart
sudo service apache2 restart