Please rate how useful you found this document: 
No votes yet

Overview

Stack 225 provides detailed information about the database and application server configurations needed to correctly install the following versions of ProcessMaker on the platform CentOS/RHEL 7.x under Apache web server.

ProcessMaker 3.3.0

Stack 225 is supported by ProcessMaker, meaning that it has been tested by the Quality Control team.

Summary

Platform Database PHP
CentOS/RHEL 7.x (Latest version) MySQL 5.6.x 7.1.x
Web Server Filesystem Architecture
Apache 2.4.x ext4 64-bit

Disclaimer

The stack procedure and references described below are used by ProcessMaker in its cloud environment and it works appropriately in cloud configurations. If this stack is implemented on-premises, ProcessMaker Inc. does not guarantee the stack functions correctly.

Environment

Assuming you already have a CentOS 7.2.x Core or Desktop installed and have the proper permissions, by typing the comand sudo su and entered the administrator password you can execute the following commands in order to have the stack ready to install ProcessMaker.

Step 1: Update your Server

Make sure that your server is the latest version.

yum -y update

Warning: Depending on your CentOS version, the server update should take a long time to complete.

Step 2: Remove MariaDB

By default CentOS 7.2 comes with some MariaDB modules installed. We need to uninstall them.

yum -y remove mariadb*

Step 3: Install MySQL 5.6.XX

Warning: ProcessMaker is not compatible with MySQL STRICT mode, which is enabled by default as of MySQL 5.6.6. Read the Turning Off MySQL STRICT Mode section to learn how to disable it.

In order to install MySQL 5.6.x, use the following steps:

1. Run the command lines to download the repositories:

yum install -y yum-utils yum localinstall -y https://repo.mysql.com//mysql57-community-release-el7-11.noarch.rpm

2. Use these command lines to configure the repository and install MySQL 5.6.x:

yum-config-manager --disable mysql57-community yum-config-manager --enable mysql56-community yum install -y mysql-community-server

3. Start the MySQL service and set it to start automatically at boot.

service mysql start systemctl enable mysqld.service

4. Make sure the mysql service is running by checking its status with the following command:

systemctl status mysql

The status of the mysql service should be "active (running)":

MySQL Configuration

Before using MySQL, use the mysql_secure_installation command to set up a secure database environment. Log in as the root user and issue the following command:

mysql_secure_installation

Note: In some cases the password is already defined so you need to check it before you run the mysql_secure_installation and change it, to do this use the following command: cat /root/.mysql_secret

Then follow the wizard's instructions to secure MySQL as follows:

1. Enter the root password.

2. Change the root password.

Warning: ProcessMaker does NOT support special characters (such as: @ # $ % ^ & ( /) in the root password. For more information, please read this section.

3. Confirm to remove anonymous users.

4. Confirm to disable the root login.

In the case MySQL is in another server, you must create a new user and give this user the permissions to access.

5. Confirm to remove the test database.

6. Reload privilege tables.

The MySQL installation is now secure.

7. Restart the mysql service.

service mysql restart

Step 4: Install Apache 2.4

mod_ssl is an Apache module that provides SSL v2/v3 and TLS v1 support for the Apache HTTP server necessary for ProcessMaker.

Run the following steps to install Apache 2.4 and the SSL module:

1. Install Apache and SSL module:

yum -y install httpd mod_ssl

2. Start the Apache service and set it to start automatically at boot.

service httpd start systemctl enable httpd.service

3. Make sure the httpd service is running by checking its status with the following command:

systemctl status httpd

The status of the httpd service should be "active (running)":

Enable Apache Modules

ProcessMaker needs to use the expires, rewrite, deflate and vhost_alias modules on the Apache web server. Check to see whether these modules are enabled by opening the Apache configuration file found at /etc/httpd/conf/httpd.conf.

nano /etc/httpd/conf/httpd.conf

If working with CentOS 7, the file used to configure modules is found at:

nano /etc/httpd/conf.modules.d/00-base.conf

To configure the modules use the following steps:

1. Uncomment the following modules (remove the semicolon ; at the beginning of each line):

LoadModule expires_module modules/mod_expires.so LoadModule rewrite_module modules/mod_rewrite.so LoadModule deflate_module modules/mod_deflate.so LoadModule vhost_alias_module modules/mod_vhost_alias.so LoadModule filter_module modules/mod_filter.so

2. After editing the httpd.conf file, it is necessary to restart the Apache web server to use the new configuration:

service httpd restart

Step 5: Install PHP 7

Add the EPEL (CentOS 7.x) repositories or RedHat ones to install PHP. In this guide we will use EPEL, follow these steps:

1. Add the repositories.

rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm

2. Install PHP and its modules.

yum -y install php71w yum -y install php71w-cli php71w-gd php71w-mysqlnd php71w-soap php71w-mbstring php71w-ldap php71w-mcrypt php71w-xml php71w-devel php71w-pecl-apcu

3. To check if all the PHP modules were installed, run the following command:

rpm -qa |grep php

The outcome will be similar to the following:

Configuring PHP Settings

The default configuration of PHP should be able to run on ProcessMaker; however, check the following settings to see if PHP's configuration file php.ini has been modified. Log in as the root user and edit PHP's configuration file php.ini using these steps:

1. Open the file php.ini

nano /etc/php.ini

2. Search for the following lines and edit them using the following configuration:

file_uploads = On short_open_tag = On memory_limit = 512M error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT display_errors = Off post_max_size = 24M upload_max_filesize = 24M

Note: For more information, see Configuring PHP.

Step 6: SELinux Configurations

Regardless of which web server application your ProcessMaker stack uses, if ProcessMaker is installed in the /opt directory, it is necessary to either configure SELinux to allow the web server to read/write the directory where ProcessMaker is installed. Alternatively, you can disable SELinux temporarily or permanently. Refer to the sections below that describe how to perform each of these options.

Configuring SELinux

To configure SELinux so the web server can read/write to the /opt/processmaker directory, follow these steps:

1. Log in as the root user and issue the following commands from the terminal:

semanage fcontext -a -t httpd_sys_content_rw_t '/opt/processmaker(/.*)?' restorecon -R -v /opt/processmaker

2. Configure the web server to send emails:

setsebool -P httpd_can_sendmail 1

3. To run ProcessMaker on any port other than the default ports of 80, 443, 488, 8008, 8009 and 8443, SELinux needs to be configured to allow another port to be used. For example, to use port 8080:

semanage port -a -t http_port_t -p tcp 8080

Disabling SELinux

Disabling SELinux causes so many problems that it is often easier to disable it. Follow these steps to disable SELinux:

1. Run the following commands to disable SELinux:

echo "SELINUX=disabled" > /etc/selinux/config echo "SELINUXTYPE=targeted" >> /etc/selinux/config

2. Do NOT forget to restart the server to permanently disable SELinux.

Temporarily Disabling SELinux

To temporarily disable SELinux to debug a problem, log in as the root user and issue the command:

setenforce 0

The changes will take place immediately.

If need to go back only need to run the following command or reboot the server:

setenforce 1

Step 7: Install Firewall and Open ProcessMaker's Port

By default, CentOS 7 can not work without a firewall, therefore it is recommended to install Firewalld so it can be easily configured. Firewalld is a dynamic daemon that manages a firewall with support for networks zones. To install it run the following steps:

1. Install Firewalld.

yum -y install firewalld

2. Set the service to start automatically.

service firewalld start chkconfig firewalld on

3. Open the port where ProcessMaker will run, which is port 80 by default or port 443. To use a port other than port 80 or 443, it is necessary to change the port number using the following command.

firewall-cmd --zone=public --add-port=80/tcp --permanent firewall-cmd --zone=public --add-port=443/tcp --permanent firewall-cmd --reload

Step 8: Reboot the Server

After all these installations the server needs to be rebooted.

Configuration and ProcessMaker Installation

To learn how to install and configure ProcessMaker, read Configuration and ProcessMaker Installation.