Please rate how useful you found this document: 
Average: 1.5 (4 votes)

Overview

Stack 255 provides detailed information about the database and application server configurations needed to correctly install the following versions of ProcessMaker on the platform CentOS/RHEL 7.x (Latest Version) under Apache web server.

ProcessMaker 3.4.x

Stack 255 is supported by ProcessMaker, meaning that it has been tested by the Quality Control team.

Summary

Platform Database PHP
CentOS/RHEL 7.x (Latest version) MySQL 5.7.x 7.1.x
Web Server Filesystem Architecture
Apache 2.4.x xfs 64-bit

Disclaimer

The stack procedure and references described below are used by ProcessMaker in its cloud environment and it works appropriately in cloud configurations. If this stack is implemented on-premises, ProcessMaker Inc. does not guarantee the stack functions correctly.

Environment

Assuming you already have a CentOS 7.x Desktop installed and have the proper configurations. In the Terminal, run the command sudo su and enter the administrator password. Then, you can run command lines described in the following steps in order to have the stack ready to install ProcessMaker.

Step 1: Update your Server

Make sure that your server is the latest version.

yum -y update

Warning: Depending on your CentOS version, the server update should take a long time to complete.

Step 2: Remove MariaDB

By default CentOS 7.2 and later comes with some MariaDB modules installed. We need to uninstall them.

yum -y remove mariadb*

Step 3: Install and Configure MySQL 5.7.x

To install MySQL 5.7.x, run the command lines in the following steps:

1. Download and install the MySQL repositories.

yum localinstall -y https://repo.mysql.com//mysql57-community-release-el7-11.noarch.rpm yum install -y mysql-community-server

2. Start the MySQL service and set it to start automatically at boot.

systemctl start mysqld.service systemctl enable mysqld.service

3. Make sure the mysql service is running by checking its status.

systemctl status mysqld

The status of the mysql service should be "active (running)":

MySQL Configuration

Before using MySQL, follow the next steps:

1. The temporary password is already defined so you need to check it before you run the mysql_secure_installation. To do this use the following command:

grep "temporary password" /var/log/mysqld.log

Use this temporary password when running mysql_secure_installation.

2. Use the mysql_secure_installation command to set up a secure database environment and establish a root password to use in the ProcessMaker installation.

mysql_secure_installation

The wizard installation begins.

3. Then follow the wizard's instructions to secure MySQL.

Warning: The default password policy implemented by validate_password of MySQL 5.7 requires that passwords contain at least one upper case letter, one lower case letter, one digit, and one special character, and that the total password length is at least 8 characters. To know more about validate_password, see The Password Validation Plugin.

Enter the temporary root password. If the temporary password has expired, you need to enter a new password.

4. Change the root password. If it was defined in the step three, skip this step.

5. Confirm to remove anonymous users.

6. Confirm to disable the remote root login.

In the case MySQL is in another server, you must create a new user and give this user the permissions to access.

7. Confirm to remove the test database.

8. Reload privilege tables.

The MySQL installation is now secure.

9. Turn off Derived Table Merging Flags.

echo "optimizer_switch = derived_merge=off" >> /etc/my.cnf

10. Disable MySQL Strict Mode on the Server.

echo 'sql_mode= ""' >> /etc/my.cnf

11. Restart the MySQL service.

systemctl restart mysqld

Step 4: Install Apache 2.4

mod_ssl is an Apache module that provides SSL v2/v3 and TLS v1 support for the Apache HTTP server necessary for ProcessMaker. Run the commands in the following steps to install Apache 2.4 and the SSL module:

1. Install Apache and SSL module.

yum -y install httpd mod_ssl

2. ProcessMaker needs to use modules on the Apache web server. Enable these Modules.

sed -i 's@#LoadModule expires_module modules/mod_expires.so@LoadModule expires_module modules/mod_expires.so@' /etc/httpd/conf/httpd.conf ; sed -i 's@#LoadModule rewrite_module modules/mod_rewrite.so@LoadModule rewrite_module modules/mod_rewrite.so@' /etc/httpd/conf/httpd.conf ; sed -i 's@#LoadModule deflate_module modules/mod_deflate.so@LoadModule deflate_module modules/mod_deflate.so@' /etc/httpd/conf/httpd.conf ; sed -i 's@#LoadModule vhost_alias_module modules/mod_vhost_alias.so@LoadModule vhost_alias_module modules/mod_vhost_alias.so@' /etc/httpd/conf/httpd.conf ; sed -i 's@#LoadModule filter_module modules/mod_filter.so@LoadModule filter_module modules/mod_filter.so@' /etc/httpd/conf/httpd.conf ;

3. Start the Apache service and set it to start automatically at boot.

systemctl start httpd.service systemctl enable httpd.service

4. Make sure the httpd service is running by checking its status.

systemctl status httpd.service

The status of the httpd service should be "active (running)":

Step 5: Install and Configure PHP 7.1.x + PHP-FPM + OpCache

Follow these steps:

1. Add the EPEL (CentOS 7.x) repositories or RedHat ones to install PHP.

rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm

2. Install PHP and its modules.

yum -y install php71w yum -y install php71w-cli php71w-gd php71w-mysqlnd php71w-soap php71w-mbstring php71w-ldap php71w-mcrypt php71w-xml php71w-devel php71w-pecl-apcu php71w-imap php71w-fpm php71w-opcache

Check if all the PHP modules were installed.

php -m

The outcome will be similar to the following:

[PHP Modules] bz2 calendar Core ctype curl date exif fileinfo filter ftp gd gettext gmp hash iconv imap json ldap libxml mbstring mcrypt mysqli mysqlnd openssl pcntl pcre PDO pdo_mysql pdo_sqlite Phar readline Reflection session shmop SimpleXML soap sockets SPL sqlite3 standard tokenizer xml Zend OPcache zip zlib

3. Modify the php.ini file and set the standard ProcessMaker configurations.

sed -i '/short_open_tag = Off/c\short_open_tag = On' /etc/php.ini sed -i '/post_max_size = 8M/c\post_max_size = 24M' /etc/php.ini sed -i '/upload_max_filesize = 2M/c\upload_max_filesize = 24M' /etc/php.ini sed -i '/;date.timezone =/c\date.timezone = America/New_York' /etc/php.ini sed -i '/expose_php = On/c\expose_php = Off' /etc/php.ini

4. Start and enable the PHP-FPM service.

systemctl start php-fpm.service systemctl enable php-fpm.service

5. Create the processmaker.conf file to include PHP-FPM configuration.

nano /etc/php-fpm.d/processmaker.conf

6. Include the following to the configuration file, and save the file.

[processmaker] user = apache group = apache listen = /var/run/php-fpm/processmaker.sock listen.mode = 0664 listen.owner = apache listen.group = apache pm = dynamic pm.max_children = 100 pm.start_servers = 20 pm.min_spare_servers = 20 pm.max_spare_servers = 50 pm.max_requests = 500 php_admin_value[error_log] = /var/log/php-fpm/processmaker-error.log php_admin_flag[log_errors] = on

7. Modify the opcache.ini file to set OpCache configurations.

sed -i '/;opcache.enable_cli=0/c\opcache.enable_cli=1' /etc/php.d/opcache.ini sed -i '/opcache.max_accelerated_files=4000/c\opcache.max_accelerated_files=10000' /etc/php.d/opcache.ini sed -i '/;opcache.max_wasted_percentage=5/c\opcache.max_wasted_percentage=5' /etc/php.d/opcache.ini sed -i '/;opcache.use_cwd=1/c\opcache.use_cwd=1' /etc/php.d/opcache.ini sed -i '/;opcache.validate_timestamps=1/c\opcache.validate_timestamps=1' /etc/php.d/opcache.ini sed -i '/;opcache.fast_shutdown=0/c\opcache.fast_shutdown=1' /etc/php.d/opcache.ini

Configure PHP Default Settings for Production Environments

The default configuration of PHP should be able to run on ProcessMaker; however, for production environments it is recommended check the following settings to see if PHP's configuration file php.ini has been modified. Log in as the root user and edit PHP's configuration file php.ini using these steps:

1. Open the file php.ini

nano /etc/php.ini

2. Search for the following lines and edit them using the following configuration:

error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT & ~E_WARNING & ~E_NOTICE display_errors = Off

Step 6: Apache Server Configuration to Include PHP-FPM

To configure Apache to work with ProcessMaker, follow the next steps:

2. Create the pmos.conf file.

nano /etc/httpd/conf.d/pmos.conf

3. The pmos.conf configuration file needs to have:

<VirtualHost *:80> ServerName 127.0.0.1 DocumentRoot /opt/processmaker/workflow/public_html DirectoryIndex index.html index.php ErrorLog /var/log/httpd/pm-error.log CustomLog /var/log/httpd/pm-access.log combined <Directory /opt/processmaker/workflow/public_html> Options Indexes FollowSymLinks MultiViews AllowOverride All Order allow,deny Allow from all Require all granted ExpiresActive On SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1 <IfModule mod_rewrite.c> RewriteEngine On RewriteCond %{THE_REQUEST} ^.*/\.\. RewriteRule ^ - [L,R=404] RewriteCond %{REQUEST_FILENAME} !-f RewriteRule ^.*/(.*)$ app.php [QSA,L,NC] </IfModule> </Directory> #PHP-FPM <FilesMatch "\.php"> SetHandler "proxy:unix:/var/run/php-fpm/processmaker.sock|fcgi://localhost" </FilesMatch> </VirtualHost>

4. Restart Apache.

systemctl restart httpd.service

Step 7: Install and Configure Supervisor

Follow the next steps to install and configure a Supervisor:

Note: After every command execution, verify if there are error or warning messages. This may be due to wrong file permissions.

  1. Open a terminal and run as a supervisor user by writing the following.

    su or sudo -i

  2. Install and enable the Supervisor.

    yum -y install supervisor systemctl start supervisord systemctl enable supervisord

  3. Create the laravel-worker-workflow.ini file in the /etc/supervisord.d/ folder.

    nano /etc/supervisord.d/laravel-worker-workflow.ini

  4. Add the following lines, and save the file.

    [program:laravel-worker-workflow] user=apache directory=/opt/processmaker/ command=/opt/processmaker/processmaker artisan queue:work --workspace=workflow stdout_logfile=/opt/processmaker/worker-workflow.log autostart=true autorestart=true

    If you have two workspaces or more, add the following lines. For example, the workflow and sample workspaces.

    [program:laravel-worker-workflow] user=apache directory=/opt/processmaker/ command=/opt/processmaker/processmaker artisan queue:work --workspace=workflow stdout_logfile=/opt/processmaker/worker-workflow.log autostart=true autorestart=true [program:laravel-worker-sample] user=apache directory=/opt/processmaker/ command=/opt/processmaker/processmaker artisan queue:work --workspace=sample stdout_logfile=/opt/processmaker/worker-sample.log autostart=true autorestart=true

  5. Enable the laravel-worker-workflow configuration.

    supervisorctl reread supervisorctl update sudo supervisorctl stop all sudo supervisorctl start all sudo supervisorctl status all

    Restart the Supervisor service:

    sudo systemctl stop supervisord.service sudo systemctl start supervisord.service sudo systemctl status supervisord.service

The queue work is ready to run.

Take into account:

  • Depending on the distribution, the directory route must maintain order. This will specify the processmaker workspace.
  • Verify that the configured log file has permissions in the stdout_logfile route. It is recommended that the log file (stdout_logfile) be located within the shared folder of processmaker: /shared/worker.log. This may not be advisable if your environment has many workspaces that have a large workload, your log would be lost in time.
  • The parameters of the command route must be valid according to the workload. For more information consult the Laravel documentation.

Step 8: Install Firewall and Open ProcessMaker's Port

By default, CentOS 7.x can not work without firewall, therefore it is recommended to install Firewalld so it can be easily configured. Firewalld is a dynamic daemon that manages a firewall with support for networks zones. To install it run the following steps:

1. Install Firewalld.

yum -y install firewalld

2. Set the service to start automatically.

systemctl start firewalld.service systemctl enable firewalld.service

3. Open the port where ProcessMaker will run, which is port 80 by default. To use a port other than port 80, it is necessary to change the port number using the following command.

firewall-cmd --zone=public --add-port=80/tcp --permanent firewall-cmd --reload

Step 9: Disable SELinux

SELinux causes many problems, which it is often easier to disable. Run the next commands to disable SELinux:

yum -y install policycoreutils-python semanage permissive -a httpd_t systemctl restart httpd systemctl restart php-fpm

Database Integrations

This stack supports the following database integrations:

Oracle

Follow the next steps to install an Oracle database integration:

  1. Download the Oracle client for Linux and install it:

    rpm -i oracle-instantclient12.2-basic-12.2.0.1.0-1.x86_64.rpm rpm -i oracle-instantclient12.2-devel-12.2.0.1.0-1.x86_64.rpm

  2. Set the global variables in the system:

    export LD_LIBRARY_PATH=/usr/lib/oracle/12.2/client64/lib export ORACLE_HOME=/usr/lib/oracle/12.2/client64/

  3. Install the dependencies:

    yum -y install cc gcc

  4. Install the libraries using pecl:

    pecl install oci8 # When the installer requests the Oracle Home, provide the path to the ORACLE_HOME directory. Use instantclient,/path/to/instant/client/lib if you are compiling with Oracle Instant Client [autodetect] : instantclient,/usr/lib/oracle/12.2/client64/lib

  5. In the /etc/php.ini file, add the extension line:

    extension=oci8.so

  6. Restart the Apache and PHP services:

    service httpd restart & service php-fpm restart

Microsoft SQL Server

Follow the next steps to install a Microsoft SQL Server database integration:

  1. Import the repository:

    curl https://packages.microsoft.com/config/rhel/7/prod.repo > /etc/yum.repos.d/mssql-release.repo

  2. Remove the unixODBC and update the system:

    yum remove unixODBC yum update ACCEPT_EULA=Y yum install msodbcsql-13.0.1.0-1 mssql-tools-14.0.2.0-1 yum install unixODBC-utf16-devel ln -sfn /opt/mssql-tools/bin/sqlcmd-13.0.1.0 /usr/bin/sqlcmd ln -sfn /opt/mssql-tools/bin/bcp-13.0.1.0 /usr/bin/bcp

  3. Install the dependencies:

    yum install gcc-c++ libstdc++ -y

  4. Install the libraries using pecl:

    pecl install sqlsrv pecl install pdo_sqlsrv

  5. In the /etc/php.ini file, add the extension lines:

    extension=sqlsrv.so extension=pdo_sqlsrv.so

  6. Restart the Apache and PHP services:

    service httpd restart & service php-fpm restart

Configuration and ProcessMaker Installation

To learn how to install and configure ProcessMaker, read Configuration and ProcessMaker Installation.