Please rate how useful you found this document: 
Average: 3.6 (9 votes)

Overview

Stack 265 provides detailed information about the database and application server configurations required to correctly install the following versions of ProcessMaker on the platform CentOS/RHEL 7.x (Latest Version) under the Apache web server.

Requirements

ProcessMaker Compatibility

This stack is fully compatible with the following ProcessMaker version:

  • ProcessMaker 3.4.6 and later

Stack 265 is fully supported by ProcessMaker and it has been tested by the Quality Control team.

Summary

Platform Database PHP
CentOS/RHEL 7.x (Latest version) MySQL 5.7.x 7.3.x
Web Server Filesystem Architecture
Apache 2.4 xfs 64-bit

Disclaimer

The stack procedure and references described below are used by ProcessMaker in its cloud environment and it works appropriately in cloud configurations. If this stack is implemented on-premises, ProcessMaker Inc. does not guarantee the correct functionality of the stack.

Environment

Assuming that the last version of CentOS 7.x Core or Desktop is already installed in your computer and has the proper permissions by typing the command sudo su and the administrator password entered, it is posible to run the following commands to have the stack ready to install ProcessMaker.

Step 1: Update your Server

Make sure that your server is running the latest version.

yum -y update

Warning: Depending on your CentOS version, the server update might take a long time to complete the update.

Step 2: Remove MariaDB

By default CentOS 7.x comes with some modules of MariaDB installed. So we need to uninstall them.

yum -y remove mariadb*

Step 3: Install MySQL 5.7.x

To install MySQL 5.7.x, follow the next steps:

1. Run the command lines to download the repositories:

yum localinstall -y https://repo.mysql.com//mysql57-community-release-el7-11.noarch.rpm yum install -y mysql-community-server

2. Start the MySQL service and set it to start automatically at boot.

systemctl start mysqld systemctl enable mysqld

3. Make sure the mysql service is running by checking its status.

systemctl status mysqld

The status of the mysql service should be "active (running)":

MySQL Configuration

Before using MySQL, follow the next steps:

1. A temporary password is already defined, so you need to check it before you run the mysql_secure_installation. To do this, use the following command:

grep "temporary password" /var/log/mysqld.log

Use this temporary password when running mysql_secure_installation.

2. Use the mysql_secure_installation command to set up a secure database environment and establish a root password to use in the ProcessMaker installation.

mysql_secure_installation

The wizard installation begins.

3. Follow the wizard's instructions to secure MySQL.

Warning: The default password policy implemented by validate_password of MySQL 5.7 requires that passwords contain at least one upper case letter, one lower case letter, one digit, and one special character, and also that the total password length is at least 8 characters. To know more about validate_password, see The Password Validation Plugin.

Enter the temporary root password. If the temporary password has expired, you need to enter a new password.

4. Change the root password. If it was defined previously in step three, skip this step.

5. Confirm to remove anonymous users.

6. Confirm to disable the remote root login.

If MySQL is running on another server, you must create a new user and provide this user with the permissions to access.

7. Confirm to remove the test database.

8. Reload privilege tables.

The MySQL installation is now secure.

9. Turn off Derived Table Merging Flags.

echo "optimizer_switch = derived_merge=off" >> /etc/my.cnf

10. Disable MySQL Strict Mode on the Server.

echo 'sql_mode = STRICT_TRANS_TABLES,NO_ZERO_IN_DATE' >> /etc/my.cnf

11. Restart the MySQL service.

systemctl restart mysqld

Step 4: Install Apache 2.4

mod_ssl is an Apache module that provides SSL v2/v3 and TLS v1 support for the Apache HTTP server necessary for ProcessMaker. Run the commands in the following steps to install Apache 2.4 and the SSL module:

1. Install Apache and SSL module.

yum -y install httpd mod_ssl

2. ProcessMaker needs to use modules on the Apache web server. Enable these Modules:

sed -i 's@#LoadModule expires_module modules/mod_expires.so@LoadModule expires_module modules/mod_expires.so@' /etc/httpd/conf/httpd.conf ; sed -i 's@#LoadModule rewrite_module modules/mod_rewrite.so@LoadModule rewrite_module modules/mod_rewrite.so@' /etc/httpd/conf/httpd.conf ; sed -i 's@#LoadModule deflate_module modules/mod_deflate.so@LoadModule deflate_module modules/mod_deflate.so@' /etc/httpd/conf/httpd.conf ; sed -i 's@#LoadModule vhost_alias_module modules/mod_vhost_alias.so@LoadModule vhost_alias_module modules/mod_vhost_alias.so@' /etc/httpd/conf/httpd.conf ; sed -i 's@#LoadModule filter_module modules/mod_filter.so@LoadModule filter_module modules/mod_filter.so@' /etc/httpd/conf/httpd.conf ;

3. Start the Apache service and set it to start automatically at boot.

systemctl start httpd.service systemctl enable httpd.service

4. Make sure the httpd service is running by checking its status.

systemctl status httpd.service

The status of the httpd service should be "active (running)":

Step 5: Install and Configure PHP 7.3.x + PHP-FPM + OpCache

To install and configure PHP 7.3.x + PHP-FPM + OpCache, follow the next steps:

1. Add the EPEL (CentOS 7.x) repositories or RedHat ones to install PHP.

rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm rpm -Uvh http://rpms.remirepo.net/enterprise/remi-release-7.rpm

2. Install PHP and its modules.

yum install yum-utils yum-config-manager --enable remi-php73 yum -y install php php-cli php-opcache php-fpm php-gd php-mysqlnd php-soap php-mbstring php-ldap php-mcrypt php-xml php-imap php-zip

Check if all the PHP modules were installed.

php -m

The outcome will be similar to the following:

[PHP Modules] bz2 calendar Core ctype curl date dom exif fileinfo filter ftp gd gettext hash iconv imap json ldap libxml mbstring mcrypt mysqli mysqlnd openssl pcntl pcre PDO pdo_mysql pdo_sqlite Phar readline Reflection session SimpleXML soap sockets SPL sqlite3 standard tokenizer wddx xml xmlreader xmlwriter xsl Zend OPcache zlib

3. Start and enable the PHP-FPM service.

systemctl start php-fpm systemctl enable php-fpm

4. In the php.ini file, set the standard ProcessMaker configurations.

sed -i '/short_open_tag = Off/c\short_open_tag = On' /etc/php.ini sed -i '/post_max_size = 8M/c\post_max_size = 24M' /etc/php.ini sed -i '/upload_max_filesize = 2M/c\upload_max_filesize = 24M' /etc/php.ini sed -i '/;date.timezone =/c\date.timezone = America/New_York' /etc/php.ini sed -i '/expose_php = On/c\expose_php = Off' /etc/php.ini

Note: The memory_limit should be set to 256M as the minimum value. For more information, check how to Increase The Memory Limit.

5. Set OpCache configurations.

sed -i '/;opcache.enable_cli=0/c\opcache.enable_cli=1' /etc/php.d/10-opcache.ini sed -i '/opcache.max_accelerated_files=4000/c\opcache.max_accelerated_files=10000' /etc/php.d/10-opcache.ini sed -i '/;opcache.max_wasted_percentage=5/c\opcache.max_wasted_percentage=5' /etc/php.d/10-opcache.ini sed -i '/;opcache.use_cwd=1/c\opcache.use_cwd=1' /etc/php.d/10-opcache.ini sed -i '/;opcache.validate_timestamps=1/c\opcache.validate_timestamps=1' /etc/php.d/10-opcache.ini sed -i '/;opcache.fast_shutdown=0/c\opcache.fast_shutdown=1' /etc/php.d/10-opcache.ini

Note: If you are upgrading from a server that has the Enhanced Login plugin installed, set the following variable in the php.ini file: session.save_path = /var/lib/php/session

6. Create the processmaker.conf file to include PHP-FPM configuration.

nano /etc/php-fpm.d/processmaker.conf

7. Include the following to the configuration file and save the file.

[processmaker] user = apache group = apache listen = /var/run/php-fpm/processmaker.sock listen.mode = 0664 listen.owner = apache listen.group = apache pm = dynamic pm.max_children = 100 pm.start_servers = 20 pm.min_spare_servers = 20 pm.max_spare_servers = 50 pm.max_requests = 500 php_admin_value[error_log] = /var/log/php-fpm/processmaker-error.log php_admin_flag[log_errors] = on clear_env = no

Configure PHP Default Settings for Production Environments

The default configuration of PHP should be able to run on ProcessMaker; however, for production environments it is recommended to check the following settings to see if PHP's configuration file php.ini has been modified. Log in as the root user and edit PHP's configuration file php.ini following these steps:

1. Open the file php.ini

nano /etc/php.ini

2. Search for the following lines and edit them using the following configuration:

error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT & ~E_WARNING & ~E_NOTICE display_errors = Off

Step 6: Apache Server Configuration to Include PHP-FPM

To configure Apache to work with ProcessMaker, follow the next steps:

2. Create the pmos.conf file.

nano /etc/httpd/conf.d/pmos.conf

3. The pmos.conf configuration file needs to have:

<VirtualHost *:80> ServerName 127.0.0.1 DocumentRoot /opt/processmaker/workflow/public_html DirectoryIndex index.html index.php ErrorLog /var/log/httpd/pm-error.log CustomLog /var/log/httpd/pm-access.log combined <Directory /opt/processmaker/workflow/public_html> Options Indexes FollowSymLinks MultiViews AllowOverride All Order allow,deny Allow from all Require all granted ExpiresActive On SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1 <IfModule mod_rewrite.c> RewriteEngine On RewriteCond %{THE_REQUEST} ^.*/\.\. RewriteRule ^ - [L,R=404] RewriteCond %{REQUEST_FILENAME} !-f RewriteRule ^.*/(.*)$ app.php [QSA,L,NC] </IfModule> </Directory> #PHP-FPM <FilesMatch "\.php"> SetHandler "proxy:unix:/var/run/php-fpm/processmaker.sock|fcgi://localhost" </FilesMatch> </VirtualHost>

4. Restart Apache.

systemctl restart httpd.service

Step 7: Install Firewall and Open ProcessMaker's Port

By default, CentOS 7.x can not work without a firewall, therefore it is recommended to install Firewalld so it can be easily configured. Firewalld is a dynamic daemon that manages a firewall with support for networks zones. To install it run the following steps:

1. Install Firewalld.

yum -y install firewalld

2. Set the service to start automatically.

systemctl start firewalld systemctl enable firewalld

3. Open the port where ProcessMaker will run, which is port 80 by default. To use a port other than port 80, it is necessary to change the port number using the following command.

firewall-cmd --zone=public --add-port=3306/tcp --permanent firewall-cmd --zone=public --add-port=80/tcp --permanent firewall-cmd --reload

Step 8: Disable SELinux

SELinux causes many problems, which it is often easier to disable. Run the next commands to disable SELinux:

yum -y install policycoreutils-python semanage permissive -a httpd_t systemctl restart httpd systemctl restart php-fpm

Install and Configure Supervisor

To install and configure a Supervisor, follow the next steps:

Note: After every command execution, verify if there are error or warning messages. This may be due to wrong file permissions.

  1. Open a terminal and run as a supervisor user by writing the following.

    su or sudo -i

  2. Install and enable the Supervisor.

    yum -y install supervisor systemctl start supervisord systemctl enable supervisord

  3. Create the laravel-worker-workflow.ini file in the /etc/supervisord.d/ folder.

    nano /etc/supervisord.d/laravel-worker-workflow.ini

  4. Add the following lines and save the file.

    [program:laravel-worker-workflow] user=apache directory= /opt/processmaker/ command= /opt/processmaker/processmaker artisan queue:work --workspace=workflow stdout_logfile= /opt/processmaker/worker-workflow.log autostart=true autorestart=true

    If you have two workspaces or more, add the following lines. For example, the workflow and sample workspaces.

    [program:laravel-worker-workflow] user=apache directory= /opt/processmaker/ command= /opt/processmaker/processmaker artisan queue:work --workspace=workflow stdout_logfile= /opt/processmaker/worker-workflow.log autostart=true autorestart=true [program:laravel-worker-sample] user=apache directory= /opt/processmaker/ command= /opt/processmaker/processmaker artisan queue:work --workspace=sample stdout_logfile= /opt/processmaker/worker-sample.log autostart=true autorestart=true

  5. Enable the laravel-worker-workflow configuration.

    supervisorctl reread supervisorctl update sudo supervisorctl stop all sudo supervisorctl start all sudo systemctl stop supervisord.service sudo systemctl start supervisord.service

    Restart the Supervisor service:

    sudo systemctl stop supervisord.service sudo systemctl start supervisord.service sudo systemctl status supervisord.service

The queue work is ready to run.

Take into account the following:

  • Depending on the distribution, the directory route must maintain its order. This will specify the processmaker workspace.
  • Verify that the configured log file has permissions in the stdout_logfile route. It is recommended that the log file (stdout_logfile) be located within the shared folder of processmaker: /shared/worker.log. This may not be advisable if your environment has many workspaces that have a large workload, your log would be lost in time.
  • The parameters of the command route must be valid according to the workload. For more information consult the Laravel documentation.

Task Scheduler configuration

Available Version: As of ProcessMaker 3.5.0.

Follow the next steps to define the time execution of the ProcessMaker Cron actions in the Laravel Queue Jobs for the Task scheduler configuration:

  1. Make sure you can run Cron Scripts.

  2. Open a terminal and run:

    crontab -e

  3. Add the following line and save the file:

    * * * * * cd /opt/processmaker && ./processmaker artisan schedule:run --workspace=workflow-name --user=server-username >> /dev/null 2>&1

    Where:

    • workflow-name: Name of the ProcessMaker workspace.
    • server-username: Name of the apache server user.

    For example, the following configuration is using the workflow workspace and the apache user:

    * * * * * cd /opt/processmaker && ./processmaker artisan schedule:run --workspace=workflow --user=apache >> /dev/null 2>&1

    Note: To work accordingly with the time set in the Task Scheduler, this cron must be run every minute as in the example.

Database Integrations

This stack supports the following database integrations:

Oracle

To install an Oracle database integration, follow the next steps:

  1. Download the Oracle client for Linux and install it:

    rpm -i oracle-instantclient12.2-basic-12.2.0.1.0-1.x86_64.rpm rpm -i oracle-instantclient12.2-devel-12.2.0.1.0-1.x86_64.rpm

  2. Set the global variables in the system:

    export LD_LIBRARY_PATH=/usr/lib/oracle/12.2/client64/lib export ORACLE_HOME=/usr/lib/oracle/12.2/client64/

  3. Install the dependencies:

    yum -y install cc gcc php-pear php-devel

  4. Install the libraries using pecl:

    pecl install oci8 # When the installer requests the Oracle Home, provide the path to the ORACLE_HOME directory. Use instantclient,/path/to/instant/client/lib if you are compiling with Oracle Instant Client [autodetect] : instantclient,/usr/lib/oracle/12.2/client64/lib

  5. In the /etc/php.ini file, add the extension line:

    extension=oci8.so

  6. Restart the Apache and PHP services:

    service httpd restart & service php-fpm restart

Microsoft SQL Server

To install a Microsoft SQL Server database integration, follow the next steps:

  1. Import the repository:

    curl https://packages.microsoft.com/config/rhel/7/prod.repo > /etc/yum.repos.d/mssql-release.repo

  2. Remove the unixODBC and update the system:

    yum remove unixODBC yum update ACCEPT_EULA=Y yum install msodbcsql-13.0.1.0-1 mssql-tools-14.0.2.0-1 yum install unixODBC-utf16-devel ln -sfn /opt/mssql-tools/bin/sqlcmd-13.0.1.0 /usr/bin/sqlcmd ln -sfn /opt/mssql-tools/bin/bcp-13.0.1.0 /usr/bin/bcp

  3. Install the dependencies:

    yum install gcc-c++ libstdc++ -y

  4. Install the libraries using pecl:

    pecl install sqlsrv pecl install pdo_sqlsrv

  5. In the /etc/php.ini file, add the extension lines:

    extension=sqlsrv.so extension=pdo_sqlsrv.so

  6. Restart the Apache and PHP services:

    service httpd restart & service php-fpm restart

PostgreSQL

To install a PostgreSQL database integration, follow the next steps:

  1. Install the dependencies:

    yum install php-pgsql php-pdo_pgsql

  2. Restart the services:

    service httpd restart & service php-fpm restart

Configuration and ProcessMaker Installation

To learn how to install and configure ProcessMaker, read Configuration and ProcessMaker Installation.