Please rate how useful you found this document: 
Average: 3 (2 votes)

Overview

Stack 285 provides detailed information about the database and application server configurations needed to correctly install the following versions of ProcessMaker on the platform CentOS/RHEL 7.x (Latest Available Version) under the Apache 2.4 web server.

ProcessMaker 3.8.x

Stack 285 is supported by ProcessMaker, meaning that it has been tested by the Quality Control team.

Summary

Platform Database PHP
CentOS/RHEL 7.x (Latest Available Version) MySQL 8.0 8.1.x
Web Server Filesystem Architecture
Apache 2.4 xfs 64-bit

Disclaimer

The stack procedure and references described below are used by ProcessMaker in its cloud environment and it works appropriately in cloud configurations. If this stack is ever implemented on-premise by the client’s IT staff or similar, ProcessMaker Inc. does not guarantee the correct implementation functioning.

Environment

Assuming you already have the last CentOS 7.x Core or Desktop installed and have the proper permissions by typing the command sudo su and entered the administrator password you can run the following commands to have the stack ready to install ProcessMaker.

Step 1: Update your Server

Make sure that your server is running the latest version.

yum -y update

Warning: Depending on your CentOS version, the server update should take a long time to complete the update.

Step 2: Remove MariaDB

By default CentOS 7.x comes with some modules of MariaDB installed. So we need to uninstall them.

yum -y remove mariadb*

Step 3: Install MySQL 8

To install MySQL 8.0, follow the next steps:

1. Run the command lines to download the repositories:

yum localinstall -y https://repo.mysql.com/mysql80-community-release-el7-3.noarch.rpm rpm --import https://repo.mysql.com/RPM-GPG-KEY-mysql-2022 yum install -y mysql-community-server

2. Start the MySQL service and set it to start automatically at boot.

systemctl start mysqld systemctl enable mysqld

3. Make sure the mysql service is running by checking its status.

systemctl status mysqld

The status of the mysql service should be "active (running)":

MySQL Configuration

Before using MySQL, follow the next steps:

1. A temporary password is already defined so you need to check it before you run the mysql_secure_installation. To do this, use the following command:

grep "temporary password" /var/log/mysqld.log

Use this temporary password when running mysql_secure_installation.

2. Use the mysql_secure_installation command to set up a secure database environment and establish a root password to use in the ProcessMaker installation.

mysql_secure_installation

The wizard installation begins.

3. Follow the wizard's instructions to secure MySQL.

Warning: The default password policy implemented by validate_password of MySQL 8.0 requires that passwords contain at least one uppercase character, one lowercase character, one numeric character, and one special (nonalphanumeric) character, and that the total password length is at least 8 characters. To know more about validate_password, see The Password Validation Plugin.

Enter the temporary root password. If the temporary password has expired, you need to enter a new password.

4. Change the root password. If it was defined in the step three, skip this step.

5. Confirm to remove anonymous users.

6. Confirm to disable the remote root login.

If MySQL is running in another server, you must create a new user and give this user the permissions to access.

7. Confirm to remove the test database.

8. Reload privilege tables.

The MySQL installation is now secure.

9. Turn off Derived Table Merging Flags.

echo "optimizer_switch = derived_merge=off" >> /etc/my.cnf

10. Disable MySQL Strict Mode on the Server.

echo 'sql_mode= ""' >> /etc/my.cnf

11. Restart the MySQL service.

systemctl restart mysqld

12. Apply "mysql_native_password“ which is used by ProcessMaker.

echo "default_authentication_plugin = mysql_native_password" >> /etc/my.cnf

13. Enable MySQL console using the following command.

mysql -u root -p

14. Execute the next SQL commands in MySQL server.

ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY '{current-password}'; ALTER USER 'root'@'%' IDENTIFIED WITH mysql_native_password BY '{current-password}';

Step 4: Install Apache 2.4

mod_ssl is an Apache module that provides SSL v2/v3 and TLS v1 support for the Apache HTTP server necessary for ProcessMaker. Run the commands in the following steps to install Apache 2.4 and the SSL module:

1. Install Apache and SSL module.

yum -y install httpd mod_ssl

2. ProcessMaker needs to use modules on the Apache web server. Enable these modules:

sed -i 's@#LoadModule expires_module modules/mod_expires.so@LoadModule expires_module modules/mod_expires.so@' /etc/httpd/conf/httpd.conf ; sed -i 's@#LoadModule rewrite_module modules/mod_rewrite.so@LoadModule rewrite_module modules/mod_rewrite.so@' /etc/httpd/conf/httpd.conf ; sed -i 's@#LoadModule deflate_module modules/mod_deflate.so@LoadModule deflate_module modules/mod_deflate.so@' /etc/httpd/conf/httpd.conf ; sed -i 's@#LoadModule vhost_alias_module modules/mod_vhost_alias.so@LoadModule vhost_alias_module modules/mod_vhost_alias.so@' /etc/httpd/conf/httpd.conf ; sed -i 's@#LoadModule filter_module modules/mod_filter.so@LoadModule filter_module modules/mod_filter.so@' /etc/httpd/conf/httpd.conf ;

3. Start the Apache service and set it to start automatically at boot.

systemctl start httpd.service systemctl enable httpd.service

4. Make sure the httpd service is running by checking its status.

systemctl status httpd.service

The status of the httpd service should be "active (running)":

Step 5: Install and Configure PHP 8.1.x + PHP-FPM + OpCache

To install and configure PHP 8.1.x + PHP-FPM + OpCache, follow the next steps:

1. Add the EPEL (CentOS 7.x) repositories or RedHat ones to install PHP.

rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm rpm -Uvh http://rpms.remirepo.net/enterprise/remi-release-7.rpm

2. Install PHP and its modules.

yum install yum-utils yum-config-manager --enable remi-php81 yum -y install php php-cli php-opcache php-fpm php-gd php-mysqlnd php-soap php-mbstring php-ldap php-xml php-imap php-zip

Check if all the PHP modules were installed.

php -m

The outcome will be similar to the following:

[PHP Modules] bz2 calendar Core ctype curl date exif fileinfo filter ftp gd gettext gmp hash iconv imap json ldap libxml mbstring mysqli mysqlnd openssl pcntl pcre PDO pdo_mysql pdo_sqlite Phar readline Reflection session shmop SimpleXML soap sockets SPL sqlite3 standard tokenizer xml Zend OPcache zip zlib

3. Start and enable the PHP-FPM service.

systemctl start php-fpm systemctl enable php-fpm

4. In the php.ini file, set the standard ProcessMaker configurations.

sed -i '/short_open_tag = Off/c\short_open_tag = On' /etc/php.ini sed -i '/post_max_size = 8M/c\post_max_size = 24M' /etc/php.ini sed -i '/upload_max_filesize = 2M/c\upload_max_filesize = 24M' /etc/php.ini sed -i '/;date.timezone =/c\date.timezone = America/New_York' /etc/php.ini sed -i '/expose_php = On/c\expose_php = Off' /etc/php.ini

Note: The memory_limit should be set to 256M as the minimum value. For more information, check how to Increase The Memory Limit.

5. Set OpCache configurations.

sed -i '/;opcache.enable_cli=0/c\opcache.enable_cli=1' /etc/php.d/10-opcache.ini sed -i '/opcache.max_accelerated_files=4000/c\opcache.max_accelerated_files=10000' /etc/php.d/10-opcache.ini sed -i '/;opcache.max_wasted_percentage=5/c\opcache.max_wasted_percentage=5' /etc/php.d/10-opcache.ini sed -i '/;opcache.use_cwd=1/c\opcache.use_cwd=1' /etc/php.d/10-opcache.ini sed -i '/;opcache.validate_timestamps=1/c\opcache.validate_timestamps=1' /etc/php.d/10-opcache.ini sed -i '/;opcache.fast_shutdown=0/c\opcache.fast_shutdown=1' /etc/php.d/10-opcache.ini

Note: If you are upgrading from a server that has the Enhanced Login plugin installed, set the following variable in the php.ini file: session.save_path = /var/lib/php/session

6. Create the processmaker.conf file to include PHP-FPM configuration.

nano /etc/php-fpm.d/processmaker.conf

7. Include the following to the configuration file and save the file.

[processmaker] user = apache group = apache listen = /var/run/php-fpm/processmaker.sock listen.mode = 0664 listen.owner = apache listen.group = apache pm = dynamic pm.max_children = 100 pm.start_servers = 20 pm.min_spare_servers = 20 pm.max_spare_servers = 50 pm.max_requests = 500 php_admin_value[error_log] = /var/log/php-fpm/processmaker-error.log php_admin_flag[log_errors] = on clear_env = no

Step 6: Install Firewall and Open ProcessMaker's Port

By default, CentOS 7.x can not work without a firewall, therefore it is recommended to install Firewalld so it can be easily configured. Firewalld is a dynamic daemon that manages a firewall with support for networks zones. To install it run the following steps:

1. Install Firewalld.

yum -y install firewalld

2. Set the service to start automatically.

systemctl start firewalld systemctl enable firewalld

3. Open the port where ProcessMaker will run, which is port 80 by default. To use a port other than port 80, it is necessary to change the port number using the following command.

firewall-cmd --zone=public --add-port=3306/tcp --permanent firewall-cmd --zone=public --add-port=80/tcp --permanent firewall-cmd --zone=public --add-port=443/tcp --permanent firewall-cmd --reload

Step 7: Disable SELinux

SELinux causes many problems, which it is often easier to disable. Run the next commands to disable SELinux:

yum -y install policycoreutils-python semanage permissive -a httpd_t systemctl restart httpd systemctl restart php-fpm

Install and Configure Supervisor

To install and configure a Supervisor, follow the next steps:

Note: After every command execution, verify if there are error or warning messages. This may be due to wrong file permissions.

  1. Open a terminal and run as a supervisor user by writing the following.

    su or sudo -i
  2. Install and enable the Supervisor.

    yum -y install supervisor systemctl start supervisord systemctl enable supervisord
  3. Create the laravel-worker-workflow.ini file in the /etc/supervisord.d/ folder.

    nano /etc/supervisord.d/laravel-worker-workflow.ini
  4. Add the following lines and save the file.

    [program:laravel-worker-workflow] user=apache directory= /opt/processmaker/ command= /opt/processmaker/processmaker artisan queue:work --workspace=workflow stdout_logfile= /opt/processmaker/worker-workflow.log autostart=true autorestart=true

    If you have two workspaces or more, add the following lines. For example, the workflow and sample workspaces.

    [program:laravel-worker-workflow] user=apache directory= /opt/processmaker/ command= /opt/processmaker/processmaker artisan queue:work --workspace=workflow stdout_logfile= /opt/processmaker/worker-workflow.log autostart=true autorestart=true [program:laravel-worker-sample] user=apache directory= /opt/processmaker/ command= /opt/processmaker/processmaker artisan queue:work --workspace=sample stdout_logfile= /opt/processmaker/worker-sample.log autostart=true autorestart=true
  5. Enable the laravel-worker-workflow configuration.

    supervisorctl reread supervisorctl update sudo supervisorctl stop all sudo supervisorctl start all sudo supervisorctl status all

    Restart the Supervisor service:

    sudo systemctl stop supervisord.service sudo systemctl start supervisord.service sudo systemctl status supervisord.service

The queue work is ready to run.

Take into account the following:

  • Depending on the distribution, the directory route must maintain its order. This will specify the processmaker workspace.
  • Verify that the configured log file has permissions in the stdout_logfile route. It is recommended that the log file (stdout_logfile) be located within the shared folder of processmaker: /shared/worker.log. This may not be advisable if your environment has many workspaces that have a large workload, your log would be lost in time.
  • The parameters of the command route must be valid according to the workload. For more information consult the Laravel documentation.

Database Integrations

This stack supports the following database integrations:

Oracle

To install an Oracle database integration, follow the next steps:

  1. Download the Oracle client for Linux and install it:

    rpm -i oracle-instantclient12.2-basic-12.2.0.1.0-1.x86_64.rpm rpm -i oracle-instantclient12.2-devel-12.2.0.1.0-1.x86_64.rpm
  2. Set the global variables in the system:

    export LD_LIBRARY_PATH=/usr/lib/oracle/12.2/client64/lib export ORACLE_HOME=/usr/lib/oracle/12.2/client64/
  3. Install the dependencies:

    yum -y install cc gcc php-pear php-devel
  4. Install the libraries using pecl:

    pecl install oci8 # When the installer requests the Oracle Home, provide the path to the ORACLE_HOME directory. Use instantclient,/path/to/instant/client/lib if you are compiling with Oracle Instant Client [autodetect] : instantclient,/usr/lib/oracle/12.2/client64/lib
  5. In the /etc/php.ini file, add the extension line:

    extension=oci8.so
  6. Restart the Apache and PHP services:

    service httpd restart & service php-fpm restart

Microsoft SQL Server

To install a Microsoft SQL Server database integration, follow the next steps:

  1. Import the repository:

    curl https://packages.microsoft.com/config/rhel/7/prod.repo > /etc/yum.repos.d/mssql-release.repo
  2. Remove the unixODBC and update the system:

    yum remove unixODBC yum update ACCEPT_EULA=Y yum install msodbcsql-13.0.1.0-1 mssql-tools-14.0.2.0-1 yum install unixODBC-utf16-devel ln -sfn /opt/mssql-tools/bin/sqlcmd-13.0.1.0 /usr/bin/sqlcmd ln -sfn /opt/mssql-tools/bin/bcp-13.0.1.0 /usr/bin/bcp
  3. Install the dependencies:

    yum install gcc-c++ libstdc++ -y
  4. Install the libraries using pecl:

    pecl install sqlsrv pecl install pdo_sqlsrv
  5. In the /etc/php.ini file, add the extension lines:

    extension=sqlsrv.so extension=pdo_sqlsrv.so
  6. Restart the Apache and PHP services:

    service httpd restart & service php-fpm restart

PostgreSQL

To install a PostgreSQL database integration, follow the next steps:

  1. Install the dependencies:

    yum install php-pgsql php-pdo_pgsql
  2. Restart the services:

    service httpd restart & service php-fpm restart

Configuration and ProcessMaker Installation

To learn how to install and configure ProcessMaker, read Configuration and ProcessMaker Installation.