Context
- CentOS 7.4 default image on Digital Ocean, entry level plan, with 1 GB RAM
-
Bitnami Tomcat stack -- local/native installation mode
Prerequisites
local$ ssh root@SERVER_IP
swap
add swap if RAM+swap is less than 2 GB
this is a short version of these two guides: Bitnami low memory & Digital Ocean swap guide
# free -m | grep Swap
Swap: 0 0 0
# dd if=/dev/zero of=/myswap count=1024 bs=1MiB
# chmod 600 /swapfile
# ls -lh /swapfile
-rw-------. 1 root root 1.0G Jan 19 19:05 /swapfile
# mkswap /swapfile
Setting up swapspace version 1, size = 1048572 KiB
no label, UUID=ed94f556-38a2-43de-a64b-a3829e85dbd0
# swapon /swapfile
# free -m | grep Swap
Swap: 1023 0 1023
# sysctl vm.swappiness=10
vm.swappiness = 10
#echo "/mnt/swap.0 swap swap defaults 0 0" >> /etc/fstab
# reboot
...# free -m | grep Swap
Swap: 1023 0 1023
perl
# yum install perl perl-Data-Dumper
# perl
Ctrl+D
- if you get a warning regarding locale settings, perform the fix mentioned here https://wiki.jaumesola.com/CentOS
EPEL repo
needed at least for haveged below
# yum install epel-release
haveged
Without this Tomcat may take forever to start (issue with SessionIdGeneratorBase - createSecureRandom). Details here.
# yum install -y haveged # chkconfig haveged on
# reboot
Default install
# curl --remote-name --location https://bitnami.com/redirect/to/168422/bitnami-tomcatstack-8.5.24-2-linux-x64-installer.run
# chmod +x bitnami-tomcatstack-8.5.24-2-linux-x64-installer.run
# ./bitnami-tomcatstack-8.5.24-2-linux-x64-installer.run
- asks for passwords for MySQL root & Tomcat manager
Essential commands
- Start servers (other options: restart, stop, status)
# /opt/tomcatstack-8.5.24-2/ctlscript.sh start
- Uninstall:
- # /opt/tomcatstack-8.5.24-2/uninstall
# rm -rf /opt/tomcatstack-8.5.24-2/
- you may need to do it if there was some problem with the installation, before trying to install again.
Verify it works
http://SERVER_IP should show Bitnami's "welcome" page
Start on boot
# cp /opt/tomcatstack-8.5.24-2/ctlscript.sh /etc/init.d/bitnami-tomcat
# vi /etc/init.d/bitnami-tomcat
#!/bin/sh
#
# chkconfig: 2345 80 30
# description: Bitnami services
# chkconfig --add bitnami-tomcat
# reboot
SFTP
Remote access with SFTP comes enabled. I used FileZilla for it. It needs the loca private key used for ssh, converted to PPK format. This can be done with the Linux utility "puttygen", In CentOS it can be installed with yum:# yum install putty
Let's Encrypt
SSL comes enabled but we need a valid certificate to avoid browser errors. cheatsheet out of this guide.install tool (once)
# mkdir /opt/letsencrypt
# cd /opt/letsencrypt
# curl -O https://dl.eff.org/certbot-auto
# ./certbot-autosetup one domain
# /opt/tomcatstack-8.5.24-2/ctlscript.sh stop
# ./certbot-auto certonly --standalone -d www.example.com
# cd /opt/tomcatstack-8.5.24-2/apache2/conf/
# mkdir old
# mv server.??? old
# ln -s /etc/letsencrypt/live/www.example.com/fullchain.pem server.crt
# ln -s /etc/letsencrypt/live/www.example.com/privkey.pem server.key
# /opt/tomcatstack-8.5.24-2/ctlscript.sh start
autorenew (once)
# ./certbot-auto renew
# crontab -e
44 0,12 * * * /opt/letsencrypt/certbot-auto renew