From dc07cbfdc82c73b81609f2b569f57c5563209db6 Mon Sep 17 00:00:00 2001 From: Joseph White Date: Thu, 24 Oct 2024 10:19:31 -0400 Subject: [PATCH 1/4] Update software requirements docs to expunge Centos 7 Also fix some other errors about ssl config and clarify timezone setting reqs --- docs/software-requirements.md | 62 ++++++++++++++--------------------- 1 file changed, 24 insertions(+), 38 deletions(-) diff --git a/docs/software-requirements.md b/docs/software-requirements.md index bd1422b5e3..aaabf01d35 100644 --- a/docs/software-requirements.md +++ b/docs/software-requirements.md @@ -9,7 +9,7 @@ Open XDMoD requires the following software: - [mod_ssl][] - [mod_headers][] - [MariaDB][]/[MySQL][] 5.5.3+, MariaDB 10.3.17+ -- [PHP][] 5.4+, 7.2+, (PHP 8 not supported) +- [PHP][] 7.2+, (PHP 8 not supported) - [PDO][] - [MySQL PDO Driver][pdo-mysql] - [GD][php-gd] @@ -62,32 +62,11 @@ Open XDMoD requires the following software: Linux Distribution Packages --------------------------- -Open XDMoD can be run on any Linux distribution, but has been tested on -CentOS 7. +Open XDMoD is developed and tested with servers running Rocky 8 Linux. The Open XDMoD team +use Rocky 8 for their production Open XDMoD software instances. -Most of the requirements can be installed with the package managers -available from these distributions. - -### CentOS 7 - -**NOTE**: The package list below includes packages included with -[EPEL](https://fedoraproject.org/wiki/EPEL). This repository can be -added with this command for CentOS 7: - - # yum install epel-release - - # yum install httpd php php-cli php-mysql php-gd php-pdo php-xml \ - libreoffice \ - nodejs \ - mariadb-server mariadb cronie logrotate \ - perl-Image-ExifTool php-mbstring php-pecl-apcu jq \ - chromium-headless librsvg2-tools - -**NOTE**: After installing Apache and MySQL you must make sure that they -are running. CentOS may not start these services and they will not -start after a reboot unless you have configured them to do so. - -**NOTE**: APCu is optional, but highly recommended as it provides enhanced performance. +Rocky 8 is the preferred Linux distribution, however Open XDMoD should be able to run on any Linux distribution + that has the appropriate versions of the software dependencies available. ### Rocky 8+ ```sh @@ -109,8 +88,7 @@ dnf module -y reset nodejs dnf module -y install nodejs:16 ``` -**NOTE**: The method to install the system level mongodb drivers has changed for Rocky 8. To account for this, you will -need to run the following: +**NOTE**: The php mongodb drivers are not available as RPMs and must be installed using PECL as follows: ```shell dnf install -y php-devel pecl install mongodb-1.16.2 @@ -136,13 +114,16 @@ Additional Notes ### PHP Open XDMoD is tested to work with the versions of PHP that is supplied with -Centos 7 (PHP 5.4.16) and Rocky 8 (PHP 7.2.24). Open XDMoD is not compatible -with PHP 8 at this time. +Rocky 8 (PHP 7.2.24). Open XDMoD {{ page.sw_version }} is not compatible +with PHP 8. -Some Linux distributions (including CentOS) do not set the timezone used +Some Linux distributions (including Rocky 8) do not set the timezone used by PHP in their default configuration. This will result in many warning -messages from PHP. You should set the timezone in your `php.ini` file -by adding the following, but substituting your timezone: +messages from PHP and will cause data corruption in the XDMoD datawarehouse +if the PHP timezone is different from the OS or Mariadb timezone. + +_You must set the timezone in your `php.ini` file +by adding the following, but substituting your timezone_: ```ini date.timezone = America/New_York @@ -150,14 +131,14 @@ date.timezone = America/New_York The PHP website contains the full list of supported [timezones][]. -Production Open XDMoD instances should use HTTPS, which is enabled via the webserver +Open XDMoD instances must use HTTPS. HTTP is not supported. HTTPS is enabled via the webserver configuration (see below). [timezones]: https://secure.php.net/manual/en/timezones.php ### Apache -Production instances of Open XDMoD should use HTTPS. This requires +Open XDMoD must use HTTPS. This requires the `mod_ssl` module be installed and enabled. The `mod_headers` module is also recommended so that the [HTTP Strict-Transport-Security](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security) header can be set on the webserver. @@ -169,7 +150,7 @@ network access. ### MySQL -Open XDMoD is tested to work with MariaDB 5.5.60 and 10.3.28, and may be +Open XDMoD is tested to work with MariaDB 10.3.28, and may be compatible with more recent releases of MySQL and MariaDB. Open XDMoD is not compatible with MySQL 8.0 at this time. @@ -184,5 +165,10 @@ Open XDMoD has been tested with `chromium-headless` from EPEL, `chromium` from E ### SELinux -Open XDMoD does not work with the default CentOS -SELinux security policy. You will need to disable SELinux. +The default SELinux policy on Rocky 8 does not give sufficient permission +to the webserver software to perform all tasks required by Open XDMoD, +such as connecting to the MariaDB and MongoDB databases, and running the image export +tools. + +It is recommended to either disable SELinux, or to follow the [RedHat SELinux](https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/8/html/using_selinux/index) +documentation to create an SELinux policy for your server. From 189e15f4ad0172e8ef70aeb8aae8253133a0671b Mon Sep 17 00:00:00 2001 From: Joseph White Date: Fri, 25 Oct 2024 14:06:47 -0400 Subject: [PATCH 2/4] Expungify --- docs/latest-releases.md | 3 --- 1 file changed, 3 deletions(-) diff --git a/docs/latest-releases.md b/docs/latest-releases.md index fdc36a5cea..22a1bbf885 100644 --- a/docs/latest-releases.md +++ b/docs/latest-releases.md @@ -4,8 +4,5 @@ title: Latest Releases Below you will find links to our latest releases by supported OS. -# CentOS7 -You can find the latest CentOS 7 build here: [CentOS7 Latest](https://github.com/ubccr/xdmod/releases/latest) - # Rocky 8 You can find the latest Rocky 8 build here: [Rocky 8 Latest](https://github.com/ubccr/xdmod/releases/latest) From 7eaa9608ff040d5924cfbd7b4e10e8dca4af7f75 Mon Sep 17 00:00:00 2001 From: Joseph White Date: Fri, 25 Oct 2024 14:45:05 -0400 Subject: [PATCH 3/4] More updates --- docs/faq.md | 8 -------- docs/software-requirements.md | 22 ++++++++++++++-------- 2 files changed, 14 insertions(+), 16 deletions(-) diff --git a/docs/faq.md b/docs/faq.md index 664d103986..5c00b163d3 100644 --- a/docs/faq.md +++ b/docs/faq.md @@ -10,14 +10,6 @@ See [Software Requirements](software-requirements.html) for details. See [Hardware Requirements](hardware-requirements.html) for details. -### Can I use Open XDMoD with Rocky Linux 8/RHEL 8? - -Open XDMoD 10.0 has a [beta release](https://github.com/ubccr/xdmod/releases/tag/v10.0.0-beta5-el8) version that is compatible with Rocky Linux 8. - -### Does Open XDMoD support PHP versions newer than PHP 5.4? - -Open XDMoD 10.0 has a [beta release](https://github.com/ubccr/xdmod/releases/tag/v10.0.0-beta5-el8) version that is compatible with PHP 7.2. - ### How do I enable LDAP Authentication? Open XDMoD has support for [Single Sign On](simpleSAMLphp.html) diff --git a/docs/software-requirements.md b/docs/software-requirements.md index aaabf01d35..6fda6bf347 100644 --- a/docs/software-requirements.md +++ b/docs/software-requirements.md @@ -9,7 +9,7 @@ Open XDMoD requires the following software: - [mod_ssl][] - [mod_headers][] - [MariaDB][]/[MySQL][] 5.5.3+, MariaDB 10.3.17+ -- [PHP][] 7.2+, (PHP 8 not supported) +- [PHP][] 7.4, (PHP 8 not supported) - [PDO][] - [MySQL PDO Driver][pdo-mysql] - [GD][php-gd] @@ -69,14 +69,21 @@ Rocky 8 is the preferred Linux distribution, however Open XDMoD should be able t that has the appropriate versions of the software dependencies available. ### Rocky 8+ + +**NOTE**: The php version that is enabled by default in Rocky 8 is php 7.2. Open XDMoD +requires php version 7.4 that [is supported until May 2029](https://access.redhat.com/support/policy/updates/rhel-app-streams-life-cycle#rhel8_full_life_application_streams). +```shell +dnf module -y reset php +dnf module -y enable php:7.4 +``` + +The Open XDMoD RPM requires packages that are provided in EPEL. + ```sh dnf install -y epel-release -dnf install -y httpd php php-cli php-mysqlnd php-gd php-pdo php-xml \ - php-pear libreoffice nodejs \ - mariadb-server mariadb cronie logrotate \ - perl-Image-ExifTool php-mbstring php-pecl-apcu jq \ - chromium-headless librsvg2-tools +dnf install -y php make libzip-devel php-pear php-devel \ + mariadb-server mariadb ``` **NOTE**: The nodejs version that is enabled by default in Rocky 8 is nodejs 10. Open @@ -90,7 +97,6 @@ dnf module -y install nodejs:16 **NOTE**: The php mongodb drivers are not available as RPMs and must be installed using PECL as follows: ```shell -dnf install -y php-devel pecl install mongodb-1.16.2 echo "extension=mongodb.so" > /etc/php.d/40-mongodb.ini ``` @@ -114,7 +120,7 @@ Additional Notes ### PHP Open XDMoD is tested to work with the versions of PHP that is supplied with -Rocky 8 (PHP 7.2.24). Open XDMoD {{ page.sw_version }} is not compatible +Rocky 8 (PHP 7.4.24). Open XDMoD {{ page.sw_version }} is not compatible with PHP 8. Some Linux distributions (including Rocky 8) do not set the timezone used From dc6c25a70186abc71b9f1682f055b5f722451563 Mon Sep 17 00:00:00 2001 From: Joseph White Date: Fri, 25 Oct 2024 15:55:41 -0400 Subject: [PATCH 4/4] Update version numbers as per review comments. --- docs/software-requirements.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/software-requirements.md b/docs/software-requirements.md index 6fda6bf347..d93990e0e2 100644 --- a/docs/software-requirements.md +++ b/docs/software-requirements.md @@ -120,7 +120,7 @@ Additional Notes ### PHP Open XDMoD is tested to work with the versions of PHP that is supplied with -Rocky 8 (PHP 7.4.24). Open XDMoD {{ page.sw_version }} is not compatible +Rocky 8 (PHP 7.4.33). Open XDMoD {{ page.sw_version }} is not compatible with PHP 8. Some Linux distributions (including Rocky 8) do not set the timezone used @@ -156,7 +156,7 @@ network access. ### MySQL -Open XDMoD is tested to work with MariaDB 10.3.28, and may be +Open XDMoD is tested to work with MariaDB 10.3.39, and may be compatible with more recent releases of MySQL and MariaDB. Open XDMoD is not compatible with MySQL 8.0 at this time.