Skip to content

How to set up WISE on your production server

Jump to bottom
Geoffrey Kwan edited this page Nov 27, 2023 · 26 revisions

Description

This page contains the instructions on how to install WISE on your production server. These specific instructions are for installing WISE onto an Ubuntu server, but WISE should work on other types of Linux servers.

Update Ubuntu

sudo apt update -y

sudo apt upgrade -y

Install MySQL

sudo apt install mysql-server -y

Connect to mysql so you can run mysql commands.

sudo mysql

While in mysql, run these commands. Make sure to replace replace-this-with-a-password and remember the password for later.

create database wise_database;
CREATE USER 'wiseproduser'@'%' IDENTIFIED BY 'replace-this-with-a-password';
GRANT ALL PRIVILEGES ON wise_database.* TO 'wiseproduser'@'%';
FLUSH PRIVILEGES;

Install Redis

sudo apt install redis-server -y

sudo vim /etc/redis/redis.conf

With the redis.conf file open, change supervised no to supervised systemd

Install Nginx

sudo apt install nginx -y

Run these commands to update /etc/nginx/nginx.conf settings

sed 's/http {/http {\n        add_header ip $server_addr;/' -i /etc/nginx/nginx.conf
sed 's/include \/etc\/nginx\/sites-enabled\/\*;/include \/etc\/nginx\/sites-enabled\/\*;\n\n        ##\n        # Browser preferred language detection \(does NOT require AcceptLanguageModule\)\n        ##\n\n        map \$http_accept_language \$accept_language {\n                ~\*\^tr tr;\n                ~\*\^es es;\n                ~\*\^pt pt;\n                ~\*\^ja ja;\n                ~\*\^zh-Hans zh-Hans;\n                ~\*\^zh-Hant zh-Hant;\n                ~\*\^zh-CN zh-Hans;\n                ~\*\^zh-TW zh-Hant;\n        }/' -i /etc/nginx/nginx.conf
sed 's/gzip on;/gzip on;\n        gzip_types text\/plain text\/xml image\/gif image\/jpeg image\/png image\/svg+xml application\/json application\/javascript application\/x-javascript text\/javascript text\/css;/' -i /etc/nginx/nginx.conf
sed 's/TLSv1 //g' -i /etc/nginx/nginx.conf
sed 's/TLSv1.1 //g' -i /etc/nginx/nginx.conf

Delete the default link in /etc/nginx/sites-enabled `` rm /etc/nginx/sites-enabled/default


Create the file /etc/nginx/sites-enabled/wise.conf and put the contents below into it

upstream tomcat { server 127.0.0.1:8080 fail_timeout=0; }

server { listen 80; server_name replace-with-website-address; charset utf-8; access_log off; rewrite ^/wise5/(.*)$ /assets/wise5/$1 last;

location ~ ^/(curriculum|studentuploads) { root /opt/tomcat/webapps; try_files $uri $uri/ =404; }

location ~* ^/(admin|api|portal|projectIcons|websocket|teacher/account/info|teacher/management|student/account/info|pages) { include proxy_params; proxy_pass http://tomcat; client_max_body_size 50M; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_set_header X-Forwarded-Proto https; }

if ($accept_language ~ "(es|ja|pt|tr|zh-Hant|zh-Hans)") { # Redirect "/" to Angular app in browser's preferred language rewrite ^/$ /$accept_language permanent; }

Everything under the Angular app is always redirected to Angular in the correct language

location ~ ^/(es|ja|pt|tr|zh-Hant|zh-Hans) { root /usr/share/nginx/html/wise-client; try_files $uri /$1/index.html?$args; }

location / { root /usr/share/nginx/html/wise-client/en-US; try_files $uri $uri/ /index.html; } }


### Install Java

sudo apt install openjdk-11-jdk-headless -y


### Create Tomcat group

groupadd -g 1001 tomcat


### Create tomcat user

useradd -u 1001 -g tomcat -c "Apache Tomcat" -d $CATALINA_HOME -s /usr/sbin/nologin tomcat


### Add ubuntu user to tomcat group

usermod -a -G tomcat ubuntu


### Create Tomcat directory

mkdir /opt/tomcat


### Make tomcat user the owner of the tomcat directory

chown tomcat:tomcat /opt/tomcat


### Download Tomcat 9

wget -P /tmp https://archive.apache.org/dist/tomcat/tomcat-9/v9.0.82/bin/apache-tomcat-9.0.82.tar.gz


### Unpack Tomcat 9

tar xzvf /tmp/apache-tomcat-9.0.82.tar.gz -C /opt/tomcat --strip-components=1


### Give tomcat user ownership of the tomcat directory contents

chown -R tomcat:tomcat /opt/tomcat


### Give tomcat user execute permission on tomcat bin folder

chmod -R u+x /opt/tomcat/bin


### Create the Tomcat service file

Open the tomcat.service file for editing. This file does not exist yet.

sudo vim /etc/systemd/system/tomcat.service


Paste the text below into the tomcat.service file.

[Unit] Description=Tomcat After=network.target

[Service] Type=forking

User=tomcat Group=tomcat

Environment="JAVA_HOME=/usr/lib/jvm/java-1.11.0-openjdk-amd64" Environment="JAVA_OPTS=-Djava.security.egd=file:///dev/urandom" Environment="CATALINA_BASE=/opt/tomcat" Environment="CATALINA_HOME=/opt/tomcat" Environment="CATALINA_PID=/opt/tomcat/temp/tomcat.pid" Environment="CATALINA_OPTS=-Xms512M -Xmx2048M -server -XX:+UseParallelGC"

ExecStart=/opt/tomcat/bin/startup.sh ExecStop=/opt/tomcat/bin/shutdown.sh

RestartSec=10 Restart=always

[Install] WantedBy=multi-user.target


### Remove the default Tomcat ROOT folder

rm -rf /opt/tomcat/webapps/ROOT


### Add https to the Tomcat server.xml file

sed 's/<Connector port="8080"/<Connector port="8080" scheme="https"/' -i $CATALINA_HOME/conf/server.xml


### Reload the daemon

systemctl daemon-reload


### Start Tomcat

systemctl start tomcat


### Enable Tomcat on startup

systemctl enable tomcat


### Create Tomcat curriculum and studentuploads folders

sudo -u tomcat -g tomcat mkdir /opt/tomcat/webapps/curriculum sudo -u tomcat -g tomcat mkdir /opt/tomcat/webapps/studentuploads

Clone this wiki locally