Koozali.org: home of the SME Server
Obsolete Releases => SME 7.x Contribs => Topic started by: wjhobbs on May 27, 2007, 04:26:02 PM
-
I have been asked to publish this how-to. Please bear in mind that it is for LSMB 1.1.x which is not the most current release.
Also, this is what worked for me. You may have a different experience. If something goes wrong, it's your problem.
How to Install LedgerSMB
Note: These instructions are for LedgerSMB 1.1.x. Subsequent versions may require a slightly different install process.
LedgerSMB is a fork of SQL-Ledger. There are certain requirements for LedgerSMB:
Perl, 5+
http server (e.g., Apache)
PostgreSQL, 8.0+
Perl modules: DBD, DBD-pg and DBI
LaTeX
SME Server 7 has Perl 5 and Apache. It has postgresql-lib 7.4, which will get updated as part of installing posgresql 8. The C compiler is needed for the Perl modules. Latex is needed for proper form/report output of LedgerSMB.
Install All Required Packages
Install PostgreSQL
# yum --enablerepo=centosplus install postgresql postgresql-contrib postgresql-devel postgresql-docs postgresql-pl postgresql-python postgresql-test
Install LaTeX and the C compiler.
# yum --enablerepo=base --enablerepo=updates install tetex-latex gcc
Perform post-upgrade and reboot.
Setup Postgres
Launch Postgresql
# /etc/init.d/postgresql start
Create template directories
# mkdir -p /etc/e-smith/templates/var/lib/pgsql/data
# mkdir -p /etc/e-smith/templates-custom/var/lib/pgsql/data
Copy original config file into template directory
# cp /var/lib/pgsql/data/postgresql.conf /etc/e-smith/templates/var/lib/pgsql/data
# cp /var/lib/pgsql/data/pg_hba.conf /etc/e-smith/templates/var/lib/pgsql/data
Make modifications for this SME install:
This changes '#tcpip_socket = false' to 'tcpip_socket = true' whilst making the copy (all three lines constitute one command)
# sed '/#tcpip_socket/s/#tcpip_socket/tcpip_socket/;s/false/true/' \
/etc/e-smith/templates/var/lib/pgsql/data/postgresql.conf > \
/etc/e-smith/templates-custom/var/lib/pgsql/data/postgresql.conf
This changes 'local all all ident sameuser' to '#local all all ident sameuser' whilst making the copy (all three lines constitute one command)
# sed -e '/local/s/local[ ]*all[ ]*all/#local all all/' \
/etc/e-smith/templates/var/lib/pgsql/data/pg_hba.conf > \
/etc/e-smith/templates-custom/var/lib/pgsql/data/pg_hba.conf
..and this adds some lines BUT replace $ipstring with the ip address of the server and replace $maskstring with the ip mask – probably 255.255.255.0
# echo "local all all trust" >> /etc/e-smith/templates-custom/var/lib/pgsql/data/pg_hba.conf
# echo "host all all $ipstring $maskstring trust" >> /etc/e-smith/templates-custom/var/lib/pgsql/data/pg_hba.conf
# echo "host all all 0.0.0.0 255.255.255.255 reject" >> /etc/e-smith/templates-custom/var/lib/pgsql/data/pg_hba.conf
# echo "host all all 127.0.0.1 255.255.255.255 trust" >> /etc/e-smith/templates-custom/var/lib/pgsql/data/pg_hba.conf
If you are copying and pasting, be careful of the lines with ">>" in them. i.e. "echo "local all all trust" >> " due to wrapping in this listing, the line may break in two, however, the entire line should be on one line with no line break or it will have problems.
# /sbin/e-smith/expand-template /var/lib/pgsql/data/pg_hba.conf
# /sbin/e-smith/expand-template /var/lib/pgsql/data/postgresql.conf
# /etc/init.d/postgresql stop
# /etc/init.d/postgresql start
Enable automatic launching of postgres on system start
# ln -s /etc/init.d/postgresql /etc/rc.d/rc7.d/S56postgresql
# ln -s /etc/init.d/postgresql /etc/rc.d/rc6.d/K03postgresql
Update Perl
Update perl so that we can get Postgres connected to the LedgerSMB application. (This is where gcc is needed.)
# perl -MCPAN -eshell
**(Lots of things happen here - just accept the defaults unless you know differently!!
For the missing programs (e.g. ftp) follow the directions and use: space [enter].)
# cpan> install Bundle::CPAN
# cpan> reload cpan
# cpan> install MD5
# cpan> install Storable
# cpan> install DBI
**(Lots of things happen - check right at the end to see that the operation completed OK)
# cpan> install DBD::Pg
**(Lots of things happen - check right at the end to see that the operation completed OK)
# cpan> exit
Install LedgerSMB
This how-to assumes that you have a ‘software’ ibay for contribs and other downloaded software. It also presumes you are going to install to the recommended /usr/local directory.
Download the latest version into the ‘ledgersmb’ directory in the ‘software’ ibay.
# cd /home/e-smith/files/ibays/ledgersmb/html
# wget http://downloads.sourceforge.net/ledger-smb/ledger-smb-1.1.12.tar.gz?modtime=1174299518&big_mirror=0
Copy the file to /usr/local
# cp /home/e-smith/files/ibays/software/files/ledgersmb/ledger-smb-1.1.12.tar.gz /usr/local/ledger-smb-1.1.12.tar.gz
And unpack the file
# cd /usr/local
# tar xzvf ledger-smb-1.1.12.tar.gz
You should now have a directory ‘/usr/local/ledger-smb’ with LedgerSMB components in it. You may now delete the copy of the download gzip file that is in /usr/local.
# rm ledger-smb-1.1.12.tar.gz
Now rename ledger-smb.conf
# cd /usr/local/ledger-smb
# mv ledger-smb.conf.default ledger-smb.conf
Now set permissions so that the Apache user ‘www’ can access ledger-smb.
# cd /usr/local/ledger-smb
# chown -hR www:www users templates css spool
Make Installation SME Standard
This installation presumes that you will be accessing the application with a url of the form ‘ledgers.domain.ca’. If the application was installed in an ibay, you would simply point the domain at the ibay and the standard templates would look after setting the document root for the domain to the ibay.
However, installing an non-ibay directory makes things a little more complicated. We need to set up a template fragment to set the proper document root – but only for the specific virtual domain.
To do that, create the custom templates directory.
# mkdir -p /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf/VirtualHosts
Then copy the fragment that sets document root from the standard to the custom-template directory.
# cp /etc/e-smith/templates/etc/httpd/conf/httpd.conf/VirtualHosts/20IbayContent /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf/VirtualHosts/20IbayContent
Then go to the custom template directory and edit the 20IbayContent fragment.
# cd /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf/VirtualHosts
# pico 20IbayContent
{
if ($virtualHost eq "ledgers.imsig.ca")
{
$OUT = "";
$OUT .= " DocumentRoot /usr/local/ledger-smb\n\n";
}
else
{
... Standard 20IbayContent fragment code ...
}
}
An opening brace is added at the top of the standard template code and a closing brace is added at the bottom. Following the opening brace, insert the if...else structure. NOTE: Ensure that you substitute the correct virtual host name in the If statement. All of the standard template code remains untouched.
(hit CTL-O to save and CTL-X to exit)
Now add the Directory specifications to another template fragment.
# cd /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf
# pico 95ledger-smb
(insert the following ...)
<Directory /usr/local/ledger-smb>
AllowOverride All
AddHandler cgi-script .pl
AddDefaultCharset On
Options ExecCGI Includes FollowSymlinks
Order Allow,Deny
Allow from All
</Directory>
<Directory /usr/local/ledger-smb/users>
Order Deny,Allow
Deny from All
</Directory>
(end of insert, hit CTL-O to save and CTL-X to exit)
Now expand the template and thus create a new httpd.conf file
# /sbin/e-smith/expand-template /etc/httpd/conf/httpd.conf
And restart the web server
# /etc/rc7.d/S86httpd-e-smith restart
Prepare PostgreSQL
Create one database user with create database (superuser) privileges to manage the datasets and tables for LedgerSMB.
# su - postgres
$ createuser -d ledger-smb
Shall the new user be allowed to create databases? (y/n) y
Shall the new user be allowed to create more new users? (y/n) n
$ exit
Now install PL/PGSQL in template1
# su - postgres
$ createlang plpgsql template1
$ exit
Logon
With a web browser go to ‘ledgers.mydomain.ca/admin.pl’
(be sure to specify the ‘admin.pl’ portion for your first logon) and you will be asked to provide an administrator password.
Ensure Encrypted Access to LedgerSMB
In this step, set up a rewrite rule to change all ‘http://’ requests to ‘https://’ for all cases where ledgers.mydomain.ca is the virtual domain so that communication with LedgerSMB over the Internet is encrypted.
This is to access the system with something like www.ledgers.mydomain.ca/.
# mkdir -p /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf/VirtualHosts
# cd /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf/VirtualHosts
# pico 60WebRedirect
and insert the following...
{
if ($virtualHost eq "ledgers.imsig.ca" and $port ne "443")
{
$OUT = "";
$OUT .= "# \n"
. "# RewriteRule directive for LedgerSMB - force https: \n"
. "# \n"
. " RewriteEngine on \n"
. ' RewriteRule ^/(.*)$ https://ledgers.imsig.ca/$1 [R,L] \n';
}
else
{
' ';
}
}
NOTE: Be sure to replace the domain name appropriately.
Expand the template and to create a new Apache configuration file (httpd.conf)
# /sbin/e-smith/expand-template /etc/httpd/conf/httpd.conf
Restart the Apache web server
# /etc/rc7.d/S86httpd-e-smith restart
Ensure Password-restricted Access
Create the Password File
Create a separate directory to hold the password file.
# mkdir -p /usr/local/ledger-access
Now create a password file. This example presumes that the password file will be called ‘accessctl’ and that your user ID will be ‘ledger-smb’.
# cd /usr/local/ledger-access
# htpasswd -c accessctl ledger-smb
The system will prompt you to enter a password twice. (Remember the password!)
Adjust the Directory Spec
Modify the Directory specification template prepared earlier.
# cd /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf
# pico 95ledger-smb
(insert the portion "AuthName ... Satisfy All")
<Directory /usr/local/ledger-smb>
AllowOverride All
AddHandler cgi-script .pl
AddDefaultCharset On
Options ExecCGI Includes FollowSymlinks
Order Allow,Deny
Allow from All
AuthName "LedgerSMB"
AuthType Basic
AuthUserFile /usr/local/ledger-access/accessctl
Require user ledger-smb
Satisfy All
</Directory>
<Directory /usr/local/ledger-smb/users>
Order Deny,Allow
Deny from All
</Directory>
(hit CTL-O to save and CTL-X to exit)
Now expand the template and thus create a new httpd.conf file
# /sbin/e-smith/expand-template /etc/httpd/conf/httpd.conf
And restart the web server
# /etc/rc7.d/S86httpd-e-smith restart
When you access the LedgerSMB system you should be challenged to enter a user id and password. Enter ‘ledger-smb’ as the user id (that you created with the htpasswd command) and enter the password you specified.
Ensure the Database Gets Backed Up
The LedgerSMB application and database are not in the standard SME Server backup list and must be explicitly included in any backup.
The directory /usr/local/ledger-smb must be included in the list of locations covered in the backup. Restoring this should restore the application to a functioning state.
The directory /var/lib/pgsql must be included in the list of locations covered in the backup. This is where the database is. When doing a full system restore, reinstall PostgreSQL before restoring this directory.
However, remember that if the database is actively in use at the time of the backup, it may be in an unstable state. Therefore this backup process must be augmented by a process of regularly backing up each company’s set of books from within ledger-smb. These ledger-smb backups should be restored before attempting to use ledger-smb.
*****************
Hope this helps.
John
-
I have been asked to publish this how-to. Please bear in mind that it is for LSMB 1.1.x which is not the most current release.
Please put it in the Howto (http://wiki.contribs.org/Category:Howto) section of the wiki (http://wiki.contribs.org) to keep all documentation properly sorted and stored in one location, this way other users can easily update or modify when neccesarry as well.
-
I've been following this howto but I'm stuck with the subdomain. The site is not found.
Questions:
Besides, wouldn't be simpler to install this software in /opt/lsmb and follow the same method as other apps?
Do you use php5?
-
I excluded virtualHosts and used 95sql-ledger like this:
[b]Alias /lsmb /usr/local/ledger-smb[/b]
<Directory /usr/local/ledger-smb>
AllowOverride All
AddHandler cgi-script .pl
AddDefaultCharset On
Options ExecCGI Includes FollowSymlinks
Order Allow,Deny
Allow from All
AuthName "LedgerSMB"
AuthType Basic
AuthUserFile /usr/local/ledger-access/accessctl
Require user ledger-smb
Satisfy All
</Directory>
<Directory /usr/local/ledger-smb/users>
Order Deny,Allow
Deny from All
</Directory>
Access to /lsmb requires a login and I have admin.pl !
-
Thanks to your help I got it working!
Now I'll try to adapt this for /opt/lsmb
This version looks like an old version of SL!
-
Update Perl
Update perl so that we can get Postgres connected to the LedgerSMB application. (This is where gcc is needed.)
# perl -MCPAN -eshell
**(Lots of things happen here - just accept the defaults unless you know differently!!
For the missing programs (e.g. ftp) follow the directions and use: space [enter].)
# cpan> install Bundle::CPAN
# cpan> reload cpan
# cpan> install MD5
# cpan> install Storable
# cpan> install DBI
**(Lots of things happen - check right at the end to see that the operation completed OK)
# cpan> install DBD::Pg
**(Lots of things happen - check right at the end to see that the operation completed OK)
# cpan> exit
You can more easily install all packages using yum at least the perl-DBD-Pg and the perl-DBI can be found in the base repository, the perl-MD5 library can be found in the DAG (http://wiki.contribs.org/Dag) repository. If you have configured them all properly you could easily install them like this from the SME Server shell:
yum install perl-DBD-Pg perl-DBI perl-MD5 --enablerepo=dag
I believe the perl-Storable (http://dag.wieers.com/rpm/packages/perl-Storable/perl-Storable-2.11-1.2.el4.test.i386.rpm) module is also in the DAG repsitory, but this is not released yet as it is a test version.
-
Thanks, but these were done already...
-
Sophie,
When you got the howto ready could you post it or put it in the Wiki? I'm interested in testing with LSMB. Current version of LedgerSMB seems to be 1.2.5 at the moment.
Thanx!
jester.
-
Ok I'll do it in a few weeks if postgres8 does not become a problem.
-
Besides, wouldn't be simpler to install this software in /opt/lsmb and follow the same method as other apps?
Do you use php5?
You should be able to install in /opt/lsmb by just changing the references to /usr/local/ledger-smb to /opt/lsmb.
I have the stock SME7 which is php4.
This version looks like an old version of SL!
LBMS 1.1.x is SL with a few security fixes applied. Version 1.2.x starts a more fundamental fork. But there have been some bugs encountered with 1.2 so I am waiting for it to settle down before I upgrade.
Access to /lsmb requires a login and I have admin.pl !
I am providing external access to LSMB so my accountant can access the books. I want an extra layer security for that reason. Maybe I'm just paranoid.:) There's nothing in LSMB that forces a user to assign themselves a strong password. So I don't think I can rely on LSMB user passwords as the sole defense.
John
-
Please put it in the Howto (http://wiki.contribs.org/Category:Howto) section of the wiki (http://wiki.contribs.org) to keep all documentation properly sorted and stored in one location, this way other users can easily update or modify when neccesarry as well.
I guess I'll have to learn how to use a Wiki! :wink:
John
-
I have followed the howto but now how do i access ledgesmb ? I am also very confused about the virtual domains, can i simpy set the virtual domain as stated in the howto?
I only need access locally!
thanks ppl
-
no you should not. Use someting like "ledger.your.domain"
If it works, you should be able to access this way:
https://ledger.your.domain/admin.pl
Use the same "your.domain" as the one you set for the server.
-
ok, in my case when i look at configuration review in the server-manager, my domain is:
http://www.vs.local
vs.local is my domain.
But when i browse to the domain url i get a page cannot be displayed.. i have checked and it is pointing to an ibay with and index.html file in the html folder, so i should be able to see this.
there must be something wrong here..
-
then you should use http://ledger.vs.local
in the virtual domains templates and in your browser
-
ok i am re-installing sme and will give it a try from a fresh install.
thanks for the help, will let you all know how it goes.
-
the following two commands doesnt seem to be recognized.. (entered each as one command)
also when looking into the postgresql.conf i cant find the tcpip_socket entry...
Any ideas?
For the second command i entered it manually..will this still work?
# sed '/#tcpip_socket/s/#tcpip_socket/tcpip_socket/;s/false/true/' \
/etc/e-smith/templates/var/lib/pgsql/data/postgresql.conf > \
/etc/e-smith/templates-custom/var/lib/pgsql/data/postgresql.conf
# sed -e '/local/s/local[ ]*all[ ]*all/#local all all/' \
/etc/e-smith/templates/var/lib/pgsql/data/pg_hba.conf > \
/etc/e-smith/templates-custom/var/lib/pgsql/data/pg_hba.conf
-
Just copy/paste the lines to your terminal session, omitting the # sign
If it doesn't work, tell us what's the error message!
-
Thanks soprom for your help.. I have followed the how to until where i install the virtual domain and then test by browsing to:
"With a web browser go to ‘ledgers.mydomain.ca/admin.pl’ "
in my case http://ledgers.vs.local/admin.pl
But i get a "page cannot be found"
For the conf files, i made changes manually:
/etc/e-smith/templates/var/lib/pgsql/data/pg_hba.conf
/etc/e-smith/templates-custom/var/lib/pgsql/data/pg_hba.conf
And for these, there is no tcpip_socket entry ( i searched for it)
/etc/e-smith/templates/var/lib/pgsql/data/postgresql.conf
/etc/e-smith/templates-custom/var/lib/pgsql/data/postgresql.conf
Is there anything and i can test, to see if everything is installed correctly?
thanks again
Vance
-
is there any easy way to check that all is running??
Perl, 5+
http server (e.g., Apache)
PostgreSQL, 8.0+
Perl modules: DBD, DBD-pg and DBI
LaTeX
Cant get this to work :evil:
-
someone please help, have been trying to get this working for weeks ...
I installed sme server 7 from a fresh install and followed the how to word by word, but no luck.. please see my above posts
the server is set on server only mode
thanks
-
did you use https: instead of http: