Eric Guo's blog.cloud-mes.com

Hoping writing JS, Ruby & Rails and Go article, but fallback to DevOps note

Install Open Project V13 in a New Rocky Linux 9.2

Permalink

I already install a shared open project instance half year ago, but this time I will install a dedicate OP (Open Project) server.

Disable SELinux

vi /etc/selinux/config

Install htop and atop

sudo dnf update

sudo dnf install epel-release

sudo dnf install htop

sudo dnf install atop

Install nginx

sudo dnf install nginx

Install node.js v18

Using nodesource distribution

sudo yum install https://rpm.nodesource.com/pub_18.x/nodistro/repo/nodesource-release-nodistro-1.noarch.rpm -y

curl -k https://deb.nodesource.com/gpgkey/nodesource.gpg.key -o nodesource.gpg.key

update-crypto-policies --set LEGACY

sudo rpm --import nodesource.gpg.key

sudo yum install nodejs -y

yum groupinstall 'Development Tools'

Install postgresql

Following DO manual

dnf module list postgresql

sudo dnf module enable postgresql:15

sudo dnf install postgresql-server postgresql-devel glibc-all-langpacks

sudo dnf install postgresql-contrib # pg_trgm btree_gist require by open project

sudo postgresql-setup --initdb

sudo systemctl start postgresql

sudo systemctl enable postgresql

sudo -i -u postgres

psql

Setup open_project user account

adduser open_project

cd /etc/sudoers.d/

echo "open_project ALL=(ALL) NOPASSWD:ALL" > 30-open_project-user

sudo su - open_project

mkdir .ssh

chmod 700 .ssh

vi .ssh/authorized_keys # and paste your public key

chmod 600 .ssh/authorized_keys

Install rbenv and ruby-build

whoami # should run as a open_project

git clone https://git.thape.com.cn/rails/rbenv.git .rbenv

echo 'export PATH="$HOME/.rbenv/bin:$PATH"' >> ~/.bash_profile

~/.rbenv/bin/rbenv init # also edit ~/.bash_profile

# As an rbenv plugin

mkdir -p "$(rbenv root)"/plugins

git clone https://git.thape.com.cn/rails/ruby-build.git "$(rbenv root)"/plugins/ruby-build

git clone https://git.thape.com.cn/rails/rbenv-china-mirror.git "$(rbenv root)"/plugins/rbenv-china-mirror

Install Ruby 3.2.3

Ruby 3.2.3 need Rust to build JIT.

dnf config-manager --enable crb

dnf install libyaml-devel

yum install -y rust

rbenv install -l

rbenv install 3.2.3

rbenv global 3.2.3

rbenv shell 3.2.3

echo "gem: --no-document" > ~/.gemrc

gem update --system

Prepare the capistrano deploy folder

whoami # should run as a open_project

cd /var/www

sudo mkdir open_project

sudo chown open_project:open_project open_project/

Create postgresql db user and import DB

sudo su - postgres

createuser open_project

psql

ALTER ROLE open_project LOGIN;

CREATE DATABASE open_project_prod WITH ENCODING='UTF8' OWNER=open_project;

logout

psql -d open_project_prod -f open_project_db.sql

sudo su - open_project

psql -d open_project_prod

CREATE EXTENSION IF NOT EXISTS btree_gist;

Using mirror when deploy

Run in the release rails root folder

bundle config mirror.https://rubygems.org https://gems.ruby-china.com

Setting the open project settings

/etc/environment
OPENPROJECT_EDITION=bim

OPENPROJECT_APP__TITLE=天华项目全生命周期管理

OPENPROJECT_APP__SHORT__TITLE=PLM

OPENPROJECT_HOST__NAME=plm-staging.thape.com.cn

OPENPROJECT_EMAIL__DELIVERY__METHOD="smtp"

OPENPROJECT_SMTP__ADDRESS="smtp.thape.com.cn"

OPENPROJECT_SMTP__PORT="25"

OPENPROJECT_SMTP__DOMAIN="thape.com.cn"

OPENPROJECT_SMTP__AUTHENTICATION="login"

OPENPROJECT_SMTP__USER__NAME="plm"

OPENPROJECT_SMTP__PASSWORD=""

OPENPROJECT_SMTP__ENABLE__STARTTLS__AUTO="true"

OPENPROJECT_SMTP__OPENSSL__VERIFY__MODE="none"

OPENPROJECT_ENTERPRISE__TRIAL__CREATION__HOST="https://www.google-analytics.com"

GRUF_OP_SERVER="172.17.1.1:10009"

WX_TEMPLATE_ID=""

WX_WORK_PACKAGE_DETAIL="https://plm.thape.com.cn/work_packages/:id"

MP_QRCODE_ABS_PATH="/var/www/open_project/shared/public/static/mp_qrcode.jpg"

LOGO_ABS_PATH="/var/www/open_project/shared/public/static/logo_plm.png"

CSP_FRAME_SRC="https://ith-workspace.thape.com.cn"

CSP_CONNECT_SRC="https://analytics.thape.com.cn"

WECHAT_AUTH_JWT_SECERT=""

WECHAT_AUTH_ITH_URL="/ith/wechat/ppm/login"
/etc/systemd/system/puma_plm.service
[Unit]

Description=Puma HTTP Server for open_project (staging)

 
After=syslog.target network.target

 
[Service]

Type=simple

WatchdogSec=10

User=open_project

EnvironmentFile=/etc/environment

WorkingDirectory=/var/www/open_project/current

ExecStart=/home/open_project/.rbenv/bin/rbenv exec bundle exec puma -e production

ExecReload=/bin/kill -SIGUSR1 $MAINPID

 
# if we crash, restart

RestartSec=10

Restart=on-failure

 
StandardOutput=append:/var/www/open_project/shared/log/puma.log

StandardError=append:/var/www/open_project/shared/log/puma.log

 
SyslogIdentifier=puma_plm

[Install]

WantedBy=multi-user.target

sudo systemctl daemon-reload

bundle exec rake openproject:plugins:register_frontend

bundle exec rake i18n:js:export

bundle exec rake db:seed

sudo journalctl -u puma_plm # check system log and fix errors

sudo systemctl start puma_plm

Copy Nginx configuration and disable firewall

cp /var/www/open_project/current/config/nginx/production.conf /etc/nginx/conf.d/puma_plm.conf

systemctl restart nginx

firewall-cmd --zone=public --add-service=https

firewall-cmd --zone=public --add-service=http

firewall-cmd --permanent --zone=public --add-service=http

firewall-cmd --permanent --zone=public --add-service=https

systemctl restart firewalld

Comments