Page tree
Skip to end of metadata
Go to start of metadata

The instructions below applies to EMG 7.0, EMG 7.1 and EMG 7.2.

 

This document describes the steps involved to install a complete EMG platform with

running in CentOS 7.2.1511, released in December 2015 (end of support, June 30, 2024).

CentOS 7 provides

  • Apache 2.4.6
  • PHP 5.4.16
  • MariaDB (MySQL) 5.5.44

through the default yum repositories which meet the EMG Portal requirements well.

We will install on Centos 7 (64-bit), create a separate user for emg and place the EMG installation in /home/emg.

This will give us a privilege-separated installation in its own location.

Contents

Basic OS installation and configuration

  • Download and install CentOS 7.2.1511 (64-bit). We choose the "minimal" distribution,
    http://ftp.lysator.liu.se/pub/CentOS/7.2.1511/isos/x86_64/CentOS-7-x86_64-Minimal-1511.iso
  • After installation, login as "root"
  • Consider disabling SELinux, at least during the installation,
    http://blog.zwiegnet.com/linux-server/disable-selinux-centos-7/
  • Consider disabling ipv6 if you will not use it:
    https://wiki.centos.org/FAQ/CentOS7#head-8984faf811faccca74c7bcdd74de7467f2fcd8ee
  • Modify Postfix configuration to use ipv4 only. In /etc/postfix/main.cf change line

    inet_protocols = all

    to

    inet_protocols = ipv4

    and restart Postfix by running

    systemctl restart postfix
  • Run a "yum update" to ensure all packages are up to date and if any kernel packages were updated reboot the server

    yum update -y
    reboot
  • Install some additional required and useful packages

    yum install -y bzip2 httpd httpd-devel mod_ssl mariadb-server mariadb-devel php php-pdo \
       php-mysql php-pear php-xml php-mbstring php-devel pcre-devel gcc mlocate mailx net-tools vim-enhanced wget
    systemctl enable mariadb
    systemctl enable httpd
    systemctl enable postfix
  • Create user "emg" and assign a good password to the new account. Consider having a strong password generated, for example using https://strongpasswordgenerator.com/

    useradd -m emg
    passwd emg
  • Consider limiting ssh access to specific users by adding "AllowUsers emg" to /etc/ssh/sshd_config

    vi /etc/ssh/sshd_config
    systemctl restart sshd
  • Consider synchronizing server time with NTP servers

    yum install -y ntpdate ntp
    ntpdate 0.pool.ntp.org
    systemctl enable ntpd
    systemctl start ntpd
  • Tune some InnoDB and query parameters for MySQL. Change "[server]" section in "/etc/my.cnf.f/server.cnf".

    vi /etc/my.cnf.d/server.cnf
    
    [server]
    innodb_additional_mem_pool_size = 128M
    innodb_buffer_pool_instances = 2
    innodb_file_per_table
    innodb_flush_log_at_trx_commit = 2
    query_cache_limit = 16M
    query_cache_size = 128M 
  • Start services and secure the mysql installation by setting a root password etc

    systemctl start postfix
    systemctl start mariadb
    mysql_secure_installation
  • Set the default timezone in php.ini. In the distributed php.ini there is a line ";date.timezone =" which should be replace with "date.timezone = 'Europe/Stockholm'" or whichever timezone is correct for you, check http://php.net/manual/en/timezones.php for more information. Also consider increasing limits for memory usage and execution time.

    vi /etc/php.ini
     
    date.timezone = 'Europe/Stockholm'
    memory_limit = 512M
    max_execution_time = 600

EMG installation

We are now ready to install and configure EMG

cd /tmp
wget --http-user=emg --http-password=letmein \
   http://www.nordicmessaging.se/files/emg/emg71/emg7110-50622-linux-64bit-full.tar.gz
tar xvzf emg7110-50622-linux-64bit-full.tar.gz
cd emg-dist
sh ./INSTALL
  • Specify newly created user "emg" for user and group, "/home/emg/etc" for configuration files, "/home/emg/bin" for executables plus your eval license information.
  • Add "export EMGDIR=$HOME/etc" to the end of bash profile script
echo 'export EMGDIR=$HOME/etc' >>/home/emg/.bash_profile
  • Login as "emg"
  • Replace default EMG configuration file with the EMG dbconfig configuration file
cp /home/emg/etc/server.cfg.dbconfig /home/emg/etc/server.cfg
  • Create EMG database and schema, but first edit the script to set a secure password, preferably generated
cd /home/emg/etc/sql
vi ./createemgdb-mysql.sh
sh ./createemgdb-mysql.sh createdb
sh ./createemgdb-mysql.sh createtables
sh ./createemgdb-mysql.sh initdbconfig
  • Edit server.cfg file and change the database credentials to match the above in the DATABASE section
vi /home/emg/etc/server.cfg

EMG perl installation

In order for the EMG Portal billing plugin (and EMG perl plugins in general) to work properly the EMG perl distribution needs to be installed. More information http://www.nordicmessaging.se/tech-notes/emg/emg-526-and-perl-plugins.html.

Please note that this will be a perl installation completely separated from the default perl installation used by /usr/bin/perl. To install modules and run the EMG perl distribution you must run the perl binary with the full path (/opt/perl-5.12.2-emg/bin/perl) and preferably always as user "emg" to avoid mixing up file permissions. However, below we add the new perl bin directory first in the PATH for the "emg" user in order to ensure the EMG perl binary is always used when using "emg" account.

  • Download and extract EMG perl distribution as user "root"

    cd /opt
    wget http://www.nordicmessaging.se/files/perl-5.12.2-emg_linux_64bit.tar.gz
    tar xvzf perl-5.12.2-emg_linux_64bit.tar.gz
    chown -R emg.emg perl-5.12.2-emg
  • Install some required CPAN modules. When running the cpan command the first time you need to hit enter a couple of times to accept configuration.

    su - emg
    echo 'export PATH=/opt/perl-5.12.2-emg/bin:$PATH' >>$HOME/.bash_profile
    PERL_MM_USE_DEFAULT=1 /opt/perl-5.12.2-emg/bin/cpan -f LWP Time::HiRes Carp::Assert DBI DBD::mysql

EMG watchdog installation

The EMG watchdog can monitor the EMG server process (emgd) and perform operations such as stopping server, starting server and retrieve EMG server log files to EMG Portal. It also monitors available disk space in the file system and sends a notification when a specified limit has been reached.

It features a built-in web server used to serve the API calls. The web server listens on port 3000 by default.

  • Login as "emg"
  • Some more CPAN modules are required. You may need to hit enter multiple times during the installation.

    PERL_MM_USE_DEFAULT=1 /opt/perl-5.12.2-emg/bin/cpan -f Email::Sender::Simple Email::Sender::Transport::SMTP Email::Simple Email::Simple::Creator Filesys::Df HTTP::Daemon HTTP::Status IPC::Shareable JSON Net::Subnet URI::QueryParam Data::Dumper
    
  • Copy the sample watchdog script

    cp /home/emg/bin/emg_watchdog.pl.sample /home/emg/bin/emg_watchdog.pl
  • Go through the "Configuration variables" section in the watchdog script and add any variables you want to change to a new file "emg_watchdog.cfg".
    More specifically make sure the following are set to relevant values:

    @notify_recipients - E-mail address(es) to which watchdog should send e-mail notifications
    $mail_from - Sender address ("From") for e-mail notifications
    $smtp_server

    Sample string to add new values for @notify_recipients and $mail_from to emg_watchdog.cfg:

    echo -e "@notify_recipients = ('recipient@example.com');\n\$mail_from = 'changeme_from@example.com';" >$HOME/bin/emg_watchdog.cfg
  • Start the EMG watchdog by running the command below. You should receive an e-mail notification when the watch has started if all went ok.

    /home/emg/bin/emg_watchdog.pl &
  • Login as "root"
  • Ensure EMG watchdog is started automatically on system boot.

    echo 'su - emg -c "perl /home/emg/bin/emg_watchdog.pl &"' >>/etc/rc.local
    chmod 744 /etc/rc.local

EMG Portal installation

Time to download and install EMG Portal. The evaluation version of EMG Portal is encoded with ionCube and first an ionCube loader must be configured in PHP.

  • As user "root", open firewall to allow https (port 443) and optionally http (port 80) connections in firewall and start httpd service. We recommend using https only since communication will then be protected by SSL encryption. However, if you use the default self-signed SSL certificate the visting browser will throw a warning when accessing the page. Installation of a proper certificate signed by a trusted CA is therefore strongly recommended.

    systemctl start firewalld
    firewall-cmd --zone=public --add-port=80/tcp --permanent # Optional - not recommended
    firewall-cmd --zone=public --add-port=443/tcp --permanent
    firewall-cmd --reload
    systemctl start httpd
  • Download the ionCube loader wizard from http://www.ioncube.com/loaders.php and install it by placing the installer wizard in /var/www/html and point your browser to https://servername/ioncube/loader-wizard.php. Follow the instructions and remember to delete the loader files in web directory after completing the loader installation.

    cd /var/www/html
    wget http://www.ioncube.com/loader-wizard/loader-wizard.tgz
    tar xvzf loader-wizard.tgz
    [ Open browser and follow instructions, which should correspond to commands below ]
    cd /usr/lib64/php/modules/
    wget http://downloads3.ioncube.com/loader_downloads/ioncube_loaders_lin_x86-64.tar.bz2
    tar xvjf ioncube_loaders_lin_x86-64.tar.bz2
    cp ioncube/ioncube_loader_lin_5.4.so .
    echo "zend_extension = /usr/lib64/php/modules/ioncube_loader_lin_5.4.so" >/etc/php.d/20-ioncube.ini
    systemctl restart httpd
    [ The ionCube loader should now load properly if you point your browser to
      https://servername/ioncube/loader-wizard.php?timeout=0&ini=0&page=loader_check ]
    rm -rf /usr/lib64/php/modules/ioncube/ /var/www/html/loader-wizard.tgz /var/www/html/ioncube/
  • Download the current 30-day eval as user "root". You will end up with a file named something similar to €œemgportal-3.1-46746-ioncube-20160809.tar.gz.

     

    cd /tmp
    wget --trust-server-names --content-disposition http://www.nordicmessaging.se/files/emg/emgportal3-eval.php
    cd /var/www/html
    mkdir emgportal
    cd emgportal
    tar xvzf /tmp/emgportal-3.1-46746-ioncube-20160809.tar.gz
    chown -R emg.emg /var/www/html/emgportal
    chmod 777 assets protected/runtime
    chmod 777 protected/config
    cp htaccess.sample .htaccess
  • Modify .htaccess to use the right sub-uri by uncommenting "#RewriteBase /emgportal"

     

    vi .htaccess
  • Configure apache by copying emgportal.conf to apache config directory and restart httpd servce

     

    cp /var/www/html/emgportal/emgportal.conf /etc/httpd/conf.d
    systemctl restart httpd
  • If you access the EMG Portal installer from a remote computer you will need to add your IP address to AUTHORIZED_IPS variable on line 3 in the installer file.

     

    vi /var/www/html/emgportal/install/index.php
  • Now you should be able to point your browser to your server https://yourserver/emgportal and see the EMG Portal installer.

  • After finishing the installer you need to remove installation directory and secure config files

     

    cd /var/www/html/emgportal
    rm -rf install/
    chown -R emg.emg /var/www/html/emgportal
    chmod 755 protected/config
  • As a final step you should check the main config file for any settings you want to customize especially the "baseUrl", "adminEmail" and "emailReportCopy" settings. You can also define your own layout file and point to it through the "layout" setting.

     

    vi /var/www/html/emgportal/protected/config/main.php
  • You should now be able to log in to EMG Portal as the web user you specified during installation.
  • In EMG Portal under "Dashboard" -> "System settings" on the bottom of the page under "EMG Server(s)" add "3000" as the "Watchdog port" on the first line and save.
    You should now see "EMG watchdog: Enabled - Running" on the "Dashboard".

Finish EMG installation

You need to copy the billing plugin from EMG Portal distribution into the EMG etc directory.

  • Copy the file as "emg" user and update database credentials in the file

     

    su - emg
    cp /var/www/html/emgportal/misc/billing.pl /home/emg/etc/
    vi /home/emg/etc/billing.pl
  • As user "root", open firewall for incoming SMPP connections. In server.cfg there is an incoming SMPP connector listening on port 2775 but we have yet to allow inbound connections on that port

    firewall-cmd --zone=public --add-port=2775/tcp --permanent
    firewall-cmd --reload

Finally you should be able to start the EMG server by running command "emgd" as user "emg". The command "emgstat" should give you a list of connectors in the EMG server and their status.

You should also be able to login to the EMG Portal and see the same information under "Dashboard -> Connectors".

Recurring tasks (cron)

A few cron jobs need to be added to enable recurring tasks.

There is a sample script "cleandb.sh.sample" in the /home/emg/bin directory. The "hourly_summary.pl.sample" script is part of the EMG Portal distribution.

As user "emg", copy them and review paths and database settings in the scripts to ensure they run correctly.

cp /home/emg/bin/cleandb.sh.sample /home/emg/bin/cleandb.sh
cp /var/www/html/emgportal/misc/hourly_summary.pl.sample /home/emg/bin/hourly_summary.pl
cp /var/www/html/emgportal/misc/hourly_summary_connector.pl.sample /home/emg/bin/hourly_summary_connector.pl
vi /home/emg/bin/cleandb.sh
vi /home/emg/bin/hourly_summary.pl 

Then add crontab entries similar to extract below.

crontab -u emg -e (if running as user "root")
crontab -e (if running as user "emg")

Extract from "crontab -l -u emg" on a running server:

# Purge old records from EMG database
*/5 * * * * /home/emg/bin/cleandb.sh >>/tmp/cleandb.log 2>&1
# Aggregate statistics for EMG Portal message reports
* * * * * /home/emg/bin/hourly_summary.pl >>/tmp/hourly_summary.log 2>&1
* * * * * /home/emg/bin/hourly_summary_connector.pl >>/tmp/hourly_summary_connector.log 2>&1
# Trigger daily report for current month
5 0 * * * wget --no-check-certificate -O - https://127.0.0.1/emgportal/cron/reportMonth >/tmp/cron_report.log 2>&1
# Trigger scheduled jobs
* * * * * wget --no-check-certificate -O - https://127.0.0.1/emgportal/cron/sendScheduled >/tmp/cron_send.log 2>&1

What's next?

You should now have a running messaging solution with server and web interface for provisioning tasks.

When using the command-line, remember to always run commands as user "emg", or file permissions may be incorrectly set.

Next steps include:

  • Set up routing (we recommend adding a default route).
  • Set up pricing (we recommend adding a default price).
  • Provision customer accounts.
  • Remember to open the port in the firewall if you add new inbound connectors.
  • Consider adding a proper SSL certificate to protect your site and for increased customer trust.
  • Create automatic backups of the database.
  • Version control (we recommend git) and backup the EMG configuration files.

Please consult the EMG Portal documentation for some more information about EMG Portal functionality.