dhis2-devs team mailing list archive
-
dhis2-devs team
-
Mailing list archive
-
Message #16449
[Branch ~dhis2-documenters/dhis2/dhis2-docbook-docs] Rev 464: Minor fix
------------------------------------------------------------
revno: 464
committer: Lars Helge Overland <larshelge@xxxxxxxxx>
branch nick: dhis2-docbook-docs
timestamp: Tue 2012-03-13 15:32:47 +0100
message:
Minor fix
modified:
src/docbkx/en/dhis2_implementation_guide_installation.xml
--
lp:~dhis2-documenters/dhis2/dhis2-docbook-docs
https://code.launchpad.net/~dhis2-documenters/dhis2/dhis2-docbook-docs
Your team DHIS 2 developers is subscribed to branch lp:~dhis2-documenters/dhis2/dhis2-docbook-docs.
To unsubscribe from this branch go to https://code.launchpad.net/~dhis2-documenters/dhis2/dhis2-docbook-docs/+edit-subscription
=== modified file 'src/docbkx/en/dhis2_implementation_guide_installation.xml'
--- src/docbkx/en/dhis2_implementation_guide_installation.xml 2012-03-13 12:38:06 +0000
+++ src/docbkx/en/dhis2_implementation_guide_installation.xml 2012-03-13 14:32:47 +0000
@@ -48,7 +48,7 @@
<para>Clear the pre-installed web applications by invoking <code>rm -rf webapps/*</code> Download the latest DHIS 2 WAR file from <emphasis role="italic">http://dhis2.org/download</emphasis> and move it to the <emphasis role="italic">webapps</emphasis> directory.</para>
<para>Open file <emphasis role="italic">bin/setclasspath.sh</emphasis> and add the lines below. The first will set the location of your Java Runtime Environment, the second will dedicate memory to Tomcat and the third will set the location for where DHIS 2 will search for the <emphasis role="italic">hibernate.properties</emphasis> configuration file, note that you should adjust this to your environment:</para>
<para><screen>JAVA_HOME='/usr/lib/jvm/java-7-openjdk'
-JAVA_OPTS='-Xmx6000m -XX:MaxPermSize=1000m'
+JAVA_OPTS='-Xmx6000m -Xms3000m -XX:MaxPermSize=800m -XX:PermSize=400m'
DHIS2_HOME='/home/dhis/config'</screen></para>
<para>To do basic performance tuning (optional) you can install the native <emphasis role="italic">APR</emphasis> library by invoking <code>sudo apt-get install libtcnative-1</code> Then open file<emphasis role="italic"> bin/setclasspath.sh</emphasis> and add this line at the end of the file: <emphasis role="italic">LD_LIBRARY_PATH=/usr/lib:$LD_LIBRARY_PATH</emphasis></para>
<para>If you need to change the <emphasis role="italic">port</emphasis> of which Tomcat listens for requests you can open the Tomcat configuration file <emphasis role="italic">/conf/server.xml</emphasis>, locate the <emphasis role="italic"><Connector></emphasis> element which is not commented out and change the <emphasis role="italic">port</emphasis> attribute value to the desired port number.</para>
@@ -103,7 +103,7 @@
<para>In order to improve security it is recommended to configure the server running DHIS to communicate with clients over an encrypted connection and to identify itself to clients using a trusted certificate. This can be achieved through SSL which is an cryptographic communication protocol running on top of TCP/IP.</para>
<para>To configure nginx to use SSL you will need a proper SSL certificate from an SSL provider. The cost of a certificate varies a lot depending on encryption strength. An affordable certificate from <emphasis role="italic">https://www.rapidsslonline.com</emphasis> should serve most purposes.</para>
<para>When you have your certificate files (.pem and .key) you will need to place them in a location which is reachable by nginx. A good location for this can be the same directory as where your nginx.conf file is located.</para>
- <para>Below is an nginx server block where the certificate files are named server.pem and server.key. Since SSL connections usually occur on port 443 (HTTPS) we pass requests on that port (443) on to the DHIS instance running on http://localhost:8080/dhis. The first server block will rewrite all requests connecting to port 80 and force the use of HTTPS/SSL. This is also necessary because DHIS is using a lot of redirects internally which must be passed on to use HTTPS.</para>
+ <para>Below is an nginx server block where the certificate files are named server.pem and server.key. Since SSL connections usually occur on port 443 (HTTPS) we pass requests on that port (443) on to the DHIS instance running on http://localhost:8080/dhis. The first server block will rewrite all requests connecting to port 80 and force the use of HTTPS/SSL. This is also necessary because DHIS is using a lot of redirects internally which must be passed on to use HTTPS. Remember to replace <emphasis role="italic"><server-ip></emphasis> with the IP of your server. These blocks should replace the one from the previous section.</para>
<screen><![CDATA[# Rewrite block to force use of SSL
server {