First, you need your installation defaults, find the installer.properties example below:
INSTALLER_UI=SILENT SILENT_LICENSE_MODE=full SILENT_SERIAL_NUMBER= SILENT_PREV_SERIAL_NUMBER= SILENT_INSTALLER_TYPE=standalone SILENT_INSTALL_ODBC=false SILENT_INSTALL_JNBRIDGE=false SILENT_INSTALL_ADMIN=false SILENT_INSTALL_SOLR=true SILENT_INSTALL_PDFG=true SILENT_INSTALL_FOLDER=/opt/coldfusion11 SILENT_ENABLE_PROD_SECURE_PROFILE=true SILENT_ENABLE_PROD_DEFAULT_PROFILE=false SILENT_ENABLE_DEV_PROFILE=false SILENT_ADMIN_IP=127.0.0.1 SILENT_JETTY_IP= SILENT_ADMIN_USERNAME=admin SILENT_ADMIN_PASSWORD=Adm1n$12 SILENT_ENABLE_RDS=false SILENT_RDS_PASSWORD=Adm1n$12 SILENT_JETTY_USERNAME=admin SILENT_JETTY_PASSWORD=Adm1n$12 SILENT_CONTEXT_ROOT= SILENT_AUTO_ENABLE_UPDATES=true SILENT_MIGRATE_COLDFUSION=false SILENT_PREV_CF_MIGR_DIR=/opt/coldfusion10 ENABLE_RDS=false ENABLE_WSRP=false ENABLE_JSDEBUG=false ENABLE_CFR=false ENABLE_CFSWF=false ENABLE_CFFORMS=false
With this file, you can install ColdFusion 11 with the following:
./ColdFusion_11_WWEJ_linux64.bin -f installer.properties >> CF11Installer.log
The output in the log file should look something like this:
Preparing to install... Extracting the JRE from the installer archive... Unpacking the JRE... Extracting the installation resources from the installer archive... Configuring the installer for this system's environment... Launching installer...
Chown the CFIDE:
chown -R nobody:nobody /opt/coldfusion11/cfusion/wwwroot/CFIDE
Backup your license.properties:
cp /opt/coldfusion11/cfusion/lib/license.properties /opt/coldfusion11/cfusion/runtime/lib/license.properties
Add the service:
sh /opt/coldfusion11/bin/cf-init.sh install
If the above does not exist, and well hey, it didn’t for me, I did write another article with the file needed. Check that Article out.
sconfig wants the “real” hostname or the connector won’t install.
cp /etc/hosts /etc/hostsbackup.$$ echo 127.0.0.1 localhost.localdomain localhost `hostname` > /etc/hosts
Turn the listen flag to false in the license.propterties:
perl -pi -e 's/listen=true/listen=false/' /opt/coldfusion11/cfusion/lib/license.properties
Start ColdFusion:
/opt/coldfusion11/cfusion/bin/coldfusion start && sleep 10 &&
Perform the wsconfig:
In my example, I happened to run the command twice, with varied setups. I am documenting them both and will clean up at next install:
/opt/coldfusion11/cfusion/runtime/bin/wsconfig -ws apache -dir /usr/local/apache/conf -bin /usr/sbin/httpd -script /etc/init.d/httpd >> CF11Installer.log /opt/coldfusion11/cfusion/runtime/bin/wsconfig -ws apache -dir /usr/local/apache/conf -bin /usr/sbin/httpd -script /etc/init.d/httpd -ws64 -apxs -norestart -v >> CF11Installer.log
After the above, my CF11Installer.log added the following:
The Apache connector was installed to /usr/local/apache/conf Usage: To use the GUI: java -jar wsconfig.jar To use the property file to specifiy options: java -jar wsconfig.jar -f <property-file-path> To use the command line to specify options: java -jar wsconfig.jar [options] Options To install the web server connector: -ws <IIS|Apache> -dir <path> | -site <site> [-host <hostname>] | [-cluster <clustername>] [-norestart] [-v] [-cfide [<dir>]] [-bin <path>] [-service <servicename>] (Apache/Windows only) [-bin <path>] [-script <path>] (Apache/UNIX only) To remove the web server connector: -remove -ws <IIS|Apache> -dir <path> | -site <site> [-v] To remove all the web server connectors: -uninstall [-v] To upgrade the web server connector: -upgrade -ws <IIS|Apache> -dir <path> | -site <site> [-v] To upgrade all the web server connectors: -upgrade [-v] To list the configured web servers: -list [-ws <IIS|Apache>] To get this help: -help Descriptions -ws <IIS|Apache> web server -dir <path> Apache conf directory -site <site> IIS web site name or number -host <hostname> ColdFusion server address (default=localhost) -cluster <clustername> ColdFusion cluster name -norestart do not restart web server -cfide [<dir>] CFIDE Directory Path -service <servicename> Apache Windows service name -bin <path> Apache server binary file -script <path> Apache Unix control script file -ws32 used to configure 32-bit web server on 64-bit Windows, Linux, and Mac OS. -reuseConnectionCount The reuseConnectionCount property sets the maximum number of connections that can be re-used in the connection pool. -connectionPoolTimeout The connectionPoolTimeout property sets the number of seconds to wait for the idle connection to close. -isWebServiceON The isWebServiceON property signifies that the Apache web server is started with the WEBSERVICE_ON property. Applicable only for Mac OSX 10.8 or higher. -allowedIPList The allowedIPList property represents an allowed IP address list(separated by comma) that access the restricted list of ColdFusion URLs.
Performing the wsconfig generated the file I needed to move forward, /usr/local/apache/conf/mod_jk.conf to which the contents are below:
# Load mod_jk module LoadModule jk_module "/opt/coldfusion11/config/wsconfig/1/mod_jk.so" # Where to find workers.properties JkWorkersFile "/opt/coldfusion11/config/wsconfig/1/workers.properties" JkMountFile "/opt/coldfusion11/config/wsconfig/1/uriworkermap.properties" JKIPRestrictionFile "/opt/coldfusion11/config/wsconfig/1/iprestriction.properties" # Where to put jk logs JkLogFile "/opt/coldfusion11/config/wsconfig/1/mod_jk.log" # custom environment variables JkEnvVar REDIRECT_URL JkEnvVar REDIRECT_REMOTE_HOST JkEnvVar REDIRECT_PATH JkEnvVar REDIRECT_QUERY_STRING JkEnvVar REDIRECT_HTTP_ACCEPT JkEnvVar REDIRECT_HTTP_USER_AGENT JkEnvVar REDIRECT_REMOTE_ADDR JkEnvVar REDIRECT_SERVER_NAME JkEnvVar REDIRECT_SERVER_PORT JkEnvVar REDIRECT_SERVER_SOFTWARE # Where to put jk shared memory JkShmFile "/opt/coldfusion11/config/wsconfig/1/jk_shm" # Set the jk log level [debug/error/info] JkLogLevel info # Select the timestamp log format JkLogStampFormat "[%a %b %d %H:%M:%S %Y] " AddHandler jakarta-servlet .cfm .cfml .cfc .cfr .cfswf DirectoryIndex index.cfm Alias /CFIDE "/opt/coldfusion11/cfusion/wwwroot/CFIDE" <Directory "/opt/coldfusion11/cfusion/wwwroot/CFIDE"> Options Indexes FollowSymLinks AllowOverride None Require all granted </Directory> <Files ~ ".hbmxml$"> Order allow,deny Deny from all </Files>
I then distilled the changes to ensure cPanel was copacetic with them, regenerated the conf and restarted apache:
/usr/local/cpanel/bin/apache_conf_distiller --update /usr/local/cpanel/bin/build_apache_conf /etc/init.d/httpd restart
During the last step, I did open for editing /usr/local/apache/conf/httpd.conf twice and /usr/local/apache/conf/mod_jk.conf once before distilling and restarting again.
Edit the neo-security.xml and throw in some good defaults.
set rds.security.usesinglerdsp to false
set allowconcurrentadminlogin to false
set admin.userid.required to true
set allowedAdminIPList to 127.0.0.1 and an any others of importance
set secureprofile.enabled to true
The admin.userid.root.salt string may need to be updated, idk.
Restart the CF’s
/opt/coldfusion11/cfusion/bin/coldfusion stop
/opt/coldfusion11/cfusion/bin/coldfusion start
Leave a Reply