Versions Compared

Old Version 8

changes.mady.by.user Francis Guchie

Saved on

compared with

New Version 9

changes.mady.by.user Rajarshi Singha

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

[



Linux Server for Fineract Platform using

Ubuntu Server 18.04.4 LTS - Higher Versions Not yet tested

Java-OpenJDK-15.0.2 - Higher Versions Not yet tested

Tomcat server (Minimum v.9.048) or above

MYSQL server (v.5.7.3x) - Higher versions not tested Yet

...

Info
titlemysql password

Once the installation is completed, the MySQL service will start automatically. To check whether the MySQL server is running, type:

# sudo systemctl status mysql

Configure the Port and binding address as shown below using sudo nano command
# sudo nano /etc/mysql/mysql.conf.d/mysqld.cnf

Set the bind address as you wish for example 0.0.0.0 sets it to any IP address across the globe (Strongly not recommended)
By default it comes as 
bind-address 127.0.0.1  ( this a security feature in MySQL 5.7 and above )

Run the security script: for proper configurations 
# sudo mysql_secure_installation

Follow the prompts and configure you installation to the best of your interests

In order to use a password to connect to MySQL as root, you will need to switch its authentication method from auth_socket to mysql_native_password.
To do this, open up the MySQL prompt from your terminal:

# sudo mysql

Next, check which authentication method each of your MySQL user accounts use with the following command:

SELECT user,authentication_string,plugin,host FROM mysql.user;

Output should look like below 
+------------------+------------------------------+-----------------------+-----------+
| user | authentication_string        | plugin          |                 host |
+------------------+------------------------------+-----------------------+-----------+
| root |                                          | auth_socket           | localhost |

Set the password to "mysql"  Please note that this is Bad for security, but just to get all installed and instructions on how to change it will be provided later in this guide)

Setting password use the command below

ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY 'mysql'; FLUSH PRIVILEGES;
Comfirm by runnig script below 

SELECT user,authentication_string,plugin,host FROM mysql.user;
Output should look like below 
+------------------+-------------------------------------------+-----------------------+-----------+
| user | authentication_string                                                    | plugin                             | host |
+------------------+-------------------------------------------+-----------------------+-----------+
| root | *3636DACC8616D997782ADD0839F92C1571D6D78F | mysql_native_password | localhost |

 
Eexit sudo mysql and restart mysql service 
exit 
# sudo service mysql restart

On completion of java installation,one could verify the installed version by & should be 5.7 or above
# mysql --version


Install tomact : 

Info
titleNote

The latest tomcat release will change and the link below may become invalid. If wget fails, get the correct link by going to https://tomcat.apache.org/download-90.cgi and under the core section, selecting the link to the tar.gz file. Use it for wget below:-

# sudo wget httpwget https://archive.apache.org/dist/tomcat/tomcat-9/v9.0.4850/bin/apache-tomcat-9.0.4850.tar.gz 
# sudo mv apache-tomcat-9.0.4850.tar.gz /usr/share 
# cd /usr/share
# sudo tar xvf apache-tomcat-9.0.4850.tar.gz 
# sudo rm -f apache-tomcat-9.0.4850.tar.gz 
# sudo mv apache-tomcat-9.0.48 50 tomcat9 
# cd ~ 


Install nano - text editor 

# sudo apt-get install nano

OPTIONAL (date/time settings) 

Check date:

# date

and if needed update with

# dpkg-reconfigure tzdata 

Step 2 - Tomcat setup

Enabling SSL

...

Info
titleset keystore password

set password to: xyz123

(Bad for security, but just to get all installed and instructions on how to change it will be provided later in this guide)

This gets stored in /usr/share as tomcat.keystore


Updating server.xml configuration file

...

Info
titlenano shortcut keys
Tip: To delete line by line you could use ctrl+k
To exit you could use ctrl+x
To confirm say yes & you could use y
then click on enter button to save

copy and replace below content into it

<?xml version='1.0' encoding='utf-8'?>
<Server port="8005" shutdown="SHUTDOWN">

<Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
<Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />
<Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
<Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" />
<GlobalNamingResources>
<Resource name="UserDatabase" auth="Container"
type="org.apache.catalina.UserDatabase"
description="User database that can be updated and saved"
factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
pathname="conf/tomcat-users.xml"
/>

<Resource
type="javax.sql.DataSource"
name="jdbc/fineract_tenants"
factory="org.apache.tomcat.jdbc.pool.DataSourceFactory"
driverClassName="com.mysql.jdbc.Driver"
url="jdbc:mysql://localhost:3306/fineract_tenants"
username="root"
password="mysql"
initialSize="3"
maxActive="15"
maxIdle="6"
minIdle="3"
validationQuery="SELECT 1"
testOnBorrow="true"
testOnReturn="true"
testWhileIdle="true"
timeBetweenEvictionRunsMillis="30000"
minEvictableIdleTimeMillis="60000"
logAbandoned="true"
suspectTimeout="60"
/>
</GlobalNamingResources>
<Service name="Catalina">

<Connector
protocol="org.apache.coyote.http11.Http11NioProtocol"
port="443"
maxThreads="200"
scheme="https"
secure="true"
SSLEnabled="true"
keystoreFile="/usr/share/tomcat.keystore"
keystorePass="mysql123"
clientAuth="false"
sslProtocol="TLS"
URIEncoding="UTF-8"
compression="force"
acceptCount="100"
minSpareThreads="25"
maxSpareThreads="75"
enableLookups="false"
disableUploadTimeout="true"
maxHttpHeaderSize="8192"
compressableMimeType="text/html,text/xml,text/plain,text/javascript,text/css"/>

<Engine name="Catalina" defaultHost="localhost">

<Realm className="org.apache.catalina.realm.LockOutRealm">
<Realm className="org.apache.catalina.realm.UserDatabaseRealm" resourceName="UserDatabase"/>
</Realm>

<Host name="localhost" appBase="webapps" unpackWARs="true" autoDeploy="true">
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
prefix="localhost_access_log." suffix=".log"
pattern="%h %l %u %t &quot;%r&quot; %s %b" /></Host>
</Engine>
</Service>
</Server>

...

Download and extract Fineract platform::

Info

For latest released code you can download from https://sourceforge.net/projects/mifos/files/latest/download?source=files or If wget/download fails, this link:- https://github.com/apache/fineract/releases 

In which you will find the following folders and file 

  • apps (contains community-app & web-app)
  • pentaholibs
  • pentahoReports
  • fineract-provider.war
  • and other files 

# cd /usr/src

# sudo wget https://sourceforge.net/projects/mifos/files/Mifos%20X/mifosplatform-21.07.0102.PATCH_RELEASE.zip/download

# sudo unzip mifosplatformunzip mifosplatform-21.07.0102.PATCH_RELEASE.zip

# cd mifosplatformcd mifosplatform-21.07.0102.PATCH_RELEASE


Initialize MySQL data 

...

Copy the community app into Tomcat's webapps folder: 

# cd /usr/src/fineractplatformmifosplatform-21.07.0102.PATCH_RELEASE

# sudo cp fineract-provider.war /usr/share/tomcat9/webapps/

# sudo cp -r apps/community-app/ /usr/share/tomcat9/webapps/ 

# sudo cp -r api-docs/ /usr/share/tomcat9/webapps/

# cd /usr/share/tomcat9/webapps

# sudo mv ROOT OLDROOT

# sudo mv community-app ROOT

...

# sudo -i 

# cd /root 

# mkdir  -p  .mifosx/pentahoReports

# cp usr/src/fineractplatformmifosplatform-21.07.0102.PATCH_RELEASE/pentahoReports/* ~/.mifosx/pentahoReports/

Info
titlepentahoReports & upload directory

Pentaho Reports

If /pentahoReports  is not copied into /root/.mifosx, penatoh reports,ex:accounting reports will fail with:

Income Statement.prpt","defaultUserMessage":"Unable to create key: No loader was able to handle the given key data: /usr/share/tomcat9/.mifosx/pentahoReports/Income Statement.prpt","userMessageGlobalisationCode":"error.msg.reporting.error","parameterName":null,"value"

Upload Directory

  • .fineract directory gets created automatically, if not created then Clients > Upload Documents  will fail with:  "Error error.msg.document.save"  (firebug, network tab)
  • Access to this directory should be restricted to authorized personnel only.
    While all accounting related information is stored in a database, submitted documents are simply stored in orginal format as uploaded. Mifos will store user uploaded files/documents relating to clients,loans,etc   in .fineract/


Start tomcat:

sudo /etc/init.d/tomcat9 start 

...

Code Block
languagetext
titleserver.xml
<Listener className="org.apache.catalina.core.JasperListener" />

OPTIONAL:
*in separate terminal you may watch your Mifos(logs) come to life like this: 

# sudo tail -f /usr/share/tomcat9/logs/catalina.out 

(if all is good, after a while of loading, you should see something like: Root WebApplicationContext: initialization completed in 45876 ms)

Info
titleIt's Done!

Congratulations!

You could access Mifos X through any internet browser:- 

@ https://server ip address or if you are using server port number as 8443 then you could access it https://localhost:8443

With these credentials:-

username: mifos

password: password

...