Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Linux Server for Fineract Platform using

Ubuntu Server 18.04.4 LTS - Higher Versions Not tested

Java-OpenJDK-15.0.2 - Higher Versions Not Recommended (Anything above 15.0.XX) is not yet tested thus not recommended)

Tomcat server (Minimum v.9.0.xx) or above (latest available at https://tomcat.apache.org/download-90.cgi

MYSQL server (v.5.7.xx) - Higher or lower versions not tested and not recommended on production servers until you test them your self

NOTE

Keep all the credentials used in this document as your defaults until after you are done with your first successful installation.
Then you can change the passwords and other settings

Use the same versions of the prerequisites (Java, Tomcat, Ubuntu) mentioned then test the others later

Step 1 - Installing System Updates and Prerequisites:

...

The latest version of Java OpenJDK on Ubuntu 18.04 is OpenJDK-11 this means we will have to install Java OpenJDK-15.0.2 using the tar.gz or the Debian Packages. In the steps below we will use the tar.gz procedure to install Java. First of all, visit the Oracle Archives page and download the Linux x64 Compressed Archive namely jdk-15.0.2_linux-x64_bin.tar.gz and once you are done follow th following steps https://www.oracle.com/java/technologies/javase/jdk15-archive-downloads.html 

(OR you can run this to download directly to your server:

# sudo wget https://download.oracle.com/otn/java/jdk/15.0.2%2B7/0d1cfde4252546c6931946de8db48ee2/jdk-15.0.2_linux-x64_bin.tar.gz

)

sudo tar -zxvf jdk-15.0.2_linux-x64_bin.tar.gz 
sudo mv jdk-15.0.2  /usr/lib/jvm/ 

# sudo update-alternatives --install /usr/bin/java java /usr/lib/jvm/jdk-15.0.2/bin/java 1 (if you have more than one Java installations then use the number of current your Java installation)

# sudo update-alternatives --config java

...

Info

mysql password

Once the installation is completed, the MySQL service will start automatically. To check whether the MySQL server is running, type:

# sudo systemctl status mysql

Configure the Port and binding address as shown below using sudo nano command
# sudo nano /etc/mysql/mysql.conf.d/mysqld.cnf

Set the bind address as you wish for example 0.0.0.0 sets it to any IP address across the globe (Strongly not recommended)
By default it comes as 
bind-address 127.0.0.1  ( this a security feature in MySQL 5.7 and above )

Run the security script: for proper configurations 
# sudo mysql_secure_installation

Follow the prompts and configure you installation to the best of your interests

In order to use a password to connect to MySQL as root, you will need to switch its authentication method from auth_socket to mysql_native_password.
To do this, open up the MySQL prompt from your terminal:

# sudo mysql

Next, check which authentication method each of your MySQL user accounts use with the following command:

SELECT user,authentication_string,plugin,host FROM mysql.user;

Output should look like below 
+------------------+------------------------------+-----------------------+-----------+
| user | authentication_string        | plugin          |                 host |
+------------------+------------------------------+-----------------------+-----------+
| root |                                          | auth_socket           | localhost |

Set the password to "mysql"  Please note that this is Bad for security, but just to get all installed and instructions on how to change it will be provided later in this guide)

Setting password use the command below

ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY 'mysql'; FLUSH PRIVILEGES;
Comfirm by runnig script below 

SELECT user,authentication_string,plugin,host FROM mysql.user;
Output should look like below 
+------------------+--------------------------------------------------------------+--------------------------------+-----------+
| user | authentication_string                                                        | plugin                             | host      |
+------------------+--------------------------------------------------------------+--------------------------------+-----------+
| root | *3636DACC8616D997782ADD0839F92C1571D6D78F | mysql_native_password | localhost |

 
Eexit sudo mysql and restart mysql service
exit
# sudo service mysql restart

On completion of java installation,one could verify the installed version by & should be 5.7 or above

# mysql --version

...

# sudo apt-get install nano

OPTIONAL (date/time settings) 

Code Block
Check date:

# date

Code Block
and if needed update with

# dpkg-reconfigure tzdata 

Step 2 - Tomcat setup

Enabling SSL

...

Info

set keystore password

set password to: xyz123

(Bad for security, but just to get all installed and instructions on how to change it will be provided later in this guide)

This gets stored in /usr/share as tomcat.keystore


Updating server.xml configuration file

...

# sudo nano /usr/share/tomcat9/conf/server.xml 

Info

nano shortcut keys

Tip: To delete line by line you could use ctrl+k

To exit you could use ctrl+x

To confirm say yes & you could use y

then click on enter button to save

copy and replace below content into it

<?xml version='1.0' encoding='utf-8'?>
<Server port="8005" shutdown="SHUTDOWN">

<Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
<Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />
<Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
<Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" />
<GlobalNamingResources>
<Resource name="UserDatabase" auth="Container"
type="org.apache.catalina.UserDatabase"
description="User database that can be updated and saved"
factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
pathname="conf/tomcat-users.xml"
/>

<Resource
type="javax.sql.DataSource"
name="jdbc/fineract_tenants"
factory="org.apache.tomcat.jdbc.pool.DataSourceFactory"
driverClassName="com.mysql.cj.jdbc.Driver"
url="jdbc:mysql://localhost:3306/fineract_tenants"
username="root"
password="mysql"
initialSize="3"
maxActive="15"
maxIdle="6"
minIdle="3"
validationQuery="SELECT 1"
testOnBorrow="true"
testOnReturn="true"
testWhileIdle="true"
timeBetweenEvictionRunsMillis="30000"
minEvictableIdleTimeMillis="60000"
logAbandoned="true"
suspectTimeout="60"
/>
</GlobalNamingResources>
<Service name="Catalina">

<Connector
protocol="org.apache.coyote.http11.Http11NioProtocol"
port="443"
maxThreads="200"
scheme="https"
secure="true"
SSLEnabled="true"
keystoreFile="/usr/share/tomcat.keystore"
keystorePass="xyz123"
clientAuth="false"
sslProtocol="TLS"
URIEncoding="UTF-8"
compression="force"
acceptCount="100"
minSpareThreads="25"
maxSpareThreads="75"
enableLookups="false"
disableUploadTimeout="true"
maxHttpHeaderSize="8192"
compressableMimeType="text/html,text/xml,text/plain,text/javascript,text/css"/>

<Engine name="Catalina" defaultHost="localhost">

<Realm className="org.apache.catalina.realm.LockOutRealm">
<Realm className="org.apache.catalina.realm.UserDatabaseRealm" resourceName="UserDatabase"/>
</Realm>

<Host name="localhost" appBase="webapps" unpackWARs="true" autoDeploy="true">
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
prefix="localhost_access_log." suffix=".log"
pattern="%h %l %u %t &quot;%r&quot; %s %b" /></Host>
</Engine>
</Service>
</Server>


Info

Note:

If your any of the server port connections are using port number = 443, then you need to change your port number to 8443, in server.xml here:-

port="443" maxThreads="200" scheme="https" to port="8443" maxThreads="200" scheme="https" 

...

copy below content into it & exit by pressing ctrl+x then confirm with y for yes. 

Code Block
languagebash
#!/bin/bash
### BEGIN INIT INFO
# Provides:         tomcat
# Required-Start:    $all
# Required-Stop:
# Default-Start:     2 3 4 5
# Default-Stop:
# Short-Description: Auto-starts tomcat
# pidfile: /var/run/tomcat.pid
### END INIT INFO

case $1 in
start)
sh /usr/share/tomcat9/bin/startup.sh
;;
stop)
sh /usr/share/tomcat9/bin/shutdown.sh
;;
restart)
sh /usr/share/tomcat9/bin/shutdown.sh
sh /usr/share/tomcat9/bin/startup.sh
;;
esac
exit 0
Then Execute on Terminal
Code Block
sudo chmod 755 /etc/init.d/tomcat9

...

Info

For latest released code you can download from https://sourceforge.net/projects/mifos/files/latest/download?source=files orIf wget/download fails, this link:- https://github.com/apache/fineract/releases 

In which you will find the following folders and file 

  • apps (contains community-app & web-app)

  • pentaholibs

  • pentahoReports

  • fineract-provider.war

  • and other files 

...

Info

pentahoReports & upload directory

Pentaho Reports

If /pentahoReports  is not copied into /root/.mifosx, penatoh reports,ex:accounting reports will fail with:

Income Statement.prpt","defaultUserMessage":"Unable to create key: No loader was able to handle the given key data: /usr/share/tomcat9/.mifosx/pentahoReports/Income Statement.prpt","userMessageGlobalisationCode":"error.msg.reporting.error","parameterName":null,"value"

Upload Directory

  • .fineract directory gets created automatically, if not created then Clients > Upload Documents  will fail with:  "Error error.msg.document.save"  (firebug, network tab)

  • Access to this directory should be restricted to authorized personnel only.
    While all accounting related information is stored in a database, submitted documents are simply stored in orginal format as uploaded. Mifos will store user uploaded files/documents relating to clients,loans,etc   in .fineract/


Start tomcat:

sudo /etc/init.d/tomcat9 start 

...

Code Block
languagetext
<Listener className="org.apache.catalina.core.JasperListener" /> 

OPTIONAL:
*in separate terminal you may watch your Mifos(logs) come to life like this: 

# sudo tail -f /usr/share/tomcat9/logs/catalina.out 

(if all is good, after a while of loading, you should see something like: Root WebApplicationContext: initialization completed in 45876 ms)

Info

It's Done!

Congratulations!

You could access Mifos X through any internet browser:- 

@ https://server ip address or if you are using server port number as 8443 then you could access it @ https://localhost:8443

With these credentials:-

username: mifos

password: password

...