Wednesday, December 15, 2021

Install DHIS2 on UBUNTU 20.04LTS

 Install DHIS2 Production instance on UBUNTU 20.04 LTS

This document is based on the DHIS2 installation guide on dhi2.org with my style and resources. Your questions can send to me or in the DHIS2 Community. 

Server specifications

DHIS2 is a database intensive application and requires appropriate amount of RAM, number of CPU cores and a fast disk. These recommendations should be considered as rules-of-thumb and not exact measures. DHIS2 scales linearly on the amount of RAM and number of CPU cores so the more you can afford, the better the application will perform.

RAM: At least 1 GB memory per 1 million captured data records per month or per 1000 concurrent users. At least 4 GB for a small instance, 12 GB for a medium instance.

CPU cores: 4 CPU cores for a small instance, 8 CPU cores for a medium or large instance.

Disk: Ideally use an SSD. Otherwise use a 7200 rpm disk. Minimum read speed is 150 Mb/s, 200 Mb/s is good, 350 Mb/s or better is ideal. In terms of disk space, at least 60 GB is recommended, but will depend entirely on the amount of data which is contained in the data value tables. Analytics tables require a significant amount of disk space. Plan ahead and ensure that your server can be upgraded with more disk space as it becomes needed.

In this writeup I use 4 Processor, 16GB RAM and 250GB Disk space for a small instance.

Software requirements

An operating system for which a Java JDK or JRE version 8 or 11 exists. Linux is recommended.

Java JDK. OpenJDK is recommended.

For DHIS 2 version 2.35 version and later, JDK 11 is recommended and JDK 8 or later is required.

For DHIS 2 versions older than 2.35, JDK 8 is required.

PostgreSQL database version 9.6 or later. A later PostgreSQL version such as version 13 is recommended.

PostGIS database extension version 2.2 or later.

Tomcat servlet container version 8.5.50 or later, or other Servlet API 3.1 compliant servlet containers.

Server setup

First, creating a user to run DHIS2

You should create a dedicated user for running DHIS2. You should not run the DHIS2 server as a privileged user such as root.

Create a new user called dhis by invoking:

sudo useradd -d /home/dhis -m dhis -s /bin/false

Then to set the password for your account invoke:

sudo passwd dhis

Make sure you set a strong password with at least 15 random characters.

Creating the configuration directory

Start by creating a suitable directory for the DHIS2 configuration files. This directory will also be used for apps, files and log files. An example directory could be:

mkdir /home/dhis/config

chown dhis:dhis /home/dhis/config

DHIS2 will look for an environment variable called DHIS2_HOME to locate the DHIS2 configuration directory. This directory will be referred to as DHIS2_HOME in this installation guide. We will define the environment variable in a later step in the installation process.

Setting server time zone and locale

It may be necessary to reconfigure the time zone of the server to match the time zone of the location which the DHIS2 server will be covering. If you are using a virtual private server, the default time zone may not correspond to the time zone of your DHIS2 location. This is very critical for postgres. You can easily reconfigure the time zone by invoking the below and following the instructions.

sudo dpkg-reconfigure tzdata

Select 'Asia' and 'Dhaka'



PostgreSQL is sensitive to locales so you might have to install your locale first. To check existing locales and install new ones (e.g. English, US):

locale -a

You can change by 

sudo locale-gen nb_NO.UTF-8


PostgreSQL installation

Ubuntu 20.04 comes with Postgres 12 from it’s universe repository. Since we want version 13, we can directly use the PostgreSQL project’s official APT repository. This repository contains binaries for Ubuntu 20.04, and also includes packages for various extensions that you need.

Let’s setup the repository like this (note that “focal” is the code name for Ubuntu 20.04):

sudo nano /etc/apt/sources.list.d/pgdg.list

Add the following line:

deb http://apt.postgresql.org/pub/repos/apt/ focal-pgdg main

Get the signing key and import it


wget https://www.postgresql.org/media/keys/ACCC4CF8.asc

sudo apt-key add ACCC4CF8.asc


Fetch the metadata from the new repo

sudo apt-get update

We can now install the PostgreSQL server and other command-line tools using:

sudo apt-get install -y postgresql-13 postgresql-13-postgis-2.4

Create a non-privileged user called dhis by invoking:

sudo -u postgres createuser -SDRP dhis

Enter a secure password at the prompt. Create a database by invoking:

sudo -u postgres createdb -O dhis dhis2

Return to your session by invoking exit You now have a PostgreSQL user called dhis and a database called dhis2.

The PostGIS extension is needed for several GIS/mapping features to work. DHIS 2 will attempt to install the PostGIS extension during startup. If the DHIS 2 database user does not have permission to create extensions you can create it from the console using the postgres user with the following commands:

sudo -u postgres psql -c "create extension postgis;" dhis2

Exit the console and return to your previous user with \q followed by exit.

PostgreSQL performance tuning

Tuning PostgreSQL is necessary to achieve a high-performing system but is optional in terms of getting DHIS2 to run. PostgreSQL is configured and tuned through the postgresql.conf file which can be edited like this:

sudo nano /etc/postgresql/10/main/postgresql.conf

and set the following properties:

max_connections = 100

Determines maximum number of connections which PostgreSQL will allow.

shared_buffers = 3200MB

Determines how much memory should be allocated exclusively for PostgreSQL caching. This setting controls the size of the kernel shared memory which should be reserved for PostgreSQL. Should be set to around 40% of total memory dedicated for PostgreSQL.

work_mem = 20MB

Determines the amount of memory used for internal sort and hash operations. This setting is per connection, per query so a lot of memory may be consumed if raising this too high. Setting this value correctly is essential for DHIS2 aggregation performance.

maintenance_work_mem = 512MB

Determines the amount of memory PostgreSQL can use for maintenance operations such as creating indexes, running vacuum, adding foreign keys. Increasing this value might improve performance of index creation during the analytics generation processes.

effective_cache_size = 8000MB

An estimate of how much memory is available for disk caching by the operating system (not an allocation) and isdb.no used by PostgreSQL to determine whether a query plan will fit into memory or not. Setting it to a higher value than what is really available will result in poor performance. This value should be inclusive of the shared_buffers setting. PostgreSQL has two layers of caching: The first layer uses the kernel shared memory and is controlled by the shared_buffers setting. PostgreSQL delegates the second layer to the operating system disk cache and the size of available memory can be given with the effective_cache_size setting.

checkpoint_completion_target = 0.8

Sets the memory used for buffering during the WAL write process. Increasing this value might improve throughput in write-heavy systems.

synchronous_commit = off

Specifies whether transaction commits will wait for WAL records to be written to the disk before returning to the client or not. Setting this to off will improve performance considerably. It also implies that there is a slight delay between the transaction is reported successful to the client and it actually being safe, but the database state cannot be corrupted and this is a good alternative for performance-intensive and write-heavy systems like DHIS2.

wal_writer_delay = 10000ms

Specifies the delay between WAL write operations. Setting this to a high value will improve performance on write-heavy systems since potentially many write operations can be executed within a single flush to disk.

random_page_cost = 1.1

SSD only. Sets the query planner's estimate of the cost of a non-sequentially-fetched disk page. A low value will cause the system to prefer index scans over sequential scans. A low value makes sense for databases running on SSDs or being heavily cached in memory. The default value is 4.0 which is reasonable for traditional disks.

max_locks_per_transaction = 96

Specifies the average number of object locks allocated for each transaction. This is set mainly to allow upgrade routines which touch a large number of tables to complete.

Restart PostgreSQL by invoking the following command:

sudo /etc/init.d/postgresql restart

Java installation

The recommended Java JDK for DHIS 2 is OpenJDK 11. OpenJDK is licensed under the GPL license and can be run free of charge. You can install it with the following command:

sudo apt-get install openjdk-11-jdk

java -version

DHIS2 configuration

The database connection information is provided to DHIS2 through a configuration file called dhis.conf. Create this file and save it in the DHIS2_HOME directory. As an example this location could be:

/home/dhis/config/dhis.conf

A configuration file for PostgreSQL corresponding to the above setup has these properties:

# JDBC driver class { #jdbc-driver-class } 

connection.driver_class = org.postgresql.Driver

# Database connection URL { #database-connection-url } 

connection.url = jdbc:postgresql://localhost:5432/dhis2

# Database username { #database-username } 

connection.username = dhis

# Database password { #database-password } 

connection.password = xxxx

# ---------------------------------------------------------------------- { #- } 

# Server { #server } 

# Enable secure settings if deployed on HTTPS, default 'off', can be 'on' { #enable-secure-settings-if-deployed-on-https-default-off-can-be-on } 

server.https = on 

# Server base URL { #server-base-url } 

server.base.url = https://myserver.com/dhis2 

It is strongly recommended to enable the server.https setting and deploying DHIS 2 with an encrypted HTTPS protocol. This setting will enable e.g. secure cookies. HTTPS deployment is required when this setting is enabled.

The server.base.url setting refers to the URL at which the system is accessed by end users over the network.

Note that the configuration file supports environment variables. This means that you can set certain properties as environment variables and have them resolved, e.g. like this where DB\_PASSWD is the name of the environment variable:

connection.password = ${DB_PASSWD}

Note that this file contains the password for your DHIS2 database in clear text so it needs to be protected from unauthorized access. To do this, invoke the following command which ensures only the dhis user is allowed to read it:

chmod 600 dhis.conf

Tomcat and DHIS2 installation

To install the Tomcat servlet container we will use Tomcat service package by invoking:

sudo apt-get install tomcat9

This package lets us easily create a Tomcat9 service. The instance will be created in the / directory. 

Next edit the file tomcat-dhis/bin/setenv.sh and add the lines below. The first line will set the location of your Java Runtime Environment, the second will dedicate memory to Tomcat and the third will set the location for where DHIS2 will search for the dhis.conf configuration file. Please check that the path the Java binaries are correct as they might vary from system to system, e.g. on AMD systems you might see /java-8-openjdk-amd64 Note that you should adjust this to your environment:

export JAVA_HOME='/usr/lib/jvm/java-11-openjdk-amd64/'

export JAVA_OPTS='-Xmx7500m -Xms4000m'

export DHIS2_HOME='/home/dhis/config'

export JAVA_OPTS='-Dlog4j2.formatMsgNoLookups=true'

The Tomcat configuration file is located in tomcat-dhis/conf/server.xml. The element which defines the connection to DHIS is the Connector element with port 8080. You can change the port number in the Connector element to a desired port if necessary. The relaxedQueryChars attribute is necessary to allow certain characters in URLs used by the DHIS2 front-end.


<Connector port="8080" protocol="HTTP/1.1"

  connectionTimeout="20000"

  redirectPort="8443"

  relaxedQueryChars="[]" />

The next step is to download the DHIS2 WAR file and place it into the webapps directory of Tomcat. You can download DHIS2 WAR files from the following location:


https://releases.dhis2.org/

Alternatively, for patch releases, the folder structure is based on the patch release ID in a subfolder under the main release. E.g. you can download the DHIS2 version 2.31.1 WAR release like this (replace 2.31 with your preferred version, and 2.31.1 with you preferred patch, if necessary):


wget https://releases.dhis2.org/2.33/2.33.1/dhis.war

Move the WAR file into the Tomcat webapps directory. We want to call the WAR file ROOT.war in order to make it available at localhost directly without a context path:

mv dhis.war tomcat-dhis/webapps/ROOT.war

DHIS2 should never be run as a privileged user. After you have modified the setenv.sh file, modify the startup script to check and verify that the script has not been invoked as root.

#!/bin/sh { #binsh } 

set -e


if [ "$(id -u)" -eq "0" ]; then

  echo "This script must NOT be run as root" 1>&2

  exit 1

fi

export CATALINA_BASE="/home/dhis/tomcat-dhis"

/usr/share/tomcat8/bin/startup.sh

echo "Tomcat started"

Running DHIS2

DHIS2 can now be started by invoking:

sudo -u dhis tomcat-dhis/bin/startup.sh

Important

The DHIS2 server should never be run as root or other privileged user.

DHIS2 can be stopped by invoking:

sudo -u dhis tomcat-dhis/bin/shutdown.sh

To monitor the behavior of Tomcat the log is the primary source of information. The log can be viewed with the following command:

tail -f tomcat-dhis/logs/catalina.out

Assuming that the WAR file is called ROOT.war, you can now access your DHIS2 instance at the following URL:

http://localhost:8080

File store configuration

DHIS2 is capable of capturing and storing files. By default, files will be stored on the local file system of the server which runs DHIS2 in a files directory under the DHIS2_HOME external directory location.

You can also configure DHIS2 to store files on cloud-based storage providers. AWS S3 is the only supported provider currently. To enable cloud-based storage you must define the following additional properties in your dhis.conf file:

# File store provider. Currently 'filesystem' and 'aws-s3' are supported. { #file-store-provider-currently-filesystem-and-aws-s3-are-supported } 

filestore.provider = 'aws-s3'

# Directory in external directory on local file system and bucket on AWS S3 { #directory-in-external-directory-on-local-file-system-and-bucket-on-aws-s3 } 

filestore.container = files

# The following configuration is applicable to cloud storage only (AWS S3) { #the-following-configuration-is-applicable-to-cloud-storage-only-aws-s3 } 

# Datacenter location. Optional but recommended for performance reasons. { #datacenter-location-optional-but-recommended-for-performance-reasons } 

filestore.location = eu-west-1


# Username / Access key on AWS S3 { #username-access-key-on-aws-s3 } 

filestore.identity = xxxx

# Password / Secret key on AWS S3 (sensitive) { #password-secret-key-on-aws-s3-sensitive } 

filestore.secret = xxxx

This configuration is an example reflecting the defaults and should be changed to fit your needs. In other words, you can omit it entirely if you plan to use the default values. If you want to use an external provider the last block of properties needs to be defined, as well as the provider property is set to a supported provider (currently only AWS S3).


Note

If you’ve configured cloud storage in dhis.conf, all files you upload or the files the system generates will use cloud storage.

For a production system the initial setup of the file store should be carefully considered as moving files across storage providers while keeping the integrity of the database references could be complex. Keep in mind that the contents of the file store might contain both sensitive and integral information and protecting access to the folder as well as making sure a backup plan is in place is recommended on a production implementation.

Note

AWS S3 is the only supported provider but more providers are likely to be added in the future, such as Google Cloud Store and Azure Blob Storage. Let us know if you have a use case for additional providers.

Google service account configuration

DHIS2 can connect to various Google service APIs. For instance, the DHIS2 GIS component can utilize the Google Earth Engine API to load map layers. In order to provide API access tokens you must set up a Google service account and create a private key:


Create a Google service account. Please consult the Google identify platform documentation.


Visit the Google cloud console and go to API Manager > Credentials > Create credentials > Service account key. Select your service account and JSON as key type and click Create.


Rename the JSON key to dhis-google-auth.json.


After downloading the key file, put the dhis-google-auth.json file in the DHIS2_HOME directory (the same location as the dhis.conf file). As an example this location could be:


/home/dhis/config/dhis-google-auth.json



Thursday, May 16, 2019

Install WordPress On Ubuntu 18.04 LTS With Nginx, MySQL and PHP

Install WordPress On Ubuntu 18.04 LTS With Nginx, MySQL and PHP

For those who want to learn how to install WordPress on Ubuntu 18.04 LTS, this document is for them. WordPress is an open source software that anyone can use to create powerful and dynamic websites based on PHP. Many large and popular websites online run WordPress.

This tutorial will show how to install WordPress on Ubuntu 18.04 LTS with Nginx, MySQL and PHP-FPM support.

STEP 1: Prepare and Update UBUNTU

Always update Ubuntu servers before installing packages. To update Ubuntu, run the commands below.

$ sudo apt-get update
$ sudo apt-get upgrade
$ sudo apt autoremove

After updating Ubuntu, we will install required packages for WordPress to work.

Step 2: Install the Nginx Web Server

In order to display web pages to our site visitors, we are going to employ Nginx, a modern, efficient web server.

All of the software we will be using for this procedure will come directly from Ubuntu's default package repositories. This means we can use the apt package management suite to complete the installation.

$ sudo apt-get install nginx

On Ubuntu 18.04 LTS, Nginx is configured to start running upon installation.

If you have the ufw firewall running, as outlined in our initial setup guide, you will need to allow connections to Nginx. Nginx registers itself with ufw upon installation, so the procedure is rather straight forward.

It is recommended that you enable the most restrictive profile that will still allow the traffic you want. Since we haven't configured SSL for our server yet, in this guide, we will only need to allow traffic on port 80.

You can enable this by typing:

$ sudo ufw allow 'Nginx HTTP'

You can verify the change by typing:

$ sudo ufw status

You should see HTTP traffic allowed in the displayed output:

Status: active

To                         Action      From
--                         ------      ----
OpenSSH                    ALLOW       Anywhere                  
Nginx HTTP                 ALLOW       Anywhere                  
OpenSSH (v6)               ALLOW       Anywhere (v6)             
Nginx HTTP (v6)            ALLOW       Anywhere (v6)

With the new firewall rule added, you can test if the server is up and running by accessing your server's domain name or public IP address in your web browser.

If you do not have a domain name pointed at your server and you do not know your server's public IP address, you can find it by typing one of the following into your terminal:

$ ip addr show eth0 | grep inet | awk '{ print $2; }' | sed 's/\/.*$//'

This will print out a few IP addresses. You can try each of them in turn in your web browser.

As an alternative, you can check which IP address is accessible as viewed from other locations on the internet:

$ curl -4 icanhazip.com

Type one of the addresses that you receive in your web browser. It should take you to Nginx's default landing page:

http://server_domain_or_IP

Nginx default page

If you see the above page, you have successfully installed Nginx.

Step 3: Install MySQL to Manage Site Data

Now that we have a web server, we need to install MySQL, a database management system, to store and manage the data for our site.

You can install this easily by typing:

$ sudo apt-get install mysql-server

You will be asked to supply a root (administrative) password for use within the MySQL system.

The MySQL database software is now installed, but its configuration is not exactly complete yet.

To secure the installation, we can run a simple security script that will ask whether we want to modify some insecure defaults. Begin the script by typing:

$ mysql_secure_installation

You will be asked to enter the password you set for the MySQL root account as follows. When prompted, answer the questions below by following the guide.

  • Enter current password for root (enter for none): Just press Enter
  • Set root password? [Y/n]: Y
  • New password: Enter password
  • Re-enter new password: Repeat password
  • Remove anonymous users? [Y/n]: Y
  • Disallow root login remotely? [Y/n]: Y
  • Remove test database and access to it? [Y/n]:  Y
  • Reload privilege tables now? [Y/n]:  Y

Step 4: Install PHP for Processing

We now have Nginx installed to serve our pages and MySQL installed to store and manage our data. However, we still don't have anything that can generate dynamic content. We can use PHP for this.

Since Nginx does not contain native PHP processing like some other web servers, we will need to install php-fpm, which stands for "fastCGI process manager". We will tell Nginx to pass PHP requests to this software for processing.

We can install this module and will also grab an additional helper package that will allow PHP to communicate with our database backend. The installation will pull in the necessary PHP core files. Do this by typing:

$ sudo apt install php-fpm php-common php-mbstring php-xmlrpc php-soap php-gd php-xml php-intl php-mysql php-cli php-ldap php-zip php-curl

Configure the PHP Processor

We now have our PHP components installed, but we need to make a slight configuration change to make our setup more secure.

Open the main php-fpm configuration file with root privileges:

$ sudo nano /etc/php/7.2/fpm/php.ini

What we are looking for in this file is the parameter that sets cgi.fix_pathinfo. This will be commented out with a semi-colon (;) and set to "1" by default.

This is an extremely insecure setting because it tells PHP to attempt to execute the closest file it can find if the requested PHP file cannot be found. This basically would allow users to craft PHP requests in a way that would allow them to execute scripts that they shouldn't be allowed to execute.

We will change both of these conditions by uncommenting the line and setting it to "0" like this:

cgi.fix_pathinfo=0

Then scroll down the lines in the file and change the following lines below and save.

post_max_size = 100M
memory_limit = 256M
max_execution_time = 360
upload_max_filesize = 100M
date.timezone = Asia/Dhaka

Save and close the file when you are finished.

Now, we just need to restart our PHP processor by typing:

$ sudo systemctl restart php7.2-fpm

This will implement the change that we made.

Step 5: Create a blank Wordpress Database

At this point, all the required WordPress packages and and servers are installed. The new server  is now ready to host WordPress… On the new server, create a blank WordPress database. WordPress will use this empty database to store its content.

Run the commands below to logon to the database server. When prompted for a password, type the root password you created above.

$ sudo mysql -u root -p

Then create a blank database called WP_database  you can use the same database name from the old server.

CREATE DATABASE WP_database;

Create a database user called wp_user with new password.  You can use the same username and password from the old server.

CREATE USER 'wp_user'@'localhost' IDENTIFIED BY 'type_password_here';

Then grant the user full access to the database.

GRANT ALL ON WP_database.* TO 'wp_user'@'localhost' IDENTIFIED BY 'type_user_password_here' WITH GRANT OPTION;

Finally, save your changes and exit.

FLUSH PRIVILEGES;
EXIT;

Step 6: Download WORDPRESS latest release

Next, visit WordPress site and download the latest…. or run the commands below to do that for you.

$ cd /tmp && wget https://wordpress.org/latest.tar.gz
$ tar -zxvf latest.tar.gz
$ sudo mv wordpress /var/www/html/wordpress

Then run the commands below to set the correct permissions for WordPress root directory.

$ sudo chown -R www-data:www-data /var/www/html/wordpress/
$ sudo chmod -R 755 /var/www/html/wordpress/

Step 7: Configure WORDPRESS

Next, run the commands below to create WordPress wp-config.php file. This is the default configuration file for WordPress.

$ sudo mv /var/www/html/wordpress/wp-config-sample.php /var/www/html/wordpress/wp-config.php

Then run the commands below to open WordPress configuration file.

$ sudo nano /var/www/html/wordpress/wp-config.php

Enter the highlighted text below that you created for your database and save.

// ** MySQL settings - You can get this info from your web host ** //
/** The name of the database for WordPress */
define('DB_NAME', 'WP_database');

/** MySQL database username */
define('DB_USER', 'wp_user');

/** MySQL database password */
define('DB_PASSWORD', 'new_password_here');

/** MySQL hostname */
define('DB_HOST', 'localhost');

/** Database Charset to use in creating database tables. */
define('DB_CHARSET', 'utf8');

/** The Database Collate type. Don't change this if in doubt. */
define('DB_COLLATE', '');

Save the file and you’re done.

Step 8: Configure the new WORDPRESS Site

Next, configure the WordPress site configuration file on the server. Run the commands below to create a new configuration file called wordpress

$ sudo nano /etc/nginx/sites-available/wordpress

Then copy and paste the content below into the file and save it. Replace example.com with your own domain name.

server {
    listen 80;
    listen [::]:80;
    root /var/www/html/wordpress;
    index  index.php index.html index.htm;
    server_name  example.com www.example.com;

     client_max_body_size 100M;

    location / {
        try_files $uri $uri/ /index.php?$args;        
    }

    location ~ \.php$ {
    include snippets/fastcgi-php.conf;
    fastcgi_pass             unix:/var/run/php/php7.2-fpm.sock;
    fastcgi_param   SCRIPT_FILENAME $document_root$fastcgi_script_name;
    }
}

Save the file and exit.

Step 9: Enable the WORDPRESS site

After configuring the VirtualHost above, enable it by running the commands below

$ sudo ln -s /etc/nginx/sites-available/wordpress /etc/nginx/sites-enabled/

Now all is configured… run the commands below to reload Nginx web server and PHP-FPM settings.

$ sudo systemctl restart nginx.service
$ sudo systemctl restart php7.2-fpm.service

After restarting Nginx, open your browser and browse to the server IP address or hostname. If everything was setup correctly, you should see WordPress default configuration wizard.

http://example.com

WordPress default setup page

Follow the on-screen instructions until you’re successfully configured WordPress. When you’re done, login to the admin dashboard and configure WordPress settings.

Congratulations! You’ve just successfully installed WordPress.


Wednesday, August 8, 2018

DHIS2 Local Installation Guide for Microsoft Windows 10

DHIS2 Local Installation Guide for Microsoft Windows


DHIS2 runs on all platforms for which there exists a Java Runtime Environment version 8 or higher, which includes most popular operating systems such as Windows, Linux and Mac. DHIS2 runs on the PostgreSQL database system. DHIS2 is packaged as a standard Java Web Archive (WAR-file) and thus runs on any Servlet containers such as Tomcat and Jetty.

The DHIS2 team recommends Ubuntu 16.04 LTS operating system, PostgreSQL database system and Tomcat Servlet container as the preferred environment for server installations.

In this blog I am trying to guide guide you for setting up the above technology stack in Windows 10 Platform. It should however be read as a guide for getting up and running and not as an exhaustive documentation for the mentioned environment. We refer to the official Windows, PostgreSQL and Tomcat 8 documentation for in-depth reading.

Hardware requirement

DHIS2 is a database intensive application and requires that your server has an appropriate amount of RAM, number of CPU cores and a fast disk. These recommendations should be considered as rules-of-thumb and not exact measures. DHIS2 scales linearly on the amount of RAM and number of CPU cores so the more you can afford, the better the application will perform. 

For desktop installation with a blank database the following hardware requirement should be meet. To run Windows OS and services it nearly require 2GB of RAM. So computer should have at least 6 GB of and have at least 4 CPU cores; 6 core will be good.

Disk: Ideally use an SSD. Otherwise use a 7200 rpm disk. Minimum read speed is 150 Mb/s, 200 Mb/s is good, 350 Mb/s or better is ideal. In terms of disk space, at least 60 GB is reccomended, but will depend entirely on the amount of data which is contained in the data value tables. Analytics tables require a significant amount of disk space. Plan ahead and ensure that your server can be upgraded with more disk space as it becomes needed.

Software requirements

Later DHIS2.30 versions require the following software versions to operate.

Oracle Java JRE/JDK version 8 or later.
PostgreSQL database version 10 or later.
PostGIS database extension version 2.4 or later.
Tomcat servlet container version 8 or later.

Install all software as administrator.

Creating the configuration directory

Start by creating a suitable directory for the DHIS2 configuration files. This directory will also be used for apps, files and log files. An example directory could be: 'd:\dhis2\config'. Use the drive which have more space and preferably not on the Widows drive.

DHIS2 will look for an environment variable called DHIS2_HOME to locate the DHIS2 configuration directory. This directory will be referred to as DHIS2_HOME in this installation guide. 

Install Oracle Java 8 

Go to https://www.java.com/en/download/ and click on 'Free Java Download' agree the licence agreement and install Java 8 (JDK or JRE). JRE is sufficient.

Install Tomcat 8

Install Tomcat 8 “32-bit/64-bit Windows Service Installer”(it is VERY important that you install only the service installer - not the 32 bit or 64bit windows zip): https://tomcat.apache.org/download-80.cgi#8.5.32

***DO NOT start Tomcat at the end of installation***; if you did accidentally, then please stop the service.

Install PostgreSQL 10

Install PostgreSQL 10 from https://www.openscg.com/bigsql/postgresql/installers.jsp/

Note down and remember the postgres password you created and installation port (default 5432). Do no install on C: or windows drive, try to install on D:\ or the drive have good amount of space. 

Install Pgadmin 4 

Install PGADMIN4 form https://ftp.postgresql.org/pub/pgadmin/pgadmin4/v3.1/windows/pgadmin4-3.1-x86.exe. This a graphical database administration package.

Define the environment variable

My Computer (Right Click) → Properties → Advanced system settings → Environmental Variables



Under “System Variables” click “New” to add following:
Variable Name: DHIS2_HOME
      Value: D:\DHIS2\CONFIG
Variable Name: JAVA_OPTS
      Value: -Xms512m -Xmx2048m -XX:PermSize=256m -XX:MaxPermSize=768m
Make sure “Path” variable include the path to JDK’s “bin” folders address (i.e. C:\Program Files\Java\jdk1.8.0_45\bin)



Create database

Open “PgAdmin 4” and connect with the password you gave during installation.
Right click databases and create a new database “dhis2” set Owner as “postgres”



Create DHIS2 Configuration file


DHIS using configuration file, is called, "dhis.conf" and resides in the DHIS2 home folder given in the environmental variables. We create a folder  'd:\dhis2\config' folder. Create a text "dhis.conf" in the above folder. Make sure the configuration files details reflect the details of the database created.

dhis.conf file content will be:

# Hibernate SQL dialect
connection.dialect = org.hibernate.dialect.PostgreSQLDialect
# JDBC driver class
connection.driver_class = org.postgresql.Driver
# Database connection URL
jdbc:postgresql://localhost:5432/dhis2_test
# Database username
connection.username = postgres
# Database password
connection.password = Postgres1#
# Database schema behavior, can be validate, update, create, create-drop
connection.schema = update
# Encryption password (sensitive)
encryption.password = xxxxxxxx

Note that encryption password should long and combination of multiple characters. Pleas kept it properly and if lost might not decrypt data of individual records.

Download DHIS2 war file 

Download the latest DHIS2 war file dhis.war (https://www.dhis2.org/downloads) and copy it in to “webapps” folder of the Tomcat installation (i.e. C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps).

Run Tomcat and DHIS2

Run Tomcat 8 service to deploy the war file. Once the deployment is complete access DHIS2 using the web browser: http://localhost:8080/dhis/.

    Username: admin
    Password: district


Tuesday, July 24, 2018

How to remove Postgres from any installation

How to remove Postgres from any  installation

If your install isn't already damaged, you can drop unwanted PostgreSQL servers ("clusters") in Ubuntu using 'pg_dropcluster'. Use that in preference to a full purge and reinstall if you just want to start with a freshly 'initdb' PostgreSQL instance.

If you really need to do a full purge and reinstall, first make sure PostgreSQL isn't running.

ps -C postgres 

should show no results.

Now run:

apt-get --purge remove postgresql\*

to remove everything PostgreSQL from your system. Just purging the postgres package isn't enough since it's just an empty meta-package.

Once all PostgreSQL packages have been removed, run:

rm -r /etc/postgresql/
rm -r /etc/postgresql-common/
rm -r /var/lib/postgresql/
userdel -r postgres
groupdel postgres

You should now be able to:

apt-get install postgresql

or for a complete install:

apt-get install postgresql-9.6 postgresql-contrib-9.6 postgresql-doc-9.6




Saturday, June 9, 2018

30 Useful Linux Commands for System Administrators

Originally written by Ravi Saive


1. Uptime Command

In Linux uptime command shows since how long your system is running and the number of users are currently logged in and also displays load average for 1,5 and 15 minutes intervals.

# uptime

08:16:26 up 22 min,  1 user,  load average: 0.00, 0.03, 0.22
Check Uptime Version

Uptime command don’t have other options other than uptime and version. It gives information only in hours:mins if it less than 1 day.

[tecmint@tecmint ~]$ uptime -V
procps version 3.2.8

2. W Command

It will displays users currently logged in and their process along-with shows load averages. also shows the login name, tty name, remote host, login time, idle time, JCPU, PCPU, command and processes.

# w

08:27:44 up 34 min,  1 user,  load average: 0.00, 0.00, 0.08
USER     TTY      FROM              LOGIN@   IDLE   JCPU   PCPU WHAT
tecmint  pts/0    192.168.50.1     07:59    0.00s  0.29s  0.09s w
Available options

-h : displays no header entries.
-s : without JCPU and PCPU.
-f : Removes from field.
-V : (upper letter) – Shows versions.

3. Users Command

Users command displays currently logged in users. This command don’t have other parameters other than help and version.

# users

hannan

4. Who Command

who command simply return user name, date, time and host information. who command is similar to w command. Unlike w command who doesn’t print what users are doing. Lets illustrate and see the different between who and w commands.

# who

tecmint  pts/0        2012-09-18 07:59 (192.168.50.1)
# w

08:43:58 up 50 min,  1 user,  load average: 0.64, 0.18, 0.06
USER     TTY      FROM              LOGIN@   IDLE   JCPU   PCPU WHAT
tecmint  pts/0    192.168.50.1     07:59    0.00s  0.43s  0.10s w
Who command Options

-b : Displays last system reboot date and time.
-r : Shows current runlet.
-a, –all : Displays all information in cumulatively.

5. Whoami Command

whoami command print the name of current user. You can also use “who am i” command to display the current user. If you are logged in as a root using sudo command “whoami” command return root as current user. Use “who am i” command if you want to know the exact user logged in.

# whoami

hannan

6. ls Command

ls command display list of files in human readable format.

# ls -l

total 114
dr-xr-xr-x.   2 root root  4096 Sep 18 08:46 bin
dr-xr-xr-x.   5 root root  1024 Sep  8 15:49 boot
Sort file as per last modified time.

# ls -ltr

total 40
-rw-r--r--. 1 root root  6546 Sep 17 18:42 install.log.syslog
-rw-r--r--. 1 root root 22435 Sep 17 18:45 install.log
-rw-------. 1 root root  1003 Sep 17 18:45 anaconda-ks.cfg
For more examples of ls command, please check out our article on 15 Basic ‘ls’ Command Examples in Linux.

7. Crontab Command

List schedule jobs for current user with crontab command and -l option.

# crontab -l

00 10 * * * /bin/ls >/ls.txt
Edit your crontab with -e option. In the below example will open schedule jobs in VI editor. Make a necessary changes and quit pressing :wq keys which saves the setting automatically.

# crontab -e
For more examples of Linux Cron Command, please read our earlier article on 11 Cron Scheduling Task Examples in Linux.

8. Less Command

less command allows quickly view file. You can page up and down. Press ‘q‘ to quit from less window.

# less install.log

Installing setup-2.8.14-10.el6.noarch
warning: setup-2.8.14-10.el6.noarch: Header V3 RSA/SHA256 Signature, key ID c105b9de: NOKEY
Installing filesystem-2.4.30-2.1.el6.i686
Installing ca-certificates-2010.63-3.el6.noarch
Installing xml-common-0.6.3-32.el6.noarch
Installing tzdata-2010l-1.el6.noarch
Installing iso-codes-3.16-2.el6.noarch

9. More Command

more command allows quickly view file and shows details in percentage. You can page up and down. Press ‘q‘ to quit out from more window.

# more install.log

Installing setup-2.8.14-10.el6.noarch
warning: setup-2.8.14-10.el6.noarch: Header V3 RSA/SHA256 Signature, key ID c105b9de: NOKEY
Installing filesystem-2.4.30-2.1.el6.i686
Installing ca-certificates-2010.63-3.el6.noarch
Installing xml-common-0.6.3-32.el6.noarch
Installing tzdata-2010l-1.el6.noarch
Installing iso-codes-3.16-2.el6.noarch
--More--(10%)

10. CP Command

Copy file from source to destination preserving same mode.

# cp -p fileA fileB
You will be prompted before overwrite to file.

# cp -i fileA fileB

11. MV Command

Rename fileA to fileB. -i options prompt before overwrite. Ask for confirmation if exist already.

# mv -i fileA fileB

12. Cat Command

cat command used to view multiple file at the same time.

# cat fileA fileB
You combine more and less command with cat command to view file contain if that doesn’t fit in single screen / page.

# cat install.log | less

# cat install.log | more
For more examples of Linux cat command read our article on 13 Basic Cat Command Examples in Linux.

13. Cd command (change directory)

with cd command (change directory) it will goes to fileA directory.

# cd /fileA

14. pwd command (print working directory)

pwd command return with present working directory.

# pwd

/root

15. Sort command

Sorting lines of text files in ascending order. with -r options will sort in descending order.

#sort fileA.txt

#sort -r fileA.txt

16. VI Command

Vi is a most popular text editor available most of the UNIX-like OS. Below examples open file in read only with -R option. Press ‘:q‘ to quit from vi window.

# vi -R /etc/shadows

17. SSH Command (Secure Shell)

SSH command is used to login into remote host. For example the below ssh command will connect to remote host (192.168.50.2) using user as narad.

# ssh narad@192.168.50.2
To check the version of ssh use option -V (uppercase) shows version of ssh.

# ssh -V

OpenSSH_5.3p1, OpenSSL 1.0.0-fips 29 Mar 2010

18. Ftp or sftp Command

ftp or sftp command is used to connect to remote ftp host. ftp is (file transfer protocol) and sftp is (secure file transfer protocol). For example the below commands will connect to ftp host (192.168.50.2).

# ftp 192.168.50.2

# sftp 192.168.50.2
Putting multiple files in remote host with mput similarly we can do mget to download multiple files from remote host.

# ftp > mput *.txt

# ftp > mget *.txt

19. Service Command

Service command call script located at /etc/init.d/ directory and execute the script. There are two ways to start the any service. For example we start the service called httpd with service command.

# service httpd start
OR
# /etc/init.d/httpd start

20. Free command

Free command shows free, total and swap memory information in bytes.

# free
             total       used       free     shared    buffers     cached
Mem:       1030800     735944     294856          0      51648     547696
-/+ buffers/cache:     136600     894200
Swap:      2064376          0    2064376
Free with -t options shows total memory used and available to use in bytes.

# free -t
             total       used       free     shared    buffers     cached
Mem:       1030800     736096     294704          0      51720     547704
-/+ buffers/cache:     136672     894128
Swap:      2064376          0    2064376
Total:     3095176     736096    2359080

21. Top Command

top command displays processor activity of your system and also displays tasks managed by kernel in real-time. It’ll show processor and memory are being used. Use top command with ‘u‘ option this will display specific User process details as shown below. Press ‘O‘ (uppercase letter) to sort as per desired by you. Press ‘q‘ to quit from top screen.

# top -u tecmint

top - 11:13:11 up  3:19,  2 users,  load average: 0.00, 0.00, 0.00
Tasks: 116 total,   1 running, 115 sleeping,   0 stopped,   0 zombie
Cpu(s):  0.0%us,  0.3%sy,  0.0%ni, 99.7%id,  0.0%wa,  0.0%hi,  0.0%si,  0.0%st
Mem:   1030800k total,   736188k used,   294612k free,    51760k buffers
Swap:  2064376k total,        0k used,  2064376k free,   547704k cached

PID USER      PR  NI  VIRT  RES  SHR S %CPU %MEM    TIME+  COMMAND
1889 tecmint   20   0 11468 1648  920 S  0.0  0.2   0:00.59 sshd
1890 tecmint   20   0  5124 1668 1416 S  0.0  0.2   0:00.44 bash
6698 tecmint   20   0 11600 1668  924 S  0.0  0.2   0:01.19 sshd
6699 tecmint   20   0  5124 1596 1352 S  0.0  0.2   0:00.11 bash
For more about top command we’ve already compiled a list of 12 TOP Command Examples in Linux.

22. Tar Command

tar command is used to compress files and folders in Linux. For example the below command will create a archive for /home directory with file name as archive-name.tar.

# tar -cvf archive-name.tar /home
To extract tar archive file use the option as follows.

# tar -xvf archive-name.tar

23. Grep Command

grep search for a given string in a file. Only tecmint user displays from /etc/passwd file. we can use -i option for ignoring case sensitive.

# grep tecmint /etc/passwd

tecmint:x:500:500::/home/tecmint:/bin/bash

24. Find Command

Find command used to search files, strings and directories. The below example of find command search tecmint word in ‘/‘ partition and return the output.

# find / -name tecmint

/var/spool/mail/tecmint
/home/tecmint
/root/home/tecmint
For complete guide on Linux find command examples fount at 35 Practical Examples of Linux Find Command.

25. lsof Command

lsof mean List of all open files. Below lsof command list of all opened files by user tecmint.

# lsof -u tecmint

COMMAND  PID    USER   FD   TYPE     DEVICE SIZE/OFF   NODE NAME
sshd    1889 tecmint  cwd    DIR      253,0     4096      2 /
sshd    1889 tecmint  txt    REG      253,0   532336 298069 /usr/sbin/sshd
sshd    1889 tecmint  DEL    REG      253,0          412940 /lib/libcom_err.so.2.1
sshd    1889 tecmint  DEL    REG      253,0          393156 /lib/ld-2.12.so
sshd    1889 tecmint  DEL    REG      253,0          298643 /usr/lib/libcrypto.so.1.0.0
sshd    1889 tecmint  DEL    REG      253,0          393173 /lib/libnsl-2.12.so
sshd    1889 tecmint  DEL    REG      253,0          412937 /lib/libkrb5support.so.0.1
sshd    1889 tecmint  DEL    REG      253,0          412961 /lib/libplc4.so
For more lsof command examples visit 10 lsof Command Examples in Linux.

26. last command

With last command we can watch user’s activity in the system. This command can execute normal user also. It will display complete user’s info like terminal, time, date, system reboot or boot and kernel version. Useful command to troubleshoot.

# last

tecmint  pts/1        192.168.50.1     Tue Sep 18 08:50   still logged in
tecmint  pts/0        192.168.50.1     Tue Sep 18 07:59   still logged in
reboot   system boot  2.6.32-279.el6.i Tue Sep 18 07:54 - 11:38  (03:43)
root     pts/1        192.168.50.1     Sun Sep 16 10:40 - down   (03:53)
root     pts/0        :0.0             Sun Sep 16 10:36 - 13:09  (02:32)
root     tty1         :0               Sun Sep 16 10:07 - down   (04:26)
reboot   system boot  2.6.32-279.el6.i Sun Sep 16 09:57 - 14:33  (04:35)
narad    pts/2        192.168.50.1     Thu Sep 13 08:07 - down   (01:15)
You can use last with username to know for specific user’s activity as shown below.

# last tecmint

tecmint  pts/1        192.168.50.1     Tue Sep 18 08:50   still logged in
tecmint  pts/0        192.168.50.1     Tue Sep 18 07:59   still logged in
tecmint  pts/1        192.168.50.1     Thu Sep 13 08:07 - down   (01:15)
tecmint  pts/4        192.168.50.1     Wed Sep 12 10:12 - 12:29  (02:17)

27. ps command

ps command displays about processes running in the system. Below example show init process only.

# ps -ef | grep init

root         1     0  0 07:53 ?        00:00:04 /sbin/init
root      7508  6825  0 11:48 pts/1    00:00:00 grep init

28. kill command

Use kill command to terminate process. First find process id with ps command as shown below and kill process with kill -9 command.

# ps -ef | grep init
root         1     0  0 07:53 ?        00:00:04 /sbin/init
root      7508  6825  0 11:48 pts/1    00:00:00 grep init

# kill- 9 7508

29. rm command

rm command used to remove or delete a file without prompting for confirmation.

# rm filename
Using -i option to get confirmation before removing it. Using options ‘-r‘ and ‘-f‘ will remove the file forcefully without confirmation.

# rm -i test.txt

rm: remove regular file `test.txt'?

30. mkdir command example.

mkdir command is used to create directories under Linux.

# mkdir directoryname
This is a handy day to day useable basic commands in Linux / Unix-like operating system. Kindly share through our comment box if we missed out.

Monday, June 4, 2018

Install PostgreSQL 10 on Ubuntu 16.04 LTS

Install PostgreSQL 10 on Ubuntu 16.04 LTS

I was facing issues to install PostgreSQL 10 on Ubuntu 16.04 LTS, so I documented it, so others can save time. Note that technical platform are very dynamic, might change over the period.

The PostgreSQL Global Development Group (PGDG) maintains an APT repository of PostgreSQL packages for Debian and Ubuntu located at http://apt.postgresql.org/pub/repos/apt/. Their aim to building PostgreSQL server packages as well as extensions and modules packages on several Debian/Ubuntu releases for all PostgreSQL versions supported.

I am using their repository to install PostgreSQL 10. Note that default apt repository fro Ubuntu 16.04 LTS is PostgreSQL 9.5.

Step 1:

Create /etc/apt/sources.list.d/pgdg.list. The distributions are called codename-pgdg. For Ubuntu 16.04 LTS the code name is xenial. Two way you can do that; first one will do for any version as it is determinig the code name of the operating system.

$ sudo sh -c 'echo "deb http://apt.postgresql.org/pub/repos/apt/ $(lsb_release -cs)-pgdg main" > /etc/apt/sources.list.d/pgdg.list'

or for Ubuntu 16.04 LTS

$ sudo sh -c 'echo "deb http://apt.postgresql.org/pub/repos/apt/xenial-pgdg main" > /etc/apt/sources.list.d/pgdg.list'

or you can manually add by:

$ sudo nano /etc/apt/sources.list.d/pgdg.list

Add

deb http://apt.postgresql.org/pub/repos/apt/ xenial-pgdg main

Press Ctrl X, Y to save and close.

Step 2:

Import the repository key from https://www.postgresql.org/media/keys/ACCC4CF8.asc, update the package lists, and start installing packages:

$ sudo apt-get install wget ca-certificates

$ wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | sudo apt-key add -

$ sudo apt-get update

$ sudo apt-get upgrade

$ sudo apt-get install postgresql-10

Step 3

Connect to postgres and create password for 'postgres' user.

$ sudo su - postgres

$ psql

\password postgres

enter your desired password twice. exit from psql.

# \q

All done.









Sunday, December 3, 2017

How To Install Webmin on Ubuntu 16.04

-- Form Digital Ocean

We need to add the Webmin repository so that we can easily install and update Webmin using our package manager. We do this by adding the repository to the /etc/apt/sources.list file.

Open the file in your editor:

sudo nano /etc/apt/sources.list

Then add this line to the bottom of the file to add the new repository: 
/etc/apt/sources.list
 
. . . 
deb http://download.webmin.com/download/repository sarge contrib

Save the file and exit the editor.

Next, add the Webmin PGP key so that your system will trust the new repository:

wget http://www.webmin.com/jcameron-key.asc
sudo apt-key add jcameron-key.asc

Next, update the list of packages to include the Webmin repository:

sudo apt-get update 

Then install Webmin:

sudo apt-get install webmin 

Once the installation finishes, you be presented with the following output:

Output

Webmin install complete. You can now login to https://your_server_ip:10000 as root with your 
root password, or as any user who can use `sudo`.

Please copy down this information, as you will need it for the next step.

If you installed ufw during the prerequisite step, you will need to run the command 

sudo ufw allow 10000 

in order to allow Webmin through the firewall. For extra security, you may want to configure your firewall to only allow access to this port from certain IP ranges.