Installation instructions for PhotoLibrary.
John Dudeck May 5, 2006, April 3, 2007, July 16, 2008, Oct 28, 2009
For system requirements see the README file.
INSTALLATION INSTRUCTIONS STEP BY STEP.
Two sets of instructions follow:
1. RedHat Enterprise Linux
2. Ubuntu 8.04 Server
INSTALLATION INSTRUCTIONS FOR REDHAT ENTERPRISE LINUX.
We used CentOS 5.3, which is 100% RHEL but with alternate cost-free system
update services and no technical support. CentOS can be downloaded from
http://www.centos.org as ISO files and burned to a DVD.
When installing, we chose automatic partitioning.
The installation types that we selected:
Desktop - KDE, not Gnome (your preference)
Server
Server - GUI
After installation and reboot:
No firewall
SELinux disabled
Set up monitor type.
Network system settings.
Enable NTP.
We also added Midnight Commander file manager which can be handy:
yum install mc
Apply all outstanding CentOS updates.
yum update
Install additional needed packages.
yum install php-mysql
yum install ImageMagick
Networking notes.
Set up the server with a static IP address.
Select photo library web site domain name. Set up a DNS A record
for the name, pointing to the server.
Set up port forwarding/NAT to enable access to server from
outside on port 80, and 443 if SSL wanted.
PhotoLibrary installation.
We will assume that the photo library will be installed in the
document root of /var/www. If you wish to change this default,
you must make adjustments in the phsrv.conf file.
Perform these steps while logged in as root.
Copy the tarball file photos-app.x.x.x.gz to /var/www
(where x.x.x is the version number).
Note: A way to download the file directly to the folder is:
cd /var/www
wget http://tech.sim.org/PhotoLibrary/photos-app.x.x.x.gz
Untar the file. This creates the directory structure for the application:
cd /var/www
tar -xzvf photos-app.x.x.x.gz
Copy the configuration file:
cp photos/web/app/phsrv-default.conf photos/web/app/phsrv.conf
Set file ownerships & permissions:
chown -R apache:apache /var/www/photos/web/tmp
chown apache:apache /var/www/photos/Img
chmod -R 775 /var/www/photos
Start MySQL:
From the KDE menu or Gnome Applications menu >
System Settings > Server Settings > Services
Check the mysqld box, click Start, click Save.
Start Apache:
From the KDE menu or Gnome Applications menu >
System Settings > Server Settings > Services
Check the httpd box, click Start, click Save.
Php configuration:
vi /etc/php.ini
Change: post_max_size = 100M
Ftp server configuration:
vi /etc/vsftpd/vsftpd.conf
Change: anonymous_enable = NO
Change: local_umask = 002
Start ftp service:
From the KDE menu or Gnome Applications menu >
System Settings > Server Settings > Services
Check the vsftpd box, click Start, click Save.
Create Linux user accounts for 'photos' and 'librarian'.
These accounts are used for ftp uploads. You will need to choose passwords
for these two accounts. The passwords should be fairly easy to type, because
users will be prompted to type them:
useradd photos
passwd photos
(enter desired photos password. For SIM:byprayer)
usermod -g apache -d /var/www/photos/web/tmp/upload photos
useradd librarian
passwd librarian
(enter desired librarian password. For SIM:1893)
usermod -g apache -d /var/www/photos/web/tmp/librarian librarian
(The passwords for these accounts will be used below).
Apache configuration.
Note: in the following replace example.com with your domain name, and
IP address 10.1.0.198 with the IP address of the server.
vi /etc/httpd/conf/httpd.conf
Insert the following text under:
### Section 3: Virtual Hosts
NameVirtualHost 10.1.0.198:80
ServerAdmin admin@example.com
ServerName photos.example.com
DocumentRoot /var/www/photos/web
AddType application/x-httpd-php .php .html .conf
Allow from All
Options Indexes
Save and exit
To add https (ssl) access on port 443. (Note that CentOS 5 automatically configures
httpd for ssl with a self-signed certificate. The following assumes that you have
your own certificate and key files in the specified location.
vi /etc/httpd/conf.d/ssl.conf
ServerName photos.example.com:443
DocumentRoot "/var/www/photos/web"
AddType application/x-httpd-php .php .html .conf
ErrorLog logs/ssl_error_log
TransferLog logs/ssl_access_log
LogLevel warn
SSLEngine on
SSLProtocol all -SSLv2
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
SSLCertificateFile /etc/httpd/conf/ssl.crt/photos.example.com.crt
SSLCertificateKeyFile /etc/httpd/conf/ssl.key/photos.example.com.key
SSLOptions +StdEnvVars
SSLOptions +StdEnvVars
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
CustomLog logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
Save and exit
After saving the above changes restart httpd:
service httpd restart
Set up MySQL database for PhotoLibrary.
(as root)
cd /var/www/photos/web/app/sql
Set the MySQL root password (if not already set):
mysqladmin -u root password 'king-fish'
Log in to MySQL:
mysql -u root -p
password: king-fish
create database photos;
use photos;
grant all on * to psuser@localhost identified by 'pix';
source photos.sql;
source ScreenStrings.sql;
source CountryAliases.sql;
quit
RedHat Tips.
If you installed SELinux (Security-Enhanced Linux), you can turn off
enforcement with the following commmand:
setenforce 0
If mysqld does not appear on the services control panel (even though it may
appear in Add/Remove programs), you can install it with the following command:
yum install mysql-server
INSTALLATION INSTRUCTIONS FOR UBUNTU SERVER.
We used Ubuntu Server 8.04 which can be downloaded from
http://www.ubuntu.com/getubuntu/download as an ISO file and burned to CD.
When installing, select LAMP server option only.
When installation comes to setting up MySQL, we used a MySQL root
password of 'king-fish'.
To set up networking on a static address (example of 10.1.0.198):
sudo su
vi /etc/network/interfaces
change: iface eth0 inet dhcp
to:
iface eth0 inet static
address 10.1.0.198
netmask 255.255.255.0
gateway 10.1.0.1
restart networking:
/etc/init.d/networking restart
Now you can go with a browser to 10.1.0.198 and you get the "It works!" page.
Select photo library web site domain name. Set up a DNS A record
for the name, pointing to the server.
Set up port forwarding/NAT to enable access to server from
outside on port 80, and 443 if SSL wanted.
We also added Midnight Commander file manager which can be handy:
apt-get install mc
Install Photo Library
We will assume that the photo library will be installed in the
document root of /var/www. If you wish to change this default,
you must make adjustments in the phsrv.conf file.
Perform these steps while logged in as root.
sudo su
Copy the tarball file photos-app.x.x.x.gz to /var/www
(where x.x.x is the version number).
Note: A way to download the file directly to the folder is:
cd /var/www
wget http://tech.sim.org/PhotoLibrary/photo-app.x.x.x.gz
Untar the file. This creates the directory structure for the application:
tar -xzvf photos-app.x.x.x.gz
Copy the configuration file:
cp photos/web/app/phsrv-default.conf photos/web/app/phsrv.conf
Set file ownerships & permissions:
chown -R www-data:www-data /var/www/photos
chmod -R 775 /var/www/photos
PHP configuration:
vi /etc/php5/apache2/php.ini
change: post_max_size=100M
output_buffering = 4096
Install vsftpd:
apt-get install vsftpd
vi /etc/fsftpd.conf
change: local_enable = YES
write_enable = YES
local_umask = 022
anonymous_enable = NO
restart vsftpd:
/etc/init.d/vsftpd restart
Install zip:
apt-get install zip
Create Linux user accounts for 'photos' and 'librarian'.
These accounts are used for ftp uploads. You will need to choose passwords
for these two accounts. The passwords should be fairly easy to type, because
users will be prompted to type them:
useradd photos
passwd photos (set the ordinary user password)
usermod -g www-data -d /var/www/photos/web/tmp/upload photos
useradd librarian (set the librarian password)
passwd librarian
usermod -g www-data -d /var/www/photos/web/tmp/librarian librarian
Note: notice that the group is set to 'www-data' to match the group of Apache.
(The passwords for these accounts will be used below).
The setup for Apache:
Note: in the following replace example.com with your domain name, and
IP address 10.1.0.198 with the IP address of the server.
vi /etc/apache2/sites-available/photoserver
Insert the following text into this file:
NameVirtualHost 10.1.3.198:80
ServerAdmin admin@example.com
ServerName photos.example.com
DocumentRoot /var/www/photos/web
AddType application/x-httpd-php .php .html .conf
Allow from All
Options Indexes
Put a link in the sites-enabled directory, and remove what was there:
ln -s /etc/apache2/sites-available/photoserver /etc/apache2/sites-enabled
rm /etc/apache2/sites-enabled/000-default
restart Apache:
/etc/init.d/apache2 restart
The setup for MySQL:
cd /var/www/photos/web/app/sql
mysql -u root -p (password is king-fish)
create database photos;
use photos;
grant all on * to psuser@localhost identified by 'pix';
source photos.sql;
source ScreenStrings.sql;
source CountryAliases.sql;
quit
Install Image Magick:
apt-get install imagemagick
CONFIGURING AND MAINTAINING PHOTOLIBRARY (ALL VERSIONS OF LINUX).
The file phsrv.conf contains configuration settings for PhotoLibrary. Changes
take immediate effect. Note that this file is PHP code and you must obey PHP
syntax rules. Remember to put a semicolon at the end of each command. The
values true and false do NOT take quotes around them, whereas other strings
require quotes.
Edit the PhotoLibrary configuration file /var/www/photos/web/app/phsrv.conf
vi /var/www/photos/web/app/phsrv.conf
Set the baseurl:
$baseurl = 'photos.example.com';
Set the passwords created above for 'photos' and 'librarian':
$ordpassword = 'photospassword';
$libpassword = 'librarianpassword';
(where photospassword and librarianpassword are replaced by the passwords you
used above to create the accounts).
Set the address that you want to link back to when leaving PhotoLibrary:
$linkback = 'http://intranet.example.com';
At this point you should be able to access the PhotoLibrary application from
your browser at http://photos.example.com
The first step is to create a user account and log in. You will notice that you
have "Librarian" privelege. By default all users have librarian privelege which
allows specifying one or more librarians in the User Management screen. Once a
librarian role has been assigned, you should change the setting in phsrv.conf to:
$forcelibrarianrole = false;
ADVANCED CONFIGURATION OPTIONS.
PhotoLibrary can be configured to use NT password hashes instead of MD5 hashes
for local authentication. To use this feature the PHP extensions for 'mhash' and
'mcrypt' must be installed, as well as the Pear module called crypt_CHAP. See
additional docmentation for further instructions on using this feature.
PhotoLibrary can be configured to use Active Directory authentication against
an AD domain controller. See phsrv.conf for configuration settings.
The ability of a user to register a new account can be disabled in phsrv.conf.
This might be useful if you want to issue accounts manually (the librarian can
do this in User Management), or if you will externally update the User table
from another application.
"Branding" the application to fit your organization or company.
The original application was created for SIM International, and there are numerous
references to SIM in the application. All screen display strings are maintained in
a table of the database, and may be customized for your organization.
As of this writing (May 5, 2006), the only way to customize the strings is by use
of an external database editor such as phpMyAdmin. In the future a feature will be
added to PhotoLibrary to allow customization from with in the application.
If you wish to customize the application, the table containing the strings is called
ScreenStrings. You will see that each string appears in two languages: English and
French, with the possibility of adding other languages.