SORMAS Server installation (Linux)
- Zohaib HASSAN (Unlicensed)
- Candice Louw (Unlicensed)
Contents
SORMAS SERVER (LINUX)
This guide explains how to set up a SORMAS server on Linux and Windows systems, the latter only intended for usage on development systems. Just so you know, certain parts of the setup script will not be executed on Windows.
Server Requirements:
Cloud server Example
AWS EC2 (for 150 Concurrent users)
Instance Type: t2.large(type: gp2; size:8 GiB)
Storage: 50 GiB/ 50 GB or more
EXTRA: we need to configure our domain name if needed and import to have an application load balancer
Linux Server (Recommended: Ubuntu 22.04.1 LTS (GNU/Linux 5.15.0-1030-aws x86_64))
To access the database we can use any tools, for Example - pgAdmin4/DBeaver
Physical server Example
Operating System: Linux/UNIX (Recommended: Ubuntu 22.04.1)
RAM: 8 GB or more
Storage: 50 GB or more
Prerequisites
1. Zulu OpenJDK (JAVA 11 JDK)
2. Check for โGCCโ gcc --version # and install if missing apt install gcc
3. Check for โmakeโ make --version # and install if missing apt install make
4. Check for โunzipโ unzip --version # and install if missing apt install unzip
5. Check for โzipโ zip --version and install if missing apt install zip
6. Check for โaclโ acl --version and install if missing apt install acl
7. Docker version 23.0.1 (Optional)
8. Docker Compose version v2.16.0 (Optional)
Step 1: Install JAVA
Download and install the Java 11 JDK (not JRE) for your operating system. We suggest using the Zulu OpenJDK.
Follow the below steps for the Installation.
# Receive key from Ubuntu and add that to trusted set of keys.
sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 0xB1998361219BD9C9
# Add Azul repository.
sudo apt-add-repository 'deb https://repos.azul.com/zulu/deb/ stable main'
# Update the information about available package.
sudo apt-get update
# Install the required Azul Zulu package.
sudo apt-get install zulu1ย
Step 2: Postgres Database
Install PostgreSQL (currently 14 to 15) on your system (manuals for all OS can be found here: https://www.postgresql.org/download )
or follow the below steps ๐
# Create the file repository configuration:
sudo sh -c 'echo "deb https://apt.postgresql.org/pub/repos/apt $(lsb_release -cs)-pgdg main" > /etc/apt/sources.list.d/pgdg.list'
# Import the repository signing key:
wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | sudo apt-key add -
# Update the package lists:
sudo apt-get update
# Install the latest version of PostgreSQL.
# If you want a specific version, use 'postgresql-12' or similar instead of 'postgresql':
sudo apt-get -y install postgresql
Once you have installed the Postgresql edit the postgresql.conf file like below, and this is the minimum value, you can make it higher based on your needs.
Set max_connections = 288 and max_prepared_transactions = 256 (at least, the sum of all connection pools) in
postgresql.conf
(e.g. /etc/postgresql/14.0/main/postgresql.conf;) - make sure the property is uncommented and restart(service postgresql restart) the service to apply the changes.
Note:
Action | Command |
|---|---|
Start | service postgresql start |
Stop | service postgresql stop |
Restart | service postgresql restart |
Status | service postgresql status |
Step 3: Install Temporal tables
Install the "temporal tables" extension for Postgres (GitHub - arkhipov/temporal_tables: Temporal Tables PostgreSQL Extension )
Step 4: Download the deployment package
Get the latest SORMAS build by downloading the ZIP archive from the latest release on GitHub: Release SORMAS 1.99.0 ยท SORMAS-Foundation/SORMAS-Project
Unzip the archive, copy/upload its contents to /root/deploy/sormas/$(date +%F) and make the setup script executable (as root user).
Step 5: SORMAS Installation
Note: make sure to check for โaclโย acl --version and install it if missing sudo apt install acl
Optional: Open
server-setup.shin a text editor to customize the install paths, database access, and ports for the server. The default ports are 6080 (HTTP), 6081 (HTTPS), and 6048 (admin). Important: Do not change the name of the database user. The predefined name is used in the statements executed in the database.IMPORTANT: Make sure the script is executed successfully. If anything goes wrong you need to fix the problem (or ask for help), then delete the created domain directory and re-execute the script.
IMPORTANT: Adjust the SORMAS configuration for your country in /opt/domains/sormas/sormas.properties
Adjust the logging configuration in
/opt/domains/sormas/config/logback.xmlbased on your needs (e.g. configure and activate the email appender)Set up the database and a Payara domain for SORMAS by executing the setup script:
sudo -s ./server-setup.shPress enter whenever asked for it.
Please make sure to perform the following steps after installation
Adjust the sormas.properties file to your system.
Execute the server-update.sh file to populate the database and deploy the server.
Configure the Apache web server according to the server setup guide.
Execute the r-setup.sh file to enable disease network diagram.
ย
To execute the server-update.sh file makes it executable using the command chmod a+x server-update.sh
It is preferred to stop/kill the Payara server before executing the server-update.sh script file.
ย
Note:
Action | Command |
|---|---|
Start | service payara-sormas start |
Stop | service payara-sormas stop |
Restart | service payara-sormas restart |
Status | service payara-sormas status (or) ps -ef | grep payara |
Step 6: Web Server Setup (Apache)
Apache Installation
Reference: Apache2 for Ubuntu
sudo apt update
sudo apt install apache2
Note: This is not necessary for development systems. When you are using SORMAS in a production environment you should use a http server like Apache 2 instead of putting the Payara server in the first line. Here are some things that you should do to configure the Apache server as a proxy:
Create configuration file
Create a new site /etc/apache2/sites-available/your.sormas.server.url.conf (e.g. sormas.org.conf).
Force SSL-secured connections: redirect from HTTP to HTTPS:
Configure logging
Add the below line inside the <VirtualHost *:433></VirtualHost> tag
SSL key config
Add a proxy pass
Configure security settings
Activate output compression
(!very important)
Provide the Android apk
Apache 2 security
For the Apache 2 security configuration we suggest the following settings (/etc/apache2/conf-available/security.conf):
In case you need to update the site config while the server is running, use the following command to publish the changes without the need for a reload:
Firewall
The server should only publish the ports that are needed. For SORMAS this is port 80 (HTTP) and 443 (HTTPS). In addition, you will need the SSH port to access the server for admin purposes.
We suggest using UFW (Uncomplicated Firewall) which provides a simple interface to iptables:
Postfix Mail Server
Install postfix and mailutils
Configure your system
Testing the Server Setup
Use SSL Labs to test your server security config: https://www.ssllabs.com/ssltest
R Software Environment
To enable disease network diagrams in the contact dashboard, R and several extension packages are required. Then the Rscript executable has to be configured in the sormas.properties file. This can be conveniently accomplished by executing the R setup script from the SORMAS ZIP archive (see SORMAS Server):
If the SORMAS installation has been customized,
r-setup.shthe install paths may have to be adjusted accordingly with a text editor.Execute R setup script and follow its instructions.
SORMAS to SORMAS Certificate Setup
To be able to communicate with other SORMAS instances, there are some additional steps which need to be taken, in order to set up the certificate and the truststore. Please see the related guide for detailed instructions regarding SORMAS to SORMAS setup.