Sunday, February 19, 2023

Install Tomcat 9 on Ubuntu 20.04

 This tutorial shows how to install Tomcat 9 on Ubuntu 20.04

    

The Apache HTTP Server is a free and open-source cross-platform web server software, released under the terms of Apache License 2.0. Apache is developed and maintained by an open community of developers under the auspices of the Apache Software Foundation.

Prerequisites:

1.       Install Java 

·         Tomcat requires Java standard Edition 8 or later. We will install Java Open JDK 11.

sudo apt update

sudo apt install openjdk-11-jdk

·         Check if Java is installed.

java -version

2.  Create a System user | Tomcat

sudo useradd -m -U -d /opt/tomcat -s /bin/false tomcat

 

Install Tomcat 9

1.       Download tomcat.

·         Tomcat binaries distribution are available for download here. We will be installing tomcat 9.0.71

·         We will use “wget” to download tomcat zipped files to the temp (/tmp) directory.

VERSION=9.0.71

wget https://www-eu.apache.org/dist/tomcat/tomcat-9/v${VERSION}/bin/apache-tomcat-${VERSION}.tar.gz -P /tmp

 

2.  Extract the zipped files to /opt/tomcat

       sudo mkdir /opt/tomcat

sudo tar -xf /tmp/apache-tomcat-${VERSION}.tar.gz -C /opt/tomcat/

 

3.       Create a symbolic that will host tomcat regular security updates and patches.

      sudo ln -s /opt/tomcat/apache-tomcat-${VERSION} /opt/tomcat/latest

 

4.       Change directory ownership to tomcat and grant the “execute” permission to the “bin” directory.

      sudo chown -R tomcat: /opt/tomcat

      sudo sh -c 'chmod +x /opt/tomcat/latest/bin/*.sh'

 

5.       Create a SystemD unit file

 Open your preferred editor (nano, vi or vim) and create a tomcat.service unit in /etc/system/system/tomcat.service

      sudo nano /etc/systemd/system/tomcat.service

 Paste the following.

[Unit]

Description=Apache Tomcat Web Application Container
After=network.target

[Service]
Type=forking Environment=JAVA_HOME=/usr/lib/jvm/java-1.11.0-openjdk-amd64
Environment=CATALINA_PID=/opt/tomcat/temp/tomcat.pid
Environment=CATALINA_HOME=/opt/tomcat
Environment=CATALINA_BASE=/opt/tomcat
Environment='CATALINA_OPTS=-Xms512M -Xmx1024M -server -XX:+UseParallelGC'
Environment='JAVA_OPTS=-Djava.awt.headless=true -Djava.security.egd=file:/dev/./urandom'

ExecStart=/opt/tomcat/bin/startup.sh
ExecStop=/opt/tomcat/bin/shutdown.sh

User=tomcat
Group=tomcat
UMask=0007
RestartSec=10
Restart=always

[Install]
WantedBy=multi-user.target

NB: Modify the JAVA_HOME variable if the path to your Java installation is different.

Save and close the file. 

6.       Update SystemD

    sudo systemctl daemon-reload

 

7.       Enable and start tomcat

    sudo systemctl enable --now tomcat

    sudo systemctl start tomcat

 

8.       Configure your firewall

If your server has an active firewall and you want to access tomcat from your local area network, run the following command to open port 8080.

   sudo ufw allow 8080/tcp


9.       Configuring Tomcat Web Interface.


·         Tomcat is accessible from your browser through port 8080 but, you need a user account to access it.

·         Tomcat roles and users are defined in tomcat-users.xml file.

·         The file is in /opt/tomcat/latest/conf/ 

   sudo nano /opt/tomcat/latest/conf/tomcat-users.xml                      

<tomcat-users>

<!--
  <role rolename="tomcat"/>
  <role rolename="role1"/>
  <user username="tomcat" password="<must-be-changed>" roles="tomcat"/>
  <user username="both" password="<must-be-changed>" roles="tomcat,role1"/>
  <user username="role1" password="<must-be-changed>" roles="role1"/>
-->
<role rolename="manager-gui"/>
<role rolename="manager-script"/>
<user username="deployer" password="your-password" roles="manager-gui,manager-script"/>
</tomcat-users>

10.       Enable Tomcat Web Management Interface

·         By default, Tomcat web management interface is configured to allow access to the Manager and Host Manager apps only from the localhost.

·         To access the web interface from a remote IP, you will have to remove these restrictions.

·         Comment out the following sections from the files below: 

          Manager App

   sudo nano /opt/tomcat/latest/webapps/manager/META-INF/context.xml

          Host Manager App

      sudo nano /opt/tomcat/latest/webapps/host-manager/META-INF/context.xml

<Context antiResourceLocking="false" privileged="true" >

<!--
  <Valve className="org.apache.catalina.valves.RemoteAddrValve"
         allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1" />
-->
</Context>

    NB: If you want to access tomcat from a Specific IP, let’s say 192.168.5.100, you should edit the context.xml files as follow:

·         You can a vertical bar if you want to add additional allowed IP addresses.

<Context antiResourceLocking="false" privileged="true" >
  <Valve className="org.apache.catalina.valves.RemoteAddrValve"
         allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1|192.168.5.100" />
</Context>

·         Restart tomcat service 

sudo systemctl restart tomcat


11.       Test tomcat

Open your preferred browser and enter the following 

http://<your_domain_or_IP_address>:8080/manager/html











at

No comments:

Post a Comment