Linux Installation Guide

Version 6

    This document describes a simple setup for linux based systems with SELinux enabled, without root access uding the ".tar.gz" installation file. Root access is needed to create the Openfire user (jiveWF) and for the rc scripts.

    This document is provided as-is. Don't use the steps described here for your production servers.

     

    Server without root access

    If you can't get root access then you should check whether you are allowed to run java programs.

    Check whether you get enough memory, VPS or V-Servers (virtual servers) are known to cause problems.

    You can install Java and Openfire in the same directory without problems.

    Write a cron job or something like this which makes sure that Openfire is started after reboot.

     

    VPS

    Some VPS require that you create a file .hotspotrc with this single line for 64 MB:

    MaxHeapSize=64000000

    It's not clear where to put it (.../openfire/bin/ or ../jre/bin/).

    Some VPS providers have a firewall and allow only connections to port 80 and 443. So port 5222 and 9090 are blocked, don't try to setup Openfire if this is the case. Every client expects to connect to port 5222.

    VPS providers usually limit the number of threads and files, this can also become a big problem for your server.

     

    Java Installation

    Ignore this section if you know that you have a fine Java installation.

    Run this as root:

    ## options: create a lv (logical volume) for Java, probably set its home directory to /opt/java
    adduser java
    passwd java
    

    Login as java and get the current JDK or JRE, e.g. jdk-6u2-linux-i586.bin

    export JAVA=jdk-6u2-linux-i586
    chmod 700 /tmp/${JAVA}.bin
    ## install it in the current directory
    cd ${HOME}
    /tmp/${JAVA}.bin
    ## accept the license agreement
    rm -f /tmp/${JAVA}.bin
    

    You should now have java in /opt/java/jdk-6u2-linux-i586/jre/. Create a symlink for Openfire - if you want to update the java version later you just need to change the symlink here and nothing within your Openfire scripts.

    cd /opt/java/
    ln -s ${JAVA} Openfire
    

     

    Openfire Securtiy

    Openfire stores relevant information in conf/, embedded-db/ and resources/security/*. Make sure that these directories may only be read by Openfire (jiveWF in this example).

     

    Openfire Installation

    Make sure that the unix command "hostname" returns a valid name, for example "example.com" and that your /etc/hosts file does contain this name, for example in the first line together with "127.0.0.1 localhost example.com". Or that you can resolve it using DNS. Actually the setup page after choosing your locale settings will return a HTTP 500 error if there is a problem.

    If you have DNS problems startup may take long, verify /etc/resolv.conf and that "host example.com" work fine.

     

    Run the install script in Simple Start Scripts as root after reviewing it and adjusting some variables.

     

    See http://wiki.igniterealtime.org/display/WILDFIRE/Simple+Start+Script+for+Openfire for the rc script and for the OPENFIRE/bin/openfired script.

     

    Login as jiveWF and get the current Openfire version, e.g. openfire_4_0_0.tar.gz.

    export NEWVERSION=openfire_4_0_0
    cd ${HOME}
    tar -xzf /tmp/${NEWVERSION}.tar.gz
    rm -f /tmp/${NEWVERSION}.tar.gz
    # make sure that the next update will not overwrite this installation
    mv openfire ${NEWVERSION}
    ln -s ${NEWVERSION} OF
    

     

    Start Openfire either as jiveWF with "/home/jiveWF/OF/bin/openfired start" or

    as root with "/etc/rc.d/init.d/openfired start".

     

    Basic Openfire Installation: http://www.igniterealtime.org/builds/openfire/docs/latest/documentation/install- guide.html

    Openfire Update

    You don't need root access any more, so you are always user jiveWF.

    Login and get the current Openfire version, e.g. openfire_5_0_0.tar.gz.

    export NEWVERSION=openfire_5_0_0
    cd ${HOME}
    tar -xzf /tmp/${NEWVERSION}.tar.gz
    rm -f /tmp/${NEWVERSION}.tar.gz
    mv openfire ${NEWVERSION}
    

    Now you have the new version installed but not yet active, activate it like this:

    Stop the current version with "/home/jiveWF/WF/bin/openfired stop".

    Make a backup of your database (not described here and not necessary for the embedded database).

    Copy the current configuration and embedded database:

    cd ${HOME}
    mkdir -p ${NEWVERSION}/conf/ ${NEWVERSION}/embedded-db/ ${NEWVERSION}/plugins/
    cp OF/conf/openfire.xml ${NEWVERSION}/conf/
    cp OF/embedded-db/* ${NEWVERSION}/embedded-db/
    cp OF/bin/openfired* ${NEWVERSION}/bin/
    cp -i OF/plugins/*.jar ${NEWVERSION}/plugins/ # do not overwrite exiting files.
    
    # Relink openfire and 
    rm -f OF
    ln -s ${NEWVERSION} OF
    

    Start Openfire with "/home/jiveWF/OF/bin/openfired start"

     

    Openfire Start Script

    Simple Start Scripts

     

    JVM Settings

    JVM Settings and Debugging

     

    Linux Limits

     

    Make sure to review the OS limits of Linux via ulimit -a. Openfire requires at least one file descriptor per concurrent user and the ability to create numerous Java threads. E.g. the default limits of CentOS 6.1 are 1024 for nofiles and nproc. These need to be set in /etc/security/limit.conf and /etc/security/. A clear indicator for JVM thread issues are "can't create java native tthread" errors in the Openfire error.log.