Installing EMG 6.0.6 and EMG Portal 1.6 on CentOS 6.5 Print
Wednesday, 23 July 2014

This document describes the steps involved to install EMG and EMG Portal CentOS 6.5, released in December 2013.

CentOS 6.5 provides Apache 2.2.15, PHP 5.3.3 and MySQL 5.1.73 through the default yum repositories which meet the EMG Portal requirements well.

We will install on Centos 6.5 (64-bit), create a separate user for emg and place the EMG installation in /home/emg.

This will give us a privilege-separated installation in its own location.

Basic OS installation and configuration

  • Download and install CentOS 6.5 (64-bit). We choose the "minimal" distribution,
    http://ftp.lysator.liu.se/pub/CentOS/6.5/isos/x86_64/CentOS-6.5-x86_64-minimal.iso
  • After installation, login as "root"
  • Consider disabling SELinux, at least during the installation,
    http://www.revsys.com/writings/quicktips/turn-off-selinux.html
  • Run a "yum update" to ensure all packages are up to date and if any kernel packages were updated reboot the server
    yum update
  • Install some additional required packages
    yum install wget httpd httpd-devel mod_ssl mysql-server mysql-devel php php-pdo \
       php-mysql php-pear php-xml php-devel pcre-devel gcc postfix mlocate mailx
    chkconfig mysqld on
    chkconfig httpd on
    chkconfig postfix on
  • Create user "emg" and assign a good password to the new account. Consider having a strong password generated, for example using https://strongpasswordgenerator.com/
    useradd -m emg

    passwd emg
  • Consider limiting ssh access to specific users by adding "AllowUsers emg" to /etc/ssh/sshd_config
    vi /etc/ssh/sshd_config
    service sshd restart
  • Consider synchronizing server time with NTP servers
    yum install ntpdate ntp
    ntpdate
    0.pool.ntp.org
    chkconfig ntpd on
    service ntpd start
  • Start services and secure the mysql installation by setting a root password etc
    service postfix start
    service mysqld start
    mysql_secure_installation
  • Set the default timezone in php.ini. In the distributed php.ini there is a line ";date.timezone =" which should be replace with "date.timezone = 'Europe/Stockholm'" or whichever timezone is correct for you, check http://php.net/manual/en/timezones.php for more information.
    vi /etc/php.ini

EMG installation

We are now ready to install and configure EMG

  • Request an eval license key via http://www.nordicmessaging.se/icablic-confirm
  • Login as "root"
  • Download latest EMG 6 (Linux 64-bit) "Full distribution" via http://www.nordicmessaging.se/download/overview/download-index.html using download username / password from the eval license key email
    cd /tmp

    wget --http-user=xxx --http-password=yyy \
       http://www.nordicmessaging.se/files/emg/emg60/emg606-38504-linux-64bit-full.tar.gz
    tar xvzf emg606-38504-linux-64bit-full.tar.gz
    cd emg-dist
    sh ./INSTALL

    Specify newly created user "emg" for user and group, "/home/emg/etc" for configuration files, "/home/emg/bin" for executables plus your eval license information.
  • Add "export EMGDIR=$HOME/etc" to the end of bash profile script
    echo 'export EMGDIR=$HOME/etc' >>/home/emg/.bash_profile
  • Login as "emg"
  • Replace default EMG configuration file by EMG Portal configuration file
    cp /home/emg/etc/server.cfg.emgportal /home/emg/etc/server.cfg
  • Create EMG database and schema, but first edit the script to set a secure password, preferably generated
    cd /home/emg/etc/sql
    vi ./createemgdb-mysql.sh

    sh ./createemgdb-mysql.sh createdb

    sh ./createemgdb-mysql.sh createtables
  • Edit server.cfg file and change the database credentials to match the above in the DATABASE section
    vi /home/emg/etc/server.cfg

EMG perl installation

In order for the EMG Portal billing plugin (and EMG perl plugins in general) to work properly the EMG perl distribution needs to be installed. More information http://www.nordicmessaging.se/tech-notes/emg/emg-526-and-perl-plugins.html.

Please note that this will be a perl installation completely separated from the default perl installation used by /usr/bin/perl. To install modules and run the EMG perl distribution you must run the perl binary with the full path (/opt/perl-5.12.2-emg/bin/perl) and preferably always as user "emg" to avoid mixing up file permissions. However, below we add the new perl bin directory first in the PATH for the "emg" user in order to ensure the EMG perl binary is always used when using "emg" account.

  • Download and extract EMG perl distribution as user "root"
    cd /opt
    wget http://www.nordicmessaging.se/files/perl-5.12.2-emg_linux_64bit.tar.gz
    tar xvzf perl-5.12.2-emg_linux_64bit.tar.gz
    chown -R emg.emg perl-5.12.2-emg
  • Install some required CPAN plugins. When running the cpan command the first time you need to hit enter a couple of times to accept configuration.
    su - emg
    echo 'export PATH=/opt/perl-5.12.2-emg/bin:$PATH' >>$HOME/.bash_profile
    /opt/perl-5.12.2-emg/bin/cpan -f LWP Time::HiRes Carp::Assert DBI DBD::mysql

EMG Portal installation

Time to download and install EMG Portal. The evaluation version of EMG Portal is encoded with ionCube and first an ionCube loader must be configured in PHP.

  • As user "root", open firewall to allow https (port 443) and optionally http (port 80) connections in firewall and start httpd service. We recommend using https only since communication will then be protected by SSL encryption. However, if you use the default self-signed SSL certificate the visting browser will throw a warning when accessing the page. Installation of a proper certificate signed by a trusted CA is therefore strongly recommended.
    iptables -I INPUT -p tcp --dport 80 -j ACCEPT [ Optional - not recommended ]
    iptables -I INPUT -p tcp --dport 443 -j ACCEPT
    service iptables save
    service httpd start
  • Download the ionCube loader wizard from http://www.ioncube.com/loaders.php and install it by placing the installer wizard in /var/www/html and point your browser to https://servername/ioncube/loader-wizard.php. Follow the instructions and remember to delete the loader files in web directory after completing the loader installation.
    cd /var/www/html
    wget http://www.ioncube.com/loader-wizard/loader-wizard.tgz
    tar xvzf
    loader-wizard.tgz
    [ Open browser and follow instructions, which should correspond to commands below ]
    cd /usr/lib64/php/modules/
    wget http://downloads3.ioncube.com/loader_downloads/ioncube_loaders_lin_x86-64.tar.bz2
    tar xvjf ioncube_loaders_lin_x86-64.tar.bz2
    cp ioncube/ioncube_loader_lin_5.3.so .
    echo "zend_extension = /usr/lib64/php/modules/ioncube_loader_lin_5.3.so" >/etc/php.d/20-ioncube.ini
    service httpd restart
    [ The ionCube loader should now load properly if you point your browser to
      https://servername/ioncube/loader-wizard.php?timeout=0&ini=0&page=loader_check ]
    rm -rf /usr/lib64/php/modules/ioncube/ /var/www/html/loader-wizard.tgz /var/www/html/ioncube/
  • Download the current 30-day eval as user "root". You will end up with a file named something similar to €œemgportal-1.6-38876-ioncube-20140725.tar.gz
    cd /tmp
    wget --trust-server-names http://www.nordicmessaging.se/files/emg/emgportal-eval.php
    cd /var/www/html
    mkdir emgportal
    cd emgportal
    tar xvzf /tmp/emgportal-1.6-38922-ioncube-20140727.tar.gz
    chown apache assets protected/runtime
    chmod 777 protected/config
    cp htaccess.sample .htaccess
  • Modify .htaccess to use the right sub-uri by uncommenting "#RewriteBase /emgportal"
    vi .htaccess

  • Configure apache by copying emgportal.conf to apache config directory and restart httpd servce
    cp /var/www/html/emgportal/emgportal.conf /etc/httpd/conf.d
    service httpd restart

  • If you access the EMG Portal installer from a remote computer you will need to add your IP address to AUTHORIZED_IPS variable on line 3 in the installer file.
    vi /var/www/html/emgportal/install/index.php

  • Now you should be able to point your browser to your server https://yourserver/emgportal and see the EMG Portal installer.

  • After finishing the installer you need to remove installation directory and secure config files
    cd /var/www/html/emgportal
    rm -rf install/
    chmod 755 protected/config
    chown -R root.root protected/config
  • As a final step you should check the main config file for any settings you want to customize especially the "adminEmail" and "emailReportCopy" settings. You can also define your own layout file and point to it through the "layout" setting.
    vi /var/www/html/emgportal/protected/config/main.php

Finish EMG installation

You need to copy the billing plugin from EMG Portal distribution into the EMG etc directory.

  • Copy the file as "emg" user and update database credentials in the file
    su - emg
    cp /var/www/html/emgportal/misc/billing.pl /home/emg/etc/
    vi /home/emg/etc/billing.pl
  • As user "root", open firewall for incoming SMPP connections. In server.cfg there is an incoming SMPP connector listening on port 2775 but we have yet to allow inbound connections on that port
    iptables -I INPUT -p tcp --dport 2775 -j ACCEPT

    service iptables save

Finally you should be able to start the EMG server by running command "emgd" as user "emg". The command "emgstat" should give you a list of connectors in the EMG server and their status.

You should also be able to login to the EMG Portal and see the same information under "Dashboard -> Connectors".

Recurring tasks (cron)

A few cron jobs need to be added to enable recurring tasks.

Extract from "crontab -l -u emg" on a running server:

# Verify emgd is running
*/2 * * * * /home/emg/bin/checkemg.sh
# Purge old records from EMG database
*/5 * * * * /home/emg/bin/cleandb.sh >>/tmp/cleandb.log 2>&1

# Aggregate statistics for EMG Portal message reports
* * * * * /home/emg/bin/hourly_summary.pl >>/tmp/hourly_summary.log 2>&1
# Trigger daily report for current month
5 0 * * * wget --no-check-certificate -O - https://127.0.0.1/emgportal/cron/reportMonth >/tmp/cron_report.log 2>&1
# Trigger scheduled jobs
*/5 * * * * wget --no-check-certificate -O - https://127.0.0.1/emgportal/cron/sendScheduled >/tmp/cron_send.log 2>&1

There are sample scripts "checkemg.sh" and "cleandb.sh" in the /home/emg/bin directory. The "hourly_summary.pl" script is part of the EMG Portal distribution.

As user "emg", copy them and review paths and database settings in the scripts to ensure they run correctly.

cp /home/emg/bin/checkemg.sh.sample /home/emg/bin/checkemg.sh
cp /home/emg/bin/cleandb.sh.sample /home/emg/bin/cleandb.sh
cp /var/www/html/emgportal/misc/hourly_summary.pl.sample /home/emg/bin/hourly_summary.pl
vi /home/emg/bin/checkemg.sh
vi /home/emg/bin/cleandb.sh
vi /home/emg/bin/hourly_summary.pl 

Then add crontab entries from above

crontab -u emg -e (if running as user "root")
crontab -e (if running as user "emg")

What's next?

You should now have a running messaging solution with server and web interface for provisioning tasks.

Next steps include:

  • Set up routing
  • Set up pricing
  • Provision customer accounts
  • Remember to open firewall if you add new inbound connectors
  • Consider adding a proper SSL certificate to protect your site and for increased customer trust

Please consult the EMG Portal manual for some more information about EMG Portal functionality.

http://www.nordicmessaging.se/files/docs/emgportal/html/