Canopy is officially supported on the following operating systems:
Operating System | Version | Notes |
---|---|---|
Ubuntu Linux | 16.04 LTS | 64-bit Server edition |
RedHat Enterprise Linux/Oracle Enterprise Linux/CentOS | v7.3/7.4 | 64-bit. Requires rabbitmq-server package which can be sourced from EPEL or manually. |
Canopy can run on other operating systems/distributions, such as Debian, Kali Linux and Mac OSX. However, Canopy will only be supported on the above operating systems |
The following key dependencies on Linux based operating systems are noted:
Key Dependency | Description |
---|---|
PostgreSQL 9.x or Oracle DB 12 | DB server for storing/processing Canopy related data. Note that certain DB servers may require more resources. |
Nginx 1.x or Apache 2.4/2.5 | Front end web server for serving the Canopy user interface |
RabbitMQ Server 3.x | Backend service for processing Canopy related tasks using the Celery framework |
Oracle Java 1.8 | Java library for document generation. |
As root:
/etc/canopy/license
apt install -f ./libtidy5_5.2.0-2_amd64.deb ./canopy_3.1.0_amd64.deb
Canopy Document Server
As root:
apt install software-properties-common && add-apt-repository -y ppa:webupd8team/java && apt update && apt install oracle-java8-set-default
apt install -f ./canopy-docserver_0.0.11_amd64.deb
systemctl restart canopy-docserver
As root:
yum install ./libtidy5-5.2.0-2.3.x86_64.rpm
rabbitmq-server
package:epel-release
package and the Canopy installation will source the correct depedencies.epel-release
or install rabbitmq-server
from some other source./etc/canopy/license
yum install ./canopy-3.0.0-1.el7.centos.x86_64.rpm
yum install ./canopy-docserver-0.0.12-1.el7.centos.x86_64.rpm
systemctl restart canopy-docserver
wget --no-cookies --no-check-certificate --header "Cookie: oraclelicense=accept-securebackup-cookie" 'DOWNLOAD_URL'
Example url: http://download.oracle.com/otn-pub/java/jdk/8u151-b12/e758a0de34e24606bca991d704f6dcbf/jdk-8u151-linux-x64.rpm
yum install ./jdk-8u151-linux-x64.rpm
As root:
canopy-setup postgresql
(Oracle users should see the Oracle DB Configuration section)
canopy-setup nginx
(Optional if you intend to configure your own reverse proxy. Apache users see Apache Configuration section)
firewall-cmd --zone=public --add-service=https --permanent
firewall-cmd --zone=public --add-service=https
firewall-cmd --zone=public --add-service=http --permanent
firewall-cmd --zone=public --add-service=http
setsebool -P httpd_can_network_connect 1
canopy-manage setupdb --prod
canopy-manage createsuperuser (Skip this step if you are going to import Canopy 2 data)
Configure systemd persistent logging (See Logging configuration section)
Once the database has been set up and the admin user created, restart the canopy related services:
$ systemctl restart canopy canopy-celery |
In order for links to be generated correctly, the EXTERNAL_BASE_URL
setting should be updated in /etc/canopy/canopy.ini
to the URL that your users will use to access this Canopy instance.
Canopy uses systemd for logging and by default most Linux distributions do not persist systemd logs. The follow steps will configure systemd/journald to persist its logs to disk.
$ mkdir /var/log/journal $ systemctl restart systemd-journald |
If systemd is not configured to persist logs then they will not survive reboots.
An example config is provided in /opt/checksec/canopy/configs/apache.conf
Manual configuration is required to use an existing Oracle Database.
Note that Canopy will require the official Oracle instantclient (basic) 12.1 to be already installed on the server, correctly configured in ldconfig and sqlplus must be available in the standard PATH. If not then Canopy will fail to connect to the Oracle DB stating that libclntsh.so.12.1 cannot be found.
Instead of step 1 of the Configuration section the user should (as root) edit `/etc/canopy/canopy.ini`
Remove the DATABASE_URL line and add the following lines:
DATABASE_ENGINE=django.db.backends.oracle
DATABASE_NAME=10.0.0.1:1521/orcl
DATABASE_USER=canopy
DATABASE_PASSWORD=canopy
The above values should be updated to match the credentials and details of the configured Oracle DB.
The DATABASE_NAME setting can be any Oracle supported connection identifier, e.g. (DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=127.0.0.1)(PORT=1521))(CONNECT_DATA=(SERVICE_NAME=orclpdb1.localdomain)))
Continue with the remaining Configuration steps.
Check if services are running:
systemctl status canopy canopy-celery canopy-docserver |
Restart services:
systemctl restart canopy canopy-celery canopy-docserver |
Get a service's logs:
journalctl -xe -u canopy |
Follow a service's logs:
journalctl -xe -f -u canopy |
As root: