Application Server
The hostnames referenced throughout this documentation will be elentra.med.university.edu and staging.med.university.edu, which must be replaced by your actual DNS hostnames.
This documentation can be used as a reference to create both your Production Application Server and/or Staging Application Server on a Enterprise Linux 8 virtual machine.
SSH into server and
sudoto root:ssh service@elentra.med.university.edu sudo -sChange the SELINUX variable in
/etc/selinux/configto permissive to prevent unforeseen and difficult to diagnose issues:SELINUX=permissiveAdd the following lines to
/etc/hostsfile:127.0.0.1 elentra.med.university.edu 127.0.0.1 staging.med.university.eduEdit the hostname of the virtual machine in the
/etc/hostnamefile:elentra.med.university.eduInstall
screen, update RHEL, and reboot:dnf install screen screen dnf update rebootSSH back into server, and install the Inline with Upstream Stable (IUS Community) package.
ssh service@elentra.med.university.edu sudo -s screen dnf -y install http://rpms.remirepo.net/enterprise/remi-release-8.rpm \ https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpmInstall Snapd and htmldoc:
dnf -y install snapd systemctl enable --now snapd.socket ln -s /var/lib/snapd/snap /snap snap install htmldocNote: You may have to wait a couple of minutes before running the snap install command, so that the snap database can initialize.
Install Apache, OpenSSL, PHP, Git, HTMLDoc, mariadb (client), ClamAV, and NTP packages:
dnf module install php:remi-8.1 -y dnf -y install git \ curl \ wget \ unzip \ openssl \ httpd \ mod_ssl \ php-cli \ php-gd \ php-devel \ php-pdo \ php-mysqlnd \ php-intl \ php-mbstring \ php-bcmath \ php-ldap \ php-imap \ php-soap \ php-xml \ php-xmlrpc \ php-tidy \ php-opcache \ php-json \ php-sodium \ php-pecl-redis \ php-pecl-zip \ mariadb \ clamav \ chrony \ supervisorInstall
wkhtmltopdffrom the binary package because the yum package provided by EPEL is broken:curl -SL https://github.com/wkhtmltopdf/wkhtmltopdf/releases/download/0.12.4/wkhtmltox-0.12.4_linux-generic-amd64.tar.xz | tar -xJC /root && cp /root/wkhtmltox/bin/* /usr/bin dnf install xorg-x11-fonts-Type1 dnf install xorg-x11-fonts-75dpi wget https://github.com/wkhtmltopdf/packaging/releases/download/0.12.6.1-2/wkhtmltox-0.12.6.1-2.almalinux8.x86_64.rpm rpm -Uvh wkhtmltox-0.12.6.1-2.almalinux8.x86_64.rpmStart Apache and Supervisor, and set to start on system startup:
systemctl enable httpd systemctl start httpd systemctl enable supervisord systemctl start supervisordCreate a new file called
/etc/php.d/elentra.iniand add the following:date.timezone = America/Toronto display_errors = Off error_reporting = E_ALL & ~E_NOTICE & ~E_DEPRECATED & ~E_STRICT expose_php = Off memory_limit = 512M post_max_size = 512M session.cookie_secure = 1 session.cookie_httponly = 1 session.cookie_samesite = Strict upload_max_filesize = 512MCreate an Elentra system user called
production, which is used for production deployments:useradd -m production passwd production usermod -G apache -a production usermod -G production -a apacheCreate and permission the SSH
authorized_keysfile for theproductionuser.cd /home/production mkdir /home/production/.ssh touch /home/production/.ssh/authorized_keys chown -R production:production /home/production/.ssh chmod 700 /home/production/.ssh chmod 600 /home/production/.ssh/authorized_keysAdd all developers' SSH public keys (i.e.
cat ~/.ssh/id_rsa.pub) that are allowed to deploy Elentra to your production environment to the newauthorized_keysfile.vim /home/production/.ssh/authorized_keysCreate an Elentra system user called
staging, which is used for staging deployments:useradd -m staging passwd staging usermod -G apache -a staging usermod -G staging -a apacheCreate and permission the SSH
authorized_keysfile for thestaginguser.cd /home/staging mkdir /home/staging/.ssh touch /home/staging/.ssh/authorized_keys chown -R staging:staging /home/staging/.ssh chmod 700 /home/staging/.ssh chmod 600 /home/staging/.ssh/authorized_keysAdd all developers' SSH public keys (i.e.
cat ~/.ssh/id_rsa.pub) that are allowed to deploy Elentra to your staging environment to the newauthorized_keysfile.vim /home/staging/.ssh/authorized_keysCreate and appropriately permission the Apache document root and Elentra storage directories for production.
mkdir -p /var/www/vhosts/elentra.med.university.edu/storage/ mkdir /var/www/vhosts/elentra.med.university.edu/storage/annualreports mkdir /var/www/vhosts/elentra.med.university.edu/storage/app mkdir /var/www/vhosts/elentra.med.university.edu/storage/app/cbe-uploads mkdir /var/www/vhosts/elentra.med.university.edu/storage/app/cbe-uploads/learner-self-assessment-files mkdir /var/www/vhosts/elentra.med.university.edu/storage/app/public mkdir /var/www/vhosts/elentra.med.university.edu/storage/cache mkdir /var/www/vhosts/elentra.med.university.edu/storage/cbme-uploads mkdir /var/www/vhosts/elentra.med.university.edu/storage/cbme-uploads/advisor-files mkdir /var/www/vhosts/elentra.med.university.edu/storage/community-discussions mkdir /var/www/vhosts/elentra.med.university.edu/storage/community-galleries mkdir /var/www/vhosts/elentra.med.university.edu/storage/community-shares mkdir /var/www/vhosts/elentra.med.university.edu/storage/eportfolio mkdir /var/www/vhosts/elentra.med.university.edu/storage/event-files mkdir /var/www/vhosts/elentra.med.university.edu/storage/exam-files mkdir /var/www/vhosts/elentra.med.university.edu/storage/framework mkdir /var/www/vhosts/elentra.med.university.edu/storage/framework/cache mkdir /var/www/vhosts/elentra.med.university.edu/storage/framework/cache/data mkdir /var/www/vhosts/elentra.med.university.edu/storage/framework/sessions mkdir /var/www/vhosts/elentra.med.university.edu/storage/framework/views mkdir /var/www/vhosts/elentra.med.university.edu/storage/logs mkdir /var/www/vhosts/elentra.med.university.edu/storage/lor mkdir /var/www/vhosts/elentra.med.university.edu/storage/msprs mkdir /var/www/vhosts/elentra.med.university.edu/storage/resource-images mkdir /var/www/vhosts/elentra.med.university.edu/storage/secure-access mkdir /var/www/vhosts/elentra.med.university.edu/storage/syllabi mkdir /var/www/vhosts/elentra.med.university.edu/storage/tmp mkdir /var/www/vhosts/elentra.med.university.edu/storage/user-photos chown -R production:production /var/www/vhosts/elentra.med.university.edu chmod -R 777 /var/www/vhosts/elentra.med.university.edu/storage/*Create and appropriately permission the Apache document root and Elentra storage directories for staging.
mkdir -p /var/www/vhosts/staging.med.university.edu/storage/ mkdir /var/www/vhosts/staging.med.university.edu/storage/annualreports mkdir /var/www/vhosts/staging.med.university.edu/storage/app mkdir /var/www/vhosts/staging.med.university.edu/storage/app/cbe-uploads mkdir /var/www/vhosts/staging.med.university.edu/storage/app/cbe-uploads/learner-self-assessment-files mkdir /var/www/vhosts/staging.med.university.edu/storage/app/public mkdir /var/www/vhosts/staging.med.university.edu/storage/cache mkdir /var/www/vhosts/staging.med.university.edu/storage/cbme-uploads mkdir /var/www/vhosts/staging.med.university.edu/storage/cbme-uploads/advisor-files mkdir /var/www/vhosts/staging.med.university.edu/storage/community-discussions mkdir /var/www/vhosts/staging.med.university.edu/storage/community-galleries mkdir /var/www/vhosts/staging.med.university.edu/storage/community-shares mkdir /var/www/vhosts/staging.med.university.edu/storage/eportfolio mkdir /var/www/vhosts/staging.med.university.edu/storage/event-files mkdir /var/www/vhosts/staging.med.university.edu/storage/exam-files mkdir /var/www/vhosts/staging.med.university.edu/storage/framework mkdir /var/www/vhosts/staging.med.university.edu/storage/framework/cache mkdir /var/www/vhosts/staging.med.university.edu/storage/framework/cache/data mkdir /var/www/vhosts/staging.med.university.edu/storage/framework/sessions mkdir /var/www/vhosts/staging.med.university.edu/storage/framework/views mkdir /var/www/vhosts/staging.med.university.edu/storage/logs mkdir /var/www/vhosts/staging.med.university.edu/storage/lor mkdir /var/www/vhosts/staging.med.university.edu/storage/msprs mkdir /var/www/vhosts/staging.med.university.edu/storage/resource-images mkdir /var/www/vhosts/staging.med.university.edu/storage/secure-access mkdir /var/www/vhosts/staging.med.university.edu/storage/syllabi mkdir /var/www/vhosts/staging.med.university.edu/storage/tmp mkdir /var/www/vhosts/staging.med.university.edu/storage/user-photos chown -R staging:staging /var/www/vhosts/staging.med.university.edu chmod -R 777 /var/www/vhosts/staging.med.university.edu/storage/*Generate the SSL private keys required for each of your hostnames:
mkdir -p /root/certificates/2023 cd /root/certificates/2023 openssl genrsa -out elentra.med.university.edu.key 2048 openssl genrsa -out staging.med.university.edu.key 2048Generate the SSL certificate signing requests (CSRs) for your certificate authority for each of your hostnames.
openssl req -new -key elentra.med.university.edu.key -out elentra.med.university.edu.csr openssl req -new -key staging.med.university.edu.key -out staging.med.university.edu.csrYou will be asked a number of questions, answer accordingly, but do not answer enter anything for "Email Address", "A challenge password", or "An optional company name:
You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [XX]:CA State or Province Name (full name) []:Ontario Locality Name (eg, city) [Default City]:Kingston Organization Name (eg, company) [Default Company Ltd]:Queen's University Organizational Unit Name (eg, section) []:Health Sciences Education Technology Unit Common Name (eg, your name or your server's hostname) []:elentra.med.university.edu Email Address []: Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []: An optional company name []:
If you have a valid Certificate Authority certificate, you should create a .crt file foreach hostname and paste in the certificate text:
vim /root/certificates/2023/elentra.med.university.edu.crt vim /root/certificates/2023/staging.med.university.edu.crtYou will also likely have a certificate authority root chain certificate. Also paste this into a file called
ca-certificate.crt
If you are only creating self-signed certificates, you should do this for each hostname:
openssl x509 -req -days 365 -in elentra.med.university.edu.csr -signkey elentra.med.university.edu.key -out elentra.med.university.edu.crt openssl x509 -req -days 365 -in staging.med.university.edu.csr -signkey staging.med.university.edu.key -out staging.med.university.edu.crtInstall the certificates in the Apache virtual host directory:
mkdir /var/www/vhosts/elentra.med.university.edu/cert/ cp /root/certificates/2023/elentra.med.university.edu.crt /var/www/vhosts/elentra.med.university.edu/cert/ cp /root/certificates/2023/elentra.med.university.edu.key /var/www/vhosts/elentra.med.university.edu/cert/ mkdir /var/www/vhosts/staging.med.university.edu/cert/ cp /root/certificates/2023/staging.med.university.edu.crt /var/www/vhosts/staging.med.university.edu/cert/ cp /root/certificates/2023/staging.med.university.edu.key /var/www/vhosts/staging.med.university.edu/cert/Create the Apache VirtualHosts by creating a file named
000-elentra.confand placing it/etc/httpd/conf.d/.For configurations where the web server is directly accessible from the internet, the file should contain the following:
# This will limit what information Apache reveals about itself. ServerTokens Prod ServerSignature Off TraceEnable Off SSLStaplingCache "shmcb:logs/stapling-cache(150000)" # Apache performance tuning options for more connections. #<IfModule mpm_prefork_module> # MaxRequestWorkers 512 # ServerLimit 512 #</IfModule> # Production <VirtualHost *:80> ServerName elentra.med.university.edu ServerAdmin sysadmin@med.university.edu RewriteEngine On RewriteCond %{HTTPS} off RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} </VirtualHost> <VirtualHost *:443> ServerName elentra.med.university.edu:443 ServerAdmin sysadmin@med.university.edu SSLEngine on SSLProtocol -all +TLSv1.2 SSLHonorCipherOrder on SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH SSLCertificateFile /var/www/vhosts/elentra.med.university.edu/cert/elentra.med.university.edu.crt SSLCertificateKeyFile /var/www/vhosts/elentra.med.university.edu/cert/elentra.med.university.edu.key #SSLCACertificateFile /var/www/vhosts/elentra.med.university.edu/cert/ca-certificate.crt SSLUseStapling on Header always set Strict-Transport-Security "max-age=63072000; includeSubdomains;" Header always set X-Frame-Options SAMEORIGIN DocumentRoot /var/www/vhosts/elentra.med.university.edu/current/www-root <Directory "/var/www/vhosts/elentra.med.university.edu/current/www-root"> Options FollowSymLinks Require all granted AllowOverride all </Directory> ProxyPass "/app/" "ws://localhost:6000/app/" ProxyPassReverse "/app/" "ws://localhost:6000/app/" ProxyPass "/apps/" "http://localhost:6000/apps/" ProxyPassReverse "/apps/" "http://localhost:6000/apps/" </VirtualHost> # Staging <VirtualHost *:80> ServerName staging.med.university.edu ServerAdmin sysadmin@med.university.edu RewriteEngine On RewriteCond %{HTTPS} off RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} </VirtualHost> <VirtualHost *:443> ServerName staging.med.university.edu:443 ServerAdmin sysadmin@med.university.edu SSLEngine on SSLProtocol -all +TLSv1.2 SSLHonorCipherOrder on SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH SSLCertificateFile /var/www/vhosts/staging.med.university.edu/cert/staging.med.university.edu.crt SSLCertificateKeyFile /var/www/vhosts/staging.med.university.edu/cert/staging.med.university.edu.key #SSLCACertificateFile /var/www/vhosts/staging.med.university.edu/cert/ca-certificate.crt SSLUseStapling on Header always set Strict-Transport-Security "max-age=63072000; includeSubdomains;" Header always set X-Frame-Options SAMEORIGIN DocumentRoot /var/www/vhosts/staging.med.university.edu/current/www-root <Directory "/var/www/vhosts/staging.med.university.edu/current/www-root"> Options FollowSymLinks Require all granted AllowOverride all </Directory> ProxyPass "/app/" "ws://localhost:6000/app/" ProxyPassReverse "/app/" "ws://localhost:6000/app/" ProxyPass "/apps/" "http://localhost:6000/apps/" ProxyPassReverse "/apps/" "http://localhost:6000/apps/" </VirtualHost>For configurations where a load balancer sits in front of the web server and the load balancer communicates with the web server over http, the file should look like this:
# This will limit what information Apache reveals about itself. ServerTokens Prod ServerSignature Off TraceEnable Off SSLStaplingCache "shmcb:logs/stapling-cache(150000)" # Apache performance tuning options for more connections. #<IfModule mpm_prefork_module> # MaxRequestWorkers 512 # ServerLimit 512 #</IfModule> # Production <VirtualHost *:80> ServerName elentra.med.university.edu ServerAdmin sysadmin@med.university.edu DocumentRoot /var/www/vhosts/elentra.med.university.edu/current/www-root <Directory "/var/www/vhosts/elentra.med.university.edu/current/www-root"> Options FollowSymLinks Require all granted AllowOverride all </Directory> ProxyPass "/app/" "ws://localhost:6000/app/" ProxyPassReverse "/app/" "ws://localhost:6000/app/" ProxyPass "/apps/" "http://localhost:6000/apps/" ProxyPassReverse "/apps/" "http://localhost:6000/apps/" </VirtualHost> # Staging <VirtualHost *:80> ServerName staging.med.university.edu ServerAdmin sysadmin@med.university.edu DocumentRoot /var/www/vhosts/staging.med.university.edu/current/www-root <Directory "/var/www/vhosts/staging.med.university.edu/current/www-root"> Options FollowSymLinks Require all granted AllowOverride all </Directory> ProxyPass "/app/" "ws://localhost:6000/app/" ProxyPassReverse "/app/" "ws://localhost:6000/app/" ProxyPass "/apps/" "http://localhost:6000/apps/" ProxyPassReverse "/apps/" "http://localhost:6000/apps/" </VirtualHost>
Do a deployment to the new server.
Point the
app.jsonin the storage folder to the corresponding file in the codeln -s /var/www/vhosts/host.name.edu/current/www-root/core/storage/app/modules/app.json /var/www/vhosts/host.name.edu/storage/app/modules/app.jsonCreate a new file in the
/etc/supervisord.ddirectory calledelentra.ini, and use the following template snippet as a reference to create your own file. Please make sure that you have the correct path incommandandstdout_logfile, and thatuseris the correct system account that your existing cron jobs are run as.\[program:elentra-queue-staging] process_name=%(program_name)s_%(process_num)02d command=php /var/www/vhosts/staging.elentra.med.university.edu/current/www-root/core/library/vendor/elentrapackages/elentra-1x-api/artisan queue:work --queue=high,emails,default,low --env=staging autostart=true autorestart=true user=staging numprocs=1 redirect_stderr=true stdout_logfile=/var/www/vhosts/staging.elentra.med.university.edu/storage/logs/worker.log [program:elentra-queue-production] process_name=%(program_name)s_%(process_num)02d command=php /var/www/vhosts/elentra.med.university.edu/current/www-root/core/library/vendor/elentrapackages/elentra-1x-api/artisan queue:work --queue=high,emails,default,low --env=production autostart=true autorestart=true user=production numprocs=1 redirect_stderr=true stdout_logfile=/var/www/vhosts/elentra.med.university.edu/storage/logs/worker.log [program:elentra-websocket-staging] process_name=%(program_name)s_%(process_num)02d command=php /var/www/vhosts/staging.elentra.med.university.edu/current/www-root/core/library/vendor/elentrapackages/elentra-1x-api/artisan websockets:serve --port=6000 --env=staging autostart=true autorestart=true user=staging numprocs=1 redirect_stderr=true stdout_logfile=/var/www/vhosts/staging.elentra.med.university.edu/storage/logs/websocket.log [program:elentra-websocket-production] process_name=%(program_name)s_%(process_num)02d command=php /var/www/vhosts/elentra.med.university.edu/current/www-root/core/library/vendor/elentrapackages/elentra-1x-api/artisan websockets:serve --port=6000 --env=production autostart=true autorestart=true user=production numprocs=1 redirect_stderr=true stdout_logfile=/var/www/vhosts/elentra.med.university.edu/storage/logs/websocket.log [group:elentra] programs=elentra-queue-staging,elentra-queue-production,elentra-websocket-staging,elentra-websocket-productionTest your new Apache configuration, then restart Apache and Supervisor.
apachectl configtest systemctl restart httpd systemctl restart supervisord
This documentation can be used as a reference to create both your Production Application Server and/or Staging Application Server on a Enterprise Linux 7 virtual machine.
SSH into server and
sudoto root:ssh service@elentra.med.university.edu sudo -sChange the SELINUX variable in
/etc/selinux/configto permissive to prevent unforeseen and difficult to diagnose issues:SELINUX=permissiveAdd the following lines to
/etc/hostsfile:127.0.0.1 elentra.med.university.edu 127.0.0.1 staging.med.university.eduEdit the hostname of the virtual machine in the
/etc/hostnamefile:elentra.med.university.eduInstall
screen, update RHEL, and reboot:yum install screen screen yum update rebootSSH back into server, and install the Inline with Upstream Stable (IUS Community) package.
ssh service@elentra.med.university.edu sudo -s screen yum -y install https://repo.ius.io/ius-release-el7.rpm \ https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpmInstall Apache, OpenSSL, PHP, Git, HTMLDoc, mariadb (client), ClamAV, and NTP packages:
yum -y install git \ htmldoc \ curl \ wget \ unzip \ openssl \ httpd \ mod_ssl \ mod_php74 \ php74-cli \ php74-gd \ php74-devel \ php74-pdo \ php74-mysqlnd \ php74-intl \ php74-mbstring \ php74-bcmath \ php74-ldap \ php74-imap \ php74-soap \ php74-xml \ php74-xmlrpc \ php74-tidy \ php74-opcache \ php74-json \ php74-sodium \ php74-pecl-redis \ php74-pecl-zip \ mariadb104 \ clamav \ ntp \ supervisorInstall
wkhtmltopdffrom the binary package because the yum package provided by EPEL is broken:curl -SL https://github.com/wkhtmltopdf/wkhtmltopdf/releases/download/0.12.4/wkhtmltox-0.12.4_linux-generic-amd64.tar.xz | tar -xJC /root && cp /root/wkhtmltox/bin/* /usr/binStart Apache and Supervisor, and set to start on system startup:
systemctl enable httpd systemctl start httpd systemctl enable supervisord systemctl start supervisordCreate a new file called
/etc/php.d/elentra.iniand add the following:date.timezone = America/Toronto display_errors = Off error_reporting = E_ALL & ~E_NOTICE & ~E_DEPRECATED & ~E_STRICT expose_php = Off memory_limit = 512M post_max_size = 512M session.cookie_secure = 1 session.cookie_httponly = 1 session.cookie_samesite = Strict upload_max_filesize = 512MCreate an Elentra system user called
production, which is used for production deployments:useradd -m production passwd productionCreate and permission the SSH
authorized_keysfile for theproductionuser.cd /home/production mkdir /home/production/.ssh touch /home/production/.ssh/authorized_keys chown -R production:production /home/production/.ssh chmod 700 /home/production/.ssh chmod 600 /home/production/.ssh/authorized_keysAdd all developers' SSH public keys (i.e.
cat ~/.ssh/id_rsa.pub) that are allowed to deploy Elentra to your production environment to the newauthorized_keysfile.vim /home/production/.ssh/authorized_keysCreate an Elentra system user called
staging, which is used for staging deployments:useradd -m staging passwd stagingCreate and permission the SSH
authorized_keysfile for thestaginguser.cd /home/staging mkdir /home/staging/.ssh touch /home/staging/.ssh/authorized_keys chown -R staging:staging /home/staging/.ssh chmod 700 /home/staging/.ssh chmod 600 /home/staging/.ssh/authorized_keysAdd all developers' SSH public keys (i.e.
cat ~/.ssh/id_rsa.pub) that are allowed to deploy Elentra to your staging environment to the newauthorized_keysfile.vim /home/staging/.ssh/authorized_keysCreate and appropriately permission the Apache document root and Elentra storage directories for production.
mkdir -p /var/www/vhosts/elentra.med.university.edu/storage/ mkdir /var/www/vhosts/elentra.med.university.edu/storage/annualreports mkdir /var/www/vhosts/elentra.med.university.edu/storage/app mkdir /var/www/vhosts/elentra.med.university.edu/storage/app/cbe-uploads mkdir /var/www/vhosts/elentra.med.university.edu/storage/app/cbe-uploads/learner-self-assessment-files mkdir /var/www/vhosts/elentra.med.university.edu/storage/app/public mkdir /var/www/vhosts/elentra.med.university.edu/storage/cache mkdir /var/www/vhosts/elentra.med.university.edu/storage/cbme-uploads mkdir /var/www/vhosts/elentra.med.university.edu/storage/cbme-uploads/advisor-files mkdir /var/www/vhosts/elentra.med.university.edu/storage/community-discussions mkdir /var/www/vhosts/elentra.med.university.edu/storage/community-galleries mkdir /var/www/vhosts/elentra.med.university.edu/storage/community-shares mkdir /var/www/vhosts/elentra.med.university.edu/storage/eportfolio mkdir /var/www/vhosts/elentra.med.university.edu/storage/event-files mkdir /var/www/vhosts/elentra.med.university.edu/storage/exam-files mkdir /var/www/vhosts/elentra.med.university.edu/storage/framework mkdir /var/www/vhosts/elentra.med.university.edu/storage/framework/cache mkdir /var/www/vhosts/elentra.med.university.edu/storage/framework/cache/data mkdir /var/www/vhosts/elentra.med.university.edu/storage/framework/sessions mkdir /var/www/vhosts/elentra.med.university.edu/storage/framework/views mkdir /var/www/vhosts/elentra.med.university.edu/storage/logs mkdir /var/www/vhosts/elentra.med.university.edu/storage/lor mkdir /var/www/vhosts/elentra.med.university.edu/storage/msprs mkdir /var/www/vhosts/elentra.med.university.edu/storage/resource-images mkdir /var/www/vhosts/elentra.med.university.edu/storage/secure-access mkdir /var/www/vhosts/elentra.med.university.edu/storage/syllabi mkdir /var/www/vhosts/elentra.med.university.edu/storage/user-photos chown -R production:production /var/www/vhosts/elentra.med.university.edu chmod -R 777 /var/www/vhosts/elentra.med.university.edu/storage/*Create and appropriately permission the Apache document root and Elentra storage directories for staging.
mkdir -p /var/www/vhosts/staging.med.university.edu/storage/ mkdir /var/www/vhosts/staging.med.university.edu/storage/annualreports mkdir /var/www/vhosts/staging.med.university.edu/storage/app mkdir /var/www/vhosts/staging.med.university.edu/storage/app/cbe-uploads mkdir /var/www/vhosts/staging.med.university.edu/storage/app/cbe-uploads/learner-self-assessment-files mkdir /var/www/vhosts/staging.med.university.edu/storage/app/public mkdir /var/www/vhosts/staging.med.university.edu/storage/cache mkdir /var/www/vhosts/staging.med.university.edu/storage/cbme-uploads mkdir /var/www/vhosts/staging.med.university.edu/storage/cbme-uploads/advisor-files mkdir /var/www/vhosts/staging.med.university.edu/storage/community-discussions mkdir /var/www/vhosts/staging.med.university.edu/storage/community-galleries mkdir /var/www/vhosts/staging.med.university.edu/storage/community-shares mkdir /var/www/vhosts/staging.med.university.edu/storage/eportfolio mkdir /var/www/vhosts/staging.med.university.edu/storage/event-files mkdir /var/www/vhosts/staging.med.university.edu/storage/exam-files mkdir /var/www/vhosts/staging.med.university.edu/storage/framework mkdir /var/www/vhosts/staging.med.university.edu/storage/framework/cache mkdir /var/www/vhosts/staging.med.university.edu/storage/framework/cache/data mkdir /var/www/vhosts/staging.med.university.edu/storage/framework/sessions mkdir /var/www/vhosts/staging.med.university.edu/storage/framework/views mkdir /var/www/vhosts/staging.med.university.edu/storage/logs mkdir /var/www/vhosts/staging.med.university.edu/storage/lor mkdir /var/www/vhosts/staging.med.university.edu/storage/msprs mkdir /var/www/vhosts/staging.med.university.edu/storage/resource-images mkdir /var/www/vhosts/staging.med.university.edu/storage/secure-access mkdir /var/www/vhosts/staging.med.university.edu/storage/syllabi mkdir /var/www/vhosts/staging.med.university.edu/storage/user-photos chown -R staging:staging /var/www/vhosts/staging.med.university.edu chmod -R 777 /var/www/vhosts/staging.med.university.edu/storage/*Point the app.json in the storage folder to the corresponding file in the code
ln -s /var/www/vhosts/host.name.edu/current/www-root/core/storage/app/modules/app.json /var/www/vhosts/host.name.edu/storage/app/modules/app.jsonGenerate the SSL private keys required for each of your hostnames:
mkdir -p /root/certificates/2023 cd /root/certificates/2023 openssl genrsa -out elentra.med.university.edu.key 2048 openssl genrsa -out staging.med.university.edu.key 2048Generate the SSL certificate signing requests (CSRs) for your certificate authority for each of your hostnames:
openssl req -new -key elentra.med.university.edu.key -out elentra.med.university.edu.csr openssl req -new -key staging.med.university.edu.key -out staging.med.university.edu.csrYou will be asked a number of questions, answer accordingly, but do not answer enter anything for "Email Address", "A challenge password", or "An optional company name":
You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [XX]:CA State or Province Name (full name) []:Ontario Locality Name (eg, city) [Default City]:Kingston Organization Name (eg, company) [Default Company Ltd]:Queen's University Organizational Unit Name (eg, section) []:Health Sciences Education Technology Unit Common Name (eg, your name or your server's hostname) []:elentra.med.university.edu Email Address []: Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []: An optional company name []:If you have a valid Certificate Authority certificate, you should create a .crt file foreach hostname and paste in the certificate text:
vim /root/certificates/2023/elentra.med.university.edu.crt vim /root/certificates/2023/staging.med.university.edu.crtYou will also likely have a certificate authority root chain certificate. Also paste this into a file called
ca-certificate.crt.\If you are only creating self-signed certificates, you should do this for each hostname:
openssl x509 -req -days 365 -in elentra.med.university.edu.csr -signkey elentra.med.university.edu.key -out elentra.med.university.edu.crt openssl x509 -req -days 365 -in staging.med.university.edu.csr -signkey staging.med.university.edu.key -out staging.med.university.edu.crtInstall the certificates in the Apache virtual host directory:
mkdir /var/www/vhosts/elentra.med.university.edu/cert/ cp /root/certificates/2023/elentra.med.university.edu.crt /var/www/vhosts/elentra.med.university.edu/cert/ cp /root/certificates/2023/elentra.med.university.edu.key /var/www/vhosts/elentra.med.university.edu/cert/ mkdir /var/www/vhosts/staging.med.university.edu/cert/ cp /root/certificates/2023/staging.med.university.edu.crt /var/www/vhosts/staging.med.university.edu/cert/ cp /root/certificates/2023/staging.med.university.edu.key /var/www/vhosts/staging.med.university.edu/cert/Create the Apache VirtualHosts by creating a file named
000-elentra.confand placing it/etc/httpd/conf.d/. This file should contain the following:# This will limit what information Apache reveals about itself. ServerTokens Prod ServerSignature Off TraceEnable Off SSLStaplingCache "shmcb:logs/stapling-cache(150000)" # Apache performance tuning options for more connections. #<IfModule mpm_prefork_module> # MaxRequestWorkers 512 # ServerLimit 512 #</IfModule> # Production <VirtualHost *:80> ServerName elentra.med.university.edu ServerAdmin sysadmin@med.university.edu RewriteEngine On RewriteCond %{HTTPS} off RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} </VirtualHost> <VirtualHost *:443> ServerName elentra.med.university.edu:443 ServerAdmin sysadmin@med.university.edu SSLEngine on SSLProtocol -all +TLSv1.2 SSLHonorCipherOrder on SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH SSLCertificateFile /var/www/vhosts/elentra.med.university.edu/cert/elentra.med.university.edu.crt SSLCertificateKeyFile /var/www/vhosts/elentra.med.university.edu/cert/elentra.med.university.edu.key #SSLCACertificateFile /var/www/vhosts/elentra.med.university.edu/cert/ca-certificate.crt SSLUseStapling on Header always set Strict-Transport-Security "max-age=63072000; includeSubdomains;" Header always set X-Frame-Options SAMEORIGIN DocumentRoot /var/www/vhosts/elentra.med.university.edu/current/www-root <Directory "/var/www/vhosts/elentra.med.university.edu/current/www-root"> Options FollowSymLinks Require all granted AllowOverride all </Directory> </VirtualHost> # Staging <VirtualHost *:80> ServerName staging.med.university.edu ServerAdmin sysadmin@med.university.edu RewriteEngine On RewriteCond %{HTTPS} off RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} </VirtualHost> <VirtualHost *:443> ServerName staging.med.university.edu:443 ServerAdmin sysadmin@med.university.edu SSLEngine on SSLProtocol -all +TLSv1.2 SSLHonorCipherOrder on SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH SSLCertificateFile /var/www/vhosts/staging.med.university.edu/cert/staging.med.university.edu.crt SSLCertificateKeyFile /var/www/vhosts/staging.med.university.edu/cert/staging.med.university.edu.key #SSLCACertificateFile /var/www/vhosts/staging.med.university.edu/cert/ca-certificate.crt SSLUseStapling on Header always set Strict-Transport-Security "max-age=63072000; includeSubdomains;" Header always set X-Frame-Options SAMEORIGIN DocumentRoot /var/www/vhosts/staging.med.university.edu/current/www-root <Directory "/var/www/vhosts/staging.med.university.edu/current/www-root"> Options FollowSymLinks Require all granted AllowOverride all </Directory> </VirtualHost>Create a new file in the
/etc/supervisord.ddirectory calledelentra.ini, and use the following template snippet as a reference to create your own file.\Please make sure that you have the correct path in
commandandstdout_logfile, and thatuseris the correct system account that your existing cron jobs are run as.[program:staging] process_name=%(program_name)s_%(process_num)02d command=php /var/www/vhosts/staging.elentra.med.university.edu/current/www-root/core/library/vendor/elentrapackages/elentra-1x-api/artisan queue:work --queue=high,emails,default,low --env=staging autostart=true autorestart=true user=staging numprocs=1 redirect_stderr=true stdout_logfile=/var/www/vhosts/staging.elentra.med.university.edu/storage/logs/worker.log [program:production] process_name=%(program_name)s_%(process_num)02d command=php /var/www/vhosts/elentra.med.university.edu/current/www-root/core/library/vendor/elentrapackages/elentra-1x-api/artisan queue:work --queue=high,emails,default,low --env=production autostart=true autorestart=true user=production numprocs=1 redirect_stderr=true stdout_logfile=/var/www/vhosts/elentra.med.university.edu/storage/logs/worker.log [group:elentra] programs=staging,productionTest your new Apache configuration, then restart Apache and Supervisor.
apachectl configtest systemctl restart httpd systemctl restart supervisord
This documentation can be used as a reference to create both your Production Application Server and/or Staging Application Server on a Ubuntu 22.04 virtual machine.
SSH into server and
sudoto root:ssh service@elentra.med.university.edu sudo -sAdd the following lines to
/etc/hostsfile:127.0.0.1 elentra.med.university.edu 127.0.0.1 staging.med.university.eduEdit the hostname of the virtual machine in the
/etc/hostnamefile:elentra.med.university.eduInstall
screen, update RHEL, and reboot:apt install screen screen apt update apt upgrade rebootSSH back into server, and install the Ondrej PHP repository.
ssh service@elentra.med.university.edu sudo -s screen add-apt-repository ppa:ondrej/phpInstall Apache, OpenSSL, Git, HTMLDoc, mariadb (client), ClamAV, and NTP packages:
apt install -y git \ htmldoc \ curl \ wget \ unzip \ openssl \ apache2 \ mariadb-client \ clamav \ ntp \ supervisorInstall either PHP 8.0 or 7.4:\
PHP 8.0 (Elentra 1.24+)
apt install -y libapache2-mod-php8.0 \ php8.0-cli \ php8.0-gd \ php8.0-dev \ php8.0-mysql \ php8.0-curl \ php8.0-intl \ php8.0-mbstring \ php8.0-bcmath \ php8.0-ldap \ php8.0-imap \ php8.0-redis \ php8.0-soap \ php8.0-xml \ php8.0-xmlrpc \ php8.0-tidy \ php8.0-opcache \ php8.0-zipPHP 7.4
apt install -y libapache2-mod-php7.4 \ php7.4-cli \ php7.4-gd \ php7.4-dev \ php7.4-mysql \ php7.4-curl \ php7.4-intl \ php7.4-mbstring \ php7.4-bcmath \ php7.4-ldap \ php7.4-imap \ php7.4-redis \ php7.4-soap \ php7.4-xml \ php7.4-xmlrpc \ php7.4-tidy \ php7.4-opcache \ php7.4-json \ php7.4-zipInstall
wkhtmltopdffrom the binary package, as the apt package installs way too many dependencies:curl -SL https://github.com/wkhtmltopdf/wkhtmltopdf/releases/download/0.12.4/wkhtmltox-0.12.4_linux-generic-amd64.tar.xz | tar -xJC /root && cp /root/wkhtmltox/bin/* /usr/binStart Apache and Supervisor, and set to start on system startup:
a2enmod ssl rewrite headers proxy proxy_http proxy_balancer expires systemctl enable apache2 systemctl start apache2 systemctl enable supervisor systemctl start supervisorCreate a new file called
/etc/php/8.0/mods-available/elentra.iniand add the following:date.timezone = America/Toronto display_errors = Off error_reporting = E_ALL & ~E_NOTICE & ~E_DEPRECATED & ~E_STRICT expose_php = Off memory_limit = 512M post_max_size = 512M session.cookie_secure = 1 session.cookie_httponly = 1 session.cookie_samesite = Strict upload_max_filesize = 512MEnable this new module by typing:
phpenmod elentraCreate an Elentra system user called
production, which is used for production deployments:useradd -m production passwd productionCreate and permission the SSH
authorized_keysfile for theproductionuser.cd /home/production mkdir /home/production/.ssh touch /home/production/.ssh/authorized_keys chown -R production:production /home/production/.ssh chmod 700 /home/production/.ssh chmod 600 /home/production/.ssh/authorized_keysAdd all developers' SSH public keys (i.e.
cat ~/.ssh/id_rsa.pub) that are allowed to deploy Elentra to your production environment to the newauthorized_keysfile.vim /home/production/.ssh/authorized_keysCreate an Elentra system user called
staging, which is used for staging deployments:useradd -m staging passwd stagingCreate and permission the SSH
authorized_keysfile for thestaginguser.cd /home/staging mkdir /home/staging/.ssh touch /home/staging/.ssh/authorized_keys chown -R staging:staging /home/staging/.ssh chmod 700 /home/staging/.ssh chmod 600 /home/staging/.ssh/authorized_keysAdd all developers' SSH public keys (i.e.
cat ~/.ssh/id_rsa.pub) that are allowed to deploy Elentra to your staging environment to the newauthorized_keysfile.vim /home/staging/.ssh/authorized_keysCreate and appropriately permission the Apache document root and Elentra storage directories for production.
mkdir -p /var/www/vhosts/elentra.med.university.edu/storage/ mkdir /var/www/vhosts/elentra.med.university.edu/storage/annualreports mkdir /var/www/vhosts/elentra.med.university.edu/storage/app mkdir /var/www/vhosts/elentra.med.university.edu/storage/app/public mkdir /var/www/vhosts/elentra.med.university.edu/storage/cache mkdir /var/www/vhosts/elentra.med.university.edu/storage/cbme-uploads mkdir /var/www/vhosts/elentra.med.university.edu/storage/cbme-uploads/advisor-files mkdir /var/www/vhosts/elentra.med.university.edu/storage/community-discussions mkdir /var/www/vhosts/elentra.med.university.edu/storage/community-galleries mkdir /var/www/vhosts/elentra.med.university.edu/storage/community-shares mkdir /var/www/vhosts/elentra.med.university.edu/storage/eportfolio mkdir /var/www/vhosts/elentra.med.university.edu/storage/event-files mkdir /var/www/vhosts/elentra.med.university.edu/storage/exam-files mkdir /var/www/vhosts/elentra.med.university.edu/storage/framework mkdir /var/www/vhosts/elentra.med.university.edu/storage/framework/cache mkdir /var/www/vhosts/elentra.med.university.edu/storage/framework/cache/data mkdir /var/www/vhosts/elentra.med.university.edu/storage/framework/sessions mkdir /var/www/vhosts/elentra.med.university.edu/storage/framework/views mkdir /var/www/vhosts/elentra.med.university.edu/storage/logs mkdir /var/www/vhosts/elentra.med.university.edu/storage/lor mkdir /var/www/vhosts/elentra.med.university.edu/storage/msprs mkdir /var/www/vhosts/elentra.med.university.edu/storage/resource-images mkdir /var/www/vhosts/elentra.med.university.edu/storage/secure-access mkdir /var/www/vhosts/elentra.med.university.edu/storage/syllabi mkdir /var/www/vhosts/elentra.med.university.edu/storage/user-photos chown -R production:production /var/www/vhosts/elentra.med.university.edu chmod -R 777 /var/www/vhosts/elentra.med.university.edu/storage/*Create and appropriately permission the Apache document root and Elentra storage directories for staging.
mkdir -p /var/www/vhosts/staging.med.university.edu/storage/ mkdir /var/www/vhosts/staging.med.university.edu/storage/annualreports mkdir /var/www/vhosts/staging.med.university.edu/storage/app mkdir /var/www/vhosts/staging.med.university.edu/storage/app/public mkdir /var/www/vhosts/staging.med.university.edu/storage/cache mkdir /var/www/vhosts/staging.med.university.edu/storage/cbme-uploads mkdir /var/www/vhosts/staging.med.university.edu/storage/cbme-uploads/advisor-files mkdir /var/www/vhosts/staging.med.university.edu/storage/community-discussions mkdir /var/www/vhosts/staging.med.university.edu/storage/community-galleries mkdir /var/www/vhosts/staging.med.university.edu/storage/community-shares mkdir /var/www/vhosts/staging.med.university.edu/storage/eportfolio mkdir /var/www/vhosts/staging.med.university.edu/storage/event-files mkdir /var/www/vhosts/staging.med.university.edu/storage/exam-files mkdir /var/www/vhosts/staging.med.university.edu/storage/framework mkdir /var/www/vhosts/staging.med.university.edu/storage/framework/cache mkdir /var/www/vhosts/staging.med.university.edu/storage/framework/cache/data mkdir /var/www/vhosts/staging.med.university.edu/storage/framework/sessions mkdir /var/www/vhosts/staging.med.university.edu/storage/framework/views mkdir /var/www/vhosts/staging.med.university.edu/storage/logs mkdir /var/www/vhosts/staging.med.university.edu/storage/lor mkdir /var/www/vhosts/staging.med.university.edu/storage/msprs mkdir /var/www/vhosts/staging.med.university.edu/storage/resource-images mkdir /var/www/vhosts/staging.med.university.edu/storage/secure-access mkdir /var/www/vhosts/staging.med.university.edu/storage/syllabi mkdir /var/www/vhosts/staging.med.university.edu/storage/user-photos chown -R staging:staging /var/www/vhosts/staging.med.university.edu chmod -R 777 /var/www/vhosts/staging.med.university.edu/storage/*Generate the SSL private keys required for each of your hostnames:
mkdir -p /root/certificates/2023 cd /root/certificates/2023 openssl genrsa -out elentra.med.university.edu.key 2048 openssl genrsa -out staging.med.university.edu.key 2048Generate the SSL certificate signing requests (CSRs) for your certificate authority for each of your hostnames:
openssl req -new -key elentra.med.university.edu.key -out elentra.med.university.edu.csr openssl req -new -key staging.med.university.edu.key -out staging.med.university.edu.csrYou will be asked a number of questions, answer accordingly, but do not answer enter anything for "Email Address", "A challenge password", or "An optional company name":
You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [XX]:CA State or Province Name (full name) []:Ontario Locality Name (eg, city) [Default City]:Kingston Organization Name (eg, company) [Default Company Ltd]:Queen's University Organizational Unit Name (eg, section) []:Health Sciences Education Technology Unit Common Name (eg, your name or your server's hostname) []:elentra.med.university.edu Email Address []: Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []: An optional company name []:If you have a valid Certificate Authority certificate, you should create a .crt file foreach hostname and paste in the certificate text:
vim /root/certificates/2023/elentra.med.university.edu.crt vim /root/certificates/2023/staging.med.university.edu.crtYou will also likely have a certificate authority root chain certificate. Also paste this into a file called
ca-certificate.crt.\If you are only creating self-signed certificates, you should do this for each hostname:
openssl x509 -req -days 365 -in elentra.med.university.edu.csr -signkey elentra.med.university.edu.key -out elentra.med.university.edu.crt openssl x509 -req -days 365 -in staging.med.university.edu.csr -signkey staging.med.university.edu.key -out staging.med.university.edu.crtInstall the certificates in the Apache virtual host directory:
mkdir /var/www/vhosts/elentra.med.university.edu/cert/ cp /root/certificates/2023/elentra.med.university.edu.crt /var/www/vhosts/elentra.med.university.edu/cert/ cp /root/certificates/2023/elentra.med.university.edu.key /var/www/vhosts/elentra.med.university.edu/cert/ mkdir /var/www/vhosts/staging.med.university.edu/cert/ cp /root/certificates/2023/staging.med.university.edu.crt /var/www/vhosts/staging.med.university.edu/cert/ cp /root/certificates/2023/staging.med.university.edu.key /var/www/vhosts/staging.med.university.edu/cert/Create the Apache VirtualHosts by creating a file named
000-elentra.confand placing it/etc/apache2/sites-available/. This file should contain the following:# This will limit what information Apache reveals about itself. ServerTokens Prod ServerSignature Off TraceEnable Off SSLStaplingCache "shmcb:logs/stapling-cache(150000)" # Apache performance tuning options for more connections. #<IfModule mpm_prefork_module> # MaxRequestWorkers 512 # ServerLimit 512 #</IfModule> # Production <VirtualHost *:80> ServerName elentra.med.university.edu ServerAdmin sysadmin@med.university.edu RewriteEngine On RewriteCond %{HTTPS} off RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} </VirtualHost> <VirtualHost *:443> ServerName elentra.med.university.edu:443 ServerAdmin sysadmin@med.university.edu SSLEngine on SSLProtocol -all +TLSv1.2 SSLHonorCipherOrder on SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH SSLCertificateFile /var/www/vhosts/elentra.med.university.edu/cert/elentra.med.university.edu.crt SSLCertificateKeyFile /var/www/vhosts/elentra.med.university.edu/cert/elentra.med.university.edu.key #SSLCACertificateFile /var/www/vhosts/elentra.med.university.edu/cert/ca-certificate.crt SSLUseStapling on Header always set Strict-Transport-Security "max-age=63072000; includeSubdomains;" Header always set X-Frame-Options SAMEORIGIN DocumentRoot /var/www/vhosts/elentra.med.university.edu/current/www-root <Directory "/var/www/vhosts/elentra.med.university.edu/current/www-root"> Options FollowSymLinks Require all granted AllowOverride all </Directory> </VirtualHost> # Staging <VirtualHost *:80> ServerName staging.med.university.edu ServerAdmin sysadmin@med.university.edu RewriteEngine On RewriteCond %{HTTPS} off RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} </VirtualHost> <VirtualHost *:443> ServerName staging.med.university.edu:443 ServerAdmin sysadmin@med.university.edu SSLEngine on SSLProtocol -all +TLSv1.2 SSLHonorCipherOrder on SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH SSLCertificateFile /var/www/vhosts/staging.med.university.edu/cert/staging.med.university.edu.crt SSLCertificateKeyFile /var/www/vhosts/staging.med.university.edu/cert/staging.med.university.edu.key #SSLCACertificateFile /var/www/vhosts/staging.med.university.edu/cert/ca-certificate.crt SSLUseStapling on Header always set Strict-Transport-Security "max-age=63072000; includeSubdomains;" Header always set X-Frame-Options SAMEORIGIN DocumentRoot /var/www/vhosts/staging.med.university.edu/current/www-root <Directory "/var/www/vhosts/staging.med.university.edu/current/www-root"> Options FollowSymLinks Require all granted AllowOverride all </Directory> </VirtualHost>Enable this new site by typing:
a2ensite 000-elentra systemctl reload apache2Create a new file in the
/etc/supervisor/conf.ddirectory calledelentra.conf, and use the following template snippet as a reference to create your own file.\Please make sure that you have the correct path in
commandandstdout_logfile, and thatuseris the correct system account that your existing cron jobs are run as.[program:staging] process_name=%(program_name)s_%(process_num)02d command=php /var/www/vhosts/staging.elentra.med.university.edu/current/www-root/core/library/vendor/elentrapackages/elentra-1x-api/artisan queue:work --queue=high,emails,default,low --env=staging autostart=true autorestart=true user=staging numprocs=1 redirect_stderr=true stdout_logfile=/var/www/vhosts/staging.elentra.med.university.edu/storage/logs/worker.log [program:production] process_name=%(program_name)s_%(process_num)02d command=php /var/www/vhosts/elentra.med.university.edu/current/www-root/core/library/vendor/elentrapackages/elentra-1x-api/artisan queue:work --queue=high,emails,default,low --env=production autostart=true autorestart=true user=production numprocs=1 redirect_stderr=true stdout_logfile=/var/www/vhosts/elentra.med.university.edu/storage/logs/worker.log [group:elentra] programs=staging,productionTest your new Apache configuration, then restart Apache and Supervisor.
apachectl configtest systemctl restart apache2 systemctl restart supervisor
Last updated