Application Server
The hostnames referenced throughout this documentation will be
elentra.med.university.edu
and staging.med.university.edu
, which must be replaced by your actual DNS hostnames.Enterprise Linux 8
Enterprise Linux 7
Ubuntu 22.04
This documentation can be used as a reference to create both your Production Application Server and/or Staging Application Server on a Enterprise Linux 8 virtual machine.
- 1.SSH into server and
sudo
to root:sudo -s - 2.Change the SELINUX variable in
/etc/selinux/config
to permissive to prevent unforeseen and difficult to diagnose issues:SELINUX=permissive - 3.Add the following lines to
/etc/hosts
file:127.0.0.1 elentra.med.university.edu127.0.0.1 staging.med.university.edu - 4.Edit the hostname of the virtual machine in the
/etc/hostname
file:elentra.med.university.edu - 5.Install
screen
, update RHEL, and reboot:dnf install screenscreendnf updatereboot - 6.SSH back into server, and install the Inline with Upstream Stable (IUS Community) package.sudo -sscreendnf -y install http://rpms.remirepo.net/enterprise/remi-relase-8.rpm \https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
- 7.Install Snapd and htmldoc:dnf -y install snapdsystemctl enable --now snapd.socketln -s /var/lib/snapd/snap /snapsnap install htmldoc
- 8.Install Apache, OpenSSL, PHP, Git, HTMLDoc, mariadb (client), ClamAV, and NTP packages:dnf module install php:remi-8.1 -ydnf -y install git \curl \wget \unzip \openssl \httpd \mod_ssl \php-cli \php-gd \php-devel \php-pdo \php-mysqlnd \php-intl \php-mbstring \php-bcmath \php-ldap \php-imap \php-soap \php-xml \php-xmlrpc \php-tidy \php-opcache \php-json \php-sodium \php-pecl-redis \php-pecl-zip \mariadb \clamav \chrony \supervisor
- 9.Install
wkhtmltopdf
from the binary package because the yum package provided by EPEL is broken:curl -SL https://github.com/wkhtmltopdf/wkhtmltopdf/releases/download/0.12.4/wkhtmltox-0.12.4_linux-generic-amd64.tar.xz | tar -xJC /root && cp /root/wkhtmltox/bin/* /usr/bin - 10.Start Apache and Supervisor, and set to start on system startup:systemctl enable httpdsystemctl start httpdsystemctl enable supervisordsystemctl start supervisord
- 11.Create a new file called
/etc/php.d/elentra.ini
and add the following:date.timezone = America/Torontodisplay_errors = Offerror_reporting = E_ALL & ~E_NOTICE & ~E_DEPRECATED & ~E_STRICTexpose_php = Offmemory_limit = 512Mpost_max_size = 512Msession.cookie_secure = 1session.cookie_httponly = 1session.cookie_samesite = Strictupload_max_filesize = 512M - 12.Create an Elentra system user called
production
, which is used for production deployments:useradd -m productionpasswd productionusermod -G apache -a productionusermod -G production -a apache - 13.Create and permission the SSH
authorized_keys
file for theproduction
user.cd /home/productionmkdir /home/production/.sshtouch /home/production/.ssh/authorized_keyschown -R production:production /home/production/.sshchmod 700 /home/production/.sshchmod 600 /home/production/.ssh/authorized_keys - 14.Add all developers' SSH public keys (i.e.
cat ~/.ssh/id_rsa.pub
) that are allowed to deploy Elentra to your production environment to the newauthorized_keys
file.vim /home/production/.ssh/authorized_keys - 15.Create an Elentra system user called
staging
, which is used for staging deployments:useradd -m stagingpasswd stagingusermod -G apache -a stagingusermod -G staging -a apache - 16.Create and permission the SSH
authorized_keys
file for thestaging
user.cd /home/stagingmkdir /home/staging/.sshtouch /home/staging/.ssh/authorized_keyschown -R staging:staging /home/staging/.sshchmod 700 /home/staging/.sshchmod 600 /home/staging/.ssh/authorized_keys - 17.Add all developers' SSH public keys (i.e.
cat ~/.ssh/id_rsa.pub
) that are allowed to deploy Elentra to your staging environment to the newauthorized_keys
file.vim /home/staging/.ssh/authorized_keys - 18.Create and appropriately permission the Apache document root and Elentra storage directories for production.mkdir -p /var/www/vhosts/elentra.med.university.edu/storage/mkdir /var/www/vhosts/elentra.med.university.edu/storage/annualreportsmkdir /var/www/vhosts/elentra.med.university.edu/storage/appmkdir /var/www/vhosts/elentra.med.university.edu/storage/app/cbe-uploadsmkdir /var/www/vhosts/elentra.med.university.edu/storage/app/cbe-uploads/learner-self-assessment-filesmkdir /var/www/vhosts/elentra.med.university.edu/storage/app/publicmkdir /var/www/vhosts/elentra.med.university.edu/storage/cachemkdir /var/www/vhosts/elentra.med.university.edu/storage/cbme-uploadsmkdir /var/www/vhosts/elentra.med.university.edu/storage/cbme-uploads/advisor-filesmkdir /var/www/vhosts/elentra.med.university.edu/storage/community-discussionsmkdir /var/www/vhosts/elentra.med.university.edu/storage/community-galleriesmkdir /var/www/vhosts/elentra.med.university.edu/storage/community-sharesmkdir /var/www/vhosts/elentra.med.university.edu/storage/eportfoliomkdir /var/www/vhosts/elentra.med.university.edu/storage/event-filesmkdir /var/www/vhosts/elentra.med.university.edu/storage/exam-filesmkdir /var/www/vhosts/elentra.med.university.edu/storage/frameworkmkdir /var/www/vhosts/elentra.med.university.edu/storage/framework/cachemkdir /var/www/vhosts/elentra.med.university.edu/storage/framework/cache/datamkdir /var/www/vhosts/elentra.med.university.edu/storage/framework/sessionsmkdir /var/www/vhosts/elentra.med.university.edu/storage/framework/viewsmkdir /var/www/vhosts/elentra.med.university.edu/storage/logsmkdir /var/www/vhosts/elentra.med.university.edu/storage/lormkdir /var/www/vhosts/elentra.med.university.edu/storage/msprsmkdir /var/www/vhosts/elentra.med.university.edu/storage/resource-imagesmkdir /var/www/vhosts/elentra.med.university.edu/storage/secure-accessmkdir /var/www/vhosts/elentra.med.university.edu/storage/syllabimkdir /var/www/vhosts/elentra.med.university.edu/storage/user-photoschown -R production:production /var/www/vhosts/elentra.med.university.educhmod -R 777 /var/www/vhosts/elentra.med.university.edu/storage/*
- 19.Create and appropriately permission the Apache document root and Elentra storage directories for staging.mkdir -p /var/www/vhosts/staging.med.university.edu/storage/mkdir /var/www/vhosts/staging.med.university.edu/storage/annualreportsmkdir /var/www/vhosts/staging.med.university.edu/storage/appmkdir /var/www/vhosts/staging.med.university.edu/storage/app/cbe-uploadsmkdir /var/www/vhosts/staging.med.university.edu/storage/app/cbe-uploads/learner-self-assessment-filesmkdir /var/www/vhosts/staging.med.university.edu/storage/app/publicmkdir /var/www/vhosts/staging.med.university.edu/storage/cachemkdir /var/www/vhosts/staging.med.university.edu/storage/cbme-uploadsmkdir /var/www/vhosts/staging.med.university.edu/storage/cbme-uploads/advisor-filesmkdir /var/www/vhosts/staging.med.university.edu/storage/community-discussionsmkdir /var/www/vhosts/staging.med.university.edu/storage/community-galleriesmkdir /var/www/vhosts/staging.med.university.edu/storage/community-sharesmkdir /var/www/vhosts/staging.med.university.edu/storage/eportfoliomkdir /var/www/vhosts/staging.med.university.edu/storage/event-filesmkdir /var/www/vhosts/staging.med.university.edu/storage/exam-filesmkdir /var/www/vhosts/staging.med.university.edu/storage/frameworkmkdir /var/www/vhosts/staging.med.university.edu/storage/framework/cachemkdir /var/www/vhosts/staging.med.university.edu/storage/framework/cache/datamkdir /var/www/vhosts/staging.med.university.edu/storage/framework/sessionsmkdir /var/www/vhosts/staging.med.university.edu/storage/framework/viewsmkdir /var/www/vhosts/staging.med.university.edu/storage/logsmkdir /var/www/vhosts/staging.med.university.edu/storage/lormkdir /var/www/vhosts/staging.med.university.edu/storage/msprsmkdir /var/www/vhosts/staging.med.university.edu/storage/resource-imagesmkdir /var/www/vhosts/staging.med.university.edu/storage/secure-accessmkdir /var/www/vhosts/staging.med.university.edu/storage/syllabimkdir /var/www/vhosts/staging.med.university.edu/storage/user-photoschown -R staging:staging /var/www/vhosts/staging.med.university.educhmod -R 777 /var/www/vhosts/staging.med.university.edu/storage/*
- 20.Generate the SSL private keys required for each of your hostnames:mkdir -p /root/certificates/2023cd /root/certificates/2023openssl genrsa -out elentra.med.university.edu.key 2048openssl genrsa -out staging.med.university.edu.key 2048
- 21.Generate the SSL certificate signing requests (CSRs) for your certificate authority for each of your hostnames.openssl req -new -key elentra.med.university.edu.key -out elentra.med.university.edu.csropenssl req -new -key staging.med.university.edu.key -out staging.med.university.edu.csr
- You will be asked a number of questions, answer accordingly, but do not answer enter anything for "Email Address", "A challenge password", or "An optional company name:You are about to be asked to enter information that will be incorporatedinto your certificate request.What you are about to enter is what is called a Distinguished Name or a DN.There are quite a few fields but you can leave some blankFor some fields there will be a default value,If you enter '.', the field will be left blank.-----Country Name (2 letter code) [XX]:CAState or Province Name (full name) []:OntarioLocality Name (eg, city) [Default City]:KingstonOrganization Name (eg, company) [Default Company Ltd]:Queen's UniversityOrganizational Unit Name (eg, section) []:Health Sciences Education Technology UnitCommon Name (eg, your name or your server's hostname) []:elentra.med.university.eduEmail Address []:Please enter the following 'extra' attributesto be sent with your certificate requestA challenge password []:An optional company name []:
- 22.If you have a valid Certificate Authority certificate, you should create a .crt file foreach hostname and paste in the certificate text:vim /root/certificates/2023/elentra.med.university.edu.crtvim /root/certificates/2023/staging.med.university.edu.crt
- You will also likely have a certificate authority root chain certificate. Also paste this into a file called
ca-certificate.crt
- 23.If you are only creating self-signed certificates, you should do this for each hostname:openssl x509 -req -days 365 -in elentra.med.university.edu.csr -signkey elentra.med.university.edu.key -out elentra.med.university.edu.crtopenssl x509 -req -days 365 -in staging.med.university.edu.csr -signkey staging.med.university.edu.key -out staging.med.university.edu.crt
- 24.Install the certificates in the Apache virtual host directory:mkdir /var/www/vhosts/elentra.med.university.edu/cert/cp /root/certificates/2023/elentra.med.university.edu.crt /var/www/vhosts/elentra.med.university.edu/cert/cp /root/certificates/2023/elentra.med.university.edu.key /var/www/vhosts/elentra.med.university.edu/cert/mkdir /var/www/vhosts/staging.med.university.edu/cert/cp /root/certificates/2023/staging.med.university.edu.crt /var/www/vhosts/staging.med.university.edu/cert/cp /root/certificates/2023/staging.med.university.edu.key /var/www/vhosts/staging.med.university.edu/cert/
- 25.Create the Apache VirtualHosts by creating a file named
000-elentra.conf
and placing it/etc/httpd/conf.d/
.- For configurations where the web server is directly accessible from the internet, the file should contain the following:# This will limit what information Apache reveals about itself.ServerTokens ProdServerSignature OffTraceEnable OffSSLStaplingCache "shmcb:logs/stapling-cache(150000)"# Apache performance tuning options for more connections.#<IfModule mpm_prefork_module># MaxRequestWorkers 512# ServerLimit 512#</IfModule># Production<VirtualHost *:80>ServerName elentra.med.university.eduServerAdmin [email protected]RewriteEngine OnRewriteCond %{HTTPS} offRewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}</VirtualHost><VirtualHost *:443>ServerName elentra.med.university.edu:443ServerAdmin [email protected]SSLEngine onSSLProtocol -all +TLSv1.2SSLHonorCipherOrder onSSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDHSSLCertificateFile /var/www/vhosts/elentra.med.university.edu/cert/elentra.med.university.edu.crtSSLCertificateKeyFile /var/www/vhosts/elentra.med.university.edu/cert/elentra.med.university.edu.key#SSLCACertificateFile /var/www/vhosts/elentra.med.university.edu/cert/ca-certificate.crtSSLUseStapling onHeader always set Strict-Transport-Security "max-age=63072000; includeSubdomains;"Header always set X-Frame-Options SAMEORIGINDocumentRoot /var/www/vhosts/elentra.med.university.edu/current/www-root<Directory "/var/www/vhosts/elentra.med.university.edu/current/www-root">Options FollowSymLinksRequire all grantedAllowOverride all</Directory>ProxyPass "/app/" "ws://localhost:6000/app/"ProxyPassReverse "/app/" "ws://localhost:6000/app/"ProxyPass "/apps/" "http://localhost:6000/apps/"ProxyPassReverse "/apps/" "http://localhost:6000/apps/"</VirtualHost># Staging<VirtualHost *:80>ServerName staging.med.university.eduServerAdmin [email protected]RewriteEngine OnRewriteCond %{HTTPS} offRewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}</VirtualHost><VirtualHost *:443>ServerName staging.med.university.edu:443ServerAdmin [email protected]SSLEngine onSSLProtocol -all +TLSv1.2SSLHonorCipherOrder onSSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDHSSLCertificateFile /var/www/vhosts/staging.med.university.edu/cert/staging.med.university.edu.crtSSLCertificateKeyFile /var/www/vhosts/staging.med.university.edu/cert/staging.med.university.edu.key#SSLCACertificateFile /var/www/vhosts/staging.med.university.edu/cert/ca-certificate.crtSSLUseStapling onHeader always set Strict-Transport-Security "max-age=63072000; includeSubdomains;"Header always set X-Frame-Options SAMEORIGINDocumentRoot /var/www/vhosts/staging.med.university.edu/current/www-root<Directory "/var/www/vhosts/staging.med.university.edu/current/www-root">Options FollowSymLinksRequire all grantedAllowOverride all</Directory>ProxyPass "/app/" "ws://localhost:6000/app/"ProxyPassReverse "/app/" "ws://localhost:6000/app/"ProxyPass "/apps/" "http://localhost:6000/apps/"ProxyPassReverse "/apps/" "http://localhost:6000/apps/"</VirtualHost>
- For configurations where a load balancer sits in front of the web server and the load balancer communicates with the web server over http, the file should look like this:# This will limit what information Apache reveals about itself.ServerTokens ProdServerSignature OffTraceEnable OffSSLStaplingCache "shmcb:logs/stapling-cache(150000)"# Apache performance tuning options for more connections.#<IfModule mpm_prefork_module># MaxRequestWorkers 512# ServerLimit 512#</IfModule># Production<VirtualHost *:80>ServerName elentra.med.university.eduServerAdmin [email protected]DocumentRoot /var/www/vhosts/elentra.med.university.edu/current/www-root<Directory "/var/www/vhosts/elentra.med.university.edu/current/www-root">Options FollowSymLinksRequire all grantedAllowOverride all</Directory>ProxyPass "/app/" "ws://localhost:6000/app/"ProxyPassReverse "/app/" "ws://localhost:6000/app/"ProxyPass "/apps/" "http://localhost:6000/apps/"ProxyPassReverse "/apps/" "http://localhost:6000/apps/"</VirtualHost># Staging<VirtualHost *:80>ServerName staging.med.university.eduServerAdmin [email protected]DocumentRoot /var/www/vhosts/staging.med.university.edu/current/www-root<Directory "/var/www/vhosts/staging.med.university.edu/current/www-root">Options FollowSymLinksRequire all grantedAllowOverride all</Directory>ProxyPass "/app/" "ws://localhost:6000/app/"ProxyPassReverse "/app/" "ws://localhost:6000/app/"ProxyPass "/apps/" "http://localhost:6000/apps/"ProxyPassReverse "/apps/" "http://localhost:6000/apps/"</VirtualHost>
- 26.Do a deployment to the new server.
- 27.Point the
app.json
in the storage folder to the corresponding file in the codeln -s /var/www/vhosts/host.name.edu/current/www-root/core/storage/app/modules/app.json /var/www/vhosts/host.name.edu/storage/app/modules/app.json - 28.Create a new file in the
/etc/supervisord.d
directory calledelentra.ini
, and use the following template snippet as a reference to create your own file. Please make sure that you have the correct path incommand
andstdout_logfile
, and thatuser
is the correct system account that your existing cron jobs are run as.[program:elentra-queue-staging]process_name=%(program_name)s_%(process_num)02dcommand=php /var/www/vhosts/staging.elentra.med.university.edu/current/www-root/core/library/vendor/elentrapackages/elentra-1x-api/artisan queue:work --queue=high,emails,default,low --env=stagingautostart=trueautorestart=trueuser=stagingnumprocs=1redirect_stderr=truestdout_logfile=/var/www/vhosts/staging.elentra.med.university.edu/storage/logs/worker.log[program:elentra-queue-production]process_name=%(program_name)s_%(process_num)02dcommand=php /var/www/vhosts/elentra.med.university.edu/current/www-root/core/library/vendor/elentrapackages/elentra-1x-api/artisan queue:work --queue=high,emails,default,low --env=productionautostart=trueautorestart=trueuser=productionnumprocs=1redirect_stderr=truestdout_logfile=/var/www/vhosts/elentra.med.university.edu/storage/logs/worker.log[program:elentra-websocket-staging]process_name=%(program_name)s_%(process_num)02dcommand=php /var/www/vhosts/staging.elentra.med.university.edu/current/www-root/core/library/vendor/elentrapackages/elentra-1x-api/artisan websockets:serve --port=6000 --env=stagingautostart=trueautorestart=trueuser=stagingnumprocs=1redirect_stderr=truestdout_logfile=/var/www/vhosts/staging.elentra.med.university.edu/storage/logs/websocket.log[program:elentra-websocket-production]process_name=%(program_name)s_%(process_num)02dcommand=php /var/www/vhosts/elentra.med.university.edu/current/www-root/core/library/vendor/elentrapackages/elentra-1x-api/artisan websockets:serve --port=6000 --env=productionautostart=trueautorestart=trueuser=productionnumprocs=1redirect_stderr=truestdout_logfile=/var/www/vhosts/elentra.med.university.edu/storage/logs/websocket.log[group:elentra]programs=elentra-queue-staging,elentra-queue-production,elentra-websocket-staging,elentra-websocket-production - 29.Test your new Apache configuration, then restart Apache and Supervisor.apachectl configtestsystemctl restart httpdsystemctl restart supervisord
This documentation can be used as a reference to create both your Production Application Server and/or Staging Application Server on a Enterprise Linux 7 virtual machine.
- 1.SSH into server and
sudo
to root:sudo -s - 2.Change the SELINUX variable in
/etc/selinux/config
to permissive to prevent unforeseen and difficult to diagnose issues:SELINUX=permissive - 3.Add the following lines to
/etc/hosts
file:127.0.0.1 elentra.med.university.edu127.0.0.1 staging.med.university.edu - 4.Edit the hostname of the virtual machine in the
/etc/hostname
file:elentra.med.university.edu - 5.Install
screen
, update RHEL, and reboot:yum install screenscreenyum updatereboot - 6.SSH back into server, and install the Inline with Upstream Stable (IUS Community) package.sudo -sscreenyum -y install https://repo.ius.io/ius-release-el7.rpm \https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
- 7.Install Apache, OpenSSL, PHP, Git, HTMLDoc, mariadb (client), ClamAV, and NTP packages:yum -y install git \htmldoc \curl \wget \unzip \openssl \httpd \mod_ssl \mod_php74 \php74-cli \php74-gd \php74-devel \php74-pdo \php74-mysqlnd \php74-intl \php74-mbstring \php74-bcmath \php74-ldap \php74-imap \php74-soap \php74-xml \php74-xmlrpc \php74-tidy \php74-opcache \php74-json \php74-sodium \php74-pecl-redis \php74-pecl-zip \mariadb104 \clamav \ntp \supervisor
- 8.Install
wkhtmltopdf
from the binary package because the yum package provided by EPEL is broken:curl -SL https://github.com/wkhtmltopdf/wkhtmltopdf/releases/download/0.12.4/wkhtmltox-0.12.4_linux-generic-amd64.tar.xz | tar -xJC /root && cp /root/wkhtmltox/bin/* /usr/bin
- 9.Start Apache and Supervisor, and set to start on system startup:systemctl enable httpdsystemctl start httpdsystemctl enable supervisordsystemctl start supervisord
- 10.Create a new file called
/etc/php.d/elentra.ini
and add the following:date.timezone = America/Torontodisplay_errors = Offerror_reporting = E_ALL & ~E_NOTICE & ~E_DEPRECATED & ~E_STRICTexpose_php = Offmemory_limit = 512Mpost_max_size = 512Msession.cookie_secure = 1session.cookie_httponly = 1session.cookie_samesite = Strictupload_max_filesize = 512M - 11.Create an Elentra system user called
production
, which is used for production deployments:useradd -m productionpasswd production - 12.Create and permission the SSH
authorized_keys
file for theproduction
user.cd /home/productionmkdir /home/production/.sshtouch /home/production/.ssh/authorized_keyschown -R production:production /home/production/.sshchmod 700 /home/production/.sshchmod 600 /home/production/.ssh/authorized_keys - 13.Add all developers' SSH public keys (i.e.
cat ~/.ssh/id_rsa.pub
) that are allowed to deploy Elentra to your production environment to the newauthorized_keys
file.vim /home/production/.ssh/authorized_keys - 14.Create an Elentra system user called
staging
, which is used for staging deployments:useradd -m stagingpasswd staging - 15.Create and permission the SSH
authorized_keys
file for thestaging
user.cd /home/stagingmkdir /home/staging/.sshtouch /home/staging/.ssh/authorized_keyschown -R staging:staging /home/staging/.sshchmod 700 /home/staging/.sshchmod 600 /home/staging/.ssh/authorized_keys - 16.Add all developers' SSH public keys (i.e.
cat ~/.ssh/id_rsa.pub
) that are allowed to deploy Elentra to your staging environment to the newauthorized_keys
file.vim /home/staging/.ssh/authorized_keys - 17.Create and appropriately permission the Apache document root and Elentra storage directories for production.mkdir -p /var/www/vhosts/elentra.med.university.edu/storage/mkdir /var/www/vhosts/elentra.med.university.edu/storage/annualreportsmkdir /var/www/vhosts/elentra.med.university.edu/storage/appmkdir /var/www/vhosts/elentra.med.university.edu/storage/app/cbe-uploadsmkdir /var/www/vhosts/elentra.med.university.edu/storage/app/cbe-uploads/learner-self-assessment-filesmkdir /var/www/vhosts/elentra.med.university.edu/storage/app/publicmkdir /var/www/vhosts/elentra.med.university.edu/storage/cachemkdir /var/www/vhosts/elentra.med.university.edu/storage/cbme-uploadsmkdir /var/www/vhosts/elentra.med.university.edu/storage/cbme-uploads/advisor-filesmkdir /var/www/vhosts/elentra.med.university.edu/storage/community-discussionsmkdir /var/www/vhosts/elentra.med.university.edu/storage/community-galleriesmkdir /var/www/vhosts/elentra.med.university.edu/storage/community-sharesmkdir /var/www/vhosts/elentra.med.university.edu/storage/eportfoliomkdir /var/www/vhosts/elentra.med.university.edu/storage/event-filesmkdir /var/www/vhosts/elentra.med.university.edu/storage/exam-filesmkdir /var/www/vhosts/elentra.med.university.edu/storage/frameworkmkdir /var/www/vhosts/elentra.med.university.edu/storage/framework/cachemkdir /var/www/vhosts/elentra.med.university.edu/storage/framework/cache/datamkdir /var/www/vhosts/elentra.med.university.edu/storage/framework/sessionsmkdir /var/www/vhosts/elentra.med.university.edu/storage/framework/viewsmkdir /var/www/vhosts/elentra.med.university.edu/storage/logsmkdir /var/www/vhosts/elentra.med.university.edu/storage/lormkdir /var/www/vhosts/elentra.med.university.edu/storage/msprsmkdir /var/www/vhosts/elentra.med.university.edu/storage/resource-imagesmkdir /var/www/vhosts/elentra.med.university.edu/storage/secure-accessmkdir /var/www/vhosts/elentra.med.university.edu/storage/syllabimkdir /var/www/vhosts/elentra.med.university.edu/storage/user-photoschown -R production:production /var/www/vhosts/elentra.med.university.educhmod -R 777 /var/www/vhosts/elentra.med.university.edu/storage/*
- 18.Create and appropriately permission the Apache document root and Elentra storage directories for staging.mkdir -p /var/www/vhosts/staging.med.university.edu/storage/mkdir /var/www/vhosts/staging.med.university.edu/storage/annualreportsmkdir /var/www/vhosts/staging.med.university.edu/storage/appmkdir /var/www/vhosts/staging.med.university.edu/storage/app/cbe-uploadsmkdir /var/www/vhosts/staging.med.university.edu/storage/app/cbe-uploads/learner-self-assessment-filesmkdir /var/www/vhosts/staging.med.university.edu/storage/app/publicmkdir /var/www/vhosts/staging.med.university.edu/storage/cachemkdir /var/www/vhosts/staging.med.university.edu/storage/cbme-uploadsmkdir /var/www/vhosts/staging.med.university.edu/storage/cbme-uploads/advisor-filesmkdir /var/www/vhosts/staging.med.university.edu/storage/community-discussionsmkdir /var/www/vhosts/staging.med.university.edu/storage/community-galleriesmkdir /var/www/vhosts/staging.med.university.edu/storage/community-sharesmkdir /var/www/vhosts/staging.med.university.edu/storage/eportfoliomkdir /var/www/vhosts/staging.med.university.edu/storage/event-filesmkdir /var/www/vhosts/staging.med.university.edu/storage/exam-filesmkdir /var/www/vhosts/staging.med.university.edu/storage/frameworkmkdir /var/www/vhosts/staging.med.university.edu/storage/framework/cachemkdir /var/www/vhosts/staging.med.university.edu/storage/framework/cache/datamkdir /var/www/vhosts/staging.med.university.edu/storage/framework/sessionsmkdir /var/www/vhosts/staging.med.university.edu/storage/framework/viewsmkdir /var/www/vhosts/staging.med.university.edu/storage/logsmkdir /var/www/vhosts/staging.med.university.edu/storage/lormkdir /var/www/vhosts/staging.med.university.edu/storage/msprsmkdir /var/www/vhosts/staging.med.university.edu/storage/resource-imagesmkdir /var/www/vhosts/staging.med.university.edu/storage/secure-accessmkdir /var/www/vhosts/staging.med.university.edu/storage/syllabimkdir /var/www/vhosts/staging.med.university.edu/storage/user-photoschown -R staging:staging /var/www/vhosts/staging.med.university.educhmod -R 777 /var/www/vhosts/staging.med.university.edu/storage/*
- 19.Point the app.json in the storage folder to the corresponding file in the codeln -s /var/www/vhosts/host.name.edu/current/www-root/core/storage/app/modules/app.json /var/www/vhosts/host.name.edu/storage/app/modules/app.json
- 20.Generate the SSL private keys required for each of your hostnames:mkdir -p /root/certificates/2023cd /root/certificates/2023openssl genrsa -out elentra.med.university.edu.key 2048openssl genrsa -out staging.med.university.edu.key 2048
- 21.Generate the SSL certificate signing requests (CSRs) for your certificate authority for each of your hostnames:openssl req -new -key elentra.med.university.edu.key -out elentra.med.university.edu.csropenssl req -new -key staging.med.university.edu.key -out staging.med.university.edu.csrYou will be asked a number of questions, answer accordingly, but do not answer enter anything for "Email Address", "A challenge password", or "An optional company name":You are about to be asked to enter information that will be incorporatedinto your certificate request.What you are about to enter is what is called a Distinguished Name or a DN.There are quite a few fields but you can leave some blankFor some fields there will be a default value,If you enter '.', the field will be left blank.-----Country Name (2 letter code) [XX]:CAState or Province Name (full name) []:OntarioLocality Name (eg, city) [Default City]:KingstonOrganization Name (eg, company) [Default Company Ltd]:Queen's UniversityOrganizational Unit Name (eg, section) []:Health Sciences Education Technology UnitCommon Name (eg, your name or your server's hostname) []:elentra.med.university.eduEmail Address []:Please enter the following 'extra' attributesto be sent with your certificate requestA challenge password []:An optional company name []:
- 22.If you have a valid Certificate Authority certificate, you should create a .crt file foreach hostname and paste in the certificate text:vim /root/certificates/2023/elentra.med.university.edu.crtvim /root/certificates/2023/staging.med.university.edu.crtYou will also likely have a certificate authority root chain certificate. Also paste this into a file called
ca-certificate.crt
.\ - 23.If you are only creating self-signed certificates, you should do this for each hostname:openssl x509 -req -days 365 -in elentra.med.university.edu.csr -signkey elentra.med.university.edu.key -out elentra.med.university.edu.crtopenssl x509 -req -days 365 -in staging.med.university.edu.csr -signkey staging.med.university.edu.key -out staging.med.university.edu.crt
- 24.Install the certificates in the Apache virtual host directory:mkdir /var/www/vhosts/elentra.med.university.edu/cert/cp /root/certificates/2023/elentra.med.university.edu.crt /var/www/vhosts/elentra.med.university.edu/cert/cp /root/certificates/2023/elentra.med.university.edu.key /var/www/vhosts/elentra.med.university.edu/cert/mkdir /var/www/vhosts/staging.med.university.edu/cert/cp /root/certificates/2023/staging.med.university.edu.crt /var/www/vhosts/staging.med.university.edu/cert/cp /root/certificates/2023/staging.med.university.edu.key /var/www/vhosts/staging.med.university.edu/cert/
- 25.Create the Apache VirtualHosts by creating a file named
000-elentra.conf
and placing it/etc/httpd/conf.d/
. This file should contain the following:# This will limit what information Apache reveals about itself.ServerTokens ProdServerSignature OffTraceEnable OffSSLStaplingCache "shmcb:logs/stapling-cache(150000)"# Apache performance tuning options for more connections.#<IfModule mpm_prefork_module># MaxRequestWorkers 512# ServerLimit 512#</IfModule># Production<VirtualHost *:80>ServerName elentra.med.university.eduServerAdmin [email protected]RewriteEngine OnRewriteCond %{HTTPS} offRewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}</VirtualHost><VirtualHost *:443>ServerName elentra.med.university.edu:443ServerAdmin [email protected]SSLEngine onSSLProtocol -all +TLSv1.2SSLHonorCipherOrder onSSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDHSSLCertificateFile /var/www/vhosts/elentra.med.university.edu/cert/elentra.med.university.edu.crtSSLCertificateKeyFile /var/www/vhosts/elentra.med.university.edu/cert/elentra.med.university.edu.key#SSLCACertificateFile /var/www/vhosts/elentra.med.university.edu/cert/ca-certificate.crtSSLUseStapling onHeader always set Strict-Transport-Security "max-age=63072000; includeSubdomains;"Header always set X-Frame-Options SAMEORIGINDocumentRoot /var/www/vhosts/elentra.med.university.edu/current/www-root<Directory "/var/www/vhosts/elentra.med.university.edu/current/www-root">Options FollowSymLinksRequire all grantedAllowOverride all</Directory></VirtualHost># Staging<VirtualHost *:80>ServerName staging.med.university.eduServerAdmin [email protected]RewriteEngine OnRewriteCond %{HTTPS} offRewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}</VirtualHost><VirtualHost *:443>ServerName staging.med.university.edu:443ServerAdmin [email protected]SSLEngine onSSLProtocol -all +TLSv1.2SSLHonorCipherOrder onSSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDHSSLCertificateFile /var/www/vhosts/staging.med.university.edu/cert/staging.med.university.edu.crtSSLCertificateKeyFile /var/www/vhosts/staging.med.university.edu/cert/staging.med.university.edu.key#SSLCACertificateFile /var/www/vhosts/staging.med.university.edu/cert/ca-certificate.crtSSLUseStapling onHeader always set Strict-Transport-Security "max-age=63072000; includeSubdomains;"Header always set X-Frame-Options SAMEORIGINDocumentRoot /var/www/vhosts/staging.med.university.edu/current/www-root<Directory "/var/www/vhosts/staging.med.university.edu/current/www-root">Options FollowSymLinksRequire all grantedAllowOverride all</Directory></VirtualHost> - 26.Create a new file in the
/etc/supervisord.d
directory calledelentra.ini
, and use the following template snippet as a reference to create your own file.\Please make sure that you have the correct path incommand
andstdout_logfile
, and thatuser
is the correct system account that your existing cron jobs are run as.[program:staging]process_name=%(program_name)s_%(process_num)02dcommand=php /var/www/vhosts/staging.elentra.med.university.edu/current/www-root/core/library/vendor/elentrapackages/elentra-1x-api/artisan queue:work --queue=high,emails,default,low --env=stagingautostart=trueautorestart=trueuser=stagingnumprocs=1redirect_stderr=truestdout_logfile=/var/www/vhosts/staging.elentra.med.university.edu/storage/logs/worker.log[program:production]process_name=%(program_name)s_%(process_num)02dcommand=php /var/www/vhosts/elentra.med.university.edu/current/www-root/core/library/vendor/elentrapackages/elentra-1x-api/artisan queue:work --queue=high,emails,default,low --env=productionautostart=trueautorestart=trueuser=productionnumprocs=1redirect_stderr=truestdout_logfile=/var/www/vhosts/elentra.med.university.edu/storage/logs/worker.log[group:elentra]programs=staging,production - 27.Test your new Apache configuration, then restart Apache and Supervisor.apachectl configtestsystemctl restart httpdsystemctl restart supervisord
This documentation can be used as a reference to create both your Production Application Server and/or Staging Application Server on a Ubuntu 22.04 virtual machine.
- 1.SSH into server and
sudo
to root:sudo -s - 2.Add the following lines to
/etc/hosts
file:127.0.0.1 elentra.med.university.edu127.0.0.1 staging.med.university.edu - 3.Edit the hostname of the virtual machine in the
/etc/hostname
file:elentra.med.university.edu - 4.Install
screen
, update RHEL, and reboot:apt install screenscreenapt updateapt upgradereboot - 5.SSH back into server, and install the Ondrej PHP repository.
- 6.Install Apache, OpenSSL, Git, HTMLDoc, mariadb (client), ClamAV, and NTP packages:apt install -y git \htmldoc \curl \wget \unzip \openssl \apache2 \mariadb-client \clamav \ntp \supervisor
- 7.Install either PHP 8.0 or 7.4:\PHP 8.0 (Elentra 1.24+)apt install -y libapache2-mod-php8.0 \php8.0-cli \php8.0-gd \php8.0-dev \php8.0-mysql \php8.0-curl \php8.0-intl \php8.0-mbstring \php8.0-bcmath \php8.0-ldap \php8.0-imap \php8.0-redis \php8.0-soap \php8.0-xml \php8.0-xmlrpc \php8.0-tidy \php8.0-opcache \php8.0-zipPHP 7.4apt install -y libapache2-mod-php7.4 \php7.4-cli \php7.4-gd \php7.4-dev \php7.4-mysql \php7.4-curl \php7.4-intl \php7.4-mbstring \php7.4-bcmath \php7.4-ldap \php7.4-imap \php7.4-redis \php7.4-soap \php7.4-xml \php7.4-xmlrpc \php7.4-tidy \php7.4-opcache \php7.4-json \php7.4-zip
- 8.Install
wkhtmltopdf
from the binary package, as the apt package installs way too many dependencies:curl -SL https://github.com/wkhtmltopdf/wkhtmltopdf/releases/download/0.12.4/wkhtmltox-0.12.4_linux-generic-amd64.tar.xz | tar -xJC /root && cp /root/wkhtmltox/bin/* /usr/bin
- 9.Start Apache and Supervisor, and set to start on system startup:a2enmod ssl rewrite headers proxy proxy_http proxy_balancer expiressystemctl enable apache2systemctl start apache2systemctl enable supervisorsystemctl start supervisor
- 10.Create a new file called
/etc/php/8.0/mods-available/elentra.ini
and add the following:date.timezone = America/Torontodisplay_errors = Offerror_reporting = E_ALL & ~E_NOTICE & ~E_DEPRECATED & ~E_STRICTexpose_php = Offmemory_limit = 512Mpost_max_size = 512Msession.cookie_secure = 1session.cookie_httponly = 1session.cookie_samesite = Strictupload_max_filesize = 512M - 11.Enable this new module by typing:phpenmod elentra
- 12.Create an Elentra system user called
production
, which is used for production deployments:useradd -m productionpasswd production - 13.Create and permission the SSH
authorized_keys
file for theproduction
user.cd /home/productionmkdir /home/production/.sshtouch /home/production/.ssh/authorized_keyschown -R production:production /home/production/.sshchmod 700 /home/production/.sshchmod 600 /home/production/.ssh/authorized_keys - 14.Add all developers' SSH public keys (i.e.
cat ~/.ssh/id_rsa.pub
) that are allowed to deploy Elentra to your production environment to the newauthorized_keys
file.vim /home/production/.ssh/authorized_keys - 15.Create an Elentra system user called
staging
, which is used for staging deployments:useradd -m stagingpasswd staging - 16.Create and permission the SSH
authorized_keys
file for thestaging
user.cd /home/stagingmkdir /home/staging/.sshtouch /home/staging/.ssh/authorized_keyschown -R staging:staging /home/staging/.sshchmod 700 /home/staging/.sshchmod 600 /home/staging/.ssh/authorized_keys - 17.Add all developers' SSH public keys (i.e.
cat ~/.ssh/id_rsa.pub
) that are allowed to deploy Elentra to your staging environment to the newauthorized_keys
file.vim /home/staging/.ssh/authorized_keys - 18.Create and appropriately permission the Apache document root and Elentra storage directories for production.mkdir -p /var/www/vhosts/elentra.med.university.edu/storage/mkdir /var/www/vhosts/elentra.med.university.edu/storage/annualreportsmkdir /var/www/vhosts/elentra.med.university.edu/storage/appmkdir /var/www/vhosts/elentra.med.university.edu/storage/app/publicmkdir /var/www/vhosts/elentra.med.university.edu/storage/cachemkdir /var/www/vhosts/elentra.med.university.edu/storage/cbme-uploadsmkdir /var/www/vhosts/elentra.med.university.edu/storage/cbme-uploads/advisor-filesmkdir /var/www/vhosts/elentra.med.university.edu/storage/community-discussionsmkdir /var/www/vhosts/elentra.med.university.edu/storage/community-galleriesmkdir /var/www/vhosts/elentra.med.university.edu/storage/community-sharesmkdir /var/www/vhosts/elentra.med.university.edu/storage/eportfoliomkdir /var/www/vhosts/elentra.med.university.edu/storage/event-filesmkdir /var/www/vhosts/elentra.med.university.edu/storage/exam-filesmkdir /var/www/vhosts/elentra.med.university.edu/storage/frameworkmkdir /var/www/vhosts/elentra.med.university.edu/storage/framework/cachemkdir /var/www/vhosts/elentra.med.university.edu/storage/framework/cache/datamkdir /var/www/vhosts/elentra.med.university.edu/storage/framework/sessionsmkdir /var/www/vhosts/elentra.med.university.edu/storage/framework/viewsmkdir /var/www/vhosts/elentra.med.university.edu/storage/logsmkdir /var/www/vhosts/elentra.med.university.edu/storage/lormkdir /var/www/vhosts/elentra.med.university.edu/storage/msprsmkdir /var/www/vhosts/elentra.med.university.edu/storage/resource-imagesmkdir /var/www/vhosts/elentra.med.university.edu/storage/secure-accessmkdir /var/www/vhosts/elentra.med.university.edu/storage/syllabimkdir /var/www/vhosts/elentra.med.university.edu/storage/user-photoschown -R production:production /var/www/vhosts/elentra.med.university.educhmod -R 777 /var/www/vhosts/elentra.med.university.edu/storage/*
- 19.Create and appropriately permission the Apache document root and Elentra storage directories for staging.mkdir -p /var/www/vhosts/staging.med.university.edu/storage/mkdir /var/www/vhosts/staging.med.university.edu/storage/annualreportsmkdir /var/www/vhosts/staging.med.university.edu/storage/appmkdir /var/www/vhosts/staging.med.university.edu/storage/app/publicmkdir /var/www/vhosts/staging.med.university.edu/storage/cachemkdir /var/www/vhosts/staging.med.university.edu/storage/cbme-uploadsmkdir /var/www/vhosts/staging.med.university.edu/storage/cbme-uploads/advisor-filesmkdir /var/www/vhosts/staging.med.university.edu/storage/community-discussionsmkdir /var/www/vhosts/staging.med.university.edu/storage/community-galleriesmkdir /var/www/vhosts/staging.med.university.edu/storage/community-sharesmkdir /var/www/vhosts/staging.med.university.edu/storage/eportfoliomkdir /var/www/vhosts/staging.med.university.edu/storage/event-filesmkdir /var/www/vhosts/staging.med.university.edu/storage/exam-filesmkdir /var/www/vhosts/staging.med.university.edu/storage/frameworkmkdir /var/www/vhosts/staging.med.university.edu/storage/framework/cachemkdir /var/www/vhosts/staging.med.university.edu/storage/framework/cache/datamkdir /var/www/vhosts/staging.med.university.edu/storage/framework/sessionsmkdir /var/www/vhosts/staging.med.university.edu/storage/framework/viewsmkdir /var/www/vhosts/staging.med.university.edu/storage/logsmkdir /var/www/vhosts/staging.med.university.edu/storage/lormkdir /var/www/vhosts/staging.med.university.edu/storage/msprsmkdir /var/www/vhosts/staging.med.university.edu/storage/resource-imagesmkdir /var/www/vhosts/staging.med.university.edu/storage/secure-accessmkdir /var/www/vhosts/staging.med.university.edu/storage/syllabimkdir /var/www/vhosts/staging.med.university.edu/storage/user-photoschown -R staging:staging /var/www/vhosts/staging.med.university.educhmod -R 777 /var/www/vhosts/staging.med.university.edu/storage/*
- 20.Generate the SSL private keys required for each of your hostnames:mkdir -p /root/certificates/2023cd /root/certificates/2023openssl genrsa -out elentra.med.university.edu.key 2048openssl genrsa -out staging.med.university.edu.key 2048
- 21.Generate the SSL certificate signing requests (CSRs) for your certificate authority for each of your hostnames:openssl req -new -key elentra.med.university.edu.key -out elentra.med.university.edu.csropenssl req -new -key staging.med.university.edu.key -out staging.med.university.edu.csrYou will be asked a number of questions, answer accordingly, but do not answer enter anything for "Email Address", "A challenge password", or "An optional company name":You are about to be asked to enter information that will be incorporatedinto your certificate request.What you are about to enter is what is called a Distinguished Name or a DN.There are quite a few fields but you can leave some blankFor some fields there will be a default value,If you enter '.', the field will be left blank.-----Country Name (2 letter code) [XX]:CAState or Province Name (full name) []:OntarioLocality Name (eg, city) [Default City]:KingstonOrganization Name (eg, company) [Default Company Ltd]:Queen's UniversityOrganizational Unit Name (eg, section) []:Health Sciences Education Technology UnitCommon Name (eg, your name or your server's hostname) []:elentra.med.university.eduEmail Address []:Please enter the following 'extra' attributesto be sent with your certificate requestA challenge password []:An optional company name []:
- 22.If you have a valid Certificate Authority certificate, you should create a .crt file foreach hostname and paste in the certificate text:vim /root/certificates/2023/elentra.med.university.edu.crtvim /root/certificates/2023/staging.med.university.edu.crtYou will also likely have a certificate authority root chain certificate. Also paste this into a file called
ca-certificate.crt
.\ - 23.If you are only creating self-signed certificates, you should do this for each hostname:openssl x509 -req -days 365 -in elentra.med.university.edu.csr -signkey elentra.med.university.edu.key -out elentra.med.university.edu.crtopenssl x509 -req -days 365 -in staging.med.university.edu.csr -signkey staging.med.university.edu.key -out staging.med.university.edu.crt
- 24.Install the certificates in the Apache virtual host directory:mkdir /var/www/vhosts/elentra.med.university.edu/cert/cp /root/certificates/2023/elentra.med.university.edu.crt /var/www/vhosts/elentra.med.university.edu/cert/cp /root/certificates/2023/elentra.med.university.edu.key /var/www/vhosts/elentra.med.university.edu/cert/mkdir /var/www/vhosts/staging.med.university.edu/cert/cp /root/certificates/2023/staging.med.university.edu.crt /var/www/vhosts/staging.med.university.edu/cert/cp /root/certificates/2023/staging.med.university.edu.key /var/www/vhosts/staging.med.university.edu/cert/
- 25.Create the Apache VirtualHosts by creating a file named
000-elentra.conf
and placing it/etc/apache2/sites-available/
. This file should contain the following:# This will limit what information Apache reveals about itself.ServerTokens ProdServerSignature OffTraceEnable OffSSLStaplingCache "shmcb:logs/stapling-cache(150000)"# Apache performance tuning options for more connections.#<IfModule mpm_prefork_module># MaxRequestWorkers 512# ServerLimit 512#</IfModule># Production<VirtualHost *:80>ServerName elentra.med.university.eduServerAdmin [email protected]RewriteEngine OnRewriteCond %{HTTPS} offRewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}</VirtualHost><VirtualHost *:443>ServerName elentra.med.university.edu:443ServerAdmin [email protected]SSLEngine onSSLProtocol -all +TLSv1.2SSLHonorCipherOrder onSSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDHSSLCertificateFile /var/www/vhosts/elentra.med.university.edu/cert/elentra.med.university.edu.crtSSLCertificateKeyFile /var/www/vhosts/elentra.med.university.edu/cert/elentra.med.university.edu.key#SSLCACertificateFile /var/www/vhosts/elentra.med.university.edu/cert/ca-certificate.crtSSLUseStapling onHeader always set Strict-Transport-Security "max-age=63072000; includeSubdomains;"Header always set X-Frame-Options SAMEORIGINDocumentRoot /var/www/vhosts/elentra.med.university.edu/current/www-root<Directory "/var/www/vhosts/elentra.med.university.edu/current/www-root">Options FollowSymLinksRequire all grantedAllowOverride all</Directory></VirtualHost># Staging<VirtualHost *:80>ServerName staging.med.university.eduServerAdmin [email protected]RewriteEngine OnRewriteCond %{HTTPS} offRewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}</VirtualHost><VirtualHost *:443>ServerName staging.med.university.edu:443ServerAdmin [email protected]SSLEngine onSSLProtocol -all +TLSv1.2SSLHonorCipherOrder onSSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDHSSLCertificateFile /var/www/vhosts/staging.med.university.edu/cert/staging.med.university.edu.crtSSLCertificateKeyFile /var/www/vhosts/staging.med.university.edu/cert/staging.med.university.edu.key#SSLCACertificateFile /var/www/vhosts/staging.med.university.edu/cert/ca-certificate.crtSSLUseStapling onHeader always set Strict-Transport-Security "max-age=63072000; includeSubdomains;"Header always set X-Frame-Options SAMEORIGINDocumentRoot /var/www/vhosts/staging.med.university.edu/current/www-root<Directory "/var/www/vhosts/staging.med.university.edu/current/www-root">Options FollowSymLinksRequire all grantedAllowOverride all</Directory></VirtualHost> - 26.Enable this new site by typing:a2ensite 000-elentrasystemctl reload apache2
- 27.Create a new file in the
/etc/supervisor/conf.d
directory calledelentra.conf
, and use the following template snippet as a reference to create your own file.\Please make sure that you have the correct path incommand
andstdout_logfile
, and thatuser
is the correct system account that your existing cron jobs are run as.[program:staging]process_name=%(program_name)s_%(process_num)02dcommand=php /var/www/vhosts/staging.elentra.med.university.edu/current/www-root/core/library/vendor/elentrapackages/elentra-1x-api/artisan queue:work --queue=high,emails,default,low --env=stagingautostart=trueautorestart=trueuser=stagingnumprocs=1redirect_stderr=truestdout_logfile=/var/www/vhosts/staging.elentra.med.university.edu/storage/logs/worker.log[program:production]process_name=%(program_name)s_%(process_num)02dcommand=php /var/www/vhosts/elentra.med.university.edu/current/www-root/core/library/vendor/elentrapackages/elentra-1x-api/artisan queue:work --queue=high,emails,default,low --env=productionautostart=trueautorestart=trueuser=productionnumprocs=1redirect_stderr=truestdout_logfile=/var/www/vhosts/elentra.med.university.edu/storage/logs/worker.log[group:elentra]programs=staging,production