Installing Lessons Learned on an AWS EC2 Instance (Amazon AMI Linux 2)

After gaining SSH access to your Amazon virtual machine, perform the following:

# Change to root user
 sudo su -

# Update your machine for any important patches
 yum update -y

# Install required packages
 amazon-linux-extras install nginx1.12
 amazon-linux-extras install php7.2
 yum install -y php-xml
 yum install -y mariadb-server mariadb

# Enable NGINX, PHP-FPM and MySQL (MariaDB) on startup:
 systemctl enable nginx
 systemctl enable php-fpm
 systemctl enable mariadb

# Start the services
 systemctl start nginx
 systemctl start php-fpm
 systemctl start mariadb

# Secure installation of mysql and specify (and remember!) the password you supply for mysql's root user:
 Run the following command:

mysql_secure_installation

Output:

mysql_secure_installation
 ...

Set root password? [Y/n] Y
 New password: *****
 Re-enter new password: *****
 ...
 Remove anonymous users? [Y/n] Y
 ...
 Disallow root login remotely? [Y/n] Y
 ... Success!
 ...
 Remove test database and access to it? [Y/n] Y
 ...
 Reload privilege tables now? [Y/n] Y
 ...

# Modify php-fpm to run under nginx user vi /etc/php-fpm.d/www.conf 
# Search for the lines: 
user = apache --- MODIFY TO ---> user = nginx 
group = apache --- MODIFY TO ---> user = nginx

# Restart php-fpm systemctl restart php-fpm 
# Get the public IP address by running this command curl http://169.254.169.254/latest/meta-data/public-ipv4 
# Add a DNS record to map your domain to this command (by contacting your administrator) 
eg. In this example, I'll map demo.lessonslearned.io to the public ip address which is 3.16.169.47 
demo.lessonslearned.io --> 3.16.169.47 
# In some cases, wait for about 5 minutes for the DNS to propagate this entry. 
# You can verify by running "ping your domain" or "dig command" 

ping yourdomain.com 

OR 

dig +short demo.lessonslearned.io

# Issue an SSL certificate using Let's Encrypt for your server
 amazon-linux-extras install epel -y
 yum install certbot-nginx -y

# Create a file named /etc/nginx/conf.d/lessonslearned.conf and paste the following into it (Make sure to replace demo.lessonslearned.io with your domain name):

server {
    listen 80;
    listen [::]:80;
    server_name demo.lessonslearned.io;

    return 301 https://$host$request_uri;
}

# Settings for a TLS enabled server.
server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;

    server_name demo.lessonslearned.io;

    root /usr/share/nginx/lessonslearned;

    # Load configuration files for the default server block.
    include /etc/nginx/default.d/*.conf;

    ssl_session_cache shared:SSL:1m;
    ssl_session_timeout 10m;
    ssl_ciphers HIGH:!aNULL:!MD5;
    ssl_prefer_server_ciphers on;
}

# Run the following command to validate the configuration is valid
nginx -t

Expected output on all valid:
 nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
 nginx: configuration file /etc/nginx/nginx.conf test is successful

# Restart nginx
 systemctl restart nginx

# Generate SSL cert
 certbot --nginx -d demo.lessonslearned.io

Output:
 ...
 Enter email address (used for urgent renewal and security notices) (Enter 'c' to
 cancel): your@email.com
 ...
 Please read the Terms of Service at
 https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must
 agree in order to register with the ACME server at
 https://acme-v02.api.letsencrypt.org/directory
 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
 (A)gree/(C)ancel: A
 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
 Would you be willing to share your email address with the Electronic Frontier
 Foundation, a founding partner of the Let's Encrypt project and the non-profit
 organization that develops Certbot? We'd like to send you email about our work
 encrypting the web, EFF news, campaigns, and ways to support digital freedom.
 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
 (Y)es/(N)o: N
 Obtaining a new certificate
 Performing the following challenges:
 http-01 challenge for demo.lessonslearned.io
 Waiting for verification...
 Cleaning up challenges
 Deploying Certificate to VirtualHost /etc/nginx/conf.d/lessonslearned.conf
 Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access.
 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
 1: No redirect - Make no further changes to the webserver configuration.
 2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for
 new sites, or if you're confident your site works on HTTPS. You can undo this
 change by editing your web server's configuration.
 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
 Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 1
 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
 Congratulations! You have successfully enabled https://demo.lessonslearned.io
 ...

# Schedule the SSL Let'sEncrypt certificate renewal script
 crontab -e

# This opens up the vi editor, now do the following:
 1. Copy the following line:
 15 3 * * * /usr/bin/certbot renew --quiet

2. In the editor, click the "a" button
 3. Click the right click button to paste
 4. Type the following to save and exit ':wq' (without single quotes).

# Now download and install lessons learned server
 cd /usr/share/nginx
 wget https://www.lessonslearnedserver.com/downloadfile.php?name=lessonslearned_linux64_v3_0_3.tar.gz -O lessonslearned.tar.gz
 tar -zxvf lessonslearned.tar.gz
 chown -R nginx:nginx lessonslearned
 chmod 755 lessonslearned/private/conf
 # Now access your site at https://demo.lessonslearned.io
 # Go through the wizard installation steps, once done run the following command to guarantee LessonsLearnedServer always uses full encryption
 mysql -u root -p lessons_learned_demo -e 'update setting SET value="full" where NAME="web.use_https";'

# (Issue in PHP 7.2) Edit the following line to suppress DEPRECATED errors in PHP 7.2:
 vim lessonslearned/llssrc/lls_comm_inc.php
 Type ':64' to go to line 64.
 Move the cursor at the last 'L' character in the word 'E_ALL'
 Type 'a' then type ' & ~E_DEPRECATED'
 Press 'Esc' then type ':wq' to save and quit.

You are now ready to go.

 

 

 

 

Read More

Lessons Learned Server Version 3.0.1 Released

The following summary describes the changes that took place:

[Fixed] Fixed an issue when handling the write.lock file for the search indexes upon upgrades.
[Feature] Restoring and Deleting previous revisions of an article has been implemented.
[Feature] Moving articles to a different space is now supported
[Enhancement] Several permissions have been added to the Roles.
[Installer] Shows an error if the Curl module is not installed for PHP
[Installer] MySQL strict mode for default values is now handled correctly when creating the database.

 

Read More

Lessons Learned Server Version 2.9.8 Released

This release handled several bug fixes.The two most important are:

  • The ability for the background service to shutdown gracefully through upgrades. Previously, there were cases where the background service wasn’t closing resources correctly upon shutdowns and restarts.
  • The other major issue is a bug when running in trial mode that denies the user to create more than one free user. The issue only takes place on Linux servers.

 

Read More

Lessons Learned Server Version 2.9.7 Released

The major feature implemented in this release is the Page Version History feature. This allows a user (with privileges) to track changes made to a page by viewing the changes made by each user. All changes from all users are now tracked on a page.

In addition, many bug fixes and optimizations have taken place in this release.

You can download the latest release from:

http://www.lessonslearnedserver.com/download

Read More

Lessons Learned Server Version 2.9.3 Released

A new version of Lessons Learned Server has been released – Version 2.9.3.

The following changes took place:

– Code formatting and color highlighting for code written in C, C++, C#, Java, PHP, Bash, Python and Ruby is now supported using the prism library

– Fixed a bug when formatting content containing open and close tags

– Rewrote the permissions module to support advanced permissions

– Fixed handling unicode characters inside the tree items using correct encoding.

– Different optimizations and fixes for the editor.

You can download the latest release from:

http://www.lessonslearnedserver.com/download

Read More

Lessons Learned Server Version 2.9.1 Released

A new version of Lessons Learned Server has been released – Version 2.9.1.

The following changes took place:

– [Bug Fix] Problem with php mailer not included correctly
– [Bug Fix] Copying and pasting an image into the editor was failing and once saved, the image does not appear.
– [Bug Fix] When a document gets uploaded that has no file extension, it shows a notice error “Undefined index”

You can download the latest release from:

http://www.lessonslearnedserver.com/download

Read More

Lessons Learned Server Version 2.9.0 Released

A new version of Lessons Learned Server has been released – Version 2.8.7.

The following changes took place:

1. PHP 7 is now fully supported, all deprecated issues were resolved successfully.

2. Allowed videos from youtube to be embedded by allowing iframe tags in content.

3. File name sanitization now takes place for uploaded files to protect from any security concerns.

4. Used a strike through style for deleted spaces.

5. Added Database Diagnostics to check if a database is accessible or not.

6. Installer Look & Feel changed.

7. [Feature] Document File Versioning is now implemented.

8. [Feature] Added UTF-8 support and validation.

9. [Feature] Upgraded to Lucene version 5.4.0

10. Enabled https for several pages (admin-directories.php and email settings)

11. Added the option to sort content by Date modified or Date created in the search page.

12. Many Bug Fixes, Optimizations and Improvements.

13. Secure parsing of posted content.

You can download the latest release from:

http://www.lessonslearnedserver.com/download

Read More

Lessons Learned Server Version 2.8.11 Released

A new version of Lessons Learned Server has been released – Version 2.8.7.

The following changes took place:

1. Fixed a problem with database passwords containing special characters.

2. Fixed a problem with htmlspecialchars not working properly with PHP version 5.3.0 since ENT1_XML constant is undefined in PHP v5.3.0

You can download the latest release from:

http://www.lessonslearnedserver.com/download

Read More

Lessons Learned Server Version 2.8.10 Released

A new version of Lessons Learned Server has been released – Version 2.8.10.

The following changes took place:

– The JRE has been updated to release Java 7 u79. The update is important to handle a rare incidence where a segmentation fault takes place within Lucene’s indexing process.

– Fix several WYSIWYG Editor bugs and provided optimizations for Internet Explorer browsers.

– If https is enabled the login page now gets redirected to https once requested through a browser. The old behavior was https transmission once the form was posted. Now both loading and posting of the page apply https encryption.

– Removed persistent connections to the database and used on-demand connections instead.

 

You can download the latest release from:

http://www.lessonslearnedserver.com/download

Read More