Legacy
...
Passwork 4
CentOS

CentOS 7

29min

How to install Passwork on CentOS 7

1. Get root privileges and reload local packages database

Shell


Change server hostname to "passwork"

Shell


2. Install Git and Apache2, add firewall rules

Shell


3. Install MongoDB

Configure the package management system (yum).

Create a /etc/yum.repos.d/mongodb-org-4.2.repo file so that you can install MongoDB directly, using yum.

Shell


Make it look like this:

Shell


To install the latest stable version of MongoDB, issue the following command:

Shell


Set SELinux to disabled mode in /etc/selinux/config by setting the SELINUX setting to disabled

Shell


Set:

Shell


You must reboot the system for the changes to take effect

Start MongoDB Service:

Shell


Enable mongod service start on the system boot:

Shell


4. Install PHP7

Install the Remi repository configuration package

Shell


Install PHP and additional extensions

Shell


5. Install PHP Mongo driver

Shell


6. Install Phalcon PHP framework

Shell


7. Download and install Passwork

Clone the repository using your login and password

Shell


💡 The system will ask for a login and password to the repository, which you can find in your Customer Portal. If you don't have access to the Customer Portal, contact us.

Set up permissions for the files.

Shell


Configure your Apache2

Create non-ssl configuration file

Shell


Change directives accordingly the entries below:

Shell


Restart Apache:

Shell


Open http://passwork.local or http://127.0.0.1 to access website

8. Installation

When you open Passwork for the first time, you will see an installation wizard that will check if the server is configured correctly and allow you to enter the basic parameters.

💡 Leave all fields at their default values if you are installing a new copy of Passwork

Sign up an administrator

Enter the username and password for the first user. The user will automatically become the administrator and owner of the organization.

9. Create a SSL certificate

First, install the Apache SSL module:

Shell


Create a new directory to store our private key (the /etc/ssl/certs directory is already available to hold our certificate file):

Shell


Set correct permissions:

Shell


Generate a new certificate and a private key to protect it:

Shell


Invoking this command will result in a series of prompts

  • Common Name: Specify your server's IP address or hostname. This field matters, since your certificate needs to match the domain (or IP address) for your website.
  • Fill out all other fields at your own discretion

Example answers are shown below:

Shell


Create a strong Diffie-Hellman group.

Shell


Append the generated file to the end of our self-signed certificate.

Shell


10. Configuring the product to work correctly in Chrome with SSL

When working over an SSL connection (HTTPS), the Chrome browser requires the Secure and SameSite flags for the cookies. Without these flags, the browser will not accept cookies, and you will not be able to log into Passwork in Chrome.

To set these flags, enable the session.cookie_secure parameter in the /etc/php.ini file:

Shell


And set the parameter disableSameSiteCookie ([application] section)in file /var/www/app/config/config.ini to value Off:

Shell


💡 Do not set these parameters or reset them to their original value if you change your mind about using SSL and will be working over the HTTP protocol

11. Configure Apache to use SSL

Open Apache's SSL configuration file in your text editor.

Shell


Locate the section that begins with <VirtualHost _default_:443> and make the following changes.

  • First, uncomment the DocumentRoot line and edit the address in quotes to the location of your site's document root. By default, this will be in /var/www/html.
  • Next, uncomment the ServerName line and replace www.example.com with your domain name or server IP address (whichever one you put as the common name in your certificate):
Shell

  • Add “Directory” directive next to the “ServerName”.
Shell

  • Next, find the SSLProtocol and SSLCipherSuite lines and either delete them or comment them out. The configuration we be pasting in a moment will offer more secure settings than the default included with CentOS's Apache:
Shell


Find the SSLCertificateFile and SSLCertificateKeyFile lines and change them to the directory we made at /etc/httpd/ssl:

Shell


Once these changes have been made, check that your virtual host configuration file matches the following.

Shell


We're now done with the changes within the actual VirtualHost block. Save changes (Ctr+O) and exit (Ctr+X).

Restart Apache to apply the changes.

Shell


Check SSL connection by going to https://passwork.local.