X-Git-Url: https://git.openstreetmap.org/nominatim.git/blobdiff_plain/c3e56541136e5aaef54b616498115e1949c7cb99..513bf485f20f0308c7f25c96717190a354bf0ec3:/vagrant/Install-on-Centos-7.sh diff --git a/vagrant/Install-on-Centos-7.sh b/vagrant/Install-on-Centos-7.sh index 154101df..50eeaaec 100755 --- a/vagrant/Install-on-Centos-7.sh +++ b/vagrant/Install-on-Centos-7.sh @@ -52,8 +52,8 @@ # we assume this user is called nominatim and the installation will be in # /srv/nominatim. To create the user and directory run: # -sudo mkdir -p /opt/nominatim #DOCS: sudo useradd -d /srv/nominatim -s /bin/bash -m nominatim -sudo chown vagrant /opt/nominatim #DOCS: +sudo mkdir -p /srv/nominatim #DOCS: sudo useradd -d /srv/nominatim -s /bin/bash -m nominatim +sudo chown vagrant /srv/nominatim #DOCS: # # You may find a more suitable location if you wish. # @@ -61,7 +61,7 @@ sudo chown vagrant /opt/nominatim #DOCS: # user name and home directory now like this: # export USERNAME=vagrant #DOCS: export USERNAME=nominatim - export USERHOME=/opt/nominatim #DOCS: export USERHOME=/srv/nominatim + export USERHOME=/srv/nominatim # # **Never, ever run the installation as a root user.** You have been warned. # @@ -106,14 +106,14 @@ sudo chown vagrant /opt/nominatim #DOCS: #DOCS:```sh sudo tee /etc/httpd/conf.d/nominatim.conf << EOFAPACHECONF - #DOCS: + Options FollowSymLinks MultiViews AddType text/html .php DirectoryIndex search.php Require all granted -Alias /nominatim $USERHOME/build/website #DOCS:Alias /nominatim $USERHOME/Nominatim/build/website +Alias /nominatim $USERHOME/build/website EOFAPACHECONF #DOCS:``` @@ -126,17 +126,6 @@ sudo sed -i 's:#.*::' /etc/httpd/conf.d/nominatim.conf #DOCS: sudo systemctl enable httpd sudo systemctl restart httpd -# -# Adding SELinux Security Settings -# -------------------------------- -# -# It is a good idea to leave SELinux enabled and enforcing, particularly -# with a web server accessible from the Internet. At a minimum the -# following SELinux labeling should be done for Nominatim: - - sudo semanage fcontext -a -t httpd_sys_content_t "$USERHOME/Nominatim/(website|lib|settings)(/.*)?" - sudo semanage fcontext -a -t lib_t "$USERHOME/build/module/nominatim.so" - sudo restorecon -R -v $USERHOME/Nominatim # # Installing Nominatim @@ -165,12 +154,28 @@ fi #DOCS: # The code must be built in a separate directory. Create this directory, # then configure and build Nominatim in there: - cd $USERHOME #DOCS: :::sh +#DOCS: :::sh + cd $USERHOME mkdir build cd build cmake $USERHOME/Nominatim make +# +# Adding SELinux Security Settings +# -------------------------------- +# +# It is a good idea to leave SELinux enabled and enforcing, particularly +# with a web server accessible from the Internet. At a minimum the +# following SELinux labeling should be done for Nominatim: + + sudo semanage fcontext -a -t httpd_sys_content_t "$USERHOME/Nominatim/(website|lib|settings)(/.*)?" + sudo semanage fcontext -a -t httpd_sys_content_t "$USERHOME/build/(website|lib|settings)(/.*)?" + sudo semanage fcontext -a -t lib_t "$USERHOME/build/module/nominatim.so" + sudo restorecon -R -v $USERHOME/Nominatim + sudo restorecon -R -v $USERHOME/build + + # You need to create a minimal configuration file that tells nominatim # the name of your webserver user and the URL of the website: