Install Apache Tomcat on Debian
Apache Tomcat is an opensource web server used to server Java Applications. It is an opensource implementation of Java Servlet, Java Server Pages and Java Expression Language. In this tutorial, you are going to learn how to Install Apache Tomcat on Debian.
Prerequisites
Before you start to install Apache Tomcat on Debian. You must have the non-root user account on your system with sudo privileges.
Install Java with OpenJDK
It required to have Java installed on your system before we start to install Tomcat. Run following commands to install Java.
First, check if Java is already installed on your system running following command.
java -version
If Java does not installed on your system install it by running following command.
sudo apt update
sudo apt install default-jdk
Now Java is installed on your system.
Create Tomcat User
Becuase of security reason Tomcat should not run as root user. So now you should create a non-root user for Tomcat typing following command.
sudo useradd -r -m -U -d /opt/tomcat -s /bin/false tomcat
Now you are ready to install Tomcat on Debian.
Install Tomcat
To install Tomcat 9 you need to download latest binaries from Tomcat Download Page. At the time creating this tutorial latest version is
First navigate insode
9.0.14. But you can use the latest stable version.First navigate insode
/tmp directory.cd /tmp
To download Tomcat run following command.
wget http://www-eu.apache.org/dist/tomcat/tomcat-9/v9.0.14/bin/apache-tomcat-9.0.14.tar.gz -P
After downloading extract Tomcat archive and move to
/opt/tomcat directory.sudo tar xf /apache-tomcat-9*.tar.gz -C /opt/tomcat
Now create a symbolic link for installation directory so if you want to migrate to next Tomcat version you need to only change this symbolic link.
sudo ln -s /opt/tomcat/apache-tomcat-9.0.14 /opt/tomcat/enabled
Set Permissions
As Tomcat should run under
tomcat user created previously. You need to give permissions to tomcat user to access tomcat installation directory.
Run following command to give installation directory ownership to
tomcat user and tomcat group.sudo chown -RH tomcat: /opt/tomcat/enabled
Set non executable flag for
bin directory.sudo chmod o+x /opt/tomcat/enabled/bin/
Create Systemd Unit File
To run Tomcat as a service you need to create a new unit file.
Run following command to create
tomcat.service unit file inside /etc/systemd/system/ directory;sudo nano /etc/systemd/system/tomcat.service
Copy the following code and paste it inside the above file.
NOTE: Modify JAVA_HOME path if it does not match with the value found on your system.
NOTE: Modify JAVA_HOME path if it does not match with the value found on your system.
[Unit]
Description=Tomcat 9 servlet container
After=network.target
[Service]
Type=forking
User=tomcat
Group=tomcat
Environment="JAVA_HOME=/usr/lib/jvm/default-java"
Environment="JAVA_OPTS=-Djava.security.egd=file:///dev/urandom -Djava.awt.headless=true"
Environment="CATALINA_BASE=/opt/tomcat/latest"
Environment="CATALINA_HOME=/opt/tomcat/latest"
Environment="CATALINA_PID=/opt/tomcat/latest/temp/tomcat.pid"
Environment="CATALINA_OPTS=-Xms512M -Xmx1024M -server -XX:+UseParallelGC"
ExecStart=/opt/tomcat/latest/bin/startup.sh
ExecStop=/opt/tomcat/latest/bin/shutdown.sh
[Install]
WantedBy=multi-user.target
Now reload systemd daemon to notify new file created.
sudo systemctl daemon-reload
Now start the Tomcat service running following command.
sudo systemctl start tomcat
Check the status if tomcat running using the following command.
sudo systemctl status tomcat
If everything is ok then run the following command to autostart Tomcat after boot.
sudo systemctl enable tomcat
Update The Firewall Settings
If you are running Firewall then update settings then you should open port 8080 to access Tomcat from outside of your local system.
Run following command to allow traffic on port 8080:
sudo ufw allow 8080/tcp
Configure Tomcat Web Management Interface
To use manager web app you should edit
tomcat-users.xml file. This file contains users and roles. Edit tomcat-users.xml file by running following command:sudo nano /opt/tomcat/latest/conf/tomcat-users.xml
Now add username and password for
admin-gui and manager-gui. Make it sure you are setting strong username and password.....
....
<role rolename="admin-gui"/>
<role rolename="manager-gui"/>
<user username="admin" password="admin_password" roles="admin-gui,manager-gui"/>
Now save and close the above file opened.
By default, Apache Tomcat restricts access to Manager and Host Manager apps to connections coming from the server also. You should remove these restrictions.
To change IP address restriction open following files.
Open Manager app context file using below command.
To change IP address restriction open following files.
Open Manager app context file using below command.
sudo nano /opt/tomcat/latest/webapps/manager/META-INF/context.xml
Open Host Manager app context file using below command.
sudo nano /opt/tomcat/latest/webapps/host-manager/META-INF/context.xml
Add commnets as given in following file.
<Context antiResourceLocking="false" privileged="true" >
<!--
<Valve className="org.apache.catalina.valves.RemoteAddrValve"
allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1" />
-->
</Context>
Save and close the file and restart the Tomcat server.
sudo systemctl restart tomcat
NOTE: You can add only IP address to the file to allow connection as given below. In following file for example
192.0.0.0 IP address added.<Context antiResourceLocking="false" privileged="true" >
<Valve className="org.apache.catalina.valves.RemoteAddrValve"
allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1|192.0.0.0" />
</Context>
Testing Tomcat
Open browser and visit following link :
http://YOUR_SERVER_DOMAIN_OR_IP_ADDRESS:8080
You should get the following output for the successful installation.
Now use Manager App visiting
http://YOUR_SERVER_DOMAIN_OR_IP_ADDRESS:8080/manager/html. Now to login enter username and password you have created in tomcat-users.xml file.
The Virtual Host Manager App is available at
http://YOUR_SERVER_DOMAIN_OR_IP_ADDRESS:8080/host-manager/html. By using this app you can manage virtual hosts.Conclusion
You have successfully installed Tomcat 9 on Debian 9/10. If you have any queries regarding this please don’t forget to comment below.
Note:
If tomcat takes time to startup. Make sure you have installed haveged. follow commands below
#apt install haveged
#systemctl start haveged
# systemctl enable haveged
If Server is having External IP or access issues just comment the following line in host-manager/content.xml and manager/content.xml files
<Valve <!--className="org.apache.catalina.valves.RemoteAddrValve"
allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1|192.0.0.0" />-->
No comments:
Post a Comment