The instructions below applies to EMG 7.0, 7.1, and 7.2.
This document describes the steps involved to install a complete EMG platform with
running in CentOS 7.2.1511, released in December 2015 (end of support, June 30, 2024).
CentOS 7 provides
- Apache 2.4.6
- PHP 5.4.16
- MariaDB (MySQL) 5.5.44
through the default yum repositories which meet the EMG Portal requirements well. Other Linux distributions and later versions of these tools often work fine. However, EMG Portal currently does not work on CentOS 8, and we do not support the ionCube decoder for PHP version 7.
We will install on Centos 7 (64-bit), create a separate user for emg and place the EMG installation in /home/emg. This will give us a privilege-separated installation in its own location.
- Basic OS installation and configuration
- EMG installation
- EMG perl installation
- EMG watchdog installation
- EMG Portal installation
- Finish EMG installation
- Recurring tasks (cron)
- What’s next?
Basic OS installation and configuration
- Download and install CentOS 7.2.1511 (64-bit). We choose the “minimal” distribution,
- After installation, login as “root”
- Consider disabling SELinux, at least during the installation,
- Consider disabling ipv6 if you will not use it:
- Modify Postfix configuration to use ipv4 only. In /etc/postfix/main.cf change the line
inet_protocols = all
and restart Postfix by running
inet_protocols = ipv4
systemctl restart postfix
- Run a “yum update” to ensure all packages are up to date and if any kernel packages were updated reboot the server
yum update -y
- Install some additional required and useful packages
yum install -y bzip2 httpd httpd-devel mod_ssl mariadb-server mariadb-devel php php-pdo \
php-mysql php-pear php-xml php-mbstring php-devel pcre-devel gcc mlocate mailx net-tools vim-enhanced wget
systemctl enable mariadb
systemctl enable httpd
systemctl enable postfix
- Create user “emg” and assign a good password to the new account. Consider having a strong password generated, for example using https://strongpasswordgenerator.com/
useradd -m emg
- Consider limiting ssh access to specific users by adding “AllowUsers emg” to /etc/ssh/sshd_config
systemctl restart sshd
- Consider synchronizing server time with NTP servers
yum install -y ntpdate ntp
systemctl enable ntpd
systemctl start ntpd
- Tune some InnoDB and query parameters for MySQL. Change “[server]” section in “/etc/my.cnf.f/server.cnf”.
innodb_additional_mem_pool_size = 128M
innodb_buffer_pool_instances = 2
innodb_flush_log_at_trx_commit = 2
query_cache_limit = 16M
query_cache_size = 128M
- Start services and secure the mysql installation by setting a root password etc
systemctl start postfix
systemctl start mariadb
- Set the default timezone in php.ini. In the distributed php.ini there is a line “;date.timezone =” which should be replace with “date.timezone = ‘Europe/Stockholm'” or whichever timezone is correct for you, check http://php.net/manual/en/timezones.php for more information. Also consider increasing limits for memory usage and execution time.
date.timezone = 'Europe/Stockholm'
memory_limit = 512M
max_execution_time = 600
We are now ready to install and configure EMG.
- Request an eval license key at https://docs.nordicmessaging.se/request-evaluation-license/
- Login as “root”.
- Download the latest EMG 7 (Linux 64-bit) “Full distribution” at https://docs.nordicmessaging.se/about-emg/downloads using download username / password from the eval license key email. In the commands below, please update the URL and file name to match the version you want to download.
wget --http-user=emg --http-password=letmein \
tar xvzf emg727-e74683-linux-64bit-full.tar.gz
- Specify the newly created user “emg” for user and group, “/home/emg/etc” for configuration files, “/home/emg/bin” for executables plus your eval license information.
- Add “export EMGDIR=$HOME/etc” to the end of bash profile script
echo 'export EMGDIR=$HOME/etc' >>/home/emg/.bash_profile
- Login as “emg”
- Replace the default EMG configuration file with the EMG dbconfig configuration file.
cp /home/emg/etc/server.cfg.dbconfig /home/emg/etc/server.cfg
- Create the EMG database and schema, but first edit the script to set a secure password, preferably generated
sh ./createemgdb-mysql.sh createdb
sh ./createemgdb-mysql.sh createtables
sh ./createemgdb-mysql.sh initdbconfig
- Edit the server.cfg file, and change the database credentials to match the above in the DATABASE section.
EMG perl installation
In order for the EMG Portal billing plugin (and EMG perl plugins in general) to work properly the EMG perl distribution needs to be installed. More information here: https://docs.nordicmessaging.se/emg-5-2-6-and-perl-plugins/.
Please note that this will be a perl installation completely separated from the default perl installation used by /usr/bin/perl. To install modules and run the EMG perl distribution you must run the perl binary with the full path (/opt/perl-5.12.2-emg/bin/perl) and preferably always as user “emg” to avoid mixing up file permissions. However, below we add the new perl bin directory first in the PATH for the “emg” user in order to ensure the EMG perl binary is always used when using “emg” account.
- Download and extract EMG perl distribution as user “root”
tar xvzf perl-5.12.2-emg_linux_64bit.tar.gz
chown -R emg.emg perl-5.12.2-emg
- Install some required CPAN modules. When running the cpan command the first time you need to hit enter a couple of times to accept the configuration.
su - emg
echo 'export PATH=/opt/perl-5.12.2-emg/bin:$PATH' >>$HOME/.bash_profile
PERL_MM_USE_DEFAULT=1 /opt/perl-5.12.2-emg/bin/cpan -f LWP Time::HiRes Carp::Assert DBI DBD::mysql
EMG watchdog installation
The EMG watchdog can monitor the EMG server process (emgd) and perform operations such as stopping server, starting server and retrieve EMG server log files to EMG Portal. It also monitors available disk space in the file system and sends a notification when a specified limit has been reached.
It features a built-in web server used to serve the API calls. The web server listens on port 3000 by default.
- Log out, and then log in as “emg”. This is required to get the new value of the $PATH variable.
- Some more CPAN modules are required. You may need to hit enter multiple times during the installation.
PERL_MM_USE_DEFAULT=1 /opt/perl-5.12.2-emg/bin/cpan -f Email::Sender::Simple Email::Sender::Transport::SMTP Email::Simple Email::Simple::Creator Filesys::Df HTTP::Daemon HTTP::Status IPC::Shareable JSON Net::Subnet URI::QueryParam Data::Dumper
- Copy the sample watchdog script
cp /home/emg/bin/emg_watchdog.pl.sample /home/emg/bin/emg_watchdog.pl
- Go through the “Configuration variables” section in the watchdog script and add any variables you want to change to a new file “emg_watchdog.cfg”.
More specifically make sure the following are set to relevant values:
@notify_recipients – E-mail address(es) to which watchdog should send e-mail notifications
$mail_from – Sender address (“From”) for e-mail notifications
Sample string to add new values for @notify_recipients and $mail_from to emg_watchdog.cfg:
echo -e "@notify_recipients = ('firstname.lastname@example.org');\n\$mail_from = 'email@example.com';" >$HOME/bin/emg_watchdog.cfg
- Start the EMG watchdog by running the command below. You should receive an e-mail notification when the watch has started if all went ok.
- Login as “root”
- Ensure EMG watchdog is started automatically on system boot.
echo 'su - emg -c "perl /home/emg/bin/emg_watchdog.pl &"' >>/etc/rc.local
chmod 744 /etc/rc.local
EMG Portal installation
Time to download and install EMG Portal. The evaluation version of EMG Portal is encoded with ionCube and first an ionCube loader must be configured in PHP.
- As user “root”, open firewall to allow https (port 443) and optionally http (port 80) connections in firewall and start httpd service. We recommend using https only since communication will then be protected by SSL encryption. However, if you use the default self-signed SSL certificate the visting browser will throw a warning when accessing the page. Installation of a proper certificate signed by a trusted CA is therefore strongly recommended.
systemctl start firewalld
firewall-cmd --zone=public --add-port=80/tcp --permanent # Optional - not recommended
firewall-cmd --zone=public --add-port=443/tcp --permanent
systemctl start httpd
- Download the ionCube loader wizard from http://www.ioncube.com/loaders.php and install it by placing the installer wizard in /var/www/html and point your browser to https://servername/ioncube/loader-wizard.php. Follow the instructions and remember to delete the loader files in web directory after completing the loader installation.
tar xvzf loader-wizard.tgz
[ Open browser and follow instructions, which should correspond to commands below ]
tar xvzf ioncube_loaders_lin_x86-64.tar.gz
cp ioncube/ioncube_loader_lin_5.4.so .
echo "zend_extension = /usr/lib64/php/modules/ioncube_loader_lin_5.4.so" >/etc/php.d/20-ioncube.ini
systemctl restart httpd
[ The ionCube loader should now load properly if you point your browser to
rm -rf /usr/lib64/php/modules/ioncube/ /var/www/html/loader-wizard.tgz /var/www/html/ioncube/
- Download the current 30-day eval as user “root”. You will end up with a file named something similar to emgportal-3.1-51178-ioncube-20200923.tar.gz.
wget --trust-server-names --content-disposition http://www.nordicmessaging.se/files/emg/emgportal3-eval.php
tar xvzf /tmp/emgportal-*-ioncube-*.tar.gz
chown -R emg.emg /var/www/html/emgportal
chmod 777 assets protected/runtime
chmod 777 protected/config
cp htaccess.sample .htaccess
- Modify .htaccess to use the right sub-uri by uncommenting “#RewriteBase /emgportal”
- Configure apache by copying emgportal.conf to apache config directory and restart httpd servce
cp /var/www/html/emgportal/emgportal.conf /etc/httpd/conf.d
systemctl restart httpd
- If you access the EMG Portal installer from a remote computer you will need to add your IP address to AUTHORIZED_IPS variable on line 3 in the installer file.
- Now you should be able to point your browser to your server https://yourserver/emgportal and see the EMG Portal installer.
- After finishing the installer you need to remove installation directory and secure config files
rm -rf install/
chown -R emg.emg /var/www/html/emgportal
chmod 755 protected/config
- As a final step you should check the main config file for any settings you want to customize especially the “baseUrl”, “adminEmail” and “emailReportCopy” settings. You can also define your own layout file and point to it through the “layout” setting.
- You should now be able to log in to EMG Portal as the web user you specified during installation.
- In EMG Portal under “Dashboard” -> “System settings” on the bottom of the page under “EMG Server(s)” add “3000” as the “Watchdog port” on the first line and save.
You should now see “EMG watchdog: Enabled – Running” on the “Dashboard”.
Finish EMG installation
You need to copy the billing plugin from EMG Portal distribution into the EMG etc directory.
- Copy the file as “emg” user and update database credentials in the file. Also copy the mo_routing.pl file.
su - emg
cp /var/www/html/emgportal/misc/billing.pl /home/emg/etc/
- As user “root”, open firewall for incoming SMPP connections. In server.cfg there is an incoming SMPP connector listening on port 2775 but we have yet to allow inbound connections on that port
firewall-cmd --zone=public --add-port=2775/tcp --permanent
Finally you should be able to start the EMG server by running command “emgd” as user “emg”. The command “emgstat” should give you a list of connectors in the EMG server and their status.
You should also be able to login to the EMG Portal and see the same information under “Dashboard -> Connectors”.
Recurring tasks (cron)
A few cron jobs need to be added to enable recurring tasks.
There is a sample script “cleandb.sh.sample” in the /home/emg/bin directory. The “hourly_summary.pl.sample” script is part of the EMG Portal distribution.
As user “emg”, copy them and review paths and database settings in the scripts to ensure they run correctly.
cp /home/emg/bin/cleandb.sh.sample /home/emg/bin/cleandb.sh cp /var/www/html/emgportal/misc/hourly_summary.pl.sample /home/emg/bin/hourly_summary.pl cp /var/www/html/emgportal/misc/hourly_summary_connector.pl.sample /home/emg/bin/hourly_summary_connector.pl vi /home/emg/bin/cleandb.sh vi /home/emg/bin/hourly_summary.pl
Then add crontab entries similar to extract below.
crontab -u emg -e (if running as user "root") crontab -e (if running as user "emg")
Extract from “crontab -l -u emg” on a running server:
# Purge old records from EMG database */5 * * * * /home/emg/bin/cleandb.sh >>/tmp/cleandb.log 2>&1 # Aggregate statistics for EMG Portal message reports * * * * * /home/emg/bin/hourly_summary.pl >>/tmp/hourly_summary.log 2>&1 * * * * * /home/emg/bin/hourly_summary_connector.pl >>/tmp/hourly_summary_connector.log 2>&1 # Trigger daily report for current month 5 0 * * * wget --no-check-certificate -O - https://127.0.0.1/emgportal/cron/reportMonth >/tmp/cron_report.log 2>&1 # Trigger scheduled jobs * * * * * wget --no-check-certificate -O - https://127.0.0.1/emgportal/cron/sendScheduled >/tmp/cron_send.log 2>&1
You should now have a running messaging solution with server and web interface for provisioning tasks.
When using the command-line, remember to always run commands as user “emg”, or file permissions may be incorrectly set.
Next steps include:
- Set up routing (we recommend adding a default route).
- Set up pricing (we recommend adding a default price).
- Provision customer accounts.
- Remember to open the port in the firewall if you add new inbound connectors.
- Consider adding a proper SSL certificate to protect your site and for increased customer trust.
- Create automatic backups of the database.
- Version control (we recommend git) and backup the EMG configuration files.
Please consult the EMG Portal documentation for some more information about EMG Portal functionality.