-
Notifications
You must be signed in to change notification settings - Fork 7
/
Copy pathREADME
217 lines (154 loc) · 8.61 KB
/
README
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
Black Flower CAD v1.8.0 - 2011/06/19
OVERVIEW
Description:
------------
Black Flower CAD is an open source Computer Aided Dispatch / Computer
Aided Logging software package.
Contact Information:
--------------------
The current version of this software can be downloaded from:
http://www.forlorn.net/cad/
For bug reports, questions, etc, send email to:
UPGRADE INSTRUCTIONS
(For new installations, see INSTALLATION below.)
Upgrading from 1.4.x or previous is not supported due to lack of need
and therefore nonexistant database upgrade scripts. Contact us if this
need exists in your environment.
To upgrade from versions 1.5 or greater:
* Compare cad.conf.example to your current cad.conf (or run initialize.sh
if you do not yet have cad.conf.) Create or adjust variable names as
necessary.
* Run all database schema update scripts in data/updates subdirectory,
sequentially by version number.
INSTALLATION
Server Requirements:
--------------------
* MySQL database server v5.0 or greater
* PHP version 5, with MySQL integration.
* Apache 2.0+ webserver running in Prefork mode, with PHP integration.
* Linux (Debian/CentOS) recommended for mission critical installations.
* Microsoft Windows (XP/7) has also been used in development environments.
-> IMPORTANT: Production use on Microsoft Windows is NOT recommended,
due to limitations of PHP running under Windows-based webservers and
using Windows' Event Log emulation for syslog.
Client Requirements:
--------------------
* 1024x768 (or greater) screen resolution required.
-> 1280x1024 (or greater) resolution is recommended for best results.
* Mozilla v1.5+ or Firefox v1.0+ web browser required.
-> Internet Explorer IS EXPRESSLY NOT SUPPORTED.
-> Safari and Chrome have been minimally tested, and cosmetic issues
were noted. They may or may not be fully functionally compatibile.
-> Other browsers have not been tested and are not likely to work.
* Client system time must be synchronized with CAD server system time.
* Microsoft Windows (XP/7) is recommended for client operating system.
-> Linux clients have also been tested successfully.
-> Apple OS X has been minimally tested.
Installation Quick Guide
------------------------
1) Install the MySQL database server on the target server.
*** Linux instructions coming later; refer to MySQL documentation ***
*** Windows instructions coming later; refer to MySQL documentation ***
When installing this server, assign and memorize a password to
the MySQL "root" user account. This will be required during CAD
installation.
Unless you know exactly what you are doing, it is STRONGLY advised
to allow MySQL (port 3306) connections *only* from localhost.
2) Install Apache and PHP on the target server.
*** Linux instructions coming later; refer to Apache/PHP docs ***
*** Windows instructions coming later; refer to Apache/PHP docs ***
3) Unpack the CAD distribution archive in the desired Web directory.
Example (for Debian Linux -- HTML documents directory may be different
on other operating systems):
# Acquire adequate (root) permissions to write to destination, then:
cd /var/www/
tar zvxf ~/cad-<version>.tar.gz
chown -R www-data.www-data cad-<version>
ln -sf cad-<version> cad
4) Configure the CAD system.
If bash and perl are available on your Linux or UNIX server, change
to the CAD directory and execute the "initialize.sh" script.
cd /var/www/cad
bash ./initialize.sh
This will create and load the default SQL tables and otherwise
prepare the system for running. You will be prompted to enter
certain usernames and passwords. Or, if you have a fair level of
MySQL command line administration skills, read the installation script
and initialize the system manually using the MySQL root account.
The initialize.sh script does not currently error-detect for an
already existing database or user with specified names. To run
the script multiple times, you must first change or delete conflicting
data. Be careful.
If you are on a multiuser system, ensure that cad.conf is owned
by a user/group that is readable only by the webserver, and change
file permissions to match, so as to safeguard your passwords.
*** Manual/Windows documentation to be added ***
5) Configure your Apache installation to serve the CAD application.
The Apache configuration for your desired CAD HTML directory must
permit the "AllowOverride Limit" configuration. A ".htaccess" file
is used to block access to sensitive application files. If your
Apache config does not permit this, update it and reload Apache
at this time.
Test this configuration by trying to load a file that should
be forbidden by the .htaccess rules:
http://<server>/<path-to-CAD-application>/cad.conf
This should NOT succeed. If you ARE able to load this file,
troubleshoot the Apache site config and provided .htaccess file.
6) Synchronize the server and all clients to the same time.
See NTP discussion below.
To use the CAD system:
----------------------
On the server, start or restart Apache and MySQL as needed.
On the client, load your web browser and go to the CAD URL, e.g.:
http://<server>/<path-to-CAD-application>/
(or https:// if you have configured your system for HTTPS.)
Log in with the CAD administrator username and password created
during step 4 above. The password is case sensitive.
Click on the "Settings" tab, then "Edit Users" in the Administration
dialog, and create the required usernames and passwords for CAD users.
An access level less than 10 should be used for normal users.
Access levels of 10 or greater create a system administrator account.
Day to day use of CAD should be done through normal, rather than
system administrator, accounts.
Best Common Practices
---------------------
1) NTP
Time synchronization is required for coordination of timestamps
generated on the server with those generated on the clients.
This can be done by running a standalone (stratum 1) NTP server
if on a completely isolated network, or by connecting all systems
to the Internet NTP network. In the Internet case it is
recommended to run a caching NTP server on the CAD server, and
synchronize all clients to that. A popular freeware Windows NTP
client is available from http://www.oneguycoding.com/automachron/.
2) Syslog
CAD will use the native system logging functionality on UNIX or
Windows systems. On UNIX systems, CAD uses the local4 logging level,
and obeys the severity filter as set in cad.conf. On Windows,
*all* messages are logged to the Application section of the Event
Viewer, disregarding the severity filter as set in cad.conf.
3) Network security
Any network running CAD or other such systems should be kept
isolated from insecure network traffic such as the Internet.
The CAD server should be reachable from the CAD clients but they
should not be reachable from untrusted (outside/Internet) systems.
Any consumer-grade or better hardware firewall is sufficient for
purposes of CAD network security.
In an extremely small or field-deployable CAD installation, it is
possible to install the server on a system which will also be one
of the clients of the installation. If that is the only system
expected to use CAD, a software firewall on that host is sufficient
if configured correctly. Software firewalls are also generally
recommended for any Microsoft Windows client or server systems
as best practice. CAD is a cleanly client-server system, it does
not require network ingress access for connections _to_ clients.
Ports required to be accessible on CAD server by the CAD clients
for application communication:
80 (http) - Normal operation: HTTP on a secure network.
*or*
443 (https) - If using secure HTTPS on an insecure network
Other ports that may be used in a full network environment:
53 (domain) - If using the CAD server as a DNS server.
67 (bootps) - If using the CAD server as a DHCP server.
123 (ntp) - If using the CAD server as an NTP server.