Install TeamForge 7.1 with all services on the same server

The easiest way to install TeamForge is to install it on a single server, dedicated to TeamForge taking the default configuration settings. We call this a "dedicated" install.

In this option, the following services run on the application server (we call this my.app.host).
Important: It is critical that you start with a fresh server, without any software installed. You must have root access to the server.
  1. Install Red Hat Enterprise Linux / CentOS 6.4 or later versions and log in as root.
    Important: Don't customize your installation. Select only the default packages list.
  2. Check your basic networking setup. See Set up networking for your TeamForge server for details.
  3. If the TeamForge server has SELinux enabled, disable it temporarily while installing or upgrading TeamForge.
    1. Verify if SELinux is running in enforcing mode.
      • getenforce
    2. If the output of the getenforce command is either "Disabled" or "Permissive", SELinux is already disabled.
    3. If not disabled, run the following command to disable SELinux.
      • setenforce 0
    See Set up SELINUX to have TeamForge to run in SELinux mode after completing the installation or upgrade.
  4. Configure your TeamForge 7.1 installation repository. See TeamForge installation repository configuration for Red Hat/CentOS
  5. Install the following application packages.
    1. TeamForge: To install the TeamForge application packages run the following command:
      • yum install teamforge
    2. GIT: To install the GIT packages run the following command.
      • yum install teamforge-git
    3. To install Black Duck Code Sight run the following command.
      • yum install teamforge-codesearch
  6. Set up your site's master configuration file.
    • vi /opt/collabnet/teamforge-installer/7.1.0.0/conf/site-options.conf
    1. Configure the HOST token.
      HOST_localhost=app database datamart etl indexer subversion cvs
      DOMAIN_localhost=my.app.domain.com
    2. Configure the following settings if you are installing Git.
      HOST_localhost=app database datamart etl indexer subversion cvs gerrit
    3. Configure the following settings if you are installing Black Duck Code Sight.
      HOST_localhost=app database datamart etl indexer subversion cvs gerrit codesearch
    4. Configure the database and datamart settings.
      Note: For more information about configuring variables, see site-options.conf
      DATABASE_TYPE=postgresql
      DATABASE_USERNAME=ctfuser
      DATABASE_NAME=ctfdb
      DATABASE_READ_ONLY_USER=ctfrouser
      REPORTS_DATABASE_USERNAME=ctfrptuser
      REPORTS_DATABASE_NAME=ctfrptdb
      REPORTS_DATABASE_READ_ONLY_USER=ctfrptrouser
      REPORTS_DATABASE_MAX_POOL_SIZE=30
      Note: The database name and username values are arbitrary alphanumeric strings.
    5. Starting TeamForge 7.1, the TeamForge installer supports automatic password creation for the following password-related site-options.conf tokens. When set to $auto$, the passwords for the tokens are randomly generated and stored in an encrypted format in the site-options.conf file. This feature is enabled by default. You can, however, override any of the following password-related tokens with the password of your choice.
      • DATABASE_PASSWORD
      • DATABASE_READ_ONLY_PASSWORD
      • REPORTS_DATABASE_PASSWORD
      • REPORTS_DATABASE_READ_ONLY_PASSWORD
      • ETL_SOAP_SHARED_SECRET
      • JAMES_ADMIN_PASSWORD
      • BDCS_ADMIN_PASSWORD
      • MIRROR_DATABASE_PASSWORD (applicable only if you are mirroring your database)
    6. Password Obfuscation

      The password obfuscation is enabled by default. As a result, all password-related tokens are encrypted in all the TeamForge configuration files.

      • To disable password obfuscation, set OBFUSCATION_ENABLED=false.
      • To configure the obfuscation key, set OBFUSCATION_KEY=<Any AlphaNumeric value with length >= 8 bytes>. The default value of OBFUSCATION_KEY token is XSJt43wN.
      • To configure the OBFUSCATION_PREFIX, set OBFUSCATION_PREFIX= <A value with 4 to 8 bytes length>. The default value of OBFUSCATION_PREFIX is {OBF}:).
      Important: The password-related tokens cannot contain the following characters: $<>/\'"` in the site-options.conf file.
    7. Turn on the SSL for your site by editing the relevant variables in the site-options.conf file. To generate the SSL certificates, see Generate SSL certificates.
      • SSL=on
      • SSL_CERT_FILE=
      • SSL_KEY_FILE=
      • SSL_CA_CERT_FILE=
      • SSL_CHAIN_FILE=
                   
      
      Note: The SSL_CA_CERT_FILE and SSL_CHAIN_FILE are optional.
    8. If the token REQUIRE_PASSWORD_SECURITY is enabled, then set a value for the token, PASSWORD_CONTROL_EFFECTIVE_DATE. The Password Control Kit (PCK) disables, deletes or expires user accounts that don't meet the password security requirements starting from the date set for the PASSWORD_CONTROL_EFFECTIVE_DATE token. If a date is not set, the PCK disables, deletes or expires user accounts immediately. See PASSWORD_CONTROL_EFFECTIVE_DATE for more information.
    9. It is mandatory to include the SCM_DEFAULT_SHARED_SECRET token in the site-options.conf file of the primary TeamForge server, and provide it with a value of 16-24 characters. Remember to use the same key in the external SCM integration server also.
    10. If the token REQUIRE_RANDOM_ADMIN_PASSWORD is already set to true, then set the token ADMIN_EMAIL with a valid email address. ADMIN_EMAIL=root@{__APPLICATION_HOST__}
    11. If you have LDAP set up for external authentication, you must set the “REQUIRE_USER_PASSWORD_CHANGE” site options token to false.
    12. Ensure to set the token DEDICATED_INSTALL=true. This makes the installation process very simple as the TeamForge installer takes care of configuring the Apache and Postgresql automatically.
    13. Set the USERS_WITH_NO_EXPIRY_PASSWORD token as follows:
      USERS_WITH_NO_EXPIRY_PASSWORD=admin,nobody,system,scmviewer
      If you are installing Git, add a TeamForge user for example,"gitadmin" with site-administrator rights and append the username against this parameter.
      USERS_WITH_NO_EXPIRY_PASSWORD=admin,nobody,system,scmviewer,gitadmin
    14. Make sure that the following tokens have a value if ETL is enabled.
      SOAP_ANONYMOUS_SHARED_SECRET=
      ETL_SOAP_SHARED_SECRET=
    15. Configure the following settings for Black Duck Code Sight.
      Note: In case the HOST_ token is configured as HOST_localhost, then specify the following token with a valid hostname or domain name.
      BDCS_HOST=<my.host.name or my.domain.name>
      								
      To enable SSL for Black Duck Code Sight, include this token:
      BDCS_SSL=on
      Note: If you have Black Duck Code Sight on SSL and the following external certificate tokens are not provided, the installer will generate a self-signed certificate.
      For valid SSL certificates, configure the following tokens:
      BDCS_SSL_CERT_FILE=
      BDCS_SSL_KEY_FILE=
      
      The ca.crt and chain files are optional -- leave out the tokens if you don't use the files.
      BDCS_SSL_CA_CERT_FILE=
      BDCS_SSL_CHAIN_FILE=  
      To change the default Black Duck Code Sight admin username add this token:
      BDCS_ADMIN_USERNAME=<sysadmin>
      To configure the port number for the Code Search Tomcat server, set this token:
      BDCS_TOMCAT_PORT=9180
      To specify the maximum results shown in Code Search, set this token:
      Caution: Increasing this might impact performance.
      BDCS_SDK_SEARCH_LIMIT_MAX=200
      Advanced Black Duck Code Sight configuration settings:
      Note: The following are the advanced configuration tokens which can be set once during the time of installation.
       
      The path where the repositories are enabled for codesearch to check out.
      BDCS_SCAN_SOURCE_DIR_ROOT=/opt/collabnet/blackduck/scan
                          
      The path where the codesearch software is installed.
      BDCS_INSTALL_PATH=/opt/collabnet/blackduck
                          
      The path where codesearch database is installed.
      BDCS_PGSQL_HOME_DIR_ROOT=/opt/collabnet/blackduck/postgres
                          
      The port number for the codesearch db server.
      BDCS_PGSQL_PORT=55435
                          
      The tomcat maximum heap memory size in megabytes.
      BDCS_TOMCAT_MX_IN_MB=1024  
                          
      The shutdown port number for codesearch tomcat server.
      BDCS_TOMCAT_SHUTDOWN_PORT=9189
    16. To enable the history protection feature of TeamForge Git integration, set the GERRIT_FORCE_HISTORY_PROTECTION=true. For more information see GERRIT_FORCE_HISTORY_PROTECTION
    17. If you are installing TeamForge through disconnected media, set the token HELP_AVAILABILITY=local.
    18. Ensure to set the token SELINUX_SETUP=false temporarily in the site-options.conf file.
    19. Save the site-options.conf file.
  7. Recreate the runtime environment.
    • cd /opt/collabnet/teamforge-installer/7.1.0.0
    • ./install.sh -r -I -V
  8. If you are installing on a server that is behind a proxy, unset the http_proxy token.
    • export http_proxy=
  9. Set up the initial site data (bootstrap).
    • ./bootstrap-data.sh
  10. Start TeamForge.
    • /etc/init.d/collabnet start
    Note:
    • The TeamForge startup script installs the sample TeamForge project templates by default.
    • If the project templates are already installed, you cannot re-install them using the TeamForge startup script.
    • You may choose to delete the sample project templates. After deleting the sample project templates, you must set the INSTALL_TEMPLATES site options token to false. Otherwise, the project templates, if not found in the database, are installed automatically every time you restart the CollabNet services.
  11. If you have installed Git, add the "gitadmin" user with site-administrator rights through TeamForge user interface.
  12. If you have installed Black Duck Code Sight, then install the license for Black Duck Code Sight. For more information, see Install the Black Duck Code Sight license.
  13. If you have installed Git, integrate gerrit by running the post-install.py script.
    • /opt/collabnet/gerrit/scripts/post-install.py
    The post installation script detects the required configuration parameters. The following three parameters are not set by default. Provide a value for these parameters when prompted.
    • TeamForge login name: The dedicated TeamForge site administrator account that does not expire and cannot be locked.
    • TeamForge password: The password for the dedicated TeamForge site administrator account.
    • Database password: The password to protect Gerrit's database from unauthorized access. Specify its value when you first run the post-install.py script. Make a note of the database password as you may need it later.
    1. Restart the Gerrit services.
      • /etc/init.d/collabnet restart gerrit
    2. To verify the GIT integration: Login to the app server and run the following command:
      • /etc/init.d/collabnet status
  14. Run the following initial load jobs (ETL).
    1. Change to the runtime/scripts directory.
      • cd /opt/collabnet/teamforge/runtime/scripts
    2. Run the TrackerInitialJob.
      • ./etl-client.py -r TrackerInitialJob
    3. Run the SCMInitialJob.
      • ./etl-client.py -r SCMCommitInitialJob
      Tip: For more information see When do I run the initial load job?.
  15. Integrate the CLI reports by running the post-install.py script.
    • /opt/collabnet/teamforge/runtime/scripts/post-install.py
  16. To integrate the Black Duck Code Sight with the TeamForge run the Black Duck Code Sight post-install.sh script.
    Note: It is assumed that Subversion's client configuration file (/root/.subversion/config) for the root user is the default one without customization.
    • /opt/collabnet/teamforge/runtime/scripts/codesearch/post-install.sh
  17. If the token VALIDATE_SSL_CERTS is set to "true", you must run the codesearch runtime script trust-cert.sh in the application server and restart the Jboss service.
    • cd /opt/collabnet/teamforge/runtime/scripts/codesearch
    • ./trust-cert.sh
    • /etc/init.d/collabnet -V restart jboss
  18. Restart the collabnet services.
    • /etc/init.d/collabnet restart
  19. Apply some finishing touches and make sure everything is running smoothly.
    1. Reboot the server and make sure all services come up automatically at startup.
    2. Log into your site as the administrator. The value of the DOMAIN variable in the site-options.conf file is the URL to log into.
    3. Create a sample project. See Create a TeamForge project.
    4. Write a welcome message to your site's users. See Create a site-wide broadcast.
Installing TeamForge Orchestrate

To install TeamForge Orchestrate, see TeamForge Orchestrate installation.