#!/bin/bash -ex # # *Note:* these installation instructions are also available in executable # form for use with vagrant under `vagrant/Install-on-Centos-8.sh`. # # Installing the Required Software # ================================ # # These instructions expect that you have a freshly installed CentOS version 8. # Make sure all packages are up-to-date by running: # sudo dnf update -y # The standard CentOS repositories don't contain all the required packages, # you need to enable the EPEL repository as well. For example for SELinux # related redhat-hardened-cc1 package. To enable it on CentOS run: sudo dnf install -y epel-release redhat-rpm-config # EPEL contains Postgres 9.6 and 10, but not PostGIS. Postgres 9.4+/10/11/12 # and PostGIS 2.4/2.5/3.0 are availble from postgresql.org. Enable these # repositories and make sure, the binaries can be found: sudo dnf -qy module disable postgresql sudo dnf install -y https://download.postgresql.org/pub/repos/yum/reporpms/EL-8-x86_64/pgdg-redhat-repo-latest.noarch.rpm export PATH=/usr/pgsql-12/bin:$PATH # Now you can install all packages needed for Nominatim: #DOCS: :::sh sudo dnf --enablerepo=powertools install -y postgresql12-server \ postgresql12-contrib postgresql12-devel postgis30_12 \ wget git cmake make gcc gcc-c++ libtool policycoreutils-python-utils \ llvm-toolset ccache clang-tools-extra \ php-pgsql php php-intl php-json libpq-devel \ bzip2-devel proj-devel boost-devel \ python3-pip python3-setuptools python3-devel \ python3-psycopg2 \ expat-devel zlib-devel libicu-devel pip3 install --user python-dotenv psutil Jinja2 PyICU datrie pyyaml # # System Configuration # ==================== # # The following steps are meant to configure a fresh CentOS installation # for use with Nominatim. You may skip some of the steps if you have your # OS already configured. # # Creating Dedicated User Accounts # -------------------------------- # # Nominatim will run as a global service on your machine. It is therefore # best to install it under its own separate user account. In the following # we assume this user is called nominatim and the installation will be in # /srv/nominatim. To create the user and directory run: # # sudo useradd -d /srv/nominatim -s /bin/bash -m nominatim # # You may find a more suitable location if you wish. # # To be able to copy and paste instructions from this manual, export # user name and home directory now like this: # if [ "x$USERNAME" == "x" ]; then #DOCS: export USERNAME=vagrant #DOCS: export USERNAME=nominatim export USERHOME=/srv/nominatim sudo mkdir -p /srv/nominatim #DOCS: sudo chown vagrant /srv/nominatim #DOCS: fi #DOCS: # # **Never, ever run the installation as a root user.** You have been warned. # # Make sure that system servers can read from the home directory: chmod a+x $USERHOME # Setting up PostgreSQL # --------------------- # # CentOS does not automatically create a database cluster. Therefore, start # with initializing the database: if [ "x$NOSYSTEMD" == "xyes" ]; then #DOCS: sudo -u postgres /usr/pgsql-12/bin/pg_ctl initdb -D /var/lib/pgsql/12/data #DOCS: sudo mkdir /var/log/postgresql #DOCS: sudo chown postgres. /var/log/postgresql #DOCS: else #DOCS: sudo /usr/pgsql-12/bin/postgresql-12-setup initdb fi #DOCS: # # Next tune the postgresql configuration, which is located in # `/var/lib/pgsql/12/data/postgresql.conf`. See section *Postgres Tuning* in # [the installation page](../admin/Installation.md#postgresql-tuning) # for the parameters to change. # # Now start the postgresql service after updating this config file: if [ "x$NOSYSTEMD" == "xyes" ]; then #DOCS: sudo -u postgres /usr/pgsql-12/bin/pg_ctl -D /var/lib/pgsql/12/data -l /var/log/postgresql/postgresql-12.log start #DOCS: else #DOCS: sudo systemctl enable postgresql-12 sudo systemctl restart postgresql-12 fi #DOCS: # # Finally, we need to add two postgres users: one for the user that does # the import and another for the webserver which should access the database # only for reading: # sudo -u postgres createuser -s $USERNAME sudo -u postgres createuser apache # # Installing Nominatim # ==================== # # Building and Configuration # -------------------------- # # Get the source code from Github and change into the source directory # if [ "x$1" == "xyes" ]; then #DOCS: :::sh cd $USERHOME git clone --recursive https://github.com/openstreetmap/Nominatim.git cd Nominatim else #DOCS: cd $USERHOME/Nominatim #DOCS: fi #DOCS: # When installing the latest source from github, you also need to # download the country grid: if [ ! -f data/country_osm_grid.sql.gz ]; then #DOCS: :::sh wget --no-verbose -O data/country_osm_grid.sql.gz https://www.nominatim.org/data/country_grid.sql.gz fi #DOCS: # The code must be built in a separate directory. Create this directory, # then configure and build Nominatim in there: #DOCS: :::sh mkdir $USERHOME/build cd $USERHOME/build cmake $USERHOME/Nominatim make sudo make install # # Setting up the Apache Webserver # ------------------------------- # # The webserver should serve the php scripts from the website directory of your # [project directory](../admin/Import.md#creating-the-project-directory). # This directory needs to exist when the webserver is configured. # Therefore set up a project directory and create the website directory: # mkdir $USERHOME/nominatim-project mkdir $USERHOME/nominatim-project/website # # You need to create an alias to the website directory in your apache # configuration. Add a separate nominatim configuration to your webserver: #DOCS:```sh sudo tee /etc/httpd/conf.d/nominatim.conf << EOFAPACHECONF Options FollowSymLinks MultiViews AddType text/html .php DirectoryIndex search.php Require all granted Alias /nominatim $USERHOME/nominatim-project/website EOFAPACHECONF #DOCS:``` sudo sed -i 's:#.*::' /etc/httpd/conf.d/nominatim.conf #DOCS: # # Then reload apache: # if [ "x$NOSYSTEMD" == "xyes" ]; then #DOCS: sudo httpd #DOCS: else #DOCS: sudo systemctl enable httpd sudo systemctl restart httpd fi #DOCS: # # Adding SELinux Security Settings # -------------------------------- # # It is a good idea to leave SELinux enabled and enforcing, particularly # with a web server accessible from the Internet. At a minimum the # following SELinux labeling should be done for Nominatim: if [ "x$HAVE_SELINUX" != "xno" ]; then #DOCS: sudo semanage fcontext -a -t httpd_sys_content_t "/usr/local/nominatim/lib/lib-php(/.*)?" sudo semanage fcontext -a -t httpd_sys_content_t "$USERHOME/nominatim-project/website(/.*)?" sudo semanage fcontext -a -t lib_t "$USERHOME/nominatim-project/module/nominatim.so" sudo restorecon -R -v /usr/local/lib/nominatim sudo restorecon -R -v $USERHOME/nominatim-project fi #DOCS: # You need to create a minimal configuration file that tells nominatim # the name of your webserver user: #DOCS:```sh echo NOMINATIM_DATABASE_WEBUSER="apache" | tee $USERHOME/nominatim-project/.env #DOCS:``` # Nominatim is now ready to use. Continue with # [importing a database from OSM data](../admin/Import.md).