Install Ubuntu (Linux) and other products needed to run SkyWin One
This guide was compiled and written in April 2025. Some links may be broken if a product version mentioned here does not exist.
1. Ubuntu Server
Install Ubuntu 24.04.2 LTS from https://ubuntu.com/download/server.
Update the installation with these commands in a Terminal window:
sudo apt-get update
sudo apt-get upgrade
sudo apt-get dist-upgrade
Set correct time zone (this is the Swedish setting) with this command in a Terminal window:
sudo timedatectl set-timezone Europe/Stockholm
Create directories we will be needing later:
mkdir /opt/skywin /opt/skywin/config /var/log/skywin /etc/skywin /etc/skywin/sqlbackups
Change configuration of Uncomplicated Fire Wall (UTW):
sudo ufw allow 22
sudo ufw allow 8080
sudo ufw allow 3306/tcp
2. Java, Apache and MySql
Install these products with this command in a Terminal window:
sudo apt-get install openjdk-11-jdk apache2 mysql-server
3. Tomcat (version 9)
Add a User för Tomcat product:
sudo useradd -m -d /opt/tomcat -U -s /bin/false tomcat
Download and install Tomcat 9:
cd /tmp
wget https://dlcdn.apache.org/tomcat/tomcat-9/v9.0.102/bin/apache-tomcat-9.0.102.tar.gz
sudo tar xzvf apache-tomcat-9*tar.gz -C /opt/tomcat --strip-components=1
Modify files to enable the installation:
sudo chown -R tomcat:tomcat /opt/tomcat/
sudo chmod -R u+x /opt/tomcat/bin
Change the Tomcat Users:
Use editor nano or vim to open the file /opt/tomcat/conf/tomcat-users.xml and make sure the section for tomcat-users looks like this:
<tomcat-users>
<role rolename="admin-gui"/>
<role rolename="manager-gui"/>
<user username="a_user_for_tomcat" password="a_password_for_tomcat" roles="admin-gui,manager-gui"/>
</tomcat-users>
Disable the function for Tomcat Valve:
Use editor nano or vim to open the file /opt/tomcat/webapps/manager/META-INF/context.xml and comment out the following line(s) using "<!-- " and " -->":
<!--<Valve className="org.apache.catalina.valves.RemoteAddrValve"
allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1" />-->
Add configuration when starting Tomcat:
Use editor nano or vim to create the file /etc/systemd/system/tomcat.service and ensure all the lines below exist:
[Unit]
Description=Tomcat
After=network.target
[Service]
Type=forking
User=tomcat
Group=tomcat
Environment="JAVA_HOME=/usr/lib/jvm/java-1.11.0-openjdk-amd64"
Environment="JAVA_OPTS=-Djava.security.egd=file:///dev/urandom"
Environment="CATALINA_BASE=/opt/tomcat"
Environment="CATALINA_HOME=/opt/tomcat"
Environment="CATALINA_PID=/opt/tomcat/temp/tomcat.pid"
Environment="CATALINA_OPTS=-Xms512M -Xmx1024M -server -XX:+UseParallelGC"
Environment="SKYWIN_CONFIG_DIR=/opt/skywin/config"
Environment="SKYWIN_LOG_DIR=/var/log/skywin"
ExecStart=/opt/tomcat/bin/startup.sh
ExecStop=/opt/tomcat/bin/shutdown.sh
RestartSec=10
Restart=always
[Install]
WantedBy=multi-user.target
Reload end enable Tomcat as a service using these commands:
sudo systemctl daemon-reload
sudo systemctl enable tomcat
Restart the server:
reboot
Verify that it works by browsing (from another computer in the same network) to http://ip_address_of_ubuntu_server:8080
4. Configure MySql
Secure the MySql installation...
mysql_secure_installation
...answer the questions accordingly:
Would you like to setup VALIDATE PASSWORD component?
No
Remove anonymous users?
Yes
Disallow root login remotely?
Yes
Remove test database and access to it?
Yes
Reload privilege tables now?
Yes
Create administrator user.
Open the mysql>-prompt...
sudo mysql
...and run these commands in sequence:
CREATE USER 'administrator'@'127.0.0.1' IDENTIFIED BY 'a_password_for_administrator';
CREATE USER 'administrator'@'localhost' IDENTIFIED BY 'a_password_for_administrator';
CREATE USER 'administrator'@'%' IDENTIFIED BY 'a_password_for_administrator';
GRANT ALL ON *.* TO 'administrator'@'127.0.0.1' WITH GRANT OPTION;
GRANT ALL ON *.* TO 'administrator'@'localhost' WITH GRANT OPTION;
GRANT ALL ON *.* TO 'administrator'@'%' WITH GRANT OPTION;
FLUSH PRIVILEGES;
You can check all MySql-users with:
SELECT user,host FROM mysql.user;
Leave the mysql>-prompt:
exit
Restart MySql and check status:
sudo systemctl restart mysql.service
sudo systemctl status mysql
Change network configuration:
As sudo, use editor nano or vim to open the file /etc/mysql/mysql.conf.d/mysqld.cnf and change this line:
bind-address = 0.0.0.0
Restart MySql and check status:
sudo systemctl restart mysql.service
sudo systemctl status mysql
Create backup-script:
Use editor nano or vim to create the file /etc/skywin/backupDb.sh and add this line:
mysqldump -u root -pa_password_for_administrator your_database_name > /etc/skywin/sqlbackups/skywin_dump_$(date +"%Y%m%d_%H%M").sql
Update the backup-script properties:
chmod +x /etc/skywin/backupDb.sh
Schedule the backup-script to run daily:
Use the command below, and add the schedule (below all commented rows):
crontab -e (first time you need to select which editor to use, I selected "1" which is nano)
Schedule to add: 0 16 * * * /etc/skywin/backupDb.sh
5. SkyWin One
Add option file for SkyWin One:
Use editor nano or vim to create the file /opt/skywin/config/skywinone.properties and ensure all the lines below exist:
# Data connection attributes
dataSource.url=jdbc:mysql://127.0.0.1/your database name
#dataSource.username=database user
#dataSource.password=database password
# Base url for the API services
grails.serverURL=http://IP-address:8080
# Mail settings
grails.mail.username=
grails.mail.password=
# Internal cache can be preloaded or not, can affect performance
skywin_parameter_load_cache_upon_startup=true
# Stop brute force attacks
skywin_block_brute_force=true
Add deployment script:
Use editor nano or vim to create the file /etc/skywin/deploySkywin.sh and ensure all the lines below exist:
sudo systemctl stop tomcat
sudo rm -rf /opt/tomcat/webapps/ROOT
sudo rm -rf /opt/tomcat/webapps/ROOT.war
sudo rm -rf /opt/tomcat/work/Catalina
sudo cp /home/your_linux_username/skywinone.war /opt/tomcat/webapps/ROOT.war
sudo systemctl start tomcat && sudo tail -1000f /opt/tomcat/logs/catalina.out
Update the deployment-script properties:
chmod +x /etc/skywin/deploy*.sh
