PhixFlow Help

Installing PhixFlow

This topic is for system administrators. It describes how to install a new instance of PhixFlow.

Prerequisites

Before you start installing PhixFlow, please complete the steps in Planning your PhixFlow System. Your IT system must meet the PhixFlow system requirements. In particular, you must have:

  • installed a database server
  • configured a database instance or schema and the user or login credentials
  • installed a (Linux or Windows) server to act as the web-application (webapp) host.

Optionally, you can install a Linux or Windows server to act as the reverse proxy / HTTPS proxy.

Summary Installation Instructions

The pages in this topic guide you through a complete PhixFlow installation. A summary of the steps is:

Required or recommendedPage with detailsSummary
Required if Java is not already installedInstall JavaDownload and install Java.
Required if Tomcat is not already installed

Install Tomcat


Download and install the Apache Tomcat web-application (webapp) server.
Recommended

Configure Tomcat for HTTPS

You are responsible for ensuring all PhixFlow communication is secure.

  • Either use HTTP communication behind a secure firewall.
  • Or you must configure Tomcat to use HTTPS communication with the PhixFlow webapp. You must also disable HTTP access to the webapp.
Recommended

Linux: Install Pound Reverse Proxy

Windows: Microsoft blog post about IIS as a reverse proxy

If you want to make your web server visible on the default ports (e.g. on Linux, http: 80, https: 443) we recommend that you use a reverse proxy to terminate the HTTPS session and to forward web requests using HTTP to the Tomcat server. The proxy and Tomcat servers must run on a private network or on the same server and the Tomcat server must not be directly accessible to normal users. In this configuration, the reverse proxy runs as root, which allows it:

  • to use privileged ports (up to port 1000)
  • to forward requests to the web server, which runs:
    • as a non-privileged user (normally 'tomcat')
    • on non-privileged ports (above 1000).

Options for reverse proxy servers are:

  • On Linux servers, Pound 
  • On Windows servers, IIS.

Tomcat on Linux

Do not run Tomcat as root on Linux as this constitutes a security risk.

RequiredUnpack PhixFlow Release Package

If you do not already have the PhixFlow package to install, you can download it from our support FTP site. Please email support@phixflow.com.

Log on to the webapp host and unpack the release package.

RequiredInstall the PhixFlow Database Schema

Create a database user and tables. Populate the tables with initial configuration data and set the customer name. See also the details in Database URLs.

RequiredConfigure a Keystore for Database Credentials

Create a keystore for the database credentials and their aliases. Configure the following files to use the keystore:

  • phixflow-datasource.xml
  • phixflow-secret.xml
  • an environment variable (recommended).
OptionalMS SQL Server Integrated AuthenticationEnable server support for integrated user authentication.
RequiredInstall the PhixFlow WebappCopy the PhixFlow webapp from the unpacked release package into Tomcat and configure it.
RequiredStart PhixFlow and Configure

Check that the application is running by starting the client and logging in with the username startup and password: Startup.

After Installation

Once PhixFlow is installed, see Administration for details of the configuration steps required immediately after installation, as well as the ongoing configuration and maintenance tasks.

Please let us know if we could improve this page feedback@phixflow.com