Introduction
qdPM is a free and open-source web application for project management. It is designed for small teams working on multiple projects and allows easy management of tasks and roles. qdPM is fully configurable and features a customer-facing ticket system that is integrated into task management. This guide will walk you through the complete installation and configuration of qdPM 9.1 on CentOS 7 with SELinux in enforcing mode.
Requirements
- A fresh CentOS 7 system.
- Root access to your server.
- Optionally, a domain name with an A record pointing to your IP address (required for HTTPS.)
NOTE: pm.example.com should be replaced with the public IP address or domain name of your server.
Installation
Step 1: Installing PHP, Apache and MariaDB.
qdPM requires a web server with PHP processing and a MySQL database. We will install and setup Apache and MariaDB to fulfill those requirements.
Update your system and software:
yum update -y
reboot
After the reboot, login again to install Apache, PHP, MariaDB, and other packages:
yum install -y httpd php php-common php-pdo php-mysql php-xml mariadb-server unzip wget
And make sure the Apache and MariaDB services are enabled and running:
systemctl enable --now httpd.service mariadb.service
If SELinux is enforcing (check with getenforce), install the corresponding management utilities:
yum install -y policycoreutils-python
Step 2: Database Setup.
We’ll create a database and a corresponding user dedicated to qdPM. But first, secure your MySQL installation with the following script:
mysql_secure_installation
During the process, answer questions as shown below:
Enter current password for root (enter for none): Press :key_enter:
Set root password? [Y/n]: y
New password: <your-secure-password>
Re-enter new password: <your-secure-password>
Remove anonymous users? [Y/n]: y
Disallow root login remotely? [Y/n]: y
Remove test database and access to it? [Y/n]: y
Reload privilege tables now? [Y/n]: y
Now let’s setup the database and user:
mysql -u root -p
Enter the MariaDB root password you set earlier to log in. In the MySQL cli, use the following commands to create a database and user:
CREATE DATABASE qdpm_db default charset utf8;
CREATE USER 'qdpm_user'@'localhost' IDENTIFIED BY 'StrongPasswordHere';
GRANT ALL PRIVILEGES ON qdpm_db.* TO 'qdpm_user'@'localhost';
EXIT;
Step 3: Download qdPM.
Use the following command to download qdPM 9.1:
wget https://netix.dl.sourceforge.net/project/qdpm/qdPM_9.1.zip
Unzip to the webroot:
unzip -d /var/www/html/qdpm qdPM_9.1.zip
rm qdPM_9.1.zip
And give ownership of the qdpm directory to the Apache user:
chown -R apache:apache /var/www/html/qdpm
Step 4: HTTPD configuration.
We’ll now configure Apache. Create a virtual host file in /etc/httpd/conf.d/ with a text editor of your choice. For example:
nano /etc/httpd/conf.d/qdpm80.conf
Add the following lines (while replacing pm.example.com with your own domain name or IP address).
<VirtualHost *:80>
DocumentRoot /var/www/html/qdpm
ServerName pm.example.com
<Directory /var/www/html/qdpm>
Options FollowSymLinks
AllowOverride All
</Directory>
ErrorLog /var/log/httpd/qdpm-error.log
CustomLog /var/log/httpd/qdpm-access.log common
</VirtualHost>
Reload the httpd service to apply the new configuration:
systemctl reload httpd.service
And enable traffic to port 80:
firewall-cmd --add-service http --permanent
firewall-cmd --reload
Your qdPM instance should be accessible at http://pm.example.com/. Proceed to step 5 if you want to configure HTTPS, or skip to step 6 to finalize the installation process.
Step 5a: HTTPS configuration (Optional, highly recommended).
Please note that this step will not work with an IP address, a domain name is required. Start by installing certbot and the SSL module for Apache, followed by obtaining an SSL certificate for your domain name from Let’s Encrypt, using the certbot tool:
yum install -y certbot mod_ssl
certbot certonly --webroot --agree-tos -m youremail@domain.tld -d pm.example.com
You’ll be prompted to input the webroot location for your domain, enter /var/www/html/qdpm. Certbot will verify ownership of your domain and will issue an SSL certificate which we will use to setup HTTPS. Next, create another virtual host file:
nano /etc/httpd/conf.d/qdpm443.conf
And add these lines:
<VirtualHost *:443>
DocumentRoot /var/www/html/qdpm
ServerName pm.example.com
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/pm.example.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/pm.example.com/privkey.pem
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
SSLHonorCipherOrder on
SSLCompression off
SSLOptions +StrictRequire
<Directory /var/www/html/qdpm>
Options FollowSymLinks
AllowOverride All
</Directory>
ErrorLog /var/log/httpd/qdpm-error.log
CustomLog /var/log/httpd/qdpm-access.log common
</VirtualHost>
Reload the Apache service:
systemctl reload httpd.service
And allow HTTPS traffic through the firewall:
firewall-cmd --add-service https --permanent
firewall-cmd --reload
Step 5b: HTTP to HTTPS redirection
If you’d like to redirect all incoming HTTP traffic to HTTPS, open /etc/httpd/conf.d/qdpm80.conf in a text editor and add the following lines after the ServerName directive:
RewriteEngine on
RewriteCond %{SERVER_NAME} =pm.example.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]
And reload the Apache service once again:
systemctl reload httpd.service
Step 6: SELinux
If SELinux is permissive/disabled and you do not intend on enabling it later, you can skip this step.
qdPM requires write access to the core directory. To allow this access, set the “httpd_sys_rw_content_t” context on core and its children:
semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/html/qdpm/core(/.*)?"
restorecon -Rv /var/www/html/qdpm/
Step 7: Web Installer
Navigate to http://pm.example.com/ or https://pm.example.com/. You should get see the message Environment checked. No errors found. You can install qdPM.. Click Database Config and fill in the form as follows:
- Database host:
localhost - Database port: Leave blank.
- Database name:
qdpm_db - DB username:
qdpm_user - DB password: Enter the password you chose during user creation in step 2.
Now click “Install Database” and enter your email and password to create the default administrator account.
Finally, wait for the web installer to finish, then login via SSH and remove the `install’ directory:
rm /var/www/html/qdpm/install/ -rf
Your qdPM installation is now complete.