Tomcat is a free and open-source web server and servlet container in which Java code can run. It consists of several components: Catalina (a servlet container), Coyote (an HTTP connector) and Jasper (a Jakarta Server Pages engine). Tomcat is released under the Apache 2.0 License.
For this guide you should be familiar with the basic concepts of
After logging in with ssh, check which Java version you are running and where it is located:
[isabell@stardust ~]$ java --version openjdk 17 2021-09-14 OpenJDK Runtime Environment 21.9 (build 17+35) OpenJDK 64-Bit Server VM 21.9 (build 17+35, mixed mode, sharing) [isabell@stardust ~]$ which java /usr/bin/java [isabell@stardust ~]$
Also check your URL and, if you like, set up additional domains:
[isabell@stardust ~]$ uberspace web domain list isabell.uber.space [isabell@stardust ~]$
Create application directory and files¶
First create a folder called
[isabell@stardust ~]$ mkdir ~/tomcat [isabell@stardust ~]$
Next, look for the latest version of Tomcat and unpack it into your new folder:
[isabell@stardust ~]$ wget https://dlcdn.apache.org/tomcat/tomcat-10/v10.0.16/bin/apache-tomcat-10.0.16.tar.gz Resolving dlcdn.apache.org (dlcdn.apache.org)... 18.104.22.168, 2a04:4e42::644 Connecting to dlcdn.apache.org (dlcdn.apache.org)|22.214.171.124|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 11906902 (11M) [application/x-gzip] Saving to: ‘apache-tomcat-10.0.16.tar.gz’ [isabell@stardust ~]$ tar --extract --file=apache-tomcat-10.0.16.tar.gz --directory=tomcat/ --strip-components=1 [isabell@stardust ~]$ rm apache-tomcat-10.0.16.tar.gz [isabell@stardust ~]$
Set up service¶
Create the service file
~/etc/services.d/tomcat.ini and fill it with:
[program:tomcat] environment=CATALINA_HOME=%(ENV_HOME)s/tomcat command=%(ENV_HOME)s/tomcat/bin/catalina.sh run
You could explicitly set further environment variables like
JAVA_HOME (required for debugging) or
CATALINA_BASE (specify directories for multiple instances). These are documented in the initial comment block of
~/tomcat/bin/catalina.sh but are not required for a minimal installation.
After creating the configuration, tell supervisord to refresh its configuration and start the service:
[isabell@stardust ~]$ supervisorctl reread SERVICE: available [isabell@stardust ~]$ supervisorctl update SERVICE: added process group [isabell@stardust ~]$ supervisorctl status SERVICE RUNNING pid 26020, uptime 0:03:14 [isabell@stardust ~]$
For your convenience, you may also want to create a symbolic link to the log file. Note the differences between
catalina.YYYY-MM-DD.log explained here .
[isabell@stardust ~]$ ln -s ~/tomcat/logs/catalina.out ~/logs/tomcat.log
Tomcat is now up and running as a service. To make it accessible from the outside, we need to configure a web backend.
Set up web backend¶
Tomcat is running on port 8080. This is only relevant for the server but can nevertheless be changed in
To make the application accessible from the outside, configure a web backend:
[isabell@stardust ~]$ uberspace web backend set / --http --port <port> Set backend for / to port <port>; please make sure something is listening! You can always check the status of your backend using "uberspace web backend list". [isabell@stardust ~]$
At this point, Tomcat should be visible at
https://isabell.uber.space. However, to really make use of the management interface you still need to give yourself access.
Set up web management users¶
To make the management interface usable, edit
~/tomcat/conf/tomcat-users.xml. You will find several blocks of comments that you may want to delete or simply uncomment. Make sure to add or uncomment the following line within the
<tomcat-users>...</tomcat-users> tag and set an appropriate password:
<user username="admin" password="SET-YOUR-PASSWORD" roles="manager-gui,admin-gui"/>
By default, Tomcat only allows connections coming from the server itself to access the Manager and Host Manager apps. Since it is installed on a remote machine, you will probably want to remove this restriction. Open the files at
~/tomcat/webapps/host-manager/META-INF/context.xml and comment out the IP restrictions in both of them by adding
<!-- ... --> like this:
<Context antiResourceLocking="false" privileged="true" > <!--<Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1" />--> </Context>
Afterwards, restart the
[isabell@stardust ~]$ supervisorctl restart tomcat [isabell@stardust ~]$
Tomcat should now be fully usable!
Tested with Uberspace 7.11.5 and Tomcat 10.0.16 on OpenJDK 17.Written by: Christian Macht <https://github.com/cmacht/>