In this article, we will have explained the necessary steps to install and configure Apache Tomcat on Debian 10. Before continuing with this tutorial, make sure you are logged in as a user with sudo privileges. All the commands in this tutorial should be run as a non-root user.
Install Apache Tomcat on Debian
Step 1. The first command will update the package lists to ensure you get the latest version and dependencies.
1 2 | sudoaptupdate sudoaptupgrade |
Step 2. Install Java.
Apache Tomcat requires Java to be installed. We’ll install OpenJDK, which is the default Java development and runtime in Debian:
1 | sudoaptinstalldefault-jdk |
Check Java is already installed on your system running following command:
1 | java-version |
Step 3. Create Tomcat User.
Becuase of security reason Tomcat should not run as root user. So now you should create a non-root user for Tomcat typing following command:
1 | sudouseradd-r-m-U-d/opt/tomcat-s/bin/falsetomcat |
Step 4. Install Tomcat.
First, download latest binaries from Tomcat Download Page. At the time creating this tutorial latest version is 9.0.14:
1 | wgethttp://www-eu.apache.org/dist/tomcat/tomcat-9/v9.0.14/bin/apache-tomcat-9.0.14.tar.gz -P |
Once the download is completed, extract the Tomcat archive and move it to the /opt/tomcat directory:
1 | sudotarxf/tmp/apache-tomcat-9*.tar.gz-C/opt/tomcat |
To have more control over Tomcat versions and updates, we will create a symbolic link latest which will point to the Tomcat installation directory:
1 | sudoln-s/opt/tomcat/apache-tomcat-9.0.14/opt/tomcat/latest |
Run following command to give installation directory ownership to tomcat user and tomcat group:
1 2 | sudochown-RHtomcat:/opt/tomcat/latest sudosh-c'chmod +x /opt/tomcat/latest/bin/*.sh' |
Step 5. Create Systemd Unit File.
Run following command to create tomcat.service unit file inside /etc/systemd/system/ directory:
1 | sudonano/etc/systemd/system/tomcat.service |
Add following line:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 | [Unit] Description=Tomcat9servletcontainer After=network.target [Service] Type=forking User=tomcat Group=tomcat Environment="JAVA_HOME=/usr/lib/jvm/default-java" Environment="JAVA_OPTS=-Djava.security.egd=file:///dev/urandom -Djava.awt.headless=true" Environment="CATALINA_BASE=/opt/tomcat/latest" Environment="CATALINA_HOME=/opt/tomcat/latest" Environment="CATALINA_PID=/opt/tomcat/latest/temp/tomcat.pid" Environment="CATALINA_OPTS=-Xms512M -Xmx1024M -server -XX:+UseParallelGC" ExecStart=/opt/tomcat/latest/bin/startup.sh ExecStop=/opt/tomcat/latest/bin/shutdown.sh [Install] WantedBy=multi-user.target |
Notify systemd that we created a new unit file and start the Tomcat service by executing:
1 2 | sudosystemctldaemon-reload sudosystemctlstarttomcat |
Step 6. Update The Firewall Settings.
If your firewall running on your Debian system and you want to access the tomcat interface from the outside of your local network you’ll need to open the port 8080:
1 | sudoufwallow8080/tcp |
Step 7. Configure Tomcat Web Management Interface.
Tomcat users and roles are defined in the tomcat-users.xml file. This file is a template with comments and examples describing how to configure the create a user or role:
1 | sudonano/opt/tomcat/latest/conf/tomcat-users.xml |
Now add username and password for admin-gui and manager-gui. Make it sure you are setting strong username and password:
1 2 3 4 5 | <tomcat-users> <rolerolename="admin-gui"/> <rolerolename="manager-gui"/> <userusername="admin"password="admin_password"roles="admin-gui,manager-gui"/> </tomcat-users> |
By default, Apache Tomcat restrict access to Manager and Host Manager apps to connections coming from the server also. You should remove these restrictions.
To change IP address restriction open following files. Open Manager app context file using below command:
1 | sudonano/opt/tomcat/latest/webapps/manager/META-INF/context.xml |
Open Host Manager app context file using below command:
1 | sudonano/opt/tomcat/latest/webapps/host-manager/META-INF/context.xml |
Add commnets as given in following file:
1 2 3 4 5 6 | <ContextantiResourceLocking="false"privileged="true"> <!-- <ValveclassName="org.apache.catalina.valves.RemoteAddrValve" allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1"/> --> </Context> |
Remember to restart the Tomcat service each time you edit Tomcat configuration files for changes to take effect:
1 | sudosystemctlrestarttomcat |
Step 8. Test the Tomcat Installation.
Open your browser and type: http://<your-domain_or_IP-address>:8080
You should get following output for successful installation:
Now use Manager App visiting http://YOUR-DOMAIN_NAME_OR_IP-ADDRESS:8080/manager/html.
Congratulation, you have learned how to install and configure Tomcat on Debian 10 Buster. If you have any question, please leave a comment below.
