Skip to content

CyberFM

  • Home
  • FileMaker Security
  • Disclaimer
  • Privacy Policy
  • Home
  • Dirk Schittko
  • FileMaker Under Linux
  • Dirk Schittko

FileMaker Under Linux

Dimitris Kokoutsidis 1 month ago5 days ago16 mins0

Dirk Schittko, Oct 1, 2024, FileMaker Konferenz 2024

Menu

  1. Why Choose Linux for FileMaker Server?
  2. Step-by-Step Installation of FileMaker Server on Ubuntu
  3. Post-Installation Configuration
  4. Security Best Practices
  5. Backup and Disaster Recovery Strategy
  6. Performance Optimization
  7. Advanced Automation and Maintenance
  8. Troubleshooting Common Issues
  9. Key Takeaways

At FMK 2024, Dirk Schittko delivered an insightful talk on the intricacies of setting up and managing FileMaker Server on Linux, particularly on Ubuntu. FileMaker Server, traditionally a Windows or macOS application, has found a new home in Linux, offering increased performance, cost savings, and reliability for FileMaker professionals. This post is a thorough breakdown of the key points, practices, and advanced techniques shared by Dirk, ensuring a successful deployment of FileMaker Server on Linux.

Why Choose Linux for FileMaker Server?

Before diving into the technical aspects, it’s essential to understand why Linux, and specifically Ubuntu, is recommended for running FileMaker Server:

  1. Stability: Linux, especially Long Term Support (LTS) releases like Ubuntu 22.04 LTS, is known for its rock-solid stability. Uptime can often be measured in years, making it ideal for mission-critical environments.
  2. Performance: Linux is lean. Without the overhead of a GUI (when using Ubuntu Server), it offers superior performance for server applications, ensuring faster response times and efficient resource utilization.
  3. Cost-Effectiveness: Ubuntu, being open-source, eliminates licensing costs associated with proprietary OS alternatives like Windows Server.
  4. Flexibility and Control: With Linux, you have complete control over every aspect of the server, allowing you to optimize it precisely to your requirements.
  5. Security: Linux is inherently secure, and with proper configuration, it provides a hardened environment to protect sensitive data stored in your FileMaker databases.

However, Dirk emphasized the need for a good understanding of Linux fundamentals. Unlike Windows or macOS, Linux is more command-line-driven. While this provides power and flexibility, it also means that issues can become more complex without the necessary knowledge.

Step-by-Step Installation of FileMaker Server on Ubuntu

Prerequisites

Before starting, ensure that your server meets the following requirements:

  • Ubuntu 22.04 LTS (Server Edition recommended)
  • Minimum 8GB of RAM
  • At least 80GB of free disk space for databases, backups, and logs
  • Root or sudo access

It’s essential to update your server’s packages and install necessary dependencies like wget and unzip:

sudo apt update && sudo apt upgrade
sudo apt install wget unzip curl

Downloading FileMaker Server

Claris provides an official distribution of FileMaker Server for Ubuntu. You can download the latest version from their website:

cd /tmp
wget https://downloads.claris.com/esd/fms_21.0.2.202_Ubuntu22_amd64.zip
unzip fms_21.0.2.202_Ubuntu22_amd64.zip

Installing FileMaker Server

Once downloaded and extracted, FileMaker Server can be installed via .deb packages. Run the following command to install all the necessary components:

sudo apt install ./*.deb

You’ll be prompted to accept the license agreement and provide admin credentials. Make sure to set a strong password for the Admin Console as this will be your primary access point to manage FileMaker Server.

Verifying Installation

After installation, you can verify that FileMaker Server is running by checking its services:

sudo fmsadmin status -u admin -p yourpassword

This command should show that all essential services like Database Engine, Web Publishing, and Admin Console are up and running.

Post-Installation Configuration

Configuring Hostname and Timezone

For accurate logs and network communications, ensure that your server is correctly configured with the appropriate hostname and timezone:

sudo timedatectl set-timezone Europe/Berlin
hostnamectl set-hostname my-filemaker-server

Check that the correct hostname is being used for external access by adding it to the /etc/hosts file:

sudo nano /etc/hosts

Add the following entry:

127.0.0.1   my-filemaker-server

File and Folder Structure

It’s a good practice to create a custom directory structure for your databases, container fields, and backups. This will help in keeping things organized and ensure that your data is stored on the right partitions or drives for better performance.

Create the directories:

sudo mkdir -p /var/filemaker/{Databases,Containers,Backups,Logs}
sudo chown -R fmserver:fmsadmin /var/filemaker/

Adjust permissions to secure access:

sudo chmod -R 770 /var/filemaker/

Security Best Practices

Securing FileMaker Server with SSL Certificates

One of the critical aspects of running any server, particularly one dealing with sensitive data, is ensuring that all communications are encrypted. Dirk recommended using Let’s Encrypt to obtain free, automated SSL certificates. Let’s Encrypt integrates seamlessly with FileMaker Server and automates the certificate renewal process.

  1. Install Certbot (Let’s Encrypt client):
sudo apt install certbot
  1. Generate SSL Certificate:
sudo certbot certonly --standalone -d your-domain.com
  1. Install SSL Certificate on FileMaker Server:

Once you have the certificate files (cert.pem, privkey.pem, and fullchain.pem), you can install them using the fmsadmin command:

sudo fmsadmin certificate import /etc/letsencrypt/live/your-domain.com/fullchain.pem --keyfile /etc/letsencrypt/live/your-domain.com/privkey.pem --intermediateCA /etc/letsencrypt/live/your-domain.com/chain.pem -y

Restart FileMaker Server to apply the changes:

sudo fmsadmin restart -u admin -p yourpassword

Configuring a Firewall

Configuring a firewall is essential to limit access to only necessary services. Using ufw (Uncomplicated Firewall) is one of the simplest ways to achieve this on Ubuntu.

Enable the firewall and allow only required ports:

sudo ufw allow 80,443/tcp  # HTTP/HTTPS for Admin Console and WebDirect
sudo ufw allow 2399/tcp     # FileMaker Server Admin Console
sudo ufw allow 5003/tcp     # FileMaker client connections
sudo ufw enable

To further enhance security, change the default SSH port and disable root login. This prevents brute-force attacks on common ports and strengthens server access security.

Change the SSH port (e.g., to 2222):

sudo nano /etc/ssh/sshd_config

Find the line #Port 22 and change it to:

Port 2222

Disable root login by setting:

PermitRootLogin no

After making changes, restart the SSH service:

sudo systemctl restart sshd

Backup and Disaster Recovery Strategy

Implementing Automated Backups

As Dirk highlighted, a robust backup strategy is crucial to ensuring data integrity and availability. The recommended approach is the 3-2-1 backup rule:

  1. Keep 3 copies of your data (one primary and two backups).
  2. Use 2 different media types (e.g., local disk and cloud storage).
  3. Keep 1 backup offsite.

You can use cron jobs to automate backups of your databases, containers, and logs.

Example cron job for daily backups:

sudo crontab -e

Add the following entry for daily backups at 2 AM:

0 2 * * * /usr/local/bin/fmsadmin BACKUP DATABASES -u admin -p password

Consider integrating a script to copy your backups to a remote server or cloud storage like AWS S3 or Google Cloud.

Restoring Backups

In the event of data loss or corruption, restoring from a backup is straightforward. Use the fmsadmin command:

sudo fmsadmin RESTORE DATABASE "/var/filemaker/Backups/mybackup.fmp12" -u admin -p password

Always test your backups periodically to ensure that they can be restored successfully.

Performance Optimization

Tweaking Server Settings for Performance

Dirk recommended the following tips to optimize performance on your Linux server:

  1. Database Cache: Increase the database cache size for improved performance. This can be adjusted in the Admin Console under “Database Settings”.
  2. Use SSDs: Store databases on SSD drives for faster read/write speeds. If your database is large and handles many concurrent users, this can significantly boost performance.
  3. Optimize Network Settings: Ensure that your server has adequate network bandwidth, particularly if you use WebDirect. You can monitor network performance using tools like iftop or nload.
  4. Monitor Server Performance: Use tools like htop to monitor CPU, memory, and disk usage. This helps identify potential bottlenecks and tune the system accordingly.

Advanced Automation and Maintenance

Using Cron for Automated Tasks

Linux’s cron utility is a powerful tool for scheduling regular tasks like backups, certificate renewals, and log cleanups. For example, to automate the renewal of your Let’s Encrypt SSL certificate:

sudo crontab -e

Add the following entry:

0 0 * * 0 certbot renew --quiet

This will automatically renew the SSL certificate weekly.

Regular Maintenance Tips

  • Update Packages Regularly: Ensure that your server software and security patches are up-to-date by running: sudo apt update && sudo apt upgrade
  • Monitor Logs: Regularly check the FileMaker Server logs to ensure there are no issues with performance, database consistency, or security. tail -f /var/log/filemaker-server/fmsadmin.log
  • Clean Up Old Logs and Backups: Set up a cron job to remove logs and backups older than a specified number of days to conserve disk space: sudo find /var/filemaker/Backups/* -mtime +30 -exec rm {} \;

Troubleshooting Common Issues

FileMaker Server Failing to Start

If FileMaker Server fails to start after an update or configuration change, check the logs for any errors:

sudo tail -n 100 /opt/FileMaker/FileMaker Server/Logs/fmsadminserver.log

Common causes include:

  • Missing or invalid SSL certificates.
  • Incorrect file permissions in the FileMaker directory.
  • Conflicting ports (ensure that the required ports are not used by other services).

SSL Certificate Errors

If you encounter SSL certificate issues, check the expiration date and the configuration of your certificates:

sudo openssl x509 -enddate -noout -in /etc/letsencrypt/live/your-domain.com/fullchain.pem

Ensure that the file permissions on the certificate files are correct:

sudo chmod 600 /etc/letsencrypt/live/your-domain.com/{fullchain.pem,privkey.pem}

Key Takeaways

Running FileMaker Server on Linux is a powerful option for those who want high performance, stability, and cost-efficiency. However, it comes with its own set of challenges, particularly around security and automation. By following the best practices outlined by Dirk Schittko at FMK 2024, you can ensure your FileMaker Server runs optimally, remains secure, and is backed by a strong disaster recovery plan.

By leveraging the full potential of Ubuntu and automating essential tasks, you’ll have a FileMaker Server that not only performs well but also scales with your growing business needs.

This guide provides a comprehensive look into setting up and managing FileMaker Server on Linux. Whether you’re a seasoned IT professional or just getting started with Linux, these best practices will help you deploy and maintain a secure, high-performing FileMaker environment.

https://filemaker-konferenz.com/wp-content/uploads/2024/10/FMK2024-Dirk-Schittko_dist.pdf

AI Chat by NotebookLM

Tagged: Attack Automation AWS Backup Best Book Chat Cloud Container Credentials Deployment Disaster FileMaker Pro FileMaker Server Firewall FM Konferenz 2024 Good Google Install Integrity Linux Load Login macOS Maintenance Network Plan Practice Recovery Response Restore Server SOC SSL SSO Stability Step-by-Step Storing Test Troubleshoot Ubuntu Update Upgrade UPS Web Windows

Dimitris Kokoutsidis

Post navigation

October 1, 2024
FileMaker, dylib hijacking
October 1, 2024
FMS, bypass authorisation