The noodle.properties and server.xml text files are in the conf directory.
If there are problems with the conf the logs will tell you about them.
Changes to the conf file will take effect the next time Noodle starts.
System Administration
PostgreSQL bug on Windows Domain
There is a limitation of the PostgreSQL installer if you are using windows domains.
The installer will need to make a postgres user that have write permissions on %PROGRAMFILES%\Postgres.
If the PostgreSQL is/will-be unable to do so, please setup the permissions beforehand. Adding write for "Everyone" or adding rights for a new postgres user with the default password Pgsq1p@ssword will avert this limitation.
If you tried a normal noodle install and you have a black "upgrade in progress" screen then this is likely the problem. There is no need to reinstall noodle; just uninstall PostgreSQL, set up the permissions, download the PGInstaller and reinstall PostgreSQL.
After you install PostgreSQL you will need to edit the pg_hba.conf and make sure there is a "127.0.0.1/32 password" line.
Next run the init.sql in the Noodle folder with PGAdmin3 one line at a time.
Restart the PostgreSQL then Noodle service.
Extensible full text search
Full-text search is extensible to any format, so long as there is a CLI tool to convert it to text.
Configuration of ORACLE and MSSQL built-in indexers differ and can be used in combination with this method.
To index the contents of popular formats like office documents on linux add the following to your .conf:
#tested
#apt/yum install -y poppler-utils pstotext antiword html2text unrtf python-excelerator libwpd-tools unzip catdoc
Indexer.IndexContent = ALL
Indexer.toTxt.Enabled = true
Indexer.toTxt.pdf = "pdftotext -q -eol unix -enc UTF-8 $IN $OUT"
Indexer.toTxt.doc = "antiword $IN > $OUT"
Indexer.toTxt.html = "html2text -nobs -o $OUT $IN"
Indexer.toTxt.xls = "xls2csv $IN > $OUT"
Indexer.toTxt.mp3 = "id3info $IN | grep '===' | grep -v 'PRIV' | grep -v 'image\/' | perl -p -e 's/^.+(\)|\])\:/ /g' > $OUT"
Indexer.toTxt.rtf = "unrtf --nopict --text $IN 2>/dev/null | grep -v '^### ' > $OUT"
Indexer.toTxt.docx = "unzip -p $IN word/document.xml | perl -p -e 's/<.+?>/ /g' > $OUT"
Indexer.toTxt.pptx = "unzip -p $IN ppt/slides/*.xml | perl -p -e 's/<.+?>/ /g' > $OUT"
Indexer.toTxt.xlsx = "unzip -p $IN xl/sharedStrings.xml | perl -p -e 's/<.+?>/ /g' > $OUT"
Indexer.toTxt.odt = "unzip -p $IN content.xml | perl -p -e 's/<.+?>/ /g' > $OUT"
Indexer.toTxt.ods = "unzip -p $IN content.xml | perl -p -e 's/<.+?>/ /g' > $OUT"
Indexer.toTxt.odp = "unzip -p $IN content.xml | perl -p -e 's/<.+?>/ /g' > $OUT"
# TensorFlow image search
#Indexer.toTxt.jpg = "python classify.py --image $IN | grep -P '^1\. ' > $OUT"
## others
#Indexer.toTxt.wpd = "wpd2text $IN > $OUT"
#Indexer.toTxt.jpg = "exiftool $IN > $OUT #for camera type or gps location"
#Indexer.toTxt.xls = "py_xlstoTxt $IN > $OUT # supports sheets but adds sheet = ----"
#Indexer.toTxt.docx = "unzip -p $IN word/document.xml | sed -e 's/<[^>]\{1,\}>/ /g' > $OUT"
Windows examples
Indexer.IndexContent = ALL Indexer.Interval = 30 Indexer.toTxt.Enabled = true Indexer.toTxt.pdf = "\"C:/Program Files/xpdf/pdftotext.exe\" $IN $OUT" Indexer.toTxt.doc = "C:\antiword\antiword.exe $IN > $OUT"
You can populate your conf file with command line method of converting the file types of your choice to text.
Be sure "System Tools > Settings > General > Enable Full Text Search" is set to "Yes".
Upgrade
- Login to your Noodle as the 'admin' user and press the upgrade button in System Tools > Settings > General > License.
Manual upgrade after 7.08.20:
- kill java (windows only)
- replace ROOT.war
- restart the Noodle service
- optionally upgrade OS, Java, and tomcat.
Version specifics
- If upgrading from Noodle 6.7.13 (2009-07-24) or before
- Java 8+ is required
- If using Microsoft SQL Server, version 2012+ is required.
- If upgrading from Noodle 7.08.20 (2021-06-22) or before
- Java 11+ is required
- and using Linux
- restart the service after the upgrade
- and using Windows
- move are replace intranet.bat_new to intranet.bat
- move enhydra/ to Backup*/
- restart the service after the upgrade
Notes
- Check you are not already using a current version.
- Major updates, are announced in the newsletter, and may be warned about on the login page.
- Changes are listed in the version history.
- The LTS branch changes annually.
- The release branch changes monthly.
- Changes to the 2nd part of the version number indicates the database schema has changed.
- Custom scripts and CSS should be verified to be working after each upgrade.
- Every version can upgrade from every past version.
- A Backup is advisable before each upgrade.
- It is advisable to upgrade the OS (, and Java if using Windows) before each Noodle upgrade.
Custom JavaScript
Make sure you adhere to formatting restrictions.
1. Add or un-comment the following line in the noodle.properties file:
ScriptFile = “noodleScript.js”
2. Add custom JavaScript to noodleScript.js
3. Restart Noodle.
To test put this in the noodleScript.js:
alert("It works");Save it and re-login to Noodle.
Other ways to insert custom JavaScript here.
You may want to wait for top.noodle like this.
Javascript – Hide DataManager Headers
You need custom scripts enabled and a page re-writer setup.
if (url.indexOf("datamanager/ReportView.po")>-1){
doc.getElementById("totalsTable").style.display="none";
}Backup
There are numerous backup methods generally complete or partial, hot or cold.
A simple method is a cold complete backup:
- Stop Noodle
- Stop the database
- Copy the database folder and the Noodle folder
- Start the database
- Start Noodle
- Send the folder copies to a different physical location
More options for database backups include:
- Hot complete backups: allow a snapshot of your database without stopping anything.
- Hot partial backups: can be used to backup only recent changes, allow for point in time recovery, and reduce server load.
- Hot partial backups: can also be used to keep a warm backup server in case of disaster - at any time it will be a usable exact copy of your production database.
- Cold partial backups: can decrease the time of a cold complete backup.
Production environments should select a backup strategy to maximize flexibility while reducing server load and storage requirements.
For details on backup options please read your database documentation.
Also see the windows postgres example
Message of the Day
To insert JavaScript or HTML into the login page of Noodle - often used for a Message of the Day (MOTD) or legal waiver:
- Open noodle.properties
- Add or uncomment MessageFile, e.g.
- Windows: MessageFile = "C:\\Program Files (x86)\\Noodle\\MOTD.html"
- Linux : MessageFile = "/opt/Noodle/MOTD.html"
- Make the file
- Restart Noodle
- Test with:
- MOTD works<script>alert('MOTD works');</script>
Other ways to insert JavaScript here
Redirect to SSL
Using modern web browsers and enabling "System Tools > Security > General > Use anti xss headers" will force continued HTTPS usage.
Old web browsers can be redirected by enabling MOTD, then adding the following to the end of your MOTD.html file:
<script>
if (document.location.href.indexOf("http:") > -1) {
document.location.href = document.location.href.replace(/http:\/\//, "https://");
}
</script>HTTPS
Existing key pair
If you already have a key pair (private and signed public) in a keystore (.jks, or .pfx/pkcs12) or as separate files (.pem) just make sure the server.xml file is pointing to them and restart the Noodle service. (see below for server.xml examples)
Making a keystore
1. Prepare
- Before a HTTPS connection is created and linked to the keys, make a backup of the server.xml file.
- Use CMD to add Keytool to your path (use the real path to keytool) e.g.:
SET PATH=%PATH%;%PROGRAMFILES%\java\bin2. Generate Keystore
keytool -genkey -alias noodle.domain.tld -validity 365 -keyalg RSA -keystore noodle.pfxOnce this command has been entered, Keytool will ask some questions regarding your company. Enter information as follows:
- Keystore Password: The first time you run this tool, it will create the keystore file protected by a password. You will need this password every time you access the keystore file.
- First and Last name: the domain name, for example noodle.domain.tld .
- Name of organizational unit: This is not the company name, but may be an internal department, e.g. Marketing Department.
- Name of your organization: Your company name, e.g. Vialect Inc.
- City or location, e.g. Windsor
- State or Province, e.g. Ontario
- 2-Letter Country code, e.g. CA
- Certificate password: This can be the same as the password for the keystore file.
3. Get your Certificate signed
Popular Certificate Authorities (CA) include Let's Encrypt, Thawte, VeriSign, GoDaddy, Network Solutions.
- Make a certificate signing request (CSR):
keytool -certreq -alias noodle.domain.tld -keystore noodle.pfx -file noodlecert.csr
After uploading the file or pasting the text from that file in the CA,
Select "Tomcat" as the format when downloading your signed public key from your CA.
- Import root certificates, if required:
keytool -import -alias carootcert -trustcacerts -file ca-root.crt -keystore noodle.pfx
- Import intermediate certificates, if required:
keytool -import -alias intermediate -trustcacerts -file intermediate.crt -keystore noodle.pfx
- Apply the Certificate Signature:
keytool -import -alias noodle.domain.tld -trustcacerts -file noodlecert.crt -keystore noodle.pfx
4. Create a HTTPS Connection
Edit server.xml by adding and adjusting the following example:
<Connector protocol="org.apache.coyote.http11.Http11NioProtocol" port="443" defaultSSLHostConfigName="null" SSLEnabled="true" >
<UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" />
<SSLHostConfig hostName="null" protocols="TLSv1.2,+TLSv1.3">
<Certificate type="RSA" certificateKeystoreFile="noodle.pfx" certificateKeystorePassword="123456"/>
</SSLHostConfig>
</Connector>5. Restart the Noodle service
Noodle can now be accessed using the HTTPS protocols.
If using Windows make sure The NoodleHTTPS entry in the your firewall is enabled and the correct port.
Options
Let's Encrypt
Consider a free certificate (not self signed) as an alternative to not using SSL. server.xml example:
<Connector protocol="org.apache.coyote.http11.Http11NioProtocol" port="443" defaultSSLHostConfigName="noodle.domain.tld" SSLEnabled="true" >
<UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" />
<SSLHostConfig hostName="noodle.domain.tld" protocols="TLSv1.2,+TLSv1.3">
<Certificate
certificateKeyFile="/etc/letsencrypt/live/noodle.domain.tld/privkey.pem"
certificateFile="/etc/letsencrypt/live/noodle.domain.tld/cert.pem"
certificateChainFile="/etc/letsencrypt/live/noodle.domain.tld/fullchain.pem"
type="RSA" />
</SSLHostConfig>
</Connector>Linux script
Redirect HTTP to HTTPS
Read how here.
Use Strong Encryption
Read how here.
Converting
Converting is not required as jks, pfx(pkcs12), pem are all supported.