System Administration

System Administration information

  1. Login to your Noodle as the 'admin' user and press the upgrade button in System Tools > Settings > General > License.

Manual upgrade after 7.08.20:

  1. Replace ROOT.war
  2. Optionally upgrade Tomcat.
  3. Restart the Noodle service

Version specifics

  • If upgrading from Noodle 6.07.13 (2009-07-24) or before
    • Java 8+ is required
    • and using Microsoft SQL Server, version 2012+ is required.
  • If upgrading from Noodle 7.08.20 (2021-06-22) or before
    • Java 11+ is required
    • and using Linux
      • restart the service after the upgrade
    • and using Windows
      • move are replace intranet.bat_new to intranet.bat
      • move enhydra/ to Backup*/
      • restart the service after the upgrade
  • If upgrading from Noodle 7.14.03 (2025-05-02) or before
    • and using Windows, kill is required in place of service stop (but not restart).

Notes

  • Major updates, are announced in the newsletter, and may be warned about on the login page.
  • Changes are listed in the version history.
  • The LTS branch changes annually.
  • The release branch changes monthly.
  • Changes to the 2nd part of the version number indicates the database schema has changed.
  • Custom scripts and CSS should be verified to be working after each upgrade.
  • Every version can upgrade from every past version.
  • A Backup is advisable before each upgrade.
  • It is advisable to upgrade the OS, JRE, and RDBMS before each Noodle upgrade.

Current Versions

There are numerous backup methods generally; complete or partial, hot or cold.

A simple method is a cold complete backup:

  • Stop Noodle
  • Stop the database
  • Copy the database folder and the Noodle folder
  • Start the database
  • Start Noodle
  • Send the folder copies to a different physical location

Backup option selection:

  • Hot complete backups: Allow a snapshot of your database without stopping anything.
  • Hot partial backups: Can be used to backup only recent changes, allow for point in time recovery, and reduce server load. Can also be used to keep a warm backup server in case of disaster. At any time it will be a usable exact copy of your production database.
  • Cold partial backups: Can decrease the time of a cold complete backup.
  • Cold complete backups: Are the simple option.

Production environments should select a backup strategy to maximize flexibility while reducing server load and storage requirements.

For details on backup options please read your VM and database documentation:

Also see the Windows PostgreSQL example.

To insert JavaScript or HTML into the login page of Noodle - often used for a Message of the Day (MOTD) or legal waiver:

  1. Open noodle.properties
  2. Add or uncomment MessageFile, e.g.
    • Windows: MessageFile = "C:\\Program Files (x86)\\Noodle\\MOTD.html"
    • Linux : MessageFile = "/opt/Noodle/MOTD.html"
  3. Make the file
  4. Restart Noodle
  5. Test with:
    • MOTD works<script>alert('MOTD works');</script>

Other ways to insert JavaScript here

Using modern web browsers and enabling "System Tools > Security > General > Use anti xss headers" will force continued HTTPS usage.

Old web browsers can be redirected by enabling MOTD, then adding the following to the end of your MOTD.html file:

<script>
    if (document.location.href.indexOf("http:") > -1) {
        document.location.href = document.location.href.replace(/http:\/\//, "https://");
    }
</script>

Automatic

Automation of renewals via ACME are supported by most Certificate Authorities and are recommended due to the industry transition to 47 day certificates. Automation can be set up manually or If Noodle is publicly accessible via port 80 on a public domain name it can set itself up via

  • System Tools > Settings > Security > Auto HTTPS

Free

If automation is used, free certificates are available from

Manual Existing key pair

If you already have a key pair (private and signed public) in a keystore (.jks/PKCS#7, or .pfx/pkcs12) or as separate files (.der, .pem/X.509) just make sure the server.xml file is pointing to them and restart the Noodle service. (see below for server.xml examples)

Manually Making a keystore

1. Prepare

  • Before a HTTPS connection is created and linked to the keys, make a backup of the server.xml file.
  • Use CMD to add Keytool to your path (use the real path to keytool) e.g.:
SET PATH=%PATH%;%PROGRAMFILES%\java\bin

2. Generate Keystore

keytool -genkey -alias noodle.domain.tld -validity 365 -keyalg RSA -keystore noodle.pfx

Once this command has been entered, Keytool will ask some questions regarding your company. Enter information as follows:

  • Keystore Password: The first time you run this tool, it will create the keystore file protected by a password. You will need this password every time you access the keystore file.
  • First and Last name: the domain name, for example noodle.domain.tld .
  • Name of organizational unit: This is not the company name, but may be an internal department, e.g. Marketing Department.
  • Name of your organization: Your company name, e.g. Vialect Inc.
  • City or location, e.g. Windsor
  • State or Province, e.g. Ontario
  • 2-Letter Country code, e.g. CA
  • Certificate password: This can be the same as the password for the keystore file.

3. Get your Certificate signed

Popular Certificate Authorities (CA) include Let's Encrypt, Thawte, VeriSign, GoDaddy, Network Solutions.

  • Make a certificate signing request (CSR):
keytool -certreq -alias noodle.domain.tld -keystore noodle.pfx -file noodlecert.csr

After uploading the file or pasting the text from that file in the CA,

Select "Tomcat" as the format when downloading your signed public key from your CA.

  • Import root certificates, if required:
keytool -import -alias carootcert -trustcacerts -file ca-root.crt -keystore noodle.pfx
  • Import intermediate certificates, if required:
keytool -import -alias intermediate -trustcacerts -file intermediate.crt -keystore noodle.pfx
  • Apply the Certificate Signature:
keytool -import -alias noodle.domain.tld -trustcacerts -file noodlecert.crt -keystore noodle.pfx

4. PFX server.xml example

<Connector protocol="org.apache.coyote.http11.Http11NioProtocol" port="443" defaultSSLHostConfigName="null" SSLEnabled="true" >
    <UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" />
    <SSLHostConfig hostName="null" protocols="TLSv1.2,+TLSv1.3">
        <Certificate type="RSA" certificateKeystoreFile="noodle.pfx" certificateKeystorePassword="123456"/>
    </SSLHostConfig>
</Connector>

5. Restart the Noodle service

Noodle can now be accessed using the HTTPS protocols.

If using Windows make sure The NoodleHTTPS entry in the your firewall is enabled and the correct port. 

PEM server.xml example

<Connector protocol="org.apache.coyote.http11.Http11NioProtocol" port="443" defaultSSLHostConfigName="noodle.domain.tld" SSLEnabled="true" >
    <UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" />
    <SSLHostConfig hostName="noodle.domain.tld" protocols="TLSv1.2,+TLSv1.3">
    <Certificate
        certificateKeyFile="/etc/letsencrypt/live/noodle.domain.tld/privkey.pem"
        certificateFile="/etc/letsencrypt/live/noodle.domain.tld/cert.pem"
        certificateChainFile="/etc/letsencrypt/live/noodle.domain.tld/fullchain.pem"
        type="RSA" />
    </SSLHostConfig>
</Connector>

Redirect HTTP to HTTPS

Read how here.

Use Strong Encryption

Read how here.

Converting

Converting is not required as jks, pfx(pkcs12), pem are all supported.

See Tomcat documentation here.

The amount of information sent to the noodle.log can be adjusted in noodle.properties file. To enable Debug Logging do the following:

  1. Upgrade
  2. Enable debugging: Server.LogToFile[] = EMERGENCY, ALERT, CRITICAL, ERROR, WARNING, NOTICE, INFO, DEBUG, REQUEST
  3. If using windows stop Noodle in order to unlock files.
  4. Empty the log folder
  5. Restart Noodle
  6. Perform the action requiring information
  7. Stop Noodle
  8. Zip the log folder
  9. Email the zip to Vialect
  10. Revert the conf file
  11. Start Noodle

Windows

  • The Windows installer will make a service automatically for you.

Linux

  • The Linux installer defaults to not adding a Noodle service.
  • Systemd:
    1. cp /opt/Noodle/noodle.service /lib/systemd/system/
    2. systemctl enable noodle
  • init
    1. cp /opt/noodle/noodle.daemon /etc/init.d/noodle
    2. Enable the service:
      • debian: update-rc.d noodle defaults
      • red hat: chkconfig --add noodle;chkconfig noodle on;