How To Install Apache Tomcat 9 on Debian 10
Apache Tomcat is a free, mature, robust, and popular web application server software that is used to serve Java-based applications. It is an open-source implementation of the Java Servlet, JavaServer Pages (JSP), Java Expression Language and Java WebSocket technologies, developed by the Apache Software Foundation (ASF).
Read Also: How to Install Apache Tomcat in Ubuntu
This tutorial will walk you through the process of installing and configuring the latest release of Tomcat 9 on your Debian 10 Linux server.
Before you start with this tutorial, make sure you have a non-root user account with sudo privileges on your server. If not, you can set up one using our guide on How to Create a New Sudo User on Ubuntu/Debian.
Step 1: Install Java on Debian 10
To install the latest release of Tomcat 9 on your Debian 10 server, you must have Java installed on the server so that you can execute Java web application code.
First, update the system software package index using the apt command as shown.
$ sudo apt update
Then install the Java Development Kit package using the apt command.
$ sudo apt install default-jdk
Once the Java installation is complete, check the version of Java installed on the system using the following command.
$ java -version
Step 2: Install Tomcat in Debian 10
For security purposes, Tomcat should be installed and executed by unprivileged user (i.e. not root). We will create a new tomcat group and user to run the Tomcat service under /opt/tomcat directory (Tomcat installation).
$ sudo mkdir /opt/tomcat $ sudo groupadd tomcat $ sudo useradd -s /bin/false -g tomcat -d /opt/tomcat tomcat
Once we set up tomcat user, now download the latest version of Tomcat 9 (i.e 9.0.30) from the Tomcat 9 Downloads page or use the following curl command-line tool to download the tarball and extract the archive to /opt/tomcat directory.
$ curl -O http://www-eu.apache.org/dist/tomcat/tomcat-9/v9.0.30/bin/apache-tomcat-9.0.30.tar.gz $ sudo tar xzvf apache-tomcat-9*tar.gz -C /opt/tomcat --strip-components=1
Next, assign the permissions to tomcat user to have access to the Tomcat installation /opt/tomcat directory.
$ cd /opt/tomcat $ sudo chgrp -R tomcat /opt/tomcat $ sudo chmod -R g+r conf $ sudo chmod g+x conf $ sudo chown -R tomcat webapps/ work/ temp/ logs/
Step 3: Create a Tomcat systemd Service File
We will create a new systemd service file to manage and run Tomcat as a service under systemd. To create a service file, you should know where Java is installed, as this referred to as
JAVA_HOME using the following command.
$ sudo update-java-alternatives -l
From the above output, our
Once we know our
JAVA_HOME, we can create the systemd service file called
tomcat.service in the /etc/systemd/system directory by running.
$ sudo nano /etc/systemd/system/tomcat.service
Paste the following contents into your
[Unit] Description=Apache Tomcat Web Application Container After=network.target [Service] Type=forking Environment=JAVA_HOME=/usr/lib/jvm/java-1.11.0-openjdk-amd64 Environment=CATALINA_PID=/opt/tomcat/temp/tomcat.pid Environment=CATALINA_HOME=/opt/tomcat Environment=CATALINA_BASE=/opt/tomcat Environment='CATALINA_OPTS=-Xms512M -Xmx1024M -server -XX:+UseParallelGC' Environment='JAVA_OPTS=-Djava.awt.headless=true -Djava.security.egd=file:/dev/./urandom' ExecStart=/opt/tomcat/bin/startup.sh ExecStop=/opt/tomcat/bin/shutdown.sh User=tomcat Group=tomcat UMask=0007 RestartSec=10 Restart=always [Install] WantedBy=multi-user.target
Next, reload the systemd to apply the new changes, so that it knows about our
$ sudo systemctl daemon-reload
Finally, you can start and verify the status of the Tomcat service by running the following commands.
$ sudo systemctl start tomcat $ systemctl status tomcat $ systemctl enable tomcat
Step 4: Enable Login for Tomcat Manager and Host Manager
In order to access the manager-gui and admin-gui web apps that comes with Tomcat, we must enable login to our Tomcat server by editing the tomcat-users.xml file as shown.
$ sudo nano /opt/tomcat/conf/tomcat-users.xml
Add the following configuration within the
<tomcat-users> tags, with the correct username and password as shown.
<role rolename="admin-gui,manager-gui"/> <user username="admin" password="password" roles="admin-gui,manager-gui"/>
The above configuration implies that add the admin-gui and manager-gui roles to a user named “admin” with a password of “tecmint123”.
Step 5: Enable Remote Login to Tomcat Manager and Host Manager
For security reasons, access to the Tomcat Manager and Host Manager apps is locked down to the localhost (the server where it is deployed), by default.
However, you can enable remote access from a specific IP address or any host or network to Tomcat Manager and Host Manager apps as explained below.
For the Tomcat Manager app, type:
$ sudo nano /opt/tomcat/webapps/manager/META-INF/context.xml
For the Host Manager app, type:
$ sudo nano /opt/tomcat/webapps/host-manager/META-INF/context.xml
Inside, comment out the IP address restriction to allow access from any network.
<Context antiResourceLocking="false" privileged="true" > <!--<Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1" />--> </Context>
Alternatively, enable remote access from your own IP address 192.168.0.103 or from a network (192.168.0.0) by adding the IP address to the list.
allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1|192.168.0.103" />--> allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1|192.168.0.*" />-->
Save the files, and restart the Tomcat service to keep our changes into effect.
$ sudo systemctl restart tomcat
Step 6: Access the Tomcat Web Interface
To access a Tomcat web interface from any browser, you need to open 8080 port to allow traffic to the Tomcat service on the firewall by typing.
$ sudo ufw allow 8080
Now access the Tomcat web management interface by going to your server’s domain name or IP address followed by port 8080 in your browser.
Let’s access the Manager App at the below URL, you will need to enter the account credentials.
Let’s access the Host Manager at the below URL, you will need to enter the account credentials.
That’s all! Your Tomcat installation is complete, now you can deploy and run Java web applications. If you have any questions or thoughts to share, reach us via the comment form below.