Installation Guide
This comprehensive installation guide will help you set up SecureHealth for development, testing, or production environments.
System Requirements
Minimum Requirements
- CPU: 2 cores
- RAM: 4GB
- Storage: 10GB free space
- OS: Linux, macOS, or Windows with WSL2
Recommended Requirements
- CPU: 4+ cores
- RAM: 8GB+
- Storage: 50GB+ SSD
- OS: Ubuntu 20.04+, macOS 12+, Windows 11 with WSL2
Prerequisites
Required Software
- Docker: Version 20.10+
- Docker Compose: Version 2.0+
- Git: Latest version
- PHP: Version 8.1+ (for local development)
- Composer: Latest version (for PHP dependencies)
MongoDB Atlas Account
- MongoDB Atlas cluster with Queryable Encryption enabled
- Encryption key configured
- Database user with appropriate permissions
Installation Methods
Method 1: Docker Compose (Recommended)
This is the easiest way to get started with SecureHealth.
Step 1: Clone the Repository
Clone Repository
git clone https://github.com/mrlynn/securehealth.git
cd securehealth
Step 2: Configure Environment
Create a .env file:
# Application Configuration
APP_ENV=prod
APP_SECRET=your-super-secret-key-here
APP_DEBUG=false
# MongoDB Configuration
MONGODB_URI=mongodb+srv://username:password@cluster.mongodb.net/securehealth
MONGODB_DATABASE=securehealth
# Encryption Configuration
ENCRYPTION_KEY_ID=your-encryption-key-id
ENCRYPTION_KEY_VAULT_NAMESPACE=encryption.__keyVault
# Security Configuration
JWT_SECRET=your-jwt-secret-key
ENCRYPTION_ALGORITHM=AES-256-GCM
# Logging Configuration
LOG_LEVEL=info
AUDIT_LOG_ENABLED=true
Step 3: Start Services
# Start all services
docker-compose up -d
# Check service status
docker-compose ps
# View logs
docker-compose logs -f
Method 2: Manual Installation
For development environments or custom configurations.
Step 1: Install PHP Dependencies
composer install --no-dev --optimize-autoloader
Step 2: Configure Web Server
Apache Configuration (/etc/apache2/sites-available/securehealth.conf):
<VirtualHost *:80>
ServerName securehealth.local
DocumentRoot /path/to/securehealth/public
<Directory /path/to/securehealth/public>
AllowOverride All
Require all granted
</Directory>
ErrorLog ${APACHE_LOG_DIR}/securehealth_error.log
CustomLog ${APACHE_LOG_DIR}/securehealth_access.log combined
</VirtualHost>
Nginx Configuration (/etc/nginx/sites-available/securehealth):
server {
listen 80;
server_name securehealth.local;
root /path/to/securehealth/public;
index index.php;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ \.php$ {
fastcgi_pass unix:/var/run/php/php8.1-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
include fastcgi_params;
}
}
Step 3: Database Setup
# Create database schema
php bin/console doctrine:mongodb:schema:create
# Load initial data
php bin/console doctrine:fixtures:load
MongoDB Atlas Configuration
Step 1: Create Cluster
- Log in to MongoDB Atlas
- Create a new cluster (M10 or higher recommended)
- Enable Queryable Encryption
- Configure network access and database users
Step 2: Configure Encryption
- Navigate to the Encryption section in Atlas
- Create a new encryption key
- Note the Key ID and Key Vault namespace
- Configure field-level encryption rules
Step 3: Database User Setup
Create a database user with the following permissions:
readWriteon thesecurehealthdatabasereadWriteon theencryption.__keyVaultcollection
Security Configuration
Encryption Key Management
# Generate encryption key (development only)
openssl rand -base64 32
# For production, use a proper key management system
# such as AWS KMS, Azure Key Vault, or HashiCorp Vault
Environment Security
# Set proper file permissions
chmod 600 .env
chmod -R 755 var/
chmod -R 755 public/
# Create non-root user for application
useradd -r -s /bin/false securehealth
chown -R securehealth:securehealth /path/to/securehealth
Verification
Step 1: Check Application Status
# Check if application is running
curl http://localhost:8000/health
# Expected response:
# {"status":"ok","timestamp":"2024-01-01T00:00:00Z"}
Step 2: Test Database Connection
# Test MongoDB connection
php bin/console doctrine:mongodb:schema:validate
# Expected output:
# [OK] Database schema is valid
Step 3: Verify Encryption
# Check encryption status
php bin/console app:encryption:status
# Expected output:
# [OK] Encryption is properly configured
# [OK] All sensitive fields are encrypted
Initial Setup
Create Admin User
# Create initial admin user
php bin/console app:user:create admin@securehealth.dev --role=ROLE_ADMIN --password=admin123
Load Demo Data
# Load sample patients and medical records
php bin/console app:fixtures:load-demo-data
Production Deployment
Security Checklist
- Change all default passwords
- Configure HTTPS/TLS
- Set up proper firewall rules
- Enable audit logging
- Configure backup procedures
- Set up monitoring and alerting
- Review and test disaster recovery procedures
Performance Optimization
# Enable OPcache
opcache.enable=1
opcache.memory_consumption=256
opcache.max_accelerated_files=20000
# Configure MongoDB connection pooling
MONGODB_MAX_POOL_SIZE=100
MONGODB_MIN_POOL_SIZE=10
Monitoring Setup
# Install monitoring tools
composer require symfony/monitor-bundle
# Configure logging
LOG_LEVEL=warning
LOG_CHANNELS=["app","security","audit"]
Troubleshooting
Common Issues
Database Connection Failed
# Check MongoDB URI format
echo $MONGODB_URI
# Test connection
php bin/console doctrine:mongodb:schema:validate
Encryption Key Not Found
# Verify key configuration
php bin/console app:encryption:list-keys
# Check key vault permissions
Permission Denied Errors
# Fix file permissions
sudo chown -R www-data:www-data var/
sudo chmod -R 755 var/
Getting Help
- Check the troubleshooting guide
- Review GitHub issues
- Join community discussions
Next Steps
After successful installation:
- First Steps Guide - Configure your instance
- Security Concepts - Learn about encryption
- User Guides - Role-specific documentation
- Developer Guides - Technical details