Difference between revisions of "SUNScholar/Prepare Ubuntu"

From Libopedia
Jump to navigation Jump to search
Line 467: Line 467:
 
Well done with the setup of the server for the Dspace installation later !!
 
Well done with the setup of the server for the Dspace installation later !!
  
If everything is OK, then proceed to the [[Install_Dspace|installation of Dspace]] itself.
+
If everything is OK, then proceed to the [[SUNScholar/Install_Dspace|installation of Dspace]] itself.

Revision as of 11:01, 15 August 2010

It is vitally essential that you have first completed the installation of Ubuntu with the LAMP stack.

If you have not, please do so now.

Contents

Introduction

Before Dspace can be installed and setup we have to prepare the server with the software needed by Dspace. Because Dspace is essentially a Java Webapp that uses a SQL database, the following steps simply setup the Ubuntu Server as a Java Webapp server with a SQL database server. Unfortunately the Ubuntu server does not come with a default Java Webapp SQL Database Server setup, so we have to do it manually.

Step 1. Login to the remote server

On your client PC with the Ubuntu desktop live CD, click on: Applications => Accessories => Terminal to open a command line terminal.

Login to your remote server as the "dspace" user by typing as follows in the terminal.

ssh dspace@%hostname%

Replace %hostname% with the hostname of your server.

Step 2. Become the "root" user

To install all the Dspace dependencies become the "root" user by typing the following in terminal.

sudo -i

Step 3. Install Java Software Dependencies

Step 3.1: Install Java 6 Development Kit

Type as follows:

aptitude install openjdk-6-jdk

Afterwards make it available system wide:

update-java-alternatives -s java-6-openjdk

Step 3.2: Install Java Ant Compiler

Type as follows:

aptitude install ant ant-optional

Step 4. Setup Apache2 Maven2 Java Installer

Step 4.1: Install Maven2

Type as follows:

aptitude install maven2

Step 4.2: Create the Maven2 home folder

Type the following;

mkdir /home/dspace/.m2

Give the "dspace" user full ownership of the folder by typing the following:

chown dspace.dspace -R /home/dspace/.m2

Step 4.3: Setup the Maven2 config file

The Maven 2 proxy configuration file is only needed if your connection to the internet is via a campus proxy server. You can skip this step if you have a direct connection to the internet.

Maven proxy notes

Use the proxy settings for your campus. Check with your IT department. You need to ensure that the following two sites are allowed to pass through your campus proxy server (i.e. add them to the ACL configuration on the Squid proxy server):

  1. maven.apache.org
  2. repo1.maven.org

More information about Maven can be found here at the following links:

Maven proxy config file

Type the following to enable Maven proxy settings:

nano /home/dspace/.m2/settings.xml

Tip: It is always a good idea to maximise the open nano window so that the copy and paste of long lines does not wrap around.

Add the following:

<settings xmlns="http://maven.apache.org/SETTINGS/1.0.0"
  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0
                      http://maven.apache.org/xsd/settings-1.0.0.xsd">
  <localRepository/>
  <interactiveMode/>
  <usePluginRegistry/>
  <offline/>
  <pluginGroups/>
  <servers/>
  <mirrors/>
  <proxies>
    <proxy>
      <id>Maties</id>
      <active>true</active>
      <protocol>http</protocol>
      <host>lib-proxy.sun.ac.za</host>
      <port>3128</port>
      <username></username>
      <password></password>
      <nonProxyHosts></nonProxyHosts>
    </proxy>
  </proxies>
  <profiles/>
  <activeProfiles/>
</settings>

Save the file by pressing CTL+O and then CTL+X on the keyboard.

Step 5. Setup Apache2 Tomcat 5.5 Java Webapp Server

Step 5.1: Install Tomcat 5.5

Type the following:

aptitude install tomcat5.5 tomcat5.5-admin

Step 5.2: Configure Tomcat 5.5

Afterwards we have to configure it:

nano /etc/default/tomcat5.5

Change TOMCAT5_SECURITY from yes to no:

[...]
# Use the Java security manager? (yes/no)
#TOMCAT5_SECURITY=yes
TOMCAT5_SECURITY=no
[...]

Setup the correct JAVA_OPTS for the XMLUI interface

# Arguments to pass to the Java virtual machine (JVM).
JAVA_OPTS="-Djava.awt.headless=true -Xms1024m -Xmx2048m -XX:MaxPermSize=512m -XX:+CMSClassUnloadingEnabled -XX:+CMSPermGenSweepingEnabled"

Save the file by pressing CTL+O and then CTL+X on the keyboard.

Step 5.3: Post Tomcat 5.5 installation checks

Now let's look if all went well:

netstat -tap | grep jsvc

Tomcat should be listening on port 8180:

root@server1:~# netstat -tap | grep jsvc
tcp6       0      0 [::]:8009               [::]:*                  LISTEN      7865/jsvc
tcp6       0      0 [::]:8180               [::]:*                  LISTEN      7865/jsvc
root@server1:~#

Step 5.4: Enable Tomcat with UTF-8 multi-byte encoding

Type as follows:

 nano /etc/tomcat5.5/server.xml

Tip: It is always a good idea to maximise the open nano window so that the copy and paste of long lines does not wrap around.

Add URIEncoding="UTF-8" to the connector section for port 8180. See the example below. Look carefully at the last line !

    <Connector port="8180" maxHttpHeaderSize="8192"
               maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
               enableLookups="false" redirectPort="8443" acceptCount="100"
               connectionTimeout="20000" disableUploadTimeout="true" URIEncoding="UTF-8" />

Save the file by pressing CTL+O and then CTL+X on the keyboard.

Step 5.5: Setup Tomcat 5.5 admin users

Type as follows:

nano /etc/tomcat5.5/tomcat-users.xml

Delete all the contents of the file and add the following admin and manager roles with a password.

<?xml version='1.0' encoding='utf-8'?>
<tomcat-users>
  <role rolename="manager"/>
  <role rolename="admin"/>
  <user username="dspace" password="dspace" roles="admin,manager"/>
</tomcat-users>

Save the file by pressing CTL+O and then CTL+X on the keyboard.

Step 5.6: Undeploy the Tomcat 5.5 admin interface

Login to the Tomcat /manager/html interface and undeploy the "admin" application. It interferes with the XMLUI admin application !

See: http://jira.dspace.org/jira/browse/DS-488

Step 5.7: Restart the Tomcat 5.5 server

Type the following:

/etc/init.d/tomcat5.5 restart

Step 6. Setup Apache2 Tomcat 5.5 Jakarta Connector

Jakarta is an application router for Apache2. Jakarta tells Apache2 which URL must go to which Java webapp server. For example the URL http://myrepo.ac.za/jspui must be routed to Tomcat5.5.

Step 6.1: Install and enable the Apache2 Tomcat Jakarta connector

To install the Jakarta Tomcat Apache connector type as follows:

aptitude install libapache2-mod-jk libapache-mod-jk-doc

To setup Apache2 to use the mod_jk connector type the following:

a2enmod jk
/etc/init.d/apache2 reload

Step 6.2: Configure the Jakarta connector on the Apache server

To tell Apache2 where to send the Java URL's, type the following:

nano /etc/apache2/conf.d/tomcat.conf

Tip: It is always a good idea to maximise the open nano window so that the copy and paste of long lines does not wrap around.

Then insert the following:

<IfModule mod_jk.c>
JkWorkersFile           /etc/tomcat5.5/workers.properties
JkLogFile               /var/log/apache2/mod_jk.log
JkLogLevel              info
JkLogStampFormat        "[%a %b %d %H:%M:%S %Y] "
JkRequestLogFormat      "%w %V %T"

# JkMount directive is: JkMount [URL prefix] [Worker name]
# send all requests ending in .jsp to ajp13_worker
JkMount                 /*.jsp localhost

# send all requests ending /servlet to ajp13_worker
JkMount                 /*/servlet/ localhost

#   OWN ADDITIONS
#######################################
JkMount / localhost
JkMount /* localhost

JkMount /manager localhost
JkMount /manager/* localhost

JkMount /jspui localhost
JkMount /jspui/* localhost

JkMount /xmlui localhost
JkMount /xmlui/* localhost

JkMount /oai localhost
JkMount /oai/* localhost

JkMount /lni localhost
JkMount /lni/* localhost

JkMount /sword localhost
JkMount /sword/* localhost

</IfModule>

Save the file by pressing CTL+O and then CTL+X on the keyboard.

Add the following for secure connections.

JkExtractSSL            On
JkHTTPSIndicator        HTTPS

Step 6.3: Configure the Jakarta connector on the Tomcat server

To to tell Tomcat which worker to use on what port, to listen for Java webapp requests, type the following:

nano /etc/tomcat5.5/workers.properties

Then insert the following:

workers.apache_log=/var/log/apache2
workers.tomcat_home=/usr/share/tomcat5.5/
workers.java_home=/usr/lib/jvm/java-6-sun/

worker.list=localhost
worker.localhost.port=8009
worker.localhost.host=localhost
worker.localhost.type=ajp13
worker.localhost.lbfactor=1

Save the file by pressing CTL+O and then CTL+X on the keyboard.

Step 6.4: Restart the Apache and Tomcat servers

Now restart apache and tomcat as follows:

/etc/init.d/apache2 restart
/etc/init.d/tomcat5.5 restart

Thats it, now you have a working Java webapp server.

Step 7. Install PostgreSQL

Dspace uses the PostgreSQL database server for the main catalog database. The following procedure installs the PostgreSQL server and creates the "dspace" database and "dspace" database user with the default password.

Step 7.1: Install PostgreSQL

aptitude install postgresql-8.3 libpg-java

Step 7.2: Setup PostgreSQL admin password

Change database user permissions to "trust" only.

sed -i 's/ident sameuser$/trust/' /etc/postgresql/8.3/main/pg_hba.conf

Restart database server.

/etc/init.d/postgresql-8.3 restart

Open a database shell...

psql -U postgres

... and set the password:

alter role postgres with password 'dspace';

Quit the database shell.

\q

Change database user permissions from "trust" to "md5" password.

sed -i 's/trust$/md5/' /etc/postgresql/8.3/main/pg_hba.conf

Restart database server.

/etc/init.d/postgresql-8.3 restart

Step 7.3: Create the PostgreSQL 'dspace' database

Create the "dspace" database with the "dspace" database user.

sudo -u dspace createdb -U dspace -E UNICODE dspace

Step 7.4: Create the PostgreSQL 'dspace' user

Create the "dspace" database user with full privileges.

sudo -u postgres createuser -U postgres -d -A -P dspace

If asked the following:

Shall the new role be allowed to create more new roles? (y/n) y

Answer "y" for yes.

Step 7.5: Setup database host and user access permissions

Type the following:

echo "host dspace dspace 127.0.0.1/32 md5" >> /etc/postgresql/8.3/main/pg_hba.conf

Step 7.6: Restart the PostgreSQL server

Type the following:

/etc/init.d/postgresql-8.3 restart

Step 8 - Setup the Postfix mail server

Step 8.1: Install the software

In order to be able to use email with your Dspace server install the postfix mail server as follows:

sudo aptitude install postfix
sudo dpkg --purge exim4

Step 8.2: Setup the mail server config files

Next we edit the Postfix main.cf file as follows:

sudo nano /etc/postfix/main.cf

Tip: It is always a good idea to maximise the open nano window so that the copy and paste of long lines does not wrap around.

See below for an example of the config file:

# See /usr/share/postfix/main.cf.dist for a commented, more complete version


# Debian specific:  Specifying a file name will cause the first
# line of that file to be used as the name.  The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname

smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

readme_directory = no

# TLS parameters
smtpd_tls_cert_file=/etc/ssl/certs/%hostname%.pem
smtpd_tls_key_file=/etc/ssl/certs/%hostname%.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.

myhostname = %hostname%
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = %hostname% localhost
relayhost = %relay-hostname%
mynetworks = %my-subnet% 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
  1. Change the %hostname% to the hostname of your server.
  2. Change the %relay-hostname% to the hostname of your campus email server which sends and delivers email.
  3. Add the subnet of your campus TCP/IP network %my-subnet% to the mynetworks parameter.
  4. Ensure mydestination = %hostname% localhost to prevent your mail server becoming a spam email relay.

Talk to the campus system administrator about these settings.

Also see: http://www.postfix.org/SMTPD_ACCESS_README.html and http://en.wikipedia.org/wiki/Subnet_Mask.

Step 8.3: Setup default mailname

Now we edit the servers mailname as follows:

sudo nano /etc/mailname

Add one line only which should be the hostname of your server.

Now we restart Postfix:

sudo /etc/init.d/postfix restart

Step 8.4: Setup "root" email alias

The "root" email address is setup as follows:

sudo nano /etc/aliases

See below for an example:

# Added by installer for initial user
root:   me@myedu.ac.za

Change the me@myedu.ac.za to your email address. Then save and exit "nano".

To activate the new aliases type the following:

sudo newaliases

Step 8.5: Send a test email to root

Install the command line mailer program as follows:

sudo aptitude install mailx

Now we can send a test email to the root user by typing as follows:

mail -s "Test Email from root" root

Press the "Enter" key and type some message content. Press CTL+D and then Enter to send the mail.

Check the following log for any delivery errors as follows:

sudo tail -n 40 /var/log/mail.info

If there are no delivery errors your mail server is setup. Well done.

Step 9. Setup the environment variables

To setup the environment variables for java web applications, type the following:

nano /etc/environment

Copy and paste the following after the "PATH" line:

ANT_HOME="/usr/share/ant"
JAVA_HOME="/usr/lib/jvm/java-6-openjdk"
CATALINA_OPTS="-server -Xms384M -Xmx512M"
CATALINA_HOME="/usr/share/tomcat5.5"
CATALINA_BASE="/var/lib/tomcat5.5"
TOMCAT_HOME="/usr/share/tomcat5.5"

Save the file and exit nano.

Type the following to check the "/etc/environment" file contents:

sudo cat /etc/environment

This is what you should get:

PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games"
ANT_HOME="/usr/share/ant"
JAVA_HOME="/usr/lib/jvm/java-6-openjdk"
CATALINA_OPTS="-server -Xms384M -Xmx512M"
CATALINA_HOME="/usr/share/tomcat5.5"
CATALINA_BASE="/var/lib/tomcat5.5"
TOMCAT_HOME="/usr/share/tomcat5.5"

Step 10. Check the installation

Type the following to reboot the server:

sudo reboot

When the server has started up again, start a web browser session on another machine and type the following in the address bar:

http://%hostname%/manager/html

Replace %hostname% with your sites Dspace server address. Use the credentials you specified with the Tomcat installation step above. You should now be connected to the admin interface for Tomcat.

Next Procedure

Well done with the setup of the server for the Dspace installation later !!

If everything is OK, then proceed to the installation of Dspace itself.