...
- NB! Be extremely careful if using copy-paste! Also note that wiki page may eat some specific chars.
2 Required sofware
Install them in that order. You can find them from /usr/ports.
| Panel |
|---|
lang/perl5.14
|
3 Configuration rollercoaster
...
| Panel |
|---|
tcsh# grep AllowGroups /etc/ssh/sshd_config tcsh# mkdir /var/log/apache2 |
Several scripts from dspace are using "/bin/bash". To make them happy:
...
| Panel |
|---|
<Connector port="8080" protocol="HTTP/1.1" |
| Panel |
|---|
<!-- Define an AJP 1.3 Connector on port 8009 --> |
Once again i found more reasonable not to copy (or symlink) webapps to tomcat appBase dir as suggests dspace official documentation. Instead i'm changin tomcat appBase to point to dspace webapps. Also put tomcat logs with other www/apache logs. Original lines are commented out and my lines marked bold.
| Panel |
|---|
<!-- <Host name="localhost" appBase="webapps" --> |
...
Some lines are omitted from output. Also configure "apache22/extra/httpd-mpm.conf" and "httpd-default.conf" to suit You. Also don't forget apache certificates.
| Panel | |
|---|---|
| Wiki Markup | tcsh# egrep \-v "# \|"^$ /usr/local/etc/apache22/httpd.conf *
rewrite_module libexec/apache22/mod_rewrite.so
jk_ module module libexec/apache22/mod_jk.so
"/var/log/apache2/httpd-error.log"
-l /var/log/apache2/httpd-access_%Y-%m-%d.log 86400" combined
etc/apache22/extra/httpd-mpm.conf
etc/apache22/extra/httpd-default.conf
etc/apache22/extra/httpd-ssl.conf
etc/apache22/Includes/*.conf
*:80
jk_module> # relative path to
*:80>
dspace.example.com DocumentRoot
(.*)-login(.*) \[OR \] RewriteCond [] {HTTP_HOST}%{REQUEST_URI} (.*)/register(.*) \[OR \] RewriteCond [] {HTTP_HOST}%{REQUEST_URI} (.*)/forgot(.*) RewriteRule https://% ]{HTTP_HOST}%{REQUEST_URI} # CustomLog "\|/usr/local/sbin/rotatelogs \-l
86400" combined ErrorLogcombined
tcsh# egrep \-v "# \|"^$ /usr/local/etc/apache22/extra/httpd-ssl.conf *
443
_default_:443>
dspace.example.com:443
hostmaster@example.com
"/usr/local/www/apache22/data"
jk_module> JkMount /xmlui localhost-worker JkMount /xmlui/\* localhost-worker JkMount /solr localhost-worker JkMount /solr/\* localhost-worker JkMount /oai localhost-worker JkMount /oai/\* localhost-worker RewriteEngine On RewriteRule \^/$ /xmlui/ \[PT\] RewriteRule \^/$ /solr/ \[PT\] RewriteRule \^/$ /oai/ \[PT\] </IfModule> ErrorLog "\
/var/log/apache2/https-error-%Y-%m-%d.log 5M"
" \|/usr/local/sbin/rotatelogs /var/log/apache2/https-access-%Y-%m-%d.log 86400"
"/usr/local/etc/apache22/certs/dspace.example.com.crt"
"/usr/local/etc/apache22/certs/dspace.example.com.key"
"/usr/local/etc/apache22/certs/dspace-bundle.example.com.crt"
"/data/dspace/webapps/xmlui"> SSLOptions \+StdEnvVars \+ExportCertData
|
4 Install Dspace
| Panel |
|---|
tcsh# mkdir /data/dspace |
...
Open /data/dspace-1.8.1-src-release/dspace/config/dspace.cfg and make Your changes:
| Panel |
|---|
|
dspace.dir = /data/dspace
= dspace.example.com
= []
= ${dspace.baseUrl}/xmlui
= Dspace at Example.Com
= postgres
= jdbc:postgresql://localhost:5432/dspacedb
= org.postgresql.Driver
= dspace
= s0mepw
= 30
= 5000
= \-1
= true
= smtp.example.com
= 25
= dspace-noreply@example.com
= dspace-help@example.com
= dspace-help@example.com
= postmaster@example.com
= dspace-help@example.com
= UTF-8
= localhost,dspace.example.com
= false
= en_US
= ${dspace.dir}/assetstore
= ${dspace.dir}/config/log4j.properties
= /var/log/apache2/
= ${dspace.dir}/search
= []
= 12345
= ${dspace.dir}/handle-server
= 536870912
= en
= en
= true
|
Configure LDAP module. As i'm writing its not possible to configure multiple ldap servers in order to achieve failover (eg. ldap://ldapserver1 ldapserver2/?blah?blah).
...
Just in case verify /data/dspace/config/log4j.properties doesn't bug You. Remove unneeded "/" There may be 3 erratic lines like this one:
| Panel |
|---|
/var/log/apache2/*/*cocoon.log |
Also verify that /data/dspace/config/modules/authentication.cfg and authentication-ldap.cfg are correct.
...
Now install certificates required to use LDAPS. Make sure that You have JAVA_HOME set:
| Panel |
|---|
*tcsh# set JAVA_HOME=/usr/local/openjdk6*
* |
5 Handle
If You are using "handle" also, then:
| Panel |
|---|
tcsh# /data/dspace/bin/dspace make-handle-config /data/dspace/handle-server |
Create /usr/local/etc/rc.d/handle with following content. This script runs handle service as "www" user.
| Panel | |
|---|---|
| Wiki Markup | #!/bin/sh \
PROVIDE: handle \
REQUIRE: NETWORKING tomcat7 \
KEYWORD: shutdown \
handle_server_enable="YES" \
. /etc/rc.subr name="handle_server"
_start"
_stop"
command="/data/dspace/bin/start-handle-server" handle_server_start() { if \[ \-x ${command} \]; then
-axuwww \| grep \-v grep \| grep handle-server \| nawk '{ $2 }'`" if \[
= "X" \]; then su - www \-c ${command} else echo "Handle server is already running." fi fi } handle_server_stop() { pid="`ps \-axuwww \| grep \-v grep \| grep handle-server \| nawk '{ print $2 }'`" if \[ "${pid}"X \!= "X" \]; then pid_owner="`ps \-axu \|grep \-v grep \| grep \-w $pid \|nawk '{ print $1 }'`" if \[ "${pid_owner}" = "www" \]; then kill \-15 ${pid} sleep 1 fi else echo "Handle server is not running?" fi } \# set defaultsthen handle_server_enable=${handle_server_enable:-"NO"}
"${name}" run_rc_command "$1" |
6 Clean up and daemons startup
...
| Panel |
|---|
apache22_enable="YES" |
...
- If You should later on upgrade "openjdk", then You need to import LDAP certificate again - you'll lose it!
- If You should upgrade mod_jk port, then dont forget to uncomment "#LoadModule jk_module.... " line!to uncomment "#LoadModule jk_module.... " line!
- After dspace upgrade dont forget cocoon: /data/dspace/webapps/xmlui/WEB-INF/cocoon/properties/core.properties
- Implement backups and monitoring!
- Implement firewall. If using pf:
| Panel |
|---|
|
WEB_PORTS="{ 80, 443 }"
2641, 8000 }" \
www
in log quick on $EXT_IF proto tcp from any to port $WEB_PORTS \
dspace handle service
in log quick on $EXT_IF proto tcp from any to port $HANDLE_PORTS |
Maybe You need SSH too, but in general keep blocking.
- Please read carefully dspace documentation.