Page History

...

Install all the Backend Requirements listed above.
Create a DSpace operating system user (optional) . As noted in the prerequisites above, Tomcat (or Jetty, etc) must run as an operating system user account that has full read/write access to the DSpace installation directory (i.e. [dspace]). Either you must ensure the Tomcat owner also owns [dspace], OR you can create a new "dspace" user account, and ensure that Tomcat also runs as that account:
Code Block
useradd -m dspace
Download the latest DSpace release from the DSpace GitHub Repository. You can choose to either download the zip or tar.gz file provided by GitHub, or you can use "git" to checkout the appropriate tag (e.g. dspace-7.0-beta5) or branch.
Unpack the DSpace software. After downloading the software, based on the compression file format, choose one of the following methods to unpack your software:
1. Zip file. If you downloaded dspace-7.0-beta5.zip do the following:
  Code Block
  unzip dspace-7.0-beta5.zip
2. .gz file. If you downloaded dspace-7.0-beta.tar.gz do the following:
  Code Block
  gunzip -c dspace-7.0-beta5.tar.gz | tar -xf -
  For ease of reference, we will refer to the location of this unzipped version of the DSpace release as [dspace-source] in the remainder of these instructions. After unpacking the file, the user may wish to change the ownership of the dspace-7.x folder to the "dspace" user. (And you may need to change the group).

Database Setup

PostgreSQL:

Create a dspace database user (this user can have any name, but we'll assume you name them "dspace"). This is entirely separate from the dspace operating-system user created above:
Code Block
createuser --username=postgres --no-superuser --pwprompt dspace
You will be prompted (twice) for a password for the new dspace user. Then you'll be prompted for the password of the PostgreSQL superuser (postgres).
Create a dspace database, owned by the dspace PostgreSQL user. Similar to the previous step, this can only be done by a "superuser" account in PostgreSQL (e.g. postgres):
Code Block
createdb --username=postgres --owner=dspace --encoding=UNICODE dspace
You will be prompted for the password of the PostgreSQL superuser (postgres).

Finally, you MUST enable the pgcrypto extension on your new dspace database. Again, this can only be enabled by a "superuser" account (e.g. postgres)

Code Block
# Login to the database as a superuser, and enable the pgcrypto extension on this database psql --username=postgres dspace -c "CREATE EXTENSION pgcrypto;"

The "CREATE EXTENSION" command should return with no result if it succeeds. If it fails or throws an error, it is likely you are missing the required pgcrypto extension (see Database Prerequisites above).

Alternative method: How to enable pgcrypto via a separate database schema. While the above method of enabling pgcrypto is perfectly fine for the majority of users, there may be some scenarios where a database administrator would prefer to install extensions into a database schema that is separate from the DSpace tables. Developers also may wish to install pgcrypto into a separate schema if they plan to "clean" (recreate) their development database frequently. Keeping extensions in a separate schema from the DSpace tables will ensure developers would NOT have to continually re-enable the extension each time you run a "./dspace database clean". If you wish to install pgcrypto in a separate schema here's how to do that:

Code Block

# Login to the database as a superuser
psql --username=postgres dspace
# Create a new schema in this database named "extensions" (or whatever you want to name it)
CREATE SCHEMA extensions;
# Enable this extension in this new schema
CREATE EXTENSION pgcrypto SCHEMA extensions;
# Grant rights to call functions in the extensions schema to your dspace user
GRANT USAGE ON SCHEMA extensions TO dspace;


# Append "extensions" on the current session's "search_path" (if it doesn't already exist in search_path)
# The "search_path" config is the list of schemas that Postgres will use
SELECT set_config('search_path',current_setting('search_path') || ',extensions',false) WHERE current_setting('search_path') !~ '(^|,)extensions(,|$)';
# Verify the current session's "search_path" and make sure it's correct
SHOW search_path;
# Now, update the "dspace" Database to use the same "search_path" (for all future sessions) as we've set for this current session (i.e. via set_config() above)
ALTER DATABASE dspace SET search_path FROM CURRENT;

Oracle:

Setting up DSpace to use Oracle is a bit different now. You will need still need to get a copy of the Oracle JDBC driver, but instead of copying it into a lib directory you will need to install it into your local Maven repository. (You'll need to download it first from this location: http://www.oracle.com/technetwork/database/enterprise-edition/jdbc-112010-090769.html.) Run the following command (all on one line):
Code Block
mvn install:install-file -Dfile=ojdbc6.jar -DgroupId=com.oracle -DartifactId=ojdbc6 -Dversion=11.2.0.4.0 -Dpackaging=jar -DgeneratePom=true
You need to compile DSpace with an Oracle driver (ojdbc6.jar) corresponding to your Oracle version - update the version in [dspace-source]/pom.xml E.g.:
Code Block
language html/xml
<dependency> <groupId>com.oracle</groupId> <artifactId>ojdbc6</artifactId> <version>11.2.0.4.0</version> </dependency>
Create a database for DSpace. Make sure that the character set is one of the Unicode character sets. DSpace uses UTF-8 natively, and it is required that the Oracle database use the same character set. Create a user account for DSpace (e.g. dspace) and ensure that it has permissions to add and remove tables in the database.

NOTE: You will need to ensure the proper db.* settings are specified in your local.cfg file (see next step), as the defaults for all of these settings assuming a PostgreSQL database backend.

Code Block

db.url = jdbc:oracle:thin:@host:port/SID
# e.g. db.url = jdbc:oracle:thin:@//localhost:1521/xe
# NOTE: in db.url, SID is the SID of your database defined in tnsnames.ora
# the default Oracle port is 1521
# You may also use a full SID definition, e.g.
# db.url = jdbc:oracle:thin:@(description=(address_list=(address=(protocol=TCP)(host=localhost)(port=1521)))(connect_data=(service_name=DSPACE)))

# Oracle driver and dialect
db.driver = oracle.jdbc.OracleDriver
db.dialect = org.hibernate.dialect.Oracle10gDialect

# Specify DB username, password and schema to use
db.username =
db.password =
db.schema = ${db.username}
# For Oracle, schema is equivalent to the username of your database account,
# so this may be set to ${db.username} in most scenarios

Later, during the Maven build step, don't forget to specify mvn -Ddb.name=oracle package

Initial Configuration (local.cfg): Create your own [dspace-source]/dspace/config/local.cfg configuration file (you may wish to simply copy the provided [dspace-source]/dspace/config/local.cfg.EXAMPLE). This local.cfg file can be used to store any configuration changes that you wish to make which are local to your installation (see local.cfg configuration file documentation). ANY setting may be copied into this local.cfg file from the dspace.cfg or any other *.cfg file in order to override the default setting (see note below). For the initial installation of DSpace, there are some key settings you'll likely want to override, those are provided in the [dspace-source]/dspace/config/local.cfg.EXAMPLE. (NOTE: Settings followed with an asterisk (*) are highly recommended, while all others are optional during initial installation and may be customized at a later time)

dspace.dir* - must be set to the [dspace] (installation) directory (NOTE: On Windows be sure to use forward slashes for the directory path! For example: "C:/dspace" is a valid path for Windows.)
dspace.server.url* - complete , public URL of this DSpace backend (including port and any subpath). For example: http://localhost:8080/server/
dspace.ui.url* - complete , public URL of the DSpace frontend (including port and any subpath). REQUIRED for the REST API to fully trust requests from the DSpace frontend. For example: http://localhost:4000/
dspace.name - "Proper" name of your server, e.g. "My Digital Library".
solr.server* - complete URL of the Solr server. DSpace makes use of Solr for indexing purposes. http://localhost:8983/solr unless you changed the port or installed Solr on some other host.
default.language - Default language for all metadata values (defaults to "en_US")
db.url* - The full JDBC URL to your database (examples are provided in the local.cfg.EXAMPLE)
db.driver* - Which database driver to use, based on whether you are using PostgreSQL or Oracle
db.dialect* - Which database dialect to use, based on whether you are using PostgreSQL or Oracle
db.username* - the database username used in the previous step.
db.password* - the database password used in the previous step.
db.schema* - the database scheme to use (examples are provided in the local.cfg.EXAMPLE)
mail.server - fully-qualified domain name of your outgoing mail server.
mail.from.address - the "From:" address to put on email sent by DSpace.
mail.feedback.recipient - mailbox for feedback mail.
mail.admin - mailbox for DSpace site administrator.
alert.recipient - mailbox for server errors/alerts (not essential but very useful!)

registration.notify- mailbox for emails when new users register (optional)

Info

title	Your local.cfg file can override ANY settings from other *.cfg files in DSpace

The provided local.cfg.EXAMPLE only includes a small subset of the configuration settings available with DSpace. It provides a good starting point for your own local.cfg file.

However, you should be aware that ANY configuration can now be copied into your local.cfg to override the default settings. This includes ANY of the settings/configurations in:

The primary dspace.cfg file ([dspace]/config/dspace.cfg)
Any of the module configuration files ([dspace]/config/modules/*.cfg files)
Any of the Spring Boot settings ([dspace-src]/dspace-server-webapp/src/main/resources/application.properties)

Individual settings may also be commented out or removed in your local.cfg, in order to re-enable default settings.

See the Configuration Reference section for more details.

DSpace Directory: Create the directory for the DSpace backend installation (i.e. [dspace]). As root (or a user with appropriate permissions), run:
Code Block
mkdir [dspace] chown dspace [dspace]
(Assuming the dspace UNIX username.)

Build the Installation Package: As the dspace UNIX user, generate the DSpace installation package.

Code Block
cd [dspace-source] mvn package

Info

title	Building with Oracle Database Support

Without any extra arguments, the DSpace installation package is initialized for PostgreSQL. If you want to use Oracle instead, you should build the DSpace installation package as follows:
mvn -Ddb.name=oracle package

Install DSpace: As the dspace UNIX user, install DSpace to [dspace]:
Code Block
cd [dspace-source]/dspace/target/dspace-installer ant fresh_install
Info
To see a complete list of build targets, run: ant help The most likely thing to go wrong here is the test of your database connection. See the 104566943 Section below for more details.
Deploy Server web application: The DSpace backend consists of a single "server" webapp (in [dspace]/webapps/server). You need to deploy this webapp into your Servlet Container (e.g. Tomcat). Generally, there are two options (or techniques) which you could use...either configure Tomcat to find the DSpace "server" webapp, or copy the "server" webapp into Tomcat's own webapps folder.
- Technique A. Tell your Tomcat/Jetty/Resin installation where to find your DSpace web application(s). As an example, in the directory [tomcat]/conf/Catalina/localhost you could add files similar to the following (but replace [dspace]with your installation location):
  Code Block
  title DEFINE A CONTEXT PATH FOR DSpace Server webapp: server.xml
  <?xml version='1.0'?> <Context docBase="[dspace]/webapps/server"/>
  The name of the file (not including the suffix ".xml") will be the name of the context, so for example server.xml defines the context at http://host:8080/server. To define the root context (http://host:8080/), name that context's file ROOT.xml. Optionally, you can also choose to install the old, deprecated "rest" webapp if you
- Technique B. Simple and complete. You copy only (or all) of the DSpace Web application(s) you wish to use from the [dspace]/webapps directory to the appropriate directory in your Tomcat/Jetty/Resin installation. For example:
  cp -R [dspace]/webapps/* [tomcat]/webapps* (This will copy all the web applications to Tomcat).
  cp -R [dspace]/webapps/server [tomcat]/webapps* (This will copy only the Server web application to Tomcat.)
  To define the root context (http://host:8080/), name that context's directory ROOT.
Optionally, also install the deprecated DSpace 6.x REST API web application. If you previously used the DSpace 6.x REST API, for backwards compatibility the old, deprecated "rest" webapp is still available to install (in [dspace]/webapps/rest). It is NOT used by the DSpace frontend. So, most users should skip this step.
Copy Solr cores: DSpace installation creates a set of four empty Solr cores already configured. Copy them from [dspace]/solr to the place where your Solr instance will discover them. Start (or re-start) Solr. For example:
Code Block
language bash
cp -R [dspace]/solr/* [solr]/server/solr/configsets [solr]/bin/solr restart
You can check the status of Solr and your new DSpace cores by using its administrative web interface. Browse to http://localhost:8983/ to see if Solr is running well, then look at the cores by selecting (on the left) Core Admin or using the Core Selector drop list.
Create an Administrator Account: Create an initial administrator account from the command line:
Code Block
[dspace]/bin/dspace create-administrator
Initial Startup! Now the moment of truth! Start up (or restart) Tomcat/Jetty/Resin.
1. REST API Interface - (e.g.) http://dspace.myu.edu:8080/server/
2. OAI-PMH Interface - (e.g.) http://dspace.myu.edu:8080/server/oai/request?verb=Identify
3. For an example of what the default backend looks like, visit the Demo Backend: https://dspace7.4science.cloud/server/

...

First, install all the Frontend Requirements listed above & verify the backend/REST API is publicly accessible.
Download the latest dspace-angular release from the DSpace GitHub repository. You can choose to either download the zip or tar.gz file provided by GitHub, or you can use "git" to checkout the appropriate tag (e.g. dspace-7.0-beta5) or branch.
Install all necessary local dependencies by running the following from within the unzipped "dspace-angular" directory
Code Block
# change directory to our repo cd dspace-angular # install the local dependencies yarn install

Create a Production Configuration file at [dspace-angular]/src/environments/environment.prod.ts. You may wish to use the environment.template.ts as a starting point. This environment.prod.ts file can be used to override any of the default configurations specified in the environment.common.ts (in that same directory). At a minimum this file MUST include the "ui" and "rest" sections similar to the following (keep in mind, you only need to include settings that you need to modify):

Code Block

export const environment = {   
  // The "ui" section defines where you want Node.js to run/respond. It may correspond to your publicprimary URL, but it also may not (if you are running behind a proxy).
  // In this example, we are setting up our UI to just use localhost, port 4000. 
  // This is a common setup for when you want to use Apache or Nginx to handle HTTPS and proxy requests to Node on port 4000
  ui: { 
      ssl: false,
      host: 'localhost',
      port: 4000, 
      // NOTE: Space is capitalized because 'namespace' is a reserved string in TypeScript
      nameSpace: '/' 
  }
  // This example is valid if your Backend is publicly available at https://api.mydspace.edu/server/
  // The REST settings MUST correspond to the publicprimary URL of the backend. Usually, this means they must be kept in sync
  // with the value of "dspace.server.url" in the backend's local.cfg
  rest: { 
      ssl: true, 
      host: 'api.mydspace.edu',
      port: 443, 
      // NOTE: Space is capitalized because 'namespace' is a reserved string in TypeScript
      nameSpace: '/server' 
  }
};

HINT #1: In the "ui" section above, you may wish to start with "ssl: false" and "port: 4000" just to be certain that everything else is working properly. With those settings, you can quickly test your UI by running "yarn start" and trying to access it via http://[mydspace.edu]:4000/ from your web browser. KEEP IN MIND, we highly recommend always using HTTPS for Production.
HINT #2: If Node throws an error saying "listen EADDRNOTAVAIL: address not available", try setting the "host" to "0.0.0.0" or "localhost". Usually that error is a sign that the "host" is not recognized.
If there are other settings you know you need to modify in the default environment.common.ts configuration file you can also copy them into this same file.

Build the User Interface for Production. This uses your environment.prod.ts and the source code to create a compiled version of the UI in the [dspace-angular]/dist folder
Code Block
yarn run build:prod
1. HINT: if you change/update your environment.prod.ts, then you will need to rebuild the UI application (i.e. rerun this command).

Assuming you are using PM2, create a JSON configuration file describing how to run our UI application. This need NOT be in the same directory as the dspace-angular codebase itself (in fact you may want to put the parent directory or another location). Keep in mind the "cwd" setting (on line 5) must be the full path to your [dspace-angular] folder.

Code Block

title	dspace-angular.json

{
    "apps": [
        {
            "name": "dspace-angular",
            "cwd": "/home/dspace/dspace-angular",
            "script": "yarn",
            "args": "run serve:ssr",
           "interpreter": "none"
        }
    ]
}

Now, start the application using PM2 using the configuration file you created in the previous step

Code Block

# In this example, we are assuming the config is named "dspace-angular.json"
pm2 start dspace-angular.json

# To see the logs, you'd run
# pm2 logs

# To stop it, you'd run
# pm2 stop dspace-angular.json

For more PM2 commands see https://pm2.keymetrics.io/docs/usage/quick-start/
HINT: You may also want to install/configure pm2-logrotate to ensure that PM2's log folder doesn't fill up over time.

At this point, the User Interface should be available at the URL you configured in your environment.prod.ts
1. For an example of what the default frontend looks like, visit the Demo Frontend: https://demo7.dspace.org/

For HTTPS (port 443) support, you have two options

(Recommended) You can install either Apache HTTPD or Nginx , configuring SSL at that level, and proxy requests to PM2 (on port 4000). This is our current recommended approach. Plus, as a bonus, if you want to host the UI and Backend on the same server, you can use just one Apache HTTPD (or Nginx) to proxy to both. These instructions are specific to Apache.

Install Apache HTTPD, e.g. sudo apt install apache2
Install the mod_proxy and mod_proxy_http modules, e.g. sudo en2mod proxy; sudo a2enmod proxy_http
Restart Apache to enable

Now, setup a new VirtualHost for your site (preferably using HTTPS / port 443) which proxies all requests to PM2 running on port 4000.

Code Block

<VirtualHost _default_:443>
    .. setup your host how you want, including log settings...

    SSLEngine on
    SSLCertificateFile [full-path-to-PEM-cert]
    SSLCertificateKeyFile [full-path-to-cert-KEY]

    # Proxy all HTTPS requests from Apache to PM2 on port 4000
    ProxyPass / http://127.0.0.1:4000/
    ProxyPassReverse / http://127.0.0.1:4000/
</VirtualHost>

(Alternatively) You can use the basic HTTPS support built into dspace-angular node server. (This may currently be better for non-Production environments as it has not been well tested)
1. Create a [dspace-angular]/config/ssl/ folder and add a key.pem and cert.pem to that folder (they must have those exact names)
2. Enable "ui.ssl" (set to true)
3. Update your "ui.port" to be 443
  1. In order to run Node/PM2 on port 443, you also will likely need to provide node with special permissions, like in this example.
4. Rebuild and then restart the app in PM2
5. Keep in mind, while this setup is simple, you may not have the same level of detailed, Production logs as you would with Apache HTTPD or Nginx

Additional UI configurations are described in the environment.common.ts and at https://github.com/DSpace/dspace-angular/blob/main/docs/Configuration.md (More documentation will be coming soon)

...

By default, the DSpace REST API / Backend will only trust the application at dspace.ui.url. Therefore, you should first verify that your dspace.ui.url setting (in your local.cfg) exactly matches the public primary URL of your User Interface (i.e. the URL you see in the browser). This must be an exact match: mode (http vs https), domain, port, and subpath(s) all must match.
If you need to trust additional client applications / URLs, those MUST be added to the rest.cors.allowed-origins configuration. See REST API for details on this configuration.

...

If you need to be able to login to the REST API from other domains, then your Backend must be running HTTPS.
- If the REST API Backend is running HTTP, then it will always send the required DSPACE-XSRF-COOKIE cookie with a value of SameSite=Lax. This setting means that the cookie will not be sent (by your browser) to any other domains. Effectively, this will block all logins from any domain that is not the same as the REST API (as this cookie will not be sent back to the REST API as required for CSRF validation). In other words, running the REST API on HTTP is only possible if the User Interface is running on the exact same domain. For example, running both on 'localhost' with HTTP is a common development setup, and this will work fine.
- In order to allow for cross-domain logins, you MUST enable HTTPS on the REST API. This will result in the DSPACE-XSRF-COOKIE cookie being set to SameSite=None; Secure. This setting means the cookie will be sent cross domain, but only for HTTPS requests. It also allows the user interface (or other client applications) to be on any domain, provided that the domain is trusted by CORS (see rest.cors.allowed-origins setting in REST API)
Verify that your User Interface's "rest" section matches the value of "dspace.server.url" configuration on the Backend. This simply ensures your UI is sending requests to the correct REST API. Also pay close attention that both specify HTTPS when necessary (see previous bullet).
Verify that your "dspace.server.url" configuration on the Backend matches the public primary URL of the REST API (i.e. the URL you see in the browser). This must be an exact match: mode (http vs https), domain, port, and subpath(s) all must match.
Verify that your "dspace.ui.url" configuration on the Backend matches the public primary URL of your User Interface (i.e. the URL you see in the browser). This must be an exact match: mode (http vs https), domain, port, and subpath(s) all must match.
If you are running a custom application, or accessing the REST API from the command-line (or other third party tool like Postman), you MUST ensure you are sending the CSRF token on every modifying request. See our REST Contract for more details https://github.com/DSpace/RestContract/blob/main/csrf-tokens.md

...

All Versions

DSpace Documentation

Page tree

Versions Compared

Old Version 62

New Version 63

Key