...
- Update /etc/tomcat5/tomcat5.conf to turn on UTF-8 and some Java memory settings in Tomcat5:
Code Block vi /etc/tomcat5/tomcat5.conf
No Format #JAVA_OPTS="-Xminf0.1 -Xmaxf0.3" JAVA_OPTS="-Xmx512M -Xms64M -Dfile.encoding=UTF-8"
- Edit Tomcat server config to use the appBase dspace webapps directory and use UTF-8 file encoding:
Add URIEncoding="UTF-8", when finished it looks like the following:Code Block vi /etc/tomcat5/server.xml
Also URIEncoding="UTF-8" for port 8443 & the AJP 1.3 Connector:No Format <Connector port="8080" URIEncoding="UTF-8" maxHttpHeaderSize="8192" maxThreads="150" minSpareThreads="25" maxSpareThreads="75" enableLookups="false" redirectPort="8443" acceptCount="100" connectionTimeout="20000" disableUploadTimeout="true" />
Change the default appBase to use the dspace/webapps directory and add some new Context path's:No Format <!-- Define a SSL HTTP/1.1 Connector on port 8443 --> <!-- <Connector port="8443" URIEncoding="UTF-8" maxHttpHeaderSize="8192" maxThreads="150" minSpareThreads="25" maxSpareThreads="75" enableLookups="false" disableUploadTimeout="true" acceptCount="100" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" /> --> <!-- Define an AJP 1.3 Connector on port 8009 --> <Connector port="8009" URIEncoding="UTF-8" enableLookups="false" redirectPort="8443" protocol="AJP/1.3" />
No Format <Host name="localhost" appBase="/opt/dspace/webapps" unpackWARs="true" autoDeploy="true" xmlValidation="false" xmlNamespaceAware="false"> <!-- DEFINE A CONTEXT PATH FOR DSpace JSP User Interface --> <Context path="/jspui" docBase="/opt/dspace/webapps/jspui" debug="0" reloadable="true" cachingAllowed="false" allowLinking="true"/> <!-- DEFINE A CONTEXT PATH FOR DSpace XML User Interface (Manakin) --> <Context path="/xmlui" docBase="/opt/dspace/webapps/xmlui" debug="0" reloadable="true" cachingAllowed="false" allowLinking="true"/> <!-- DEFINE A CONTEXT PATH FOR DSpace OAI User Interface --> <Context path="/oai" docBase="/opt/dspace/webapps/oai" debug="0" reloadable="true" cachingAllowed="false" allowLinking="true"/>
- Configure mod_proxy_ajp connector, /etc/httpd/conf.d/proxy_ajp.conf:
_Append this to the end of the file:\_ (file:_)Code Block vi /etc/httpd/conf.d/proxy_ajp.conf
No Format # Always keep the host header ProxyPreserveHost On # Dspace related rules ProxyPass#ProxyPass /do_not_touch \! ProxyPass / ajp://localhost:8009/ ProxyPassReverse / ajp://localhost:8009/ ProxyPassReverseCookiePath / /
Note *Note:*If you want to block the ajp connector from connecting to something, the "!" <bang> sets Apache web-server to NOT REDIRECT everything under /do_not_touch
- Configure the default vhost:
Code Block vi /etc/httpd/conf.d/dspace.conf
No Format # Dspace vhost <VirtualHost _default_:80> ServerName repository.unm.edu DocumentRoot "/opt/dspace/webapps" ErrorLog logs/repository-error_log CustomLog logs/repository-access_log common RewriteEngine On RewriteRule \^/dspace/(.*) /$1 [R=permanent] </VirtualHost>
...
- Create a override config for Dspace to relocate the DB to /opt/dspace/database:
Contents are as follows:Code Block vi /etc/sysconfig/pgsql/postgresql
No Format # New Location for the Dspace install of the database PGDATA=/opt/dspace/database
- Start the PostgreSQL Service to generate the initial config files:
Code Block service postgresql start
- Edit /opt/dspace/database/postgresql.conf:
uncomment the line #listen_address = 'localhost'Code Block vi /opt/dspace/database/postgresql.conf
No Format listen_addresses = 'localhost'
- Edit /opt/dspace/database/pg_hba.conf:
and modify the "local" connections like the following:Code Block vi /opt/dspace/database/pg_hba.conf
No Format local all all trust host all all 127.0.0.1/32 trust
Notewarning Note: Less than ideal, but this works. – Needs clean up. Should Warning: Setting these connections to "trust" is less than ideal from a security perspective. This works for us as we do not allow any external connections to the database. If you want to allow external connections, this setting should be at least md5. .. This The "trust" setting is still relatively safe as long as you only allow LOCAL local connections.
- Then restart PostgreSQL:
Code Block service postgresql restart
- Create the dspace database user and initial database:
You will be prompted for a password for the DSpace database.(This isn't the same as the dspace user's password. )Code Block su -c "createuser -U postgres -d -A -R -P dspace" postgres; su -c "createdb -U dspace -E UNICODE dspace" postgres
Note Note: You may get a error if you were still in the /root home directory when you ran the commands. This can be safely ignored.
...
- Setup sudo access for WEBADMINS:
Append this to the end of the file:Code Block visudo
No Format ## Sudo rules for the Postgresql service User_Alias DBADMINS = <insert your users or groups> Cmnd_Alias PSQL_CTRL = /sbin/service postgresql * Cmnd_Alias POSTGRES_USR = /bin/su - postgres DBADMINS ALL= PSQL_CTRL, POSTGRES_USR ## Sudo rules for people who are Web Admins: ## They can influence Apache, Tomcat5, and the Dspace Handle Service. User_Alias WEBADMINS = <insert your users or groups> Cmnd_Alias WEB_EDIT_CFGS = /usr/bin/rvim /etc/php.*, /usr/bin/rvim /etc/httpd/*, /usr/bin/rvim /etc/tomcat5/\* Cmnd_Alias APACHE_CTRL = /sbin/service httpd * Cmnd_Alias TOMCAT5_CTRL = /sbin/service tomcat5 * Cmnd_Alias HANDLE_CTRL = /sbin/service dspace-handle * WEBADMINS ALL= APACHE_CTRL, TOMCAT5_CTRL, HANDLE_CTRL, WEB_EDIT_CFGS ## Some Dspace specific rules, required since we don't have a "dspace" user. User_Alias DS_ADMINS = <insert your Dspace developer(s)> Cmnd_Alias DS_BUILD = /usr/bin/ant * Cmnd_Alias DS_CMDS = /opt/dspace/bin/\* Cmnd_Alias DS_HANDLE_CFG = /usr/bin/rvim /opt/dspace/handle-server/config.dct DS_ADMINS ALL=(tomcat) DS_BUILD, DS_CMDS, DS_HANDLE_CFG DS_ADMINS ALL= /opt/dspace/sbin/make_xmlui_active
- Add a helper script when DSpace updates occur:
The contents are simply:Code Block su -c "mkdir /opt/dspace/sbin" tomcat; vi /opt/dspace/sbin/make_xmlui_active
No Format # Make the xmlui the default ROOT, since any DSpace updates clobber the old one. su \-c "cd /opt/dspace/webapps; ln \-s ./xmlui ROOT" tomcat
- Make sure we flag the execute bit:
Code Block chmod \+x /opt/dspace/sbin/make_xmlui_active
Note *Note:* There is a matching sudo rule for this above, which ends up running as root to force ownership as tomcat. This file is owned by root and can not be modified by anyone else on the system, other than root. It's purpose is to put the ROOT link back to xmlui in /opt/dspace/webapps after every update. Unfortunately it couldn't be placed in dspace/bin, since DSpace nukes that directory regularly.