Versions Compared

Old Version 23

changes.mady.by.user Jamin Ragle

Saved on

compared with

New Version 24

changes.mady.by.user Jamin Ragle

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Update /etc/tomcat5/tomcat5.conf to turn on UTF-8 and some Java memory settings in Tomcat5:
    Code Block
    vi /etc/tomcat5/tomcat5.conf
    No Format
    #JAVA_OPTS="-Xminf0.1 -Xmaxf0.3"
JAVA_OPTS="-Xmx512M -Xms64M -Dfile.encoding=UTF-8"
  2. Edit Tomcat server config to use the appBase dspace webapps directory and use UTF-8 file encoding:
    Code Block
    vi /etc/tomcat5/server.xml
    Add URIEncoding="UTF-8", when finished it looks like the following:
    No Format
    <Connector port="8080" URIEncoding="UTF-8" maxHttpHeaderSize="8192"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" redirectPort="8443" acceptCount="100"
connectionTimeout="20000" disableUploadTimeout="true" />
    Also URIEncoding="UTF-8" for port 8443 & the AJP 1.3 Connector:
    No Format
    <!-- Define a SSL HTTP/1.1 Connector on port 8443 -->
<!--
<Connector port="8443" URIEncoding="UTF-8" maxHttpHeaderSize="8192"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" disableUploadTimeout="true"
acceptCount="100" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" />
-->

<!-- Define an AJP 1.3 Connector on port 8009 -->
<Connector port="8009" URIEncoding="UTF-8"
enableLookups="false" redirectPort="8443" protocol="AJP/1.3" />
    Change the default appBase to use the dspace/webapps directory and add some new Context path's:
    No Format
    <Host name="localhost" appBase="/opt/dspace/webapps"
unpackWARs="true" autoDeploy="true"
xmlValidation="false" xmlNamespaceAware="false">

<!-- DEFINE A CONTEXT PATH FOR DSpace JSP User Interface  -->
<Context path="/jspui" docBase="/opt/dspace/webapps/jspui" debug="0" reloadable="true" cachingAllowed="false" allowLinking="true"/>

<!-- DEFINE A CONTEXT PATH FOR DSpace XML User Interface (Manakin) -->
<Context path="/xmlui" docBase="/opt/dspace/webapps/xmlui" debug="0" reloadable="true" cachingAllowed="false" allowLinking="true"/>

<!-- DEFINE A CONTEXT PATH FOR DSpace OAI User Interface  -->
<Context path="/oai" docBase="/opt/dspace/webapps/oai" debug="0" reloadable="true" cachingAllowed="false" allowLinking="true"/>
  3. Configure mod_proxy_ajp connector, /etc/httpd/conf.d/proxy_ajp.conf:
    Code Block
    vi /etc/httpd/conf.d/proxy_ajp.conf
    _Append this to the end of the file:\_ (file:_)
    No Format
    # Always keep the host header
ProxyPreserveHost On

# Dspace related rules
ProxyPass#ProxyPass /do_not_touch         \!
ProxyPass /                     ajp://localhost:8009/
ProxyPassReverse /              ajp://localhost:8009/
ProxyPassReverseCookiePath /    /
    Note

    *Note:*If you want to block the ajp connector from connecting to something, the "!" <bang> sets Apache web-server to NOT REDIRECT everything under /do_not_touch

  4. Configure the default vhost:
    Code Block
    vi /etc/httpd/conf.d/dspace.conf
    No Format
    # Dspace vhost
<VirtualHost _default_:80>
ServerName repository.unm.edu
DocumentRoot "/opt/dspace/webapps"
ErrorLog logs/repository-error_log
CustomLog logs/repository-access_log common

RewriteEngine On
RewriteRule \^/dspace/(.*) /$1 [R=permanent]
</VirtualHost>

...

  1. Create a override config for Dspace to relocate the DB to /opt/dspace/database:
    Code Block
    vi /etc/sysconfig/pgsql/postgresql
    Contents are as follows:
    No Format
    # New Location for the Dspace install of the database
PGDATA=/opt/dspace/database
  2. Start the PostgreSQL Service to generate the initial config files:
    Code Block
    service postgresql start
  3. Edit /opt/dspace/database/postgresql.conf:
    Code Block
    vi /opt/dspace/database/postgresql.conf
    uncomment the line #listen_address = 'localhost'
    No Format
    listen_addresses = 'localhost'
  4. Edit /opt/dspace/database/pg_hba.conf:
    Code Block
    vi /opt/dspace/database/pg_hba.conf
    and modify the "local" connections like the following:
    No Format
    local   all         all                               trust
host    all         all         127.0.0.1/32          trust
    Notewarning

    Note: Less than ideal, but this works. – Needs clean up. Should Warning: Setting these connections to "trust" is less than ideal from a security perspective. This works for us as we do not allow any external connections to the database. If you want to allow external connections, this setting should be at least md5. .. This The "trust" setting is still relatively safe as long as you only allow LOCAL local connections.

  5. Then restart PostgreSQL:
    Code Block
    service postgresql restart
  6. Create the dspace database user and initial database:
    Code Block
    su -c "createuser -U postgres -d -A -R -P dspace" postgres;
su -c "createdb -U dspace -E UNICODE dspace" postgres
    You will be prompted for a password for the DSpace database.(This isn't the same as the dspace user's password. )
    Note

    Note: You may get a error if you were still in the /root home directory when you ran the commands. This can be safely ignored.

...

  1. Setup sudo access for WEBADMINS:
    Code Block
    visudo
    Append this to the end of the file:
    No Format
    ## Sudo rules for the Postgresql service
User_Alias DBADMINS = <insert your users or groups>
Cmnd_Alias PSQL_CTRL = /sbin/service postgresql *
Cmnd_Alias POSTGRES_USR = /bin/su - postgres
DBADMINS   ALL= PSQL_CTRL, POSTGRES_USR

## Sudo rules for people who are Web Admins:
## They can influence Apache, Tomcat5, and the Dspace Handle Service.
User_Alias WEBADMINS = <insert your users or groups>
Cmnd_Alias WEB_EDIT_CFGS = /usr/bin/rvim /etc/php.*, /usr/bin/rvim /etc/httpd/*, /usr/bin/rvim /etc/tomcat5/\*
Cmnd_Alias APACHE_CTRL = /sbin/service httpd *
Cmnd_Alias TOMCAT5_CTRL = /sbin/service tomcat5 *
Cmnd_Alias HANDLE_CTRL = /sbin/service dspace-handle *
WEBADMINS  ALL= APACHE_CTRL, TOMCAT5_CTRL, HANDLE_CTRL, WEB_EDIT_CFGS

## Some Dspace specific rules, required since we don't have a "dspace" user.
User_Alias DS_ADMINS = <insert your Dspace developer(s)>
Cmnd_Alias DS_BUILD = /usr/bin/ant *
Cmnd_Alias DS_CMDS = /opt/dspace/bin/\*
Cmnd_Alias DS_HANDLE_CFG = /usr/bin/rvim /opt/dspace/handle-server/config.dct
DS_ADMINS ALL=(tomcat) DS_BUILD, DS_CMDS, DS_HANDLE_CFG
DS_ADMINS ALL= /opt/dspace/sbin/make_xmlui_active
  2. Add a helper script when DSpace updates occur:
    Code Block
    su -c "mkdir /opt/dspace/sbin" tomcat; vi /opt/dspace/sbin/make_xmlui_active
    The contents are simply:
    No Format
    # Make the xmlui the default ROOT, since any DSpace updates clobber the old one.
su \-c "cd /opt/dspace/webapps; ln \-s ./xmlui ROOT" tomcat
  3. Make sure we flag the execute bit:
    Code Block
    chmod \+x /opt/dspace/sbin/make_xmlui_active
    Note

    *Note:* There is a matching sudo rule for this above, which ends up running as root to force ownership as tomcat. This file is owned by root and can not be modified by anyone else on the system, other than root. It's purpose is to put the ROOT link back to xmlui in /opt/dspace/webapps after every update. Unfortunately it couldn't be placed in dspace/bin, since DSpace nukes that directory regularly.