Index: openacs-4/packages/acs-core-docs/www/openacs.html =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/acs-core-docs/www/openacs.html,v diff -u -r1.10 -r1.11 --- openacs-4/packages/acs-core-docs/www/openacs.html 20 Aug 2003 16:20:16 -0000 1.10 +++ openacs-4/packages/acs-core-docs/www/openacs.html 14 Oct 2003 11:02:58 -0000 1.11 @@ -1,22 +1,20 @@ - -Install OpenACS 5.0.0d

Install OpenACS 5.0.0d

+Install OpenACS 5.0.0a1

Install OpenACS 5.0.0a1

by Vinod Kurup
OpenACS docs are written by the named authors, and may be edited by OpenACS documentation staff. -

Set up the file system for an OpenACS Service

  1. The reference install stores all OpenACS services in - /web, with one subdirectory per - service. The first time you install a service, you must create - that directory and set its permissions:

    [root@yourserver root]# mkdir /web
    -[root@yourserver root]# chgrp web /web
    -[root@yourserver root]# chmod 770 /web
    +        

Set up the file system for an OpenACS Service

  1. The reference install stores all OpenACS services in + /var/lib/aolserver, with one subdirectory per service. The first time you install a service, you must create + that directory and set its permissions:

    [root@yourserver root]# mkdir /var/lib/aolserver
    +[root@yourserver root]# chgrp web /var/lib/aolserver
    +[root@yourserver root]# chmod 770 /var/lib/aolserver
     [root@yourserver root]#
    -
    mkdir /web
    -chgrp web /web
    -chmod 770 /web
  2. You should already have downloaded the OpenACS tarball - to the /tmp directory. If +

    mkdir /var/lib/aolserver
    +chgrp web /var/lib/aolserver
    +chmod 770 /var/lib/aolserver
  3. You should already have downloaded the OpenACS tarball + to the /tmp directory. If not, download the OpenACS tarball and save it in - /tmp and proceed:

  4. Set up your user account.

    + /tmp and proceed:

  5. Set up your user account.

    AOLserver needs to be started as the root user if you want to use port 80. Once it starts, though, it will drop the root privileges and run as another user, which you must specify on the command line. It's @@ -29,36 +27,36 @@ for each different service. A service name should be a single word, letters and numbers only. If the name of your site is one word, that would be a good choice. For - example "service0" might be the service name for the - service0.net - community.

    For the 5.0.0d-P and 5.0.0d-O Reference Platform, - we'll use a server named service0 and - a user named service0. We'll leave the password + example "service0" might be the service name for the + service0.net + community.

    For the 5.0.0a1-P and 5.0.0a1-O Reference Platform, + we'll use a server named service0 and + a user named service0. We'll leave the password blank for increased security. The only way to log in will be with ssh certificates. The only people who should log in are developers for that specific instance. Add this user, and put - it in the web group so that it + it in the web group so that it can use database commands associated with that group. -

    [root@yourserver root]# useradd -g web service0 -d /home/service0
    +    

    [root@yourserver root]# useradd -g web service0 -d /home/service0
     [root@yourserver root]#

    Set up database environment variables. They are necessary for working with the database. -

    [root@yourserver root]# su - service0
    -[service0@yourserver service0]$ emacs .bashrc

    Put in the appropriate lines for the database you are running. If you will use both databases, put in both sets of lines.

    • PostGreSQL:

      export LD_LIBRARY_PATH=LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/usr/local/pgsql/lib
      +

      [root@yourserver root]# su - service0
      +[service0@yourserver service0]$ emacs .bashrc

      Put in the appropriate lines for the database you are running. If you will use both databases, put in both sets of lines.

      • PostGreSQL:

        export LD_LIBRARY_PATH=LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/usr/local/pgsql/lib
         export PATH=$PATH:/usr/local/pgsql/bin
      • Oracle. These environment variables are specific for a local Oracle installation communicating via IPC. If you are connecting to a remote Oracle installation, you'll need to adjust these appropriately. Also, make sure that the '8.1.7' matches your Oracle version.

        export ORACLE_BASE=/ora8/m01/app/oracle
        -export ORACLE_HOME=$ORACLE_BASE/product/8.1.7
        +export ORACLE_HOME=$ORACLE_BASE/product/8.1.7
         export PATH=$PATH:$ORACLE_HOME/bin
         export LD_LIBRARY_PATH=$ORACLE_HOME/lib:/lib:/usr/lib
         export ORACLE_SID=ora8
         export ORACLE_TERM=vt100
         export ORA_NLS33=$ORACLE_HOME/ocommon/nls/admin/data

      Test this by logging out and back in as - service0 and checking the paths.

      [service0@yourserver service0]$ exit
      +	service0 and checking the paths.

      [service0@yourserver service0]$ exit
       logout
      -[root@yourserver src]# su - service0
      -[postgres@yourserver pgsql]$ env | grep PATH
      +[root@yourserver src]# su - service0
      +[postgres@yourserver pgsql]$ env | grep PATH
       

      For PostGreSQL, you should see:

       LD_LIBRARY_PATH=LD_LIBRARY_PATH=:/usr/local/pgsql/lib
       PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:/usr/bin/X11:/usr/X11R6/bin:/root/bin:/usr/local/pgsql/bin:/usr/local/pgsql/bin

      For Oracle:

      ORACLE_BASE=/ora8/m01/app/oracle
      @@ -67,56 +65,56 @@
       LD_LIBRARY_PATH=/ora8/m01/app/oracle/product/8.1.7/lib:/lib:/usr/lib
       ORACLE_SID=ora8
       ORACLE_TERM=vt100
      -ORA_NLS33=$ORACLE_HOME/ocommon/nls/admin/data
      [service0@yourserver service0]$ exit
      +ORA_NLS33=$ORACLE_HOME/ocommon/nls/admin/data
      [service0@yourserver service0]$ exit
       logout
       
      -[root@yourserver root]#
    • Unpack the OpenACS tarball and rename it to service0. Secure the directory so that only the owner can access it. Check the permissions by listing the directory.

      [root@yourserver root]# su - service0
      -[service0@yourserver service0]$ cd /web
      -[service0@yourserver web]$ tar xzf /tmp/openacs-5.0.0d.tgz
      -[service0@yourserver web]$ mv openacs-5.0.0d service0
      -[service0@yourserver web]$ chmod -R 700 service0
      -[service0@yourserver web]$ ls -al
      +[root@yourserver root]#
    • Unpack the OpenACS tarball and rename it to service0. Secure the directory so that only the owner can access it. Check the permissions by listing the directory.

      [root@yourserver root]# su - service0
      +[service0@yourserver service0]$ cd /var/lib/aolserver
      +[service0@yourserver aolserver]$ tar xzf /tmp/openacs-5.0.0a1.tgz
      +[service0@yourserver aolserver]$ mv openacs-5.0.0a1 service0
      +[service0@yourserver aolserver]$ chmod -R 700 service0
      +[service0@yourserver aolserver]$ ls -al
       total 3
       drwxrwx---    3 root     web          1024 Mar 29 16:41 .
       drwxr-xr-x   25 root     root         1024 Mar 29 16:24 ..
       drwx------    7 service0 web          1024 Jan  6 14:36 service0
      -[service0@yourserver web]$ exit
      +[service0@yourserver aolserver]$ exit
       logout
       
       [root@yourserver root]#
      -
      su - service0
      -cd /web
      -tar xzf /tmp/openacs-5.0.0d.tgz
      -mv openacs-5.0.0d service0
      +
      su - service0
      +cd /var/lib/aolserver
      +tar xzf /tmp/openacs-5.0.0a1.tgz
      +mv openacs-5.0.0a1 service0
       chmod -R 700 service0/
      -exit
    • Add the Service to CVS (OPTIONAL)

    • (This step should be obsoleted by the 5.0.0 tarball, as +exit

  6. Add the Service to CVS (OPTIONAL)

  7. (This step should be obsoleted by the 5.0.0 tarball, as these directories will be included in the tarball)Set up several additional directories in the service root: - etc is for configuration and control files, log is for error and request (web page hit) log files, and database-backup is for database backup files. If you did the CVS step, note that these new directories are excluded from that step so that you can decide whether or not you want your logs and config files in source control.

    [root@yourserver root]# su - service0
    -[service0@yourserver service0]$ mkdir /web/service0/etc /web/service0/log /web/service0/database-backup
    -[service0@yourserver web]$ exit
    +      etc is for configuration and control files, log is for error and request (web page hit) log files, and database-backup is for database backup files.  If you did the CVS step, note that these new directories are excluded from that step so that you can decide whether or not you want your logs and config files in source control.

    [root@yourserver root]# su - service0
    +[service0@yourserver service0]$ mkdir /var/lib/aolserver/service0/etc /var/lib/aolserver/service0/log /var/lib/aolserver/service0/database-backup
    +[service0@yourserver aolserver]$ exit
     logout
     
    -[root@yourserver web]#
    -
    su - service0
    -mkdir /web/service0/etc /web/service0/log /web/service0/database-backup
    -exit

Prepare Oracle for OpenACS

If you won't be using Oracle, skip to the section called “Prepare PostgreSQL for an OpenACS Service”

+[root@yourserver aolserver]# +

su - service0
+mkdir /var/lib/aolserver/service0/etc /var/lib/aolserver/service0/log /var/lib/aolserver/service0/database-backup
+exit

Prepare Oracle for OpenACS

If you won't be using Oracle, skip to Section�, “Prepare PostgreSQL for an OpenACS Service”

You should be sure that your user account - (e.g. service0) is in the - dba group. + (e.g. service0) is in the + dba group.

  1. Verify membership by typing - groups when you login: + groups when you login:

    -service0:~$ groups
    +service0:~$ groups
     dba web

    If you do not see these groups, take the following action:

    -service0:~$ su -      
    +service0:~$ su -      
     Password: ************
    -root:~# adduser service0 dba

    +root:~# adduser service0 dba

    If you get an error about an undefined group, then add that group manually: @@ -125,15 +123,15 @@ root:~# groupadd dba root:~# groupadd web

    - Make sure to logout as root when + Make sure to logout as root when you are finished with this step and log back in as your regular user.

  2. Connect to Oracle using - svrmgrl and login: + svrmgrl and login:

    -service0:~$ svrmgrl
    +service0:~$ svrmgrl
     
     SVRMGR> connect internal
     Connected.

    @@ -156,31 +154,31 @@ Using the above output, you should determine where to store your tablespace. As a general rule, you'll want to store your tablespace on a mount point under the - /ora8 directory that is separate + /ora8 directory that is separate from the Oracle system data files. By default, the Oracle system - is on m01, so we will use - m02. This enables your Oracle + is on m01, so we will use + m02. This enables your Oracle system and database files to be on separate disks for optimized performance. For more information on such a configuration, see Chapter 12 of Philip's book. For this example, we'll use - /ora8/m02/oradata/ora8/. + /ora8/m02/oradata/ora8/.

  3. Create the directory for the datafile; to do this, - exit from svrmgrl and login as - root for this step:

    +		  exit from svrmgrl and login as
    +		  root for this step: 

     SVRMGR> exit
    -service0:~$ su -
    +service0:~$ su -
     Password: ************
     root:~# mkdir -p /ora8/m02/oradata/ora8/
    -root:~# chown service0.web /ora8/m02/oradata/ora8
    +root:~# chown service0.web /ora8/m02/oradata/ora8
     root:~# chmod 775 /ora8/m02/oradata/ora8
     root:~# exit
    -service0:~$
  4. +service0:~$

  5. Create a tablespace for the service. It is important that the - tablespace can autoextend. This + tablespace can autoextend. This allows the tablespace's storage capacity to grow as the size of the data grows. We set the pctincrease to be a very low value so that our extents won't grow geometrically. We do not set @@ -189,11 +187,11 @@ tablespace.

    -service0:~$ svrmgrl
    +service0:~$ svrmgrl
     
     SVRMGR> connect internal;
    -SVRMGR> create tablespace service0 
    -             datafile '/ora8/m02/oradata/ora8/service001.dbf' 
    +SVRMGR> create tablespace service0 
    +             datafile '/ora8/m02/oradata/ora8/service001.dbf' 
                  size 50M 
                  autoextend on 
                  next 10M
    @@ -202,26 +200,26 @@
                  uniform size 32K;
  6. Create a database user for this service. Give the user access to the tablespace and rights to connect. We'll use - service0password as our password.

    + service0password as our password.

    Write down what you specify as service_name - (i.e. service0) and + (i.e. service0) and database_password - (i.e. service0password). You + (i.e. service0password). You will need this information for configuring exports and AOLserver.

    -SVRMGR> create user service0 identified by service0password default tablespace service0
    -temporary tablespace temp quota unlimited on service0;
    -SVRMGR> grant connect, resource, ctxapp, javasyspriv, query rewrite to service0;
    -SVRMGR> revoke unlimited tablespace from service0;
    -SVRMGR> alter user service0 quota unlimited on service0;
    +SVRMGR> create user service0 identified by service0password default tablespace service0
    +temporary tablespace temp quota unlimited on service0;
    +SVRMGR> grant connect, resource, ctxapp, javasyspriv, query rewrite to service0;
    +SVRMGR> revoke unlimited tablespace from service0;
    +SVRMGR> alter user service0 quota unlimited on service0;
     SVRMGR> exit;

    Your table space is now ready. In case you are trying to delete a - previous OpenACS installation, consult these commands in the section called “Deleting a tablespace” below. + previous OpenACS installation, consult these commands in Section�, “Deleting a tablespace” below.

  7. Make sure that you can login to Oracle using your service_name account:

    -service0:~$ sqlplus service0/service0password
    +service0:~$ sqlplus service0/service0password
     SQL> select sysdate from dual;
     
     SYSDATE
    @@ -232,41 +230,41 @@
     		  You should see today's date in a format 'YYYY-MM-DD.'
     		  If you can't login, try redoing step 1 again. If the date is
     		  in the wrong format, make sure you followed the steps outlined in
    -		  the section called “Troubleshooting Oracle Dates”
    -		  

Prepare PostgreSQL for an OpenACS Service

  1. Create a user in the database matching the service name.

    [root@yourserver root]# su - postgres
    -[postgres@yourserver pgsql]$ createuser service0
    -Shall the new user be allowed to create databases? (y/n) y
    -Shall the new user be allowed to create more new users? (y/n) y
    +		  Section�, “Troubleshooting Oracle Dates”
    +		  

Prepare PostgreSQL for an OpenACS Service

  1. Create a user in the database matching the service name.

    [root@yourserver root]# su - postgres
    +[postgres@yourserver pgsql]$ createuser service0
    +Shall the new user be allowed to create databases? (y/n) y
    +Shall the new user be allowed to create more new users? (y/n) y
     CREATE USER
    -[postgres@yourserver pgsql]$ exit
    +[postgres@yourserver pgsql]$ exit
     logout
     
    -[root@yourserver root]#
  2. Create a database with the same name as our service name, service0.

    [root@yourserver root]# su - service0
    -[service0@yourserver service0]$ createdb -E UNICODE service0
    +[root@yourserver root]#
  3. Create a database with the same name as our service name, service0.

    [root@yourserver root]# su - service0
    +[service0@yourserver service0]$ createdb -E UNICODE service0
     CREATE DATABASE
     [service0@yourserver service0]$
    -
    su - service0
    -createdb -E UNICODE service0
  4. Automate daily database Vacuuming. This is a process which cleans out discarded data from the database. A quick way to automate vacuuming is to edit the cron file for the database user.

    [service0@yourserver service0]$ export EDITOR=emacs;crontab -e

    Add this line to the file. The numbers and stars at the beginning are cron columns that specify when the program should be run - in this case, whenever the minute is 0 and the hour is 1, i.e., 1:00 am every day.

    0 1 * * * /usr/local/pgsql/bin/vacuumdb --analyze service0
  5. Add Full Text Search Support (OPTIONAL)

  6. [service0@yourserver service0]$ exit
    +
    su - service0
    +createdb -E UNICODE service0
  7. Automate daily database Vacuuming. This is a process which cleans out discarded data from the database. A quick way to automate vacuuming is to edit the cron file for the database user.

    [service0@yourserver service0]$ export EDITOR=emacs;crontab -e

    Add this line to the file. The numbers and stars at the beginning are cron columns that specify when the program should be run - in this case, whenever the minute is 0 and the hour is 1, i.e., 1:00 am every day.

    0 1 * * * /usr/local/pgsql/bin/vacuumdb --analyze service0
  8. Add Full Text Search Support (OPTIONAL)

  9. [service0@yourserver service0]$ exit
     logout
     
    -[root@yourserver root]# 

Configure an AOLserver Service for OpenACS

  1. +[root@yourserver root]#

Configure an AOLserver Service for OpenACS

  1. The AOLserver architecture lets you run an arbitrary number of virtual servers. A virtual server is an HTTP service running on a specific port, e.g. port 80. In order for OpenACS to work, you need to configure a virtual server. The Reference Platform uses a configuration file included in the OpenACS tarball, - /web/service0/etc/config.tcl. - Open it in an editor to adjust the parameters.

    [root@yourserver root]# su - service0
    -[service0@yourserver service0]$ cd /web/service0/etc
    -[service0@yourserver etc]# emacs config.tcl
    +	  /var/lib/aolserver/service0/etc/config.tcl.
    +	   Open it in an editor to adjust the parameters.

    [root@yourserver root]# su - service0
    +[service0@yourserver service0]$ cd /var/lib/aolserver/service0/etc
    +[service0@yourserver etc]# emacs config.tcl
     

    - You can continue without changing any values in the file. However, if you don't change address to match the computer's ip address, you won't be able to browse to your server from other machines. + You can continue without changing any values in the file. However, if you don't change address to match the computer's ip address, you won't be able to browse to your server from other machines.

    • httpport - If you want your server on a different port, enter it here. The Reference Platform port is 8000, which is suitable for development use. Port 80 is the standard http port - it's the port used by your browser when you enter http://yourserver.test. So you should use port 80 for your production site.

    • httpsport - This is the port for https requests. The Reference Platform https port is 8443. If http port is set to 80, httpsport should be 143 to match the standard.

    • - address - The IP address of the server. If you are hosting multiple IPs on one computer, this is the address specific to the web site. Each virtual server will ignore any requests directed at other addresses.

    • server - This is the keyword that, by convention, identifies the service. It is also used as part of the path for the service root, as the name of the user for running the service, as the name of the database, and in various dependent places. The Reference Platform uses service0. + address - The IP address of the server. If you are hosting multiple IPs on one computer, this is the address specific to the web site. Each virtual server will ignore any requests directed at other addresses.

    • server - This is the keyword that, by convention, identifies the service. It is also used as part of the path for the service root, as the name of the user for running the service, as the name of the database, and in various dependent places. The Reference Platform uses service0.

    • db_name - In almost all cases, this can be kept as a reference to $server. If for some reason, @@ -281,56 +279,56 @@ started, but for more options, read the AOLServer docs.

    • Enable OpenFTS Full Text Search (OPTIONAL)

    • Install nsopenssl - for SSL support. (OPTIONAL)

Verify AOLserver startup

  1. + for SSL support. (OPTIONAL)

Verify AOLserver startup

  1. Kill any current running AOLserver processes and start a new one. If you are using Oracle, rather than PostgreSQL, replace - nsd-postgres with - nsd-oracle).

    If you want to use port 80, there are complications. + nsd-postgres with + nsd-oracle).

    If you want to use port 80, there are complications. First, Aolserver must be root to use system ports such as 80, but refuses to run as root for security reasons. Thus you must start as root and specify a non-root user ID and Group ID which Aolserver will switch to after claiming the port. To do so, find the UID and GID of the - service0 user via - grep service0 + service0 user via + grep service0 /etc/passwd and then put those numbers into - the command line via -u - 501 -g - 502. Second, if you are root then killall will affect all OpenACS services on the machine, so if there's more than one you'll have to do ps -auxw | grep - nsd and selectively kill by job number.

    [service0@yourserver etc]$ killall nsd
    +	  the command line via -u
    +	  501 -g
    +	  502.  Second, if you are root then killall will affect all OpenACS services on the machine, so if there's more than one you'll have to do ps -auxw | grep
    +	  nsd and selectively kill by job number.

    [service0@yourserver etc]$ killall nsd
     nsd: no process killed
    -[service0@yourserver service0]$ /usr/local/aolserver/bin/nsd-postgres -t /web/service0/etc/config.tcl
    +[service0@yourserver service0]$ /usr/local/aolserver/bin/nsd-postgres -t /var/lib/aolserver/service0/etc/config.tcl
     [service0@yourserver service0]$ [08/Mar/2003:18:13:29][32131.8192][-main-] Notice: nsd.tcl: starting to read config file...
     [08/Mar/2003:18:13:29][32131.8192][-main-] Notice: nsd.tcl: finished reading config file.
  2. Attempt to connect to the service from a web browser. You should specify a URL like: -

    http://yourserver.test:8000

    +

    http://yourserver.test:8000

    You should see a page that looks like this. If you imported your files into cvs, now that you know it worked you can erase the temp - directory with rm -rf /web/service0.orig. + directory with rm -rf /var/lib/aolserver/service0.orig.

    If you don't see the login page, view your error log - (/web/service0/log/service0-error.log) + (/var/lib/aolserver/service0/log/service0-error.log) to make sure the service is starting without any problems. The most common errors here are trying to start a port 80 server while not root, failing to connect because of a firewall, and aolserver failing to start due to permissions errors or missing files. If you need to make changes, don't forget to kill any running servers with - killall nsd. + killall nsd.

  3. Automate - AOLserver keepalive (OPTIONAL)

Configure a Service with the OpenACS Installer

+ AOLserver keepalive (OPTIONAL)

Configure a Service with the OpenACS Installer

Now that you've got AOLserver up and running, let's install OpenACS - 5.0.0d. + 5.0.0a1.

  • You should see a page from the webserver titled - OpenACS Installation: + OpenACS Installation: Welcome. You will be warned if your version of the database driver is out of date, if AOLserver cannot connect to the database, if any modules are missing or out-of-date, or if there are any problems with filesystem permissions on the server side. But if everything is fine, you can click - Next to proceed to load the + Next to proceed to load the OpenACS Kernel data model.

  • @@ -343,44 +341,44 @@ Loading package .info files ... this will take a few minutes

    This will really take a few minutes. Have faith! Finally, another - Next button will appear at the + Next button will appear at the bottom - click it.

  • The following page shows the results of loading the core package data models. You should see positive results for each of the previously selected packages, but watch out for any - errors. Eventually, the page will display "Generating secret - tokens" and then "Done"- click - Next. + errors. Eventually, the page will display "Generating secret + tokens" and then "Done"- click + Next.

  • - You should see a page, "OpenACS Installation: Create - Administrator" with form fields to define the OpenACS site + You should see a page, "OpenACS Installation: Create + Administrator" with form fields to define the OpenACS site administrator. Fill out the fields as appropriate, and click - Create User. + Create User.

  • - You should see a page, "OpenACS Installation: Set System - Information" allowing you to name your service. Fill out the - fields as appropriate, and click Set System + You should see a page, "OpenACS Installation: Set System + Information" allowing you to name your service. Fill out the + fields as appropriate, and click Set System Information

  • - You'll see the final Installer page, "OpenACS - Installation: Complete." It will tell you that the server is + You'll see the final Installer page, "OpenACS + Installation: Complete." It will tell you that the server is being restarted; note that unless you already set up a way for AOLServer to restart itself (ie. inittab or daemontools), you'll need to manually restart your service. -

    [service0@yourserver service0]$ /usr/local/aolserver/bin/nsd-postgres -t /web/service0/config.tcl
  • +

    [service0@yourserver service0]$ /usr/local/aolserver/bin/nsd-postgres -t /var/lib/aolserver/service0/config.tcl
  • Give the server a few minutes to start up. Then reload the final page above. You should see the front page, with an area to login near the upper right. Congratulations, OpenACS - 5.0.0d is now up and running! + 5.0.0a1 is now up and running!

  • Install Full Text Search (OPTIONAL). If you have installed OpenFTS and enabled OpenFTS, you can now install the OpenFTS Driver package and - Full Text Search Engine package in the OpenACS service.

Next Steps

  • This is a good time to make a backup of your service. If this is a + Full Text Search Engine package in the OpenACS service.

Next Steps

  • This is a good time to make a backup of your service. If this is a production site, you should set up automatic nightly backups.

  • If you want traffic reports, set up analog or another log processing program.

  • Follow the instruction on the home page to change the appearance of your service or add more