Index: openacs-4/packages/acs-core-docs/www/xml/install-guide/openacs.xml =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/acs-core-docs/www/xml/install-guide/openacs.xml,v diff -u -r1.11 -r1.12 --- openacs-4/packages/acs-core-docs/www/xml/install-guide/openacs.xml 14 Oct 2003 10:03:23 -0000 1.11 +++ openacs-4/packages/acs-core-docs/www/xml/install-guide/openacs.xml 5 Nov 2003 11:48:12 -0000 1.12 @@ -5,50 +5,40 @@ %myvars; ]> -Install OpenACS &version; + Install OpenACS &version; - by Vinod Kurup + by Vinod Kurup - Set up the file system for an OpenACS Service - - - - The reference install stores all OpenACS services in - /var/lib/aolserver, with one subdirectory per service. The first time you install a service, you must create - that directory and set its permissions: - [root@yourserver root]# mkdir /var/lib/aolserver + Set up the file system for one or more OpenACS Sites + For Linux Standard Base compliance and ease of backup, + all of the files in each OpenACS site are stored in a + subdirectory of + /var/lib/aolserver, one + subdirectory per site. The first time you install an OpenACS + site on a server, you must create the parent directory and set its permissions: + [root@yourserver root]# mkdir /var/lib/aolserver [root@yourserver root]# chgrp web /var/lib/aolserver [root@yourserver root]# chmod 770 /var/lib/aolserver [root@yourserver root]# mkdir /var/lib/aolserver chgrp web /var/lib/aolserver chmod 770 /var/lib/aolserver - - - - You should already have downloaded the OpenACS tarball - to the /tmp directory. If - not, download the OpenACS - tarball and save it in - /tmp and proceed: - - - - Set up your user account. - - + + + Set up a user account for each site. + AOLserver needs to be started as the root user if you want to use port 80. Once it starts, though, it will drop the root privileges and run as another user, which you must specify on the command line. It's important that this user has as few privileges as possible. Why? Because if an intruder somehow breaks in through AOLserver, you don't want her to have any ability to do damage to the rest of your server. - At the same time, AOLserver needs to have write access to + At the same time, AOLserver needs to have write access to some files on your system in order for OpenACS to function properly. So, we'll run AOLserver with a different user account for each different service. A service name should be a single @@ -57,72 +47,68 @@ example "service0" might be the service name for the service0.net community. - For the &version;-P and &version;-O Reference Platform, - we'll use a server named service0 and - a user named service0. We'll leave the password - blank for increased security. The only way to log in will be - with ssh certificates. The only people who should log in are + We'll leave the password blank, which prevents login by + password, for increased security. The only way to log in will + be with ssh certificates. The only people who should log in are developers for that specific instance. Add this user, and put - it in the web group so that it - can use database commands associated with that group. + it in the service0 group so that it + can use database and server commands associated with that group. - [root@yourserver root]# useradd -g web service0 -d /home/service0 + [root@yourserver root]# groupadd web +[root@yourserver root]# useradd -g service0 -G web service0 -d /home/service0 [root@yourserver root]# - - Set up database environment variables. They are - necessary for working with the database. - - - [root@yourserver root]# su - service0 -[service0@yourserver service0]$ emacs .bashrc - Put in the appropriate lines for the database you are running. If you will use both databases, put in both sets of lines. - - - PostGreSQL: - export LD_LIBRARY_PATH=LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/usr/local/pgsql/lib -export PATH=$PATH:/usr/local/pgsql/bin - - - Oracle. These environment variables are specific for a local Oracle - installation communicating via IPC. If you are connecting to a remote - Oracle installation, you'll need to adjust these appropriately. Also, - make sure that the '8.1.7' matches your Oracle version. - - export ORACLE_BASE=/ora8/m01/app/oracle -export ORACLE_HOME=$ORACLE_BASE/product/8.1.7 -export PATH=$PATH:$ORACLE_HOME/bin -export LD_LIBRARY_PATH=$ORACLE_HOME/lib:/lib:/usr/lib -export ORACLE_SID=ora8 -export ORACLE_TERM=vt100 -export ORA_NLS33=$ORACLE_HOME/ocommon/nls/admin/data - - - Test this by logging out and back in as - service0 and checking the paths. - [service0@yourserver service0]$ exit -logout -[root@yourserver src]# su - service0 -[postgres@yourserver pgsql]$ env | grep PATH + + + + Install with automated script (EXPERIMENTAL) + Starting with OpenACS 5.0, an experimental script is + available to automate all of the steps for the rest of this section. Requires tclwebtest. If you are not feeling lucky, skip to . + + + Get the install script from CVS: + [root@yourserver root]# su - service0 +[service0@yourserver service0]$ cvs -d :pserver:anonymous@openacs.org:/cvsroot co -d install openacs-4/etc/install +cvs server: Updating install +U install/README +U install/TODO + ... many lines omitted ... +U install/tcl/twt-procs.tcl +U install/tcl/user-procs.tcl +[service0@yourserver service0]$ cd install -For PostGreSQL, you should see: - -LD_LIBRARY_PATH=LD_LIBRARY_PATH=:/usr/local/pgsql/lib -PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:/usr/bin/X11:/usr/X11R6/bin:/root/bin:/usr/local/pgsql/bin:/usr/local/pgsql/bin - For Oracle: - ORACLE_BASE=/ora8/m01/app/oracle -ORACLE_HOME=/ora8/m01/app/oracle/product/8.1.7 -PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:/usr/bin/X11:/usr/X11R6/bin:/root/bin:/ora8/m01/app/oracle/product/8.1.7/bin -LD_LIBRARY_PATH=/ora8/m01/app/oracle/product/8.1.7/lib:/lib:/usr/lib -ORACLE_SID=ora8 -ORACLE_TERM=vt100 -ORA_NLS33=$ORACLE_HOME/ocommon/nls/admin/data - [service0@yourserver service0]$ exit -logout - -[root@yourserver root]# + Edit + /home/service0/install/install.tclinstall.tcl + file and change the values as documented in the file. + Run the file as root. + [service0@yourserver service0]$ exit +[root@yourserver root]# ./home/service0/install/install.sh +/home/service0/install/install.sh: Starting installation with config_file +/home/service0/install/install.tcl. Using serverroot=/var/lib/aolserver/ +service0, server_url=http://0.0.0.0:8000, do_checkout=yes, do_install=yes, +dotlrn=no, and database=postgres., use_daemontools=true + ... many lines omitted ... +./install.sh: Finished (re)installing /var/lib/aolserver/service0 at Wed Nov +5 13:27:17 CET 2003. Access the new site at http://127.0.0.1:8000 with admin +username admin@yourserver.test and password 1 +[root@yourserver root]# +exit +./home/service0/install/install.sh - + + You can proceed to . + + + + Install from tarball + You should already have downloaded the OpenACS tarball + to the /tmp directory. If + not, download the OpenACS + tarball and save it in + /tmp and proceed: + + Unpack the OpenACS tarball and rename it to service0. Secure the directory so that only the owner can access it. Check the permissions by listing the directory. [root@yourserver root]# su - service0 [service0@yourserver service0]$ cd /var/lib/aolserver @@ -148,36 +134,22 @@ Add the Service to CVS (OPTIONAL) - - (This step should be obsoleted by the 5.0.0 tarball, as - these directories will be included in the tarball)Set up several additional directories in the service root: - etc is for configuration and control files, log is for error and request (web page hit) log files, and database-backup is for database backup files. If you did the CVS step, note that these new directories are excluded from that step so that you can decide whether or not you want your logs and config files in source control. - [root@yourserver root]# su - service0 -[service0@yourserver service0]$ mkdir /var/lib/aolserver/service0/etc /var/lib/aolserver/service0/log /var/lib/aolserver/service0/database-backup -[service0@yourserver aolserver]$ exit -logout - -[root@yourserver aolserver]# -su - service0 -mkdir /var/lib/aolserver/service0/etc /var/lib/aolserver/service0/log /var/lib/aolserver/service0/database-backup -exit - - - - - - Prepare Oracle for OpenACS - - If you won't be using Oracle, skip to - + Prepare the database + + + + Prepare Oracle for OpenACS + If you won't be using Oracle, skip to + + You should be sure that your user account (e.g. service0) is in the dba group. - - + + Verify membership by typing groups when you login: @@ -204,7 +176,7 @@ your regular user. - + Connect to Oracle using svrmgrl and login: @@ -215,7 +187,7 @@ Connected. - + Determine where the system tablespaces are stored: @@ -232,7 +204,7 @@ /ora8/m01/app/oracle/oradata/ora8/drsys01.dbf - + Using the above output, you should determine where to store your tablespace. As a general rule, you'll want to store your tablespace on a mount point under the @@ -250,7 +222,7 @@ /ora8/m02/oradata/ora8/. - + Create the directory for the datafile; to do this, exit from svrmgrl and login as root for this step: @@ -264,9 +236,9 @@ root:~# chmod 775 /ora8/m02/oradata/ora8 root:~# exit service0:~$ - + - + Create a tablespace for the service. It is important that the tablespace can autoextend. This @@ -290,14 +262,14 @@ maxsize 300M extent management local uniform size 32K; - + - + Create a database user for this service. Give the user access to the tablespace and rights to connect. We'll use service0password as our password. - + Write down what you specify as service_name (i.e. service0) and database_password @@ -314,13 +286,13 @@ SVRMGR> alter user service0 quota unlimited on service0; SVRMGR> exit; - + Your table space is now ready. In case you are trying to delete a previous OpenACS installation, consult these commands in below. + linkend="install-openacs-delete-tablespace"/> below. - + Make sure that you can login to Oracle using your service_name account: @@ -334,22 +306,28 @@ SQL> exit - + You should see today's date in a format 'YYYY-MM-DD.' If you can't login, try redoing step 1 again. If the date is in the wrong format, make sure you followed the steps outlined in - - - - - - Prepare PostgreSQL for an OpenACS Service - - - Create a user in the database matching the service name. - [root@yourserver root]# su - postgres + + + + + + Prepare PostgreSQL for an OpenACS Service + + + + + PostGreSQL: + Create a user in the database matching the service + name. With default PostGreSQL authentication the name of + the user of the process will be matched to this account + automatically. + [root@yourserver root]# su - postgres [postgres@yourserver pgsql]$ createuser service0 Shall the new user be allowed to create databases? (y/n) y Shall the new user be allowed to create more new users? (y/n) y @@ -358,125 +336,131 @@ logout [root@yourserver root]# - - - Create a database with the same name as our service name, service0. - [root@yourserver root]# su - service0 + + + Create a database with the same name as our service name, service0. + [root@yourserver root]# su - service0 [service0@yourserver service0]$ createdb -E UNICODE service0 CREATE DATABASE [service0@yourserver service0]$ su - service0 createdb -E UNICODE service0 - - - Automate daily database Vacuuming. This is a process which cleans out discarded data from the database. A quick way to automate vacuuming is to edit the cron file for the database user. - - Postgres - Vacuuming - - [service0@yourserver service0]$ export EDITOR=emacs;crontab -e - Add this line to the file. The numbers and stars at the beginning are cron columns that specify when the program should be run - in this case, whenever the minute is 0 and the hour is 1, i.e., 1:00 am every day. - 0 1 * * * /usr/local/pgsql/bin/vacuumdb --analyze service0 - - - Add Full Text Search Support (OPTIONAL) - - - [service0@yourserver service0]$ exit + + + Automate daily database Vacuuming. This is a process which cleans out discarded data from the database. A quick way to automate vacuuming is to edit the cron file for the database user. + + Postgres + Vacuuming + + [service0@yourserver service0]$ export EDITOR=emacs;crontab -e + Add this line to the file. The numbers and stars at the beginning are cron columns that specify when the program should be run - in this case, whenever the minute is 0 and the hour is 1, i.e., 1:00 am every day. + 0 1 * * * /usr/local/pgsql/bin/vacuumdb --analyze service0 + + + Add Full Text Search Support (OPTIONAL) + + + [service0@yourserver service0]$ exit logout [root@yourserver root]# + + + + - - - - - Configure an AOLserver Service for OpenACS - - - + + + Configure an AOLserver Service for OpenACS + + + + + The AOLserver architecture lets you run an arbitrary number of virtual servers. A virtual server is an HTTP service running on a specific port, e.g. port 80. In order for OpenACS to work, you need to configure a virtual server. The Reference Platform uses a configuration file included in the OpenACS tarball, /var/lib/aolserver/service0/etc/config.tcl. Open it in an editor to adjust the parameters. - - AOLserver - configuration - - - [root@yourserver root]# su - service0 + + AOLserver + configuration + + + [root@yourserver root]# su - service0 [service0@yourserver service0]$ cd /var/lib/aolserver/service0/etc [service0@yourserver etc]# emacs config.tcl - + You can continue without changing any values in the file. However, if you don't change address to match the computer's ip address, you won't be able to browse to your server from other machines. - - - httpport - If you want your + + + httpport - If you want your server on a different port, enter it here. The Reference Platform port is 8000, which is suitable for development use. Port 80 is the standard http port - it's the port used by your browser when you enter http://yourserver.test. So you should use port 80 for your production site. - - - httpsport - This is the + + + httpsport - This is the port for https requests. The Reference Platform https port is 8443. If http port is set to 80, httpsport should be 143 to match the standard. - - - + + + address - The IP address of the server. If you are hosting multiple IPs on one computer, this is the address specific to the web site. Each virtual server will ignore any requests directed at other addresses. - - - server - This is the keyword that, by convention, identifies the service. It is also used as part of the path for the service root, as the name of the user for running the service, as the name of the database, and in various dependent places. The Reference Platform uses service0. + + + server - This is the keyword that, by convention, identifies the service. It is also used as part of the path for the service root, as the name of the user for running the service, as the name of the database, and in various dependent places. The Reference Platform uses service0. - - db_name - In almost all cases, + + db_name - In almost all cases, this can be kept as a reference to $server. If for some reason, the tablespace you are using is different than your servername, then you can set it here. You should have a good reason for doing this. - + servername - This is just a *pretty* name for your server. - - - - user_account - The account that + + + + user_account - The account that will both own OpenACS files and connect to the database (for Postgresql). + + + + debug - Set to true for a very verbose error log, including many lines for every page view, success or failure. + + - - debug - Set to true for a very verbose error log, including many lines for every page view, success or failure. - - - - - + AOLServer is very configurable. These settings should get you started, but for more options, read the AOLServer docs. - - - Enable OpenFTS Full Text Search (OPTIONAL) - - - Install nsopenssl + + + Enable OpenFTS Full Text Search (OPTIONAL) + + + Install nsopenssl for SSL support. (OPTIONAL) + + - - - - - Verify AOLserver startup - + + + Verify AOLserver startup + + + Kill any current running AOLserver processes and start a new @@ -532,17 +516,17 @@ Automate AOLserver keepalive (OPTIONAL) - - - - - Configure a Service with the OpenACS Installer - - + + + + + Configure a Service with the OpenACS + Installer + Now that you've got AOLserver up and running, let's install OpenACS &version;. - + You should see a page from the webserver titled @@ -565,17 +549,17 @@ - + Loading package .info files ... this will take a few minutes - + This will really take a few minutes. Have faith! Finally, another Next button will appear at the bottom - click it. - + @@ -612,28 +596,28 @@ you'll need to manually restart your service. [service0@yourserver service0]$ /usr/local/aolserver/bin/nsd-postgres -t /var/lib/aolserver/service0/config.tcl - + Give the server a few minutes to start up. Then reload the final page above. You should see the front page, with an area to login near the upper right. Congratulations, OpenACS &version; is now up and running! + + + + - + + Next Steps + Install Full Text Search (OPTIONAL). If you have installed OpenFTS and enabled OpenFTS, you can now install the OpenFTS Driver package and Full Text Search Engine package in the OpenACS service. - - - - - Next Steps - This is a good time to make a backup of your service. If this is a @@ -651,6 +635,69 @@ Proceed to the tutorial to learn how to develop your own packages. + + Set up database environment variables for the site + user. These settings are necessary for working with the + database while logged in as the service user. They do not + directly affect the service's run-time connection with the + database, because those environmental variables are set by the + wrapper scripts nsd-postgres and nsd-oracle. + + [root@yourserver root]# su - service0 +[service0@yourserver service0]$ emacs .bashrc + Put in the appropriate lines for the database you are running. If you will use both databases, put in both sets of lines. + + + PostGreSQL: + export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/usr/local/pgsql/lib +export PATH=$PATH:/usr/local/pgsql/bin + + + Oracle. These environment variables are specific for a local Oracle + installation communicating via IPC. If you are connecting to a remote + Oracle installation, you'll need to adjust these appropriately. Also, + make sure that the '8.1.7' matches your Oracle version. + + export ORACLE_BASE=/ora8/m01/app/oracle +export ORACLE_HOME=$ORACLE_BASE/product/8.1.7 +export PATH=$PATH:$ORACLE_HOME/bin +export LD_LIBRARY_PATH=$ORACLE_HOME/lib:/lib:/usr/lib +export ORACLE_SID=ora8 +export ORACLE_TERM=vt100 +export ORA_NLS33=$ORACLE_HOME/ocommon/nls/admin/data + + + + Test this by logging out and back in as + service0 and checking the paths. + [service0@yourserver service0]$ exit +logout +[root@yourserver src]# su - service0 +[postgres@yourserver pgsql]$ env | grep PATH + + + + For PostGreSQL, you should see: + +LD_LIBRARY_PATH=LD_LIBRARY_PATH=:/usr/local/pgsql/lib +PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:/usr/bin/X11:/usr/X11R6/bin:/root/bin:/usr/local/pgsql/bin:/usr/local/pgsql/bin + + + For Oracle: + ORACLE_BASE=/ora8/m01/app/oracle +ORACLE_HOME=/ora8/m01/app/oracle/product/8.1.7 +PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:/usr/bin/X11:/usr/X11R6/bin:/root/bin:/ora8/m01/app/oracle/product/8.1.7/bin +LD_LIBRARY_PATH=/ora8/m01/app/oracle/product/8.1.7/lib:/lib:/usr/lib +ORACLE_SID=ora8 +ORACLE_TERM=vt100 +ORA_NLS33=$ORACLE_HOME/ocommon/nls/admin/data + + + [service0@yourserver service0]$ exit +logout + +[root@yourserver root]# + Test your backup and recovery procedure.