Non-root proxy
Contents
Task
To build Apache 2 & mod_perl 2 for ePrints 3, installed as a standard user, with no superuser-like access to core services (including Perl and mySQL). The ePrints server will run as a normal user, and be accessed through a central proxy
Preparation
As we are installing software as a normal user (I'll use MyUser in this example), we are not adding any additional Perl modules centrally, but into a local tree. We need a directory to install this tree:
%> mkdir ~/perl5
We also need to be able to install some Perl packages from CPAN, so we need a configuration for that:
To set up cpan install as a non-root user, you need to set up your own ~/.cpan/CPAN/MyConfig.pm
file. Copy one from another user, or find the system-wide one.
You need to edit the values of a few keys in $CPAN::Config
:
'build_dir'
,'cpan_home'
, &'keep_source_where'
all need to be set to the full path for the users .cpan directory (eg:'build_dir' => q[/home/MyUser/.cpan/build],
)'makepl_arg'
needs to be set toPREFIX=/home/MyUser/perl5
- IMPORTANT Be sure to remove the
UNINST=1
option onmake_install_arg
otherwise CPAN will attempt to remove “shadowing” versions of the module installed for the system-wide perl installation
You will need to set up a PERL5LIB
environment variable for the shell (to run the various ePrints scripts). The easy way to work out what you need here is to see what the default library path is, and modify it for your user:
%> perl -V Summary of my perl5 (revision.... [snip] @INC: /some/path/lib/perl5/5.8.0/sun4-solaris /some/path/lib/perl5/5.8.0 /some/path/lib/perl5/site_perl/5.8.0/sun4-solaris /some/path/lib/perl5/site_perl/5.8.0 /some/path/lib/perl5/site_perl
(This was developed on a Sun box, you may have something different to sun4-solaris
)
We replace "/some/path" with the path to our new PREFIX (as defined above):
%> export PERL5LIB=/home/MyUser/perl5/lib/perl5/site_perl/5.8.0/sun4-solaris/: \ /home/MyUser/perl5/lib/perl5/5.8.0/sun4-solaris: \ /home/MyUser/perl5/lib/perl5/5.8.0: \ /home/MyUser/perl5/lib/perl5/site_perl/5.8.0/MyUser: \ /home/MyUser/perl5/lib/perl5/site_perl/5.8.0: \ /home/MyUser/perl5/lib/perl5/site_perl
Add this to the users login/profile scripts (eg .bashrc)
Now we can start installing software.
Apache
Install a base Apache (previously downloaded into ~/distributions):
%> cd ~/distributions/ %> tar xvf httpd-2.2.x.tar %> cd httpd_2.2.x
If you are returning to an existing source-tree, rather than a brand new untar'd bundle, clear any previous setup:
%> make distclean
Now configure and install an initial Apache server:
%> ./configure --prefix=/home/MyUser/www --disable-userdir --disable-status %> make %> make install
Edit http.conf (essentially, the port the server is listening on) and start the web server. Check the error log:
%> cat ~/www/logs/error_log [...] Apache/2.2.x (Unix) Configured -- resuming normal operations
Mod-Perl
Stop web server and install the Mod-Perl extensions (previously downloaded into ~/distributions):
%> cd ~/distributions/ %> tar xvf mod_perl-2.0-current.tar %> cd mod_perl-2.0.x
If you are returning to an existing source-tree, rather than a brand new untar'd bundle, clear any previous setup:
%> make clean
Now configure and install mod-perl into the Apache tree, and (re)install Apache. In this example, I am specifying a version of Perl to use:
%> /path/to/specific/perl Makefile.PL PREFIX="/home/MyUser/perl5" MP_USE_DSO=1 \ MP_APXS="/home/MyUser/www/bin/apxs" \ MP_AP_CONFIGURE="--prefix=/home/MyUser/www --disable-userdir \ --disable-status --enable-module=mod-perl" %> make %> make install
NOTE: Notice that there is a PREFIX defined, which matches the prefix in the CPAN configuration; that we are stating we want mod-perl as a DSO; the full path to the previously installed Apache "apxs" command; and that the configure parameters to be passed to the apache rebuild include enabling mod-perl
Editing the new apache config file
We need to enable the mod-perl module, which I do using one of the Includes:
- In ~/www/conf/httpd.conf, add:
# Mod-Perl Include conf/extra/httpd-perl.conf
- Create ~/www/conf/extra/httpd-perl.conf:
# # Load the Mod_perl DSO. # LoadModule perl_module modules/mod_perl.so PerlSwitches -I/home/MyUser/perl5/lib/perl5/site_perl/5.x.y/sun4-solaris/ \ -I/home/MyUser/perl5/lib/perl5/5.x.y/sun4-solaris \ -I/home/MyUser/perl5/lib/perl5/5.x.y \ -I/home/MyUser/perl5/lib/perl5/site_perl/5.x.y/sun4-solaris \ -I/home/MyUser/perl5/lib/perl5/site_perl/5.x.y \ -I/home/MyUser/perl5/lib/perl5/site_perl
- NOTE: the "PerlSwitches" line tells the Apache server where to look for extra libraries, and matches the PERL5LIB environment variable set earlier.
Start the web server. Check the error log:
%> cat ~/www/logs/error_log [...] Apache/2.2.x (Unix) Configured -- resuming normal operations [...] caught SIGTERM, shutting down [...] Apache/2.2.x (Unix) mod_perl/2.0.x Perl/v5.x.y configured -- resuming normal operations
Stop the web server again.
ePrints
Before you can install ePrints, you need to check the Package requirements. CGI.pm builds against the installed Mod-Perl modules, so may well be wrong. You may need to install your own version.
eg:
%> /path/to/specific/perl -MCPAN -e shell [snip] cpan> install CGI [...] cpan> quit
Now we can install the ePrints software (previously downloaded into ~/distributions):
%> cd ~/distributions/ %> tar xvf eprints-3.zzz.tar %> cd eprints-3.zzz./
There is no option to clean a previously configured eprints tree, so keep going..
%> ./configure --prefix=/home/MyUser/ePrints --with-perl=/path/to/specific/perl --with-user=MyUser \ --with-group=MyUserGroup -with-toolpath=/path/to/tools --disable-diskfree \ --with-smtp-server=your.mail.server
Note: the same version of perl is being defined again, and the /path/to/tools
is a directory to find various external tools (tar
, wget
, (g)unzip
, pdftotext
, lynx
, etc)
... and install:
%> ./install.pl
As we do not have root access to the MySQL database, you will need to get the database administrator to add a user to provide access the MySQL database. Note: Assuming your user is not given GRANT ALL
(its a big security risk) you will need CREATE TEMPORARY TABLES
as well as CREATE
privilages.
Create the basic repository
The trick here is to install a basic eprint repository to match the web server (installed above), and then alter the core configuration to reflect the proxy settings.
%> cd /home/MyUser/ePrints
We also know that the service is going to run as a local user, so the file and directory permissions need to be altered
These are all defined in the file perl_lib/EPrints/SystemSettings.pm
:
$EPrints::SystemSettings::conf = { // snip // 'file_perms' => 0640, // snip // 'dir_perms' => 0775
In EPrints 3, all the configuration is done using the bin/epadmin
.
- Initial configuration
NOTE: EPrints assumes a MySql backend, and the configuration routines assume it. This means that you need to have the mysql libraries available to the perl routines during this process. You may setup a Postgres, Oracle, or "Cloud" storage system once the basic configuration is in place, but you need mysql to kick-start the process.
The command to create the basic framework for a repository is:
bin/epadmin create
- When asked
Configure vital settings? [yes] ?
, say "Yes" and fill in the detailsHostname?
is the actual address of the web server created above, not the public address (we fix that later)Webserver Port [80] ?
is the actual address of the web server created above, not the port for the web server (we fix that later)Archive Name [Test Repository] ?
is the name that the EPrints.org system will use when it dynamically supplies the archive name (using the <epc:pin /> coding)
- When asked
Configure database? [yes] ?
, say "Yes" and fill in the detailsDatabase Name
is the name of the database created for you by the database admin peopleMySQL Host
is the hostname for the serverMySQL Port
MySQL Socket
can probably be left blank, but check with the database admin peopleDatabase User
Database Password
is as per agreed with the database admin people
Create database "Deposit"
NO - you can't, as we don't have that level of access to the database.
Now we need to do the rest of the building-work manually:
When using a database that's not mysql, then you need to tell EPrints what driver to use.
- Edit
archives/<ARCHIVEID>/cfg/cfg.d/database.pl
and add$c->{dbdriver} = "xxxx";
where xxx is the appropriate Perl DBD package (eg Pg for postgreSQL)
- Create the database tables:
bin/epadmin create_tables <ARCHIVEID>
- Create users (I suggest an admin user and a normal user):
bin/epadmin create_user <ARCHIVEID>
- Build the subject tables:
bin/import_subjects <ARCHIVEID> <path/to/subject/file>
Either uselib/defaultcfg/subjects
for the shipped Library Of Congress tree, or download a subject tree from files.eprints.org - Create the static web pages for a basic web site:
bin/generate_static <ARCHIVEID>
- Create pages of abstracts:
bin/generate_abstracts <ARCHIVEID>
(should do nothing, as there are no abstracts in the system) - Create the browse pages:
bin/generate_views <ARCHIVEID>
Configuring the repository:
Generate the apache configuration files.
cd /home/MyUser/ePrints bin/generate_apacheconf
Edit httpd.conf to include the generated apache.conf:
# EPrints Include /home/MyUser/ePrints/cfg/apache.conf
Remove the document root and cgi-bin stuff from the httpd.conf file (the name and the <directory> section)
Add access permissions to the <Directory "/home/MyUser/ePrints/cgi">
section in ePrints/archives/<ARCHIVEID>/cfg/auto-apache.conf
:
Order deny,allow Allow from all
EPrints produces absolute URLs for everything (http://web.host.name/
), so we need to ensure that the repository uses the correct address. Edit archives/ARCHIVEID/cfg/cfg.d/10_core.pl
$c->{host} = 'public.host.name.org'; $c->{port} = '80';
Fix a bug-ette
There is a problem that has been found on a number of systems where the system goes into a loop of reporting
[warn] (128)Network is unreachable: connect to listener on [::]:<PORTNO>
The solution is to alter the "Listen" directive to include an IP number. Either use the IP number for the host, or cheat:
Listen: 0.0.0.0:<PORTNO>
Start web server. Check the error log:
%> cat ~/www/logs/error_log [...] Apache/2.2.0 (Unix) Configured -- resuming normal operations [...] caught SIGTERM, shutting down [...] Apache/2.2.0 (Unix) mod_perl/2.0.2 Perl/v5.8.0 configured -- resuming normal operations [...] [notice] caught SIGTERM, shutting down EPrints archives loaded: <ARCHIVEID> EPrints archives loaded: <ARCHIVEID> [...] Apache/2.2.0 (Unix) mod_perl/2.0.2 Perl/v5.8.0 configured -- resuming normal operations
GLORY IN YOUR NEW EPRINTS SYSTEM!!!!
To modify the general layout of the page, edit ePrints/archives/<ARCHIVEID>/cfg/template-en.xml
and then re-run .../bin/generate_static <ARCHIVEID>