From c8a5abfab2d96d8a2069cc0c52585795d8b1e7d9 Mon Sep 17 00:00:00 2001 From: Kaimbacher Date: Thu, 11 Aug 2022 09:52:32 +0000 Subject: [PATCH] Update 'Home' --- Home.md | 426 ++++++++++++++++++++++++++++---------------------------- 1 file changed, 213 insertions(+), 213 deletions(-) diff --git a/Home.md b/Home.md index 992d828..e9ab88e 100644 --- a/Home.md +++ b/Home.md @@ -1,213 +1,213 @@ -# Home - -**TETHYS** - Data Publisher for Geoscience Austria is a digital data library and a data publisher for earth system science. Data can be georeferenced in time (date/time) and space (latitude, longitude, depth/height) - -## Getting Started - -These instructions will get you a copy of the project up and running on your local machine for development and testing purposes. See deployment for notes on how to deploy the project on a live system. - -### Step1: install required system tools and programming languages - -* [System Tools Installation (Ubuntu)](SystemToolsUbuntu) - -### Step 2. install PostgreSQL database - -* [PostgreSQL Installation an database creation (Ubuntu)](PostgreSqlUbuntu) - -### Step 3. install and configure Solr - -* [Solr on Ubuntu](SolrUbuntu) - -### Step 4. Download and Install Tethys - -Please check the official laravel installation guide for server requirements before you start. [Official Documentation](https://laravel.com/docs/6.x/installation#installation) - -Create web folder:\ -`sudo mkdir -p /var/www/tethys-app/` - -`sudo chown -R administrator:administrator /var/www/tethys-app/` - -Clone the repository to your web folder:\ -`git clone https://github.com/geolba/tethys.git /var/www/tethys-app/` - -Switch to the repo folder:\ -`cd /var/www/tethys-app/` - -Install all the dependencies using composer - -`composer install --optimize-autoloader --no-dev` - -Copy the example env file and make the required configuration changes in the .env file - -`cp .env.example .env` - - `.env` - Environment variables can be set in this file - -Configure your database connection in .env-file e.g.: -`nano .env` - -```ini -DB_CONNECTION=pgsql -DB_HOST=localhost -DB_PORT=5432 -DB_DATABASE=tethys -DB_USERNAME=tethys_admin -DB_PASSWORD=new_password_here -DB_SCHEMA=gba -``` - -also set the solr connection string: - -```ini -SOLR_HOST=localhost -SOLR_CORE=tethys_data -``` - -***Note*** : You can quickly set the database information, the solr connection string and other variables in this file and have the application fully working. - -Save and close the file and generate a new application key - -`php artisan key:generate` - -Run the database migrations (**Set the database connection in .env before migrating**) - -`php artisan migrate` - -Grant folder permissions for webserver user - -```ini -sudo chgrp -R www-data storage bootstrap/cache -sudo chmod -R ug+rwx storage bootstrap/cache -``` - -## Local Development - -To develop locally, you must run a local web server. -To run: - -`php artisan serve` - -This will start the server on from the current working directory. - -stop the service: -`Strg + C` - -## Nginx Configuration - -`sudo nano /etc/nginx/sites-available/tethys-app` - -**http-only configuration:** - -```nginx -server { - listen 80; - listen [::]:80; - server_name localhost; - root /var/www/tethys-app/public/; - client_max_body_size 100M; - - index index.html index.htm index.php; - charset utf-8; - - add_header X-Frame-Options "SAMEORIGIN"; - add_header X-XSS-Protection "1; mode=block"; - add_header X-Content-Type-Options "nosniff"; - - location / { - index index.php; - try_files $uri $uri/ /index.php?$query_string; - } - - location = /favicon.ico { access_log off; log_not_found off; } - location = /robots.txt { access_log off; log_not_found off; } - error_page 404 /index.php; - - location ~ \.php$ { - fastcgi_pass unix:/var/run/php/php7.4-fpm.sock; - fastcgi_index index.php; - fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name; - include fastcgi_params; - include fastcgi.conf; - } - - location ~ /\.(?!well-known).* { deny all;} -} -``` - -**alternate https and http configuration:** - -```nginx -server { - listen [::]:443 ssl http2; - listen 443 ssl http2; - server_name localhost; - root /var/www/tethys-app/public/; - client_max_body_size 100M; - - index index.html index.htm index.php; - charset utf-8; - - # path to https-certificate - ssl_certificate /etc/ssl/your_domain.pem; - ssl_certificate_key /etc/ssl/your_domain.key; - ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5; - - add_header X-Frame-Options "SAMEORIGIN"; - add_header X-XSS-Protection "1; mode=block"; - add_header X-Content-Type-Options "nosniff"; - - location / { - index index.php; - try_files $uri $uri/ /index.php?$query_string; - } - - location = /favicon.ico { access_log off; log_not_found off; } - location = /robots.txt { access_log off; log_not_found off; } - error_page 404 /index.php; - - location ~ \.php$ { - fastcgi_pass unix:/var/run/php/php7.4-fpm.sock; - fastcgi_index index.php; - fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name; - include fastcgi_params; - include fastcgi.conf; - } - - location ~ /\.(?!well-known).* { deny all;} -} - -server { - if ($host = repository.geologie.ac.at) { - return 301 https://$host$request_uri; - } - listen 80; - listen [::]:80; - server_name localhost; - return 404; -} -``` - -symlinking the created site to enabled folder:\ -`sudo ln -s /etc/nginx/sites-available/tethys-app /etc/nginx/sites-enabled/` - -test nginx configuration:\ -`sudo nginx -t` - -if everything is successful, reload updated nginx configuration:\ -`sudo service nginx reload` - -The website is available at the following link: - -## Requesting https-certificate - -`sudo certbot certonly --nginx --webroot-path=/var/www/tethys-app/ -d www.your_domain.at -d your_domain.at` - -Adapt the settings 'ssl_certificate' and 'ssl_certificate_key' in the following file /etc/nginx/sites-available/tethys-app:\ -`sudo nano /etc/nginx/sites-available/tethys-app` - -```nginx -ssl_certificate /etc/letsencrypt/live/www.your_domain.at/fullchain.pem; -ssl_certificate_key /etc/letsencrypt/live/www.your_domain.at/privkey.pem; -``` - -Certbot will autmatically renew outdated certificates. Sytemd services 'cerbot.service' and 'certbot.timer' are checking twice daily whether certificates have been expired. +# Home + +**TETHYS** - Data Publisher for Geoscience Austria is a digital data library and a data publisher for earth system science. Data can be georeferenced in time (date/time) and space (latitude, longitude, depth/height) + +## Getting Started + +These instructions will get you a copy of the project up and running on your local machine for development and testing purposes. See deployment for notes on how to deploy the project on a live system. + +### Step1: install required system tools and programming languages + +* [System Tools Installation (Ubuntu)](SystemToolsUbuntu) + +### Step 2. install PostgreSQL database + +* [PostgreSQL Installation an database creation (Ubuntu)](#PostgreSqlUbuntu) + +### Step 3. install and configure Solr + +* [Solr on Ubuntu](SolrUbuntu) + +### Step 4. Download and Install Tethys + +Please check the official laravel installation guide for server requirements before you start. [Official Documentation](https://laravel.com/docs/6.x/installation#installation) + +Create web folder:\ +`sudo mkdir -p /var/www/tethys-app/` + +`sudo chown -R administrator:administrator /var/www/tethys-app/` + +Clone the repository to your web folder:\ +`git clone https://github.com/geolba/tethys.git /var/www/tethys-app/` + +Switch to the repo folder:\ +`cd /var/www/tethys-app/` + +Install all the dependencies using composer + +`composer install --optimize-autoloader --no-dev` + +Copy the example env file and make the required configuration changes in the .env file + +`cp .env.example .env` + + `.env` - Environment variables can be set in this file + +Configure your database connection in .env-file e.g.: +`nano .env` + +```ini +DB_CONNECTION=pgsql +DB_HOST=localhost +DB_PORT=5432 +DB_DATABASE=tethys +DB_USERNAME=tethys_admin +DB_PASSWORD=new_password_here +DB_SCHEMA=gba +``` + +also set the solr connection string: + +```ini +SOLR_HOST=localhost +SOLR_CORE=tethys_data +``` + +***Note*** : You can quickly set the database information, the solr connection string and other variables in this file and have the application fully working. + +Save and close the file and generate a new application key + +`php artisan key:generate` + +Run the database migrations (**Set the database connection in .env before migrating**) + +`php artisan migrate` + +Grant folder permissions for webserver user + +```ini +sudo chgrp -R www-data storage bootstrap/cache +sudo chmod -R ug+rwx storage bootstrap/cache +``` + +## Local Development + +To develop locally, you must run a local web server. +To run: + +`php artisan serve` + +This will start the server on from the current working directory. + +stop the service: +`Strg + C` + +## Nginx Configuration + +`sudo nano /etc/nginx/sites-available/tethys-app` + +**http-only configuration:** + +```nginx +server { + listen 80; + listen [::]:80; + server_name localhost; + root /var/www/tethys-app/public/; + client_max_body_size 100M; + + index index.html index.htm index.php; + charset utf-8; + + add_header X-Frame-Options "SAMEORIGIN"; + add_header X-XSS-Protection "1; mode=block"; + add_header X-Content-Type-Options "nosniff"; + + location / { + index index.php; + try_files $uri $uri/ /index.php?$query_string; + } + + location = /favicon.ico { access_log off; log_not_found off; } + location = /robots.txt { access_log off; log_not_found off; } + error_page 404 /index.php; + + location ~ \.php$ { + fastcgi_pass unix:/var/run/php/php7.4-fpm.sock; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name; + include fastcgi_params; + include fastcgi.conf; + } + + location ~ /\.(?!well-known).* { deny all;} +} +``` + +**alternate https and http configuration:** + +```nginx +server { + listen [::]:443 ssl http2; + listen 443 ssl http2; + server_name localhost; + root /var/www/tethys-app/public/; + client_max_body_size 100M; + + index index.html index.htm index.php; + charset utf-8; + + # path to https-certificate + ssl_certificate /etc/ssl/your_domain.pem; + ssl_certificate_key /etc/ssl/your_domain.key; + ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5; + + add_header X-Frame-Options "SAMEORIGIN"; + add_header X-XSS-Protection "1; mode=block"; + add_header X-Content-Type-Options "nosniff"; + + location / { + index index.php; + try_files $uri $uri/ /index.php?$query_string; + } + + location = /favicon.ico { access_log off; log_not_found off; } + location = /robots.txt { access_log off; log_not_found off; } + error_page 404 /index.php; + + location ~ \.php$ { + fastcgi_pass unix:/var/run/php/php7.4-fpm.sock; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name; + include fastcgi_params; + include fastcgi.conf; + } + + location ~ /\.(?!well-known).* { deny all;} +} + +server { + if ($host = repository.geologie.ac.at) { + return 301 https://$host$request_uri; + } + listen 80; + listen [::]:80; + server_name localhost; + return 404; +} +``` + +symlinking the created site to enabled folder:\ +`sudo ln -s /etc/nginx/sites-available/tethys-app /etc/nginx/sites-enabled/` + +test nginx configuration:\ +`sudo nginx -t` + +if everything is successful, reload updated nginx configuration:\ +`sudo service nginx reload` + +The website is available at the following link: + +## Requesting https-certificate + +`sudo certbot certonly --nginx --webroot-path=/var/www/tethys-app/ -d www.your_domain.at -d your_domain.at` + +Adapt the settings 'ssl_certificate' and 'ssl_certificate_key' in the following file /etc/nginx/sites-available/tethys-app:\ +`sudo nano /etc/nginx/sites-available/tethys-app` + +```nginx +ssl_certificate /etc/letsencrypt/live/www.your_domain.at/fullchain.pem; +ssl_certificate_key /etc/letsencrypt/live/www.your_domain.at/privkey.pem; +``` + +Certbot will autmatically renew outdated certificates. Sytemd services 'cerbot.service' and 'certbot.timer' are checking twice daily whether certificates have been expired.