Install OpenACS &version;
by Vinod KurupSet up the file system for an OpenACS ServiceThe reference install stores all OpenACS services in
/web, with one subdirectory per
service. The first time you install a service, you must create
that directory and set its permissions:[root@yourserver root]# mkdir /web
[root@yourserver root]# chgrp web /web
[root@yourserver root]# chmod 770 /web
[root@yourserver root]#
mkdir /web
chgrp web /web
chmod 770 /webYou should already have downloaded the OpenACS tarball
to the /tmp directory. If
noot, download the OpenACS
tarball and save it in
/tmp and proceed:Set up your user account.
AOLserver needs to be started as the root user if you want to use
port 80. Once it starts, though, it will drop the root privileges and
run as another user, which you must specify on the command line. It's
important that this user has as few privileges as possible. Why?
Because if an intruder somehow breaks in through AOLserver, you don't
want her to have any ability to do damage to the rest of your
server.At the same time, AOLserver needs to have write access to
some files on your system in order for OpenACS to function
properly. So, we'll run AOLserver with a different user account
for each different service. A service name should be a single
word, letters and numbers only. If the name
of your site is one word, that would be a good choice. For
example "service0" might be the service name for the
service0.net
community.For the &version;-P and &version;-O Reference Platform,
we'll use a server named service0 and
a user named service0. We'll leave the password
blank for increased security. The only way to log in will be
with ssh certificates. The only people who should log in are
developers for that specific instance. Add this user, and put
it in the web group so that it
can use database commands associated with that group.
[root@yourserver root]# useradd -g web service0
[root@yourserver root]#Set up database environment variables. They are
necessary for working with the database.
[root@yourserver root]# su - service0
[service0@yourserver service0]$ emacs .bashrcPut in the appropriate lines for the database you are running. If you will use both databases, put in both sets of lines.PostGreSQL:export LD_LIBRARY_PATH=LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/usr/local/pgsql/lib
export PATH=$PATH:/usr/local/pgsql/binOracle. These environment variables are specific for a local Oracle
installation communicating via IPC. If you are connecting to a remote
Oracle installation, you'll need to adjust these appropriately. Also,
make sure that the '8.1.7' matches your Oracle version.
export ORACLE_BASE=/ora8/m01/app/oracle
export ORACLE_HOME=$ORACLE_BASE/product/8.1.7
export PATH=$PATH:$ORACLE_HOME/bin
export LD_LIBRARY_PATH=$ORACLE_HOME/lib:/lib:/usr/lib
export ORACLE_SID=ora8
export ORACLE_TERM=vt100
export ORA_NLS33=$ORACLE_HOME/ocommon/nls/admin/dataTest this by logging out and back in as
service0 and checking the paths.[service0@yourserver service0]$ exit
logout
[root@yourserver src]# su - service0
[postgres@yourserver pgsql]$ env | grep PATHFor PostGreSQL, you should see:
LD_LIBRARY_PATH=LD_LIBRARY_PATH=:/usr/local/pgsql/lib
PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:/usr/bin/X11:/usr/X11R6/bin:/root/bin:/usr/local/pgsql/bin:/usr/local/pgsql/binFor Oracle:ORACLE_BASE=/ora8/m01/app/oracle
ORACLE_HOME=/ora8/m01/app/oracle/product/8.1.7
PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:/usr/bin/X11:/usr/X11R6/bin:/root/bin:/ora8/m01/app/oracle/product/8.1.7/bin
LD_LIBRARY_PATH=/ora8/m01/app/oracle/product/8.1.7/lib:/lib:/usr/lib
ORACLE_SID=ora8
ORACLE_TERM=vt100
ORA_NLS33=$ORACLE_HOME/ocommon/nls/admin/data[service0@yourserver service0]$ exit
logout
[root@yourserver root]#Unpack the OpenACS tarball and rename it to service0. Secure the directory so that only the owner can access it. Check the permissions by listing the directory.[root@yourserver root]# su - service0
[service0@yourserver service0]$ cd /web
[service0@yourserver web]$ tar xzf /tmp/openacs-4-6.tgz
[service0@yourserver web]$ mv openacs-4-6 service0
[service0@yourserver web]$ chmod -R 700 service0
[service0@yourserver web]$ ls -al
total 3
drwxrwx--- 3 root web 1024 Mar 29 16:41 .
drwxr-xr-x 25 root root 1024 Mar 29 16:24 ..
drwx------ 7 service0 web 1024 Jan 6 14:36 service0
[service0@yourserver web]$ exit
logout
[root@yourserver root]#
su - service0
cd /web
tar xzf /tmp/openacs-4-6.tgz
mv openacs-4-6 service0
chmod -R 700 service0/
ls -al
exitAdd the Service to CVS - OPTIONALcvssetupIf this is a development server, you may want to add it to your local CVS repository.Create and set permissions on a subdirectory in the local cvs repository.[root@yourserver root]# mkdir /cvsroot/service0
[root@yourserver root]# chown service0.web /cvsroot/service0
[root@yourserver root]#
mkdir /cvsroot/service0
chown service0.web /cvsroot/service0Add the repository location to the user environment.[root@yourserver root]# su - service0
[service0@yourserver service0]$ emacs .bashrcPut this string into /home/service0/.bashrc:export CVSROOT=/cvsroot[service0@yourserver service0]$ exit
logout
[root@yourserver root]#Import all files into cvs. In order to work on
files with source control, the files must be checked out
from cvs. So we will import, move aside, and then check
out all of the files. In the cvs import command,
service0
refers to the cvs repository to use; it uses the CVSROOT
plus this string,
i.e.
/cvsroot/service0.
"OpenACS" is the vendor tag, and "openacs-4-6" is the
release tag. These tags will be useful in upgrading and
branching. -m sets the version comment.[root@yourserver root]# su - service0
[service0@yourserver service0]$ cd /web/service0
[service0@yourserver service0]$ cvs import -m "initial install" service0 OpenACS openacs-4-6
N service0/license.txt
N service0/readme.txt
(many lines omitted)
N service0/www/SYSTEM/flush-memoized-statement.tcl
No conflicts created by this import
[service0@yourserver service0]$
su - service0
cd /web/service0
cvs import -m "initial install" service0 OpenACS openacs-4-6Move the original directory to a temporary location, and check out the cvs repository in its place. If the service starts correctly, come back and remove the temporary copy of the uploaded files.[service0@yourserver service0]$ cd ..
[service0@yourserver web]$ mv service0service0.orig
[service0@yourserver web]$ cvs checkout service0
cvs checkout: Updating service0
U service0/license.txt
(many lines omitted)
U service0/www/SYSTEM/dbtest.tcl
U service0/www/SYSTEM/flush-memoized-statement.tcl
[service0@yourserver web]$ exit
logout
[root@yourserver web]#
cd ..
mv service0service0.orig
cvs checkout service0
exitSet up several additional directories in the service root:
etc is for configuration and control files, log is for error and request (web page hit) log files, and database-backup is for database backup files. If you did the CVS step, note that these new directories are excluded from that step so that you can decide whether or not you want your logs and config files in source control.[root@yourserver root]# su - service0
[service0@yourserver service0]$ mkdir /web/service0/etc /web/service0/log /web/service0/database-backup
[service0@yourserver web]$ exit
logout
[root@yourserver web]#
su - service0
mkdir /web/service0/etc /web/service0/log /web/service0/database-backup
exitPrepare Oracle for OpenACSOPTIONAL - if you won't be using Oracle, skip to
You should be sure that your user account
(e.g. service0) is in the
dba group.
Verify membership by typing
groups when you login:
service0:~$ groups
dba web
If you do not see these groups, take the following action:
service0:~$ su -
Password: ************
root:~# adduser service0 dba
If you get an error about an undefined group, then add that group
manually:
root:~# groupadd dba
root:~# groupadd web
Make sure to logout as root when
you are finished with this step and log back in as
your regular user.
Connect to Oracle using
svrmgrl and login:
service0:~$ svrmgrl
SVRMGR> connect internal
Connected.
Determine where the system tablespaces are stored:
SVRMGR> select file_name from dba_data_files;
Example results:
/ora8/m01/app/oracle/oradata/ora8/system01.dbf
/ora8/m01/app/oracle/oradata/ora8/tools01.dbf
/ora8/m01/app/oracle/oradata/ora8/rbs01.dbf
/ora8/m01/app/oracle/oradata/ora8/temp01.dbf
/ora8/m01/app/oracle/oradata/ora8/users01.dbf
/ora8/m01/app/oracle/oradata/ora8/indx01.dbf
/ora8/m01/app/oracle/oradata/ora8/drsys01.dbf
Using the above output, you should determine where
to store your tablespace. As a general rule, you'll want to
store your tablespace on a mount point under the
/ora8 directory that is separate
from the Oracle system data files. By default, the Oracle system
is on m01, so we will use
m02. This enables your Oracle
system and database files to be on separate disks for optimized
performance. For more information on such a configuration, see
Chapter
12 of Philip's
book. For this example, we'll use
/ora8/m02/oradata/ora8/.
Create the directory for the datafile; to do this,
exit from svrmgrl and login as
root for this step:
SVRMGR> exit
service0:~$ su -
Password: ************
root:~# mkdir -p /ora8/m02/oradata/ora8/
root:~# chown service0.web /ora8/m02/oradata/ora8
root:~# chmod 775 /ora8/m02/oradata/ora8
root:~# exit
service0:~$
Create a tablespace for the service. It is important that the
tablespace can autoextend. This
allows the tablespace's storage capacity to grow as the size
of the data grows. We set the pctincrease to be a very low value
so that our extents won't grow geometrically. We do not set
it to 0 at the tablespace level because this would affect
Oracle's ability to automatically coalesce free space in the
tablespace.
service0:~$ svrmgrl
SVRMGR> connect internal;
SVRMGR> create tablespace service0
datafile '/ora8/m02/oradata/ora8/service001.dbf'
size 50M
autoextend on
next 10M
maxsize 300M
extent management local
uniform size 32K;
Create a database user for this service. Give the
user access to the tablespace and rights to connect. We'll use
service0password as our password.
Write down what you specify as service_name
(i.e. service0) and
database_password
(i.e. service0password). You
will need this information for configuring exports and
AOLserver.
SVRMGR> create user service0 identified by service0password default tablespace service0
temporary tablespace temp quota unlimited on service0;
SVRMGR> grant connect, resource, ctxapp, javasyspriv, query rewrite to service0;
SVRMGR> revoke unlimited tablespace from service0;
SVRMGR> alter user service0 quota unlimited on service0;
SVRMGR> exit;
Your table space is now ready. In case you are trying to delete a
previous OpenACS installation, consult these commands in below.
Make sure that you can login to Oracle using your
service_name account: service0:~$ sqlplus service0/service0password
SQL> select sysdate from dual;
SYSDATE
----------
2001-12-20
SQL> exit
You should see today's date in a format 'YYYY-MM-DD.'
If you can't login, try redoing step 1 again. If the date is
in the wrong format, make sure you followed the steps outlined in
Prepare PostgreSQL for an OpenACS ServiceCreate a user in the database matching the service name.[root@yourserver root]# su - postgres
[postgres@yourserver pgsql]$ createuser service0
Shall the new user be allowed to create databases? (y/n) y
Shall the new user be allowed to create more new users? (y/n) y
CREATE USER
[postgres@yourserver pgsql]$ exit
logout
[root@yourserver root]#Create a database with the same name as our service name, service0.[root@yourserver root]# su - service0
[service0@yourserver service0]$ createdb service0
CREATE DATABASE
[service0@yourserver service0]$
su - service0
createdb service0Automate daily database Vacuuming. This is a process which cleans out discarded data from the database. A quick way to automate vacuuming is to edit the cron file for the database user.PostgresVacuuming[service0@yourserver service0]$ export EDITOR=emacs;crontab -eAdd this line to the file. The numbers and stars at the beginning are cron columns that specify when the program should be run - in this case, whenever the minute is 0 and the hour is 1, i.e., 1:00 am every day.0 1 * * * /usr/local/pgsql/bin/vacuumdb service0Add Full Text Search Support - OPTIONALfull text searchinstallationIf you are installing Full Text Search, add required packages to the new database.[service0@yourserver service0]$ /usr/local/pgsql/bin/psql service0 -f /usr/local/src/postgresql-7.2.3/contrib/tsearch/tsearch.sql
BEGIN
CREATE
(many lines omitted)
INSERT 0 1
COMMIT
[service0@yourserver service0]$ /usr/local/pgsql/bin/psql service0 -f /usr/local/src/postgresql-7.2.3/contrib/pgsql_contrib_openfts/openfts.sql
CREATE
CREATE
[service0@yourserver service0]$
/usr/local/pgsql/bin/psql service0 -f /usr/local/src/postgresql-7.2.3/contrib/tsearch/tsearch.sql
/usr/local/pgsql/bin/psql service0 -f /usr/local/src/postgresql-7.2.3/contrib/pgsql_contrib_openfts/openfts.sql[service0@yourserver service0]$ exit
logout
[root@yourserver root]# Configure an AOLserver Service for OpenACS
The AOLserver architecture lets you run an arbitrary number of
virtual servers. A virtual server is an HTTP service running on a
specific port, e.g. port 80. In order for OpenACS to work, you
need to configure a virtual server. The Reference Platform uses a configuration file included in the OpenACS tarball. Copy it to the /web/service0/etc directory and open it in an editor to adjust the parameters.AOLserverconfiguration[root@yourserver root]# su - service0
[service0@yourserver service0]$ cd /web/service0/etc
[service0@yourserver etc]# cp /web/service0/packages/acs-core-docs/www/files/config.tcl.txt config.tcl
[service0@yourserver etc]# emacs config.tcl
You can continue without changing any values in the file. However, if you don't change address to match the computer's ip address, you won't be able to browse to your server from other machines.
httpport - If you want your
server on a different port, enter it here. The Reference Platform port is 8000, which is suitable for development use. Port 80 is the standard http port - it's the port used by your browser when you enter http://yourserver.test. So you should use port 80 for your production site.httpsport - This is the
port for https requests. The Reference Platform https port is
8443. If http port is set to 80, httpsport should be 143 to
match the standard.address - The IP address of the server. If you are hosting multiple IPs on one computer, this is the address specific to the web site. Each virtual server will ignore any requests directed at other addresses.server - This is the keyword that, by convention, identifies the service. It is also used as part of the path for the service root, as the name of the user for running the service, as the name of the database, and in various dependent places. The Reference Platform uses service0.
db_name - In almost all cases,
this can be kept as a reference to $server. If for some reason,
the tablespace you are using is different than your servername,
then you can set it here. You should have a good reason for doing
this.
servername - This is just a *pretty* name for your server.user_account - The account that
will both own OpenACS files and connect to the database (for
Postgresql).debug - Set to true for a very verbose error log, including many lines for every page view, success or failure.
AOLServer is very configurable. These settings should get you
started, but for more options, read the AOLServer
docs.
OPTIONAL: To run OpenFTS, uncomment this line from config.tcl. (To uncomment a line in a tcl file, remove the # at the beginning of the line.)#ns_param nsfts ${bindir}/nsfts.soOPTIONAL: To run nsopenssl:Uncomment this line from config.tcl.#ns_param nsopenssl ${bindir}/nsopenssl.so
Prepare a certificate directory for the service.[service0@yourserver etc]$ mkdir /web/service0/etc/certs
[service0@yourserver etc]$ chmod 700 /web/service0/etc/certs
[service0@yourserver etc]$
mkdir /web/service0/etc/certs
chmod 700 /web/service0/etc/certsIt takes two files to support an SSL connection. The certificate is the public half of the key pair - the server sends the certificate to browser requesting ssl. The key is the private half of the key pair. In addition, the certificate must be signed by Certificate Authority or browsers will protest. Each web browser ships with a built-in list of acceptable Certificate Authorities (CAs) and their keys. Only a site certificate signed by a known and approved CA will work smoothly. Any other certificate will cause browsers to produce some messages or block the site. Unfortunately, getting a site certificate signed by a CA costs money. In this section, we'll generate an unsigned certificate which will work in most browsers, albeit with pop-up messages.Use an OpenSSL perl script to generate a certificate and key.[service0@yourserver service0]$ cd /web/service0/etc/certs
[service0@yourserver certs]$ perl /usr/share/ssl/misc/CA -newcert
Using configuration from /usr/share/ssl/openssl.cnf
Generating a 1024 bit RSA private key
...++++++
.......++++++
writing new private key to 'newreq.pem'
Enter PEM pass phrase:Enter a pass phrase for the CA certificate. Then, answer the rest of the questions. At the end you should see this:Certificate (and private key) is in newreq.pem
[service0@yourserver certs]$newreq.pem contains our certificate and private key. The key is protected by a passphrase, which means that we'll have to enter the pass phrase each time the server starts. This is impractical and unnecessary, so we create an unprotected version of the key. Security implication: if anyone gets access to the file keyfile.pem, they effectively own the key as much as you do. Mitigation: don't use this key/cert combo for anything besides providing ssl for the web site.[root@yourserver misc]# openssl rsa -in newreq.pem -out keyfile.pem
read RSA key
Enter PEM pass phrase:
writing RSA key
[service0@yourserver certs]$ To create the certificate file, we take the combined file, copy it, and strip out the key.[service0@yourserver certs]$ cp newreq.pem certfile.pem
[root@yourserver misc]# emacs certfile.pemStrip out the section that looks like-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,F3EDE7CA1B404997
S/Sd2MYA0JVmQuIt5bYowXR1KYKDka1d3DUgtoVTiFepIRUrMkZlCli08mWVjE6T
(11 lines omitted)
1MU24SHLgdTfDJprEdxZOnxajnbxL420xNVc5RRXlJA8Xxhx/HBKTw==
-----END RSA PRIVATE KEY-----Verify AOLserver startup
Kill any current running AOLserver processes and start a new
one. (Note, if you are using Oracle, rather than PostgreSQL, replace
nsd-postgres with
nsd-oracle). If you are using port 80, you must be root for this step. [service0@yourserver etc]$ killall nsd
nsd: no process killed
[service0@yourserver service0]$ /usr/local/aolserver/bin/nsd-postgres -t /web/service0/etc/config.tcl
[service0@yourserver service0]$ [08/Mar/2003:18:13:29][32131.8192][-main-] Notice: nsd.tcl: starting to read config file...
[08/Mar/2003:18:13:29][32131.8192][-main-] Notice: nsd.tcl: finished reading config file.
Attempt to connect to the service from a web browser as you did
You should specify a URL like:
http://yourserver.test:8000
You should see a page that looks like this. If you imported your files into
cvs, now that you know it worked you can erase the temp
directory with rm -rf /web/service0.orig.
If you don't see the login page, view your error log
(/web/service0/log/service0-error.log)
to make sure the service is starting without any problems. If you
need to make changes, don't forget to kill any running servers with killall nsd.
OPTIONAL - Automate AOLserver keepaliveAssuming AOLserver started cleanly in the previous step, we'll set it up so that it's always running, and automatically restarts whenever it dies or is stopped. This step is strongly recommended, even for development sites, because it makes install and maintenance much simpler. The Reference Platform uses Daemontools to control AOLserver. An earlier method using init, less flexible and reliable, is here.Daemontools must already be installed. If not, install it.Each service controlled by daemontools must have a directory in /service. That directory must have a file called run. Daemontools then creates additional files and directories to track status and log. Create the appropriate directory as /web/service0/etc/daemontools, copy the prepared run file, and set permissions. If your server is not called service0, edit /web/service0/etc/run accordingly.[service0@yourserver log]$ cd /web/service0/etc
[service0@yourserver etc]$ mkdir daemontools
[service0@yourserver etc]$ cp /web/service0/packages/acs-core-docs/www/files/run.txt daemontools/run
[service0@yourserver etc]$ chmod 700 daemontools/runcd /web/service0/etc
mkdir daemontools
cp /web/service0/packages/acs-core-docs/www/files/run.txt daemontools/run
chmod 700 daemontools/runKill any existing AOLserver instances. As root, link the daemontools directory into the /service directory. Daemontools' svscan process checks this directory every five seconds, and will quickly execute run.[service0@yourserver etc]$ killall nsd
nsd: no process killed
[service0@yourserver etc]$ exit
[root@yourserver root]# ln -s /web/service0/etc/daemontools/ /service/service0Verify that AOLserver is running.[root@yourserver root]# ps -auxw | grep nsdservice0 5562 14.2 6.2 22436 15952 ? S 11:55 0:04 /usr/local/aolserver/bin/nsd -it /web/service0/etc/config.tcl -u serve
root 5582 0.0 0.2 3276 628 pts/0 S 11:55 0:00 grep nsd
[root@yourserver root]#The user service0 can now control the service service0 with these commands:svc -d /service/service0 -
Bring the server down
svc -u /service/service0 -
Start the server up and leave it in keepalive mode.
svc -o /service/service0 -
Start the server up once. Do not restart it if it stops.
svc -t /service/service0 -
Stop and immediately restart the server.
svc -k /service/service0 -
Sends the server a KILL signal. This is like KILL -9. AOLserver
exits immediately. If svc -t fails to fully kill AOLserver, use
this option. This does not take the server out of keepalive mode, so it should still bounce back up immediately.
At this point, these commands will work only for the
root user. Grant permission for the web group to use svc commands on the service0 server.[root@yourserver root]# svgroup web /service/service0
[root@yourserver root]#Verify that the controls work. You may want to tail -f /web/service0/log/service0-error.log in another window, so you can see what happens when you type these commands.
Most of this information comes from Tom Jackson's AOLServer+Daemontools
Mini-HOWTO.
Configure a Service with the OpenACS Installer
Now that you've got AOLserver up and running, let's install OpenACS
&version;.
You should see a page from the webserver titled
OpenACS Installation:
Welcome. You will be warned if your version of
the database driver is out of date, if AOLserver cannot connect
to the database, if any modules are missing or out-of-date, or if
there are any problems with filesystem permissions on the server
side. But if everything is fine, you can click
Next to proceed to load the
OpenACS Kernel data model.
The next page shows the results of loading the OpenACS Kernel
data model - be prepared to wait a few minutes as it works. You
should see a string of output messages from the database as the
datamodel is created. You'll see the line:
Loading package .info files ... this will take a few minutes
This will really take a few minutes. Have faith! Finally, another
Next button will appear at the
bottom - click it.
The following page shows the results of loading the core package
data models. You should see positive results for each of the
previously selected packages, but watch out for any
errors. Eventually, the page will display "Generating secret
tokens" and then "Done"- click
Next.
You should see a page, "OpenACS Installation: Create
Administrator" with form fields to define the OpenACS site
administrator. Fill out the fields as appropriate, and click
Create User.
You should see a page, "OpenACS Installation: Set System
Information" allowing you to name your service. Fill out the
fields as appropriate, and click Set System
Information
You'll see the final Installer page, "OpenACS
Installation: Complete." It will tell you that the server is
being restarted; note that unless you already set up a way for
AOLServer to restart itself (ie. inittab or daemontools),
you'll need to manually restart your service.
[service0@yourserver service0]$ /usr/local/aolserver/bin/nsd-postgres -t /web/service0/config.tcl
Give the server a few minutes to start up. Then
reload the final page above. You should see the front page, with
an area to login near the upper right. Congratulations, OpenACS
&version; is now up and running!
OPTIONAL - Install Full Text Search.Click Package Manager on the right side of the default home page. If prompted, log in with the account and password you entered during install.Click on the Install
packages link.On the next screen, after it loads, click on Uncheck all boxes, then click the second checkbox next to OpenFTS Driver 4.2. This will automatically check the first box. Then click Next. Click Install PackagesRestart the service.[service0@yourserver service0]$ svc -t /service/service0
[service0@yourserver service0]$Wait a minute, then browse back to the home page.Click on Site Map on the top right side of the screen.Mount the OpenFTS Full Text Search Engine in the site map.Click the new sub folder link on the "/" line, the first line under Main Site:/.Type openfts
and click New.On the new openfts line, click the mount link.Click OpenFTS
Driver.On the openfts line, click set parameters.Change openfts_tcl_src_path to /usr/local/src/Search-OpenFTS-tcl-0.3.2/ and click Set ParametersMount the Search interface in the site map.Click the
new sub folder link on the
Main Site line. Type search
and click New. Click the new
application link on the search
line. Type search
where it says
untitled, choose
search from the
drop-down list, and click
New.
Restart the service.[service0@yourserver service0]$ svc -t /service/service0
[service0@yourserver service0]$Wait a minute, then click on Main Site at the top of the page.Initialize the OpenFTS Engine. This creates a set of tables in the database to support FTS.Near the bottom of the page, click on the OpenFTS Driver link. Click on Administration.
Click on Initialize OpenFTS Engine.
Click Initialize OpenFTS Engine. Add the FTS Engine service contractClick on the Main
Site. Click on the ACS
Service Contract link near the bottom of the home page. On the FtsEngineDriver
line, click
Install.
Restart the service.[service0@yourserver service0]$ svc -t /service/service0
[service0@yourserver service0]$Test FTS. (INCOMPLETE). Add a package that supports search,like "note," add some content, and search for it.Back up the New Service - OPTIONALThis is a very good time to back the service, even if it's not a production service. Making a backup now lets you roll back to this initial, clean setup at any point in the future, without repeating the install process. A full OpenACS service backup includes everything in the /web/service0/ directory. At this point it's probably sufficient to back up just the database, because you can recover the files from a tarball.Note that, if you did the CVS options in this document, the /web/service0/etc directory is not included in cvs and you may want to add it.PostGreSQLCreate a backup file and verify that it was created and has a reasonable size (several megabytes).[service0@yourserver service0]$ mkdir /web/service0/database-backup
[service0@yourserver service0]$ pg_dump -f /web/service0/database-backup/initial_backup.dmp service0
[service0@yourserver service0]$ ls -al /web/service0/database-backup
total 1425
drwxr-xr-x 2 service0 web 1024 Mar 9 14:13 .
drwx------ 11 service0 web 1024 Mar 9 14:11 ..
-rw-r--r-- 1 service0 web 1449826 Mar 9 14:13 initial_backup.dmp
[service0@yourserver service0]$
mkdir /web/service0/database-backup
pg_dump -f /web/service0/database-backup/initial_backup.dmp service0
ls -al /web/service0/database-backupOracle - INCOMPLETESet up Automated Backup - OPTIONALBackup can encompass all files in /web/service0. For a development server, putting the files in cvs is sufficient. (It's important then to back up the cvs repository!)A quick way to automate database backup is a cron job. This is not recommended for production and is not part of the Reference Platform, because it is not cross-platform and can fail silently. More thorough methods are documented in [service0@yourserver service0]$ export EDITOR=emacs;crontab -eAdd this line to the file. The numbers and stars at the beginning are cron columns that specify when the program should be run - in this case, whenever the minute is 0 and the hour is 1, i.e., 1:00 am every day.0 1 * * * /usr/local/pgsql/bin/pg_dump -f /web/service0/database-backup/service0_$(date +%Y-%m-%d).dmp service0If you plan to back up the whole /web/service0 directory, then it would be redundant to keep a history of database backups. In that case, set up the cron job to overwrite the previous backup each time:0 1 * * * /usr/local/pgsql/bin/pg_dump -f /web/service0/database-backup/service0_nightly.dmp service0Set up Log Analysis Reports - OPTIONALAnalog is a program with processes webserver access logs,
performs DNS lookup, and outputs HTML reports. Analog should
already be
installed. A modified configuration file is included in
the OpenACS tarball.[root@yourserver src]# su - service0
[service0@yourserver service0]$ cd /web/service0
[service0@yourserver service0]$ cp /web/service0/packages/acs-core-docs/www/files/analog.cfg.txt etc/analog.cfg
[service0@yourserver service0]$ mkdir www/log
[service0@yourserver service0]$ cp -r /usr/share/analog-5.31/images www/log/
[service0@yourserver service0]$
su - service0
cd /web/service0
cp /web/service0/packages/acs-core-docs/www/files/analog.cfg.txt etc/analog.cfg
mkdir www/log
cp -r /usr/share/analog-5.31/images www/log/Edit
/web/service0/etc/analog.cfg and change the variable in HOSTNAME "[my
organisation]" to reflect your website title. If you
don't want the traffic log to be publicly visible, change
OUTFILE /web/service0/www/log/traffic.html to use a private
directory.Run it.[service0@yourserver service0]$ /usr/share/analog-5.31/analog -G -g/web/service0/etc/analog.cfg
/usr/share/analog-5.31/analog: analog version 5.31/Unix
/usr/share/analog-5.31/analog: Warning F: Failed to open DNS input file
/home/service0/dnscache: ignoring it
(For help on all errors and warnings, see docs/errors.html)
/usr/share/analog-5.31/analog: Warning R: Turning off empty Search Word Report
[service0@yourserver service0]$Verify that it works by browing to http://yourserver.test:8000/log/traffic.htmlAutomate this by creating a file in
/etc/cron.daily.[service0@yourserver service0]$ exit
logout
[root@yourserver root]# emacs /etc/cron.daily/analogPut this into the file:#!/bin/sh
/usr/share/analog-5.31/analog -G -g/web/service0/etc/analog.cfg[root@yourserver root]# chmod 755 /etc/cron.daily/analogTest it by running the script.[root@yourserver root]# sh /etc/cron.daily/analogBrowse to http://yourserver.test/log/traffic.htmlNext StepsTest your backup and recovery procedure.Follow the instruction on the home page to change the appearance of your service or add more packages.Proceed to the tutorial to learn how to develop your own packages.($Id: openacs.xml,v 1.5.2.5 2003/03/30 05:56:18 joela Exp $)