Skip to content

Operations

Jump to bottom
Urs Joss edited this page Nov 18, 2017 · 24 revisions

Installation

1. Initialize the database

  • Make sure you have a running installation of PostgreSQL (I use 9.6) - make sure it has UTF8 encoding (default on Linux, in case of windows, see here).

1.1. Initialize the Core database

  • Define your choice for the following core-specific properties (I’ll stick with the defaults further down - adjust if you use different ones - and you should at least specify a different password!):

    db_name

    name for the database in your postgres instance (default scipamato)

    flyway.user

    administrative user name for Flyway migration (default scipamadmin)

    flyway.password

    password for above database user (default scipamadmin).

    db_host
    db_port

    Also keep the hostname and the port ready your PostgreSQL listens on (default 8080)

  • Create the database scipamato and the administrative user for the Flyway migrations.

    • As user postgres:

      createdb -E utf8 scipamato

      Start the PostrgreSQL interactive terminal:

      psql
      CREATE USER scipamadmin WITH CREATEROLE PASSWORD 'scipamadmin';
GRANT ALL PRIVILEGES ON DATABASE scipamato to scipamadmin WITH GRANT OPTION;
CREATE USER scipamato PASSWORD 'scipamato';
GRANT CONNECT  ON DATABASE scipamato TO scipamato;
ℹ️
 You’ll be able to change the password for the operational user scipamato later too.

1.2. Initialize the Public database

  • Define your choice for the following public-specific properties (I’ll stick with the defaults further down - adjust if you use different ones - and you should at least specify a different password!):

    db_name

    name for the database in your postgres instance (default scipamato_public)

    flyway.user

    administrative user name for Flyway migration (default scipamadminpub)

    flyway.password

    password for above database user (default scipamadminpub).

    db_host
    db_port

    Also keep the hostname and the port ready your PostgreSQL listens on (default 8081)

  • Create the database scipamato_public and the administrative user for the Flyway migrations.

    • As user postgres:

      createdb -E utf8 scipamato_public

      Start the PostrgreSQL interactive terminal:

      psql
      CREATE USER scipamadminpub WITH CREATEROLE PASSWORD 'scipamadminpub';
GRANT ALL PRIVILEGES ON DATABASE scipamato_public to scipamadminpub WITH GRANT OPTION;
CREATE USER scipamatopub PASSWORD 'scipamatopub';
GRANT CONNECT  ON DATABASE scipamato_public TO scipamatopub;
ℹ️
 You’ll be able to change the password for the operational user scipamato later too.

2. Initialize the application

2.1. Initialize the core application

  • Create a target directory for the application (e.g. /opt/scipamato)

  • Copy the scipamato-core-web-${version}.jar file into the target directory (I’m not showing the version here) and make it executable, e.g. on linux:
    chmod u+x scipamato-core-web.jar

  • Provide the following file application.properties in the target directory (change the server port according your requirements):

    server.port=8080

spring.datasource.hikari.jdbc-url=jdbc:postgresql://${db_host}:${db_port}/scipamato # (1)
db.schema=public

# Database Migration with Flyway flyway.user=scipamadmin
flyway.password=scipamadmin

    1. the port configured with`server.port` should be open for inbound connection. You might need to adjust the firewall accordingly.

      Other configuration options are described in the Configuration-Core Page

  • run the application in order to kick off the DB Flyway migration:

./scipamato-core-web.jar

2.2. Initialize the public application

  • Create a target directory for the application (e.g. /opt/scipamato-public)

  • Copy the scipamato-public-web-${version}.jar file into the target directory (I’m skipping the version here) and make it executable, e.g. on linux:
    chmod u+x scipamato-public-web.jar

  • Provide the following file application.properties in the target directory (change the server port according your requirements):

    server.port=8080

# User name and password for accessing the actuator end-points
security.user.name=admin
security.user.password=admin

spring.datasource.hikari.jdbc-url=jdbc:postgresql://${db_host}:${db_port}/scipamato_public # (1)
db.schema=public

# Database Migration with Flyway flyway.user=scipamadmin
flyway.password=scipamadminpub

    1. the port configured with`server.port` should be open for inbound connection. You might need to adjust the firewall accordingly.

      Other configuration options are described in the Configuration Public Page

  • run the application in order to kick off the DB Flyway migration:

./scipamato-public-web.jar

3. Amend credentials and configuration

You might want to change the password of the operational user scipamato which was created by the Flyway migration. Do so in PostgreSQL and amend the config with the following configuration items:

spring.datasource.hikari.username=scipamato
spring.datasource.hikari.password=${your new password}

4. Test drive your application

4.1. Test drive the core application

Start the core application again and access through the browser:

./scipamato-core-web.jar

Access the application through the web browser, e.g. on http://localhost:8080/ (unless you changed the port in the configration above)

4.2. Test drive the public application

Start the public application again and access through the browser:

./scipamato-public-web.jar

Access the application through the web browser, e.g. on http://localhost:8081/ (unless you changed the port in the configration above)

5. Implement the application into your operational environment and processes

  • Run as service

  • backup

  • monitoring

  • configuration management (e.g. ansible)

  • …​

For more generic information on how to run a spring-boot application, refer to Spring Boot Documentation.

5.1. Monitoring

The spring boot project offers out of the box a number of features for operative purposes, it e.g. exports valuable information through it’s actuator endpoints.

A simple dashboard providing good insight is spring boot admin. SciPaMaTo already contains the maven dependency on spring-boot-admin-starter-client and only lacks the configuration to activate the registration in spring boot admin.

You need to provide the respective configuration parameters to SciPaMaTo (through start parameters, environment variables or a local application.properties - see Externalized Configuration)

5.1.1. Simple Configuration

management.security.enabled=false

spring.boot.admin.client.name=${scipamato.brand} # (1)
spring.boot.admin.url=${sba_url} # (1)
spring.boot.admin.username=${sba_user} # (1)
spring.boot.admin.password=${sba_password} # (1)

  1. ${scipamato.brand}, ${sba_url}, ${sba_user}, and ${sba_password} need to be replaced with the real values used in your environment.

5.2. Primer for config with actuator security in place

It is advised to enable actuator security. However, this requires that SciPaMaTo is accessible through https instead of http, so spring boot admin can securely access the end-points through https.

I have tried this setup with a self signed certificate but did not quite manage to get it running. I suspect it’s because of the certificate, but did not follow up yet. Configuration so far:

spring.boot.admin.client.name=${scipamato.brand}
spring.boot.admin.url=${sba_url}
spring.boot.admin.username=${sba_user}
spring.boot.admin.password=${sba_password}
spring.boot.admin.client.metadata.user.name=${username_for_sba} # (1)
spring.boot.admin.client.metadata.user.password=${pw_for_sba} # (1)

  1. In addition to the placeholders already described in the previous section, you need to specify ${username_for_sba} and ${pw_for_sba}, credentials that are part of the admin role that may access the actuator end points. Those will be passed on to spring batch admin. The latter will use those credentials to retrieve the relevant information from SciPaMaTo.

Resources for enabling https:

SciPaMaTo - the Scientific Paper Management Tool

Clone this wiki locally