Get AOLserver and modules Download AOLserver and modules from CVS. Install Tcl if it is not installed yet.Comments:
- one should base the documentation on releases, not on head versions. So, just relying on the head version of github is not recommended for beginners.
- newer versions of aolserver have ns_cache included (4.5.1 or newer). no need for the extra module listed below.
- using "aolserver40r10" as name for the install directory is strange, especially, when the release is not 4.0.10
[root root]# mkdir -p /usr/local/src/aolserver40r10/ [root root]# git clone git://github.com/aolserver/aolserver.git /usr/local/src/aolserver40r10/aolserver/ [root root]# git clone git://github.com/aolserver/nssha1.git /usr/local/src/aolserver40r10/nssha1/ [root root]# git clone git://github.com/aolserver/nspostgres.git /usr/local/src/aolserver40r10/nspostgres/ [root root]# git clone git://github.com/aolserver/nsoracle.git /usr/local/src/aolserver40r10/nsoracle/ [root root]# cd /usr/local/src/aolserver40r10 [root root]# cvs -z3 -d:pserver:email@example.com:/cvsroot/aolserver co nscache
[root aolserver]# cvs -z3 -d:pserver:firstname.lastname@example.org:/usr/local/pubcvs co tdom [root aolserver]# wget http://heanet.dl.sourceforge.net/sourceforge/tcllib/tcllib-1.10.tar.bz2 [root aolserver]# wget http://media.wu-wien.ac.at/download/xotcl-1.6.7.tar.gz
Configure, compile and install AOLserver. Many people need to run more than one version of AOLserver in parallel. This section accomodates future upgrades by installing AOLserver 4 in /usr/local/aolserver40r10.
[root aolserver]# cd /usr/local/src/aolserver40r10/aolserver [root aolserver]# ./configure --prefix=/usr/local/aolserver40r10 \ --with-tcl=/usr/local/lib/ \ --enable-threads [root aolserver]# make [root aolserver]# make install
If this is the only version of AOLserver in use, or is the default version, create a symlink. If not, then be sure to use /usr/local/aolserver40r10 instead of /usr/local/aolserver in future steps and check any scripts and makefiles you run to ensure they use the correct path.
[root aolserver]# ln -s /usr/local/aolserver40r10 /usr/local/aolserver
Configure, compile and install the modules.
OpenACS looks for the Oracle driver at /usr/local/aolserver/bin/ora8.so, but some versions of nsoracle may create nsoracle.so instead. In that case, you can symlink (ln -s nsoracle.so ora8.so) to fix it.
[root aolserver]# cd /usr/local/src/aolserver40r10/nscache [root nscache]# make install AOLSERVER=/usr/local/aolserver40r10
[root nscache]# cd ../nsoracle [root nsoracle]# make install AOLSERVER=/usr/local/aolserver40r10
[root nscache]# cd ../nspostgres [root nspostgres]# export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/usr/local/pgsql/lib [root nspostgres]# make install POSTGRES=LSB \ ACS=1 \ INST=/usr/local/aolserver40r10 \ AOLSERVER=/usr/local/aolserver40r10
You might try POSTGRES=PG_CONFIG if that does not work.
If you get errors like:
nspostgres.c: In function `Ns_PgTableList': nspostgres.c:679: warning: passing arg 3 of `Tcl_DStringAppend' as signed due to prototype
then PostGreSQL is probably not in the standard location.
[jiml at cvs openacs here.] There are -new- (as of within 2nd quarter 2007) changes to nspostgres, there have been expansions of the ways to locate postgres, and changes to some error reporting. Please read the README and the Makefile. The nspostgres build can now use postgres's pg_config to locate a particular postgres installation. [jiml out]
The location of PostGreSQL is very dependent on which method was used to install it. To correct the problem, replace LSB with the path to the path to your PostGreSQL installation. Often this is /usr/local/pgsql.
Another possibility is that you may need to set the LD_LIBRARY_PATH environmental variable. You may still get warnings, but sometimes this will fix things enough to work.
[root nspostgres]# export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/usr/local/pgsql/lib
You can use the ldd command to verify that all libraries are linked in: ldd /usr/local/src/aolserver40r10/nspostgres/nspostgres.so
If you run into problems with libpq.a do the following (and repeat the step above)
[root nspostgres]# ranlib /usr/local/pgsql/lib/libpq.a
If you run into problems with the linker, edit the Makefile. Add -lnsdb to the MODLIBS var.
MODLIBS = -L$(PGLIB) -lpq -lnsdb
[root nspostgres]# cd ../nssha1
Now install nssha1:
[root nssha1]# make install NSHOME=/usr/local/aolserver40r10
If the make fails you will have to edit nssha1.c. Comment out the following 2 lines (lines 139-140):
// typedef unsigned int u_int32_t; // typedef unsigned char u_int8_t;
Install tDOM Note, if you use bash31 you need to apply a patch, see http://openacs.org/forums/message-view?message_id=369867 for details.
[root nssha1]# cd ../tDOM-0.8.0/unix
Edit the CONFIG file. Uncomment the instructions meant for AOLserver 4, but edit it to look like this:
../configure --enable-threads --disable-tdomalloc --prefix=/usr/local/aolserver40r10 --with-tcl=/usr/local/src/aolserver40r10/tcl-8.4.14/unix
Now you can compile and configure tDOM
[root unix]# sh CONFIG [root unix]# make install
[root aolserver]# cd /usr/local/src/aolserver40r10 [root aolserver]# tar xvfj tcllib-1.10.tar.bz2 [root aolserver]# cd tcllib-1.10 [root aolserver]# ./configure --prefix=/usr/local/aolserver40r10 [root aolserver]# make install
[root aolserver]# cd /usr/local/src/aolserver40r10 [root aolserver]# tar xvfz xotcl-1.6.7.tar.gz [root aolserver]# cd xotcl-1.6.7/ [root aolserver]# export CC=gcc [root aolserver]# ./configure --enable-threads --enable-symbols \ --prefix=/usr/local/aolserver40r10 \ --exec-prefix=/usr/local/aolserver40r10 \ --with-tcl=/usr/local/src/aolserver40r10/tcl8.4.14/unix [root aolserver]# make [root aolserver]# make install-aol
Add a database-specific wrapper script. This script sets database environment variables before starting AOLserver; this allows the AOLserver instance can communicate with the database. There is one script each for Oracle and PostgreSQL. They don't conflict, so if you plan to use both databases, install both. Note that this section requires you to have the OpenACS, which you can get through CVS, through a tarball, or by other means. You can come back to this section after you acquire the OpenACS code, but don't forget to come back. (Note to maintainers: this should be moved to the next page and integrated into the text there)
[root aolserver]# cd /usr/local/aolserver40r10/bin [root bin]# cp /tmp/openacs-5.2.0d1/packages/acs-core-docs/www/files/nsd-oracle.txt ./nsd-oracle [root bin]# chmod 750 nsd-oracle [root bin]#
[root aolserver]# cd /usr/local/aolserver40r10/bin [root bin]# cp /var/tmp/openacs-5.2.0d1/packages/acs-core-docs/www/files/nsd-postgres.txt ./nsd-postgres [root bin]# chmod 755 nsd-postgres [root bin]#
You may need to edit these scripts if you are not using /usr/local/aolserver as the directory of Aolserver4.
Test AOLserver. We will use the sample-config.tcl file provided in the AOLserver distribution to test AOLserver. This test will use the nobody user and web group. The sample-config.tcl configuration writes to the default log locations, so we need to give it permission to do so or it will fail. Grant the web group permission to write to /usr/local/aolserver/log and /usr/local/aolserver/servers.
[root root]# cd /usr/local/aolserver [root aolserver]# chown -R root.web log servers [root aolserver]# chmod -R g+w log servers [root aolserver]# ls -l total 32 drwxr-sr-x 2 root root 4096 Mar 8 12:57 bin drwxr-xr-x 3 root root 4096 Mar 8 10:34 include drwxr-sr-x 3 root root 4096 Mar 8 10:34 lib drwxrwsr-x 2 root web 4096 Mar 8 10:31 log drwxr-sr-x 3 root root 4096 Mar 8 10:31 modules -rw-r--r-- 1 root root 7320 Mar 31 2001 sample-config.tcl drwxrwsr-x 3 root web 4096 Mar 8 10:31 servers [root aolserver]#
Note: AOLserver4.x does not include a default start page, so we create one for this test. Type echo "Welcome to AOLserver" > /usr/local/aolserver40r10/servers/server1/pages/index.html
Now, run AOLserver using the sample configuration to verify it runs without errors. This configuration attempts to automatically get the machine's IP address and hostname. It will then start up the server at port 8000 of that IP address.
[root aolserver]# ./bin/nsd -t sample-config.tcl -u nobody -g web [root aolserver]# [08/Mar/2003:15:07:18][31175.8192][-main-] Notice: config.tcl: starting to read config file... [08/Mar/2003:15:07:18][31175.8192][-main-] Warning: config.tcl: nsssl not loaded -- key/cert files do not exist. [08/Mar/2003:15:07:18][31175.8192][-main-] Warning: config.tcl: nscp not loaded -- user/password is not set. [08/Mar/2003:15:07:18][31175.8192][-main-] Notice: config.tcl: finished reading config file.
The first warning, about nsssl, can be ignored. We will not be using nsssl; we will be using nsopenssl instead. The nssl error happens because we have not fully configured secure connections to use nsopenssl. The nscp warning means that without a user and password in the sample-config.tcl file, the administrative panel of AOLserver will not load. We do not plan to use it and can ignore that error as well. Any other warning or error is unexpected and probably indicates a problem.
Test to see if AOLserver is working by starting Mozilla or Lynx on the same computer and surfing over to your web page. If you browse from another computer and the sample config file didn't guess your hostname or ip correctly, you will get a false negative test.
[root aolserver]# lynx localhost:8000
You should see a "Welcome to AOLserver" page. If this does not work, try browsing to http://127.0.0.1:8000/. If this still does not work, read the en:aolserver-admin section on "Troubleshooting AOLserver". Note that you will not be able to browse to the web page from another machine, because AOLserver is only listening to the local address.
Shutdown the test server:
[root aolserver]# killall nsd [root aolserver]#
The killall command will kill all processes with the name nsd, but clearly this is not a good tool to use for managing your services in general. We cover this topic in en:aolserver-admin section.
This should already have been done, according to the instructions at the bottom of this page: en:Get_the_Code
AOLserver needs to be started as the root user if you want to use port 80. Once it starts, though, it will drop the root privileges and run as another user, which you must specify on the command line. This user should have as few privileges as possible, because if an intruder somehow breaks in through AOLserver, you do not want the intruder to have any ability to do damage to the rest of your server.
At the same time, AOLserver needs to have write access to some files on your system in order for OpenACS to function properly. So, we run AOLserver with a different user account for each different service. Create the username as $OPENACS_SERVICE_NAME.
The password should be blank, to prevent login by password, for increased security. The only way to log in will be with ssh certificates. The only people who should log in are developers for that specific instance. Add this user, and put it in the $OPENACS_SERVICE_NAME group so that it can use database and server commands associated with that group. (If you don't know how to do this, type man usermod. You can type groups to find out which groups a user is a part of)
[root root]# useradd $OPENACS_SERVICE_NAME
You also need to set up a group called web.
[root root]# groupadd web
Then change the user to be a part of this group:
[root root]# usermod -g web $OPENACS_SERVICE_NAME