Install OpenACS distribution
You should have an OpenACS distribution downloaded and available at /var/lib/aolserver/$OPENACS_SERVICE_NAME, otherwise en:Get_the_Code.
A bash script is available to automate all of the steps for the rest of this section. It requires tclwebtest. The automated script can greatly accelerate the install process, but is very sensitive to the install environment. We recommend that you run the automated install and, if it does not work the first time, consider switching to a manual installation.
Get the install script from CVS. It is located within the main cvs tree, at /etc/install. Use anonymous CVS checkout to get that directory in the home directory of the service's dedicated user. We put it there so that it is not overwritten when we do the main CVS checkout to the target location.
[root root]# su - $OPENACS_SERVICE_NAME [$OPENACS_SERVICE_NAME $OPENACS_SERVICE_NAME]$ cvs -d :pserver:firstname.lastname@example.org:/cvsroot co -d install openacs-4/etc/install cvs server: Updating install U install/README U install/TODO ... many lines omitted ... U install/tcl/twt-procs.tcl U install/tcl/user-procs.tcl [$OPENACS_SERVICE_NAME $OPENACS_SERVICE_NAME]$ cd install [$OPENACS_SERVICE_NAME install]$ emacs install.tcl
Edit the installation configuration file, /home/$OPENACS_SERVICE_NAME/install/install.tcl and update the site-specific values, such as the new service's IP address and name, which will be written into the new service's config.tcl file. If your system is different from the one described in the previous sections, check the file paths as well. Set do_checkout=yes to create a new OpenACS site directly from a CVS checkout, or =no if you have a fully configured site and just want to rebuild it (drop and recreate the database and repeat the installation). If you have followed a stock installation, the default configuration will work without changes and will install an OpenACS site at 127.0.0.1:8000.
Run the install script install.sh as root:
[$OPENACS_SERVICE_NAME $OPENACS_SERVICE_NAME]$ exit [root root]# sh /home/$OPENACS_SERVICE_NAME/install/install.sh /home/$OPENACS_SERVICE_NAME/install/install.sh: Starting installation with config_file /home/$OPENACS_SERVICE_NAME/install/install.tcl. Using serverroot=/var/lib/aolserver/ $OPENACS_SERVICE_NAME, server_url=http://0.0.0.0:8000, do_checkout=yes, do_install=yes, dotlrn=no, and database=postgres., use_daemontools=true ... many lines omitted ... Tue Jan 27 11:50:59 CET 2004: Finished (re)installing /var/lib/aolserver/$OPENACS_SERVICE_NAME. ###################################################################### New site URL: http://127.0.0.1:8000 admin email : email@example.com admin password: xxxx ###################################################################### [root root]#
Secure the directory so that only the owner can access it. Check the permissions by listing the directory.
[root root]# su - $OPENACS_SERVICE_NAME [$OPENACS_SERVICE_NAME $OPENACS_SERVICE_NAME]$ cd /var/lib/aolserver [$OPENACS_SERVICE_NAME aolserver]$ tar xzf /var/tmp/openacs-5.2.0d1.tgz [$OPENACS_SERVICE_NAME aolserver]$ mv openacs-5.2.0d1 $OPENACS_SERVICE_NAME [$OPENACS_SERVICE_NAME aolserver]$ chmod -R 775 $OPENACS_SERVICE_NAME [$OPENACS_SERVICE_NAME aolserver]$ chown -R $OPENACS_SERVICE_NAME.$OPENACS_SERVICE_NAME $OPENACS_SERVICE_NAME [$OPENACS_SERVICE_NAME aolserver]$ ls -al total 3 drwxrwx--- 3 root web 1024 Mar 29 16:41 . drwxr-xr-x 25 root root 1024 Mar 29 16:24 .. drwx------ 7 $OPENACS_SERVICE_NAME web 1024 Jan 6 14:36 $OPENACS_SERVICE_NAME [$OPENACS_SERVICE_NAME aolserver]$ exit logout [root root]# su - $OPENACS_SERVICE_NAME cd /var/lib/aolserver tar xzf /var/tmp/openacs-5.2.0d1.tgz mv openacs-5.2.0d1 $OPENACS_SERVICE_NAME chmod -R 755 $OPENACS_SERVICE_NAME chown -R $OPENACS_SERVICE_NAME.$OPENACS_SERVICE_NAME $OPENACS_SERVICE_NAME exit
Prepare the database
Prepare Oracle for OpenACS. If you won't be using Oracle, skip to Prepare PostgreSQL for an OpenACS Service
You should be sure that your user account (e.g. $OPENACS_SERVICE_NAME) is in the dba group.
Verify membership by typing groups when you login:
[$OPENACS_SERVICE_NAME ~]$ groups dba web
If you do not see these groups, take the following action:
[$OPENACS_SERVICE_NAME ~]$ su - Password: ************ [root ~]# adduser $OPENACS_SERVICE_NAME dba
If you get an error about an undefined group, then add that group manually:
[root ~]# groupadd dba [root ~]# groupadd web
Make sure to logout as root when you are finished with this step and log back in as your regular user.
Connect to Oracle using svrmgrl and login:
[$OPENACS_SERVICE_NAME ~]$ svrmgrl SVRMGR> connect internal Connected.
Determine where the system tablespaces are stored:
SVRMGR> select file_name from dba_data_files;
/ora8/m01/app/oracle/oradata/ora8/system01.dbf /ora8/m01/app/oracle/oradata/ora8/tools01.dbf /ora8/m01/app/oracle/oradata/ora8/rbs01.dbf /ora8/m01/app/oracle/oradata/ora8/temp01.dbf /ora8/m01/app/oracle/oradata/ora8/users01.dbf /ora8/m01/app/oracle/oradata/ora8/indx01.dbf /ora8/m01/app/oracle/oradata/ora8/drsys01.dbf
Using the above output, you should determine where to store your tablespace. As a general rule, you'll want to store your tablespace on a mount point under the /ora8 directory that is separate from the Oracle system data files. By default, the Oracle system is on m01, so we will use m02. This enables your Oracle system and database files to be on separate disks for optimized performance. For more information on such a configuration, see Chapter 12 of Philip's book. For this example, we'll use /ora8/m02/oradata/ora8/.
Create the directory for the datafile; to do this, exit from svrmgrl and login as root for this step:
SVRMGR> exit [$OPENACS_SERVICE_NAME ~]$ su - Password: ************ [root ~]# mkdir -p /ora8/m02/oradata/ora8/ [root ~]# chown $OPENACS_SERVICE_NAME:web /ora8/m02/oradata/ora8 [root ~]# chmod 775 /ora8/m02/oradata/ora8 [root ~]# exit [$OPENACS_SERVICE_NAME ~]$
Create a tablespace for the service. It is important that the tablespace can autoextend. This allows the tablespace's storage capacity to grow as the size of the data grows. We set the pctincrease to be a very low value so that our extents won't grow geometrically. We do not set it to 0 at the tablespace level because this would affect Oracle's ability to automatically coalesce free space in the tablespace.
[$OPENACS_SERVICE_NAME ~]$ svrmgrl SVRMGR> connect internal; SVRMGR> create tablespace $OPENACS_SERVICE_NAME datafile '/ora8/m02/oradata/ora8/$OPENACS_SERVICE_NAME01.dbf' size 50M autoextend on next 10M maxsize 300M extent management local uniform size 32K;
Create a database user for this service. Give the user access to the tablespace and rights to connect. We'll use $OPENACS_SERVICE_NAMEpassword as our password.
Write down what you specify as service_name (i.e. $OPENACS_SERVICE_NAME) and database_password (i.e. $OPENACS_SERVICE_NAMEpassword). You will need this information for configuring exports and AOLserver.
SVRMGR> create user $OPENACS_SERVICE_NAME identified by $OPENACS_SERVICE_NAMEpassword default tablespace $OPENACS_SERVICE_NAME temporary tablespace temp quota unlimited on $OPENACS_SERVICE_NAME; SVRMGR> grant connect, resource, ctxapp, javasyspriv, query rewrite, create view, create synonym to $OPENACS_SERVICE_NAME; SVRMGR> revoke unlimited tablespace from $OPENACS_SERVICE_NAME; SVRMGR> alter user $OPENACS_SERVICE_NAME quota unlimited on $OPENACS_SERVICE_NAME; SVRMGR> exit;
Your table space is now ready. In case you are trying to delete a previous OpenACS installation, consult these commands in the section called “Deleting a tablespace” below.
Make sure that you can login to Oracle using your service_name account:
[$OPENACS_SERVICE_NAME ~]$ sqlplus $OPENACS_SERVICE_NAME/$OPENACS_SERVICE_NAMEpassword SQL> select sysdate from dual; SYSDATE ---------- 2001-12-20 SQL> exit;
You should see today's date in a format 'YYYY-MM-DD.' If you can't login, try redoing step 1 again. If the date is in the wrong format, make sure you followed the steps outlined in the section called “Troubleshooting Oracle Dates”
Create a user in the database matching the service name. With default PostgreSQL authentication, a system user connecting locally automatically authenticates as the postgres user of the same name, if one exists. We currently use postgres "super-users" for everything, which means that anyone with access to any of the openacs system accounts on a machine has full access to all postgresql databases on that machine.
[root root]# su - postgres [postgres pgsql]$ createuser -a -d $OPENACS_SERVICE_NAME CREATE USER [postgres pgsql]$ exit logout [root root]#
[root root]# su - $OPENACS_SERVICE_NAME [$OPENACS_SERVICE_NAME $OPENACS_SERVICE_NAME]$ createdb -E UNICODE $OPENACS_SERVICE_NAME CREATE DATABASE
Automate daily database Vacuuming. This is a process which cleans out discarded data from the database. A quick way to automate vacuuming is to edit the cron file for the database user. Recommended: VACUUM ANALYZE every hour and VACUUM FULL ANALYZE every day.
[$OPENACS_SERVICE_NAME $OPENACS_SERVICE_NAME]$ export EDITOR=emacs;crontab -e
Add these lines to the file. The vacuum command cleans up temporary structures within a PostGreSQL database, and can improve performance. We vacuum gently every hour and completely every day. The numbers and stars at the beginning are cron columns that specify when the program should be run - in this case, whenever the minute is 0 and the hour is 1, i.e., 1:00 am every day, and every (*) day of month, month, and day of week. Type man 5 crontab for more information.
0 1-23 * * * /usr/local/pgsql/bin/vacuumdb --analyze $OPENACS_SERVICE_NAME 0 0 * * * /usr/local/pgsql/bin/vacuumdb --full --analyze $OPENACS_SERVICE_NAME
Depending on your distribution, you may receive email when the crontab items are executed. If you don't want to receive email for those crontab items, you can add > /dev/null 2>&1 to the end of each crontab line
Configure an AOLserver Service for OpenACS.
The AOLserver architecture lets you run an arbitrary number of virtual servers. A virtual server is an HTTP service running on a specific port, e.g. port 80. In order for OpenACS to work, you need to configure a virtual server. The Reference Platform uses a configuration file included in the OpenACS tarball, /var/lib/aolserver/$OPENACS_SERVICE_NAME/etc/config.tcl. Open it in an editor to adjust the parameters.
[root root]# su - $OPENACS_SERVICE_NAME [$OPENACS_SERVICE_NAME $OPENACS_SERVICE_NAME]$ cd /var/lib/aolserver/$OPENACS_SERVICE_NAME/etc [$OPENACS_SERVICE_NAME etc]$ emacs config.tcl
You can continue without changing any values in the file. However, if you don't change address to match the computer's ip address, you won't be able to browse to your server from other machines. See en:aolserver-admin for an explanation of some other values you might want to change in the config.tcl file.
Verify AOLserver startup.
Kill any current running AOLserver processes and start a new one. The recommended way to start an AOLserver process is by running the included script, /var/lib/aolserver/$OPENACS_SERVICE_NAME/etc/daemontools/run. If you are not using the default file paths and names, you will need to edit run.
If you want to use port 80, there are complications. AOLserver must be root to use system ports such as 80, but refuses to run as root for security reasons. So, we call the run script as root and specify a non-root user ID and Group ID which AOLserver will switch to after claiming the port. To do so, find the UID and GID of the $OPENACS_SERVICE_NAME user via grep $OPENACS_SERVICE_NAME /etc/passwd and then put those numbers into the command line via -u 501 -g 502. In AOLserver 4, you must also send a -b flag. Do this by editing the run file as indicated in the comments.
If you are root then killall will affect all OpenACS services on the machine, so if there's more than one you'll have to do ps -auxw | grep nsd and selectively kill by job number.
[$OPENACS_SERVICE_NAME etc]$ killall nsd nsd: no process killed [$OPENACS_SERVICE_NAME $OPENACS_SERVICE_NAME]$ /usr/local/aolserver/bin/nsd-postgres -t /var/lib/aolserver/$OPENACS_SERVICE_NAME/etc/config.tcl [$OPENACS_SERVICE_NAME $OPENACS_SERVICE_NAME]$ [08/Mar/2003:18:13:29][32131.8192][-main-] Notice: nsd.tcl: starting to read config file... [08/Mar/2003:18:13:29][32131.8192][-main-] Notice: nsd.tcl: finished reading config file.
Configure a Service with the OpenACS Installer. Now that you've got AOLserver up and running, let's install OpenACS 5.2.0d1.
You should see a page from the webserver titled OpenACS Installation: Welcome. You will be warned if your version of the database driver is out of date, if AOLserver cannot connect to the database, if any modules are missing or out-of-date, or if there are any problems with filesystem permissions on the server side. But if everything is fine, you can click Next to proceed to load the OpenACS Kernel data model.
The next page shows the results of loading the OpenACS Kernel data model - be prepared to wait a few minutes as it works. You should see a string of output messages from the database as the datamodel is created. You'll see the line:
Loading package .info files ... this will take a few minutes
This will really take a few minutes. Have faith! Finally, another Next button will appear at the bottom - click it.
The following page shows the results of loading the core package data models. You should see positive results for each of the previously selected packages, but watch out for any errors. Eventually, the page will display "Generating secret tokens" and then "Done"- click Next.
You should see a page, "OpenACS Installation: Create Administrator" with form fields to define the OpenACS site administrator. Fill out the fields as appropriate, and click Create User.
You should see a page, "OpenACS Installation: Set System Information" allowing you to name your service. Fill out the fields as appropriate, and click Set System Information
You'll see the final Installer page, "OpenACS Installation: Complete." It will tell you that the server is being restarted; note that unless you already set up a way for AOLserver to restart itself (ie. inittab or daemontools), you'll need to manually restart your service.
[$OPENACS_SERVICE_NAME $OPENACS_SERVICE_NAME]$ /usr/local/aolserver/bin/nsd-postgres -t /var/lib/aolserver/$OPENACS_SERVICE_NAME/etc/config.tcl
Give the server a few minutes to start up. Then reload the final page above. You should see the front page, with an area to login near the upper right. Congratulations, OpenACS <version> is now up and running!