Skip to content

Home

Jump to bottom
Arno Kaimbacher edited this page Jul 23, 2020 · 12 revisions

Home

TETHYS - Data Publisher for Geoscience Austria is a digital data library and a data publisher for earth system science. Data can be georeferenced in time (date/time) and space (latitude, longitude, depth/height)

Getting Started

These instructions will get you a copy of the project up and running on your local machine for development and testing purposes. See deployment for notes on how to deploy the project on a live system.

Step1: install required system tools and programming languages

Step 2. install PostgreSQL database

Step 3. install and configure Solr

Step 4. Download and Install Tethys

Please check the official laravel installation guide for server requirements before you start. Official Documentation

Create web folder:
sudo mkdir -p /var/www/tethys-app/

sudo chown -R administrator:administrator /var/www/tethys-app/

Clone the repository to your web folder:
git clone https://github.com/geolba/tethys.git /var/www/tethys-app/

Switch to the repo folder:
cd /var/www/tethys-app/

Install all the dependencies using composer

composer install --optimize-autoloader --no-dev

Copy the example env file and make the required configuration changes in the .env file

cp .env.example .env

.env - Environment variables can be set in this file

Configure your database connection in .env-file e.g.: nano .env

DB_CONNECTION=pgsql
DB_HOST=localhost
DB_PORT=5432
DB_DATABASE=tethys
DB_USERNAME=tethys_admin
DB_PASSWORD=new_password_here
DB_SCHEMA=gba

also set the solr connection string:

SOLR_HOST=localhost
SOLR_CORE=tethys_data

Note : You can quickly set the database information, the solr connection string and other variables in this file and have the application fully working.

Save and close the file and generate a new application key

php artisan key:generate

Run the database migrations (Set the database connection in .env before migrating)

php artisan migrate

Grant folder permissions for webserver user

sudo chgrp -R www-data storage bootstrap/cache
sudo chmod -R ug+rwx storage bootstrap/cache

Local Development

To develop locally, you must run a local web server. To run:

php artisan serve

This will start the server on https://localhost:8080 from the current working directory.

stop the service: Strg + C

Nginx Configuration

sudo nano /etc/nginx/sites-available/tethys-app

http-only configuration:

server {
        listen 80;
        listen [::]:80;
        server_name localhost;
        root /var/www/tethys-app/public/;
        client_max_body_size 100M;

        index index.html index.htm index.php;
        charset utf-8;

        add_header X-Frame-Options "SAMEORIGIN";
        add_header X-XSS-Protection "1; mode=block";
        add_header X-Content-Type-Options "nosniff";

        location / {
                index index.php;
                try_files $uri $uri/ /index.php?$query_string;
        }

        location = /favicon.ico { access_log off; log_not_found off; }
        location = /robots.txt { access_log off; log_not_found off; }
        error_page 404 /index.php;

        location ~ \.php$ {
                fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
                fastcgi_index index.php;
                fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
                include fastcgi_params;
                include fastcgi.conf;
        }

        location ~ /\.(?!well-known).* { deny all;}
}

alternate https and http configuration:

server {
    listen [::]:443 ssl http2;
    listen 443 ssl http2;
    server_name localhost;
    root /var/www/tethys-app/public/;
    client_max_body_size 100M;

    index index.html index.htm index.php;
    charset utf-8;

    # path to https-certificate
    ssl_certificate    /etc/ssl/your_domain.pem;
    ssl_certificate_key    /etc/ssl/your_domain.key;
    ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;

    add_header X-Frame-Options "SAMEORIGIN";
    add_header X-XSS-Protection "1; mode=block";
    add_header X-Content-Type-Options "nosniff";

    location / {
        index index.php;
        try_files $uri $uri/ /index.php?$query_string;
    }

    location = /favicon.ico { access_log off; log_not_found off; }
    location = /robots.txt  { access_log off; log_not_found off; }
    error_page 404 /index.php;

    location ~ \.php$ {
        fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
        include fastcgi_params;
        include   fastcgi.conf;
    }

    location ~ /\.(?!well-known).* { deny all;}
}

server {
    if ($host = repository.geologie.ac.at) {
        return 301 https://$host$request_uri;
    }
    listen 80;
    listen [::]:80;
    server_name localhost;
    return 404;
}

symlinking the created site to enabled folder:
sudo ln -s /etc/nginx/sites-available/tethys-app /etc/nginx/sites-enabled/

test nginx configuration:
sudo nginx -t

if everything is successful, reload updated nginx configuration:
sudo service nginx reload

The website is available at the following link: https://localhost:80

Requesting https-certificate

sudo certbot certonly --nginx --webroot-path=/var/www/tethys-app/ -d www.your_domain.at -d your_domain.at

Adapt the settings 'ssl_certificate' and 'ssl_certificate_key' in the following file /etc/nginx/sites-available/tethys-app:
sudo nano /etc/nginx/sites-available/tethys-app

ssl_certificate    /etc/letsencrypt/live/www.your_domain.at/fullchain.pem;
ssl_certificate_key    /etc/letsencrypt/live/www.your_domain.at/privkey.pem;

Certbot will autmatically renew outdated certificates. Sytemd services 'cerbot.service' and 'certbot.timer' are checking twice daily whether certificates have been expired.

Clone this wiki locally