Detailed deployment instructions for the neo4j container

Merges #19

.gitignore

@@ -89,3 +89,6 @@ ENV/
 
 # Rope project settings
 .ropeproject
+
+# Emacs backups
+*~

hetnet/neo4j/deployment/README.md

@@ -0,0 +1,38 @@
+# Neo4j Deployment
+
+This directory includes files to deploy neo4j-hetionet on Ubuntu 18.04 box.
+
+## Prerequisites of Deployment Box:
+ - OS: Ubuntu 18.04 or later
+ - User account `ubuntu` that has `sudo` privilege
+
+## Deployment Steps:
+
+Open `install_ssl.sh` and edit the values for `EMAIL` and `SSL_DOMAIN` in:
+```shell
+EMAIL="[email protected]" # email address associated with SSL certificate
+SSL_DOMAIN="neo4j.het.io" # SSL domain name
+```
+
+Then type the following command on the deplyment box:
+```shell
+./setup.sh
+```
+
+Here is a summary of what this script does:
+ - Install a daily cron job to upgrade packages using `apt` command
+ - Install the latest Docker CE (Community Edition)
+ - Copy docker-related scripts into `/home/ubuntu/docker-scripts/` directory
+ - Install SSL certificates issed by [Let's Encrypt](https://letsencrypt.org/)
+
+Reboot the deployment box to ensure that new configurations will become effective, then log in as `ubuntu`, and type:
+```shell
+cd ~/docker-scripts/
+./run-docker.sh
+```
+Wait for a few minutes before the web server is up, because the server needs to initialize the databases and guides.
+
+To reconfigure SSL later, please reset `EMAIL` and `SSL_DOMAIN` as described earlier, then type:
+```shell
+./install_ssl.sh
+```

hetnet/neo4j/deployment/bash_aliases

@@ -0,0 +1,7 @@
+############################################
+# greenelab bash aliases
+############################################
+alias cls='clear'
+alias cp='cp -i'
+alias rm='rm -i'
+alias mv='mv -i'

hetnet/neo4j/deployment/install_ssl.sh

@@ -0,0 +1,46 @@
+#!/bin/bash
+#
+# This script uses certbot to install SSL certificates issued by Let's Encrypt.
+
+# Ensure that working directory is correct
+cd `dirname $0`
+
+if [ ! -x /usr/bin/certbot ]; then
+ sudo add-apt-repository ppa:certbot/certbot --yes
+ sudo apt update
+ sudo apt install certbot --yes
+fi
+
+EMAIL="[email protected]" # email address associated with SSL certificate
+SSL_DOMAIN="neo4j.het.io" # SSL domain name
+
+sudo certbot certonly \
+ --standalone \
+ --agree-tos \
+ --noninteractive \
+ --email $EMAIL \
+ --no-eff-email \
+ --domain $SSL_DOMAIN
+
+# Create "sync-neo4j-ssl.sh" dynamically and run it:
+cat > ./sync-neo4j-ssl.sh << EOF
+#!/bin/bash
+# Certbot post-renewal-hook script that synchronizes SSL certificates for neo4j
+
+# Use 'cp --dereference' to emphasize that we are copying the actual files.
+cp --dereference --force /etc/letsencrypt/live/$SSL_DOMAIN/fullchain.pem /home/ubuntu/ssl/neo4j.cert
+cp --dereference --force /etc/letsencrypt/live/$SSL_DOMAIN/privkey.pem /home/ubuntu/ssl/neo4j.key
+
+# If hetionet-container is running now, restart it to make the new certificates effective.
+if [ \`docker ps --quiet --filter name=hetionet-container\` ]; then
+ echo -n "Restarting "; docker restart hetionet-container
+fi
+EOF
+
+mkdir -p /home/ubuntu/ssl/
+chmod +x ./sync-neo4j-ssl.sh
+sudo ./sync-neo4j-ssl.sh
+
+# Add post-renewal-hook, see:
+# https://certbot.eff.org/docs/using.html#renewing-certificates
+sudo cp --force ./sync-neo4j-ssl.sh /etc/letsencrypt/renewal-hooks/deploy/

hetnet/neo4j/deployment/root_bash_prompt

@@ -0,0 +1,9 @@
+
+#######################################################
+# greenelab root bashrc customization
+#######################################################
+
+# bash prompt
+TITLEBAR="\[\e]0;\u@\h: \w\a\]"
+PROMPT="\[\033[0;31m\][\u@\h: \w]#\[\033[0m\] "
+export PS1="$TITLEBAR$PROMPT"

hetnet/neo4j/docker/host/run-docker.sh → hetnet/neo4j/deployment/run-docker.sh

@@ -1,15 +1,18 @@
-# Start dhimmel/hetionet container
+#!/bin/bash
+#
+# Start dhimmel/hetionet container.
 # See https://neo4j.com/developer/docker-3.x/ for doc
+
 docker run \
  --detach \
  --name=hetionet-container \
  --restart=on-failure \
  --publish=80:7474 \
  --publish=443:7473 \
  --publish=7687:7687 \
- --volume=$HOME/hetionet-data:/data \
- --volume=$HOME/neo4j-logs:/logs \
- --volume=$HOME/ssl:/ssl \
+ --volume=/home/ubuntu/hetionet-data:/data \
+ --volume=/home/ubuntu/neo4j-logs:/logs \
+ --volume=/home/ubuntu/ssl:/ssl \
  --env=NEO4J_dbms_memory_pagecache_size=512m \
  --env=NEO4J_dbms_memory_heap_maxSize=1g \
  dhimmel/hetionet

hetnet/neo4j/deployment/setup.sh

@@ -0,0 +1,49 @@
+#!/bin/bash
+#
+# This shell script deploys neo4j-hetionet web server on Ubuntu 18.04.
+
+# Run the script as user "ubuntu" only.
+if [ `whoami` != 'ubuntu' ]; then
+ echo "Error: only the user 'ubuntu' is allowed to run this script."
+ exit 1
+fi
+
+# Ensure that the working directory is correct
+cd `dirname $0`
+
+# Update packages automatically using a daily cron job
+sudo apt update
+sudo apt purge unattended-upgrades --yes
+sudo rm -rf /var/log/unattended-upgrades/
+sudo cp upgrade-pkg /etc/cron.daily/
+sudo chmod 755 /etc/cron.daily/upgrade-pkg
+
+# "root" bash config
+sudo cp -f bash_aliases /root/.bash_aliases
+sudo bash -c "cat root_bash_prompt >> /root/.bashrc"
+
+# "ubuntu" bash config
+cp -f bash_aliases ~/.bash_aliases
+
+# Customize hostname
+sudo bash -c "echo neo4j-hetionet > /etc/hostname"
+
+# Install the latest Docker CE (Community Edition)
+sudo apt install apt-transport-https gnupg-agent --yes
+curl --fail --silent --show-error --location \
+ https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
+sudo add-apt-repository \
+ "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
+sudo apt update
+sudo apt install docker-ce docker-ce-cli containerd.io --yes
+
+# Allow "ubuntu" to run docker w/o "sudo"
+sudo usermod --append --groups docker ubuntu
+
+# Collect docker-related scripts into one directory
+mkdir -p ~/docker-scripts/
+cp -f run-docker.sh stop-docker.sh update-docker.sh ~/docker-scripts/
+chmod +x ~/docker-scripts/*.sh
+
+# Install SSL certificates issued by Let's Encrypt
+bash ./install_ssl.sh

hetnet/neo4j/deployment/stop-docker.sh

@@ -0,0 +1,8 @@
+#!/bin/bash
+#
+# Stop and remove the Docker hetionet-container.
+
+if [ `docker ps --all --quiet --filter name=hetionet-container` ]; then
+ echo -n "Deleting "
+ docker rm hetionet-container --force
+fi

hetnet/neo4j/deployment/update-docker.sh

@@ -0,0 +1,15 @@
+#!/bin/bash
+#
+# Update the Docker image and restart hetionet container.
+
+# Ensure that working directory is correct.
+cd `dirname $0`
+
+# Stop docker container
+bash ./stop-docker.sh
+
+# Pull the latest docker image
+docker pull dhimmel/hetionet
+
+# Start docker
+bash ./run-docker.sh

hetnet/neo4j/deployment/upgrade-pkg

@@ -0,0 +1,10 @@
+#!/bin/bash
+
+# Upgrade packages and reboot the system if required.
+apt update
+DEBIAN_FRONTEND=noninteractive apt full-upgrade --yes
+apt autoremove --yes
+
+if [ -f /var/run/reboot-required ]; then
+ /sbin/reboot
+fi