Page History
...
Code Block |
---|
JAVA_OPTS="-XX:PermSize=64M \-XX:MaxPermSize=256M \-Xmx1024m" |
Add the following two system properties to file conf/catalina.properties
under the CATALINA_HOME
directory -- the same directory where you'll find server.xml
. The value for both of these properties is the absolute path of the repository home directory. In this example, it is /opt/eaglei/repo
:
...
Code Block |
---|
....(ONLY DO THIS when ALREADY running Apache Derby\!)
export DERBY_HOME=my-derby-installation-toplevel
|
...
Code Block |
---|
....(ONLY DO THIS when ALREADY running Apache Derby\!)
setenv DERBY_HOME my-derby-installation-toplevel
|
...
Code Block |
---|
...service invocation examples:
2011-01-27 14:28:06,483 T=http-8443-1 DEBUG org.eaglei.repository.servlet.RepositoryServlet - ============== Ending Request /repository/update (2,159 mSec elapsed)
2011-01-27 14:27:58,023 T=http-8443-1 DEBUG org.eaglei.repository.servlet.RepositoryServlet - ============== Ending Request /repository/workflow/push (1,763 mSec elapsed)
... (internal query example\:)
2011-04-15 14:13:28,383 T=http-8443-1 DEBUG org.eaglei.repository.util.SPARQL - SPARQL Query executed by org.eaglei.repository.model.User:findAll at line 227 in elapsed time (mSec) 15
|
...
Given a dump created in e.g. ${DUMPDIR}, to restore this dump on a newly-created, empty, repository, use these commands: (where ${REPOSITORY} is URL prefix of the repo)
Code Block |
---|
curl \-D - \-s \-S \-u ADMIN:PASSWORD \-F type=user \-F format=application/x-trig \ \-F content=@${DUMPDIR}/users.trig \-F duplicate=replace \ \-F transform=no ${REPOSITORY}/repository/import |
Code Block |
---|
curl \-s \-S \-D - \-u ADMIN:PASSWORD \-F action=replace \-F all= \ \-F "content=@${DUMPDIR}/resources.trig;type=application/x-trig" \ ${REPOSITORY}/repository/graph |
...
Code Block |
---|
make-snapshot.sh ADMIN PASSWORD [https://localhost:8443] "daily_cron_`date \+%u`"
|
move-everything.sh: Copying Everything Between Repositories or Files
...
Code Block |
---|
Usage: move-everything.sh [\--version|--version] \[ \-f \| \--force \] \ [\-exclude-users user,user,..|-exclude-users user,user,..] [-nousers] from-username from-password from-repo-URL \ to-username to-password to-repo-URL |
...
Code Block |
---|
Usage: move-everything.sh [\--version|--version] \[ \-f \| \--force \] \ [\-exclude-users user,user,..|-exclude-users user,user,..] [-nousers] \--from-snapshot directory \--from-prefix from-prefix \ to-username to-password to-repo-URL |
...
Code Block |
---|
make-snapshot bigbird PASSWORD [https://harvard.eagle-i.net] \ harvard.monday move-everything.sh \-f \ \--from-snapshot harvard.monday \ \--from-prefix [http://harvard.eagle-i.net/i/] \ bigbird PASSWORD [https://localhost:8443] |
...
Code Block |
---|
Usage: move-resources [-verbose] [-replace] [\--type published|workspace]{ --file source-file --prefix uri-prefix | --source source-repo-url --user login:password --graph src-graph-URI } dest-repo-url dest-login:dest-password dest-graph-URI (options may be abbreviated to first letter, e.g. \-f) |
By default it adds data to the destination graph, --replace
changes that to replacing the entire graph.
...
Here is an example command, it copies from the Published graph on qa.harvard to an "Experimental" graph on the local repo (on https://localhost:8443)
Code Block |
---|
move-resources \-s [https://qa.harvard.eagle-i.net:8443] \-u bert:ernie \ \-g [http://eagle-i.org/ont/repo/1.0/NG_Published] [https://localhost:8443] \ root:password [http://eagle-i.org/ont/repo/1.0/NG_Experimental] Moved 4694 data statements and 322 metadata statements. |
...
- Shut down tomcat. This is major surgery, and tomcats don't like to be vivisected no matter how much more satisfying you may find it.
- Disable Java Security -- alternately, you could try to configure all the authorization grants to give the repository webapp access to the filesystem and property resources it needs, but I found it much easier to just disable java security. DO NOT RUN THE TOMCAT PROCESS AS ROOT if you do this, but you should not be running it as root in any case. That's just insane.
- Edit the file
/etc/init.d/tomcat6
and change the following variable to look like this:Code Block TOMCAT6_SECURITY=no
- Edit the file
- Install Derby jars: ONLY IF DERBY IS NOT ALREADY INSTALLED IN THE COMMON AREA OF YOUR TOMCAT. If another webapp is already using Derby, they should share that version.
- Find the Derby jars in the
lib/
subdirectory under where you installed thecreate-user.sh
script. - Copy them to the Tomcat common library directory:
Code Block cp ${REPO-ZIP-DIR}/lib/derby\* /usr/share/tomcat6/lib/
- Find the Derby jars in the
- Install the webapp: First, get rid of any existing root webapp, then copy in the webapp (
ROOT.war
file from your installation kit) and be sure it is readable by the tomcat6 user:Code Block rm /var/lib/tomcat6/webapps/ROOT*cp ROOT.war /var/lib/tomcat6/webapps/ROOT.war
- Install cached webapp context: This is VERY IMPORTANT, and the Tomcat docs does not even mention it, but without it your server will be mysteriously broken. The file
/etc/tomcat6/Catalina/localhost/ROOT.xml
must be a copy of your app'scontext.xml
. Redo this command after installing every newROOT.war
:Code Block mkdir \-p /etc/tomcat6/Catalina/localhost unzip \-p /var/lib/tomcat6/webapps/ROOT.war META-INF/context.xml > /etc/tomcat6/Catalina/localhost/ROOT.xml
- Add System Properties: Be sure you have added system properties to the file
/etc/tomcat6/catalina.properties
e.g.
...of course, the value of these properties will be your Repository Home Directory path.Code Block org.eaglei.repository.home = /opt/eaglei/repoderby.system.home = /opt/eaglei/repo
- Start up Tomcat:
Code Block sudo /etc/init.d/tomcat6 start
- Troubleshooting: If there are problems, check the following places for logs (because packaged apps make everything so much easier):
/var/log/daemon.log
- really dire tomcat problems and stdout/stderr go to syslog/var/log/tomcat6/*
- normal catalina logging${REPOSITORY_HOME}/logs/repository.log
- default repo log file in release 1.1; under 1.0 the filename wasdefault.log
.
...
- Discover your machine's primary IP address and set the ADDR shell variable: (Note that this assumes eth0 is your primary network interface --use
ifconfig -a
to see them all)Code Block ADDR=`ifconfig eth0 \| perl \-ne 'print "$1\n" if m/\sinet addr\:(\d+\.\d+\.\d+\.\d+)\s/;'`
- Run these iptables commands to redirect all port 80 requests to port 8080.
Code Block iptables \-t nat \-A OUTPUT \-d localhost \-p tcp \--dport 80 \-j REDIRECT \--to-ports 8080 iptables \-t nat \-A OUTPUT \-d $ADDR \-p tcp \--dport 80 \-j REDIRECT \--to-ports 8080 iptables \-t nat \-A PREROUTING \-d $ADDR \-p tcp \--dport 80 \-j REDIRECT \--to-ports 8080
- (If using SSL) Run these iptables commands to redirect all port 443 requests to port 8443.
Code Block iptables \-t nat \-A OUTPUT \-d localhost \-p tcp \--dport 443 \-j REDIRECT \--to-ports 8443 iptables \-t nat \-A OUTPUT \-d $ADDR \-p tcp \--dport 443 \-j REDIRECT \--to-ports 8443 iptables \-t nat \-A PREROUTING \-d $ADDR \-p tcp \--dport 443 \-j REDIRECT \--to-ports 8443
- Save the rules in the canonical place to be reloaded on boot:
Code Block iptables-save > /etc/iptables.rules
- Create a script to be run by the network startup infrastructure that will reload the iptables whenever the network is configured on:
Code Block cat << EOF > /etc/network/if-pre-up.d/iptablesload \#\!/bin/sh iptables-restore < /etc/iptables.rules exit 0 EOF
- Test by accessing your server both locally and remotely by the port-80 URL. Then reboot the machine and try it again to be sure the iptables commands are run correctly on boot.
...
- Run this iptables command to redirect all port 80 requests to port 8080.
Code Block /sbin/iptables \-t nat \-I PREROUTING \-p tcp \--dport 80 \-j REDIRECT \--to-port 8080
- Save the rules in the canonical place to be reloaded on boot:
Code Block /sbin/iptables-save
- Update the startup settings so iptables will run upon reboot:
Code Block chkconfig \--level 35 iptables on
- Test by accessing your server both locally and remotely by the port-80 URL. Then reboot the machine and try it again to be sure the iptables commands are run correctly on boot.
...
Typical command to make a backup, in TriG format to a file, e.g. all-dump.trig (here highlighted in yellow) from a server running locally on port 80. In practice, you'll probably need to change all the highlighted parts, such as the username:password
login credentials, and the hostname in the target URL if not running locally.
Code Block |
---|
curl \-G \-X GET \-s \-S \-u username:password \-o all-dump.trig \-d all \ \--write-out 'status=%{http_code}, %{time_total}sec\n' \ \-d format=application/x-trig [https://localhost:8443/repository/graph] |
...
Warning | ||
---|---|---|
| ||
this replaces the entire contents of the repository! |
Code Block |
---|
curl \-s \-S \-u username:password \-F action=replace \-F all= \ \--write-out 'status=%{http_code}, %{time_total}sec\n' \ \-F 'content=@all-dump.trig;type=application/x-trig' [https://localhost:8443/repository/graph] |
...
Now run a command like this to export the accounts into the file all-users.trig
Code Block |
---|
curl \-s \-S \-u username:password \-G \-d type=user \-d format=application/x-trig \ \--write-out 'status=%{http_code}\n' \ \-o all-users.trig [https://hostname:8443/repository/export] |
Note that you have to change the hostname and possibly the login. If there are accounts you do not want in the export, add an exclude argument to filter them out, with a space-separated list, e.g.
Code Block |
---|
.... \-d 'exclude=frankenstein moreau lizardo' ....
|
...
You can start with a newly-created repository which needs to have user accounts added. It only has the initial administrator login, e.g. bigbird
. Use the import service to add users from the file you created in step 0. The following command adds all of the accounts except bigbird (since it already exists), and aborts without changing anything if there are already duplicates of any of the users on the destination repo. It will print "status=200" on success.
Code Block |
---|
curl \-s \-S \-u username:password \-F type=user \-F format=application/x-trig \ \-F transform=yes \--write-out 'status=%{http_code}\n' \ \-F exclude=bigbird \ \-F content=@all-users.trig [https://hostname:8443/repository/import] |
...
The easiest way to test the existence and details of a user is with the /whoami service. It does not show roles, however, you'll have to go to the repository administrative UI for that (or take it on faith). For example, after restoring users including curator, this is how you'd check that curator exists:
Code Block |
---|
curl \-s \-S \-u curator:password \-G \-d format=text/plain [https://hostname:8443/repository/whoami] |
...
To export property grants, plug those URIs into the following command (you need to replace italicized words):
Code Block |
---|
curl \-G \-k \-u ADMIN:PASSWORD \-d type=grant \-d "include=HIDE,CONTACT" \ \-d format=application/x-trig [https://localhost:8443/repository/export] |
This writes a record of grants to the standard output. Since the URIs are the same between other repositories running the same data model, you should be able to import them with the command (shows standard input in the example):
Code Block |
---|
curl \-k \-u ADMIN:PASSWORD \-F type=grant \ -F duplicate=abort \-F transform=no \-F content=@- \ \-F format=application/x-trig [https://localhost:8443/repository/import] |
Code Block |
Code Block |
Code Block |