-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathSETUP.txt
executable file
·131 lines (103 loc) · 4.5 KB
/
SETUP.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
This all depends on a working neo4j install
- Install neo4j, set-initial-password, create breedcafs user and set that accounts password
An instance folder is required but not available in the github repo, this should contain
modified version of the config.py file (notes in the template in this folder).
SETUP:
Set up neo4j:
Install:
on ubuntu:
apt-get install neo4j
on fedora:
yum install neo4j
Set initial password:
service neo4j stop
neo4j-admin set-initial-password NEO4J_ROOT_USER-PASSWORD-HERE
service neo4j start
Connect to db using cypher shell to create breedcafs user:
cypher-shell -u neo4j -p NEO4J_ROOT_USER-PASSWORD-HERE
CALL dbms.security.createUser('breedcafs', BREEDCAFS_USER-PASSWORD-HERE, false);
# Now that I am using ONgDB for enterprise features we want to set roles for the users
CALL dbms.security.listRoles();
#CALL dbms.security.addRoleToUser('editor', 'breedcafs');
CALL dbms.security.addRoleToUser('admin', 'breedcafs');
# the 3rd argument in the above call suppresses the request to change password
Other useful commands:
CALL dbms.security.changePassword(*password*)
CALL dbms.security.listUsers()
CALL dbms.security.deleteUser(*username*)
Add the breedcafs user and password as environment variables for the web-server and celery instances
Set import directory (for CSV uploads):
Edit /etc/neo4j/neo4j.conf to include the path for imports (use same path later in instance/config.py):
# `LOAD CSV` section of the manual for details.
dbms.directories.import=/path/to/import
Add APOC plugin:
Download the compatible version of APOC (jar file) and place it in the neo4j plugins directory.
- https://github.com/neo4j-contrib/neo4j-apoc-procedures
APOC is currently used for date parsing during CSV import and for clearing schema on reset
For schema assert add the following to /etc/neo4j/neo4j.conf
dbms.security.procedures.unrestricted=apoc.schema.assert
Set up the flask app:
Clone the breedcafs repository into the webserver directory:
cd /var/www
git clone https://github.com/marcusmchale/breedcafs
Add the instance folder, copy the config.py and modify to suit your environment:
mkdir breedcafs/instance
cp /var/www/breedcafs/config.py /var/www/breedcafs/instance/config.py
Set up virtual environment:
Install:
on ubuntu:
apt-get install virtualenv
on fedora (was already installed for me in v25 but otherwise:
yum install python-virtualenv
Initialise:
virtualenv /var/www/breedcafs/venv
Activate (from breedcafs folder):
. ./var/www/breedcafs/venv/bin/activate
Install requirements:
pip install -r REQUIREMENTS.txt
Set permissions so that webserver user has group level read access:
chgrp -R www-data /var/www/breedcafs
chmod 755 /var/www/breedcafs
chmod 2775 /var/www/breedcafs/instance/import
chmod 2775 /var/www/breedcafs/instance/export
Configure apache2:
Add the following virtual host to /etc/apache2/sites-available/breedcafs.conf
<VirtualHost *:80>
ServerName SERVERNAME-OR-IP
SetEnv NEO4J_USERNAME neo4j
SetEnv NEO4J_PASSWORD SECURE-PASSWORD-HERE
SetEnv MAIL_PASSWORD SECURE-MAIL-PASSWORD-HERE
SetEnv MAIL_USERNAME [email protected]
WSGIDaemonProcess breedcafs python-home=/var/www/breedcafs/venv processes=2 threads=15 display-name=%{GROUP}
WSGIScriptAlias / /var/www/breedcafs/breedcafs.wsgi
<Directory /var/www/breedcafs>
WSGIProcessGroup breedcafs
WSGIApplicationGroup %{GLOBAL}
Require all granted
</Directory>
</VirtualHost>
Activate the site:
cd /etc/apache2/sites-available
a2ensite breedcafs.conf
Alternative for local install (Werkzeug server):
export FLASK_APP=run.py
flask run
SELinux:
Wherever apache logs are kept needs to be set as http log type:
chcon method:
chcon -Rv --type=httpd_log_t /httpd/logs
semanage method (persists through file system relabel:
semanage fcontext -a -t httpd_log_t “/httpd/logs(/.*)
Redis:
This is needed as an in memory data store for asynchronous tasks (like uploading large files)
Install:
On fedora 25:
sudo dnf install redis
Run:
On fedora 25:
sudo systemctl start redis
Celery:
This is the python worker that schedules asynchronous jobs on the server
Install and run as service, modify the celeryd.conf file
#run for testing
celery -A app.models worker --loglevel info