Difference between revisions of "Nhmbif"

From nhm.sfs.gbif
Jump to: navigation, search
 
(4 intermediate revisions by the same user not shown)
Line 16: Line 16:
 
* sgraf (Don't know what this does but it has something to do with geology)
 
* sgraf (Don't know what this does but it has something to do with geology)
 
* ffserver and ffmpeg, for live streaming museum events
 
* ffserver and ffmpeg, for live streaming museum events
 +
 +
== IPT upgrades ==
 +
 +
* Make sure to back up the data directories – <tt>/site/gbif/ipt</tt> and <tt>/site/gbif/sandbox</tt>
 +
* Download the [https://gbif.org/ipt/ Latest version of the IPT]
 +
* Upload the latest version of the .war file (ipt-x-x-x.war) using the tomcat web interface
 +
** Alternatively, stop tomcat (<tt>service tomcat stop</tt>, copy the latest version of the IPT (ipt-x.x.x.war) to <tt>/var/lib/tomcat/webapps/ipt-sandbox.war</tt> and <tt>/var/lib/tomcat/webapps/ipt.war</tt> and restart tomcat (<tt>service tomcat start</tt>)
 +
* Follow the on-screen instructions [https://data.gbif.no/ipt] [https://data.gbif.no/ipt-sandbox] to complete the upgrade
  
 
== Renewing SSL certificates ==
 
== Renewing SSL certificates ==
Line 29: Line 37:
 
* Is tomcat running? If not, do <tt>service tomcat start</tt>
 
* Is tomcat running? If not, do <tt>service tomcat start</tt>
 
* Is lighttpd running? If not, do <tt>lighttpd -f /etc/lighttpd/lighttpd.conf</tt>
 
* Is lighttpd running? If not, do <tt>lighttpd -f /etc/lighttpd/lighttpd.conf</tt>
 +
 +
=== IPT/Tomcat is not allowed to write to the IPT data directory ===
 +
 +
Probably an SELinux thing - try the following:
 +
 +
* <tt>grep tomcat /var/log/audit/audit.log | audit2allow -M ipt</tt>
 +
* <tt>semodule -i ipt.pp</tt>

Latest revision as of 02:39, 2 April 2018

nhmbif is a virtual machine running RHEL 7.3

List of services

The following services are provided on nhmbif (incomplete list):

IPT upgrades

  • Make sure to back up the data directories – /site/gbif/ipt and /site/gbif/sandbox
  • Download the Latest version of the IPT
  • Upload the latest version of the .war file (ipt-x-x-x.war) using the tomcat web interface
    • Alternatively, stop tomcat (service tomcat stop, copy the latest version of the IPT (ipt-x.x.x.war) to /var/lib/tomcat/webapps/ipt-sandbox.war and /var/lib/tomcat/webapps/ipt.war and restart tomcat (service tomcat start)
  • Follow the on-screen instructions [1] [2] to complete the upgrade

Renewing SSL certificates

We use dehydrated to renew the letsencrypt certificates for data.gbif.no. Everything should just happen automatically (on the 1st of every month), but if something goes wrong, simply run /opt/bin/renew to renew the certificates. This script will also concatenate privkey.pem and cert.pem so lighttpd can use the certificates. Remember to restart lighttpd!

Troubleshooting

Help, the IPT is down!!!

  • Is tomcat running? If not, do service tomcat start
  • Is lighttpd running? If not, do lighttpd -f /etc/lighttpd/lighttpd.conf

IPT/Tomcat is not allowed to write to the IPT data directory

Probably an SELinux thing - try the following:

  • grep tomcat /var/log/audit/audit.log | audit2allow -M ipt
  • semodule -i ipt.pp