Last active
March 22, 2024 16:27
-
-
Save Jimadine/9222d443e301021571aa9840f011a0bb to your computer and use it in GitHub Desktop.
AtoM 2.7 on Ubuntu 20.04 & 22.04 manual installation steps ... automated
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env bash | |
set -x | |
# Assign args to shell variables | |
for ARGUMENT in "$@" | |
do | |
KEY=$(echo "$ARGUMENT" | cut -f1 -d=) | |
VALUE=$(echo "$ARGUMENT" | cut -f2 -d=) | |
case "$KEY" in | |
--root-mysql-pwd) ROOT_MYSQL_PWD=${VALUE} ;; | |
--atom-mysql-user) ATOM_MYSQL_USER=${VALUE} ;; | |
--atom-mysql-db) ATOM_MYSQL_DB=${VALUE} ;; | |
--atom-mysql-pwd) ATOM_MYSQL_PWD=${VALUE} ;; | |
--atom-admin-email) ATOM_ADMIN_EMAIL=${VALUE} ;; | |
--atom-admin-username) ATOM_ADMIN_USERNAME=${VALUE} ;; | |
--atom-admin-pwd) ATOM_ADMIN_PWD=${VALUE} ;; | |
--download-url) DOWNLOAD_URL=${VALUE} ;; | |
--github-branch) GITHUB_BRANCH=${VALUE} ;; | |
*) | |
esac | |
done | |
# Set some default variables, where the corresponding parameters haven't been supplied | |
if [ -z "$ROOT_MYSQL_PWD" ]; then | |
ROOT_MYSQL_PWD=changemeDEFAULT | |
fi | |
if [ -z "$ATOM_MYSQL_USER" ]; then | |
ATOM_MYSQL_USER=atomDEFAULT | |
fi | |
if [ -z "$ATOM_MYSQL_DB" ]; then | |
ATOM_MYSQL_USER=atomDEFAULT | |
fi | |
if [ -z "$ATOM_MYSQL_PWD" ]; then | |
ATOM_MYSQL_PWD=12345DEFAULT | |
fi | |
if [ -z "$ATOM_ADMIN_EMAIL" ]; then | |
ATOM_ADMIN_EMAIL=boaty_mcboatface@domain.orgDEFAULT | |
fi | |
if [ -z "$ATOM_ADMIN_USERNAME" ]; then | |
ATOM_ADMIN_USERNAME=boaty_mcboatfaceDEFAULT | |
fi | |
if [ -z "$ATOM_ADMIN_PWD" ]; then | |
ATOM_ADMIN_PWD=changemeDEFAULT | |
fi | |
if [ -z "$DOWNLOAD_URL" ]; then | |
DOWNLOAD_URL=https://storage.accesstomemory.org/releases/atom-2.7.1.tar.gz | |
fi | |
if [ -z "$GITHUB_BRANCH" ]; then | |
GITHUB_BRANCH=stable/2.7.x | |
fi | |
apt install -y software-properties-common apt-transport-https | |
version=$(lsb_release -cs) | |
case $version in | |
focal) | |
echo No PPA for PHP 7.4 needed! | |
;; | |
jammy) | |
add-apt-repository -y ppa:ondrej/php | |
;; | |
esac | |
curl -L -s https://artifacts.elastic.co/GPG-KEY-elasticsearch | gpg --dearmor > /usr/share/keyrings/elasticsearch-archive-keyring.gpg | |
echo "deb [arch=amd64 signed-by=/usr/share/keyrings/elasticsearch-archive-keyring.gpg] https://artifacts.elastic.co/packages/5.x/apt stable main" > /etc/apt/sources.list.d/elastic-5.x.list | |
curl -fsSL https://deb.nodesource.com/setup_20.x | sudo -E bash - | |
apt update | |
apt install -y debconf-utils | |
debconf-set-selections <<< "mysql-server-8.0 mysql-server/root_password password $ROOT_MYSQL_PWD" | |
debconf-set-selections <<< "mysql-server-8.0 mysql-server/root_password_again password $ROOT_MYSQL_PWD" | |
DEBIAN_FRONTEND=noninteractive apt install -y mysql-server | |
cat <<'MYSQLDCNF' > /etc/mysql/conf.d/mysqld.cnf | |
[mysqld] | |
sql_mode=ERROR_FOR_DIVISION_BY_ZERO,NO_ENGINE_SUBSTITUTION | |
optimizer_switch='block_nested_loop=off' | |
MYSQLDCNF | |
systemctl restart mysql | |
apt install -y openjdk-8-jre-headless \ | |
elasticsearch \ | |
nginx \ | |
php-common \ | |
php7.4-apcu \ | |
php7.4-apcu-bc \ | |
php7.4-common \ | |
php7.4-cli \ | |
php7.4-curl \ | |
php7.4-fpm \ | |
php7.4-json \ | |
php7.4-ldap \ | |
php7.4-memcache \ | |
php7.4-mbstring \ | |
php7.4-mysql \ | |
php7.4-opcache \ | |
php7.4-readline \ | |
php7.4-xml \ | |
php7.4-xsl \ | |
php7.4-zip \ | |
gearman-job-server \ | |
imagemagick \ | |
ghostscript \ | |
poppler-utils \ | |
ffmpeg \ | |
git \ | |
make \ | |
nodejs | |
update-alternatives --set php /usr/bin/php7.4 | |
apt install -y --no-install-recommends fop libsaxon-java | |
systemctl enable elasticsearch | |
systemctl start elasticsearch | |
touch /etc/nginx/sites-available/atom | |
ln -sf /etc/nginx/sites-available/atom /etc/nginx/sites-enabled/atom | |
rm /etc/nginx/sites-enabled/default | |
cat <<'ATOMNGINX' > /etc/nginx/sites-available/atom | |
upstream atom { | |
server unix:/run/php7.4-fpm.atom.sock; | |
} | |
server { | |
listen 80; | |
root /usr/share/nginx/atom; | |
# http://wiki.nginx.org/HttpCoreModule#server_name | |
# _ means catch any, but it's better if you replace this with your server | |
# name, e.g. archives.foobar.com | |
server_name _; | |
client_max_body_size 72M; | |
location ~* ^/(css|dist|js|images|plugins|vendor)/.*\.(css|png|jpg|js|svg|ico|gif|pdf|woff|ttf)$ { | |
} | |
location ~* ^/(downloads)/.*\.(pdf|xml|html|csv|zip)$ { | |
} | |
location ~ ^/(ead.dtd|favicon.ico|robots.txt|sitemap.*)$ { | |
} | |
location / { | |
try_files $uri /index.php?$args; | |
if (-f $request_filename) { | |
return 403; | |
} | |
} | |
location ~* /uploads/r/(.*)/conf/ { | |
} | |
location ~* ^/uploads/r/(.*)$ { | |
include /etc/nginx/fastcgi_params; | |
set $index /index.php; | |
fastcgi_param SCRIPT_FILENAME $document_root$index; | |
fastcgi_param SCRIPT_NAME $index; | |
fastcgi_pass atom; | |
} | |
location ~ ^/private/(.*)$ { | |
internal; | |
alias /usr/share/nginx/atom/$1; | |
} | |
location ~ ^/(index|qubit_dev)\.php(/|$) { | |
include /etc/nginx/fastcgi_params; | |
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; | |
fastcgi_split_path_info ^(.+\.php)(/.*)$; | |
fastcgi_pass atom; | |
} | |
} | |
ATOMNGINX | |
systemctl enable nginx | |
systemctl reload nginx | |
cat <<'PHPFPM' > /etc/php/7.4/fpm/pool.d/atom.conf | |
[atom] | |
; The user running the application | |
user = www-data | |
group = www-data | |
; Use UNIX sockets if Nginx and PHP-FPM are running in the same machine | |
listen = /run/php7.4-fpm.atom.sock | |
listen.owner = www-data | |
listen.group = www-data | |
listen.mode = 0600 | |
; The following directives should be tweaked based in your hardware resources | |
pm = dynamic | |
pm.max_children = 30 | |
pm.start_servers = 10 | |
pm.min_spare_servers = 10 | |
pm.max_spare_servers = 10 | |
pm.max_requests = 200 | |
chdir = / | |
; Some defaults for your PHP production environment | |
; A full list here: http://www.php.net/manual/en/ini.list.php | |
php_admin_value[expose_php] = off | |
php_admin_value[allow_url_fopen] = on | |
php_admin_value[memory_limit] = 512M | |
php_admin_value[max_execution_time] = 120 | |
php_admin_value[post_max_size] = 72M | |
php_admin_value[upload_max_filesize] = 64M | |
php_admin_value[max_file_uploads] = 10 | |
php_admin_value[cgi.fix_pathinfo] = 0 | |
php_admin_value[display_errors] = off | |
php_admin_value[display_startup_errors] = off | |
php_admin_value[html_errors] = off | |
php_admin_value[session.use_only_cookies] = 0 | |
; APC | |
php_admin_value[apc.enabled] = 1 | |
php_admin_value[apc.shm_size] = 64M | |
php_admin_value[apc.num_files_hint] = 5000 | |
php_admin_value[apc.stat] = 0 | |
; Zend OPcache | |
php_admin_value[opcache.enable] = 1 | |
php_admin_value[opcache.memory_consumption] = 192 | |
php_admin_value[opcache.interned_strings_buffer] = 16 | |
php_admin_value[opcache.max_accelerated_files] = 4000 | |
php_admin_value[opcache.validate_timestamps] = 0 | |
php_admin_value[opcache.fast_shutdown] = 1 | |
; This is a good place to define some environment variables, e.g. use | |
; ATOM_DEBUG_IP to define a list of IP addresses with full access to the | |
; debug frontend or ATOM_READ_ONLY if you want AtoM to prevent | |
; authenticated users | |
env[ATOM_DEBUG_IP] = "10.10.10.10,127.0.0.1" | |
env[ATOM_READ_ONLY] = "off" | |
PHPFPM | |
systemctl enable php7.4-fpm | |
systemctl start php7.4-fpm | |
php-fpm7.4 --test | |
systemctl status php7.4-fpm | |
systemctl status nginx | |
rm /etc/php/7.4/fpm/pool.d/www.conf | |
systemctl restart php7.4-fpm | |
cat <<'GEARMAN' > /usr/lib/systemd/system/atom-worker.service | |
[Unit] | |
Description=AtoM worker | |
After=network.target | |
# High interval and low restart limit to increase the possibility | |
# of hitting the rate limits in long running recurrent jobs. | |
StartLimitIntervalSec=24h | |
StartLimitBurst=3 | |
[Install] | |
WantedBy=multi-user.target | |
[Service] | |
Type=simple | |
User=www-data | |
Group=www-data | |
WorkingDirectory=/usr/share/nginx/atom | |
ExecStart=/usr/bin/php7.4 -d memory_limit=-1 -d error_reporting="E_ALL" symfony jobs:worker | |
KillSignal=SIGTERM | |
Restart=on-failure | |
RestartSec=30 | |
GEARMAN | |
systemctl daemon-reload | |
systemctl enable atom-worker | |
systemctl start atom-worker | |
mkdir -p /usr/share/nginx/atom && cd "$_" || exit | |
if [[ "$DOWNLOAD_URL" =~ \.git$ ]]; then | |
git clone -b "${GITHUB_BRANCH}" --depth 1 "${DOWNLOAD_URL}" /usr/share/nginx/atom | |
git config --global --add safe.directory /usr/share/nginx/atom | |
curl -fsSL https://deb.nodesource.com/setup_18.x | bash - && apt install -y nodejs | |
npm install -g "less@<4.0.0" | |
make -C /usr/share/nginx/atom/plugins/arDominionPlugin | |
make -C /usr/share/nginx/atom/plugins/arArchivesCanadaPlugin | |
php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');" | |
php -r "if (hash_file('sha384', 'composer-setup.php') === '55ce33d7678c5a611085589f1f3ddf8b3c52d662cd01d4ba75c0ee0459970c2200a51f492d557530c71c15d8dba01eae') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;" | |
php composer-setup.php | |
php -r "unlink('composer-setup.php');" | |
php composer.phar install --no-dev | |
else | |
wget -nv "${DOWNLOAD_URL}" -O atom.tar.gz | |
tar xzf atom.tar.gz -C /usr/share/nginx/atom --strip 1 --no-same-owner | |
rm atom.tar.gz | |
# Download files necessary for tarball install to compile BS5 themes | |
ATOM_VERSION=$(echo $DOWNLOAD_URL | grep -oP "\/atom-(\d\.\d\.\d)\.tar\.gz$" | grep -oP "\d\.\d\.\d") | |
wget "https://raw.githubusercontent.com/artefactual/atom/v${ATOM_VERSION}/package.json" | |
wget "https://raw.githubusercontent.com/artefactual/atom/v${ATOM_VERSION}/package-lock.json" | |
wget "https://raw.githubusercontent.com/artefactual/atom/v${ATOM_VERSION}/webpack.config.js" | |
fi | |
mysql -h localhost -u root -p"${ROOT_MYSQL_PWD}" -e "CREATE DATABASE ""${ATOM_MYSQL_DB}"" CHARACTER SET utf8mb4 COLLATE utf8mb4_0900_ai_ci;" | |
mysql -h localhost -u root -p"${ROOT_MYSQL_PWD}" -e "CREATE USER '""${ATOM_MYSQL_USER}""'@'localhost' IDENTIFIED BY '""${ATOM_MYSQL_PWD}""';" | |
mysql -h localhost -u root -p"${ROOT_MYSQL_PWD}" -e "GRANT ALL PRIVILEGES ON ""${ATOM_MYSQL_USER}"".* TO '""${ATOM_MYSQL_USER}""'@'localhost';" | |
# This is required because of a peculiar problem affecting .tar.gz installs where the 'php symfony tools:install' command that follows fails due to an 'Elasticsearch connection failure: Can't connect to the server (Failed to connect to localhost port 9200 after 0 ms: Connection refused)' | |
# 30 seconds is a completely arbitrary delay! I'm unsure if the problem is particular to my environment. | |
sleep 30 | |
# Use --demo option? | |
php symfony tools:install \ | |
--database-host="localhost" \ | |
--database-port="3306" \ | |
--database-name="${ATOM_MYSQL_DB}" \ | |
--database-user="${ATOM_MYSQL_USER}" \ | |
--database-password="${ATOM_MYSQL_PWD}" \ | |
--search-host="localhost" \ | |
--search-port="9200" \ | |
--search-index="atom" \ | |
--site-title="AtoM" \ | |
--site-description="Access to Memory" \ | |
--site-base-url="http://127.0.0.1" \ | |
--admin-email="${ATOM_ADMIN_EMAIL}" \ | |
--admin-username="${ATOM_ADMIN_USERNAME}" \ | |
--admin-password="${ATOM_ADMIN_PWD}" \ | |
--no-confirmation | |
chown -R www-data:www-data /usr/share/nginx/atom | |
chmod o= /usr/share/nginx/atom | |
# Make the BS5 theme work! Without the following, you will see an error: 'The template "_layout_start.php" does not exist or is unreadable in ""' when the Dominion BS5 theme is chosen (GitHub install). Note this may be irrelevant beyond 2.7.0. | |
if [[ "$DOWNLOAD_URL" =~ \.git$ ]]; then | |
# The following command is required for NodeJS 18.x (LTS), to avoid a 'Cypress cannot write to the cache directory due to file permissions' error. NodeJS 19.x seemingly unaffected. | |
HOME="$(echo ~www-data)" CYPRESS_CACHE_FOLDER="cypress_cache" npm install | |
# Fix 'sh: 1: webpack: Permission denied' | |
chmod +x /usr/share/nginx/atom/node_modules/webpack/bin/webpack.js | |
HOME="$(echo ~www-data)" CYPRESS_CACHE_FOLDER="cypress_cache" npm run build | |
rm -rf node_modules | |
fi |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Vagrant.configure("2") do |config| | |
config.vm.box = "ubuntu/jammy64" | |
config.vm.network "forwarded_port", guest: 80, host: 9001, host_ip: "127.0.0.1", auto_correct: true | |
config.vm.provider "virtualbox" do |vb| | |
vb.name = "_vanillaatom2" | |
vb.memory = 4096 | |
vb.cpus = 2 | |
# Set a Null file handler for the serial console per https://bugs.launchpad.net/cloud-images/+bug/1890942 | |
vb.customize [ "modifyvm", :id, "--uartmode1", "file", File::NULL ] | |
end | |
# Download URLs are e.g. https://github.com/artefactual/atom.git & https://storage.accesstomemory.org/releases/atom-2.7.1.tar.gz | |
config.vm.provision :shell, path: './build_atom.sh', args: ['--root-mysql-pwd=something', | |
'--atom-mysql-user=atom', | |
'--atom-mysql-db=atom', | |
'--atom-mysql-pwd=12345', | |
'--atom-admin-email=boaty_mcboatface@domain.org', | |
'--atom-admin-username=boaty_mcboatface', | |
'--atom-admin-pwd=changeme', | |
'--download-url=https://github.com/artefactual/atom.git', | |
'--github-branch=stable/2.7.x' | |
] | |
end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment