A quick guide on how to install DSpace 7.5 Ubuntu 22.04.2 LTS. This guide assumes Apache is up and running https://myuniv.test on the same server where https://dspace.myuniv.test will be set up. All the commands below are ran on this server over ssh unless otherwise specified.
For a detailed explanations and possible troubleshooting: check the original documentation
TODO:
- Add IP geo location database.
- Make this is a one shot bash script with user provided arguments (workdir, domainname, etc.)
- Modify the frontend setuo so it runs as non sudo user.
sudo apt update
sudo apt upgrade -y
Change to the directory where you want your stuff to reside. WARNING: Make sure to replace /var/www in the commands, sources and patches used below, if another directory is used. cd /var/www
Prepare repositories and install all required packages. For Node.js, use this one instead of the version from Ubuntu. For Java, use JDK 11 as TomCat9 does not look for JDK 17, even if the DSpace documentation states that 17 is OK too. If you want to use the latter (untested!), modifiy /usr/libexec/tomcat9/tomcat-locate-java.sh as explained here.
sudo apt purge -y nodejs npm libnode72 libjs-highlight.js
curl -fsSL https://deb.nodesource.com/setup_18.x | sudo -E bash -
curl -sL https://dl.yarnpkg.com/debian/pubkey.gpg | gpg --dearmor | sudo tee /usr/share/keyrings/yarnkey.gpg >/dev/null
echo "deb [signed-by=/usr/share/keyrings/yarnkey.gpg] https://dl.yarnpkg.com/debian stable main" | sudo tee /etc/apt/sources.list.d/yarn.list
sudo apt-get update
sudo apt install -y wget openjdk-11-jre openjdk-11-jdk maven ant postgresql postgresql-client postgresql-contrib git nodejs yarn snap openssl
sudo npm install --global pm2
sudo snap install core; sudo snap refresh core
sudo snap install --classic certbot
sudo ln -s /snap/bin/certbot /usr/bin/certbot
Download solr, dspace sources, patches & sample config files. WARNING: Make sure to check & adapat all the patches and sample config files downloaded from github gist. Mind the: working directory, usernames, passwords, domain names, etc.
wget -O solr-9.2.1.tgz https://www.apache.org/dyn/closer.lua/solr/solr/9.2.1/solr-9.2.1.tgz?action=download
wget https://downloads.apache.org/solr/solr/9.2.1/solr-9.2.1.tgz.sha512
sha512sum -c solr-9.2.1.tgz.sha512
wget https://download.db-ip.com/free/dbip-city-lite-2023-05.mmdb.gz
wget https://github.com/DSpace/DSpace/archive/refs/tags/dspace-7.5.tar.gz
wget -O dspace-ui-7.5.tar.gz https://github.com/DSpace/dspace-angular/archive/refs/tags/dspace-7.5.tar.gz
wget https://gist.githubusercontent.com/cdjalel/89234b6ebaef2ddd35f017d81a234168/raw/42f4e78145ea20045165cf2d66b1ef0fd122e13e/solrconfig.patch
wget https://gist.githubusercontent.com/cdjalel/fc2cf82a50fd39061cfbc7c829780908/raw/0f03fc75898d41be8cf7760aaf834657f9f2363e/pg_hba.patch
wget https://gist.githubusercontent.com/cdjalel/3836654ccaf9a23e5967421195a5c6d0/raw/d2580e2643e0671e83bc995e38be5dc6a570f9f3/local.cfg
wget https://gist.githubusercontent.com/cdjalel/01e69def5cf0fb160a58560e18a41861/raw/e361a0494751c65e720af5759279884287aeec92/server.xml
wget https://gist.githubusercontent.com/cdjalel/35947a18ca8b21bf3336edff2d7eafa2/raw/e3b7cddf9ff489a193775b8b7b278cf13d508c8b/tomcat.cron
wget -O tomcat-server.xml https://gist.githubusercontent.com/cdjalel/e222adc72449ec5928a1fa1e2974be37/raw/48349841a9518070816a4ec60025886c71e0e8f9/server.xml
wget https://gist.githubusercontent.com/cdjalel/cda0d3f07ef45df04413ca13436df470/raw/9f4382b0bbd5895530f4e8b7021aee35852335e3/myunivdspace.conf
wget https://gist.githubusercontent.com/cdjalel/187532c653bf9addb459e5d66989d954/raw/0199899f8963ced50e31d1ec6e09c1771f3f8f45/myunivdspace-le-ssl.conf
wget https://gist.githubusercontent.com/cdjalel/db7a290f8209f18b4d1e89425754e386/raw/c5a74a90991703fe137d3ca30206d685c2485420/config.prod.yml
wget https://gist.githubusercontent.com/cdjalel/87ae51035de3b8688b6d1a42348b9ed8/raw/3f985271bd16643c5e8fac2705876eb38fda163f/dspace-ui.json
tar xfvpz dspace-7.5.tar.gz
mv DSpace-dspace-7.5 dspace-src
tar xfvpz dspace-ui-7.5.tar.gz
mv dspace-angular-dspace-7.5 dspace-ui-src
tar fzvpx solr-9.2.1.tgz
Set Java envs.
sudo bash -c 'echo JAVA_HOME=\"/usr/lib/jvm/java-17-openjdk-amd64\" >> /etc/environment'
sudo bash -c 'echo JAVA_OPTS=\"-Xmx512M -Xms64M -Dfile.encoding=UTF-8\" >> /etc/environment'
source /etc/environment
echo "JAVA_HOME="\"${JAVA_HOME}\"
echo "JAVA_OPTS"=\"${JAVA_OPTS}\"
Bump up max open files for solr.
sudo bash -c "echo 'solr soft nofile 65536' >> /etc/security/limits.conf"
echo -n "Max open files for solr="
sudo -u solr bash -c "ulimit -Sn"
sudo -u postgres createuser --no-superuser --pwprompt dspace
sudo -u postgres createdb --owner=dspace --encoding=UNICODE dspace
sudo -u postgres psql dspace -c "CREATE EXTENSION pgcrypto;"
Check that database server encoding is UTF8.
sudo -u postgres psql -c "SHOW SERVER_ENCODING"
sudo patch /etc/postgresql/14/main/pg_hba.conf pg_hba.patch
sudo systemctl restart postgresql
sudo systemctl status postgresql
If needed, remove old versions of Solr.
sudo -u solr /opt/solr/bin/solr stop
sudo find /etc/ -name '*solr*' -exec rm {} \;
sudo rm -rf /opt/solr*
sudo rm -rf /var/solr
Install Solr.
sudo solr-9.2.1/bin/install_solr_service.sh solr-9.2.1.tgz -i `pwd` /var/www -n
sudo rmdir /var/solr/data
sudo ln -s `pwd`/solr /var/solr/data
Change the 'search' core config in the dspace backend so it works with Solr v9. Then populate Solr with the 4 cores from dspace backend. See this link
patch -R dspace-src/dspace/solr/search/conf/solrconfig.xml solrconfig.patch
cp -R dspace-src/dspace/solr/* solr/server/solr/configsets
sudo chown -R solr:solr solr*
Start and check Solr.
sudo systemctl start solr
sudo netstat -tlnp | grep 8983
sudo less /var/solr/logs/solr.log
You should see 4 cores in solr.log
INFO (main) [] o.a.s.c.CorePropertiesLocator Found 4 core definitions underneath /var/solr/data
INFO (main) [] o.a.s.c.CorePropertiesLocator Cores are: [search, oai, statistics, authority]
And should see the addition of the search core libs.
INFO (coreLoadExecutor-10-thread-1) [ x:search] o.a.s.c.SolrResourceLoader Added 81 libs to classloader, ...
Solr GUI should be accessible locally at 127.0.0.1:8983 or remotly via ssh port forwarding. Click on collections -> search.
desktop_node> ssh -L 1234:127.0.0.1:8983 <dspace-server>
desktop_node> firefox 127.0.0.1:1234/solr
Make sure you don't skip importan configurations by comparing the gist local.cfg (downloaded with wget above) with the one copied from local.cfg.EXAMPLE below.
cp dspace-src/dspace/config/local.cfg.EXAMPLE dspace-src/dspace/config/local.cfg
vim -d local.cfg dspace-src/dspace/config/local.cfg
mkdir dspace
cd dspace-src
mvn package
cd dspace/target/dspace-installer
ant fresh_install
cd ../../../..
dspace/bin/dspace database migrate
sudo cp server.xml /etc/tomcat9/Catalina/localhost/
sudo chown root:tomcat /etc/tomcat9/Catalina/localhost/server.xml
dspace/bin/dspace create-administrator
sudo chown -R tomcat:tomcat dspace
sudo -u tomcat crontab tomcat.cron
sudo patch /etc/tomcat9/server.xml tomcat-server.xml
sudo systemctl daemon-reload
sudo systemctl restart tomcat9
sudo systemctl status tomcat9
You should see Spring ascii art and the next line in the log
... tomcat9[691818]: :: Spring Boot :: (v2.6.8)
Generate an SSL certificate for HTTPS support in a production environment. You can use the free Let's encrypt certbot. WARNING: Mind the .edu TLD. This guide' config files use a development server with the .test TLD.
sudo certbot --apache -d dspace.myuniv.edu
Alternatively, on a test server, use a self-signed certificate generated with openssl. In this case, Node.js must be instructed to trust the self-signed certificate of the REST API (the backend). See this link for more info and make sure to add the next environment variable.
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/dspace-selfsigned.key -out /etc/ssl/certs/dspace-selfsigned.crt
In this case, Node.js must be instructed to trust the self-signed certificate of the REST API (the backend) or to ignore its validation. This link proposes a solution based on an environment variable that adds the certificate to trust to Node.js. BUT IT DIDN'T WORK FOR ME.
sudo bash -c 'echo NODE_EXTRA_CA_CERTS=\"/etc/ssl/certs/dspace-selfsigned.crt\" >> /etc/environment'
source /etc/environment
echo "NODE_EXTRA_CA_CERTS="\"${NODE_EXTRA_CA_CERTS}\"
What works at the time of writing of these lines is to make Node.js ignore the certificate validation through another environment variable, which is NODE_TLS_REJECT_UNAUTHORIZED=0. However to make sure it is picked by the pm2 process manager, it must be added to the env section of the dspace-ui.json file. WARNING: DO NOT USE THIS ON A PRODUCTION SERVER.
"env": {
...
"NODE_TLS_REJECT_UNAUTHORIZED":"0"
}
WARNING: Adapt the Apache config file to your domain.
sudo cp myunivdspace.conf /etc/apache2/sites-available/
sudo ln -s /etc/apache2/sites-available/myunivdspace.conf /etc/apache2/sites-enabled/myunivdspace.conf
sudo cp myunivdspace-le-ssl.conf /etc/apache2/sites-available/
sudo ln -s /etc/apache2/sites-available/myunivdspace-le-ssl.conf /etc/apache2/sites-enabled/myunivdspace-le-ssl.conf
sudo a2enmod proxy
sudo a2enmod proxy_http
sudo a2enmod proxy_ajp
sudo systemctl restart apache2
Check that the backend works over HTTPS.
desktop_node> firefox dspace.myuniv.test/server
cd dspace-ui-src/
yarn install
yarn build:prod
Test connection to the REST API, look for a RESPONSE 200.
cp ../config.prod.yml config/
yarn test:rest
Install the UI with its config.
mkdir ../dspace-ui
cp -r dist ../dspace-ui
cd ../dspace-ui
mkdir config
mv ../config.prod.yml config/
mv ../dspace-ui.json .
Test the Node.js UI with the next command, then kill it with Ctrl+C. Look for "Listening at http://localhost:4000/" When browsing https://dspace.myuniv.test, GET messages with 200 should show up on the console where Node.js runs.
node ./dist/server/main.js
Use the package manager to run the UI in cluster mode for better performance.
pm2 start dspace-ui.json
If there is a problem with the UI, start by the browser developer tools console! Then, check the frontend logs with:
pm2 logs
To make the Dspace UI availabe after boot (assuming it is running now):
sudo pm2 save
sudo pm2 startup
How to configure and customize the UI and much more? look HERE.