Gruppo Meteo/HowTo/server-centos

Da raspibo.
Jump to navigation Jump to search

Installazione RMAP server su centos 7

istallazione sistema operativo

TBD

/etc/selinux/config 

SELINUX=disabled

/etc/tmpfiles.d/rmap.conf 

d /run/wsgirmap 0755 rmap rmap -
d /var/run/rmap 0755 rmap rmap -
d /var/run/httpd 0755 rmap rmap -

mkdir /rmap
chmod go+rx /rmap

/etc/sysconfig/crond 

CRONDARGS=-s -m off

mkdir /var/log/rmap
chown -R rmap:rmap rmap

postgresql

yum install postgresql-server postgresql-contrib yum install python-psycopg2

/var/lib/pgsql/data/pg_hba.conf 

# TYPE  DATABASE        USER            ADDRESS                 METHOD                                                                

# "local" is for Unix domain socket connections only                                                                                  
# allow postgres user to use "ident" authentication on Unix sockets                                                                   
local   all             postgres                                ident
# allow all other users to use "md5" authentication on Unix sockets                                                                   
local   all             all                                     md5
# IPv4 local connections:                                                                                                             
host    all             all             127.0.0.1/32            md5
# IPv6 local connections:                                                                                                             
host    all             all             ::1/128                 md5


/var/lib/pgsql/data/postgresql.conf 

max_connections = 100
shared_buffers = 128MB
work_mem = 100MB
maintenance_work_mem = 200MB
effective_cache_size = 1GB



mkdir /etc/systemd/system/postgresql.service.d/

/etc/systemd/system/postgresql.service.d/rmap.conf 

[Service]

# Location of database directory
Environment=PGDATA=/rmap/pgsql/data

mkdir /rmap/pgsql/
chown postgres:postgres /rmap/pgsql/
mv /var/lib/pgsql/data /rmap/pgsql/

su - postgres
initdb
exit

systemctl enable postgresql.service
systemctl start postgresql.service

su - postgres
createuser -P -e rmapadmin
createdb --owner=rmapadmin rmapadmin
exit

/etc/rmap/rmap-site.cfg 

[database]
DATABASE_ENGINE = 'postgresql_psycopg2' # 'postgresql_psycopg2', 'postgresql', 'mysql', 'sqlite3' or 'ado_mssql'.                     
DATABASE_NAME = 'rmapadmin'             # Or path to database file if using sqlite3.                                                  
DATABASE_USER = 'rmapadmin'             # Not used with sqlite3.                                                                      
DATABASE_PASSWORD = 'rmapadmin'         # Not used with sqlite3.                                                                      
DATABASE_HOST = 'localhost'             # Set to empty string for localhost. Not used with sqlite3.                                   
DATABASE_PORT = '5432'                  # Set to empty string for default. Not used with sqlite3.                                     

rmapctrl --syncdb



su - postgres
createuser -P -e rmap
createdb --owner=rmap report_fixed
createdb --owner=rmap report_mobile
createdb --owner=rmap sample_fixed
createdb --owner=rmap sample_mobile



exit

apache

yum install mod_wsgi-4.4.21-1.el7.centos.x86_64.rpm

useradd -r rmap
mkdir /home/rmap
chown rmap:rmap /home/rmap

mkdir /rmap/cache
chown rmap:rmap /rmap/cache

/etc/httpd/conf.modules.d/00-mpm.conf 

LoadModule mpm_worker_module modules/mod_mpm_worker.so

<IfModule mpm_worker_module>
#StartServers          2
#MaxClients          150
#MinSpareThreads      25
#MaxSpareThreads      75
#ThreadsPerChild      25
#MaxRequestsPerChild   0
ServerLimit         16
StartServers         2
MaxRequestWorkers  150
MinSpareThreads     10
MaxSpareThreads     35
ThreadsPerChild     15
MaxRequestWorkers      240
MaxConnectionsPerChild 10000
</IfModule>


/etc/httpd/conf.d/rmap.conf 

ServerName rmap.it

WSGISocketPrefix /run/wsgirmap/rmap
WSGIDaemonProcess www.rmap.cc user=rmap group=rmap maximum-requests=100 graceful-timeout=200 processes=10 threads=5 request-timeout=180 socket-timeout=180 header-buffer-  size=65000
WSGIProcessGroup www.rmap.cc
WSGIApplicationGroup %{GLOBAL}


<VirtualHost *:80 >
   ServerName rmap.it
   ServerAlias rmap.cc rmapv.rmap.cc rmapv.rmap.it www.rmap.cc www.rmapv.rmap.cc www.rmap.it www.rmapv.rmap.it localhost localhost.localdomain 127.0.0.1 partecipa.rainbolife.eu
   Include conf.d/rmap.inc
</VirtualHost>



chkconfig httpd on
service httpd start


Arkimet

useradd  -r arkimet
mkdir /rmap/arkimet/
chown -R arkimet:arkimet /rmap/arkimet/

/etc/sysconfig/arkimet 

DATASET_CONFIG="/rmap/arkimet/arkimet.conf"


add in /etc/arkimet/scan-bufr/generic.lua 

   if report == "mobile"
   then
       area = bufr_read_area_mobile(msg)
   end

chkconfig arkimet on
service arkimet start

Sincronizzazione DB

Server di origine

rmapctrl --dumpdata > dumpdata.json

rimuovere le prime righe che non sono json 

dbadb export --dsn="mysql:///report_fixed?user=rmap&password=****" > report_fixed.bufr
dbadb export --dsn="mysql:///report_mobile?user=rmap&password=****" > report_mobile.bufr
dbadb export --dsn="mysql:///sample_fixed?user=rmap&password=****" > sample_fixed.bufr
dbadb export --dsn="mysql:///sample_mobile?user=rmap&password=****" > sample_mobile.bufr


Server di destinazione

Da interfaccia web admin rimuovere TUTTI gli utenti (compreso rmap) 

rmapctrl --loaddata=dumpdata.json



dbadb import --wipe-first --dsn="postgresql://rmap:***@localhost/report_fixed" report_fixed.bufr
dbadb import --wipe-first --dsn="postgresql://rmap:***@localhost/report_mobile" report_mobile.bufr
dbadb import --wipe-first --dsn="postgresql://rmap:***@localhost/sample_mobile" sample_mobile.bufr
dbadb import --wipe-first --dsn="postgresql://rmap:***@localhost/sample_fixed" sample_fixed.bufr

cd /usr/share/rmap/
rsync -av utente@serverorigine:/usr/share/rmap/media .

Mosquitto

yum install mosquitto
mkdir git
cd git
git clone https://github.com/jpmens/mosquitto-auth-plug.git
cp  config.mk.in  config.mk
emacs config.mk  (disable mysql; enable http)   
make
cp auth-plug.so /usr/lib64/
mkdir /etc/mosquitto/conf.d
mkdir /rmap/mosquitto
chown mosquitto:mosquitto /rmap/mosquitto

/etc/mosquitto/conf.d/rmap.conf 

persistent_client_expiration 1d
allow_anonymous true
password_file /etc/mosquitto/pwfile
acl_file /etc/mosquitto/aclfile
log_type error
log_type warning
auth_plugin /usr/lib64/auth-plug.so
auth_opt_backends http
auth_opt_http_hostname localhost
auth_opt_http_ip 127.0.0.1
auth_opt_http_port 80
auth_opt_http_getuser_uri /auth/auth
auth_opt_http_superuser_uri /auth/superuser
auth_opt_http_aclcheck_uri /auth/acl

pid_file /var/run/mosquitto.pid

persistence true
persistence_location /rmap/mosquitto/


/etc/mosquitto/aclfile 

topic read #
topic write test/#

# This only affects clients with username "rmap".
user rmap
topic #
 
pattern write rmap/%u/#
pattern write sample/%u/#

pattern write report/%u/#
pattern write fixed/%u/#

pattern write mobile/%u/#

pattern write maint/%u/#

pattern write rpc/%u/#

add in /etc/mosquitto/mosquitto.conf 

include_dir /etc/mosquitto/conf.d

chkconfig mosquitto on
service mosquitto start

Rabbitmq

curl -s https://packagecloud.io/install/repositories/rabbitmq/rabbitmq-server/script.rpm.sh |bash
wget https://packages.erlang-solutions.com/erlang-solutions-1.0-1.noarch.rpm
rpm -Uvh erlang-solutions-1.0-1.noarch.rpm
yum install rabbitmq-server


in /etc/rabbitmq/rabbitmq.config 

[
  {rabbit, 
    [
      {auth_backends, [rabbit_auth_backend_internal, rabbit_auth_backend_http]},
      {loopback_users, []}
    ]
  },
  {rabbitmq_auth_backend_http,
    [{user_path,     "http://localhost/auth/user"},
      {vhost_path,    "http://localhost/auth/vhost"},
      {resource_path, "http://localhost/auth/resource"}
    ]
  }
].



rabbitmq-plugins enable rabbitmq_auth_backend_http
rabbitmq-plugins enable rabbitmq_management
rabbitmq-plugins enable rabbitmq_management_visualiser
rabbitmq-plugins enable rabbitmq_shovel
rabbitmq-plugins enable rabbitmq_shovel_management

forse: 

chown rabbitmq:rabbitmq /var/lib/rabbitmq/.erlang.cookie
chmod 600 /var/lib/rabbitmq/.erlang.cookie

chkconfig rabbitmq-server on
service rabbitmq-server start


login at management interface with user "guest" and password "guest" on overview page use import definition to configure exchange, queue and users with the same management interface remove "guest" user and login with a new real user

Monit

yum install monit

comment everithings and add in /etc/monitrc 

set daemon  60              # check services at 1-minute intervals
set log syslog
set httpd port 5925 and
   allow rmap:<password>        # require user 'admin' with password 'monit'
   allow @monit           # allow users of group 'monit' to connect (rw)
   allow @users readonly  # allow users of group 'users' to connect readonly
include /etc/monit.d/*

rm /etc/monit.d/logging

/etc/monit.d/mosquitto 

check process mosquitto with pidfile /var/run/mosquitto.pid

   start program = "/etc/init.d/mosquitto restart"
   stop program = "/etc/init.d/mosquitto stop"
   if failed host localhost port 1883 timeout 30 seconds retry 3 then restart

wget https://raw.githubusercontent.com/r-map/rmap/master/server/etc/monit.d/rmap

chkconfig monit on
service monit start

Cron

cd /etc/cron.d
https://raw.githubusercontent.com/r-map/rmap/master/server/etc/cron.d/arpae_aq_ckan
https://raw.githubusercontent.com/r-map/rmap/master/server/etc/cron.d/dballe2arkimet
https://raw.githubusercontent.com/r-map/rmap/master/server/etc/cron.d/luftdatem
https://raw.githubusercontent.com/r-map/rmap/master/server/etc/cron.d/rmap_generate_summary_cache
Estratto da "https://www.raspibo.org/wiki/index.php?title=Gruppo_Meteo/HowTo/server-centos&oldid=6464"