From 6929f80075e4a544193a1441f16c5ece662e6f69 Mon Sep 17 00:00:00 2001
From: lb584 <lb584@cam.ac.uk>
Date: Tue, 13 Aug 2024 12:03:53 +0100
Subject: [PATCH] doc updates for new python env for ews-browser
---
docs/_source/iaas_setup.rst | 156 ++++++++++++++++--------------------
1 file changed, 71 insertions(+), 85 deletions(-)
diff --git a/docs/_source/iaas_setup.rst b/docs/_source/iaas_setup.rst
index 87adcac..3e5441f 100644
--- a/docs/_source/iaas_setup.rst
+++ b/docs/_source/iaas_setup.rst
@@ -173,25 +173,27 @@ sudo chown -R ewsmanager:ews EWS_prod/
sudo chmod -R g+s EWS_prod/
sudo chmod -R g+w EWS_prod/
-**3: follow the deployment instructions in this doc.**
+**3: follow the deployment instructions.**
-https://docs.google.com/document/d/1nW0eZJoLLOFzb3Yp4OonhwrbOS2UFELok_QQflb-EUc/edit?usp=sharing
Install and setup the apache server (file downloads and ews_browser)
setup dirs for apache:
-sudo mkdir /storage/webdata/Ethiopia
-sudo mkdir /storage/webdata/SouthAsia
-sudo chown ewsmanager:ews SouthAsia/ Ethiopia/
-sudo chmod g+ws Ethiopia/
-sudo chmod g+ws SouthAsia/
+.. code-block:: bash
+
+ sudo mkdir /storage/webdata/Ethiopia
+ sudo mkdir /storage/webdata/SouthAsia
+ sudo chown ewsmanager:ews SouthAsia/ Ethiopia/
+ sudo chmod g+ws Ethiopia/
+ sudo chmod g+ws SouthAsia/
-sudo mkdir /storage/app/ews_browser
-sudo chown ewsmanager:ews ews_browser
-sudo chmod g+ws ews_browser
+.. code-block:: bash
-ln -s /storage/webdata/Ethiopia /var/www/html/Ethiopia
-ln -s /storage/webdata/SouthAsia /var/www/html/SouthAsia
+ sudo mkdir /storage/app/ews_browser
+ sudo chown ewsmanager:ews ews_browser
+ sudo chmod g+ws ews_browser
+ ln -s /storage/webdata/Ethiopia /var/www/html/Ethiopia
+ ln -s /storage/webdata/SouthAsia /var/www/html/SouthAsia
install apache and other libs:
@@ -199,77 +201,47 @@ apt-get -qq install --assume-yes apache2 apache2-dev apache2-utils ssl-cert liba
(if you get prompted about a newer version of the sshd_conf file being available, keep the current one as we modified this already.)
-install miniconda:
-
-export CONDA_DIR='/home/miniconda3'
-
-wget https://repo.anaconda.com/miniconda/Miniconda3-latest-Linux-x86_64.sh -O /home/miniconda.sh
-/bin/bash /home/miniconda.sh -b -p $CONDA_DIR
-
-export PATH=$CONDA_DIR/bin:$PATH
-conda init bash
-
-create a file called ews_browser.yml and paste the following:
-
-name: /home/conda/ews_browser
-channels:
- - conda-forge
- - defaults
-dependencies:
- - _libgcc_mutex=0.1=conda_forge
- - _openmp_mutex=4.5=2_gnu
- - ca-certificates=2022.6.15=ha878542_0
- - click=8.1.3=py38h578d9bd_0
- - flask=2.2.2=pyhd8ed1ab_0
- - importlib-metadata=4.11.4=py38h578d9bd_0
- - itsdangerous=2.1.2=pyhd8ed1ab_0
- - jinja2=3.1.2=pyhd8ed1ab_1
- - ld_impl_linux-64=2.36.1=hea4e1c9_2
- - libffi=3.4.2=h7f98852_5
- - libgcc-ng=12.1.0=h8d9b700_16
- - libgomp=12.1.0=h8d9b700_16
- - libnsl=2.0.0=h7f98852_0
- - libsqlite=3.39.2=h753d276_1
- - libstdcxx-ng=12.1.0=ha89aaad_16
- - libzlib=1.2.12=h166bdaf_2
- - markupsafe=2.1.1=py38h0a891b7_1
- - ncurses=6.3=h27087fc_1
- - openssl=3.0.5=h166bdaf_1
- - pip=22.2.2=pyhd8ed1ab_0
- - python=3.8.12=h0744224_3_cpython
- - python_abi=3.8=2_cp38
- - readline=8.1.2=h0f457ee_0
- - setuptools=65.3.0=pyhd8ed1ab_1
- - sqlite=3.39.2=h4ff8645_1
- - tk=8.6.12=h27826a3_0
- - werkzeug=2.2.2=pyhd8ed1ab_0
- - wheel=0.37.1=pyhd8ed1ab_0
- - xz=5.2.6=h166bdaf_0
- - zipp=3.8.1=pyhd8ed1ab_0
- - pip:
- - mod-wsgi==4.9.3
-prefix: /home/conda/ews_browser
-
-conda env create -f /home/ews_browser.yml -p /home/conda_envs/ews_browser
+create a venv for the ews_browser, activate it and install the requirements:
+
+.. code-block:: bash
+
+ mkdir -p /storage/app/ews_browser/env
+ python3 -m venv /storage/app/ews_browser/env/browser_env
+ source /storage/app/ews_browser/env/browser_env/bin/activate
+ pip install flask mod-wsgi
(faff) modify the wsgi.load script in /etc/apache2/mods-available to point to the same python as used by the ews_browser
Enable the conda env for the project:
-conda activate /home/conda_envs/ews_browser
+you are probably still in the active environment from the previous step, you will need to be in the new browser_env with a user that has sudo privileges. If necessary, deactivate the existing env and reactivate with a sudo user:
+
+.. code-block:: bash
+
+ source /storage/app/ews_browser/env/browser_env/bin/activate
+
+.. code-block:: bash
-which mod_wsgi-express
+ which mod_wsgi-express
gives you:
-/home/conda_envs/ews_browser/bin/mod_wsgi-express
+.. code-block:: bash
+
+ /storage/app/ews_browser/env/browser_env/bin/mod_wsgi-express
-sudo /home/conda_envs/ews_browser/bin/mod_wsgi-express install-module
+run the install-module command using the exe from the previous step:
+
+.. code-block:: bash
+
+ sudo /storage/app/ews_browser/env/browser_env/bin/mod_wsgi-express install-module
gives you:
-LoadModule wsgi_module "/usr/lib/apache2/modules/mod_wsgi-py38.cpython-38-x86_64-linux-gnu.so"
-WSGIPythonHome "/home/conda_envs/ews_browser"
+.. code-block:: bash
+
+ LoadModule wsgi_module "/usr/lib/apache2/modules/mod_wsgi-py38.cpython-38-x86_64-linux-gnu.so"
+ WSGIPythonHome "/storage/app/ews_browser/env/browser_env"
put the above line as the text in:
@@ -277,6 +249,11 @@ put the above line as the text in:
This means that apache wsgi will use the version of python that is used by the app to which it is binding.
+.. admonition:: Note
+
+ There are config files in the ews-browser project (in gitlab) that point to this python environment. Make sure ews_browser_client_africa.conf and ews_browser_client_asia.conf have the correct python path
+
+
prepare certificates and passwords for apache:
copy the default-ssl.conf file into /etc/apache2/sites_available. See notes on installing genuine certificates below (once the server is up and running).
@@ -371,22 +348,25 @@ The RewriteEngine is set to “Off†when not redirecting
**modify the ews browser wsgi conf files to point to the html directory, rather than the code:**
-/etc/apache2/sites-available/ews_browser_client_africa.conf
-/etc/apache2/sites-available/ews_browser_client_asia.conf
+.. code-block:: bash
+
+ /etc/apache2/sites-available/ews_browser_client_africa.conf
+ /etc/apache2/sites-available/ews_browser_client_asia.conf
**comment in the directory mapping in place of the WSGI mapping. e.g.**
-WSGIDaemonProcess ews_browser_asia user=ewsmanager group=ewsmanager threads=5 python-home=/home/conda_envs/ews_browser/
- WSGIScriptAlias /ews_browser_asia /storage/app/ews_browser/code/src/main/python/ews_browser_asia.wsgi
- <Directory "/storage/app/ews_browser/code/src/main/python/">
- WSGIProcessGroup ews_browser_asia
- WSGIScriptReloading On
- WSGIApplicationGroup %{RESOURCE}
- Require all granted
- </Directory>
+#IAAS
+ WSGIDaemonProcess ews_browser_africa user=ewsmanager group=ewsmanager threads=5 python-home=/storage/app/EWS_prod/envs/browser_env
+ WSGIScriptAlias /ews_browser_africa /storage/app/ews_browser/code/src/main/python/ews_browser_africa.wsgi
+ <Location "/ews_browser_africa">
+ AuthType Basic
+ AuthName "Restricted Content"
+ AuthUserFile /etc/apache2/.htpasswd
+ Require user ethiopia admin
+ </Location>
ErrorLog /storage/app/ews_browser/outputs/ews_browser_client_error.log
-# IF THE SITE IS DOWN FOR MAINTENANCE, COMMENT THIS BLOCK IN AND THE ONE ABOVE OUT - IT WILL USE THE REDIRECT IN .HTACCESS TO DISPLAY THE MAINTENANCE MESSAGE
+# IF THE SITE IS DOWN FOR MAINTENANCE, COMMENT THIS BLOCK IN ANF THE ONE ABOVE OUT - IT WILL USE THE REDIRECT IN .HTACCESS TO DISPLAY THE MAINTENENCE MESSAGE
#<Directory /var/www/>
# Options Indexes FollowSymLinks
# AllowOverride All
@@ -467,13 +447,17 @@ deploy the ews_browser code
**create a symlink to the wsgi conf files**
-ln -s /storage/app/ews_browser/code/src/main/python/ews_browser_client_asia.conf ews_browser_client_asia.conf
-ln -s /storage/app/ews_browser/code/src/main/python/ews_browser_client_africa.conf ews_browser_client_africa.conf
+.. code-block:: bash
+
+ ln -s /storage/app/ews_browser/code/src/main/python/ews_browser_client_asia.conf ews_browser_client_asia.conf
+ ln -s /storage/app/ews_browser/code/src/main/python/ews_browser_client_africa.conf ews_browser_client_africa.conf
**activate the sites:**
-a2ensite ews_browser_client_africa.conf
-a2ensite ews_browser_client_asia.conf
+.. code-block:: bash
+
+ a2ensite ews_browser_client_africa.conf
+ a2ensite ews_browser_client_asia.conf
**start server:**
@@ -734,4 +718,6 @@ sudo journalctl -r -u airflow-scheduler.service
sudo journalctl -r -u airflow-webserver.service
+General apache logs:
+/var/log/apache2/error.log
--
GitLab