...
CentOS (http://www.centos.org) is based on the same sources as Red Hat Enterprise Linux.
KNMI describes installation on Red Hat Linux here: http://dev.knmi.nl/projects/adagucserver/wiki/Installation
This recipe has been followed. In short it is repeated here.
Note: unless otherwise stated, the commands are (Bash) shell commands.
Setup prerequisites
Verify yum configuration for EPEL repository:
[mylocalhost]# yum repolist
Install from EPEL repository (compiling netcdf and hdf5 is not needed in this case):
[mylocalhost]# yum install gcc gcc-c++ mercurial libpng-devel zlib-devel libxml2-devel gd-devel netcdf-devel hdf5-devel proj-devel postgresql-devel udunits2-devel gdal-devel cairo-devel httpd postgresql-server libsqlite3x-devel
Note: somehow this install was not completed successfully because later on the compiler complained about missing dependencies. I just re-executed this yum install (with all packges listed) and after that all worked fine.
Compile ADAGUC server
Setup a directory structure for ADAGUC in /opt:
/opt/adaguc/adagucviewer
stores ADAGUC client/viewer related files and components
/opt/adaguc/services
stores ADAGUC server runtime related configuration, logs and optionally data
/opt/adaguc/software
tree with ADAGUC server source files; should not be present on a production environment
...
CentOS has a default Apache installation and this will be used for ADAGUC. Hence ownership of all files and directories involved is assigned explicitly to OS-user apache and OS-group apache (apache:apache).
get ADAGUC server source components from KNMI's Mercurial repository:
[mylocalhost]# hg clone http://dev.knmi.nl/hg/adagucserver /opt/adaguc/software
start compile by executing compile.sh from /opt/adaguc/software directory. It could be necessary to set the executbale flag first:
[mylocalhost]# chmod +x compile.sh
[mylocalhost]# ./compile.sh
...
The Apache configuration needs some adaption. On CentOS the Apache configuration definition can be found in /etc/httpd/conf/httpd.conf. Adaptions/changes were made in the VirtualHost-section:
Code Block |
---|
<VirtualHost *:80>
ServerAdmin webmaster@localhost
DocumentRoot /opt/adaguc/adagucviewer/
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /opt/adaguc/adagucviewer/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /var/www/cgi-bin/
<Directory "/var/www/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
AddHandler cgi-script .cgi
ErrorLog /var/log/httpd/adaguc_error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog /var/log/httpd/adaguc_access.log combined
</VirtualHost>
|
...
ADAGUC server requires a PostgreSQL RDBMS. PostgreSQL is not installed by default on CentOS. It should have been installed by the Setup prerequisites actions. I'm not sure why I (re)installed PostgreSQL here.
Install PostgreSQL
[mylocalhost]# yum install postgresql.x86_64
Initialise database
(PostgreSQL data directory : /var/lib/pgsql/data)[mylocalhost]# service postgresql initdb
If necessary change connection constraints in /var/lib/pgsql/data/pg_hba.conf.
Code Block # TYPE DATABASE USER CIDR-ADDRESS METHOD # "local" is for Unix domain socket connections only local all all trust # IPv4 local connections: host all all 127.0.0.1/32 trust
...
[mylocalhost]# service postgresql reload |
---|
Enable PostgreSQL service startup at boot time
[mylocalhost]# chkconfig postgresql on
Create ADAGUC database
[mylocalhost]# su - postgres
Start psql client:
[mylocalhost]# psql
and execute these SQL statements:
Code Block create user adaguc password 'adaguc'; create database mydemo with owner=adaguc; grant connect on database mydemo to adaguc; grant all on database mydemo to adaguc;
...
It was the initial idea to setup ADAGUC in a directory structure under /opt. Then here you will have the WMS configurations, the related CGI-script and optionally local data files close together. By means of file system privileges it is possible to allow non-root users to add, configure ADAGUC WMS.
However SELinux does not allow for Apache to execute CGI-bin scripts that are outside of /var/www/cgi-bin. The use of symbolic links in /var/www/cgi-bin does not change this.
On top of that it is also not allowed to call executables from CGI-bin scripts that are located outside of this path.
These SELinux constraints are configurable. However this has not been changes yet. A shortcut was followed in slacking the SELinux constraints from enforcing to permissive in /etc/sysconfig/selinux:
Code Block |
---|
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=permissive
# SELINUXTYPE= can take one of these two values:
# targeted - Targeted processes are protected,
# mls - Multi Level Security protection.
SELINUXTYPE=targeted
|
...
The ADAGUC Viewer is a mix of JavaScript and PHP coding. Setup of the viewer on a web server is done as follows:
get ADAGUC viewer components from KNMI's Mercurial repository:
[mylocalhost]# hg clone http://dev.knmi.nl/hg/adagucviewer /opt/adaguc
...