.. _sec-inst: Installation ************ This page describes the installation procedure of the :ref:`sec-web` and the :ref:`sec-be`. Both, the back-end and the web interface, are integrated into the :term:`SeisComP` environment. The following tables shows the location of the :term:`GDS` bundle: ================================== =========== Location Description ================================== =========== `$SEISCOMP_ROOT/bin/gds` Binary of the back-end server `$SEISCOMP_ROOT/bin/quakelink` Binary of the QuakeLink server `$SEISCOMP_ROOT/share/gds/tools` Python framework for content filter and spooler scripts as well as sample implementations `$SEISCOMP_ROOT/share/gds/web` Base directory of the :ref:`sec-web` ================================== =========== .. _sec-inst-req: Requirements ============ The :term:`GDS` relies on the following packages: ============================================= ======================== Dependency Required by ============================================= ======================== Python >= 3.6 web interface Python >= 2.7 back-end Django = 3.2.* web interface Django-Bitfield web interface Django-Extensions web interface (optional) Django-SimpleHistory = 3.0.* web interface MySQL or PostgreSQL server back-end, web interface Python3 MySQL (2.0.1) or PostgreSQL interface web interface psycopg2 2.5.4 (PostgreSQL only) web interface NGINX web server including Gunicorn web interface (optional) :ref:`sec-inst-req-ql` back-end, web interface ============================================= ======================== The installation of a web server is optional since Django ships with a tiny build-in web server. This build-in server is sufficient for testing purposes and if the :term:`GDS` should be configured respectively monitored only locally (same machine). To use the full potential of the web configuration approach, the integration into an NGINX web server is recommended. .. note:: In addition to the dependencies listed above more packages are required by the :term:`SeisComP` environment. Please refer to the SeisComP manual. Since SeisComP version *Seattle* dependencies may be installed via ``seiscomp install-deps``. Issue ``seiscomp help install-deps`` for a list of available packages. Furthermore you might want to use the same database management system for the GDS database as used by the SeisComP messaging system to safe computational resources. .. _sec-inst-req-ubuntu: Ubuntu/Debian ------------- Installation of Python3 and the package installer for Python (PIP). .. code-block:: sh sudo apt-get install python3 python3-pip .. _sec-inst-req-ubuntu-database: Database ~~~~~~~~ Install one of the following database management systems (DBMS): - :ref:`MariaDB ` - :ref:`MySQL ` - :ref:`PostgreSQL ` For production environments it is also recommended to install the :ref:`NGINX ` web server. .. _sec-inst-req-ubuntu-mariadb: MariaDB ....... .. code-block:: sh sudo apt-get install mariadb-server mariadb-client libmariadbclient-dev python3 -m pip install --user mysqlclient .. _sec-inst-req-ubuntu-mysql: MySQL ..... .. code-block:: sh sudo apt-get install mysql-server mysql-client libmysqlclient-dev python3 -m pip install --user mysqlclient .. _sec-inst-req-ubuntu-pgsql: PostgreSQL .......... .. code-block:: sh apt-get install postgresql postgresql-client python3 -m pip install --user psycopg2-binary .. _sec-inst-req-ubuntu-nginx: NGINX ~~~~~ .. code-block:: sh sudo apt-get install nginx .. _sec-inst-req-ubuntu-nginx-gunicorn: Gunicorn ~~~~~~~~ .. code-block:: sh python3 -m pip install --user gunicorn .. _sec-inst-req-rhel: RHEL ---- Installation of the Python3 and the package installer for Python (PIP). .. code-block:: sh su - yum install python3 python3-pip exit .. _sec-inst-req-rhel-database: Database ~~~~~~~~ Install one of the following database management systems (DBMS): - :ref:`MariaDB ` - :ref:`PostgreSQL ` For production environments it is also recommended to install the :ref:`NGINX ` web server. .. _sec-inst-req-rhel-mariadb: MariaDB ....... .. code-block:: sh su - yum install mariadb mariadb-server mariadb-devel gcc python3-devel exit python3 -m pip install --user mysqlclient .. _sec-inst-req-rhel-pgsql: PostgreSQL .......... .. code-block:: sh su - yum install postgresql postgresql-client exit python3 -m pip install --user psycopg2-binary .. _sec-inst-req-rhel-nginx: NGINX ~~~~~ .. code-block:: sh su - yum install nginx exit .. _sec-inst-req-rhel-nginx-gunicorn: Gunicorn ~~~~~~~~ .. code-block:: sh python3 -m pip install --user gunicorn .. _sec-inst-req-django: Django ------ The :ref:`sec-web` requires the Django framework as well as the django-bitfield module. Although most distributions offer Django packages, it is highly recommended to use the particular Django version 3.2. To supply the web interface with the required libraries, the Django framework and the bitfield module must be installed. The django-extension package is optional. It provides command line tools, e.g., for template debugging and secret key generation. .. code-block:: sh python3 -m pip install --user django==3.2.* python3 -m pip install --user django-bitfield python3 -m pip install --user django-extensions python3 -m pip install --user django-simple-history==3.0.* .. _sec-inst-req-ql: QuakeLink Server ---------------- As described in the :ref:`sec-intro` the GDS back-end as well as the web front-end depend on the gempa :term:`QuakeLink` server. Similar to the GDS, the QuakeLink server is integrated into the :term:`SeisComP` environment and is started like every other SeisComP application. Although the server may be launched without any configuration file it will be of no use unless an application is running which feeds the server with earthquake information from a data provider like :term:`SeisComP`. The following feeding applications are available: * **sc2ql** -- Connects to a :term:`SeisComP` system and listens for earthquake updates. * **ql2ql** -- Connects to a different QuakeLink server and listens for earthquake updates. * **qlpush** -- Reads SCML (SeisComP Markup Language) data files * **fdsnws2ql** -- Reads event information from FDSNWS services For further reading please refer to the `QuakeLink documentation `_. .. _sec-inst-web: Web Interface ============= .. _sec-inst-web-db: Database Initialization ----------------------- The :term:`GDS` database must be created and permissions have to be granted to a user. .. _sec-inst-web-db-mariadb: MariaDB/MySQL ~~~~~~~~~~~~~ .. code-block:: sh mysql -h localhost -u root -p mysql> CREATE DATABASE gds CHARACTER SET utf8mb4; mysql> GRANT USAGE ON gds.* TO sysop@localhost IDENTIFIED BY 'sysop'; mysql> GRANT ALL PRIVILEGES ON gds.* TO sysop@localhost; If the MySQL server resides on a different machine, the ``localhost`` must be replaced by the server's IP. Also the database name, user and password may need to be modified. Django requires MySQL timezone information. Issue the following command to check if your MySQL database is timezone aware: .. code-block:: sh mysql> SELECT CONVERT_TZ(now(), 'UTC','Europe/Berlin'); If the result is ``NULL`` you need to populate your DBMS with timezone information: .. code-block:: sh mysql_tzinfo_to_sql /usr/share/zoneinfo | mysql -D mysql -u root -p mysql -u root -p -e "FLUSH TABLES;" mysql The GDS offers to log the full bulletin content in the database. Depending on the messages you plan to send and on the operating system you use the default maximum allowed database packet size might be to small. Use the following commands to review the current settings of your DBMS: .. code-block:: sh mysql -h localhost -u root -p mysql> SHOW VARIABLES LIKE 'max_allowed_packet'; If you think you will hit this limit you need to increase the packet size value in your DB server configuration. E.g., for RHEL and MariaDB this is done in the :file:`/etc/my.cnf.d/server.cnf`: .. code-block:: sh [mariadb] max_allowed_packet = 16777216 .. _sec-inst-web-db-pgsql: PostgreSQL ~~~~~~~~~~ .. code-block:: sh sudo -u postgres -i createuser -P -d sysop Enter password for new role: Enter it again: Shall the new role be a superuser? (y/n) n Shall the new role be allowed to create more new roles? (y/n) n createdb -O sysop gds exit .. _sec-inst-web-settings: Create and Adjust Settings -------------------------- The web interface ships with 2 example configuration files. Change to the front-end directory and create a copy of those files. .. code-block:: sh cd $SEISCOMP_ROOT/share/gds/web/gds cp example-settings.py settings.py cp example-settings-production.py settings-production.py The :file:`$SEISCOMP_ROOT/share/gds/web/gds/settings.py` holds the main configuration settings. Although the defaults in place will work for most installations it is a good practice to review them. Especially the connection settings for the database as well as the :term:`GDS` and :term:`QuakeLink` server should be checked. The :file:`$SEISCOMP_ROOT/share/gds/web/gds/settings-production.py` extends the default settings by options needed for a production environment using a reverse proxy, see :ref:`sec-inst-web-proxy`. Typically one may change the value of * ``FORCE_SCRIPT_NAME`` if you a are deploying the GDS on a sub-path other than ``/gds``. * ``ALLOWED_HOSTS`` which must include all IPs and hostnames you will use to access the GDS web interface. **Note:** The Django build-in web server is considered to be insecure and should not be exposed to the public. You may use it in production if your network is properly shielded. .. _sec-inst-web-final: Completing the Installation --------------------------- The database must be initialized with the Django admin tables and the :term:`GDS` model. Also a Django super user must be created to login to the web interface. The 3rd command (``loaddata``) is optional. It will create an example configuration containing an email service, a queue matching for all world-wide events and finally a subscription to this queue. The 4th command (``collectstatic``) is only needed for the production environment. It copies all static files into a single directory (``STATIC_ROOT``) which needs to be served by NGINX. The last command (``generate_secret_key``) generates a secret key used in production. .. code-block:: sh cd $SEISCOMP_ROOT/share/gds/web python3 manage.py migrate python3 manage.py createsuperuser python3 manage.py loaddata sample-data.json python3 manage.py collectstatic python3 manage.py generate_secret_key > gds/secretkey.txt To test the configuration the Django build-in web server may be started: .. code-block:: sh cd $SEISCOMP_ROOT/share/gds/web python3 manage.py runserver By default the server is available under http://localhost:8000 **Note:** The Django build-in web server is considered to be insecure and should not be exposed to the public. You may use it in production if your network is properly shielded. To run the Django build-in server with production settings and to serve on all network interfaces issue the following command: .. code-block:: sh cd $SEISCOMP_ROOT/share/gds/web python3 manage.py runserver --settings=gds.settings-production 0.0.0.0:8000 .. _sec-inst-web-proxy: Web Server Integration ---------------------- If you verified that the build-in web server is running, you may stop it now (``Ctrl+C``) and continue with integration into the `NGINX ` web server. .. _sec-inst-web-nginx: NGINX ~~~~~ NGINX relies on an external WSGI service to map HTTP requests to the Django web application. The communication between NGINX and the WSGI service will be realized through a unix socket, although TCP based deployments are possible, e.g, if both processes should run on different machines. The WSGI service will run under the same user under which Django is installed. The configuration examples use the default SeisComP user ``sysop`` for this purpose. In addition to the WSGI service, the NGINX server will serve static files from `STATIC_ROOT` typically configured to :file:`/usr/share/nginx/html/gds/static`. TODO: .. code-block:: sh sudo mkdir -p /usr/share/nginx/html/gds/static sudo chown sysop:sysop /usr/share/nginx/html/gds/static .. _sec-inst-web-nginx-gunicorn: Gunicorn ~~~~~~~~ * Copy the relevant parts of the ``server`` and ``upstream`` directive from :file:`$SEISCOMP_ROOT/share/gds/web/examples/nginx-gunicorn.conf` to your - :file:`/etc/nginx/nginx.conf` or - :file:`/etc/nginx/sites-available/YOUR-VHOST.conf` in case you are using a virtual host setup If you are deploying the GDS on a path other than ``/gds``, adjust the ``location`` directives accordingly. Make sure the sub-path matches the ``FORCE_SCRIPT_NAME`` variable in your :file:`$SEISCOMP_ROOT/share/gds/web/gds/settings-production.py`. * Copy the Gunicorn configuration file to the Django base directory: .. code-block:: sh cd $SEISCOMP_ROOT/share/gds/web/ cp examples/gunicorn/gunicorn.conf.py . Adjust the configuration, e.g., logging level, path and format if necessary. * Copy the Gunicorn socket and service systemd configuration: .. code-block:: sh sudo cp $SEISCOMP_ROOT/share/gds/web/examples/gunicorn/gunicorn-gds.* /etc/systemd/system Adjust the ``user``, ``group``, or ``WorkingDirectory`` variables if necessary. Then enable and start the service: .. code-block:: sh sudo systemctl enable gunicorn-gds sudo systemctl start gunicorn-gds * Test the NGINX configuration: .. code-block:: sh sudo nginx -t * Enable and start NGINX: .. code-block:: sh sudo systemctl enable nginx sudo systemctl start nginx * Trouble shooting - Check if the socket file :file:`/var/run/gunicorn-gds.sock` was created and ensure that the NGINX user (``nginx`` or ``www-data``) has write access to this file - Make a request directly at the socket: .. code-block:: sh sudo -u nginx curl --unix-socket /var/run/gunicorn-gds.sock -H "SCRIPT_NAME: /gds" http - By default Gunicorn logs to :file:`$HOME/.seiscomp/log/gds-web/{access,error}.log` - Reload gunicorn-gds service after modifications to your :file:`$SEISCOMP_ROOT/share/gds/web/gunicorn.conf.py` or Django configuration file: ``sudo systemctl reload gunicorn-gds`` - Reload systemd configuration after modifications to systemd service and socket files: ``sudo systemctl daemon-reload`` - Reload the NGINX server configuration: ``sudo nginx -t && sudo systemctl reload nginx`` .. _sec-inst-web-next: Next Steps ---------- - Login using the administrator account you created - Create staff users with some/all privileges prefix by `gds_` - Create Services, Queues and Subscriptions - Configure (re)start the :ref:`sec-inst-be` .. _sec-inst-be: Back-end ======== The GDS back-end server is integrated into the :term:`SeisComP` environment and is started like every other SeisComP application. Before running the server, the database must be :ref:`created ` and :ref:`initialized `. For each :ref:`sec-web-conf-serv`, :ref:`sec-web-conf-extcrit` and :ref:`sec-web-conf-fil` a corresponding entry in the servers :ref:`configuration file ` must exist. .. _sec-inst-update: Update Instructions =================== If you already operate a :term:`GDS` version and you intent to install an update you should: - read the CHANGELOG file to get an overview of the changes - consider creating a :ref:`database backup ` - extract the bundle (overriding existing files in the installation folder) - check for new or updated parameters in the :file:`$SEISCOMP_ROOT/share/gds/web/gds/example-settings.py` and :file:`$SEISCOMP_ROOT/share/gds/web/gds/example-settings-production.py` configuration files and apply them to your copies - apply database migrations if needed - remove and collect static files again - restart the :term:`GDS` server and (optionally) the reverse proxy server .. _sec-migration-2021-294: Migration to 2021.294 (Django 3.2, simple-history) -------------------------------------------------- With version 2021.294 the GDS front-end switched from Django 3.1 to the LTS version 3.2. Also history support for the data model has been added allowing to review all changes to a particular configuration object and to revert back to a previous revision. Python dependencies ~~~~~~~~~~~~~~~~~~~ Update Django and install the SimpleHistory django plugin: .. code-block:: sh python3 -m pip install --user django==3.2.* python3 -m pip install --user django-simple-history==3.0.* Update of configuration files ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Compare your :file:`$SEISCOMP_ROOT/share/gds/web/gds/settings.py` with the updated :file:`$SEISCOMP_ROOT/share/gds/web/gds/example-settings.py`. Especially make sure to - add the line ``DEFAULT_AUTO_FIELD = 'django.db.models.AutoField'`` - add ``'simple_history',`` to the ``INSTALLED_APPS`` list - add ``'simple_history.middleware.HistoryRequestMiddleware',`` to the ``MIDDLEWARE`` list Compare your :file:`$SEISCOMP_ROOT/share/gds/web/gds/settings-production.py` with the updated :file:`$SEISCOMP_ROOT/share/gds/web/gds/example-settings-production.py`. Especially make sure to - add ``'simple_history',`` to the ``INSTALLED_APPS`` list Database migrations ~~~~~~~~~~~~~~~~~~~ The data model changed. To complete the update run: .. code-block:: sh cd $SEISCOMP_ROOT/share/gds/web python3 manage.py migrate python3 manage.py populate_history --auto Static files ~~~~~~~~~~~~ The static files changed and need to be collected again: .. code-block:: sh cd $SEISCOMP_ROOT/share/gds/web rm -rf static python3 manage.py collectstatic .. _sec-migration-2020-282: Migration to 2020.282 (Django 3.1) ---------------------------------- With version 2020.282 the GDS front-end switched from Django 1.11 to 3.1 and requires a minimum Python version of 3.6. The back-end was updated to support Python 3 but continues to support Python 2 starting from version 2.7 in order to support SeisComP3 Jakarta 2018.327 and older. Cleanup ~~~~~~~ Since this is a major update it is recommended to move your :file:`$SEISCOMP_ROOT/share/gds/web/` folder to a temporary location prior to the installation of the new GDS package and later on to restore your :file:`$SEISCOMP_ROOT/share/gds/web/gds/settings.py` and :file:`$SEISCOMP_ROOT/share/gds/web/gds/settings-production.py` while merging the new configuration options found in the :file:`$SEISCOMP_ROOT/share/gds/web/gds/example-settings*` files . If you do not want to move your ``web`` folder or if you already extracted the GDS package then please remove at least the following files: .. code-block:: sh rm -rf $SEISCOMP_ROOT/share/gds/web/{django,django_extensions,bitfield} rm $SEISCOMP_ROOT/share/gds/web/gds/templatetags/breadcrumbs.py Additional Dependencies ~~~~~~~~~~~~~~~~~~~~~~~ The following new dependencies have been introduced: - Python >=3.6 - django-3.1 Please refer to :ref:`sec-inst-req-django` and :ref:`sec-inst-req-ubuntu` respectively :ref:`sec-inst-req-rhel` for installation instructions. Back-end Configuration ~~~~~~~~~~~~~~~~~~~~~~ In contrast to previous GDS versions the MIME type of a filter is no longer guessed but must be specified in the GDS back-end configuration, see - :confval:`service.$name.filter.primary.mimetype` - :confval:`service.$name.filter.secondary.mimetype` - :confval:`filter.$name.primary.mimetype` - :confval:`filter.$name.secondary.mimetype` Common MIME types are - ``text/gds`` - GDS bulletin format used by most of the sample filter scripts shipped with GDS - ``text/x-python`` - Python dictionary displayed as key-value pairs - ``image/[subtype]`` - Images of any type - ``text/[subtype]`` - Generic text - ``application/pdf`` - PDF document Filter and Spooler Library ~~~~~~~~~~~~~~~~~~~~~~~~~~ The GDS Python library (:file:`$SEISCOMP_ROOT/share/gds/tools`) uses the seiscomp-python shebang to determine the Python version the SeisComP Python bindings are compiled for. For SeisComP versions <= 2018.327 an alias pointing to either python2 or python3 needs to be created. When the GDS is installed via gsm this will be done automatically. It is recommended to use the same shebang in custom filter and spooler scripts. Furhter noteable changes are: - renamed :file:`$SEISCOMP_ROOT/share/gds/tools/lib/xml.py` to :file:`$SEISCOMP_ROOT/share/gds/tools/lib/scml.py` to avoid naming conflicts - logging facility - new ``messageLimit`` configuration parameter - try to read log directory from SeisComP Environment, use :file:`$HOME/.seiscomp/log` as fallback .. _sec-inst-update-new: Database Migrations after 2017.269 ---------------------------------- Starting with version 2017.269 the GDS front-end switched from Django 1.4 to 1.11.15. The new Django version provides build-in database migration mechanism. To list applied and outstanding migrations issue: .. code-block:: sh cd $SEISCOMP_ROOT/share/gds/web python3 manage.py showmigrations To apply outstanding migrations run: .. code-block:: sh python3 manage.py migrate .. _sec-migration-2017-269: Migration to 2017.269 (Django 1.11.15) -------------------------------------- With version 2017.269 the GDS front-end switched from Django 1.4 to 1.11.15 special attention must be giving to this update. Additional Dependencies ~~~~~~~~~~~~~~~~~~~~~~~ The following new dependencies have been introduced: - Python >=2.7 - pytz - django-1.11.15 - django-extensions (optional) - django-bitfield Refer to :ref:`sec-inst-req-django` and :ref:`sec-inst-req-ubuntu` respectively :ref:`sec-inst-req-rhel` for installation instructions. Database ~~~~~~~~ If you are updating from a GDS version older than 2017.079 make sure to run all appropriate database update scripts to be found in migrations/pre-2017.269 .. code-block:: sh cd $SEISCOMP_ROOT/share/gds/web/gds/migrations/pre-2017.269/mysql mysql -u sysop -p gds < 2016.... mysql -u sysop -p gds < 2017.079 Although the GDS datamodel was not changed between 2017.079 and 2017.269 you still need to be migrate your database to update the Django system tables. Since your system tables already have been initialized the initial migration step needs to be skipped: .. code-block:: sh cd $SEISCOMP_ROOT/share/gds/web python3 manage.py migrate --fake-initial New Directory Structure ~~~~~~~~~~~~~~~~~~~~~~~ - all GDS related files are located under the gds subfolder - templates moved from contrib to templates folder - CSS and java script files moved from media to static folder, no need to serve media directory with NGINX anymore .. _sec-backup: Database Backup and Restore =========================== It is a good idea create database backups on regular basis. Especially before upgrading to a newer GDS version a backup is recommended. MariaDB/MySQL ------------- Backup ~~~~~~ Create a backup of the entire GDS database: .. code-block:: sh mysqldump -u sysop -p gds > /tmp/gds.sql Create a backup of the GDS database but omit the rather large GDS log tables: .. code-block:: sh mysqldump -u sysop -p gds --no-data db_name > /tmp/gds.sql mysqldump -u sysop -p gds --no-create-info --ignore-table=gds_log_event --ignore-table=gds_log_service --ignore-table=gds_log_recv >> /tmp/gds.sql Restore ~~~~~~~ .. code-block:: sh mysql -u sysop -p gds < /tmp/gds.sql PostgreSQL ---------- Backup ~~~~~~ Create a backup of the entire GDS database: .. code-block:: sh pg_dump -U sysop -W -F c gds > /tmp/gds.sql Create a backup of the GDS database but omit the rather large GDS log tables: .. code-block:: sh pg_dump -U sysop -W -F c --exclude-table-data=gds_log_* gds > /tmp/gds.sql Restore ~~~~~~~ .. code-block:: sh pg_restore -U sysop -W -c --if-exists -d gds /tmp/gds.sql