OpenRIMS-RPM - Installation Part 1

From OpenRIMS Wiki
Jump to navigation Jump to search

Purpose

This document describes deployment of OpenRIMS software on a default server.

The audience of it is IT persons that are responsible to install and maintain the OpenRIMS software.

You should have the ability to install and configure programs and components/services in the selected operating system.

Additionally you need experience on MySQL.

!PLEASE READ THE FULL DOCUMENT BEFORE PROCEDING WITH THE INSTALLATION!

Overview of Server Requirements

Regardless of deployment configuration selected, the following pre-conditions should be fulfilled:

Hardware Requirements

Recommendation
Initial Configuration and Testing Server Production Server
CPU 1-2 cores 8 cores
Memory At least 2 GB of free RAM At least 16 GB of free RAM
Harddrive At least 10GB of free SDD/HDD At least 10GB of free SDD/HDD
Internet connection Should align with minimal requirements for Google Mail Should align with minimal requirements for Google Mail

Software Requirements

Operating System Linux, released after 2018. Tested on Ubuntu 18.04.4 LTS and above

OR

Windows Server 2016 and above

Database: MySQL : Server 5.7 and Workbench 8.0
Java: Oracle Java JDK 1.8

OR

OpenJDK 1.8

(OpenJDK 1.8 has been tested on Linux Ubuntu, but not Windows)

OpenRIMS application & database: OpenRIMS Java application binary

AND

OpenRIMS demo database

(https://github.com/MSH/Pharmadex2/tree/main/database[1])

(Please refer to the README.md file)

Google Oauth ID & Secret A Google Mail account for OAuth Login SSO

The OpenRIMS Installation Procedure

Prepare to install

1.      Install the following using the respective vendor’s deployment manuals:

1.1.   MySQL 5.7 : Server 5.7 and Workbench 8.0

1.2.   Java JDK 1.8

2.      Restore the main database INCLUDING stored procedures to MySQL using MySQL Workbench or the command line. Name it pdx2. Verify that the stored procedures have been imported!

Ubuntu MySQL CLI hint (CREATE DATABASE pdx2. And restore it: $ mysql -u username -p pdx2 < DumpPdx2.sql)

3.      Copy the binary application pharmadex2-0.0.1.jar and application.properties to a dedicated user folder, e.g. /home/{username}/applications/openrims

Post-Installation OpenRIMS Configurations

Local TCP/IP port

Adjust the application.properties file for initial configuration as described below.

When initial configuration is concluded you should disable Variables Edit and Cloning of Workflows.

Database

In the application.properties file edit the values marked bold:

spring.datasource.url = jdbc:mysql://localhost/openrimsre?useSSL=false&useUnicode=yes&characterEncoding=UTF-8&characterSetResults=UTF-8&serverTimezone=Europe/Kiev

spring.datasource.username = username

spring.datasource.password = password

File Size Limit for Upload

Large file uploads can be enabled but is not recommended. A separate repository should be identified like a Document Management System (DMS) e.g. Alfresco Community Edition or Google Drive.

To enable large file upload the server administrator must (example is max 200Mb file):

  1. Add following line to MySQL configuration file in the [mysqld] section: max_allowed_packet=200Mb
  2. Modify the following two lines in the application.properties file: spring.servlet.multipart.max-file-size=200MB spring.servlet.multipart.max-request-size=200MB

Logs

In the application.properties file edit the values marked bold:

logging.file.path=/home/user/openrimsre/log

Recommended setting: logging.file.path= ./log/

After configuration it will be necessary to copy Client ID and Client secret to the application.properties

OATH2

spring.security.oauth2.client.registration.google.client-id=client_id

spring.security.oauth2.client.registration.google.client-secret=client_secret

SMTP Configuration

# SMPT Outgoing email settings

spring.mail.username=NRAemail@gmail.com

spring.mail.password=MyPassword

Allow System Edits for initial workflow configuration

## Developer Mode Status

variables.properties.edit=true

Allow Cloning of Workflows for initial workflow configuration

pharmadex.allow.process.import=true

Install OpenRIMS as a service

Examples of the configurations are in the binary distributive on/from GitHub. The folders are “Windows” and “Linux”.

Linux

The official guide is here https://docs.spring.io/spring-boot/docs/current/reference/html/deployment.html#deployment.installing.nix-services.system-d

Here are detailed steps for Ubuntu 22.04:

  1. Copy file .service to /etc/systemd/system: sudo cp openrims.service /etc/systemd/system
  2. Edit file .service and change Username and Execstart path.
  3. Start the service: systemctl enable openrims.service
  4. Change Owner of the java application to your user: sudo chmod a+rwx /home/ubuntu/applications/pharmadex2/pharmadex2-0.0.1.jar OR sudo cdmod 500 pharmadex2-0.0.1.jar

For reference here is a sample service file:

[Unit]

Description=Pharmadex 2 UAT version (madagascar)

After=pharmadex.service

[Service]

User=ubuntu

ExecStart=/home/{username}/applications/openrims/pharmadex2-0.0.1.jar

SuccessExitStatus=143

[Install]

WantedBy=multi-user.target

For Windows

The official guide is here https://docs.spring.io/spring-boot/docs/current/reference/html/deployment.html#deployment.installing.windows-services

Provide access from the Internet

To provide access from the Internet it will be a good idea to establish a proxy gateway like Nginx or Apache2.

The example of virtual server configuration for Apache 2 is in the binary distributive folder named “Linux” on GitHub.

For Ubuntu 22.04 and Apache2 here are the steps:

  1. Copy pharmadex.conf to apache folder e.g. /etc/apache2/sites-available
  2. Enable the site a2ensite pharmadex

Here is another sample Apache conf file with https enabled by Letsencrypt:

<VirtualHost *:80>

ServerName openrims.yourdomain.com

Redirect permanent / https://openrims.yourdomain.com/

</VirtualHost>


<VirtualHost *:443>

ServerName openrims.yourdomain.com

SSLEngine On

SSLCertificateFile C:\Certbot\live\openrims.yourdomain.com\fullchain.pem

SSLCertificateKeyFile C:\Certbot\live\openrims.yourdomain.com\privkey.pem

SSLProtocol         all -SSLv3 -TLSv1 -TLSv1.1

SSLCipherSuite ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256

SSLHonorCipherOrder on

SSLCompression      off

SSLSessionTickets   off

SSLSessionCacheTimeout  300

ProxyPreserveHost On

<Location />

ProxyPass http://192.168.1.10:8084/

ProxyPassReverse http://192.168.1.10:8084/

</Location>

</VirtualHost>"

Configuring Google Authentication

LINK: See OpenRIMS - Installation Part 2

Special Configuration

LINK: See IIS as a gateway for Spring Boot application


[1] For current, available only to MSH staff