The following installation guide for Goobi workflow refers to Ubuntu Linux 20.04. It is written as a step-by-step guide from top to bottom, meaning that settings and configurations build on each other. If the order is not followed, certain commands may fail.
The domain name used in this manual is GOOBI.EXAMPLE.ORG and should be adapted to your own DNS name.
Commands from this manual are best copied by clicking on the corresponding icon. Otherwise there is the danger of copying unwanted whitespaces.
Preparation
We assume that we start with a fresh, up to date Ubuntu Linux 20.04 installed from the Server install image with no additional packages installed. First you have to log on to the server where you want to install Goobi workflow:
sshgoobi.example.org
Passwords must then be generated for the Goobi workflow database and the local LDAP and stored as a session variable:
A temporary directory for the installation must be created and the Goobi workflow repository cloned into it. This directory will contain various files that are required for the following installation steps:
It is recommended that you already have a DNS record for the server at this time.
Configuration of Services
LDAP
Configuration of the LDAP-Server
First the LDAP should be responsible only for localhost. For this the setting of the SLAPD_SERVICES must be modified in the file /etc/default/slapd:
sudopatch/etc/default/slapd<<"EOF"@@ -21,7 +21,7 @@ # sockets. # Example usage: # SLAPD_SERVICES="ldap://127.0.0.1:389/ ldaps:/// ldapi:///"-SLAPD_SERVICES="ldap:/// ldapi:///"+SLAPD_SERVICES="ldap://127.0.0.1:389/ ldapi:///" # If SLAPD_NO_START is set, the init script will not start or restart # slapd (but stop will still work). Uncomment this if you areEOF
ldapvi is a good tool for later, easier editing of values in LDAP. For this the following entries in the file /etc/ldapvi.conf have to be adapted and inserted:
The Samba server is connected to the LDAP. The configuration file must be replaced with the one from the repository and then the LDAP configuration must be adapted:
sed -e"s|dc=GOOBI,dc=EXAMPLE,dc=ORG|$BASENAME|" $SOURCEDIR/goobi-workflow/install/samba/smb.conf | sudo tee /etc/samba/smb.conf
Samba needs the password for the LDAP Admin for this:
sudosmbpasswd-w"$PW_LDAP_GOOBI"
Samba does not distinguish between upper and lower case for user names!
sudosystemctlrestartsmbd
Samba: Free memory display
The upload of the images usually takes place within the directory path /opt/digiverso. Therefore Samba should also display the free memory from there.:
Goobi workflow requires a database and its own user. The following command also imports the database schema and creates an initial structure:
sudomysql-e"CREATE DATABASE goobi;USE goobi;SOURCE $SOURCEDIR/goobi-workflow/install/db/goobi_blank.sql;CREATE USER 'goobi'@'localhost' IDENTIFIED BY '$PW_SQL_GOOBI';GRANT ALL PRIVILEGES ON goobi.* TO 'goobi'@'localhost' WITH GRANT OPTION;FLUSH PRIVILEGES;"
Setting up the Tomcat server
In the file /etc/default/tomcat9 the memory under -Xmx should be adapted to the available machine memory. The garbage collector options to be used are also selected and urandom configured for a faster Tomcat start:
sudopatch/etc/default/tomcat9<<"EOF"@@ -5,7 +5,16 @@ # You may pass JVM startup parameters to Java here. If unset, the default # options will be: -Djava.awt.headless=true -XX:+UseG1GC-JAVA_OPTS="-Djava.awt.headless=true -XX:+UseG1GC"+JAVA_OPTS="-Djava.awt.headless=true -Xmx2g -Xms2g"+JAVA_OPTS="${JAVA_OPTS} -XX:+UseG1GC"+JAVA_OPTS="${JAVA_OPTS} -XX:+ParallelRefProcEnabled"+JAVA_OPTS="${JAVA_OPTS} -XX:+DisableExplicitGC"+JAVA_OPTS="${JAVA_OPTS} -XX:+CMSClassUnloadingEnabled"+JAVA_OPTS="${JAVA_OPTS} -Djava.security.egd=file:/dev/./urandom"+JAVA_OPTS="${JAVA_OPTS} -Dlog4j2.formatMsgNoLookups=true"+JAVA_OPTS="${JAVA_OPTS} -Dfile.encoding='utf-8'"++export UMASK=0022 # To enable remote debugging uncomment the following line. # You will then be able to use a Java debugger on port 8000.@@ -19,4 +28,4 @@ #SECURITY_MANAGER=true # Whether to compress logfiles older than today's-#LOGFILE_COMPRESS=1+LOGFILE_COMPRESS=1EOF
In the file /etc/tomcat9/server.xml the Tomcat is configured to listen only on localhost, appropriate connectors are set up for the proxy:
sed-e"s/GOOBI_HOSTNAME/$NAME_HOST/"<<"EOF"|sudopatch/etc/tomcat9/server.xml@@ -67,54 +67,18 @@ Define a non-SSL/TLS HTTP/1.1 Connector on port 8080 -->- <Connector port="8080" protocol="HTTP/1.1"- connectionTimeout="20000"- redirectPort="8443" />- <!-- A "Connector" using the shared thread pool-->- <!--- <Connector executor="tomcatThreadPool"- port="8080" protocol="HTTP/1.1"- connectionTimeout="20000"- redirectPort="8443" />- -->- <!-- Define a SSL/TLS HTTP/1.1 Connector on port 8443- This connector uses the NIO implementation. The default- SSLImplementation will depend on the presence of the APR/native- library and the useOpenSSL attribute of the- AprLifecycleListener.- Either JSSE or OpenSSL style configuration may be used regardless of- the SSLImplementation selected. JSSE style configuration is used below.- -->- <!--- <Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"- maxThreads="150" SSLEnabled="true">- <SSLHostConfig>- <Certificate certificateKeystoreFile="conf/localhost-rsa.jks"- type="RSA" />- </SSLHostConfig>- </Connector>- -->- <!-- Define a SSL/TLS HTTP/1.1 Connector on port 8443 with HTTP/2- This connector uses the APR/native implementation which always uses- OpenSSL for TLS.- Either JSSE or OpenSSL style configuration may be used. OpenSSL style- configuration is used below.- -->- <!--- <Connector port="8443" protocol="org.apache.coyote.http11.Http11AprProtocol"- maxThreads="150" SSLEnabled="true" >- <UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" />- <SSLHostConfig>- <Certificate certificateKeyFile="conf/localhost-rsa-key.pem"- certificateFile="conf/localhost-rsa-cert.pem"- certificateChainFile="conf/localhost-rsa-chain.pem"- type="RSA" />- </SSLHostConfig>- </Connector>- -->+ <Connector address="127.0.0.1" port="8080" protocol="HTTP/1.1"+ maxThreads="400"+ URIEncoding="UTF-8"+ enableLookups="false"+ disableUploadTimeout="true"+ proxyName="GOOBI_HOSTNAME"+ proxyPort="80" /> <!-- Define an AJP 1.3 Connector on port 8009 -->- <!--- <Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />- -->+ <Connector address="127.0.0.1" port="8009" protocol="AJP/1.3"+ secretRequired="false"+ connectionTimeout="20000"+ maxThreads="400"+ URIEncoding="UTF-8" />@@ -160,7 +124,12 @@ Documentation at: /docs/config/valve.html Note: The pattern used is equivalent to using pattern="common" -->+ <!-- <Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs" prefix="localhost_access_log" suffix=".txt" pattern="%h %l %u %t "%r" %s %b" />+ -->+ <Valve className="org.apache.catalina.valves.CrawlerSessionManagerValve"+ crawlerUserAgents=".*[bB]ot.*|.*Yahoo! Slurp.*|.*Feedfetcher-Google.*|.*Apache-HttpClient.*|.*[Ss]pider.*|.*[Cc]rawler.*|.*nagios.*|.*Yandex.*"
+ sessionInactiveInterval="60"/> </Host>EOF
Then the session persistence within the file /etc/tomcat9/context.xml is deactivated by commenting the following line:
sudopatch/etc/tomcat9/context.xml<<"EOF"@@ -25,7 +25,5 @@ <WatchedResource>${catalina.base}/conf/web.xml</WatchedResource> <!-- Uncomment this to disable session persistence across Tomcat restarts -->- <!-- <Manager pathname="" />- --> </Context>EOF
With the account testadmin and the given password $PW_GOOBITESTUSER it is now possible to log in. The application runs here: http://$NAME_HOST/goobi/uii/index.xhtml
Troubleshooting
Check the logs:
sudo journalctl -eu tomcat9.service
less /opt/digiverso/logs/goobi.log
Is Tomcat running?
ps aux | grep tomcat
sudo systemctl status tomcat9.service
Is MariaDB running? Is there a database "goobi"?
ps aux | grep -e mysql -e maria
sudo mysqlshow goobi
Is Apache httpd running? Is the "goobi" vhost enabled?
Are you able to access Goobi workflow on the server's command line?
Check the network configuration and the hostname / DNS name of the server. Especially when you are running this installation as a first test in a VirtualBox environment, the accessibility depends on the VirtualBox Network Adapter settings, and DNS names might not work. In this case try: http://$IP/goobi/uii/index.xhtml
Further configuration
Configuration file**: goobi_opac.xml**
In the file goobi_opac.xml the used catalog can be entered or adapted:
In the configuration file goobi_projects.xml several important parameters for the creation of processes are defined. Among other things, this concerns the institution name, the current year or also the catalog used by default:
/opt/digiverso/goobi/config/goobi:projects.xml
<?xml version="1.0" encoding="UTF-8"?>
<goobiProjects>
<project name="default">
<createNewProcess>
<itemlist>
<item from="werk" multiselect="true">
Creator of digital edition
<select label="Library of Congress (LoC)">Library of Congress</select>
</item>
[...]
<item docstruct="topstruct" isnotdoctype="periodical|multivolume" metadata="_dateDigitization" multiselect="true" required="true" ughbinding="true">
Digitisation date
<select label="2021">2021</select>
</item>
[...]
</itemlist>
<opac use="true">
<catalogue>Library of Congress</catalogue>
</opac>
</createNewProcess>
</project>
</goobiProjects>
In the configuration file goobi_digitalCollections.xml different collections can be adapted for the created example project. As an example this could look like this:
Setting up NFS is only relevant if the Goobi viewer is also installed or is to be installed, and this installation is not performed on the same machine.
In this case, the /opt/digiverso/viewer folder must be exported from the Goobi viewer server and mounted in the Goobi workflow server. The adjustments for this are as follows:
export IP_VIEWER=1.2.3.4# IP-Adresse of the Goobi viewer serversudoaptinstall-ynfs-commonsudomkdir/opt/digiverso/viewer/hotfolder-psudochownroot:root/opt/digiverso/viewer/hotfolderecho "${IP_VIEWER}:/opt/digiverso/viewer/hotfolder /opt/digiverso/viewer/hotfolder nfs rsize=8192,wsize=8192,soft,intr,rw,nolock,auto,x-systemd.automount 0 0" | sudo tee -a /etc/fstab
Optional: Track changes using Git
For a better traceability of changes to plugins, configuration, scripts, rulesets and XSLTs, you can (optionally) create a local Git repository: