This ansible playbook installs the postgresql / postgis database, imports a database dump, install the georeference service and daemon and installs an apache2 http server as a reverse proxy.
The playbook can be run via the following command:
ansible-playbook service_geo/main.yml --inventory geo.kartenforum.slub-dresden.de, --key-file "~/keyfile" --user user_name
The services writes temporary and permanent georeference data, which it shares with the different services from service_maps. It therefor needs write access to the network storage which is mounted by the service_maps machine.
| Name | Default value | Declaration |
|---|---|---|
| apache2.admin_mail | [email protected] | Mail of the admin of the Apache HTTP server. |
| apache2.cert.cert | /etc/certs/kartenforum.slub-dresden.de/cert.pem | Path to the certificate file on the remote machine. |
| apache2.cert.chain | /etc/certs/kartenforum.slub-dresden.de/chain.pem | Path to the certificate chain file on the remote machine. |
| apache2.cert.key | /etc/certs/kartenforum.slub-dresden.de/cert-key.key | Path to the key file for the certificate on the remote machine. |
| apache2.vhosts | geo.kartenforum.slub-dresden.de | Domain names under which the service should react on http and https. |
| db.password | set_your_own_password | Password of the user configured via `db.user`. |
| db.name | vkdb | Name of the database of the service. |
| db.user | vk20 | Owner of the database of the service. Main user of the georeference service. |
| db.host | localhost | Hostname used from the docker container to access the database. |
| db.port | 5432 | Port used from the docker container to access the database. |
| db.dump | vkdb-new.dump | Dump of the vkdb, which should be imported into the database. Make sure that the dump uses the same user as configured via `db.user`. The dump file should be placed in the directory `roles/import-database/files/` |
| db.restore_database | False | If set to `True` it also creates and imports the database. Should be `True` on first import. |
| search.domain | search.kartenforum.slub-dresden.de | Domain of the search endpoint. |
| search.port | 443 | Port to acccess the search endpoint. |
| search.ssl | True | If `True` it uses https and if `False` http. |
| search.username | elastic | Username of a user, which is allowed to write to the search endpoint. |
| search.password | set_your_own_password | Password for the `search.username`. |
| storage.root_path | /srv/vk | Root directory of data directory. |
| storage.directories.image_root | /srv/vk/original | Directory in which the original images should be placed. |
| storage.directories.geo_root | /srv/vk/georef | Directory in which the georeferenced images should be placed. |
| storage.directories.tms_root | /srv/vk/tms | Directory in which the tms image directories should be placed. |
| storage.directories.tmp_root | /srv/vk/tmp | Directory in which temporary files should be placed. |
| storage.directories.mapfile_root | /srv/vk/map_services | Directory in which the mapfiles for configuration of the map services should be placed. |
| storage.directories.mapfile_tmp_root | /srv/vk/map_services_tmp | Directory in which temporary mapfiles and geotiffs should be placed for deliverying georeference results within the georeference process. |
| storage.directories.daemon_tmp | /srv/vk/daemon_tmp | Directory in which configuration files of the daemon should be placed. |
| storage.directories.thumbnail_root | /srv/vk/thumbnails | Directory in which thumbanils are placed. |
| storage.directories.zoomify_root | /srv/vk/zoomify | Directory in which zoomify tiles are placed. |
| storage.directories.upload_tmp | /srv/vk/upload_tmp | Directory in which the temporary upload files are stored. |
| storage.check_permission | False | Checks if the permissions on the different directories are set correctly. Caution: this can lead to long running playbooks. |
| service.root_path | /opt/kartenforum_georeference | Path to the root directory of the georeferencer service and daemon configs, code and log files. |
| service.docker_image_name | pikobyteshq/slub_kartenforum_georeference:latest | Name of the docker image, published @ hub.docker.com to the git repository. |
| service.dev_mode | False | Boolean flag, which signals to start the container in `dev_mode`. NEVER SET THIS TO TRUE IN PRODUCTION. |
| service.log_level | INFO | Allows changing of the DEBUG_LEVEL of the container. |
| service.templates.tms_urls | https://tms-1.kartenforum.slub-dresden.de/%s, https://tms-1.kartenforum.slub-dresden.de/%s | Template string which is used from the Python Code to generate the TMS-Links. `%s` is an expression, which can be used from Python to resolve template strings. |
| service.templates.wms_url | https://wms.kartenforum.slub-dresden.de/map/%s | Template string which is used from the Python Code to generate the WMS-Links. `%s` is an expression, which can be used from Python to resolve template strings. |
| service.templates.wms_transform_url | https://wms-transform.kartenforum.slub-dresden.de/map/%s | Template string which is used from the Python Code to generate the temporary WMS-Links. `%s` is an expression, which can be used from Python to resolve template strings. |
| service.templates.wcs_url | https://wcs.kartenforum.slub-dresden.de/map/%s | Template string which is used from the Python Code to generate the WCS-Links. `%s` is an expression, which can be used from Python to resolve template strings. |
| service.templates.thumbnail_url | https://thumbnail.kartenforum.slub-dresden.de/{} | Template string which is used from the Python Code to generate the Thumbnail-Links. `{}` is an expression, which can be used from Python to resolve template strings. |
| service.templates.zoomify_url | https://zoomify.kartenforum.slub-dresden.de/{}/ImageProperties.xml | Template string which is used from the Python Code to generate the Zoomify-Links. `{}` is an expression, which can be used from Python to resolve template strings. |
| service.typo3_url | https://kartenforum.slub-dresden.de/ | Root URL of the TYPO3 Kartenforum-Client. This is needed for proper authentification support of the FastAPI. |
| service.sentry_dsn | https://{url-to-some-sentry-project} | If this parameter is set, the FastAPI and Daemon will send error logs and heartbeats to sentry instance. |
| service.sentry_environment | Could be an environment value, e.g. "staging" or "production" | Environment of the system send to sentry. |
| backup.data_path | /srv/vk/backup/data | Directory where backup files should be placed. |
| backup.script_path | /srv/vk/backup/scripts | Directory where backup scripts should be placed. |
For the description of the configuration of the certs variables have a look at _roles/README.md
Log-Files for the georeference service and daemon can be find in the directory /var/log/georeference.
For checking the proper working of the services use this test requests:
curl -XGET https://geo.kartenforum.slub-dresden.de/statistics -u vk20_user:vk20_user_1234
The system backs up the database daily and stores it in the directory xy. Backups older than 14 days are deleted.
Furthermore, it is recommended to back up the following directories regularly, as a failure would cause very long recovery times:
- /srv/vk/original
- /srv/vk/georef
- /srv/vk/tms
- Within the database there are userids stored. If these are appropriately speaking, they can allow a conclusion to be drawn about individual users. They are also published on the portal as part of the ranking.
- The service collects ip addresses through the apache access log file. This information is only used for debugging reasons and can be deleted via clearing the Apache log files.
- If
sentry_dsnis configured, it is possible, that IP addresses are send to the configured sentry instance.
The script can be executed several times in a row. However, care should be taken that db.restore_database==True resets the database each time and thus existing information in the database can be lost. Also setting storage.check_permission=True can lead to long running playbooks.