Skip to content

Latest commit

 

History

History
182 lines (123 loc) · 6.31 KB

ex1-first-steps.md

File metadata and controls

182 lines (123 loc) · 6.31 KB

galaxy logo

Galaxy Administrators Course

Production Server First Steps - Exercise.

Authors: Nate Coraor (2016), Nicola Soranzo (2017)

Section 0 - Convenience

Part 1 - Set up your environment

  • $EDITOR is a standard environment variable used to determine what editor to invoke when a program needs to start one (including the sudo -e command).
  • $PATH is the list of directories that will be searched for commands on the command line.

First, set the variables on the command line. If you are not familiar with UNIX editors, use the example here (nano):

export EDITOR=nano
export PATH="/srv/galaxy/bin:$PATH"

And then in ~/.bashrc, at the bottom with e.g. $EDITOR ~/.bashrc:

export EDITOR=nano
export PATH="/srv/galaxy/bin:$PATH"

Part 2 - Configure sudo

sudo allows you to run programs as the root (admin) user. We will do this a lot during the training, so to make life easier, we want to ensure we can use sudo without a password. This should already be done on your training instances, which you can verify with:

$ sudo -l
Matching Defaults entries for ubuntu on server-f5d67052-36ac-40f5-abf7-14939e479df2.novalocal:
    env_reset, !requiretty, mail_badpass, secure_path=/usr/local/sbin\:/usr/local/bin\:/usr/sbin\:/usr/bin\:/sbin\:/bin\:/snap/bin

User ubuntu may run the following commands on server-f5d67052-36ac-40f5-abf7-14939e479df2.novalocal:
    (ALL : ALL) ALL
    (ALL) NOPASSWD: ALL

Your output should include the (ALL) NOPASSWD: ALL line.

Regardless, we will also want to disable sudo's environment resetting option. NOTE: Disabling env_reset and secure_path on a real system is not a safe thing to do - it is done here for convenience. Edit the file with visudo:

$ sudo -E visudo

Comment the env_reset and secure_path lines thusly:

#Defaults   env_reset
#Defaults   secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin"

If for some reason you do not have passwordless sudo enabled, add the following line:

ubuntu      ALL=(ALL) NOPASSWD:ALL

Then, save the file and quit the editor.

Section 1 - User, directories, and files

Part 1 - Create a Galaxy user

Add a new user named galaxy:

sudo useradd -d /srv/galaxy -m -r -s /bin/bash galaxy

This will create a system user (-r) and its home directory (-m) located at /srv/galaxy (-d /srv/galaxy) with Bash as login shell (-s /bin/bash).

Part 2 - Set up directories

useradd has created /srv/galaxy for you with the correct ownership. We now need to create directories for the Galaxy server, our config files, data, etc.

$ sudo -u galaxy git clone -b release_18.09 https://github.com/galaxyproject/galaxy.git /srv/galaxy/server
$ sudo -u galaxy mkdir /srv/galaxy/{bin,config,data,log}

Part 3 - Set up files

Galaxy assumes that everything is located under the server directory. To separate things out, we will create a small script to control the Galaxy server with that sets the location of Galaxy's primary config file:

$ sudo -u galaxy -e /srv/galaxy/bin/galaxy

And insert the following:

#!/bin/sh

export GALAXY_CONFIG_FILE='/srv/galaxy/config/galaxy.yml'
export GALAXY_VIRTUAL_ENV='/srv/galaxy/venv'

case $1 in
    --daemon)
        log="--daemonize2 /srv/galaxy/log/galaxy.log"
        ;;
    *)
        log=""
        ;;
esac

/bin/sh /srv/galaxy/server/run.sh $log "$@"

Then, save and quit the editor. This file should be executable, make it so with sudo chmod:

$ sudo -u galaxy chmod +x /srv/galaxy/bin/galaxy

Next, we will create some Galaxy config files, starting from the samples:

$ for f in galaxy.yml tool_conf.xml shed_tool_conf.xml tool_data_table_conf.xml \
           shed_tool_data_table_conf.xml data_manager_conf.xml shed_data_manager_conf.xml; do
    sudo -u galaxy cp /srv/galaxy/server/config/${f}.sample /srv/galaxy/config/${f}
done

Next, edit Galaxy's primary configuration file, galaxy.yml:

$ sudo -u galaxy -e /srv/galaxy/config/galaxy.yml

Let's set a few config variables that will be useful for this and upcoming sessions:

file_path: /srv/galaxy/data
tool_config_file: '/srv/galaxy/config/tool_conf.xml,/srv/galaxy/config/shed_tool_conf.xml'
tool_dependency_dir: /srv/galaxy/dependencies
dependency_resolvers_config_file: /srv/galaxy/config/dependency_resolvers_conf.xml
tool_data_table_config_path: /srv/galaxy/config/tool_data_table_conf.xml
shed_tool_data_table_config: /srv/galaxy/config/shed_tool_data_table_conf.xml
admin_users: foo@example.org
data_manager_config_file: /srv/galaxy/config/data_manager_conf.xml
shed_data_manager_config_file: /srv/galaxy/config/shed_data_manager_conf.xml
galaxy_data_manager_data_path: /srv/galaxy/tool-data

Then save and quit your editor.

Next, we need to define where tools that we install from the Galaxy Tool Shed will be installed. We do this in shed_tool_conf.xml, the file which controls which Tool Shed-installed tools are loaded into Galaxy at startup time:

$ sudo -u galaxy -e /srv/galaxy/config/shed_tool_conf.xml

Change the tool_path attribute of the <toolbox> path to an absolute path, e.g.:

<toolbox tool_path="/srv/galaxy/shed_tools">

Then save and quit your editor.

In a production server we would set some additional paths to prevent writing to the code directory (/srv/galaxy/server, especially the database subdirectory). The full list of options that we set for usegalaxy.org can be found in the usegalaxy Ansible playbook.

Section 2 - Start your new Galaxy

Unlike before, you will now use the galaxy script we created to start and stop Galaxy. However, it takes the same arguments as run.sh (most notably --daemon and --stop-daemon). Remember that we need to start the Galaxy server as the new galaxy user:

$ sudo -Hu galaxy /srv/galaxy/bin/galaxy

The -H option is used to properly set the HOME environment variable.

You should now see the Galaxy Python requirements being downloaded to the virtualenv /srv/galaxy/venv.

As before, Galaxy should then be accessible at http://localhost:8080