This repository contains the deployment configuration for the public http://biophi.dichlab.org/ server.
Feel free to use this as a template for 🐧 Ubuntu deployment.
To deploy a new release, simply run the ./deploy.sh
script.
Here's how to set up the deployment. You'll need root acces for this (us su root
or sudo bash
to run as root).
Summary of the following steps:
- Set up directory and biophi user
- Install conda and BioPhi
- Install and set up redis database
- Set up flask & celery worker services
- Set up Nginx server and SSL
Some steps might be skipped here. If you get stuck, Google is your friend 😊
This directory will host all the settings and the OASis DB.
# Create deployment directory (you need root access for this and everything that follows)
mkdir /opt/biophi
cd /opt/biophi
# Clone this repo (or your own fork) into current directory
git clone git@github.com:lich-uct/biophi.dichlab.org.git .
Download and unzip the OASis database file (22GB uncompressed).
# Enter the deployment directory
cd /opt/biophi
# Download database file
wget https://zenodo.org/record/5164685/files/OASis_9mers_v1.db.gz
# Unzip
gunzip OASis_9mers_v1.db.gz
useradd biophi
addgroup biophi staff
addgroup biophi www-data
mkdir /home/biophi /home/biophi/run
chown biophi:biophi /home/biophi /home/biophi/run
apt-get install redis-server
This will automatically start it as a service in the background
# Try calling redis
redis-cli PING
# You should get PONG
You can install BioPhi using Conda or one of the alternatives (Miniconda, Miniforge).
Then, add conda to your PATH and run conda init
.
# Create the BioPhi conda environment
conda create -n biophi python=3.9
conda activate biophi
# Install BioPhi and dependencies from Bioconda channel
conda install -c bioconda biophi
If you want to install BioPhi directly from a git repository, you can clone it in a separate directory (e.g. /opt/github-biophi
)
and then install using:
pip install --no-deps /opt/github-biophi
Check the local gunicorn web server config and adjust as needed:
- gunicorn/biophi-gunicorn.service Gunicorn service config
- gunicorn/gunicorn.sh Gunicorn script, adjust concurrency based on your CPU count here
- activate.sh Conda and ENV var activation
Register the config as a systemd service:
ln -s /opt/biophi/gunicorn/biophi-gunicorn.service /etc/systemd/system/biophi-gunicorn.service
# Start gunicorn
systemctl start biophi-gunicorn
# Register gunicorn at startup (important!)
systemctl enable biophi-gunicorn
# Check the status of gunicorn
systemctl status biophi-gunicorn
See flask gunicorn log using: journalctl -u biophi-gunicorn.service -e
Check the local celery worker config and adjust as needed:
- celery/biophi-celery.service Celery service config
- celery/celery.sh Celery script, adjust concurrency based on your CPU count here
- activate.sh Conda and ENV var activation
Register the config as a systemd service:
ln -s /opt/biophi/celery/biophi-celery.service /etc/systemd/system/biophi-celery.service
# Start celery
systemctl start biophi-celery
# Register celery at startup (important!)
systemctl enable biophi-celery
# Check the status of celery
systemctl status biophi-celery
See celery task log using: journalctl -u biophi-celery.service -e
Ngix will listen to HTTP & HTTPS traffic and serve the gunicorn responses as a proxy server.
Based on: https://www.nginx.com/blog/using-free-ssltls-certificates-from-lets-encrypt-with-nginx/
Create a basic nginx config file:
nano /etc/nginx/sites-available/biophi.dichlab.org
Enter the following:
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name biophi.dichlab.org;
location / {
include proxy_params;
proxy_pass http://localhost:5000;
}
}
Enable the config:
ln -s /etc/nginx/sites-available/biophi.dichlab.org /etc/nginx/sites-enabled/biophi.dichlab.org
# Restart nginx
systemctl restart nginx
# Check status
systemctl status nginx
Generate SSL certificate using certbot (see installation guide for Ubuntu 20 or other platforms)
# Generate and install certificate
certbot --nginx -d biophi.dichlab.org
Your nginx config file /etc/nginx/sites-available/biophi.dichlab.org
should now be updated with the SSL config.
# Restart nginx
systemctl restart nginx
# Check status
systemctl status nginx
You should be all good to go.