Thalia admin runbook

Thalia admin runbook

1. Things to do when setting up a new cluster:

• get the dns entry for subdomain
• get a Wild card certs
• Don't forget install the alfresco license
• have ops set up F5

2. Things to do when setting up thalia:

1. Install ImageMagic on the server that will be running the Thalia UI and IME.

• go to www.imagemagick.org and get the source distribution:ImageMagick-6.3.2-9.tar.gz
• unzip and unstar ImageMagick-6.3.2.tar.gz and cd to ImageMagic-6.3.2 directory
• by default, the base installation directory is /usr/local. binary files go in /usr/local/bin and library files go in /usr/local/lib. If you want to specify an installation prefix other than /usr/local, youcan do it by specify the --prefix=PATH in step 4
• ./configure (specify the path here if necessary. Please note that the binary files should be in the system path)
• make install
• for more info, please refer to the Install-unix.txt in the package
• after installation, you should be able to type "convert" command and get the help page.

B.  put thaliausers.xml in /home/www/thalia/conf. This file should contain info about system super users.  The file should have the format:

<user-list>                  
<user><name>colodzin</name>  
<domain>ADMIN</domain>       
<isAdmin>true</isAdmin>      
</user>                      
<user><name>amb</name>       
<domain>ADMIN</domain>       
<isAdmin>true</isAdmin>      
</user>                      
<user><name>dongq</name>     
<domain>ADMIN</domain>       
<isAdmin>true</isAdmin>      
</user>                       
<user><name>iannuzzo</name>  
<domain>ADMIN</domain>       
<isAdmin>true</isAdmin>      
</user>                      
<user><name>dracus</name>    
<domain>ADMIN</domain>       
<isAdmin>true</isAdmin>      
</user>                       
</user-list> 
The system super users can self-register in any domain by going to https://\[domain\].thalia.mit.edu/resttest.jsp and click on the super user self reg button.                
 
C. Customize the Alfresco Server:

1.      Stop Alfresco server

2.      put our custom model (includes thaliaModel.xml and thalia-model-context.mxl) in the extension folder

3.      Edit permissionDefinitions.xml and add the Thalia permissionGroup definitions within the <permissionSet type="sys:base" expose="all"> block right
after <permissionGroup name="Execute" allowFullControl="false" expose="false"> <includePermissionGroup type="sys:base" permissionGroup="ExecuteContent" /> </permissionGroup>:
) Be certain not to split a block of code.  It is located in directory:
        /home/alfresco/tomcat/webapps/alfresco/WEB-INF/classes/alfresco/model
         The additional block should be:

      <permissionGroup name="ThaliaWrite" allowFullControl="false" expose="false">
        <includePermissionGroup type="sys:base" permissionGroup="Write"/>
        <includePermissionGroup type="sys:base" permissionGroup="Read"/>
        <includePermissionGroup type="sys:base" permissionGroup="AddChildren"/>
        <includePermissionGroup type="sys:base" permissionGroup="Delete"/>
        <includePermissionGroup type="sys:base" permissionGroup="ExecuteContent"/>
      </permissionGroup>
     
      <permissionGroup name="ThaliaRead"  allowFullControl="false" expose="false">
           <includePermissionGroup type="sys:base" permissionGroup="ReadProperties"/>
           <includePermissionGroup type="sys:base" permissionGroup="ReadChildren"/>
         <includePermissionGroup type="sys:base" permissionGroup="ReadContent"/>
      </permissionGroup>
      <permissionGroup name="ThaliaDownload" allowFullControl="false" expose="false">
           <includePermissionGroup type="sys:base" permissionGroup="ReadProperties"/>
           <includePermissionGroup type="sys:base" permissionGroup="ReadChildren"/>
           <includePermissionGroup type="sys:base" permissionGroup="ReadContent"/>
         <includePermissionGroup type="sys:base" permissionGroup="ExecuteContent"/>
      </permissionGroup>
 
4.      edit contentModel.xml:

find <type name="cm:person"> block in the file
put <property name="cm:isAdmin">
    <type>d:text</type>
    </property>
      Before the </properties> line
 
5.      add the admin account specified by alfrescoAdmin in web.xml in Alfresco's authority-services-context.xml file.

6.      change the default admin account password to the same as thaliaAdmin. Don't use the default admin password.

7.      start Alfresco server

8.      create the user specified by alfrescoAdmin and alfrescoAdminPwd  in web.xml. This is our admin user.

9.      create the user specified by alfrescoGuest and alfrescoGuestPwd in web.xml. This is our guest user (because the web service api doesn't support guest login).

10.  Run the BuildThaliaDomain.jar library to create the domains. The file is under /home/qing/dist on isda-thalia1, 2, and 5.  The syntax is $JAVA_HOME/bin/java -classpath ./lib -jar BuildThaliaDomain.jar [alfresco repository location] [DOMAIN NAME]
For example, to create the TEST domain on isda-thalia6 do:
$JAVA_HOME/bin/java -classpath ./lib -jar BuildThaliaDomain.jar http://mv.ezproxy.com.ezproxyberklee.flo.org/alfresco TEST
Please be aware that the jar file was compiled using java6, so if the JAVA_HOME points to a location older than java6, it will not work.

You can run the jar file from any server to manage any domain in any alfresco repository. You just need to specify the alfresco repository address as the first argument.

D. create directory structure:

/home/www/thalia/conf

/home/www/thalia/log

/home/www/thalia/bulkimage

/home/www/thalia/tmp     
E. upload the thalia war file onto the UI and IME server.

F. set the domain specific metadata mapping

F: run cronjob to clean up the log, tmp, and bulkimage directories.  3. How to create a new super user:

Edit thaliausers.xml mentioned in step B of setting up thalia. Restart the ime. The new super user needs to self register to be a domain admin in a domain. Please refer to step B also.