Test script to setup a new workman server on Ubuntu

[rowlandm]

Dennis did some great work starting up a new BioJS workman (to provide the backend infrastructure to do the visualisations). We would like someone to test an installation script to see if we can build it from a brand new installation of Ubuntu.

!/bin/bash

echo "Updating packages..." sudo apt update sudo apt upgrade echo "done" echo "Installing docker..." sudo apt install docker.io sudo usermod -aG docker $USER echo "done" echo "Starting BioJS workman..." docker network create workmen && docker run --name=workmen -e GITHUB_TOKEN=**** -e NODE_ENV=production -p 80:5000 -p 443:5000 --network=workmen -d biojs/workman docker ps echo "done" echo "Setting up firewall..." sudo ufw allow ssh sudo ufw allow http sudo ufw allow https sudo ufw enable echo "Setup finished!"

[rowlandm]

If anyone wants to test this, please also let us know which version of Ubuntu you ran it on. Ideally 14.04 LTS would be great.

[yochannah]

Some further notes:

Background:

The BioJS Registry workmen server searches npm for packages tagged biojs and bionode (see the README and stores them in a database to power the biojs registry.

Task

• On ubuntu without docker or the workmen set up, run
  • If everything works, brilliant! comment and let us know it's good!
  • If there are errors, let us know what is going wrong and why.
• bonus points: fork the workmen repo, add the script to the root of the folder, and make a PR.

If you need help

Comment on the issue if you need help and aren't sure what to do. Feel free to mention @yochannah - or pop by our gitter chat

[rowlandm]

Extra bonus point:

Create an Ansible script that will also setup the Ubuntu server: 1/ create multiple users with password-less logins (ssh public keys only) and sudo access 2/ setup automatic security updates but not reboot automatically

Recommend Ansible as Stemformatics will be able to help support with any questions as we use it. Happy to look at other options if someone is super keen.

[Gersho]

tested on ubuntu 16.04 ( ubuntu-16.04.3-server-amd64.iso ) the apt commands need -y for autoaccept also there is permission issues :

done
Starting BioJS workman...
Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Post http://%2Fvar%2Frun%2Fdocker.sock/v1.26/networks/create: dial unix /var/run/docker.sock: connect: permission denied
Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get http://%2Fvar%2Frun%2Fdocker.sock/v1.26/containers/json: dial unix /var/run/docker.sock: connect: permission denied
done

complete log: output.txt

ps: i've never used docker and don't know how this is supposed to work, so i'm only reporting what the console told me :P

[DennisSchwartz]

Hi @Gersho,

thanks for taking a look!

How did you run the script? Unfortunately it needs sudo to run docker and the user needs to be added to the docker group. That error message looks like the one you get when you aren't part of the docker group. Maybe I need to update the script or something.

@rowlandm I had to remove the GITHUB_TOKEN from the script. That was my own and we should probably have like an organisation token or sth. Anyway it shouldn't be public 🙊

[rowlandm]

What exactly is the github token used for?

This is why I say that Ansible can replace Docker, but Docker can't replace Ansible!

We have biojs1 and biojs3 working with the workman so I think we are kind of covered for now.

[DennisSchwartz]

It's used to get the 'stars' and github information for the registry.

My experience with ansible wasn't the best haha. But I don't mind using it if you can take the lead and give me an intro.

For now I'm just using what I know.

[Gersho]

Hi i've scp'd the script onto my Ub 16.04 VM and ran the script there without specific privileges (i noticed the first few lines had sudo included so i assumed it was okay)

i have plenty of VM clones so feel free to mention me when you want to test your next version ps: i've received an email but i couldn't find the post in my github feed, sorry i'm new here xD

edit: the VM is a clean install of UB16.04 with only SSH choosen during install

[DennisSchwartz]

That sounds about right 🤔 So I'll have to update it somehow. I'll give it a go tomorrow or so.

And don't worry haha, you found it in the end ;) Your help is much appreciated.

[rowlandm]

no worries @DennisSchwartz

I think to do it properly (Ansible) it will take a bit of time. At the moment we just have to reduce our risk by having multiple servers running so that if one falls over we can just use another.

Where is the main site being served from now? I forgot. We could potentially create a duplicate on biojs2.stemformatics.org.

Thanks for the help @Gersho ! Much appreciated!

[rowlandm]

sudo adduser user-xyz sudo passwd user-xyz sudo usermod -aG sudo user-xyz sudo su - user-xyz

as user-xyz: ssh-keygen # this creates a .ssh folder for you, just press enter cd .ssh vi authorized_keys copy the public key in here chmod 600 authorized_keys

logout, log back in as user-xyz and test

sudo ls -alh /

[DennisSchwartz]

Updated script:

#!/bin/bash
echo "Updating packages..."
sudo apt update
sudo apt upgrade
echo "done"
echo "Installing docker..."
sudo apt install docker.io
sudo adduser $USER docker
su - $USER
echo "done"
echo "Starting BioJS workman..."
docker network create workmen && docker run --name=workmen -e GITHUB_TOKEN=**** -e NODE_ENV=production -p 80:5000 -p 443:5000 --network=workmen -d biojs/workman
docker ps
echo "done"
echo "Setting up firewall..."
sudo ufw allow ssh
sudo ufw allow http
sudo ufw allow https
sudo ufw enable
echo "Setup finished!"