8. Installation guide

Introduction

‌The following installation guide for Goobi workflow refers to Ubuntu Linux 16.04. It is written as a step-by-step guide from top to bottom, meaning that settings and configurations build on each other. If the order is not followed, certain commands may fail. The domain name used in this manual is GOOBI.EXAMPLE.ORG and must be adapted to your own DNS name.

Preparation

‌First you have to log on to the server where you want to install Goobi workflow and get root privileges:

ssh GOOBI.EXAMPLE.ORG
sudo -i

‌A password must then be generated for the Goobi workflow database and stored as a variable in the session:

export PW_SQL_GOOBI=SECRETPASSWORD

‌Now the following packages have to be installed:

apt -y install git maven

Finally, a temporary directory for the installation must be created and the Goobi workflow repository cloned into it. This directory contains various files that are required for the following installation steps:

install=/tmp/install
mkdir -p $install
cd $install
git clone https://github.com/intranda/goobi.git

‌It is recommended that you already have a DNS record for the server at this time.

Variables and Aliases

‌The following aliases must be added to the /root/.bash_aliases file:

cat << "EOF" >/root/.bash_aliases
alias cata='tail -n 1000 -f /var/log/tomcat8/catalina.out'
alias ct='chown tomcat8:tomcat8 *'
alias ctr='chown -R tomcat8:tomcat8 *'
EOF

‌To apply the changes to the current session, the following command must be executed:

. /root/.bashrc

Install packages

‌The following packages must now be installed including all dependencies:

apt -y install openjdk-8-jdk-headless tomcat8 mariadb-server apache2 slapd libnss-ldapd libldap-2.4-2 ldap-utils ldapvi libpam-ldap smbldap-tools samba smbclient imagemagick graphicsmagick libtiff-tools mailutils djvulibre-bin netpbm jhead exiv2 bc

‌A password for the LDAP Manager account must be assigned during installation. In this manual, the password with PW_LDAP_GOOBI is referred to at the appropriate places..‌

The queried URI for the LDAP server is:

ldap://127.0.0.1/

‌The DNS settings for the LDAP installation must be adapted to the local conditions.‌

Configuration of Services

LDAP

Configuration of the LDAP-Server

First the LDAP should be responsible only for localhost. For this the setting of the SLAPD_SERVICES must be modified in the file /etc/default/slapd:

patch /etc/default/slapd << "EOF"
--- /etc/default/slapd 2016-01-19 14:33:07.000000000 +0100
+++ slapd 2018-03-07 19:54:59.006291228 +0100
@@ -21,7 +21,7 @@
# sockets.
# Example usage:
# SLAPD_SERVICES="ldap://127.0.0.1:389/ ldaps:/// ldapi:///"
-SLAPD_SERVICES="ldap:/// ldapi:///"
+SLAPD_SERVICES="ldap://127.0.0.1:389/ ldapi:///"
# If SLAPD_NO_START is set, the init script will not start or restart
# slapd (but stop will still work). Uncomment this if you are
EOF

‌The following command must then be executed:

dpkg-reconfigure slapd

‌The complete host name must be selected as the DNS domain name.‌

Then the following step is executed:

zcat /usr/share/doc/samba/examples/LDAP/samba.schema.gz >> /etc/ldap/schema/samba.schema

The file samba.ldif can then be moved to the path /etc/ldap/schema/ and the schema inserted into the LDAP:

mv $install/goobi/Goobi/install/ldap/samba.ldif /etc/ldap/schema/
ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/samba.ldif

‌The import.ldif file must now be edited to adjust the dc= value to local conditions. This value will then be imported as well:

ldapadd -x -D cn=admin,dc=GOOBI,dc=EXAMPLE,dc=ORG -w PW_LDAP_GOOBI -f $install/goobi/Goobi/install/ldap/import.ldif

‌The /etc/ldap/ldap.conf file is then modified as follows:

cat << "EOF" >/etc/ldap/ldap.conf
#
# LDAP Defaults
#
BASE dc=GOOBI,dc=EXAMPLE,dc=ORG
URI ldap://127.0.0.1
TLS_REQCERT never
EOF

Configuration of the LDAP-Client

The LDAP client is configured as follows:

patch /etc/ldap.conf << "EOF"
--- /etc/ldap.conf 2018-03-07 20:00:17.174302607 +0100
+++ ldap.conf 2018-03-07 20:22:14.906349732 +0100
@@ -21,7 +21,7 @@
# space. How long nss_ldap takes to failover depends on
# whether your LDAP client library supports configurable
# network or connect timeouts (see bind_timelimit).
-#host 127.0.0.1
+host 127.0.0.1
# The distinguished name of the search base.
base dc=GOOBI,dc=EXAMPLE,dc=ORG
@@ -56,7 +56,7 @@
#port 389
# The search scope.
-#scope sub
+scope sub
#scope one
#scope base
EOF

In addition the entry cn=manager must be changed in the file with the value rootbinddn against the value cn=admin.

Configuration of name resolution via LDAP

To configure the name resolution, the following adjustment must be made:

patch /etc/nsswitch.conf << "EOF"
--- nsswitch.conf 2018-03-07 20:24:03.890353630 +0100
+++ /etc/nsswitch.conf 2018-03-07 20:25:55.654357627 +0100
@@ -4,9 +4,9 @@
# If you have the `glibc-doc-reference' and `info' packages installed, try:
# `info libc "Name Service Switch"' for information about this file.
-passwd: compat
-group: compat
-shadow: compat
+passwd: compat ldap
+group: compat ldap
+shadow: compat ldap
gshadow: files
hosts: files dns
EOF
ldapmodify -Y EXTERNAL -H ldapi:/// -f $install/goobi/Goobi/install/ldap/index.ldif

Using the tool ldapvi

ldapvi is a good tool for later, easier editing of values in LDAP. Therefore the following entries in the file /etc/ldapvi.conf have to be adapted and inserted:

echo 'user: cn=admin,dc=GOOBI,dc=EXAMPLE,dc=ORG' >>/etc/ldapvi.conf
echo 'password: PW_LDAP_GOOBI' >>/etc/ldapvi.conf
chmod 600 /etc/ldapvi.conf

Setting up Samba

The Samba server is connected to the LDAP. The configuration file must be replaced with the one from the repository and then the LDAP configuration must be adapted:

mv $install/goobi/Goobi/install/samba/smb.conf /etc/samba/smb.conf
vim /etc/samba/smb.conf

Samba needs the password for the LDAP Admin for this:

smbpasswd -w PW_LDAP_GOOBI

Attention Samba does not distinguish between upper and lower case for user names!‌

If the symbolic links created by Goobi workflow cannot be seen with Samba, the entry guest ok = yes must be adjusted in the [homes] section. Please make sure that Samba is only activated for an internal network..

systemctl restart smbd

Samba: Free memory display

The upload of the images usually takes place within the directory path /opt/digiverso. Therefore Samba should also display the free memory from there.:

mv $install/goobi/Goobi/install/samba/samba-dfree /usr/local/bin/samba-dfree
chmod 755 /usr/local/bin/samba-dfree

Setting up the database MySQL / MariaDB

‌Goobi workflow requires a database and its own user. The following command also imports the database schema and creates an initial structure:

mysql -e "CREATE DATABASE goobi;
USE goobi;
SOURCE $install/goobi/Goobi/install/db/goobi_blank.sql;
CREATE USER 'goobi'@'localhost' IDENTIFIED BY '$PW_SQL_GOOBI';
GRANT ALL PRIVILEGES ON goobi.* TO 'goobi'@'localhost' WITH GRANT OPTION;
FLUSH PRIVILEGES;"

Setting up the Tomcat server

In the file /etc/default/tomcat8 the memory under -Xmx should be adapted to the available machine memory. The garbage collector options to be used are also selected and urandom configured for a faster Tomcat start:

patch /etc/default/tomcat8 << "EOF"
--- /etc/default/tomcat8 2018-03-01 19:11:46.947240791 +0000
+++ tomcat8 2018-03-01 19:14:01.920680439 +0000
@@ -18,7 +18,13 @@
# response time). If you use that option and you run Tomcat on a machine with
# exactly one CPU chip that contains one or two cores, you should also add
# the "-XX:+CMSIncrementalMode" option.
-JAVA_OPTS="-Djava.awt.headless=true -Xmx128m -XX:+UseConcMarkSweepGC"
+JAVA_OPTS="-Djava.awt.headless=true -Xmx4g -Xms2g"
+JAVA_OPTS="${JAVA_OPTS} -XX:+UseG1GC"
+JAVA_OPTS="${JAVA_OPTS} -XX:+ParallelRefProcEnabled"
+JAVA_OPTS="${JAVA_OPTS} -XX:+DisableExplicitGC"
+JAVA_OPTS="${JAVA_OPTS} -XX:+CMSClassUnloadingEnabled"
+JAVA_OPTS="${JAVA_OPTS} -Djava.security.egd=file:/dev/./urandom"
+JAVA_OPTS="${JAVA_OPTS} -Dfile.encoding='utf-8'"
# To enable remote debugging uncomment the following line.
# You will then be able to use a java debugger on port 8000.
@@ -32,9 +39,9 @@
#TOMCAT8_SECURITY=no
# Number of days to keep logfiles in /var/log/tomcat8. Default is 14 days.
-#LOGFILE_DAYS=14
+LOGFILE_DAYS=14
# Whether to compress logfiles older than today's
-#LOGFILE_COMPRESS=1
+LOGFILE_COMPRESS=1
# Location of the JVM temporary directory
# WARNING: This directory will be destroyed and recreated at every startup !
EOF

‌In the file /etc/tomcat8/server.xml the parameter appContextProtection of the JreMemoryLeakPreventionListener is switched off, the Tomcat is configured only for localhost and appropriate connectors are set up for the proxy:

patch /etc/tomcat8/server.xml << "EOF"
--- /etc/tomcat8/server.xml 2017-09-28 14:56:31.000000000 +0100
+++ server.xml 2018-03-01 19:18:50.143658964 +0000
@@ -29,7 +29,7 @@
<Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
-->
<!-- Prevent memory leaks due to use of particular java/javax APIs-->
- <Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />
+ <Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" appContextProtection="false" />
<Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
<Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" />
@@ -68,33 +68,19 @@
APR (HTTP/AJP) Connector: /docs/apr.html
Define a non-SSL/TLS HTTP/1.1 Connector on port 8080
-->
- <Connector port="8080" protocol="HTTP/1.1"
- connectionTimeout="20000"
- URIEncoding="UTF-8"
- redirectPort="8443" />
- <!-- A "Connector" using the shared thread pool-->
- <!--
- <Connector executor="tomcatThreadPool"
- port="8080" protocol="HTTP/1.1"
- connectionTimeout="20000"
- redirectPort="8443" />
- -->
- <!-- Define a SSL/TLS HTTP/1.1 Connector on port 8443
- This connector uses the NIO implementation that requires the JSSE
- style configuration. When using the APR/native implementation, the
- OpenSSL style configuration is required as described in the APR/native
- documentation -->
- <!--
- <Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
- maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
- clientAuth="false" sslProtocol="TLS" />
- -->
-
- <!-- Define an AJP 1.3 Connector on port 8009 -->
- <!--
- <Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />
- -->
-
+<Connector address="127.0.0.1" port="8080" protocol="HTTP/1.1"
+ connectionTimeout="20000"
+ maxThreads="400"
+ URIEncoding="UTF-8"
+ enableLookups="false"
+ disableUploadTimeout="true"
+ proxyName="GOOBI.EXAMPLE.ORG"
+ proxyPort="80" />
+
+<Connector address="127.0.0.1" port="8009" protocol="AJP/1.3"
+ connectionTimeout="20000"
+ maxThreads="400"
+ URIEncoding="UTF-8" />
<!-- An Engine represents the entry point (within Catalina) that processes
every request. The Engine implementation for Tomcat stand alone
EOF

‌Then the session persistence within the file /etc/tomcat8/context.xml is deactivated by commenting the following line:

patch /etc/tomcat8/context.xml << "EOF"
--- /etc/tomcat8/context.xml 2014-01-24 17:17:30.000000000 +0000
+++ context.xml 2018-03-01 19:23:05.166223891 +0000
@@ -24,9 +24,7 @@
<WatchedResource>${catalina.base}/conf/web.xml</WatchedResource>
<!-- Uncomment this to disable session persistence across Tomcat restarts -->
- <!--
<Manager pathname="" />
- -->
<!-- Uncomment this to enable Comet connection tacking (provides events
on session expiration as well as webapp lifecycle) -->
EOF

Configuration of Apache

The Apache web server must be set up to make Goobi workflow available externally. The following modules are activated for this purpose:

a2enmod proxy_ajp
a2enmod rewrite
a2enmod headers

‌The following file must be saved to the following path /etc/apache2/sites-available/GOOBI.EXAMPLE.ORG.conf:

cat << "EOF" >/etc/apache2/sites-available/GOOBI.EXAMPLE.ORG.conf
<VirtualHost *:80>
ServerAdmin support@intranda.com
ServerName GOOBI.EXAMPLE.ORG
DocumentRoot /var/www
RequestHeader unset Expect early
## compress output
<IfModule mod_deflate.c>
AddOutputFilterByType DEFLATE text/plain text/html text/xml
AddOutputFilterByType DEFLATE text/css text/javascript
AddOutputFilterByType DEFLATE application/xml application/xhtml+xml
AddOutputFilterByType DEFLATE application/rss+xml
AddOutputFilterByType DEFLATE application/javascript application/x-javascript
</IfModule>
## general proxy settings
ProxyPreserveHost On
ProxyVia On
SetEnv force-proxy-request-1.0 1
SetEnv proxy-nokeepalive 1
<Proxy *>
Require local
</Proxy>
## goobi
redirect /index.html http://GOOBI.EXAMPLE.ORG/goobi/
redirectmatch /goobi$ http://GOOBI.EXAMPLE.ORG/goobi/
<Location /goobi/>
Require all granted
ProxyPass ajp://localhost:8009/goobi/ retry=0
ProxyPassReverse ajp://localhost:8009/goobi/
</Location>
## disable external connection to Goobi WebAPI globally
# ProxyPass /goobi/wi !
## only allow access to Goobi WebAPI for certain hosts
<Location /goobi/wi>
# Require ip 1.2.3.4
Require local
</Location>
## logging
CustomLog /var/log/apache2/GOOBI.EXAMPLE.ORG_access.log combined
ErrorLog /var/log/apache2/GOOBI.EXAMPLE.ORG_error.log
# Possible values include: debug, info, notice, warn, error, crit, alert, emerg.
LogLevel warn
</VirtualHost>
EOF

‌The Goobi workflow vhost is now activated, the default vhost is deactivated and the Apache web server is restarted:

a2dissite 000-default.conf
a2ensite GOOBI.EXAMPLE.ORG.conf
systemctl restart apache2

Setting up sudo

Goobi workflow requires different rights to execute scripts. The following file for the sudo rights must be stored for this:

cat << "EOF" | EDITOR='tee' visudo -f /etc/sudoers.d/70_goobi
##
# Goobi sudoers file
##
# Berechtigungen fuer Tomcat Server
User_Alias HTTPD=tomcat8
# In den Shellscripten definierte Kommandos:
# script_chownTomcat.sh, script_chownUser.sh, script_createDirUserHome.sh,
# script_createSymLink.sh
Cmnd_Alias CHOWN_DATEN=/bin/chown * /opt/digiverso/goobi/metadata/*
# script_createDirUserHome.sh
Cmnd_Alias CHGRP_USERS=/bin/chgrp tomcat8 /home/*
Cmnd_Alias CHMOD_USERS=/bin/chmod g+w /home/*
Cmnd_Alias CHMOD_WRITE=/bin/chmod * /opt/digiverso/goobi/metadata/*
Cmnd_Alias CHOWN_USERS=/bin/chown * /home/*
Cmnd_Alias MKDIR_USERS=/bin/mkdir /home/*
# Der Tomcat Server darf die in den Shellscripten definierten Kommandos ohne
# Passwortabfrage mit root Berechtigung ausfuehren
HTTPD ALL=NOPASSWD: CHOWN_DATEN, CHGRP_USERS, CHMOD_USERS, CHOWN_USERS, MKDIR_USERS, CHMOD_WRITE
HTTPD ALL=NOPASSWD: /bin/mount --bind /opt/digiverso/goobi/metadata/* /home/*
HTTPD ALL=NOPASSWD: /bin/umount -l /home/*
HTTPD ALL=NOPASSWD: /bin/rmdir /home/*
HTTPD ALL=NOPASSWD: /bin/chmod * /home/*
EOF

Einrichtung von NFS

Setting up NFS is only relevant if the Goobi viewer is also installed or is to be installed, and this installation is not performed on the same machine.

In this case, the /opt/digiverso/viewer folder must be exported from the Goobi viewer server and mounted in the Goobi workflow server. The adjustments for this are as follows:

export IP_VIEWER=1.2.3.4 # IP-Adresse des Goobi viewer Servers
apt install -y nfs-common
mkdir /opt/digiverso/viewer/hotfolder -p
chown root:root /opt/digiverso/viewer/hotfolder
echo "${IP_VIEWER}:/opt/digiverso/viewer/hotfolder /opt/digiverso/viewer/hotfolder nfs rsize=8192,wsize=8192,soft,intr,rw,nolock,auto 0 0" >> /etc/fstab

Creation of the directory structure

‌The following commands create the necessary folder structure and move the files from the repository to the expected location:

mkdir -p /opt/digiverso/{logs,tomcat-lib,goobi/{activemq,config,lib,metadata,rulesets,scripts,static_assets,tmp,xslt,plugins/{administration,command,dashboard,export,GUI,import,opac,statistics,step,validation,workflow}}}
mv $install/goobi/Goobi/install/config/* /opt/digiverso/goobi/config/
mv $install/goobi/Goobi/install/scripts/* /opt/digiverso/goobi/scripts/
mv $install/goobi/Goobi/install/rulesets/* /opt/digiverso/goobi/rulesets/
mv $install/goobi/Goobi/install/xslt/* /opt/digiverso/goobi/xslt/
chown -R tomcat8: /opt/digiverso/

‌Java Advanced Imaging (JAI) is also installed for the image display:

cd $install
wget http://www.java2s.com/Code/JarDownload/jai/jai_codec-1.1.2_01.jar.zip
wget http://www.java2s.com/Code/JarDownload/jai/jai_core-1.1.2_01.jar.zip
wget http://www.java2s.com/Code/JarDownload/jai/jai_imageio-1.1.jar.zip
apt install unzip
for i in *.zip; do unzip $i; done
mv $install/jai_*.jar /opt/digiverso/tomcat-lib/

‌Deployment of Goobi workflow

‌For the deployment of Goobi workflow, the Tomcat service is stopped as follows:

systemctl stop tomcat8

‌Then the following file has to be stored under the path /etc/tomcat8/Catalina/localhost/goobi.xml:

sed -e "s/PW_SQL_GOOBI/$PW_SQL_GOOBI/" << "EOF" >/etc/tomcat8/Catalina/localhost/goobi.xml
<?xml version='1.0' encoding='utf-8'?>
<Context>
<Manager className="org.apache.catalina.session.PersistentManager" distributable="false" saveOnRestart="false">
<Store className="org.apache.catalina.session.FileStore"/>
</Manager>
<Resources>
<PreResources
className="org.apache.catalina.webresources.DirResourceSet"
base="/opt/digiverso/tomcat-lib/"
webAppMount="/WEB-INF/lib" />
<PreResources
className="org.apache.catalina.webresources.DirResourceSet"
base="/opt/digiverso/goobi/plugins/GUI/"
webAppMount="/WEB-INF/lib" />
<PostResources
className="org.apache.catalina.webresources.DirResourceSet"
base="/opt/digiverso/goobi/lib/"
webAppMount="/WEB-INF/lib" />
</Resources>
<Resource name="goobi"
auth="Container"
factory="org.apache.tomcat.jdbc.pool.DataSourceFactory"
type="javax.sql.DataSource"
driverClassName="com.mysql.jdbc.Driver"
username="goobi"
password="PW_SQL_GOOBI"
maxActive="100"
maxIdle="30"
minIdle="4"
maxWait="10000"
testOnBorrow="true"
testWhileIdle="true"
validationQuery="SELECT SQL_NO_CACHE 1"
removeAbandoned="true"
removeAbandonedTimeout="600"
url="jdbc:mysql://localhost/goobi?characterEncoding=UTF-8&amp;autoReconnect=true&amp;autoReconnectForPools=true" />
</Context>
EOF

Now the file permissions are adjusted so that the file is not deleted during an update:

chown -R root.tomcat8 /etc/tomcat8/Catalina
chmod -R g-w /etc/tomcat8/Catalina

In the following, Goobi workflow is now compiled and moved to the expected location in the file system:

cd $install/goobi/Goobi/
mvn package
mv $install/goobi/Goobi/module-war/target/goobi.war /var/lib/tomcat8/webapps/

Deployment of Plugins

‌Some plugins must also be compiled and moved to the expected location in the file system for commissioning:

# OPAC: PICA
cd $install
git clone https://github.com/intranda/goobi-plugin-opac-pica.git
cd $install/goobi-plugin-opac-pica/PicaOpacPlugin
mvn package
mv $install/goobi-plugin-opac-pica/PicaOpacPlugin/target/plugin_intranda_opac_pica.jar /opt/digiverso/goobi/plugins/opac/
# OPAC: MARC
cd $install
git clone https://github.com/intranda/goobi-plugin-opac-marc.git
cd $install/goobi-plugin-opac-marc/goobi-plugin-opac-marc
mvn package
mv $install/goobi-plugin-opac-marc/goobi-plugin-opac-marc/module-main/target/plugin_intranda_opac_marc.jar /opt/digiverso/goobi/plugins/opac/
# Step: Fileupload
cd $install
git clone https://github.com/intranda/goobi-plugin-step-fileupload.git
cd $install/goobi-plugin-step-fileupload/goobi-plugin-step-fileupload
mvn package
mv $install/goobi-plugin-step-fileupload/goobi-plugin-step-fileupload/module-main/target/plugin_intranda_step_fileUpload.jar /opt/digiverso/goobi/plugins/step/
mv $install/goobi-plugin-step-fileupload/goobi-plugin-step-fileupload/plugin_intranda_step_fileUpload.xml /opt/digiverso/goobi/config
mv $install/goobi-plugin-step-fileupload/goobi-plugin-step-fileupload/module-gui/target/plugin_intranda_step_fileUpload-GUI.jar /opt/digiverso/goobi/plugins/GUI/
# Step: ImageQA
cd $install
git clone https://github.com/intranda/goobi-plugin-step-imageqa.git
cd $install/goobi-plugin-step-imageqa/ImageQAPlugin/
mvn package
mv $install/goobi-plugin-step-imageqa/ImageQAPlugin/plugin_intranda_step_imageQA.xml /opt/digiverso/goobi/config
mv $install/goobi-plugin-step-imageqa/ImageQAPlugin/module-gui/target/plugin_intranda_step_imageQA-GUI.jar /opt/digiverso/goobi/plugins/GUI/
mv $install/goobi-plugin-step-imageqa/ImageQAPlugin//module-main/target/plugin_intranda_step_imageQA.jar /opt/digiverso/goobi/plugins/step/
# Command: intranda WebAPI
cd $install
git clone https://github.com/intranda/goobi-plugin-command-intranda.git
cd $install/goobi-plugin-command-intranda/goobi-plugin-command-intranda
mvn package
mv $install/goobi-plugin-command-intranda/goobi-plugin-command-intranda/target/plugin_intranda_command_default.jar /opt/digiverso/goobi/plugins/command/
# Dashboard: Example
cd $install
git clone https://github.com/intranda/goobi-plugin-dashboard-example.git
cd $install/goobi-plugin-dashboard-example/DashboardPlugins
mvn package
mv $install/goobi-plugin-dashboard-example/DashboardPlugins/module-gui/target/plugin_intranda_dashboard_example-GUI.jar /opt/digiverso/goobi/plugins/GUI/
mv $install/goobi-plugin-dashboard-example/DashboardPlugins/module-main/target/plugin_intranda_dashboard_example.jar /opt/digiverso/goobi/plugins/dashboard/
mv $install/goobi-plugin-dashboard-example/DashboardPlugins/plugin_intranda_dashboard_extended.xml /opt/digiverso/goobi/config/
mv $install/goobi-plugin-dashboard-example/DashboardPlugins/plugin_intranda_dashboard_simple.xml /opt/digiverso/goobi/config/
# REST: intranda REST
cd $install
git clone https://github.com/intranda/goobi-plugin-rest-intranda.git
cd $install/goobi-plugin-rest-intranda/goobi-plugin-rest-intranda
mvn package
mv $install/goobi-plugin-rest-intranda/goobi-plugin-rest-intranda/target/plugin_intranda_rest_default.jar /opt/digiverso/goobi/lib/
# Controlling: intranda default statistics
cd $install
git clone https://github.com/intranda/goobi-plugin-controlling-intranda.git
cd $install/goobi-plugin-controlling-intranda/intrandaStatisticPlugins/
mvn package
mv $install/goobi-plugin-controlling-intranda/intrandaStatisticPlugins/statistics_template.pdf /opt/digiverso/goobi/plugins/statistics/
mv $install/goobi-plugin-controlling-intranda/intrandaStatisticPlugins/statistics_template.xls /opt/digiverso/goobi/plugins/statistics/
mv $install/goobi-plugin-controlling-intranda/intrandaStatisticPlugins/module-gui/target/plugin_intranda_statistics-GUI.jar /opt/digiverso/goobi/plugins/GUI/
mv $install/goobi-plugin-controlling-intranda/intrandaStatisticPlugins/module-main/target/plugin_intranda_statistics.jar /opt/digiverso/goobi/plugins/statistics/

‌The Tomcat service can then be restarted:

systemctl start tomcat8

Configuration and Settings

Please note that commas in the configuration files must be escaped with a backslash:

# Wrong:
ldap_adminLogin=cn=admin,dc=GOOBI,dc=EXAMPLE,dc=ORG
<institution>Name, Place</institution>
# Correct:
ldap_adminLogin=cn=admin\,dc=GOOBI\,dc=EXAMPLE\,dc=ORG
<institution>Name\, Place</institution>

Configuration file: goobi_config.properties

‌In the local Goobi workflow configuration file, the LDAP connection is configured as follows:

/opt/digiverso/goobi/config/goobi_config.properties
# LDAP
ldap_use=true
ldap_nextFreeUnixId=cn=NextFreeUnixId\,dc=GOOBI\,dc=EXAMPLE\,dc=ORG
ldap_adminLogin=cn=admin\,dc=GOOBI\,dc=EXAMPLE\,dc=ORG
ldap_adminPassword=PW_LDAP_GOOBI
ldap_readonly=false

Creating Users in LDAP

The test accounts must be written to the LDAP. Please note that dn, sambaPrimaryGroupSID and sambaSID are adapted in the file testuser.ldif.:

SID=$(sudo net getlocalsid | awk '{print $NF}'); echo $SID #SID herausfinden
vim $install/goobi/Goobi/install/ldap/testuser.ldif
ldapadd -x -D cn=admin,dc=GOOBI,dc=EXAMPLE,dc=ORG -w PW_LDAP_GOOBI -f $install/goobi/Goobi/install/ldap/testuser.ldif

The home directories for the users are created as follows:

cd /home && for i in testadmin testscanning testmetadata testimaging testqc testprojectmanagement ; do mkdir $i; chown $i:tomcat8 $i; chmod 775 $i; done

In addition, the SID for Goobi workflow is changed and the value for userDN is adjusted:

mysql goobi -e "update ldapgruppen set sambaSID='$SID-{uidnumber*2+1000}', sambaPrimaryGroupSID='$SID-100' where ldapgruppenid=2;"
mysql goobi -e 'update ldapgruppen set userDN="cn={login},ou=users,ou=goobi,dc=GOOBI,dc=EXAMPLE,dc=ORG" where ldapgruppenID=2;'

With the account testadmin it is now possible to log in. Within the menu item Administration -> Users you can now create additional accounts. These must then be assigned to the respective user groups and projects.

A test of the SMB access can be performed as follows:

smbclient -U testadmin%test //localhost/testadmin

Attention: Please note that you must securely document the important passwords and access information at a suitable location.

Configuration file: goobi_opac.xml

‌In the file goobi_opac.xml the used catalog can be entered or adapted.:

/opt/digiverso/goobi/config/goobi_opac.xml
<?xml version="1.0" encoding="UTF-8"?>
<opacCatalogues>
[...]
<catalogue title="K10Plus">
<config address="kxp.k10plus.de" database="2.1" description="K10plus" iktlist="IKTLIST-GBV.xml" port="80" ucnf="UCNF=NFC&amp;XPNOFF=1" />
</catalogue>
</opacCatalogues>

Configuration file: goobi_projects.xml

‌In the configuration file goobi_projects.xml several important parameters for the creation of processes are defined. Among other things, this concerns the institution name, the current year or also the catalog used by default:

/opt/digiverso/goobi/config/goobi_projects.xml
<?xml version="1.0" encoding="UTF-8"?>
<goobiProjects>
<project name="default">
<createNewProcess>
<itemlist>
<item from="werk" multiselect="true">
Creator of digital edition
<select label="Library of Congress (LoC)">Library of Congress</select>
</item>
[...]
<item docstruct="topstruct" isnotdoctype="periodical|multivolume" metadata="_dateDigitization" multiselect="true" required="true" ughbinding="true">
Digitisation date
<select label="2029">2019</select>
</item>
[...]
</itemlist>
<opac use="true">
<catalogue>Library of Congress</catalogue>
</opac>
</createNewProcess>
</project>
</goobiProjects>

Configuration file: goobi_digitalCollections.xml

‌In the configuration file goobi_digitalCollections.xml different collections can be adapted for the created example project. As an example this could look like this:

/opt/digiverso/goobi/config/goobi_digitalCollections.xml
<?xml version="1.0" encoding="UTF-8"?>
<DigitalCollections>
<default>
<DigitalCollection>DefaultCollection</DigitalCollection>
</default>
<project>
<name>sample_project</name>
<DigitalCollection>Monograph</DigitalCollection>
<DigitalCollection>Varia</DigitalCollection>
</project>
</DigitalCollections>