Production Deployment
Instructions for deploying Study Tracker in a generic production environment
Overview
Once you are ready to deploy Study Tracker to a remote host, follow the steps below. These instructions assume that you have done a few things already:
Created a VM with the following things installed:
JDK 17+
Maven
Git
PostgreSQL Client
Created a PostgreSQL database that can be used by Study Tracker.
Have an SMTP server you can use for sending emails.
(optional) Create an OpenSearch 2+ host for enabling Study Tracker's power search functionality.
(optional ) Configure single-sign-on for Study Tracker.
Setting up the server
Install system packages
Install required system packages, if needed:
sudo apt-get update sudo apt-get install -y git openjdk-17-jdk maven postgresql-client
(Optional) If running on AWS, you should install the AWS CLI as well:
sudo apt-get install -y unzip curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip" unzip awscliv2.zip sudo ./aws/install
Create a new database and user
If you have not already done so externally, create a new database schema and user for Study Tracker on your PostgreSQL host using the installed
psql
client:export PGPASSWORD=rootpassword psql -h my-host -p 5432 -d postgres -U postgres -c "create database \"study-tracker\"" psql -h my-host -p 5432 -d postgres -U postgres -c "create user st_user with encrypted password 'userpassword'" psql -h my-host -p 5432 -d postgres -U postgres -c "grant all privileges on database \"study-tracker\" to st_user"
(Optional) If you are planning on re-using and overwriting an existing Study Tracker database, it is recommended you refresh it using Flyway. First, in the
web
directory of the Study Tracker source code, a create a new file namedflyway.conf
and provide the following parameters:flyway.user=my-username flyway.password=my-password flyway.url=jdbc:postgresql://my-host:5432/study-tracker
Run Flyway to clean and populate the database with initial state:
mvn -Dflyway.configFiles=flyway.conf -Dflyway.cleanDisabled=false flyway:clean flyway:migrate
Building Study Tracker
Clone the Study Tracker source code repository and checkout the latest stable build:
git clone https://github.com/Study-Tracker/Study-Tracker.git cd Study-Tracker git checkout tags/v1.0.0
Compile the application source code:
mvn clean package -DskipTests
Run directory & configuration files
Create separate a directory to run the application from (eg.
/opt/study-tracker
):mkdir /opt/study-tracker chown ubuntu:ubuntu /opt/study-tracker cp web/target/study-tracker-1.0.0.war /opt/study-tracker/study-tracker.war
Create default file storage locations for file uploads and study data:
mkdir /opt/study-tracker/uploads mkdir /opt/study-tracker/data
(Optional) Create a JKS keystore for SAML (Single Sign-On w/ Okta) authentication in the run directory
/opt/study-tracker
keytool -genkeypair -alias stsaml -keypass mypassword -keystore saml-keystore.jks
Create a
application.properties
file in the run directory/opt/study-tracker
. You can use theapplication.properties.example
file in the top-level of the Study Tracker source code repository as a template. The required fields are below:### General properties ### # Required # Host name of your application (should not include protocol or port). This is used for generating # links to your application in emails and other notifications. # Eg. localhost or mywebsite.com application.host-name= # Required # Character sequence used for seeding encryption keys. This should ideally be a long, random string # of characters between 16 and 512 characters. It is important that you do not change this value # after setting it. application.secret= ### Admin User ### # Required # The first time Study Tracker starts, an admin user will be created. You must specify an email and # default password for the admin account. The password can be changed after initial startup. If no # password is provided, a random one will be generated and printed to the console at startup. admin.email= admin.password= ### Data Source ### # Required # Provide the connection information for the primary Study Tracker database. The user and schema # need to be configured ahead of time. db.username= db.password= db.host= db.port= db.name= ### Email ### # Required # Provide SMTP connection details for outgoing emails. email.host= email.port= email.username= email.password= email.smtp-auth=true email.smtp-start-tls=true email.outgoing-email-address= email.protocol=smtp ### File Storage ### # Determines where to create project folders and store study files uploaded by users. Can be either # a local file system (default), or a cloud storage service (eg. Egnyte). # Options: local, egnyte. Defaults to local storage.mode=local # If storage.use-existing is set to 'true', Study Tracker will use existing folders with the same # name when trying to create new ones. If set to 'false', Study Tracker throw an error when trying # to create a folder that already exists. Defaults to 'true'. storage.use-existing=true # Local file storage # Sets the directory used for uploading files. storage.temp-dir=/opt/study-tracker/uploads # Sets the folder in which the root program/study/assay storage folder hierarchy will be created. # Required if storage.mode is set to 'local'. storage.local-dir=/opt/study-tracker/data
Running Study Tracker
Once the above steps have been completed and the Study Tracker
.war
file has been added to your run directory, alongside theapplication.properties
file, you can run it with the following command:java -jar study-tracker.war
Optional Configurations
Running as a service
In the directory
/etc/systemd/system/
create a file namedstudy-tracker.service
and give it the following contents:[Unit] Description=Study Tracker [Service] WorkingDirectory=/opt/study-tracker ExecStart=/usr/bin/java -jar study-tracker.war Restart=always StandardOutput=syslog StandardError=syslog SyslogIdentifier=study-tracker [Install] WantedBy=multi-user.target
Start the service:
sudo systemctl start study-tracker
Enable auto-start of the application on server restart:
sudo systemctl enable study-tracker
Enabling SSL
Generate a PKCS12 keystore for handling encryption keys and save it to the application run directory (eg.
/opt/study-tracker
). For example, to generate a keystore and self-signed certificate:keytool -genkeypair -alias stsslstore -keyalg RSA -keysize 2048 -storetype PKCS12 -keystore stssl.p12 -validity 3650
Configure Study Tracker to use SSL and your created keystore by adding the following attributes to your
application.properties
file:server.port=8443 # use 443 for production server.ssl.enabled=true server.ssl.key-store-type=PKCS12 server.ssl.key-alias=stsslstore server.ssl.key-store=classpath:stssl.p12 server.ssl.key-store-password=xxxxx
Enabling SAML Single Sign-On
Create a JKS keystore for SAML (Single Sign-On w/ Okta) authentication in the application run directory (eg. /opt/study-tracker
):
keytool -genkeypair -alias stsaml -keypass mypassword -keystore saml-keystore.jks
Follow the steps in the Single Sign-On section to configure your provider of choice.
Updating Study Tracker
In most cases, it is possible to perform an in-place upgrade of Study Tracker by pulling the latest version of the source code repository and checking out the stable build you are interested in.
Upgrades always have the potential to go wrong, so be sure to back-up your instance and PostgreSQL database before proceeding. There is no need to backup the ElasticSearch database, as it rebuilds itself automatically on startup.
Stop the application server:
sudo systemctl stop study-tracker
Pull the latest commit:
git reset --hard HEAD git pull --force git checkout tags/vX.X.X
Build the application:
mvn clean package -DskipTests
Copy the artifacts to your run directory and restart the service:
cp web/target/study-tracker-X.X.X.war /opt/study-tracker/study-tracker.war sudo systemctl start study-tracker
Last updated