Mercurial > hg > digilib
view server-setup.html @ 1700:79c837179ffb
Creating site for 2.6-SNAPSHOT
| author | Robert Casties <casties@mpiwg-berlin.mpg.de> |
|---|---|
| date | Tue, 18 Dec 2018 10:45:17 +0000 |
| parents | 8a9c66abb57c |
| children | 9538e27b5c2f |
line wrap: on
line source
<!DOCTYPE html> <!-- | Generated by Apache Maven Doxia at 2018-12-18 | Rendered using Apache Maven Fluido Skin 1.3.0 --> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <meta charset="UTF-8" /> <meta name="viewport" content="width=device-width, initial-scale=1.0" /> <meta name="Date-Revision-yyyymmdd" content="20181218" /> <meta http-equiv="Content-Language" content="en" /> <title>digilib - The Digital Image Library – Server setup for digilib</title> <link rel="stylesheet" href="./css/apache-maven-fluido-1.3.0.min.css" /> <link rel="stylesheet" href="./css/site.css" /> <link rel="stylesheet" href="./css/print.css" media="print" /> <script type="text/javascript" src="./js/apache-maven-fluido-1.3.0.min.js"></script> </head> <body class="topBarDisabled"> <div class="container-fluid"> <div id="banner"> <div class="pull-left"> <a href="https://robcast.github.io/digilib/" id="bannerLeft"> <h2>digilib - a versatile image viewing environment for the internet</h2> </a> </div> <div class="pull-right"> <a href="https://robcast.github.io/digilib/" id="bannerRight"> <img src="images/digilib-logo-small.png" /> </a> </div> <div class="clear"><hr/></div> </div> <div id="breadcrumbs"> <ul class="breadcrumb"> <li id="publishDate">Last Published: 2018-12-18</li> <li class="divider">|</li> <li id="projectVersion">Version: 2.6-SNAPSHOT</li> </ul> </div> <div class="row-fluid"> <div id="leftColumn" class="span3"> <div class="well sidebar-nav"> <ul class="nav nav-list"> <li class="nav-header">Overview</li> <li> <a href="index.html" title="About digilib"> <i class="none"></i> About digilib</a> </li> <li> <a href="features.html" title="digilib features"> <i class="none"></i> digilib features</a> </li> <li> <a href="digilib-short.html" title="How digilib works"> <i class="none"></i> How digilib works</a> </li> <li> <a href="history.html" title="Ancient history"> <i class="none"></i> Ancient history</a> </li> <li class="nav-header">Installation</li> <li> <a href="build-maven.html" title="Building digilib"> <i class="none"></i> Building digilib</a> </li> <li> <a href="install-digilib.html" title="Installing digilib"> <i class="none"></i> Installing digilib</a> </li> <li class="active"> <a href="#"><i class="none"></i>Server setup</a> </li> <li class="nav-header">Configuration</li> <li> <a href="digilib-config.html" title="Configuring digilib"> <i class="none"></i> Configuring digilib</a> </li> <li> <a href="image-directories.html" title="Directory layout"> <i class="none"></i> Directory layout</a> </li> <li> <a href="java-settings.html" title="Java settings and tuning"> <i class="none"></i> Java settings and tuning</a> </li> <li> <a href="auth.html" title="Access control"> <i class="none"></i> Access control</a> </li> <li class="nav-header">Development</li> <li> <a href="scaler-api.html" title="The digilib Scaler API"> <i class="none"></i> The digilib Scaler API</a> </li> <li> <a href="iiif-api.html" title="The digilib IIIF API"> <i class="none"></i> The digilib IIIF API</a> </li> <li> <a href="client-integration.html" title="Integrating digilib into your page"> <i class="none"></i> Integrating digilib into your page</a> </li> <li> <a href="plugins.html" title="Digilib plugins"> <i class="none"></i> Digilib plugins</a> </li> <li class="nav-header">Project Documentation</li> <li> <a href="project-info.html" title="Project Information"> <i class="icon-chevron-right"></i> Project Information</a> </li> </ul> <hr class="divider" /> <div id="poweredBy"> <div class="clear"></div> <div class="clear"></div> <div class="clear"></div> <a href="http://maven.apache.org/" title="Built by Maven" class="builtBy"> <img class="builtBy" alt="Built by Maven" src="https://maven.apache.org/images/logos/maven-feather.png" /> </a> <a href="../../" title="Hosted by GitHub" class="builtBy"> <img class="builtBy" alt="Hosted by GitHub" src="https://assets-cdn.github.com/images/modules/logos_page/GitHub-Logo.png" width="200px" /> </a> <a href="http://www.sourceforge.net/" title="Hosted by SourceForge" class="builtBy"> <img class="builtBy" alt="Hosted by SourceForge" src="https://upload.wikimedia.org/wikipedia/commons/0/0b/Sourceforge_logo.png" /> </a> </div> </div> </div> <div id="bodyColumn" class="span9" > <h1>Server setup for digilib</h1> <p>There are a variety of ways to deploy digilib on different server configurations for production sites. </p> <p>Here are some examples and tips.</p> <div class="section"> <h2><a name="nginx_as_proxy"></a>nginx as proxy</h2> <p>This is an example configuration for <tt>nginx</tt> as a proxy for a single instance of digilib (listening on port <tt>8080</tt>) that handles transport encryption and restricts access to sensitive data to the gateway of a local network (<tt>1.2.3.4</tt>).</p> <div class="source"> <div class="source"> <pre>server { listen 443 ssl http2; listen [::]:443 ssl http2; server_name digilib.example.org; # this certificate chain shall *not* include the root certificate: ssl_certificate /etc/ssl/certs/digilib.example.org.pem; ssl_certificate_key /etc/ssl/private/digilib.example.org.key; include /etc/nginx/proxy_params; location ~* .*/(dlConfig|dlRequest).jsp$ { allow 1.2.3.4; deny all; proxy_pass http://localhost:8080; } location / { proxy_pass http://localhost:8080; } } </pre></div></div> <div class="section"> <h3><a name="Resources"></a>Resources</h3> <ul> <li>the <a href="nginx.org/en/docs/">nginx documentation</a></li> </ul></div></div> <div class="section"> <h2><a name="Apache_as_proxy_and_load-balancer"></a>Apache as proxy and load-balancer</h2> <p>This is an example configuration for <a class="externalLink" href="https://httpd.apache.org/">Apache</a> as a proxy and load balancer for two instances of digilib (one running on localhost, port 8080 and another on otherserver, port 8080), using SSL and http/2:</p> <div class="source"> <div class="source"> <pre><VirtualHost *:443> # HTTP/2 protocol (Apache 2.4.29 and later) Protocols h2 http/1.1 ServerName digilib.example.com SSLCertificateFile /etc/ssl/private/digilib-cert.pem SSLCertificateKeyFile /etc/ssl/private/digilib-key.pem SSLEngine on DocumentRoot /var/www <Directory /> Options FollowSymLinks AllowOverride None </Directory> <Directory /var/www/> Options Indexes FollowSymLinks MultiViews AllowOverride None Order allow,deny allow from all </Directory> ErrorLog ${APACHE_LOG_DIR}/digilib-ssl-error.log LogLevel warn CustomLog ${APACHE_LOG_DIR}/digilib-ssl-access.log combined # do not forward-proxy! ProxyRequests off # set proxy headers ProxyPreserveHost On RequestHeader set X-Forwarded-Proto "https" # digilib instances <Proxy balancer://digilibs> BalancerMember http://127.0.0.1:8080 BalancerMember http://otherserver.example.com:8080 </Proxy> # balance by busy-ness ProxyPass /digitallibrary balancer://digilibs/digitallibrary lbmethod=bybusyness ProxyPassReverse /digitallibrary balancer://digilibs/digitallibrary # balancer-manager frontend (be careful!) <Location /balancer-manager> SetHandler balancer-manager Require host localhost </Location> </VirtualHost> </pre></div></div></div> <div class="section"> <h2><a name="Jetty_behind_a_proxy"></a>Jetty behind a proxy</h2> <p>When you are using <a class="externalLink" href="https://www.eclipse.org/jetty/">Jetty</a> as servlet container behind an Apache or nginx proxy then you should make sure that Jetty processes the <tt>X-Forwarded-*</tt> headers from the proxy server to derive the correct request URL for the servlets.</p> <p>Please see <a class="externalLink" href="http://www.eclipse.org/jetty/documentation/9.4.x/configuring-connectors.html#_proxy_load_balancer_connection_configuration">this information for Jetty 9.4</a> or <a class="externalLink" href="https://wiki.eclipse.org/Jetty/Tutorial/Apache#Configuring_mod_proxy_http">this information for Jetty 8 and earlier versions</a>.</p></div> <div class="section"> <h2><a name="Tomcat_behind_a_proxy"></a>Tomcat behind a proxy</h2> <p>When you are using <a class="externalLink" href="https://tomcat.apache.org">Tomcat</a> as a servlet container behind an Apache or nginx proxy then you should make sure that Tomcat processes the <tt>X-Forwarded-*</tt> headers from the proxy server to derive the correct request URL for the servlets.</p> <p>Please see the Tomcat documentation about the <a class="externalLink" href="https://tomcat.apache.org/tomcat-9.0-doc/config/valve.html#Remote_IP_Valve">Remote IP Valve</a>. You basically need to add the following XML tag with your proxy’s IP numbers to the <tt>Host</tt> tag of your <tt>server.xml</tt> file: <tt> <Valve className="org.apache.catalina.valves.RemoteIpValve" internalProxies="127\.0\.0\.1|123\.45\.67\.89" remoteIpHeader="x-forwarded-for" proxiesHeader="x-forwarded-by" protocolHeader="x-forwarded-proto" /> </tt> and make sure <tt>ProxyPreserveHost</tt> is set to <tt>on</tt>.</p></div> </div> </div> </div> <hr/> <footer> <div class="container-fluid"> <div class="row span12">Copyright © 2001-2018 <a href="https://robcast.github.io/digilib/">digilib Community</a>. All Rights Reserved. </div> </div> </footer> </body> </html>