# Systemadministration ### Installieren und Konfigurieren von MongoDB #### Befehlszeile für Debian: apt update apt-get install curl gnupg2 wget -y curl -fsSL https://pgp.mongodb.com/server-7.0.asc | gpg -o /usr/share/keyrings/mongodb-server-7.0.gpg --dearmor echo "deb \[ signed-by=/usr/share/keyrings/mongodb-server-7.0.gpg \] http://repo.mongodb.org/apt/debian bullseye/mongodb-org/7.0 main" | tee /etc/apt/sources.list.d/mongodb-org-7.0.list apt update apt install mongodb-org -y mongod --version systemctl start mongod systemctl enable mongod \# create admin user mongosh use admin db.createUser( {user: "admin", pwd: "xxxxxxxx", roles: \[ { role: "userAdminAnyDatabase", db: "admin" } \] }); exit; \# switch on authentication vi /etc/mongod.conf security: authorization: enabled net: bindIp:192.168.xxx.xxx (or leave as 127.0.0.1 or hostname as required) systemctl restart mongod systemctl status mongod \# Optional: if Status is not running (error 14) it may be that you need to remove socket lock (permissions are now incorrect) cd /tmp rm -rf mongodb\*.sock \# log in and create database user mongosh "mongodb://admin:xxxxxxxx@192.168.xxx.xxx:27017/ddok" --authenticationDatabase admin db.createUser( {user: "ddok", pwd: "xxxxxxxx", roles: \[ { role: "readWrite", db: "ddok" } \] }) #### Unpack mongodb Dies ist erforderlich, wenn wir Ihnen einen MongoDB-Dump gesendet haben. mongorestore --host=192.168.xxx.xxx --port=27017 --username=ddok --password=xxxxxxxx --db=ddok --archive=mongodump ### node server config.js
module.exports = { ///////////////////////////////////// // Configuration for D-DOK server // All of these values may be overridden by setting environment variables ///////////////////////////////////// // NODE\_ENV: 'development' | 'production' (default) NODE\_ENV: 'production', // PORT: web server port (default 80) PORT: 3000, // PROXY: trust reverse proxy when setting secure cookies (via the "X-Forwarded-Proto" header) (default false) PROXY: false, ///////////////////////////////////// // Logging ///////////////////////////////////// // LOG\_ENABLED: true (default) | false LOG\_ENABLED: true, // LOG\_LEVEL: 'error' | 'warn' | 'info' (default) | 'verbose' | 'debug' | 'silly' LOG\_LEVEL: 'verbose', ///////////////////////////////////// // D-DOK Database ///////////////////////////////////// // DESS\_LINK\_ENABLED: flag if D-DOK uses D-ESS database. this should ALWAYS be set to true. false is not yet supported. DESS\_LINK\_ENABLED: true, // DATABASE\_TYPE: 'mysql' (required) DATABASE\_TYPE: 'mysql', // DATABASE\_USERNAME: (required) DATABASE\_USERNAME: 'xxxxx', // DATABASE\_PASSWORD: (required) DATABASE\_PASSWORD: 'xxxxx', // DATABASE\_HOST: hostname or IP address of the database server (required) DATABASE\_HOST: 'localhost', // DATABASE\_PORT: port to which the database server is bound (required) DATABASE\_PORT: 3306, // DATABASE\_NAME: name of the database (required) DATABASE\_NAME: 'xxxxx', ///////////////////////////////////// // Mongo Database ///////////////////////////////////// // MONGO\_DATABASE\_USERNAME: (required) MONGO\_DATABASE\_USERNAME: 'xxxxx', // MONGO\_DATABASE\_PASSWORD: (required) MONGO\_DATABASE\_PASSWORD: 'xxxxx', // MONGO\_DATABASE\_HOST hostname or IP address of the database server (required) MONGO\_DATABASE\_HOST: '127.0.0.1', // MONGO\_DATABASE\_PORT: port to which the database server is bound (required) MONGO\_DATABASE\_PORT: 27017, // MONGO\_DATABASE\_NAME: name of the database (required) MONGO\_DATABASE\_NAME: 'xxxxx', ///////////////////////////////////// // Active Directory (LDAP) Authentication ///////////////////////////////////// // AD\_ENABLED: Active Directory auth enabled AD\_ENABLED: false, // AD\_URL: URL of the ldap server (required) AD\_URL: 'ldaps://DC1.xxxxx.network', // AD\_BIND\_DN: username that will be used to do the searching and request (required) AD\_BIND\_DN: 'DC=xxxxx,DC=network', // AD\_BIND\_USER: username for LDAP bind (required) AD\_BIND\_USER: 'xxxxx@xxxxx.network', // AD\_BIND\_PASSWORD: password for LDAP bind (required) AD\_BIND\_PASSWORD: 'xxxxx', // AD\_USERNAME\_ATTRIBUTE: Username attribute AD\_USERNAME\_ATTRIBUTE: 'sAMAccountName', // AD\_SEARCH\_FILTER: search filter for user nodes. {{username}} is posted to LDAP (required) AD\_SEARCH\_FILTER: '(sAMAccountName={{username}})', // AD\_GROUP\_FILTER: search filter for group nodes. AD\_GROUP\_FILTER: 'OU=Guest,DC=xxxxx,DC=network', ///////////////////////////////////// // OpenID Connect (OIDC) Authentication ///////////////////////////////////// // OIDC\_ENABLED: OIDC auth enabled OIDC\_ENABLED: false, // OIDC\_BUTTON\_SHOW: Show button on login page OIDC\_BUTTON\_SHOW: false, // OIDC\_BUTTON\_TEXT: Text to show on login page button OIDC\_BUTTON\_TEXT: 'Mit Keycloak Anmelden', // OIDC\_CLIENT\_SECRET: secret application password in OIDC server OIDC\_CLIENT\_SECRET: 'xxxxx', // OIDC\_CLIENT\_ID: public client id in OIDC server OIDC\_CLIENT\_ID: 'xxxxx', // OIDC\_ISSUER: OIDC Issuer URL OIDC\_ISSUER: 'https://sso.xxxxx.at/realms/xxxxx', ///////////////////////////////////// // SMTP Email server (optional) ///////////////////////////////////// // EMAIL\_ENABLED: Email enabled EMAIL\_ENABLED: false, // true // EMAIL\_USERNAME: SMTP server username EMAIL\_USERNAME: 'xxxxx@xxxxx.network', // EMAIL\_PASSWORD: SMTP server password EMAIL\_PASSWORD: 'xxxxx', // EMAIL\_FROM: Email address EMAIL\_FROM: 'noreply@xxxxx.network', // EMAIL\_HOST: hostname or IP address of the SMTP server EMAIL\_HOST: 'mail.xxxxx.network', // EMAIL\_PORT: port to which the SMTP server is bound EMAIL\_PORT: 587, // EMAIL\_SECURE: if true the connection will use TLS when connecting to server. // If false (the default) then TLS is used if server supports the STARTTLS extension. // In most cases set this value to true if you are connecting to port 465. // For port 587 or 25 keep it false EMAIL\_SECURE: false, // TEXT and HTML templates for email notifications // {administrator} - substituted with name of user who has triggered the notification "Surname, Firstname" // {dateTime} - substituted with formatted datetime of the event "DD.MM.YYYY HH:mm:ss" // {projectName} - substituted with name of the project // {publicationName} - substituted with name of the publication // {fileNames} - substituted with comma separated list of added file names EMAIL\_ADD\_PUBLICATION\_NOTIFICATION\_SUBJECT: 'D-DOK Notifikation: Neue Publikation', EMAIL\_ADD\_PUBLICATION\_NOTIFICATION\_TEXT: 'Eine neue Publikation wurde von {administrator} am {dateTime} erstellt.', EMAIL\_ADD\_PUBLICATION\_NOTIFICATION\_HTML: '{projectName}<br>Eine neue Publikation wurde von <b>{administrator}</b> am <b>{dateTime}</b> erstellt.<br>{publicationName}', EMAIL\_ADD\_PUBLICATION\_PDF\_NOTIFICATION\_SUBJECT: 'D-DOK Notifikation: Neue Publikation PDF', EMAIL\_ADD\_PUBLICATION\_PDF\_NOTIFICATION\_TEXT: 'Eine neue Publikation PDF wurde von {administrator} am {dateTime} hochgeladen.', EMAIL\_ADD\_PUBLICATION\_PDF\_NOTIFICATION\_HTML: '{projectName}<br>Eine neue Publikation PDF wurde von <b>{administrator}</b> am <b>{dateTime}</b> hochgeladen.<br>{publicationName}', EMAIL\_USER\_ADD\_PROJECT\_ADMIN\_NOTIFICATION\_SUBJECT: 'D-DOK Notifikation: Ihnen wurde die Berechtigung eines Projektadministrators erteilt', EMAIL\_USER\_ADD\_PROJECT\_ADMIN\_NOTIFICATION\_TEXT: 'Sie wurden von {administrator} am {dateTime} zum Projektadministrator für das Projekt {projectName} ernannt.', EMAIL\_USER\_ADD\_PROJECT\_ADMIN\_NOTIFICATION\_HTML: '{projectName}<br>Sie wurden von <b>{administrator}</b> am <b>{dateTime}</b> zum Projektadministrator ernannt.', ///////////////////////////////////// // WEB Database (for Website database export) added in version 0.0.8 ///////////////////////////////////// // WEB\_DATABASE\_USERNAME: (required) WEB\_DATABASE\_USERNAME: 'xxxxx', // WEB\_DATABASE\_PASSWORD: (required) WEB\_DATABASE\_PASSWORD: 'xxxxx', // WEB\_DATABASE\_HOST: hostname or IP address of the database server (required) WEB\_DATABASE\_HOST: 'localhost', // WEB\_DATABASE\_PORT: port to which the database server is bound (required) WEB\_DATABASE\_PORT: 3306, // WEB\_DATABASE\_NAME: name of the database (required) WEB\_DATABASE\_NAME: 'xxxxx', // WEB\_MONGO\_DATABASE\_USERNAME: (required) WEB\_MONGO\_DATABASE\_USERNAME: 'xxxxx', // WEB\_MONGO\_DATABASE\_PASSWORD: (required) WEB\_MONGO\_DATABASE\_PASSWORD: 'xxxxx', // WEB\_MONGO\_DATABASE\_HOST hostname or IP address of the database server (required) WEB\_MONGO\_DATABASE\_HOST: '127.0.0.1', // WEB\_MONGO\_DATABASE\_PORT: port to which the database server is bound (required) WEB\_MONGO\_DATABASE\_PORT: 27017, // WEB\_MONGO\_DATABASE\_NAME: name of the database (required) WEB\_MONGO\_DATABASE\_NAME: 'xxxxx', ///////////////////////////////////// // System settings ///////////////////////////////////// // SYSTEM\_PUBLICATION\_TYPE\_SHOW\_AUTHOR\_POINTS: show author points on publication type page SYSTEM\_PUBLICATION\_TYPE\_SHOW\_AUTHOR\_POINTS : false, // SYSTEM\_WIJMO\_LICENSE\_KEY: wijmo license SYSTEM\_WIJMO\_LICENSE\_KEY: 'xxxxx' };