M
M
MDID
Search…
Installation
These are the installation steps for MDID 3.6. Instructions for each release are included with each package in the docs/install folder.

Installation on Ubuntu Linux

The following instructions are for Ubuntu Linux 20.04 LTS, but should work with minor changes on other distributions as well.
Unless noted otherwise, all commands should be run as root.

Server Preparation

Packages

1
apt-get update
2
apt-get install -y python3 python3-pip libjpeg-dev libfreetype6-dev \
3
nginx mysql-server libmysqlclient-dev python3-dev \
4
libldap2-dev libsasl2-dev unixodbc-dev memcached \
5
rabbitmq-server supervisor ffmpeg openjdk-11-jre-headless \
6
python3-virtualenv libssl-dev poppler-utils
Copied!

Enable nginx

1
rm -f /etc/nginx/sites-enabled/default
2
update-rc.d nginx enable
3
service nginx start
Copied!

Create user account

1
adduser --disabled-password mdid
2
mkdir -p /opt/mdid
3
chown mdid:mdid /opt/mdid
Copied!

Create virtual environment

1
sudo -iu mdid # switch to mdid user
2
cd /opt/mdid # or another directory of your choice
3
python3 -m virtualenv -p python3 venv
4
source venv/bin/activate
5
pip install mdid
6
# or to install test version:
7
# pip install --index-url https://test.pypi.org/simple/ --extra-index-url https://pypi.org/simple mdid
8
mdid init
Copied!

Install Solr

MDID currently requires Solr 8; you may have to adjust the exact version as available when running the following commands. Please note that you want to use at least version 8.11.1 of Solr to avoid the Log4j vulnerability.
1
mkdir -p /opt/solr_install /opt/solr
2
cd /opt/solr_install
3
wget https://archive.apache.org/dist/lucene/solr/8.11.1/solr-8.11.1.tgz
4
tar xzf solr-8.11.1.tgz solr-8.11.1/bin/install_solr_service.sh --strip-components=2
5
./install_solr_service.sh solr-8.11.1.tgz -f -d /opt/solr -i /opt/solr_install -n
6
sed -i -E 's/#SOLR_HEAP="512m"/SOLR_HEAP="2048m"/' /etc/default/solr.in.sh
7
ln -s /opt/mdid/var/solr /opt/solr/data/mdid
8
chown -R solr:solr /opt/solr/data/mdid/
9
service solr start
Copied!

Configure MySQL

1
ln -s /opt/mdid/service-config/mysql /etc/mysql/mysql.conf.d/mdid.cnf
2
service mysql restart
Copied!

Create database

Create a new MySQL database or restore an existing database from a previous MDID3 installation. Adjust the database name, user name, and password as needed:
1
mysql -u root
2
create database mdid character set utf8;
3
create user [email protected] identified by 'rooibos';
4
grant all privileges on mdid.* to [email protected];
5
\q
Copied!

Configure MDID

Edit /opt/mdid/config/settings.py and change the database and other settings as needed.
Also, if possible, change the asterisk in ALLOWED_HOSTS to your server host name, if you know it, for example ['mdid.yourschool.edu'].
Run the following command to initialize static files and migrate the database to the latest version:
1
sudo -iu mdid # switch to mdid user
2
source /opt/mdid/venv/bin/activate
3
mdid collectstatic
4
mdid migrate
Copied!

Configure nginx

1
ln -s /opt/mdid/service-config/nginx /etc/nginx/sites-enabled/mdid
Copied!
Place your server SSL certificate files named server.key and server.crt in /opt/mdid/ssl, or generate some sample self-signed certificates for temporary use:
1
openssl genrsa -out /opt/mdid/ssl/server.key
2
openssl req -new -key /opt/mdid/ssl/server.key -out /opt/mdid/ssl/server.csr
3
openssl x509 -req -days 365 -in /opt/mdid/ssl/server.csr -signkey /opt/mdid/ssl/server.key -out /opt/mdid/ssl/server.crt
Copied!

Configure crontab

1
sudo -iu mdid # switch to mdid user
2
crontab /opt/mdid/service-config/crontab
Copied!

Configure supervisor

Create a new file /etc/supervisor/conf.d/mdid.conf with the following content:
1
ln -s /opt/mdid/service-config/supervisor /etc/supervisor/conf.d/mdid.conf
2
supervisorctl reload
Copied!

Shibboleth support

To use Shibboleth for user authentication, follow the steps below to modify your working MDID installation to connect to your IdP.

Install additional packages

1
apt-get install apache2 apache2-utils libapache2-mod-shib2 libshibsp-dev \
2
libshibsp-doc opensaml2-tools shibboleth-sp2-schemas
Copied!

Configure Shibboleth

Configure your Shibboleth SP in /etc/shibboleth/shibboleth2.xml, including setting the application ID to mdid.
Make sure to add a key or generate a new key using shib-keygen.
Uncomment the attributes you want to use in attribute-map.xml.

Configure apache

Modify /etc/apache2/ports.conf and change all instances of port 80 to port 8100.
Enable apache modules and configure site:
1
a2enmod rewrite
2
a2enmod proxy
3
a2enmod proxy_http
4
a2enmod headers
5
ln -s -f /etc/apache2/mods-available/shib2.load /etc/apache2/mods-enabled/shib2.load
6
ln -s /opt/mdid/service-config/apache /etc/apache2/sites-enabled/999-mdid.conf
7
apachectl restart
Copied!

Configure nginx

In your nginx site file /opt/mdid/service-config/nginx, change the port number in the proxy_pass statement from 8001 to 8100.

Configure MDID

Add the following settings to your MDID configuration file at /opt/mdid/config/settings.py, changing attribute names as required:
1
SHIB_ENABLED = True
2
SHIB_ATTRIBUTE_MAP = {
3
"HTTP_MAIL": (True, "mail"),
4
"HTTP_GIVENNAME": (False, "givenName"),
5
"HTTP_SN": (False, "sn"),
6
"HTTP_USERNAME": (True, "username"),
7
}
8
SHIB_USERNAME = "username"
9
SHIB_EMAIL = "mail"
10
SHIB_FIRST_NAME = "givenName"
11
SHIB_LAST_NAME = "sn"
Copied!
By default MDID will not show a logout link, but if your Shibboleth setup allows logouts, you can configure the logout URL with
1
SHIB_LOGOUT_URL = "http://link.to.your.shibboleth.logout"
Copied!

Restart all services

1
service shibd restart
2
apache2ctl graceful
3
nginx -s reload
4
supervisorctl restart mdid:*
Copied!