Galaxy: Difference between revisions

From Cheaha
Jump to navigation Jump to search
(→‎Developers: Add note about SELinux interference on redhat platforms)
mNo edit summary
Line 42: Line 42:
== Apache and Postgres Setup ==
== Apache and Postgres Setup ==


In production mode it is reccomended that something other than SQLlite and the python web server be used, preferably postgres and apache. When setting up apache to proxy requests to the python web server on CentOS it is critical that the default CentOS security policy be overridden to allow proxying as shown below.
In production mode it is recommended that something other than SQLlite and the python web server be used, preferably postgres and apache. When setting up apache to proxy requests to the python web server on CentOS it is critical that the default CentOS security policy be overridden to allow proxying as shown below.
<pre>
<pre>
setsebool -P httpd_can_network_relay=1
setsebool -P httpd_can_network_relay=1
</pre>
</pre>
Additionally, redirects to the file system are blocked by selinux security policy. The current workaround for that is to running:
<pre>
setenforce 0
</pre>
A better solution will be to allow access to the required directories using chcon (not done yet)


Additionally, postgres ident privileges should be changed. One workaround is to set postgres to trust all local users as shown below in /var/lib/pgsql/data/pg_hba.conf
Additionally, postgres ident privileges should be changed. One workaround is to set postgres to trust all local users as shown below in /var/lib/pgsql/data/pg_hba.conf

Revision as of 20:50, 13 January 2011

Overview

Galaxy is an easy-to-use, open-source, scalable framework for tool and data integration. Galaxy provides access to tools (mainly comparative genomics) through an interface (e.g., a web-based interface). The Galaxy framework is implemented in the Python programming language.

End Users

A public instance of Galaxy maintained by Penn State University is at http://usegalaxy.org/

Developers

To get started with installing your own Galaxy instance, the only required component is Python (2.4,2.5, and 2.6). Four simple steps will get you started with your own Galaxy instance

  1. clone the mercurial galaxy distribution
    hg clone http://www.bx.psu.edu/hg/galaxy galaxy_dist
    or get a source tarball
  2. execute setup.sh
  3. execute run.sh
  4. go to http://localhost:8080
  • Galaxy runs on a local webserver, PasteScript written in Python. PasteScript is based on Python's library module simplehttpserverand implemented with the help of python package, WSGIUtils
<Proxy http://localhost:8080>
        Order deny,allow
        Allow from all
</Proxy>

RewriteEngine on
RewriteRule ^/galaxy$ /galaxy/ [R]
RewriteRule ^/galaxy/static/style/(.*) /Users/pnm/project/galaxy_dist/static/june_2007_style/blue/$1 [L]
RewriteRule ^/galaxy/static/scripts/(.*) /Users/pnm/project/galaxy_dist/static/scripts/packed/$1 [L]
RewriteRule ^/galaxy/static/(.*) /Users/pnm/project/galaxy_dist/static/$1 [L]
RewriteRule ^/galaxy/favicon.ico /Users/pnm/project/galaxy_dist/static/favicon.ico [L]
RewriteRule ^/galaxy/robots.txt /Users/pnm/project/galaxy_dist/static/robots.txt [L]
RewriteRule ^/galaxy(.*) http://localhost:8080$1 [P]

  • Change the path to where you have cloned/installed Galaxy
  • http://localhost/galaxy should bring up Galaxy on port 80 now

Note: if you are using CentOS/RedHat as your platform, you may need to adjust or disable SELinux in order to allow Apache to access parts of the file system that are not part of the shipped default Directory directives of the Apache config. You will see unexplained "permission denied" errors in the errors.log if you are bitten by this.

Apache and Postgres Setup

In production mode it is recommended that something other than SQLlite and the python web server be used, preferably postgres and apache. When setting up apache to proxy requests to the python web server on CentOS it is critical that the default CentOS security policy be overridden to allow proxying as shown below.

setsebool -P httpd_can_network_relay=1

Additionally, redirects to the file system are blocked by selinux security policy. The current workaround for that is to running:

setenforce 0

A better solution will be to allow access to the required directories using chcon (not done yet)

Additionally, postgres ident privileges should be changed. One workaround is to set postgres to trust all local users as shown below in /var/lib/pgsql/data/pg_hba.conf

local   all         all                               trust

References