Galaxy: Difference between revisions
Jpr@uab.edu (talk | contribs) (→Developers: Add note about SELinux interference on redhat platforms) |
mNo edit summary |
||
| Line 42: | Line 42: | ||
== Apache and Postgres Setup == | == Apache and Postgres Setup == | ||
In production mode it is | In production mode it is recommended that something other than SQLlite and the python web server be used, preferably postgres and apache. When setting up apache to proxy requests to the python web server on CentOS it is critical that the default CentOS security policy be overridden to allow proxying as shown below. | ||
<pre> | <pre> | ||
setsebool -P httpd_can_network_relay=1 | setsebool -P httpd_can_network_relay=1 | ||
</pre> | </pre> | ||
Additionally, redirects to the file system are blocked by selinux security policy. The current workaround for that is to running: | |||
<pre> | |||
setenforce 0 | |||
</pre> | |||
A better solution will be to allow access to the required directories using chcon (not done yet) | |||
Additionally, postgres ident privileges should be changed. One workaround is to set postgres to trust all local users as shown below in /var/lib/pgsql/data/pg_hba.conf | Additionally, postgres ident privileges should be changed. One workaround is to set postgres to trust all local users as shown below in /var/lib/pgsql/data/pg_hba.conf | ||
Revision as of 20:50, 13 January 2011
Overview
Galaxy is an easy-to-use, open-source, scalable framework for tool and data integration. Galaxy provides access to tools (mainly comparative genomics) through an interface (e.g., a web-based interface). The Galaxy framework is implemented in the Python programming language.
End Users
A public instance of Galaxy maintained by Penn State University is at http://usegalaxy.org/
Developers
To get started with installing your own Galaxy instance, the only required component is Python (2.4,2.5, and 2.6). Four simple steps will get you started with your own Galaxy instance
- clone the mercurial galaxy distribution
hg clone http://www.bx.psu.edu/hg/galaxy galaxy_dist
or get a source tarball - execute setup.sh
- execute run.sh
- go to http://localhost:8080
- Galaxy runs on a local webserver, PasteScript written in Python. PasteScript is based on Python's library module simplehttpserverand implemented with the help of python package, WSGIUtils
- For deployment to production environments, Galaxy documentation suggests using a proxy server like Apache/Nginx to serve up static content and for handling authnz. As mentioned in Galaxy's ApacheProxy documentation, here's how to edit Apache's httpd.conf to proxy Galaxy on port 80
<Proxy http://localhost:8080>
Order deny,allow
Allow from all
</Proxy>
RewriteEngine on
RewriteRule ^/galaxy$ /galaxy/ [R]
RewriteRule ^/galaxy/static/style/(.*) /Users/pnm/project/galaxy_dist/static/june_2007_style/blue/$1 [L]
RewriteRule ^/galaxy/static/scripts/(.*) /Users/pnm/project/galaxy_dist/static/scripts/packed/$1 [L]
RewriteRule ^/galaxy/static/(.*) /Users/pnm/project/galaxy_dist/static/$1 [L]
RewriteRule ^/galaxy/favicon.ico /Users/pnm/project/galaxy_dist/static/favicon.ico [L]
RewriteRule ^/galaxy/robots.txt /Users/pnm/project/galaxy_dist/static/robots.txt [L]
RewriteRule ^/galaxy(.*) http://localhost:8080$1 [P]
- Change the path to where you have cloned/installed Galaxy
- http://localhost/galaxy should bring up Galaxy on port 80 now
Note: if you are using CentOS/RedHat as your platform, you may need to adjust or disable SELinux in order to allow Apache to access parts of the file system that are not part of the shipped default Directory directives of the Apache config. You will see unexplained "permission denied" errors in the errors.log if you are bitten by this.
Apache and Postgres Setup
In production mode it is recommended that something other than SQLlite and the python web server be used, preferably postgres and apache. When setting up apache to proxy requests to the python web server on CentOS it is critical that the default CentOS security policy be overridden to allow proxying as shown below.
setsebool -P httpd_can_network_relay=1
Additionally, redirects to the file system are blocked by selinux security policy. The current workaround for that is to running:
setenforce 0
A better solution will be to allow access to the required directories using chcon (not done yet)
Additionally, postgres ident privileges should be changed. One workaround is to set postgres to trust all local users as shown below in /var/lib/pgsql/data/pg_hba.conf
local all all trust