OMERO.server installation on Ubuntu 18.04¶
This is an example walkthrough for installing OMERO on Ubuntu 18.04, using a dedicated system user, and should be read in conjunction with OMERO.web administration. You can use this as a guide for setting up your own test server. For production use you should also read the pages listed under Optimizing Server Configuration.
This guide describes how to install the recommended versions, not all the supported versions. This should be read in conjunction with Version requirements.
This guide does not describe how to install OMERO.web. To deploy OMERO.web separately from OMERO.server (recommended), please read OMERO.web installation separately from OMERO.server on Ubuntu 18.04 and IcePy 3.6 or to deploy with OMERO.server OMERO.web installation with OMERO.server on Ubuntu 18.04 and IcePy 3.6
These instructions assume your Linux distribution is configured with a UTF-8 locale (this is normally the default).
For convenience in this walkthrough the main OMERO configuration options have
been defined as environment variables. When following this walkthrough you can
either use your own values, or alternatively source settings.env
:
OMERO_DB_USER=db_user
OMERO_DB_PASS=db_password
OMERO_DB_NAME=omero_database
OMERO_ROOT_PASS=omero_root_password
OMERO_DATA_DIR=/OMERO
export OMERO_DB_USER OMERO_DB_PASS OMERO_DB_NAME OMERO_ROOT_PASS OMERO_DATA_DIR
export PGPASSWORD="$OMERO_DB_PASS"
Installing prerequisites¶
The following steps are run as root.
Install Java 1.8, Ice 3.6.4 and PostgreSQL 10:
To install Java 1.8 and other dependencies:
apt-get update
# installed for convenience
apt-get -y install unzip wget bc
# to be installed if recommended/suggested is false
apt-get -y install cron
# install Java
apt-get update -q
apt-get install -y openjdk-8-jre
# install dependencies
apt-get update
apt-get -y install \
unzip \
wget \
python-{pip,tables,virtualenv,yaml,jinja2}
# to be installed if recommended/suggested is false
apt-get -y install python-setuptools python-wheel virtualenv
To install dependencies required by OMERO core scripts:
apt-get -y install zlib1g-dev
apt-get -y install python-{pillow,numpy}
To install Ice 3.6.4:
apt-get update && \
apt-get install -y -q \
build-essential \
db5.3-util \
libbz2-dev \
libdb++-dev \
libdb-dev \
libexpat-dev \
libmcpp-dev \
libssl-dev \
mcpp \
zlib1g-dev
cd /tmp
wget -q https://github.com/ome/zeroc-ice-ubuntu1804/releases/download/0.1.0/Ice-3.6.4-ubuntu1804-amd64.tar.xz
tar xf Ice-3.6.4-ubuntu1804-amd64.tar.xz
mv opt/Ice-3.6.4 /opt
pip install https://github.com/ome/zeroc-ice-ubuntu1804/releases/download/0.1.0/zeroc_ice-3.6.4-cp27-cp27mu-linux_x86_64.whl
echo /opt/Ice-3.6.4/lib/x86_64-linux-gnu > /etc/ld.so.conf.d/ice-x86_64.conf
ldconfig
To make Ice available to all users, set the environment using omero-ice36.env
:
cat omero-ice36.env >> /etc/profile
To install PostgreSQL 10:
apt-get update
apt-get -y install postgresql
service postgresql start
Create an omero system user, and a directory for the OMERO repository:
useradd -m omero
# Give a password to the omero user
# e.g. passwd omero
chmod a+X ~omero
mkdir -p "$OMERO_DATA_DIR"
chown omero "$OMERO_DATA_DIR"
Create a database user and initialize a new database for OMERO:
echo "CREATE USER $OMERO_DB_USER PASSWORD '$OMERO_DB_PASS'" | su - postgres -c psql
su - postgres -c "createdb -E UTF8 -O '$OMERO_DB_USER' '$OMERO_DB_NAME'"
psql -P pager=off -h localhost -U "$OMERO_DB_USER" -l
Installing OMERO.server¶
The following steps are run as the omero system user.
Download, unzip and configure OMERO. The rest of this walkthrough assumes the OMERO.server is installed into the home directory of the omero system user.
Note that this script requires the same environment variables that were set earlier in settings.env, so you may need to copy and/or source this file as the omero user.
You will need to install the server corresponding to your Ice version.
Install server-ice36.zip
:
cd ~omero
SERVER=https://downloads.openmicroscopy.org/latest/omero5.5/server-ice36.zip
wget -q $SERVER -O OMERO.server-ice36.zip
unzip -q OMERO.server*
Configure:
ln -s OMERO.server-*/ OMERO.server
OMERO.server/bin/omero config set omero.data.dir "$OMERO_DATA_DIR"
OMERO.server/bin/omero config set omero.db.name "$OMERO_DB_NAME"
OMERO.server/bin/omero config set omero.db.user "$OMERO_DB_USER"
OMERO.server/bin/omero config set omero.db.pass "$OMERO_DB_PASS"
OMERO.server/bin/omero db script -f OMERO.server/db.sql --password "$OMERO_ROOT_PASS"
psql -h localhost -U "$OMERO_DB_USER" "$OMERO_DB_NAME" < OMERO.server/db.sql
Patching OMERO.server¶
Weaker ciphers like ADH are disabled by default in OpenSSL 1.1.0,
the version installed on Ubuntu 18.04.
This means that it is not possible to connect to an OMERO.server
using any OMERO clients e.g. the Java Desktop client,
the OMERO.web client or the CLI.
The parameter @SECLEVEL=0
, enabling the weaker ciphers, needs to be
added in two files in order to allow connection.
OMERO.server/bin/omero config set omero.glacier2.IceSSL.Ciphers HIGH:ADH:@SECLEVEL=0
Running OMERO.server¶
The following steps are run as the omero system user.
OMERO should now be set up. To start the server run:
OMERO.server/bin/omero admin start
In addition omero-init.d
is available should you wish to start OMERO automatically.
Securing OMERO¶
The following steps are run as root.
If multiple users have access to the machine running OMERO you should restrict access to OMERO.server’s configuration and runtime directories, and optionally the OMERO data directory:
chmod go-rwx OMERO.server/etc OMERO.server/var
# Optionally restrict access to the OMERO data directory
# chmod go-rwx "$OMERO_DATA_DIR"