OMERO.server installation on Ubuntu 18.04

This is an example walkthrough for installing OMERO on Ubuntu 18.04, using a dedicated system user, and should be read in conjunction with OMERO.web administration. You can use this as a guide for setting up your own test server. For production use you should also read the pages listed under Optimizing Server Configuration.

This guide describes how to install the recommended versions, not all the supported versions. This should be read in conjunction with Version requirements.

This guide does not describe how to install OMERO.web. To deploy OMERO.web separately from OMERO.server (recommended), please read OMERO.web installation separately from OMERO.server on Ubuntu 18.04 and IcePy 3.6 or to deploy with OMERO.server OMERO.web installation with OMERO.server on Ubuntu 18.04 and IcePy 3.6

These instructions assume your Linux distribution is configured with a UTF-8 locale (this is normally the default).

For convenience in this walkthrough the main OMERO configuration options have been defined as environment variables. When following this walkthrough you can either use your own values, or alternatively source settings.env:




Installing prerequisites

The following steps are run as root.

Install Java 1.8, Ice 3.6.4 and PostgreSQL 10:

To install Java 1.8 and other dependencies:

apt-get update

# installed for convenience
apt-get -y install unzip wget bc

# to be installed if recommended/suggested is false
apt-get -y install cron

# install Java
apt-get update -q
apt-get install -y openjdk-8-jre

# install dependencies

apt-get update
apt-get -y install \
	unzip \
	wget \

# to be installed if recommended/suggested is false
apt-get -y install python-setuptools python-wheel virtualenv

To install dependencies required by OMERO core scripts:

apt-get -y install zlib1g-dev
apt-get -y install python-{pillow,numpy}

To install Ice 3.6.4:

apt-get update && \
apt-get install -y -q \
build-essential \
db5.3-util \
libbz2-dev \
libdb++-dev \
libdb-dev \
libexpat-dev \
libmcpp-dev \
libssl-dev \
mcpp \

cd /tmp
wget -q
tar xf Ice-3.6.4-ubuntu1804-amd64.tar.xz
mv opt/Ice-3.6.4 /opt
pip install
echo /opt/Ice-3.6.4/lib/x86_64-linux-gnu > /etc/

To make Ice available to all users, set the environment using omero-ice36.env:

cat omero-ice36.env >> /etc/profile

To install PostgreSQL 10:

apt-get update
apt-get -y install postgresql
service postgresql start

Create an omero system user, and a directory for the OMERO repository:

useradd -m omero
# Give a password to the omero user
# e.g. passwd omero
chmod a+X ~omero

mkdir -p "$OMERO_DATA_DIR"
chown omero "$OMERO_DATA_DIR"

Create a database user and initialize a new database for OMERO:

echo "CREATE USER $OMERO_DB_USER PASSWORD '$OMERO_DB_PASS'" | su - postgres -c psql
su - postgres -c "createdb -E UTF8 -O '$OMERO_DB_USER' '$OMERO_DB_NAME'"

psql -P pager=off -h localhost -U "$OMERO_DB_USER" -l

Installing OMERO.server

The following steps are run as the omero system user.

Download, unzip and configure OMERO. The rest of this walkthrough assumes the OMERO.server is installed into the home directory of the omero system user.

Note that this script requires the same environment variables that were set earlier in settings.env, so you may need to copy and/or source this file as the omero user.

You will need to install the server corresponding to your Ice version.


cd ~omero
wget -q $SERVER -O
unzip -q OMERO.server*


ln -s OMERO.server-*/ OMERO.server
OMERO.server/bin/omero config set "$OMERO_DATA_DIR"
OMERO.server/bin/omero config set "$OMERO_DB_NAME"
OMERO.server/bin/omero config set omero.db.user "$OMERO_DB_USER"
OMERO.server/bin/omero config set omero.db.pass "$OMERO_DB_PASS"
OMERO.server/bin/omero db script -f OMERO.server/db.sql --password "$OMERO_ROOT_PASS"
psql -h localhost -U "$OMERO_DB_USER" "$OMERO_DB_NAME" < OMERO.server/db.sql

Patching OMERO.server

Weaker ciphers like ADH are disabled by default in OpenSSL 1.1.0, the version installed on Ubuntu 18.04. This means that it is not possible to connect to an OMERO.server using any OMERO clients e.g. the Java Desktop client, the OMERO.web client or the CLI. The parameter @SECLEVEL=0, enabling the weaker ciphers, needs to be added in two files in order to allow connection.

OMERO.server/bin/omero config set omero.glacier2.IceSSL.Ciphers HIGH:ADH:@SECLEVEL=0

Running OMERO.server

The following steps are run as the omero system user.

OMERO should now be set up. To start the server run:

OMERO.server/bin/omero admin start

In addition omero-init.d is available should you wish to start OMERO automatically.

Securing OMERO

The following steps are run as root.

If multiple users have access to the machine running OMERO you should restrict access to OMERO.server’s configuration and runtime directories, and optionally the OMERO data directory:

chmod go-rwx OMERO.server/etc OMERO.server/var

# Optionally restrict access to the OMERO data directory
# chmod go-rwx "$OMERO_DATA_DIR"