Installing Archivematica on Rocky Linux 9¶
Archivematica versions 1.15.0 and higher support installation on Rocky Linux 9.
On this page
Installation instructions¶
Prerequisites
Update your system
sudo yum -y update
If your environment uses SELinux, at a minimum you will need to run the following commands. Additional configuration may be required for your local setup.
# Allow Nginx to use ports 81 and 8001 sudo semanage port -m -t http_port_t -p tcp 81 sudo semanage port -a -t http_port_t -p tcp 8001 # Allow Nginx to connect the MySQL server and Gunicorn backends sudo setsebool -P httpd_can_network_connect_db=1 sudo setsebool -P httpd_can_network_connect=1 # Allow Nginx to change system limits sudo setsebool -P httpd_setrlimit 1
Some extra repositories need to be installed in order to fulfill the installation procedure.
- Extra packages for enterprise Linux:
sudo -u root yum install -y epel-release yum-utils sudo -u root yum-config-manager --enable crb
- Elasticsearch (optional):
Note
Skip this step if you are planning to run Archivematica without Elasticsearch.
sudo -u root rpm --import https://artifacts.elastic.co/GPG-KEY-elasticsearch sudo -u root bash -c 'cat << EOF > /etc/yum.repos.d/elasticsearch.repo [elasticsearch-6.x] name=Elasticsearch repository for 6.x packages baseurl=https://artifacts.elastic.co/packages/6.x/yum gpgcheck=1 gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch enabled=1 autorefresh=1 type=rpm-md EOF'
- Archivematica - use these commands to install the repositories:
sudo -u root bash -c 'cat << EOF > /etc/yum.repos.d/archivematica.repo [archivematica] name=archivematica baseurl=https://packages.archivematica.org/1.17.x/rocky9/ gpgcheck=1 gpgkey=https://packages.archivematica.org/GPG-KEY-archivematica-sha512 enabled=1 EOF' sudo -u root bash -c 'cat << EOF > /etc/yum.repos.d/archivematica-extras.repo [archivematica-extras] name=archivematica-extras baseurl=https://packages.archivematica.org/1.17.x/rocky9-extras gpgcheck=1 gpgkey=https://packages.archivematica.org/GPG-KEY-archivematica-sha512 enabled=1 EOF'
Common services like Elasticsearch, MariaDB and Gearmand should be installed and enabled before the Archivematica install.
Note
Do not enable Elasticsearch if you are running Archivematica in indexless mode.
sudo -u root yum install -y java-1.8.0-openjdk-headless mariadb-server gearmand sudo -u root yum install -y elasticsearch sudo -u root systemctl enable elasticsearch sudo -u root systemctl start elasticsearch sudo -u root systemctl enable mariadb sudo -u root systemctl start mariadb sudo -u root systemctl enable gearmand sudo -u root systemctl start gearmand
Now that MariaDB is up and running, create the Archivematica and Storage Service databases and set up the expected credentials.
sudo -H -u root mysql -hlocalhost -uroot -e "DROP DATABASE IF EXISTS MCP; CREATE DATABASE MCP CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci;" sudo -H -u root mysql -hlocalhost -uroot -e "DROP DATABASE IF EXISTS SS; CREATE DATABASE SS CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci;" sudo -H -u root mysql -hlocalhost -uroot -e "CREATE USER 'archivematica'@'localhost' IDENTIFIED BY 'demo';" sudo -H -u root mysql -hlocalhost -uroot -e "GRANT ALL ON MCP.* TO 'archivematica'@'localhost';" sudo -H -u root mysql -hlocalhost -uroot -e "GRANT ALL ON SS.* TO 'archivematica'@'localhost';"
Install Archivematica Storage Service
First, install the packages:
sudo -u root yum install -y python-pip archivematica-storage-service
Apply the database migrations using the
archivematica
user:sudo -u archivematica bash -c " \ set -a -e -x source /etc/sysconfig/archivematica-storage-service cd /usr/lib/archivematica/storage-service /usr/share/archivematica/virtualenvs/archivematica-storage-service/bin/python manage.py migrate ";
Now enable and start the archivematica-storage-service, rngd (needed for encrypted spaces) and the Nginx frontend:
sudo -u root systemctl enable archivematica-storage-service sudo -u root systemctl start archivematica-storage-service sudo -u root systemctl enable nginx sudo -u root systemctl start nginx sudo -u root systemctl enable rngd sudo -u root systemctl start rngd
Note
The Storage Service will be available at
http://<ip>:8001
.
Installing Archivematica Dashboard and MCPServer
There are a number of environment variables that Archivematica recognizes which can be used to alter how it is configured. For the full list, see the Dashboard install README, the MCPClient install README, and the MCPServer install README.
First, install the packages:
sudo -u root yum install -y archivematica-common archivematica-mcp-server archivematica-dashboard
Apply the database migrations using the
archivematica
user:sudo -u archivematica bash -c " \ set -a -e -x source /etc/sysconfig/archivematica-dashboard cd /usr/share/archivematica/dashboard /usr/share/archivematica/virtualenvs/archivematica/bin/python manage.py migrate ";
Start and enable services:
sudo -u root systemctl enable archivematica-mcp-server sudo -u root systemctl start archivematica-mcp-server sudo -u root systemctl enable archivematica-dashboard sudo -u root systemctl start archivematica-dashboard
Restart Nginx in order to load the dashboard config file:
sudo -u root systemctl restart nginx
Note
The dashboard will be available at
http://<ip>:81
Installing Archivematica MCPClient
Install the package:
sudo -u root yum install -y archivematica-mcp-client
Tweak ClamAV configuration:
sudo -u root sed -i 's/^#TCPSocket/TCPSocket/g' /etc/clamd.d/scan.conf sudo -u root sed -i 's/^Example//g' /etc/clamd.d/scan.conf
Indexless mode:
If you are planning on running Archivematica in indexless mode (i.e., without Elasticsearch), then modify the relevant systemd EnvironmentFile files by adding lines that set the relevant environment variables to
false
:sudo sh -c 'echo "ARCHIVEMATICA_DASHBOARD_DASHBOARD_SEARCH_ENABLED=false" >> /etc/sysconfig/archivematica-dashboard' sudo sh -c 'echo "ARCHIVEMATICA_MCPSERVER_MCPSERVER_SEARCH_ENABLED=false" >> /etc/sysconfig/archivematica-mcp-server' sudo sh -c 'echo "ARCHIVEMATICA_MCPCLIENT_MCPCLIENT_SEARCH_ENABLED=false" >> /etc/sysconfig/archivematica-mcp-client'
After that, we can enable and start/restart services
sudo -u root systemctl enable archivematica-mcp-client sudo -u root systemctl start archivematica-mcp-client sudo -u root systemctl enable clamd@scan sudo -u root systemctl start clamd@scan sudo -u root systemctl restart archivematica-dashboard sudo -u root systemctl restart archivematica-mcp-server sudo -u root yum install -y firewalld
Finalizing installation
Configuration
Each service has a configuration file in /etc/sysconfig/archivematica-packagename
Troubleshooting
If IPv6 is disabled, Nginx may refuse to start. If that is the case make sure that the listen directives used under /etc/nginx are not using IPv6 addresses like [::]:80.
Rocky Linux will install firewalld which will be running default rules that will likely be blocking ports 81 and 8001. If you are not able to access the dashboard and Storage Service, then use the following command to check if firewalld is running:
sudo systemctl status firewalld
If firewalld is running, you will likely need to modify the firewall rules to allow access to ports 81 and 8001 from your location:
sudo firewall-cmd --add-port=8001/tcp --permanent sudo firewall-cmd --reload
Complete Post Install Configuration.
Post-install configuration¶
After successfully completing a new installation, follow these steps to complete the configuration of your new server.
The Storage Service runs as a separate web application from the Archivematica dashboard. The Storage Service is exposed on port 8001 by default when deploying using RPM packages. Use your web browser to navigate to the Storage Service at the IP address of the machine you have been installing on, e.g.,
http://<MY-IP-ADDR>:8001
(orhttp://localhost:8001
orhttp://127.0.0.1:8001
if this is a local development setup).If you are using an IP address or fully-qualified domain name instead of localhost, you will need to configure your firewall rules and allow access only to ports 81 and 8001 for Archivematica usage.
The Storage Service has its own set of users. Create a new user with full admin privileges:
sudo -u archivematica bash -c " \ set -a -e -x source /etc/default/archivematica-storage-service || \ source /etc/sysconfig/archivematica-storage-service \ || (echo 'Environment file not found'; exit 1) cd /usr/lib/archivematica/storage-service /usr/share/archivematica/virtualenvs/archivematica-storage-service/bin/python manage.py createsuperuser ";
After you have created this user, the API key will be generated automatically, and that key will connect the Archivematica pipeline to the Storage Service API. The API key can be found via the web interface (go to Administration > Users).
To finish the installation, use your web browser to navigate to the Archivematica dashboard using the IP address of the machine on which you have been installing, e.g.,
http://<MY-IP-ADDR>:81
(orhttp://localhost:81
orhttp://127.0.0.1:81
if this is a local development setup).At the Welcome page, create an administrative user for the Archivematica pipeline by entering the organization name, the organization identifier, username, email, and password.
On the next screen, connect your pipeline to the Storage Service by entering the Storage Service URL and username, and by pasting in the API key that you copied in Step (2).
- If the Storage Service and the Archivematica dashboard are installed on
the same machine, then you should supply
http://127.0.0.1:8001
as the Storage Service URL at this screen. - If the Storage Service and the Archivematica dashboard are installed on
different nodes (servers), then you should use the IP address or
fully-qualified domain name of your Storage Service instance,
e.g.,
http://<MY-IP-ADDR>:8001
and you must ensure that any firewall rules (i.e., iptables, ufw, AWS security groups, etc.) are configured to allow requests from your dashboard IP to your Storage Service IP on the appropriate port.
- If the Storage Service and the Archivematica dashboard are installed on
the same machine, then you should supply