Information on how to set up and maintain the Molify file manager on the Yerkes STARS server is on this page.
- Add display of file date/time to the file lists (also so files can be sorted by date/time)
- Apache
- PHP5
- MySQL
- mysql-client
- libapache2-mod-php5
- php-mysql
These above are all linux packages, should be available to install through any package manager.
Currently the program is installed on stars under /var/www/html/filemanager with custom programs under /var/www/html/filemanager/backend.
1) Download Mollify from http://www.mollify.org
2) Unarchive the tar.gz, and place the “mollify” folder in the web directory.
3) Navigate to http://127.0.0.1/mollify/backend/install
4) This is Mollify's web installer. Follow the prompts, until it asks you whether you plan to use a file, MySQL, or SQLite. I used MySQL.
5) Now, go to /var/www/mollify(or wherever it is)/backend/
6) Edit the “configuration.php” file to look like this. (password should probably be different)
<?php
$CONFIGURATION_TYPE = "mysql";
$DB_USER = "mollify";
$DB_PASSWORD = "mollifyuserpassword";
$DB_HOST = "localhost"; //optional
$DB_DATABASE = "mollify"; //optional
?>
7) As you can probably guess, we're going to create a MySQL database, user, and password for mollify. Name: mollify. Username: mollify. Password: Something complicated and long, but for the sake of this paper I'm going to use “mollifyuserpassword”.
8) Login to mysql as root. (in a terminal, $mysql -u root)
9) At the mysql> prompt, enter the following
- create database mollify;
- grant usage on *.* to mollify@localhost identified by 'mollifyuserpassword';
10) There is no item #10
11) Check the database/user creation by running this:
mysql -u mollify@localhost -p'mollifyuserpassword' mollify
12) Go ahead and restart the apache and MySQL daemons.
13) Now go back to the mollify web installer. If this all worked, you should be able to proceed past the database selection prompt.
14) It should bring you to the mollify web administration panel. Create an administration user. This user can create subusers, publish files/folders, hide files/folders, etc.
15) That's pretty much it. I think Marc will want an admin account (or the password to the first one), because we are going to have to create quite a few more users and groups.
- CSS, title, and logo:
- The CSS, page title, and logo on the Mollify system on STARS has been altered.
- The CSS at location "filemanager/client/themes/basic/style.css" was altered such that the top background is the same color as the navigation bar, as well as to accomodate the size of the new logo.
- The logo, designed by Marc and Alex, was renamed "mollify.png" and placed within the "filemanager/client/themes/basic/" directory in place of the original, in order to see the custom yerkes-themed logo across all mollify pages.
- The title tags, located within "filemanager/index.html", were changed from "Mollify" to "Yerkes File Manager".
- FITS Viewer (Hack by the Great and Mighty Alex) (WORKS!)
- How it works:
- Modified filemanager/backend/configuration.php to understand that .fits files, when clicked, should be treated the same as jpgs, pngs, or gifs (array with image types to preview was extended with .fits .fts .fit)
- This causes image viewer code to run when the .fits file is clicked on. See configuration file for more details.
- Modified filemanager/backend/plugin/FileViewerEditor/viewers/Image/Image.viewer.php
- Added code that checks if file selected is a .fits file:
- If it is, do a bunch of operations to get the local file path.
- To get private variables from $item do a print_r -> returns a string
- Get the local file path from the string (PITA)
- Run an external python script that converts the local (server-side) .fits file to a jpg image.
- Return (as the final displayed page) html with an img tag that points to the newly-created jpeg file.
- If it's not, display image as it normally would (i.e. without modification). - The only line what was in getHtml was the last return line.
- Added fitstojpeg.py, a python script that:
- When given a fits file as an input argument, converts it to a resized jpg image.
- Scales it to an arbitrary, nice-looking scaling. Also scale in size to 500px.
- Moves this image to the "filemanager/backend/plugin/FileViewerEditor/viewers/Image/tmp/" directory. Cleans out images older than one day.
We want this to be a place that will hold student/teacher/research files, as well as community documents that need to be accessed easily from different locations. It will also provide users access to a universal image directory, where we will store raw and processed versions of all images taken by Yerkes/StoneEdge telescopes.
Users that will be created:
- Admin
- Marc, Alex, Raki
- Individual accounts for teachers/administrative personnel, etc.
- We may/may not create individual student accounts. Most likely, we will just create one master student account that all students can use.
Groups: (mollify supports categorizing user permissions by group, which is convenient)
- Administrators group, for all admin users
- Teacher group, with read/write access to teacher-related material and read access to the universal image directory
- Student group, with access to student files, and the image directory (only write access to the student files section, read only to the images.
As of right now, most users will get their own directory where they can put their own files, and as such will have read/write access to those directories.
There will be one master image directory, with a raw folder and a processed folder inside.
- Through the mollify administration panel, the admin user can select which folders on the server to share, and which users to share them to. For example, the admin could give the student user access to the /userdata/studentdata (hypothetical) directory, and then give the student user access to the /images directory. The file structure. the user sees through the web portal is completely independent of the server's actual file structure. Therefore, if the admin shares both of those folders, the student user will only see those two folders, and everything in them. Nothing above them can be accessed.
- It's best not to put user-accessible files in the web server directory, for obvious reasons. For example, if you put student files in /var/www/mollify/studentonefiles, it can easily be accessed without a user/password by going to http://theserver.com/mollify/studentonefiles/.
- Then again, we can use a .htaccess file to protect those directories, so I'm not sure what the better option is.
- Also, for each of the published folders, they're permissions are going to have to be modified such that the web/apache user (www-user, apache, etc) can write to the directories. This may present some interesting security concerns, and we're may have to be careful about which folders have their permissions modified. Especially since whatever folders are created by Mollify also have their permissions set to be web user-accessible.
Questions that need to be answered
- Where should these files be placed on the server?
- A: The
public
folder is undner /data/public, the stars
folder under /data/filemanager
- What folders need to be shared?
- What is the most security-conscious way to go about doing this without opening up a massive vulnerability?
Evaluating file manager options
Original Goal:
"We plan to have a simple web and FTP/SCP based file sharing page on the server.
Setting it up
Requirements:
- Flat file database (to make the files accessible to other services on the server)
- Simple user interface
- File access using SFTP/SCP/SSH
- Ability for customize (i.e. search for files with particular FITS keyword)
- What information to share? Whaever is on fileswap and file like the ones under bussard.yerkes.uchicago.edu/OutreachData/.
- Encrypted login?
Test Server:
- Is running under 128.135.40.192/manager. Login and password are the same as always.
- Files are under /srv/http/test/"
Ideas: