This deployment is intended for production use. If you want to just test VODAN in a Box locally, visit :ref:`local-deployment`.
- Docker Engine version 19.03 (or higher)
- Docker Compose version 1.25 (or higher)
- Domain and DNS records set for providing VODAN in a Box:
dsw.your-domain.tld- for CRF Wizard (DSW)
api.dsw.your-domain.tld- for CRF Wizard API (DSW API)
fdp.your-domain.tld- for FAIR Data Point
sparql.your-domain.tld- for Triple Store (CRF data)
Get VODAN in a Box
git clone repository https://github.com/VODAN-Tech/vodan-deployment-production locally.
vodan-deployment-production we call VODAN in a Box root directory. It consists all necessary configuration files and
Configure domains and secrets
There are several things that you need to configure before running VODAN in a Box for production deployment. In files, look for comments marked with
proxy/nginx/fdp.confwith your domain names. Those need to have valid DNS records pointing to that server.
dsw_clientservice) to your value for
clientUrlto your value for
clientUrlto your value for
fdp.your-domain.tldand then ,
allegrograph/agraph.cfg- set strong password and optionally change username using
SuperUserdirective, the same credentials must be configured in
Obtain SSL certificates
Before providing VODAN in a Box you need also to get SSL certificates to be able to use HTTPS. We recommend using Let's Encrypt but you can use any other way and change Nginx proxy configuration accordingly.
- Comment out
includelines at the end of
- Start the proxy service
docker-compose up -d proxy
- Get certificates for your domains:
sudo certbot certonly --webroot -w ./proxy/letsencrypt -d dsw.your-domain.tld
sudo certbot certonly --webroot -w ./proxy/letsencrypt -d api.dsw.your-domain.tld
sudo certbot certonly --webroot -w ./proxy/letsencrypt -d fdp.your-domain.tld
sudo certbot certonly --webroot -w ./proxy/letsencrypt -d sparql.your-domain.tld
- Create certificate file for AllegroGraph (it needs to merge
privkey.pemobtained by Let's Encrypt into a single file):
sudo cat /etc/letsencrypt/live/sparql.your-domain.tld/cert.pem /etc/letsencrypt/live/sparql.your-domain.tld/privkey.pem > ./allegrograph/cert.pem
- Stop the proxy service
- Uncomment lines at the end of
- Set up automatic certificate renewal using cronjob:
0 4 * * * root perl -e 'sleep int(rand(43200))' && certbot -q renew && docker restart vodan-deployment-production_proxy_1
If getting certificates fail, it can be caused by incorrectly set DNS records. Optionally, verify if Nginx container is running and view its logs. You can use other options to setup certificates renewal according to Certbot documentation. The example above tries to renew certificates every day at 4 AM and then restarts the proxy container. The name of docker container may differ if you do not use the same folder name as we do in this guide.
- Start VODAN in a Box (and wait a bit until all services start).
docker-compose up -d
- Navigate to
dsw.your-domain.tld, login using
passwordand change default user accounts with strong passwords.
sparql.your-domain.tld, create a repository
/and create other users with permissions according to your needs (see AllegroGraph documentation for details). For example, create an anonymous user with only read permissions to catalog / and repository crf.
- Navigate to
fdp.your-domain.tldand login again as
firstname.lastname@example.org change default user accounts with strong passwords.
fdp.your-domain.tld, create and publish catalog, dataset, and distribution representing CRF data based on your use case.
submission-service/config.ymlwith :abbr:`UUID (Universally Unique Identifier)` of your distribution URL from FDP, e.g. from
https://fdp.vodan.fairdatapoint.org/distribution/3335345b-ee66-4678-ab73-74a4b6ea1beeit would be
3335345b-ee66-4678-ab73-74a4b6ea1bee. (If you used different than
crfrepository name in triple store, change
- Restart VODAN in a Box and wait a bit until all services start up (depending on your hardware, less than a minute).
docker-compose down docker-compose up -d
- Verify setup by creating CRF, saving it, creating a report, and submitting a report.
To check if everything is working, you can use
docker-compose logs and
docker-compose ps commands.
- Stop VODAN in a Box
- Overwrite configurations and
- Check if there are new configuration values to be changed according to your setup (marked with
- Start VODAN in a Box again
From root directory of
docker-compose down git pull docker-compose up -d
This may need you to
git stash your changes and then
git stash pop them (and eventually solve git conflicts).
For more information about docker-compose and its options, visit Docker documentation.
Various advanced deployment options of FAIR Data Point are well-described in FAIR Data Point Reference Implementation Documentation. Similarly, for more details about DSW which used as CRF Wizard, see Data Stewardship Wizard documentation.
The main difference with respect to the :ref:`local-deployment` is the adding Nginx proxy, certificates, and other additional security.