6.6. Administrator manual for NextGIS GeoServices

6.6.1. Introduction

This manual describes the process of deploying NextGIS GeoServices sowftware on-premise. Mainly it uses Docker platform and docker-compose tool. All steps are performed on Linux-based OS.

6.6.2. Select endpoints

NextGIS GeoServices uses one HTTP (or HTTPS) endpoint. Users interact with the software via Web interface and API. The default value is http://server.example.com:8088 where server.example.com is the DNS name of the server where the software is deployed. If strictly necessary, the server IP address can be used instead of server.example.com.

If your IT infrastructure allows for it, it is recommended to set up a reverse proxy for TLS encryption and using HTTPS. It is especially important if the software is to be accessed not just from the local network, but also from the Internet. In that case the endpoints depend on the settings of the reverse proxy.

Contact your IT department to choose endpoints you wish to use and note them down, you’ll need them later. The reverse proxy is set up by the client’s IT department, it is not a responsibility of NextGIS company. The required parameters are cited below using Nginx as example.

6.6.3. Install and configure Docker

If the server does not yet have Docker Engine and Docker Compose installed, first you need to install them or update them to the latest versions:

To get the images log in to NextGIS Container Registry with the username (example) and password (sesame) provided by NextGIS:

$ docker login cr.nextgis.com -u example -p sesame
Login Succeeded

If the software is deployed to a server without Internet access, contact support for a single-file image archive instead. You’ll need to transfer it to the server and load the images using ‘docker load’ command.

6.6.4. Install NextGIS GeoServices

On the server where you plan to deploy GeoServices, create the /srv/geoservices directory, then go to it, download the configuration template (docker-compose-2.16.1.tar.bz2, where 2.16.1 is the current version) and unpack it. If the server does not have Internet access, download the file on another PC and transfer it to the server.

$ mkdir /srv/geoservices
$ cd /srv/geoservices
$ wget https://nextgis.com/onpremise/geoservices/docker-compose-2.16.1.tar.bz2
$ tar jxf docker-compose-2.16.1.tar.bz2
Edit the .env file in a text editor and enter the values for: POSTGRES_PASSWORD, DB_PASSWORD, BM_DB_PASSWORD (must have the same values), ADMIN_PASSWORD and SESSION_KEY. In the end you should get something like this:
IMAGE_VERSION=2.16.1
IMAGE_BASE=cr.nextgis.com/geoservices
COMPOSE_BIND=0.0.0.0

DEBUG=false
S3_SSL=false
EXT_SOURCES_SUPPORT=false
POSTGRES_USER=geoservices
SESSION_KEY=secret1
POSTGRES_PASSWORD=secret2
DB_PASSWORD=secret2
BM_DB_PASSWORD=secret2
ADMIN_PASSWORD=secret3

After that you can launch the Docker Compose stack. We recommend launching postgres service first, then after about 30 seconds launch the rest:

$ docker compose up -d postgres && sleep 30
[+] Running 3/3
 ✔ Network geoservices_default       Created         0.0s
 ✔ Volume "geoservices_postgres"     Created         0.1s
 ✔ Container geoservices-postgres-1  Started         4.2s

$ docker compose up -d
[+] Running 8/8
 ✔ Volume "geoservices_s3"           Created         0.0s
 ✔ Volume "geoservices_secret"       Created         0.1s
 ✔ Volume "geoservices_data"         Created         0.0s
 ✔ Volume "geoservices_redis"        Created         0.1s
 ✔ Container geoservices-postgres-1  Running         0.0s
 ✔ Container geoservices-redis-1     Started         7.3s
 ✔ Container geoservices-s3-1        Started         7.5s
 ✔ Container geoservices-app-1       Started         5.9s

This completes the installation. If you use HTTPS, next configure the reverse proxy server. Otherwise proceed to operability check.

6.6.5. Recommendations for reverse proxy setup

To use HTTPS encryption we recommend setting up a reverse proxy server based on Nginx. For reference here’s a fragment of the configuration file for geoservices.example.com:

server {
    server_name geoservices.example.com;
    # Server directives: listen, ssl_* etc

    location / {
        client_max_body_size 2G;

        proxy_http_version 1.1;
        proxy_pass http://127.0.0.1:8088;
        proxy_set_header Host $http_host;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection $proxy_connection;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Forwarded-For $remote_addr;
    }
}

The client_max_body_size directive defines the max size of the upload file (2 GiB in our example).

6.6.6. Operability check

In a Web browser open the Web interface of NextGIS GeoServices using the URL you’ve chosen.

A sign-in form should appear. Enter the username ‘admin’ and the password that you set in the ADMIN_PASSWORD variable.

Go to the About page, it must look like this:

../../_images/geosop_set_about_en.png

Pic. 6.29. About page