LDMX-Software · floridop · Jun 16, 2025 · Jun 16, 2025 · Jun 16, 2025 · Jun 16, 2025
diff --git a/maintenance/README.md b/maintenance/README.md
@@ -0,0 +1,14 @@
+#
+#  LDCS System maintenance files
+#
+
+The maintenance folder contains files that are used to 
+maintain the LDCS system. 
+
+  * `README.md` - this file
+  * `configFiles/` - configuration files for the various subsystems
+  * `docker/` - docker files to bring up the various systems
+  * `tools/` - scripts and tools for various purposes
+  * `docs/` - quick reference documentation
+
+
diff --git a/maintenance/configFiles/aCT/README.md b/maintenance/configFiles/aCT/README.md
@@ -0,0 +1,17 @@
+# Configuration files for aCT
+
+These files should be deployed inside a Python venv for aCT created
+following the instructions at <https://github.com/ARCControlTower/aCT/blob/a54fdb6cf66531260a15c79febf2c77e009e0dd5/README.md>
+in the respective folders inside the virtualenv base folder.
+
+$VIRTUAL_ENV
+└── etc 
+    ├── act 
+    │   ├── aCTConfigAPP.yaml # LDCS workflow own configuration
+    │   └── aCTConfigARC.yaml # aCT configuration for LDCS
+    └── rucio.cfg # rucio client configuration so that aCT can interact with it
+
+
+
+
+
diff --git a/maintenance/configFiles/aCT/actreport.crontab b/maintenance/configFiles/aCT/actreport.crontab
@@ -0,0 +1,3 @@
+# Scheduled generation of actreport for web publishing
+* * * * * source /home/almalinux/act/bin/activate; actreport --web /act_logs/www/html/aCTReport.html 2>&1
+
diff --git a/maintenance/configFiles/aCT/etc/act/aCTConfigAPP.yaml b/maintenance/configFiles/aCT/etc/act/aCTConfigAPP.yaml
@@ -0,0 +1,17 @@
+modules:
+    app:
+        - act.ldmx
+
+jobs:
+    bufferdir: /home/almalinux/act/bufferdir
+
+executable:
+    wrapper: /home/almalinux/LDCS/helperScripts/ldmxsim.sh
+    ruciohelper: /home/almalinux/LDCS/helperScripts/ldmx-simprod-rte-helper.py
+    simprodrte: LDMX-SIMPROD-3.0
+
+joblog:
+    urlprefix: http://act-ldmx2.cern-test.uiocloud.no/jobs
+    dir: /act_logs/www/html/jobs
+    keepsuccessful: 1
+
diff --git a/maintenance/configFiles/aCT/etc/act/aCTConfigARC.yaml b/maintenance/configFiles/aCT/etc/act/aCTConfigARC.yaml
@@ -0,0 +1,86 @@
+db:
+    host: 127.0.0.1
+    port: 3306
+    name: act
+    type: mysql
+    user: actuser
+    pass: ***CHANGETHIS***
+
+sites:
+    Lund:
+        rse: LUND
+        maxjobs: 29
+        status: online
+        endpoint: https://l-pilot2.lunarc.lu.se/lu48
+    Lund2:
+        rse: LUND2
+        maxjobs: 49
+        status: offline
+        endpoint: https://l-pilot2.lunarc.lu.se/hep
+    Caltech:
+        rse: CALTECH
+        maxjobs: 15
+        status: offline
+        endpoint: https://axion.hep.caltech.edu/SL7
+    UCSB:
+        rse: UCSB
+        maxjobs: 29
+        status: offline
+        endpoint: https://ldmx.cnsi.ucsb.edu/batch
+    SLAC:
+        rse: SLAC
+        maxjobs: 75
+        status: offline
+        endpoint: https://arcce1.slac.stanford.edu:9443/ldmx
+
+# Temporarily commented out until we understand how this is 
+# Supposed to work
+#monitor:
+#   prometheusport: 9101
+    # TODO: open this port on act-ruciodb2?
+    #    rucioprometheusport: 9102
+
+periodicrestart:
+    actsubmitter: 120
+    actstatus: 300
+    actfetcher: 300
+    actcleaner: 300
+
+tmp:
+    dir: /home/almalinux/act/tmp
+
+actlocation:
+    dir: /home/almalinux/act/lib/python3.9/site-packages
+    pidfile: /home/almalinux/act/act.pid
+
+logger:
+    level: debug
+    arclevel: debug
+    logdir: /home/almalinux/act/log
+    rotate: 5
+
+jobs:
+    queuefraction: 0.5
+    queueoffset: 200
+    checkinterval: 30
+    checkmintime: 20
+
+voms:
+    bindir: /usr/bin
+    proxylifetime: 354600
+    minlifetime: 259200
+    proxypath: /home/almalinux/act/ldmx.long.proxy
+    cacertdir: /etc/grid-security/certificates
+    proxystoredir: /home/almalinux/act/proxies
+
+errors:
+    toresubmit:
+        arcerrors:
+            - "hello i'm an error message that never occurs, keep me if you want to remove all others"
+            - "Job submission to LRMS failed"
+            - "LRMS error: (271) job killed: wall"
+            - "LRMS error: (271) Job was cancelled"
+            - "stage 2 execution failed"
+            - "LRMS error: (1*)"
+            - "LRMS error: (-1)"
+
diff --git a/maintenance/configFiles/aCT/etc/rucio.cfg b/maintenance/configFiles/aCT/etc/rucio.cfg
@@ -0,0 +1,32 @@
+[common]
+
+[client]
+rucio_host = https://act-ruciodb2.cern-test.uiocloud.no:443
+auth_host = https://act-ruciodb2.cern-test.uiocloud.no:443
+# virtualenv dir, needs testing
+#ca_cert = $VIRTUAL_ENV/lib/python3.6/site-packages/certifi/cacert.pem
+# standard cert dir
+ca_cert = /etc/grid-security/certificates/LDCS-CA.pem
+request_retries = 3
+auth_type = userpass
+
+#uncomment to run as root (not recommended, use ldmx-admin below instead) 
+#username = ddmlab
+#account = root
+#password = ***PASSHERE***
+
+# for normal operations: run as ldmx-admin
+username = ldmx-admin
+account = ldmx-admin
+password = ***PASSHERE***
+
+# legacy: ldmx-user, not sure whether this should be used.
+#username = ldmx-user
+#account = ldmx-user
+#password = ***PASSHERE***
+
+# by default list json metadata - not sure why this was commented out
+#metadata_default_plugin=JSON
+
+
+
diff --git a/maintenance/configFiles/rucio-server/README.md b/maintenance/configFiles/rucio-server/README.md
@@ -0,0 +1,5 @@
+Each configuration file in this folder should contain a comment stating where
+the file should be located in the target service.
+
+Note that default passwords are in cleartext. A production setup should at
+least create a new password.
diff --git a/maintenance/configFiles/rucio-server/alembic.ini b/maintenance/configFiles/rucio-server/alembic.ini
@@ -0,0 +1,70 @@
+# Copyright European Organization for Nuclear Research (CERN)
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# You may not use this file except in compliance with the License.
+# You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0
+#
+# Authors:
+# - Vincent Garonne <vincent.garonne@cern.ch>, 2014
+# - Mario Lassnig <mario.lassnig@cern.ch>, 2019
+
+# A generic, single database configuration.
+
+# LDCS: this file should be placed in
+# /opt/rucio/etc
+
+[alembic]
+# path to migration scripts
+#script_location = /usr/lib/python2.7/site-packages/rucio/db/sqla/migrate_repo/
+# Attempt to switch to newer version...
+script_location = /usr/local/lib/python3.6/site-packages/rucio/db/sqla/migrate_repo/
+
+# template used to generate migration files
+# file_template = %%(rev)s_%%(slug)s
+
+# max length of characters to apply to the
+# "slug" field
+#truncate_slug_length = 40
+
+# set to 'true' to run the environment during
+# the 'revision' command, regardless of autogenerate
+# revision_environment = false
+
+sqlalchemy.url = postgresql://rucio:secret@ruciodb/rucio
+version_table_schema = rucio
+
+# Logging configuration
+[loggers]
+keys = root,sqlalchemy,alembic
+
+[handlers]
+keys = console
+
+[formatters]
+keys = generic
+
+[logger_root]
+level = WARN
+handlers = console
+qualname =
+
+[logger_sqlalchemy]
+level = WARN
+handlers =
+qualname = sqlalchemy.engine
+
+[logger_alembic]
+level = INFO
+handlers =
+qualname = alembic
+
+[handler_console]
+class = StreamHandler
+args = (sys.stderr,)
+level = NOTSET
+formatter = generic
+
+[formatter_generic]
+format = %(levelname)-5.5s [%(name)s] %(message)s
+datefmt = %H:%M:%S
+
diff --git a/maintenance/configFiles/rucio-server/rucio.cfg b/maintenance/configFiles/rucio-server/rucio.cfg
@@ -0,0 +1,51 @@
+# Copyright European Organization for Nuclear Research (CERN)
+# Licensed under the Apache License, Version 2.0 (the "License");
+# You may not use this file except in compliance with the License.
+# You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0
+#
+# Authors:
+# - Vincent Garonne, <vincent.garonne@cern.ch>, 2013
+
+# LDCS: this file should be placed in
+# /opt/rucio/etc/
+
+[common]
+logdir = /var/log/rucio
+loglevel = DEBUG
+mailtemplatedir = /opt/rucio/etc/mail_templates
+[api]
+endpoints=accountlimits,accounts,auth,config,credentials,dids,export,heartbeats,identities,import,lifetime_exceptions,locks,meta,ping,redirect,replicas,requests,rses,rules,scopes,subscriptions
+[database]
+default = postgresql://rucio:secret@ruciodb/rucio
+pool_reset_on_return = rollback
+echo = 0
+pool_recycle = 600
+[bootstrap]
+userpass_identity = ddmlab
+userpass_pwd = secret
+userpass_email = rucio-dev@cern.ch
+[alembic]
+cfg = /opt/rucio/etc/alembic.ini
+[monitor]
+carbon_server = localhost
+carbon_port = 8125
+user_scope = default_docker
+[trace]
+tracedir = /var/log/rucio/trace
+brokers = localhost
+port = 61013
+topic = /topic/rucio.tracer
+[nongrid_trace]
+tracedir = /var/log/rucio/trace
+brokers = localhost
+port = 61013
+topic = /topic/rucio.tracer
+[policy]
+permission = generic
+schema = generic
+lfn2pfn_algorithm_default = hash
+support = https://github.com/rucio/rucio/issues/
+support_rucio = https://github.com/rucio/rucio/issues/
+[webui]
+usercert = /opt/rucio/etc/usercert_with_key.pem
+
diff --git a/maintenance/configFiles/rucio-server/rucio.logrotate b/maintenance/configFiles/rucio-server/rucio.logrotate
@@ -0,0 +1,19 @@
+# Copy this file in the system as /etc/logrotate.d/rucio
+# Default paths as in the provided rucio.cfg are used
+# If you change rucio.cfg you must also change this file
+/var/log/rucio/*.log
+/var/log/rucio/httpd/*_log {
+    weekly
+    missingok
+    notifempty
+    sharedscripts
+    rotate 5
+    compress
+    delaycompress
+    prerotate
+      docker compose -f /home/almalinux/LDCS-rucio/docker-compose-rucioserver-postgres-daemons.yml down
+    endscript
+    postrotate
+       docker compose -f /home/almalinux/LDCS-rucio/docker-compose-rucioserver-postgres-daemons.yml up -d
+    endscript
+}
diff --git a/maintenance/docker/LDCS-aCT/README.md b/maintenance/docker/LDCS-aCT/README.md
@@ -0,0 +1,38 @@
+# Docker compose file for aCT database
+
+1) Copy all these files in a folder such as
+
+```
+   cp -r ../LDCS_aCT ~
+   cd ~/LDCS_aCT
+```
+
+2) Add values to the variables in `env` and rename the file to .env
+
+```  
+   mv env .env
+```
+
+3) Switch to root if you're using docker as root
+
+```
+   sudo -s
+```
+
+4) Deploy and edit the relevant configuration files in ../configFiles. Create folders if needed.
+Make sure passwords and paths match between the configFiles and the docker-compose file
+
+5) Start all the services with docker-compose
+
+```
+docker compose -f docker-compose-actdb-apache2.yml up -d
+
+```
+6) To stop all the services:
+```
+docker compose -f docker-compose-actdb-apache2.yml down
+
+```
+
+Refer to docker compose documentation for further information on how to interact with each single service.
+
diff --git a/maintenance/docker/LDCS-aCT/docker-compose-actdb-apache2.yml b/maintenance/docker/LDCS-aCT/docker-compose-actdb-apache2.yml
@@ -0,0 +1,23 @@
+services:
+  actdb:
+    image: mariadb
+    environment:
+      MYSQL_ROOT_PASSWORD: $ACTDB_ROOT_PASSWORD
+      MYSQL_USER: $ACTDB_USER
+      MYSQL_PASSWORD: $ACTDB_PASSWORD
+      MYSQL_DATABASE: $ACTDB_DATABASE
+    ports:
+      - "3306:3306"
+    restart: always
+    volumes:
+      - vol-actdb-data:/var/lib/mysql:Z
+  apache2:
+    image: httpd:2.4
+    ports:
+      - 80:80
+    volumes:
+      - /act_logs/www/html/:/usr/local/apache2/htdocs/
+
+volumes:
+  vol-actdb-data:
+
diff --git a/maintenance/docker/LDCS-aCT/env b/maintenance/docker/LDCS-aCT/env
@@ -0,0 +1,6 @@
+# fill the blanks below and rename this file to .env for docker to parse it
+# it must be in the same folder as the docker-compose file
+ACTDB_ROOT_PASSWORD=
+ACTDB_USER=
+ACTDB_PASSWORD=
+ACTDB_DATABASE=act
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,3 @@
		# Scheduled generation of actreport for web publishing
		* * * * * source /home/almalinux/act/bin/activate; actreport --web /act_logs/www/html/aCTReport.html 2>&1