Complete Azure deployment and setup instructions for OpenSILEX scientific data management platform.
- Overview
- Script Descriptions
- Prerequisites
- Step 1: Deploy Azure VM
- Step 2: Connect to VM
- Step 3: Install Dependencies
- Step 4: Install OpenSILEX
- Step 5: Access OpenSILEX
- Management Commands
- Development Setup (Optional)
- Troubleshooting
OpenSILEX is an open-source scientific platform for managing agricultural and plant science research data. This guide walks you through:
- Creating an Azure VM using ARM templates
- Installing all required dependencies (Java, Docker, MongoDB, RDF4J)
- Setting up OpenSILEX with proper configuration
- Managing the running application
This installation process uses several automated scripts to simplify deployment:
- Purpose: Azure Resource Manager (ARM) template that creates the complete VM infrastructure
- What it creates: Virtual machine, network security group, virtual network, public IP, and network interface
- Configuration: Debian 12 VM with Standard_B2as_v2 size (2 vCPUs, 4GB RAM), SSH access
- Security: Uses SSH key authentication, trusted launch with secure boot, ports 22, 80, 8080, and 28081 open
- Location: Deployed in West Europe with availability zone support
- Purpose: Comprehensive installer that prepares the system and installs OpenSILEX
- Key installations: Java JDK 17, Docker, Docker Compose, MongoDB, RDF4J, Nginx, OpenSILEX
- Configurations: Sets up Docker containers, configures systemd service, creates user directories
- Security features: Runs as non-root user, configures proper permissions, sets up reverse proxy
- Java compatibility: Includes Java 17 compatibility flags for legacy Tomcat components
- Purpose: Complete management interface for OpenSILEX operations
- Key functions: Start/stop services, view logs, manage containers, run OpenSILEX commands
- Service management: Controls systemd service and Docker containers
- Monitoring: Provides status checks, log viewing, and diagnostic information
- User management: Includes commands for creating users and system initialization
Before starting, ensure you have:
- Azure subscription with appropriate permissions
- Windows: PowerShell with Azure PowerShell module (Az) OR Azure CLI
- Linux: Azure CLI OR PowerShell 7+ with Azure PowerShell module (Az)
- SSH key pair for secure VM access
- Basic knowledge of Linux command line
# Install Azure PowerShell module (run as Administrator)
Install-Module -Name Az -Repository PSGallery -Force -AllowClobber
# Or update if already installed
Update-Module -Name Az# Install Azure CLI (Ubuntu/Debian)
curl -sL https://aka.ms/InstallAzureCLIDeb | sudo bash
# Or for other distributions, see: https://docs.microsoft.com/en-us/cli/azure/install-azure-cli# Install PowerShell 7+ on Linux (Ubuntu/Debian)
wget -q https://packages.microsoft.com/config/ubuntu/$(lsb_release -rs)/packages-microsoft-prod.deb
sudo dpkg -i packages-microsoft-prod.deb
sudo apt-get update
sudo apt-get install -y powershell
# Then install Azure module
pwsh -c "Install-Module -Name Az -Repository PSGallery -Force"If you don't have an SSH key pair:
# Generate new SSH key pair (Windows 10/11 with OpenSSH)
ssh-keygen -t ed25519 -a 100
# Display public key (copy this for the template)
Get-Content ~/.ssh/id_ed25519.pub# Generate new SSH key pair
ssh-keygen -t ed25519 -a 100
# Display public key (copy this for the template)
cat ~/.ssh/id_ed25519.pub- Download or clone this repository to your local machine
- Open
vm-template.jsonin your preferred editor - Replace the SSH public key parameter:
With your actual SSH public key.
"sshPublicKey": { "type": "string", "defaultValue": "ssh-ed25519 AAAAC3... your-email@example.com" }
# Install Azure PowerShell module if not already installed
Install-Module -Name Az -Repository PSGallery -Force
# Login to Azure
Connect-AzAccount
# Create resource group
New-AzResourceGroup -Name "RG-PHIS" -Location "West Europe"
# Deploy the template
New-AzResourceGroupDeployment `
-ResourceGroupName "RG-PHIS" `
-TemplateFile "vm-template.json" `
-vmName "phis" `
-adminUsername "azureuser" `
-sshPublicKey "YOUR_SSH_PUBLIC_KEY"# Login to Azure
az login
# Create resource group
az group create --name RG-PHIS --location westeurope
# Deploy the template
az deployment group create \
--resource-group RG-PHIS \
--template-file vm-template.json \
--parameters vmName=phis adminUsername=azureuser sshPublicKey="YOUR_SSH_PUBLIC_KEY"- Navigate to Azure Portal
- Search for "Deploy a custom template"
- Click "Build your own template in the editor"
- Copy and paste the contents of
vm-template.json - Update the SSH public key in the template
- Click "Save" then "Review + create"
- Fill in the parameters and deploy
After deployment completes:
Using PowerShell:
# Get the public IP address
(Get-AzPublicIpAddress -ResourceGroupName "RG-PHIS" -Name "phis-ip").IpAddressUsing Azure CLI:
# Get the public IP address
az vm show -d -g RG-PHIS -n phis --query publicIps -o tsvOr check in the Azure Portal under the VM's overview page.
Connect to your newly created Linux VM:
# Connect via SSH from PowerShell (Windows 10/11 has built-in SSH)
ssh -i ~/.ssh/id_ed25519 azureuser@YOUR_VM_PUBLIC_IP# Connect via SSH
ssh -i ~/.ssh/id_ed25519 azureuser@YOUR_VM_PUBLIC_IPIf connection fails, verify:
- VM is running
- Network Security Group allows SSH (port 22)
- SSH key is correct (If using premade key, your identitiy type may be different)
Once connected to the VM:
# Download the setup script
wget https://raw.githubusercontent.com/lversen/PHIS/without-docker-compose/setup-opensilex.sh
# Or copy from your local machine to the VM:
# From Windows PowerShell: scp setup-opensilex.sh azureuser@YOUR_VM_IP:~/
# From Linux: scp setup-opensilex.sh azureuser@YOUR_VM_IP:~/# Make script executable
chmod +x setup-opensilex.sh
# Run the installation script
./setup-opensilex.shThis script will:
- Update system packages
- Install Java JDK 17 with compatibility flags
- Install Docker and Docker Compose
- Set up MongoDB and RDF4J containers
- Download and configure OpenSILEX
- Configure Nginx reverse proxy
- Create systemd service for OpenSILEX
- Set up user directories and permissions
Important: After the setup script completes, you must log out and back in to apply Docker group changes:
# Logout from the VM
exit
# Reconnect from your local machine
ssh azureuser@YOUR_VM_PUBLIC_IP# Test Docker installation
docker run --rm hello-world
# Check Java version
java --version
# Verify OpenSILEX files
ls -la ~/opensilex/# Download the management script
wget https://raw.githubusercontent.com/lversen/PHIS/without-docker-compose/run-opensilex.sh
# Make it executable
chmod +x run-opensilex.sh# Initialize the system (first time setup)
./run-opensilex.sh initThe initialization will:
- Start MongoDB and RDF4J containers
- Install the OpenSILEX system
- Create database schemas
- Set up default admin user
# Start OpenSILEX service
./run-opensilex.sh start# Check service status
./run-opensilex.sh status
# View service logs
./run-opensilex.sh logs serviceOnce installation completes, access OpenSILEX at:
- Main Application:
http://YOUR_VM_IP/(via Nginx reverse proxy) - Direct Access:
http://YOUR_VM_IP:28081 - RDF4J Workbench:
http://YOUR_VM_IP:8080/rdf4j-workbench
- Username:
admin@opensilex.org - Password:
admin
Security Note: Change the default password immediately after first login.
- Open your web browser
- Navigate to
http://YOUR_VM_IP/ - Log in with default credentials
- Verify OpenSILEX interface loads correctly
After initial setup, you can create new user accounts via the command line.
Create a new admin user:
# Run the user creation command
./run-opensilex.sh cmd user add --admin
# You will be prompted to enter:
# - First Name
# - Last Name
# - Email Address (this will be the username)
# - PasswordCreate a standard user:
# Run the user creation command without the admin flag
./run-opensilex.sh cmd user add
# Follow the prompts as aboveYou can then log in with the new credentials at http://YOUR_VM_IP/.
The run-opensilex.sh script provides comprehensive management capabilities:
# Start OpenSILEX service and containers
./run-opensilex.sh start
# Stop OpenSILEX service
./run-opensilex.sh stop
# Restart OpenSILEX service
./run-opensilex.sh restart
# Show detailed status information
./run-opensilex.sh status# Start Docker containers only
./run-opensilex.sh containers start
# Stop Docker containers
./run-opensilex.sh containers stop
# Check container status
./run-opensilex.sh containers status# View systemd service logs (real-time)
./run-opensilex.sh logs service
# View application logs
./run-opensilex.sh logs app
# View Docker container logs
./run-opensilex.sh logs docker# List all users
./run-opensilex.sh cmd user list
# Add new admin user
./run-opensilex.sh cmd user add --admin
# Reset ontologies
./run-opensilex.sh cmd sparql reset-ontologies
# Show help for available commands
./run-opensilex.sh cmd helpFor development work, you can set up a more flexible environment:
- Install VS Code with Remote-SSH extension
- Connect to the VM via Remote-SSH
- Open the OpenSILEX directory:
/home/azureuser/opensilex/
# Navigate to OpenSILEX directory
cd ~/opensilex/bin
# Run OpenSILEX commands directly
./opensilex.sh help
# View configuration
cat ~/opensilex/config/opensilex.yml
# Monitor application logs
tail -f ~/opensilex/logs/*.logCheck VM status with PowerShell:
# Check VM status
Get-AzVM -ResourceGroupName "RG-PHIS" -Name "phis" -Status
# Start VM if stopped
Start-AzVM -ResourceGroupName "RG-PHIS" -Name "phis"Check VM status with Azure CLI:
# Check VM status
az vm get-instance-view --resource-group RG-PHIS --name phis --query instanceView.statuses
# Start VM if stopped
az vm start --resource-group RG-PHIS --name phis# Fix Docker socket permissions
sudo chmod 666 /var/run/docker.sock
# Verify user is in docker group
groups | grep docker
# If not in group, add user and restart session
sudo usermod -aG docker $(whoami)
exit
# Reconnect via SSH# Check all container status
./run-opensilex.sh status
# View OpenSILEX service logs
./run-opensilex.sh logs service
# Check if port is listening
sudo netstat -tlnp | grep 28081
# Restart everything
./run-opensilex.sh restartVerify Azure NSG allows required ports with PowerShell:
# Check Network Security Group rules
Get-AzNetworkSecurityGroup -ResourceGroupName "RG-PHIS" -Name "phis-nsg" | Get-AzNetworkSecurityRuleConfigVerify Azure NSG with Azure CLI:
# Check NSG rules
az network nsg rule list --resource-group RG-PHIS --nsg-name phis-nsg --output table# Check Java compatibility
java --version
# Verify configuration
./run-opensilex.sh cmd system check
# Clean restart
./run-opensilex.sh stop
docker system prune -f
./run-opensilex.sh start# Check MongoDB container
docker logs mongo_opensilex
# Check RDF4J container
docker logs rdf4j_opensilex
# Restart database containers
./run-opensilex.sh containers stop
./run-opensilex.sh containers start# Check system resources
df -h # Disk usage
free -h # Memory usage
htop # Process monitor
# Check Docker status
docker ps -a # All containers
docker images # Available images
docker system df # Docker disk usage
# Check network
ss -tlnp | grep -E ':80|:8080|:28081' # Listening ports
curl -I http://localhost:28081 # Test local connection- OpenSILEX Service:
sudo journalctl -u opensilex -f - OpenSILEX Application:
~/opensilex/logs/ - MongoDB:
docker logs mongo_opensilex - RDF4J:
docker logs rdf4j_opensilex - Nginx:
/var/log/nginx/
- OpenSILEX Config:
~/opensilex/config/opensilex.yml - Systemd Service:
/etc/systemd/system/opensilex.service - Nginx Config:
/etc/nginx/sites-enabled/default
For production environments:
# Increase Java heap size (edit systemd service)
sudo nano /etc/systemd/system/opensilex.service
# Add: -Xms2g -Xmx4g to ExecStart line
# Restart after changes
sudo systemctl daemon-reload
sudo systemctl restart opensilexIf you encounter issues:
- Check the troubleshooting section above
- Review service and application logs
- Verify all prerequisites are met
- Ensure Azure resources are properly configured
- Check OpenSILEX documentation at https://opensilex.org/
# Complete system restart
./run-opensilex.sh stop
sudo reboot
# After reboot, start services
./run-opensilex.sh start
# Update system packages
sudo apt update && sudo apt upgrade -y
# Clean up Docker resources
docker system prune -f
# Backup configuration
tar -czf opensilex-backup-$(date +%Y%m%d).tar.gz ~/opensilex/config/ ~/opensilex/data/The OpenSILEX deployment includes:
- OpenSILEX Application: Java-based web application (port 28081)
- MongoDB: Document database for application data (port 27017)
- RDF4J: Triple store for semantic data (port 8080)
- Nginx: Reverse proxy for web access (port 80)
- Systemd Service: Manages OpenSILEX application lifecycle
- Change default OpenSILEX admin password immediately
- Consider restricting SSH access to specific IP ranges
- Regular system updates:
sudo apt update && sudo apt upgrade - Monitor logs for suspicious activity
- Use HTTPS in production (configure SSL certificates)
- Implement backup strategies for data and configuration
Note: This installation creates a development/testing environment. For production deployments, additional security hardening, SSL certificates, backup strategies, and monitoring should be implemented.