7. Grade Yard Installation

Prepare the public folder

Choose one of the two options depending on whether you want your website to be accessed directly from https://mydomain.com or from https://mydomain.com/subfolder.

  • Case 1. https://mydomain.com.
    sudo chmod 774 /var/www/html
    sudo chgrp wadmins /var/www/html
  • Case 2. https://mydomain.com/subfolder. Then make sure that the permissions of the folder /var/www/html are set to 774 and that the group is wadmins. You can achieve this with the commands:
    mkdir /var/www/html/subfolder
    sudo chmod 774 /var/www/html/subfolder
    sudo chgrp wadmins /var/www/html/subfolder

Prepare hidden folder

The hidden folder may already exist if you used the instructions from this website to create a simple content management system. The folder created had the name /webFiles.

If the folder does not exist, then you need to create it. Use the following commands.

sudo mkdir /webFiles
sudo chmod -R 775 /webFiles/
sudo chgrp -R wadmins /webFiles/

Download the binaries

cd /var/www/html/subfolder
wget https://gradeyard.com/downloads/gradeyard.tar.gz
tar -xzvf gradeyard.tar.gz
rm gradeyard.tar.gz
chgrp wadmins js
chgrp wadmins css
chgrp wadmins src

Modify the setup files

Change the names in setupWSAll.txt

Open the file setupWSAll.txt.

  • Locate the line that contains _vr_mainFolderDB*!_/vr_. Most likely, this is the first line of the file. The path to the hidden folder should be placed between the tags _vl_ and _/vl_.
  • Locate the line that contains _vr_websiteURL*!_/vr_. The URL of your website should be placed between the tags _vl_ and _/vl_.
  • Locate the line that contains the words _vr_cookieName*!_/vr_. Choose a cookie name to be different from all other cookie names that your other websites have. Then place this word between the tags _vl_ and _/vl_. If several websites share the same name of the cookie, then your users (and yourself) will have trouble keeping open sessions on different sites.

Customize the titles in mainText_start.txt

Search the file mainText_start.txt for every occurrence of the word gradeyard. Change it to something that makes more sense for your website.

Hide the setup files

Execute the following 8 commands exactly as they are written

mv bossDB_start.txt bossDB_9748623761.txt 
mv eIDT_start.txt eIDT_9748623761.txt 
mv mainText_start.txt mainText_9748623761.txt 
mv uns_start.txt uns_9748623761.txt 
mv src/dockerCreation src/dockerCr9748623761
sed -i 's/_start/_9748623761/g' setupWSAll.txt 
mv setupWSAll.txt st6743411655e.txt   
sed -i 's/_hiddenNum/_9748623761/g' src/dockerCr9748623761/Dockerfile 
mv src src6743411655e

Here is a summary of what these commands are doing. The initializing files bossDB_start.txt, eIDT_start.txt, mainText_start.txt, and uns_start.txt should be partially renamed. The word start in each of them should be replaced with one secret code that is impossible to guess. The file setupWSAll.txt should be modified and informed of this change. This website has randomly generated the secret codes in the commands above and you are suggested to use them. The commands will correctly update all the files.

The file setupWSAll.txt is also renamed with the above commands.

Cloning mode (optional)

If you want to have the cloning mode then you need to follow these steps. (If the cloning mode is enabled, then the administrator can authorize a regular user sampleUserName to have personal website under https://mydomain.com/subfolder/sites/sampleUserName. It is required that sampleUserName is not administrator. Administrators have to be first demoted for their cloning rights to be effective.)

  • Visit the website for the first time and wait until the page finishes loading. The program index.cgi needs to create the databases. Once you see the first page, the databases are created.
  • Identify the full path of the folder specified in st6743411655e.txt between the tags mainFolderDB*! and /mainFolderDB*!. By default it is /webFiles/mainTeaching. If it is not, then modify the commands below accordingly. Also, identify the name of folder for the clones. By default it is sites. If it is something else (e.g. something_else), then replace the word sys_sites with sys_something_else in the commands below.
    cp *.cgi /webFiles/mainTeaching/sys_sites
    cp *.txt /webFiles/mainTeaching/sys_sites
    sudo chgrp wadmins /webFiles/mainTeaching/sys_sites/*.*
    sudo chmod 755 /webFiles/mainTeaching/sys_sites/*.cgi
    sudo chmod 644 /webFiles/mainTeaching/sys_sites/*.txt
    wget https://gradeyard.com/downloads/gyCloning.tar.gz
    rm index.cgi
    tar -xzvf gyCloning.tar.gz
    rm gyCloning.tar.gz

Create Docker image

cd src6743411655e/dockerCr9748623761
docker build -t ub_cpp_py .
cd ../..

Log in as the administrator and change the password

Point your browser to the web address of the new website.

It may take a minute or two for the website to load the first time. The program index.cgi will realize that databases do not exist. It will create all the databases. They will be placed in the folder webFiles/mainTeaching

Note: If something goes wrong, and you want to delete all data and have a fresh start, all you have to do is delete the folder webFiles/mainTeaching. Then point the browser to your website and the fresh databases will be installed.

The administrator has the username mainAdmin and the password t3mpP@ss. You should log in, click on the button with the name mainAdmin, and change the password. Do this as soon as you get the chance. Everybody who knows about this website also knows about the password t3mpP@ss.

Register another user

Log out from the account mainAdmin. Then point the browser to https://yourWebsite.com/index.cgi?page=registration. Fill the registration form for the new user. Let's say that you chose caesar as the username.

If you log in as caesar you will see how this new user does not have administrator rights.

Making users administrators

The user mainAdmin can promote the user caesar to the role of the administrator. If you log in as mainAdmin, you can click on the button DB. Select Users database. Click on the newly created user caesar. Replace the code in the box with:

username: _nc***_caesar_/nc***_
firstName (!*! for no change): _nc***_!*!_/nc***_
lastName (!*! for no change): _nc***_!*!_/nc***_
password (!*! for no change): _nc***_!*!_/nc***_
email (!*! for no change): _nc***_!*!_/nc***_
and click Submit.

If you go back to the user database you will now see that caesar is an administrator and you cannot click on its username. You can still edit caesar directly by clicking on the button Commands and explicitly typing the action that you want to take. For example, caesar can demote mainAdmin from the role of the administrator. This can be easily done if caesar types the following

username: _nc***_mainAdmin_/nc***_
firstName (!*! for no change): _nc***_!*!_/nc***_
lastName (!*! for no change): _nc***_!*!_/nc***_
password (!*! for no change): _nc***_!*!_/nc***_
email (!*! for no change): _nc***_!*!_/nc***_

Warning: Do not edit the users root, admin, contentAdmin, and superuser. These are special accounts without passwords. They are safe from hackers. No-one can guess a password that does not exist. However, other administrators are assuming the roles of these special users in certain situations. Deleting these accounts can cause a damage to the website.