Web Setup and Grade Yard Installation

Prepare the public folder

Choose one of the two options depending on whether you want your website to be accessed directly from https://mydomain.com or from https://mydomain.com/subfolder.

  • Case 1. https://mydomain.com.
    sudo chmod 774 /var/www/html
    sudo chgrp wadmins /var/www/html
    
  • Case 2. https://mydomain.com/subfolder. Then make sure that the permissions of the folder /var/www/html are set to 774 and that the group is wadmins. You can achieve this with the commands:
    mkdir /var/www/html/subfolder
    sudo chmod 774 /var/www/html/subfolder
    sudo chgrp wadmins /var/www/html/subfolder
    

Prepare hidden folder

The hidden folder may already exist if you used the instructions from this website to create a simple content management system. The folder created had the name /webFiles.

If the folder does not exist, then you need to create it. Use the following commands.

sudo mkdir /webFiles
sudo chmod -R 775 /webFiles/
sudo chgrp -R wadmins /webFiles/

Download the binaries

cd /var/www/html/subfolder
wget https://gradeyard.com/downloads/gradeyard.tar.gz
tar -xzvf gradeyard.tar.gz
rm gradeyard.tar.gz
chgrp wadmins js
chgrp wadmins css
chgrp wadmins src

Change the name of the website

Search the file mainText_start.txt for every occurrence of the word gradeyard. Change it to something that makes more sense for your website.

Open the file setupWSAll.txt.

  • The path to the hidden folder should be placed between the tags _mainFolderDB*!_ and _/mainFolderDB*!_.
  • The URL of your website should be placed between the tags _websiteURL*!_ and _/websiteURL*!_.
  • Choose a cookie name to be different from all other cookie names that your websites have. Then place this word between the tags _cookieName*!_ and _/cookieName*!_. If several websites share the same name of the cookie, then your users (and yourself) will have trouble keeping open sessions on different sites.

Hide the setup files

Execute the following 8 commands exactly as they are written

mv bossDB_start.txt bossDB_7469118295.txt 
mv eIDT_start.txt eIDT_7469118295.txt 
mv mainText_start.txt mainText_7469118295.txt 
mv uns_start.txt uns_7469118295.txt 
mv src/dockerCreation src/dockerCr7469118295
sed -i 's/_start/_7469118295/g' setupWSAll.txt 
mv setupWSAll.txt st7345975104e.txt   
sed -i 's/_hiddenNum/_7469118295/g' src/dockerCr7469118295/Dockerfile 
mv src src7345975104e

Here is a summary of what these commands are doing. The initializing files bossDB_start.txt, eIDT_start.txt, mainText_start.txt, and uns_start.txt should be partially renamed. The word start in each of them should be replaced with one secret code that is impossible to guess. The file setupWSAll.txt should be modified and informed of this change. This website has randomly generated the secret codes in the commands above and you are suggested to use them. The commands will correctly update all the files.

The file setupWSAll.txt is also renamed with the above commands.

Cloning mode (optional)

If you want to have the cloning mode then you need to follow these steps. (If the cloning mode is enabled, then the administrator can authorize a regular user sampleUserName to have personal website under https://mydomain.com/subfolder/sites/sampleUserName. It is required that sampleUserName is not administrator. Administrators have to be first demoted for their cloning rights to be effective.)

  • Visit the website for the first time and wait until the page finishes loading. The program index.cgi needs to create the databases. Once you see the first page, the databases are created.
  • Identify the full path of the folder specified in st7345975104e.txt between the tags mainFolderDB*! and /mainFolderDB*!. By default it is /webFiles/mainTeaching. If it is not, then modify the commands below accordingly. Also, identify the name of folder for the clones. By default it is sites. If it is something else (e.g. something_else), then replace the word sys_sites with sys_something_else in the commands below.
    cp *.cgi /webFiles/mainTeaching/sys_sites
    cp *.txt /webFiles/mainTeaching/sys_sites
    sudo chgrp wadmins /webFiles/mainTeaching/sys_sites/*.*
    sudo chmod 755 /webFiles/mainTeaching/sys_sites/*.cgi
    sudo chmod 644 /webFiles/mainTeaching/sys_sites/*.txt
    wget https://gradeyard.com/downloads/gyCloning.tar.gz
    rm index.cgi
    tar -xzvf gyCloning.tar.gz
    rm gyCloning.tar.gz
    

Create Docker image

cd src7345975104e/dockerCr7469118295
docker build -t ub_cpp_py .
cd ../..

Log in as the administrator and change the password

Point your browser to the web address of the new website.

It may take a minute or two for the website to load the first time. The program index.cgi will realize that databases do not exist. It will create all the databases. They will be placed in the folder webFiles/mainTeaching

Note: If something goes wrong, and you want to delete all data and have a fresh start, all you have to do is delete the folder webFiles/mainTeaching. Then point the browser to your website and the fresh databases will be installed.

The administrator has the username mainAdmin and the password t3mpP@ss. You should log in, click on the button with the name mainAdmin, and change the password. Do this as soon as you get the chance. Everybody who knows about this website also knows about the password t3mpP@ss.

Register another user

Log out from the account mainAdmin. Then point the browser to https://yourWebsite.com/index.cgi?page=registration. Fill the registration form for the new user. Let's say that you chose caesar as the username.

If you log in as caesar you will see how this new user does not have administrator rights.

Making users administrators

The user mainAdmin can promote the user caesar to the role of the administrator. If you log in as mainAdmin, you can click on the button DB. Select Users database. Click on the newly created user caesar. Replace the code in the box with:

_command_
_nc***_modifyUserAdvanced_/nc***_
username: _nc***_caesar_/nc***_
firstName (!*! for no change): _nc***_!*!_/nc***_
lastName (!*! for no change): _nc***_!*!_/nc***_
password (!*! for no change): _nc***_!*!_/nc***_
email (!*! for no change): _nc***_!*!_/nc***_
_nc***_yes_/nc***_
_nc***_yes_/nc***_
_/command_
and click Submit.

If you go back to the user database you will now see that caesar is an administrator and you cannot click on its username. You can still edit caesar directly by clicking on the button Commands and explicitly typing the action that you want to take. For example, caesar can demote mainAdmin from the role of the administrator. This can be easily done if caesar types the following

_command_
_nc***_modifyUserAdvanced_/nc***_
username: _nc***_mainAdmin_/nc***_
firstName (!*! for no change): _nc***_!*!_/nc***_
lastName (!*! for no change): _nc***_!*!_/nc***_
password (!*! for no change): _nc***_!*!_/nc***_
email (!*! for no change): _nc***_!*!_/nc***_
_nc***_no_/nc***_
_nc***_no_/nc***_
_/command_

Warning: Do not edit the users root, admin, contentAdmin, and superuser. These are special accounts without passwords. They are safe from hackers. No-one can guess a password that does not exist. However, other administrators are assuming the roles of these special users in certain situations. Deleting these accounts can cause a damage to the website.