[EP-tech] Re: Editable eprints behind firewall with read-only copy in the DMZ
Dan.Stieneke at ARS.USDA.GOV
Fri Apr 18 18:58:34 BST 2014
Thanks! I was thinking selective database replication & filesystem syncs; your idea might be less work.
What did you use to determine which items needed to be exported / imported? I see there are a series of "lastmod_<timeperiod>" columns in the "eprints" table; did you use those, or something else, or a combination?
I appreciate your input.
From: eprints-tech-bounces at ecs.soton.ac.uk [mailto:eprints-tech-bounces at ecs.soton.ac.uk] On Behalf Of stof999 at cmdt.ch
Sent: Thursday, April 17, 2014 11:22 PM
To: eprints-tech at ecs.soton.ac.uk
Subject: [EP-tech] Re: Editable eprints behind firewall with read-only copy in the DMZ
-----BEGIN PGP SIGNED MESSAGE-----
we made once (3.x ?) a proof-of-concept with 3 EP repository, each on
a own virtual maschine and in different networks.
1st repo was for ingest.
with cron the ingested item where exported (ep-xml) and imported in
2th repo by bash scripts.
2th repo was dlza with very restriced access
3th repo was public: items worthily for public were marked in 2th repo
and also by cron copied to 3th.
it was working but:
since we used ep-xml-with-embedded-full-text for import/export, adding
an item in repo 3 blows up the ep-item-history with the binary code of
the fulltext. and also when there where any modification on 2th repo,
the changed metadata + the full text again was added in the
ep-item-history on repo 3.
after soon the history couldn't be used because of the hugh data was send
and as i remember, the proof-of-concept was abandoned
i would be interested to know the best way to copy items from one
ep-repo to an other ep-repo.
On 17.04.2014 17:55, Stieneke, Dan wrote:
> Currently we have only one eprints server. It exists to share our
> research, so only employees should modify it, but since it's
> exposed to the world in the DMZ, the possibility exists it could be
> tampered with.
> I'll be upgrading hardware / OS / eprints soon anyway, and I'm
> considering setting up a primary eprints server behind the
> firewall where it can't be touched by the outside world, and
> pushing updates or synchronizations to a secondary eprints server
> in the DMZ that is publicly accessible.
> This way, if our eprints server gets tampered with, our "real" data
> is safe.
> Is anybody else doing this? I'd like to hear your experience /
> caveats / pitfalls / advice.
> Dan Stieneke
> IT Specialist
> USDA - ARS - NWISRL
> 3793 N 3600 E
> Kimberly, ID 83341
> This electronic message contains information generated by the USDA
> solely for the intended recipients. Any unauthorized interception
> of this message or the use or disclosure of the information it
> contains may violate the law and subject the violator to civil or
> criminal penalties. If you believe you have received this message
> in error, please notify the sender and delete the email
> *** Options:
> http://mailman.ecs.soton.ac.uk/mailman/listinfo/eprints-tech ***
> Archive: http://www.eprints.org/tech.php/ *** EPrints community
> wiki: http://wiki.eprints.org/ *** EPrints developers Forum:
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
-----END PGP SIGNATURE-----
*** Options: http://mailman.ecs.soton.ac.uk/mailman/listinfo/eprints-tech
*** Archive: http://www.eprints.org/tech.php/
*** EPrints community wiki: http://wiki.eprints.org/
*** EPrints developers Forum: http://forum.eprints.org/
More information about the Eprints-tech