This post describes how to properly install multiple versions of R alongside on Ubuntu OS and to set up a properly controlled renv environment.

Preparation

It is better to start with a fresh installation of R. However, if R is already installed, especially if it is installed from the Ubuntu repository, it is better to get rid of the old version first:

sudo apt autoremove --purge r-base r-base-dev r-recommended

In addition, removing the packages is not enough to remove R most of the times. A safe approach is to simply change the binary name in /usr/bin with:

sudo mv /usr/bin/R /usr/bin/R2

(which is an ugly way to solve this issue, indeed).

Installing R from scratch

Inspired by this tutorial, we can now install any R version obtained from the RStudio repository (under the form of a .deb package). The following lines of codes are given for R version 4.0.3 and Ubuntu 20.04 LTS (they have to be adapted for other versions of R and other OS and OS versions):

export R_VERSION=4.0.3
curl -O https://cdn.rstudio.com/r/ubuntu-2004/pkgs/r-${R_VERSION}_1_amd64.deb
sudo dpkg -i r-${R_VERSION}_1_amd64.deb
sudo apt install -f

At this stage, R should be properly installed and work with:

/opt/R/${R_VERSION}/bin/R

The last stage of the installation would ensure that the R binary is properly linked into a bin folder:

sudo ln -s /opt/R/${R_VERSION}/bin/R /usr/local/bin/R
sudo ln -s /opt/R/${R_VERSION}/bin/Rscript /usr/local/bin/Rscript

If you are using RStudio with multiple R versions installed as described here, you can choose between them as described here.

renv environment

Within our project directory, if the renv.lock file is already present and has never been used, the virtual R environment is installed with the following R command lines:

install.packages("renv")
renv::init()

In our case, some packages have shown additional issues:

  • nloptr required the installation of an additional Ubuntu library:
    sudo apt install libnlopt-dev
    
  • some packages depended on curl and required the installation of:
    sudo apt install libcurl4-openssl-dev
    
  • ps had a problem with a wrong installation directory for sed that can be resolved creating a symbolic link:
    ln -s /bin/sed /usr/bin/sed
    

When the renv initialization process is interrupted, it can be resumed with:

renv::restore()

This post describes the best practices for asterics in branch management.

Creating a new branch

Branches are created at the head of dev as follows (within asterics repository):

git checkout dev
git pull
git branch dev-new
git checkout dev-new
git branch --set-upstream-to origin/dev-new

Merging a branch

Feature branches are merged into dev when they reach a stable state. Before merging, ensures that R tests are all successfull (start a new R session at the project root and proceed as described here.

When you decide to merge, go to the ASTERICS project on ForgeMIA, into the menu (on the left) Repository/Branches and click on the "Merge request" button of the branch that you want to merge (be careful to ask for a merge into dev and not another branch). Once the merge resquest is performed, ask for someone else to review your code and to perform the merge (this is a two-step process during which you first have to review and correct possible conflicts and then to approve the merge).

Deleting a branch

The person merging its branch into dev is responsible for deleting his/her branch locally and remotely (after it has been merged and pushed):

git branch -d dev-new
git push origin --delete dev-new

If this change is not properly spread with pull on a local repository, you can check which branches are present (with git branch -a) and if they fit the branches as described on the forge. If not, delete the branch locally (as described above) and prune its remote counterpart:

git remote update --prune

This post describes how R unit tests are organized and managed in asterics using testthat.

Tests organization

Tests are present in the directory backend/R/tests in separate files starting with test- (this is mandatory for the test to be run). In addition, as a naming convention, each test refers to a single function and is named from this function (for instance, the tests for r_multivariate_dotplot are in the file test-rmultivariatedotplot). They are all based on the testthat package and can be executed with this **R** command line:

test_dir("backend/R/tests")

(if launched from the project root directory)

Automatic testing at the project startup

Tests are launched at the project startup within **R** with:

tests <- TRUE
source("backend/R/conf_wd.R")

Tests and branch merging

When a branch is merged,

  • either this branch pre-existed before the merging of tests into dev and the merging of the branch has to be done with: 1/ git merging of the branch into dev; 2/ testing everything with a session restart; 3/ systematically correcting failed tests and documentation accordingly directly in dev,
  • either this branch was creating after test support has been merged into dev. In this case, tests have to be performed and fixed along with documentation before merging into dev.

This post describes how to install and secure mysql and phpmyadmin on Ubuntu server 20.04 LTS.

mysql installation

Refs: https://www.digitalocean.com/community/tutorials/how-to-install-linux-apache-mysql-php-lamp-stack-on-ubuntu-20-04-fr and https://ostechnix.com/install-phpmyadmin-with-lamp-stack-on-ubuntu-20-04-lts/

Installation of mysql is performed with the following command lines:

sudo apt install mysql-server
sudo mysql_secure_installation
  
with the options:
Would you like to setup VALIDATE PASSWORD component?
  
yes and
There are three levels of password validation policy:
  
that is chosen between
LOW    Length >= 8
MEDIUM Length >= 8, numeric, mixed case, and special characters
STRONG Length >= 8, numeric, mixed case, special characters and dictionary 
  
In addition, anonymous users are removed, root is only allowed to connect from localhost and the test database is removed.

phpmyadmin installation

phpmyadmin is further installed with:

sudo apt install php libapache2-mod-php php-mysql phpmyadmin php-mbstring php-zip php-gd php-json php-curl
  
where the configuration is made with
web server: apache2
connexion default: unix socket
authentication plugin: default
mysql database name: MYDATABASE
mysql username : MYUSER@localhost
  
If an error appears stating:
Error with password: type abort
  
you need to temporarily disable the validate password component:
sudo mysql
UNINSTALL COMPONENT "file://component_validate_password";
exit
  
and relaunch phpmyadmin installation
sudo apt install phpmyadmin php-mbstring php-zip php-gd php-json php-curl
  
or
sudo apt install -f
  
before re-installing the component:
sudo mysql
INSTALL COMPONENT "file://component_validate_password";
exit
  

The installation is completed with:

sudo phpenmod mbstring
sudo systemctl reload apache2
  
to enable php in apache2 configuration and with:
sudo mysql
CREATE USER 'MYUSER'@'localhost' IDENTIFIED BY 'MYPASSWORD';
GRANT ALL PRIVILEGES ON *.* TO 'pma'@'localhost' WITH GRANT OPTION;
  
to create a user for phpmyadmin (if not already performed during the installation). The connexion to phpmyadmin can be done at http://mydomain.org/phpmyadmin or a virtual host can be created after editing /etc/apache2/conf-available/phpmyadmin.conf</a> to comment out the automatic redirection (it is advised to configure SSL only connexion as well). </p>

phpmyadmin configuration

phpmyadmin configuration file is /etc/phpmyadmin/config.inc.php where cookie authentication are enabled with the option:

$cfg['Servers'][$i]['auth_type'] = 'cookie';
  
and root login is disabled with:
$cfg['Servers'][$i]['AllowRoot'] = FALSE;
  

To allow fail2ban to secure phpmyadmin connexion, the logs need to be activated with the following option:

$cfg['AuthLog'] = 'syslog';
$cfg['AuthLogSuccess'] = false;
  
which leads to the receive this type of message into /var/log/auth.log:
Aug 14 13:55:51 chix phpMyAdmin[176689]: user denied: FAKEUSER (mysql-denied) from XX.YYY.YYY.ZZ
  
when users try to login without success. The edition of /etc/fail2ban/jail.local with the addition of:
[phpmyadmin-syslog]
enabled = true
port = http,https
filter = phpmyadmin-syslog
logpath = /var/log/auth.log
backend = %(syslog_backend)s
  
leads to ban IPs with too many unsucessful login attempts. This configuration is enabled with:
sudo systemctl reload fail2ban
  


This post describes how to install jekyll (and necessary plugins) on your server (Ubuntu 20.04 LTS) so as to automatically generate and publish your websites through git versionning.

The best seems to start by not installing the jekyll package from ubuntu public repositories. The reason is that it is best to have local gem installation to avoid versionning problems with pluggins installed using ruby and gems directly. To do so, you start by installing the ruby packages:

sudo apt install ruby-full build-essential zlib1g-dev
and you switch to your git user (on my server, called "git") to update its local profile:
sudo su git
echo '# Install Ruby Gems to ~/gems' >> ~/.bashrc
echo 'export GEM_HOME="$HOME/gems"' >> ~/.bashrc
echo 'export PATH="$HOME/gems/bin:$PATH"' >> ~/.bashrc
source ~/.bashrc

jekyll (and plugins) can then be installed with the gem command:

gem install jekyll bundler
gem install jekyll-scholar
At this stage, the user gitolite should be able to use the command jekyll build to generate a website created for jekyll.

The last step is to automate the generation and publication of the website when a modification is pushed on its git repository. Suppose that the apache VH points to the directory /var/www/blog in which the website is published. First, you have to ensure that this directory is owned by the user "git":

chown -R git:git /var/www/blog

The second steps consists in creating a script that will build and copy the website content. To do so, if the website is versionned in the directory </code>/var/lib/gitolite3/repository/blog.git</code>, you create and edit a file </code>/var/lib/gitolite3/repository/blog.git/hooks/post-receive</code> that contains:

GIT_REPO=/var/lib/gitolite3/repositories/blog.git
TMP_GIT_CLONE=/var/lib/gitolite3/tmp/myrepo
PUBLIC_WWW=/var/www/blog

git clone $GIT_REPO $TMP_GIT_CLONE
cd $TMP_GIT_CLONE
jekyll build  -d $PUBLIC_WWW
cd ~/
rm -Rf $TMP_GIT_CLONE
exit
This file should be made executable with
chmod ug+x /var/lib/gitolite3/repository/blog.git/hooks/post-receive
and... that's it!