CGSpace Notes

2021-10-01

• Export all affiliations on CGSpace and run them against the latest RoR data dump:

localhost/dspace63= > \COPY (SELECT DISTINCT text_value as "cg.contributor.affiliation", count(*) FROM metadatavalue WHERE dspace_object_id IN (SELECT uuid FROM item) AND metadata_field_id = 211 GROUP BY text_value ORDER BY count DESC) to /tmp/2021-10-01-affiliations.csv WITH CSV HEADER;
$ csvcut -c 1 /tmp/2021-10-01-affiliations.csv | sed 1d > /tmp/2021-10-01-affiliations.txt
$ ./ilri/ror-lookup.py -i /tmp/2021-10-01-affiliations.txt -r 2021-09-23-ror-data.json -o /tmp/2021-10-01-affili
ations-matching.csv
$ csvgrep -c matched -m true /tmp/2021-10-01-affiliations-matching.csv | sed 1d | wc -l 
1879
$ wc -l /tmp/2021-10-01-affiliations.txt 
7100 /tmp/2021-10-01-affiliations.txt

• So we have 1879/7100 (26.46%) matching already

2021-10-03

• Dominique from IWMI asked me for information about how CGSpace partners are using CGSpace APIs to feed their websites
• Start a fresh indexing on AReS
• Udana sent me his file of 292 non-IWMI publications for the Virtual library on water management
  • He added licenses
  • I want to clean up the dcterms.extent field though because it has volume, issue, and pages there
  • I cloned the column several times and extracted values based on their positions, for example:
    • Volume: value.partition(":")[0]
    • Issue: value.partition("(")[2].partition(")")[0]
    • Page: "p. " + value.replace(".", "")

2021-10-04

• Start looking at the last month of Solr statistics on CGSpace
  • I see a number of IPs with “normal” user agents who clearly behave like bots
    • 198.15.130.18: 21,000 requests to /discover with a normal-looking user agent, from ASN 11282 (SERVERYOU, US)
    • 93.158.90.107: 8,500 requests to handle and browse links with a Firefox 84.0 user agent, from ASN 12552 (IPO-EU, SE)
    • 193.235.141.162: 4,800 requests to handle, browse, and discovery links with a Firefox 84.0 user agent, from ASN 51747 (INTERNETBOLAGET, SE)
    • 3.225.28.105: 2,900 requests to REST API for the CIAT Story Maps collection with a normal user agent, from ASN 14618 (AMAZON-AES, US)
    • 34.228.236.6: 2,800 requests to discovery for the CGIAR System community with user agent Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1), from ASN 14618 (AMAZON-AES, US)
    • 18.212.137.2: 2,800 requests to discovery for the CGIAR System community with user agent Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1), from ASN 14618 (AMAZON-AES, US)
    • 3.81.123.72: 2,800 requests to discovery and handles for the CGIAR System community with user agent Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1), from ASN 14618 (AMAZON-AES, US)
    • 3.227.16.188: 2,800 requests to discovery and handles for the CGIAR System community with user agent Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1), from ASN 14618 (AMAZON-AES, US)
  • Looking closer into the requests with this Mozilla/4.0 user agent, I see 500+ IPs using it:

# zcat --force /var/log/nginx/*.log* | grep 'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)' | awk '{print $1}' | sort | uniq > /tmp/mozilla-4.0-ips.txt
# wc -l /tmp/mozilla-4.0-ips.txt 
543 /tmp/mozilla-4.0-ips.txt

• Then I resolved the IPs and extracted the ones belonging to Amazon:

$ ./ilri/resolve-addresses-geoip2.py -i /tmp/mozilla-4.0-ips.txt -k "$ABUSEIPDB_API_KEY" -o /tmp/mozilla-4.0-ips.csv
$ csvgrep -c asn -m 14618 /tmp/mozilla-4.0-ips.csv | csvcut -c ip | sed 1d | tee /tmp/amazon-ips.txt | wc -l

• I am thinking I will purge them all, as I have several indicators that they are bots: mysterious user agent, IP owned by Amazon
• Even more interesting, these requests are weighted VERY heavily on the CGIAR System community:

   1592 GET /handle/10947/2526
   1592 GET /handle/10947/2527
   1592 GET /handle/10947/34
   1593 GET /handle/10947/6
   1594 GET /handle/10947/1
   1598 GET /handle/10947/2515
   1598 GET /handle/10947/2516
   1599 GET /handle/10568/101335
   1599 GET /handle/10568/91688
   1599 GET /handle/10947/2517
   1599 GET /handle/10947/2518
   1599 GET /handle/10947/2519
   1599 GET /handle/10947/2708
   1599 GET /handle/10947/2871
   1600 GET /handle/10568/89342
   1600 GET /handle/10947/4467
   1607 GET /handle/10568/103816
 290382 GET /handle/10568/83389

• Before I purge all those I will ask someone Samuel Stacey from the System Office to hopefully get an insight…
• Meeting with Michael Victor, Peter, Jane, and Abenet about the future of repositories in the One CGIAR
• Meeting with Michelle from Altmetric about their new CSV upload system
  • I sent her some examples of Handles that have DOIs, but no linked score (yet) to see if an association will be created when she uploads them

doi,handle
10.1016/j.agsy.2021.103263,10568/115288
10.3389/fgene.2021.723360,10568/115287
10.3389/fpls.2021.720670,10568/115285

• Extract the AGROVOC subjects from IWMI’s 292 publications to validate them against AGROVOC:

$ csvcut -c 'dcterms.subject[en_US]' ~/Downloads/2021-10-03-non-IWMI-publications.csv | sed -e 1d -e 's/||/\n/g' -e 's/"//g' | sort -u > /tmp/agrovoc.txt
$ ./ilri/agrovoc-lookup.py -i /tmp/agrovoc-sorted.txt -o /tmp/agrovoc-matches.csv
$ csvgrep -c 'number of matches' -m '0' /tmp/agrovoc-matches.csv | csvcut -c 1 > /tmp/invalid-agrovoc.csv

2021-10-05

• Sam put me in touch with Dodi from the System Office web team and he confirmed that the Amazon requests are not theirs
  • I added Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) to the list of bad bots in nginx
  • I purged all the Amazon IPs using this user agent, as well as the few other IPs I identified yesterday

$ ./ilri/check-spider-ip-hits.sh -f /tmp/robot-ips.txt -p
...

Total number of bot hits purged: 465119

2021-10-06

• Thinking about how we could check for duplicates before importing
  • I found out that PostgreSQL has a built-in similarity function:

localhost/dspace63= > CREATE EXTENSION pg_trgm;
localhost/dspace63= > SELECT metadata_value_id, text_value, dspace_object_id FROM metadatavalue WHERE dspace_object_id IN (SELECT uuid FROM item) AND metadata_field_id=64 AND SIMILARITY(text_value,'Molecular marker based genetic diversity assessment of Striga resistant maize inbred lines') > 0.5;
 metadata_value_id │                                         text_value                                         │           dspace_object_id
───────────────────┼────────────────────────────────────────────────────────────────────────────────────────────┼──────────────────────────────────────
           3652624 │ Molecular marker based genetic diversity assessment of Striga resistant maize inbred lines │ b7f0bf12-b183-4b2f-bbd2-7a5697b0c467
           3677663 │ Molecular marker based genetic diversity assessment of Striga resistant maize inbred lines │ fb62f551-f4a5-4407-8cdc-6bff6dac399e
(2 rows)

• I was able to find an exact duplicate for an IITA item by searching for its title (I already knew that these existed)
• I started working on a basic Python script to do this and managed to find an actual duplicate in the recent IWMI items
  • I think I will check for similar titles, and if I find them I will print out the handles for verification
  • I could also proceed to check other metadata like type because those shouldn’t vary too much
• I ran my new check-duplicates.py script on the 292 non-IWMI publications from Udana and found twelve potential duplicates
  • Upon checking them manually, I found that 7/12 were indeed already present on CGSpace!
  • This is with the similarity threshold at 0.5. I wonder if tweaking that higher will make the script run faster and eliminate some false positives
  • I re-ran it with higher thresholds this eliminated all false positives, but it still took 24 minutes to run for 292 items!
    • 0.6: ./ilri/check-duplicates.py -i ~/Downloads/2021-10-03-non-IWMI-publications.cs 0.09s user 0.03s system 0% cpu 24:40.42 total
    • 0.7: ./ilri/check-duplicates.py -i ~/Downloads/2021-10-03-non-IWMI-publications.cs 0.12s user 0.03s system 0% cpu 24:29.15 total
    • 0.8: ./ilri/check-duplicates.py -i ~/Downloads/2021-10-03-non-IWMI-publications.cs 0.09s user 0.03s system 0% cpu 25:44.13 total
• Some minor updates to csv-metadata-quality
  • Fix two issues with regular expressions in the duplicate items and experimental language checks
  • Add a check for items that have a DOI listed in their citation, but are missing a standalone DOI field
• Then I ran this new version of csv-metadata-quality on an export of IWMI’s community, minus some fields I don’t want to check:

$ csvcut -C 'dc.date.accessioned,dc.date.accessioned[],dc.date.accessioned[en_US],dc.date.available,dc.date.available[],dc.date.available[en_US],dcterms.issued[en_US],dcterms.issued[],dcterms.issued,dc.description.provenance[en],dc.description.provenance[en_US],dc.identifier.uri,dc.identifier.uri[],dc.identifier.uri[en_US],dcterms.abstract[en_US],dcterms.bibliographicCitation[en_US],collection' ~/Downloads/iwmi.csv > /tmp/iwmi-to-check.csv
$ csv-metadata-quality -i /tmp/iwmi-to-check.csv -o /tmp/iwmi.csv | tee /tmp/out.log
$ xsv split -s 2000 /tmp /tmp/iwmi.csv

• I noticed each CSV only had 10 or 20 corrections, mostly that none of the duplicate metadata values were removed in the CSVs…
  • I cut a subset of the fields from the main CSV and tried again, but DSpace said “no changes detected”
  • The duplicates are definitely removed from the CSV, but DSpace doesn’t detect them
  • I realized this is an issue I’ve had before, but forgot because I usually use csv-metadata-quality for new items, not ones already inside DSpace!
  • I found a comment on thread on the dspace-tech mailing list from helix84 in 2015 (“No changes were detected” when importing metadata via XMLUI") where he says:

It’s very likely that multiple values in a single field are being compared as an unordered set rather than an ordered list. Try doing it in two imports. In first import, remove all authors. In second import, add them in the new order.

• Shit, so that’s worth looking into…

2021-10-07

• I decided to upload the cleaned IWMI community by moving the cleaned metadata field from dcterms.subject[en_US] to dcterms.subject[en_Fu] temporarily, uploading them, then moving them back, and uploading again
  • I started by copying just a handful of fields from the iwmi.csv community export:

$ csvcut -c 'id,cg.contributor.affiliation[en_US],cg.coverage.country[en_US],cg.coverage.iso3166-alpha2[en_US],cg.coverage.subregion[en_US],cg.identifier.doi[en_US],cg.identifier.iwmilibrary[en_US],cg.identifier.url[en_US],cg.isijournal[en_US],cg.issn[en_US],cg.river.basin[en_US],dc.contributor.author[en_US],dcterms.subject[en_US]' ~/Downloads/iwmi.csv > /tmp/iwmi-duplicate-metadata.csv
# Copy and blank columns in OpenRefine
$ csv-metadata-quality -i ~/Downloads/2021-10-07-IWMI-duplicate-metadata-csv.csv -o /tmp/iwmi-duplicates-cleaned.csv | tee /tmp/out.log
$ xsv split -s 2000 /tmp /tmp/iwmi-duplicates-cleaned.csv

• It takes a few hours per 2,000 items because DSpace processes them so slowly… sigh…

2021-10-08

• I decided to update these records in PostgreSQL instead of via several CSV batches, as there were several others to normalize too:

cgspace=# SELECT DISTINCT text_lang, count(text_lang) FROM metadatavalue WHERE dspace_object_id IN (SELECT uuid FROM item) GROUP BY text_lang ORDER BY count DESC;
 text_lang |  count  
-----------+---------
 en_US     | 2603711
 en_Fu     |  115568
 en        |    8818
           |    5286
 fr        |       2
 vn        |       2
           |       0
(7 rows)
cgspace=# BEGIN;
cgspace=# UPDATE metadatavalue SET text_lang='en_US' WHERE dspace_object_id IN (SELECT uuid FROM item) AND text_lang IN ('en_Fu', 'en', '');
UPDATE 129673
cgspace=# COMMIT;

• So all this effort to remove ~400 duplicate metadata values in the IWMI community hmmm:

$ grep -c 'Removing duplicate value' /tmp/out.log
391

• I tried to export ILRI’s community, but ran into the export bug (DS-4211)
  • After applying the patch on my local instance I was able to export, but found many duplicate items in the CSV (as I also noticed in 2021-02):

$ csvcut -c id /tmp/ilri-duplicate-metadata.csv | sed '1d' | wc -l 
32070
$ csvcut -c id /tmp/ilri-duplicate-metadata.csv | sort -u | sed '1d' | wc -l
19315

• It seems there are only about 200 duplicate values in this subset of fields in ILRI’s community:

$ grep -c 'Removing duplicate value' /tmp/out.log
220

• I found a cool way to select only the items with corrections
  • First, extract a handful of fields from the CSV with csvcut
  • Second, clean the CSV with csv-metadata-quality
  • Third, rename the columns to something obvious in the cleaned CSV
  • Fourth, use csvjoin to merge the cleaned file with the original

$ csvcut -c 'id,cg.contributor.affiliation[en_US],cg.coverage.country[en_US],cg.coverage.iso3166-alpha2[en_US],cg.coverage.subregion[en_US],cg.identifier.doi[en_US],cg.identifier.url[en_US],cg.isijournal[en_US],cg.issn[en_US],dc.contributor.author[en_US],dcterms.subject[en_US]' /tmp/ilri.csv | csvsort | uniq > /tmp/ilri-deduplicated-items.csv
$ csv-metadata-quality -i /tmp/ilri-deduplicated-items.csv -o /tmp/ilri-deduplicated-items-cleaned.csv | tee /tmp/out.log
$ sed -i -e '1s/en_US/en_Fu/g' /tmp/ilri-deduplicated-items-cleaned.csv
$ csvjoin -c id /tmp/ilri-deduplicated-items.csv /tmp/ilri-deduplicated-items-cleaned.csv > /tmp/ilri-deduplicated-items-cleaned-joined.csv

• Then I imported the file into OpenRefine and used a custom text facet with a GREL like this to identify the rows with changes:

if(cells['dcterms.subject[en_US]'].value == cells['dcterms.subject[en_Fu]'].value,"same","different")

• For these rows I starred them and then blanked out the original field so DSpace would see it as a removal, and add the new column
  • After these are uploaded I will normalize the text_lang fields in PostgreSQL again
• I did the same for CIAT but there were over 7,000 duplicate metadata values! Hard to believe:

$ grep -c 'Removing duplicate value' /tmp/out.log
7720

• I applied these to the CIAT community, so in total that’s over 8,000 duplicate metadata values removed in a handful of fields…

2021-10-09

• I did similar metadata cleanups for CCAFS and IITA too, but there were only a few hundred duplicates there
• Also of note, there are some other fixes too, for example in IITA’s community:

$ grep -c -E '(Fixing|Removing) (duplicate|excessive|invalid)' /tmp/out.log
249

• I ran a full Discovery re-indexing on CGSpace
• Then I exported all of CGSpace and extracted the ISSNs and ISBNs:

$ csvcut -c 'id,cg.issn[en_US],dc.identifier.issn[en_US],cg.isbn[en_US],dc.identifier.isbn[en_US]' /tmp/cgspace.csv > /tmp/cgspace-issn-isbn.csv

• I did cleanups on about seventy items with invalid and mixed ISSNs/ISBNs

2021-10-10

• Start testing DSpace 7.1-SNAPSHOT to see if it has the duplicate item bug on metadata-export (DS-4211)
• First create a new PostgreSQL 13 container:

$ podman run --name dspacedb13 -v dspacedb13_data:/var/lib/postgresql/data -e POSTGRES_PASSWORD=postgres -p 5433:5432 -d postgres:13-alpine
$ createuser -h localhost -p 5433 -U postgres --pwprompt dspacetest
$ createdb -h localhost -p 5433 -U postgres -O dspacetest --encoding=UNICODE dspace7
$ psql -h localhost -p 5433 -U postgres dspace7 -c 'CREATE EXTENSION pgcrypto;'

• Then edit setting in dspace/config/local.cfg and build the backend server with Java 11:

$ mvn package
$ cd dspace/target/dspace-installer
$ ant fresh_install
# fix database not being fully ready, causing Tomcat to fail to start the server application
$ ~/dspace7/bin/dspace database migrate

• Copy Solr configs and start Solr:

$ cp -Rv ~/dspace7/solr/* ~/src/solr-8.8.2/server/solr/configsets
$ ~/src/solr-8.8.2/bin/solr start

• Start my local Tomcat 9 instance:

$ systemctl --user start tomcat9@dspace7

• This works, so now I will drop the default database and import a dump from CGSpace

$ systemctl --user stop tomcat9@dspace7                                
$ dropdb -h localhost -p 5433 -U postgres dspace7
$ createdb -h localhost -p 5433 -U postgres -O dspacetest --encoding=UNICODE dspace7
$ psql -h localhost -p 5433 -U postgres -c 'alter user dspacetest superuser;'
$ pg_restore -h localhost -p 5433 -U postgres -d dspace7 -O --role=dspacetest -h localhost dspace-2021-10-09.backup
$ psql -h localhost -p 5433 -U postgres -c 'alter user dspacetest nosuperuser;'

• Delete Atmire migrations and some others that were “unresolved”:

$ psql -h localhost -p 5433 -U postgres dspace7 -c "DELETE FROM schema_version WHERE description LIKE '%Atmire%' OR description LIKE '%CUA%' OR description LIKE '%cua%';"
$ psql -h localhost -p 5433 -U postgres dspace7 -c "DELETE FROM schema_version WHERE version IN ('5.0.2017.09.25', '6.0.2017.01.30', '6.0.2017.09.25');"

• Now DSpace 7 starts with my CGSpace data… nice
  • The Discovery indexing still takes seven hours… fuck
• I tested the metadata-export on DSpace 7.1-SNAPSHOT and it still has the duplicate items issue introduced by DS-4211
  • I filed a GitHub issue and notified nwoodward: https://github.com/DSpace/DSpace/issues/7988
• Start a full reindex on AReS

2021-10-11

• Start a full Discovery reindex on my local DSpace 6.3 instance:

$ /usr/bin/time -f %M:%e chrt -b 0 ~/dspace63/bin/dspace index-discovery -b
Loading @mire database changes for module MQM
Changes have been processed
836140:6543.6

• So that’s 1.8 hours versus 7 on DSpace 7, with the same database!
• Several users wrote to me that CGSpace was slow recently
  • Looking at the PostgreSQL database I see connections look normal, but locks for dspaceWeb are high:

$ psql -c 'SELECT * FROM pg_stat_activity' | wc -l
53
$ psql -c "SELECT * FROM pg_locks pl LEFT JOIN pg_stat_activity psa ON pl.pid = psa.pid" | wc -l
1697
$ psql -c "SELECT * FROM pg_locks pl LEFT JOIN pg_stat_activity psa ON pl.pid = psa.pid WHERE application_name='dspaceWeb'" | wc -l
1681

• Looking at Munin, I see there are indeed a higher number of locks starting on the morning of 2021-10-07:

• The only thing I did on 2021-10-07 was import a few thousand metadata corrections…
• I restarted PostgreSQL (instead of restarting Tomcat), so let’s see if that helps
• I filed a bug for the DSpace 6/7 duplicate values metadata import issue
• I tested the two patches for removing abandoned submissions from the workflow but unfortunately it seems that they are for the configurable aka XML workflow, and we are using the basic workflow
• I discussed PostgreSQL issues with some people on the DSpace Slack
  • Looking at postgresqltuner.pl and https://pgtune.leopard.in.ua I realized that there were some settings that I hadn’t changed in a few years that I probably need to re-evaluate
  • For example, random_page_cost is recommended to be 1.1 in the PostgreSQL 10 docs (default is 4.0, but we use 1 since 2017 when it came up in Hacker News)
  • Also, effective_io_concurrency is recommended to be “hundreds” if you are using an SSD (default is 1)
• I also enabled the pg_stat_statements extension to try to understand what queries are being run the most often, and how long they take

2021-10-12

• I looked again at the duplicate items query I was doing with trigrams recently and found a few new things
  • Looking at the EXPLAIN ANALYZE plan for the query I noticed it wasn’t using any indexes
  • I read on StackExchange that, if we want to make use of indexes, we need to use the similarity operator (%), not the function similarity() because “index support is bound to operators in Postgres, not to functions”
  • A note about the query plan output is that we need to read it from the bottom up!
  • So with the similary operator we need to set the threshold like this now:

localhost/dspace= > SET pg_trgm.similarity_threshold = 0.5;

• Next I experimented with using GIN or GiST indexes on metadatavalue, but they were slower than the existing DSpace indexes
  • I tested a few variations of the query I had been using and found it’s much faster if I use the similarity operator and keep the condition that object IDs are in the item table…

localhost/dspace= > SELECT text_value, dspace_object_id FROM metadatavalue WHERE dspace_object_id IN (SELECT uuid FROM item) AND metadata_field_id=64 AND text_value % 'Traditional knowledge affects soil management ability of smallholder farmers in marginal areas';
                                           text_value                                           │           dspace_object_id           
────────────────────────────────────────────────────────────────────────────────────────────────┼──────────────────────────────────────
 Traditional knowledge affects soil management ability of smallholder farmers in marginal areas │ 7af059af-9cd7-431b-8a79-7514896ca7dc
(1 row)

Time: 739.948 ms

• Now this script runs in four minutes (versus twenty-four!) and it still finds the same seven duplicates! Amazing!
• I still don’t understand the differences in the query plan well enough, but I see it is using the DSpace default indexes and the results are accurate
• So to summarize, the best to the worst query, all returning the same result:

localhost/dspace= > SET pg_trgm.similarity_threshold = 0.6;
localhost/dspace= > SELECT text_value, dspace_object_id FROM metadatavalue WHERE dspace_object_id IN (SELECT uuid FROM item) AND metadata_field_id=64 AND text_value % 'Traditional knowledge affects soil management ability of smallholder farmers in marginal areas';
                                           text_value                                           │           dspace_object_id           
────────────────────────────────────────────────────────────────────────────────────────────────┼──────────────────────────────────────
 Traditional knowledge affects soil management ability of smallholder farmers in marginal areas │ 7af059af-9cd7-431b-8a79-7514896ca7dc
(1 row)

Time: 683.165 ms
Time: 635.364 ms
Time: 674.666 ms

localhost/dspace= > DISCARD ALL;
localhost/dspace= > SET pg_trgm.similarity_threshold = 0.6;
localhost/dspace= > SELECT text_value, dspace_object_id FROM metadatavalue WHERE metadata_field_id=64 AND text_value % 'Traditional knowledge affects soil management ability of smallholder farmers in marginal areas';
                                           text_value                                           │           dspace_object_id           
────────────────────────────────────────────────────────────────────────────────────────────────┼──────────────────────────────────────
 Traditional knowledge affects soil management ability of smallholder farmers in marginal areas │ 7af059af-9cd7-431b-8a79-7514896ca7dc
(1 row)

Time: 1584.765 ms (00:01.585)
Time: 1665.594 ms (00:01.666)
Time: 1623.726 ms (00:01.624)

localhost/dspace= > DISCARD ALL;
localhost/dspace= > SELECT text_value, dspace_object_id FROM metadatavalue WHERE metadata_field_id=64 AND SIMILARITY(text_value,'Traditional knowledge affects soil management ability of smallholder farmers in marginal areas') > 0.6;
                                           text_value                                           │           dspace_object_id           
────────────────────────────────────────────────────────────────────────────────────────────────┼──────────────────────────────────────
 Traditional knowledge affects soil management ability of smallholder farmers in marginal areas │ 7af059af-9cd7-431b-8a79-7514896ca7dc
(1 row)

Time: 4028.939 ms (00:04.029)
Time: 4022.239 ms (00:04.022)
Time: 4061.820 ms (00:04.062)

localhost/dspace= > DISCARD ALL;
localhost/dspace= > SELECT text_value, dspace_object_id FROM metadatavalue WHERE dspace_object_id IN (SELECT uuid FROM item) AND metadata_field_id=64 AND SIMILARITY(text_value,'Traditional knowledge affects soil management ability of smallholder farmers in marginal areas') > 0.6;
                                           text_value                                           │           dspace_object_id           
────────────────────────────────────────────────────────────────────────────────────────────────┼──────────────────────────────────────
 Traditional knowledge affects soil management ability of smallholder farmers in marginal areas │ 7af059af-9cd7-431b-8a79-7514896ca7dc
(1 row)

Time: 4358.713 ms (00:04.359)
Time: 4301.248 ms (00:04.301)
Time: 4417.909 ms (00:04.418)

2021-10-13

• I looked into the REST API issue where fields without qualifiers throw an HTTP 500
  • The fix is to check if the qualifier is not null AND not empty in dspace-api
  • I submitted a fix: https://github.com/DSpace/DSpace/pull/7993

2021-10-14

• Someone in the DSpace community already posted a fix for the DSpace 6/7 duplicate items export bug!
  • I tested it and it works so I left feedback: https://github.com/DSpace/DSpace/pull/7995
• Altmetric support got back to us about the missing DOI–Handle link and said it was due to the TLS certificate chain on CGSpace
  • I checked and everything is actually working fine, so it could be their backend servers are old and don’t support the new Let’s Encrypt trust path
  • I asked them to put me in touch with their backend developers directly

2021-10-17

• Revert the ssl-cert change on the Ansible infrastructure scripts so that nginx uses a manually generated “snakeoil” TLS certificate
  • The ssl-cert one is easier because it’s automatic, but they include the hostname in the bogus cert so it’s an unecessary leak of information
• I started doing some tests to upgrade Elasticsearch from 7.6.2 to 7.7, 7.8, 7.9, and eventually 7.10 on OpenRXV
  • I tested harvesting, reporting, filtering, and various admin actions with each version and they all worked fine, with no errors in any logs as far as I can see
  • This fixes bunches of issues, updates Java from 13 to 15, and the base image from CentOS 7 to 8, so it’s a decent amount of technical debt!
  • I even tried Elasticsearch 7.13.2, which has Java 16, and it works fine…
  • I submitted a pull request: https://github.com/ilri/OpenRXV/pull/126

2021-10-20

• Meeting with Big Data and CGIAR repository players about the feasibility of moving to a single repository
  • We discussed several options, for example moving all DSpaces to CGSpace along with their permanent identifiers
  • The issue would be for centers like IFPRI who don’t use DSpace and have integrations with their website etc with their current repository

2021-10-21

• Udana from IWMI contacted me to ask if I could do a one-off AReS harvest because they have some new items they need to report on

2021-10-22

• Abenet and others contacted me to say that the LDAP login was not working on CGSpace
  • I checked with ldapsearch and it is indeed not working:

$ ldapsearch -x -H ldaps://AZCGNEROOT3.CGIARAD.ORG:636/ -b "dc=cgiarad,dc=org" -D "booo" -W "(sAMAccountName=fuuu)"
Enter LDAP Password:
ldap_bind: Invalid credentials (49)
        additional info: 80090308: LdapErr: DSID-0C090447, comment: AcceptSecurityContext error, data 52e, v3839

• I sent a message to ILRI ICT to ask them to check the account
  • They reset the password so I ran all system updates and rebooted the server since users weren’t able to log in anyways

2021-10-24

• CIP was asking about CGSpace stats again
  • The last time I helped them with this was in 2021-04, when I extracted stats for their community from the DSpace Statistics API
• In looking at the CIP stats request I got curious if there were any hits from all those Russian IPs before 2021-07 that I could purge
  • Sure enough there were a few hundred IPs belonging to those ASNs:

$ http 'localhost:8081/solr/statistics/select?q=time%3A2021-04*&fl=ip&wt=json&indent=true&facet=true&facet.field=ip&facet.limit=200000&facet.mincount=1' > /tmp/2021-04-ips.json
# Ghetto way to extract the IPs using jq, but I can't figure out how only print them and not the facet counts, so I just use sed
$ jq '.facet_counts.facet_fields.ip[]' /tmp/2021-04-ips.json | grep -E '^"' | sed -e 's/"//g' > /tmp/ips.txt
$ ./ilri/resolve-addresses-geoip2.py -i /tmp/ips.txt -o /tmp/2021-04-ips.csv
$ csvgrep -c asn -r '^(49453|46844|206485|62282|36352|35913|35624|8100)$' /tmp/2021-04-ips.csv | csvcut -c network | sed 1d | sort -u > /tmp/networks-to-block.txt
$ wc -l /tmp/networks-to-block.txt 
125 /tmp/networks-to-block.txt
$ grepcidr -f /tmp/networks-to-block.txt /tmp/ips.txt > /tmp/ips-to-purge.txt
$ wc -l /tmp/ips-to-purge.txt
202

• Attempting to purge those only shows about 3,500 hits, but I will do it anyways
  • Adding 64.39.108.48 from Qualys I get a total of 22631 hits purged
• I also purged another 5306 hits after checking the IPv4 list from AbuseIPDB.com

2021-10-25

• Help CIP colleagues with view and download statistics for their community in 2020 and 2021

2021-10-27

• Help ICARDA colleagues with GLDC reports on AReS
  • There was an issue due to differences in CRP metadata between repositories

2021-10-28

• Meeting with Medha and a bunch of others about the FAIRscribe tool they have been developing
  • Seems it is a submission tool like MEL

2021-10-29

• Linode alerted me that CGSpace (linode18) has high outbound traffic for the last two hours
  • This has happened a few other times this week so I decided to go look at the Solr stats for today
  • I see 93.158.91.62 is making thousands of requests to Discover with a normal user agent:

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.81 Safari/537.36

• Even more annoying, they are not re-using their session ID:

$ grep 93.158.91.62 log/dspace.log.2021-10-29 | grep -oE 'session_id=[A-Z0-9]{32}:ip_addr=' | sort | uniq | wc -l
4888

• This IP has made 36,000 requests to CGSpace…
• The IP is owned by Internet Vikings in Sweden
• I purged their statistics and set up a temporary HTTP 403 telling them to use a real user agent
• I see another one in Sweden a few days ago (192.36.109.131), also using the same exact user agent as above, but belonging to Resilans AB
  • I purged another 74,619 hits from this bot
• I added these two IPs to the nginx IP bot identifier
• Jesus I found a few Russian IPs attempting SQL injection and path traversal, ie:

45.9.20.71 - - [20/Oct/2021:02:31:15 +0200] "GET /bitstream/handle/10568/1820/Rhodesgrass.pdf?sequence=4&OoxD=6591%20AND%201%3D1%20UNION%20ALL%20SELECT%201%2CNULL%2C%27%3Cscript%3Ealert%28%22XSS%22%29%3C%2Fscript%3E%27%2Ctable_name%20FROM%20information_schema.tables%20WHERE%202%3E1--%2F%2A%2A%2F%3B%20EXEC%20xp_cmdshell%28%27cat%20..%2F..%2F..%2Fetc%2Fpasswd%27%29%23 HTTP/1.1" 200 143070 "https://cgspace.cgiar.org:443/bitstream/handle/10568/1820/Rhodesgrass.pdf" "Mozilla/5.0 (X11; U; Linux i686; es-AR; rv:1.8.1.11) Gecko/20071204 Ubuntu/7.10 (gutsy) Firefox/2.0.0.11"

• I reported them to AbuseIPDB.com and purged their hits:

$ ./ilri/check-spider-ip-hits.sh -f /tmp/ip.txt -p
Purging 6364 hits from 45.9.20.71 in statistics
Purging 8039 hits from 45.146.166.157 in statistics
Purging 3383 hits from 45.155.204.82 in statistics

Total number of bot hits purged: 17786

2021-10-31

• Update Docker containers for AReS on linode20 and run a fresh harvest
• Found some strange IP (94.71.3.44) making 51,000 requests today with the user agent “Microsoft Internet Explorer”
  • It is in Greece, and it seems to be requesting each item’s XMLUI full metadata view, so I suspect it’s Gardian actually
  • I found it making another 25,000 requests yesterday…
  • I purged them from Solr
• Found 20,000 hits from Qualys (according to AbuseIPDB.com) using normal user agents… ugh, must be some ILRI ICT scan
• Found more request from a Swedish IP (93.158.90.34) using that weird Firefox user agent that I noticed a few weeks ago:

Mozilla/5.0 (Macintosh; Intel Mac OS X 11.1; rv:84.0) Gecko/20100101 Firefox/84.0

• That’s from ASN 12552 (IPO-EU, SE), which is operated by Internet Vikings, though AbuseIPDB.com says it’s Availo Networks AB
• There’s another IP (3.225.28.105) that made a few thousand requests to the REST API from Amazon, though it’s using a normal user agent

# zgrep 3.225.28.105 /var/log/nginx/rest.log.* | wc -l
3991
~# zgrep 3.225.28.105 /var/log/nginx/rest.log.* | grep -oE 'GET /rest/(collections|handle|items)' | sort | uniq -c
   3154 GET /rest/collections
    427 GET /rest/handle
    410 GET /rest/items

• It requested the CIAT Story Maps collection over 3,000 times last month…
  • I will purge those hits