carta-controller 3.0.0-beta.1d → 3.0.0-dev.20220301

package/dist/database.js

@@ -24,7 +24,7 @@ const preferenceSchema = require("../config/preference_schema_2.json");
 const layoutSchema = require("../config/layout_schema_2.json");
 const snippetSchema = require("../config/snippet_schema.json");
 const ajv = new ajv_1.default({ useDefaults: true, strictTypes: false });
-ajv_formats_1.default(ajv);
+(0, ajv_formats_1.default)(ajv);
 const validatePreferences = ajv.compile(preferenceSchema);
 const validateLayout = ajv.compile(layoutSchema);
 const validateSnippet = ajv.compile(snippetSchema);
@@ -72,7 +72,7 @@ function initDB() {
                 console.log(`Connected to server ${config_1.ServerConfig.database.uri} and database ${config_1.ServerConfig.database.databaseName}`);
             }
             catch (err) {
-                util_1.verboseError(err);
+                (0, util_1.verboseError)(err);
                 console.error("Error connecting to database");
                 process.exit(1);
             }
@@ -102,7 +102,7 @@ function handleGetPreferences(req, res, next) {
             }
         }
         catch (err) {
-            util_1.verboseError(err);
+            (0, util_1.verboseError)(err);
             return next({ statusCode: 500, message: "Problem retrieving preferences" });
         }
     });
@@ -137,7 +137,7 @@ function handleSetPreferences(req, res, next) {
             }
         }
         catch (err) {
-            util_1.verboseError(err);
+            (0, util_1.verboseError)(err);
             return next({ statusCode: 500, message: err.errmsg });
         }
     });
@@ -170,7 +170,7 @@ function handleClearPreferences(req, res, next) {
             }
         }
         catch (err) {
-            util_1.verboseError(err);
+            (0, util_1.verboseError)(err);
             return next({ statusCode: 500, message: "Problem clearing preferences" });
         }
     });
@@ -194,7 +194,7 @@ function handleGetLayouts(req, res, next) {
             res.json({ success: true, layouts });
         }
         catch (err) {
-            util_1.verboseError(err);
+            (0, util_1.verboseError)(err);
             return next({ statusCode: 500, message: "Problem retrieving layouts" });
         }
     });
@@ -229,7 +229,7 @@ function handleSetLayout(req, res, next) {
             }
         }
         catch (err) {
-            util_1.verboseError(err);
+            (0, util_1.verboseError)(err);
             return next({ statusCode: 500, message: err.errmsg });
         }
     });
@@ -278,7 +278,7 @@ function handleGetSnippets(req, res, next) {
             res.json({ success: true, snippets });
         }
         catch (err) {
-            util_1.verboseError(err);
+            (0, util_1.verboseError)(err);
             return next({ statusCode: 500, message: "Problem retrieving snippets" });
         }
     });
@@ -313,7 +313,7 @@ function handleSetSnippet(req, res, next) {
             }
         }
         catch (err) {
-            util_1.verboseError(err);
+            (0, util_1.verboseError)(err);
             return next({ statusCode: 500, message: err.errmsg });
         }
     });

package/dist/index.js

@@ -29,7 +29,7 @@ const config_1 = require("./config");
 const controllerTests_1 = require("./controllerTests");
 const logSymbols = require("log-symbols");
 if (config_1.testUser) {
-    controllerTests_1.runTests(config_1.testUser).then(() => {
+    (0, controllerTests_1.runTests)(config_1.testUser).then(() => {
         console.log(chalk.green.bold(`Controller tests with user ${config_1.testUser} succeeded`));
         process.exit(0);
     }, err => {
@@ -41,16 +41,15 @@ if (config_1.testUser) {
 else {
     let app = express();
     app.use(bodyParser.urlencoded({ extended: true }));
-    app.use(bodyParser.json());
     app.use(cookieParser());
     app.use(bearerToken());
     app.use(cors());
     app.use(compression());
     app.set("view engine", "pug");
     app.set("views", path.join(__dirname, "../views"));
-    app.use("/api/auth", auth_1.authRouter);
-    app.use("/api/server", serverHandlers_1.serverRouter);
-    app.use("/api/database", database_1.databaseRouter);
+    app.use("/api/auth", bodyParser.json(), auth_1.authRouter);
+    app.use("/api/server", bodyParser.json(), serverHandlers_1.serverRouter);
+    app.use("/api/database", bodyParser.json(), database_1.databaseRouter);
     app.use("/config", (req, res) => {
         return res.json(config_1.RuntimeConfig);
     });
@@ -91,7 +90,7 @@ else {
             return res.redirect((_c = config_1.ServerConfig.serverAddress) !== null && _c !== void 0 ? _c : "");
         }
     });
-    app.get("/dashboard", function (req, res) {
+    app.get("/dashboard", (req, res) => {
         var _a, _b, _c, _d, _e, _f, _g;
         res.render("templated", {
             clientId: (_a = config_1.ServerConfig.authProviders.google) === null || _a === void 0 ? void 0 : _a.clientId,
@@ -105,6 +104,9 @@ else {
         });
     });
     app.use("/dashboard", express.static(path.join(__dirname, "../public")));
+    // Scripting proxy
+    const backendProxy = httpProxy.createServer({ ws: true });
+    app.post("/api/scripting/*", auth_1.authGuard, (0, serverHandlers_1.createScriptingProxyHandler)(backendProxy));
     // Simplified error handling
     app.use((err, req, res, next) => {
         err.statusCode = err.statusCode || 500;
@@ -114,10 +116,9 @@ else {
             message: err.message
         });
     });
-    const expressServer = http.createServer(app);
-    const backendProxy = httpProxy.createServer({ ws: true });
     // Handle WS connections
-    expressServer.on("upgrade", serverHandlers_1.createUpgradeHandler(backendProxy));
+    const expressServer = http.createServer(app);
+    expressServer.on("upgrade", (0, serverHandlers_1.createUpgradeHandler)(backendProxy));
     // Handle WS disconnects
     backendProxy.on("error", (err) => {
         // Ignore connection resets
@@ -131,7 +132,7 @@ else {
     });
     function init() {
         return __awaiter(this, void 0, void 0, function* () {
-            yield database_1.initDB();
+            yield (0, database_1.initDB)();
             const onListenStart = () => {
                 console.log(`Started listening for login requests on port ${config_1.ServerConfig.serverPort}`);
             };

package/dist/serverHandlers.js

@@ -9,7 +9,7 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
     });
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.serverRouter = exports.createUpgradeHandler = void 0;
+exports.serverRouter = exports.createScriptingProxyHandler = exports.createUpgradeHandler = void 0;
 const express = require("express");
 const url = require("url");
 const fs = require("fs");
@@ -81,7 +81,7 @@ function nextAvailablePort() {
                     }
                 }
                 catch (err) {
-                    util_1.verboseError(err);
+                    (0, util_1.verboseError)(err);
                     console.log(`Error checking status for port ${p}: ${err.message}`);
                 }
             }
@@ -140,14 +140,14 @@ function handleStartServer(req, res, next) {
                     const existingProcess = processMap.get(username);
                     if (existingProcess) {
                         // Kill the process via the kill script
-                        child_process_1.spawnSync("sudo", ["-u", `${username}`, config_1.ServerConfig.killCommand, `${existingProcess.process.pid}`]);
+                        (0, child_process_1.spawnSync)("sudo", ["-u", `${username}`, config_1.ServerConfig.killCommand, `${existingProcess.process.pid}`]);
                         // Delay to allow the parent process to exit
-                        yield util_1.delay(10);
+                        yield (0, util_1.delay)(10);
                         deleteProcess(username);
                     }
                 }
                 catch (e) {
-                    util_1.verboseError(e);
+                    (0, util_1.verboseError)(e);
                     console.log(`Error killing existing process belonging to user ${username}`);
                     return next({ statusCode: 400, message: "Problem killing existing process" });
                 }
@@ -162,7 +162,7 @@ function handleStartServer(req, res, next) {
                 return res.json({ success: true });
             }
             catch (e) {
-                util_1.verboseError(e);
+                (0, util_1.verboseError)(e);
                 return next(e);
             }
         }
@@ -199,8 +199,8 @@ function startServer(username) {
             }
             // Finally, add the positional argument for the base folder
             args.push(config_1.ServerConfig.baseFolderTemplate.replace("{username}", username));
-            const headerToken = uuid_1.v4();
-            const child = child_process_1.spawn("sudo", args, { env: { CARTA_AUTH_TOKEN: headerToken } });
+            const headerToken = (0, uuid_1.v4)();
+            const child = (0, child_process_1.spawn)("sudo", args, { env: { CARTA_AUTH_TOKEN: headerToken } });
             setPendingProcess(username, port, headerToken, child);
             let logLocation;
             if (config_1.ServerConfig.logFileTemplate) {
@@ -219,7 +219,7 @@ function startServer(username) {
                     });
                 }
                 catch (err) {
-                    util_1.verboseError(err);
+                    (0, util_1.verboseError)(err);
                     console.error(`Could not create log file at ${logLocation}. Please ensure folder exists and permissions are set correctly`);
                 }
             }
@@ -242,7 +242,7 @@ function startServer(username) {
                 logStream === null || logStream === void 0 ? void 0 : logStream.end();
             });
             // Check for early exit of backend process
-            yield util_1.delay(config_1.ServerConfig.startDelay);
+            yield (0, util_1.delay)(config_1.ServerConfig.startDelay);
             if (child.exitCode || child.signalCode) {
                 throw { statusCode: 500, message: `Problem starting process for user ${username}` };
             }
@@ -253,7 +253,7 @@ function startServer(username) {
             }
         }
         catch (e) {
-            util_1.verboseError(e);
+            (0, util_1.verboseError)(e);
             console.log(`Problem starting process for user ${username}`);
             logStream === null || logStream === void 0 ? void 0 : logStream.end();
             if (e.statusCode && e.message) {
@@ -276,9 +276,9 @@ function handleStopServer(req, res, next) {
             if (existingProcess) {
                 existingProcess.process.removeAllListeners();
                 // Kill the process via the kill script
-                child_process_1.spawnSync("sudo", ["-u", `${req.username}`, config_1.ServerConfig.killCommand, `${existingProcess.process.pid}`]);
+                (0, child_process_1.spawnSync)("sudo", ["-u", `${req.username}`, config_1.ServerConfig.killCommand, `${existingProcess.process.pid}`]);
                 // Delay to allow the parent process to exit
-                yield util_1.delay(10);
+                yield (0, util_1.delay)(10);
                 console.log(`Process with PID ${existingProcess.process.pid} for user ${req.username} exited via stop request`);
                 deleteProcess(req.username);
                 res.json({ success: true });
@@ -288,7 +288,7 @@ function handleStopServer(req, res, next) {
             }
         }
         catch (e) {
-            util_1.verboseError(e);
+            (0, util_1.verboseError)(e);
             console.log(`Error killing existing process belonging to user ${req.username}`);
             return next({ statusCode: 500, message: "Problem killing existing process" });
         }
@@ -311,14 +311,14 @@ const createUpgradeHandler = (server) => (req, socket, head) => __awaiter(void 0
             console.log(`Incoming Websocket upgrade request is missing an authentication token`);
             return socket.end();
         }
-        const token = yield auth_1.verifyToken(tokenString);
+        const token = yield (0, auth_1.verifyToken)(tokenString);
         if (!token || !token.username) {
             console.log(`Incoming Websocket upgrade request has an invalid token`);
             return socket.end();
         }
         const remoteAddress = ((_a = req.headers) === null || _a === void 0 ? void 0 : _a["x-forwarded-for"]) || ((_b = req.connection) === null || _b === void 0 ? void 0 : _b.remoteAddress);
         console.log(`WS upgrade request from ${remoteAddress} for authenticated user ${token.username}`);
-        const username = auth_1.getUser(token.username, token.iss);
+        const username = (0, auth_1.getUser)(token.username, token.iss);
         if (!username) {
             console.log(`Could not find username ${token.username} in the user map`);
             return socket.end();
@@ -333,7 +333,7 @@ const createUpgradeHandler = (server) => (req, socket, head) => __awaiter(void 0
         if (existingProcess && !existingProcess.process.signalCode) {
             if (!existingProcess.ready) {
                 // Wait until existing process is ready
-                yield util_1.delay(config_1.ServerConfig.startDelay);
+                yield (0, util_1.delay)(config_1.ServerConfig.startDelay);
             }
             console.log(`Redirecting to backend process for ${username} (port ${existingProcess.port})`);
             req.headers["carta-auth-token"] = existingProcess.headerToken;
@@ -352,6 +352,43 @@ const createUpgradeHandler = (server) => (req, socket, head) => __awaiter(void 0
     }
 });
 exports.createUpgradeHandler = createUpgradeHandler;
+const createScriptingProxyHandler = (server) => (req, res, next) => __awaiter(void 0, void 0, void 0, function* () {
+    var _d, _e, _f;
+    const username = req === null || req === void 0 ? void 0 : req.username;
+    if (!username) {
+        return next({ statusCode: 401, message: "Not authorized" });
+    }
+    if (!req.scripting) {
+        return next({ statusCode: 403, message: "API token supplied does not permit scripting" });
+    }
+    try {
+        const remoteAddress = ((_d = req.headers) === null || _d === void 0 ? void 0 : _d["x-forwarded-for"]) || ((_e = req.connection) === null || _e === void 0 ? void 0 : _e.remoteAddress);
+        let existingProcess = processMap.get(username);
+        if (!(existingProcess === null || existingProcess === void 0 ? void 0 : existingProcess.process) || existingProcess.process.signalCode) {
+            // Attempt to start new process
+            (_f = existingProcess === null || existingProcess === void 0 ? void 0 : existingProcess.process) === null || _f === void 0 ? void 0 : _f.removeAllListeners();
+            yield startServer(username);
+            existingProcess = processMap.get(username);
+        }
+        if (existingProcess && !existingProcess.process.signalCode) {
+            if (!existingProcess.ready) {
+                // Wait until existing process is ready
+                yield (0, util_1.delay)(config_1.ServerConfig.startDelay);
+            }
+            req.headers["carta-auth-token"] = existingProcess.headerToken;
+            return server.web(req, res, { target: { host: "localhost", port: existingProcess.port } });
+        }
+        else {
+            return next({ statusCode: 500, message: `Backend process could not be started for ${username}` });
+        }
+    }
+    catch (err) {
+        console.log(`Error proxying scripting request for ${req.username}`);
+        console.log(err);
+        return next({ statusCode: 500, message: `Error proxying scripting request for ${req.username}` });
+    }
+});
+exports.createScriptingProxyHandler = createScriptingProxyHandler;
 exports.serverRouter = express.Router();
 exports.serverRouter.post("/start", auth_1.authGuard, util_1.noCache, handleStartServer);
 exports.serverRouter.post("/stop", auth_1.authGuard, util_1.noCache, handleStopServer);

package/dist/types.js

@@ -1,3 +1,10 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
+exports.ScriptingAccess = void 0;
+var ScriptingAccess;
+(function (ScriptingAccess) {
+    ScriptingAccess["Enabled"] = "enabled-all-users";
+    ScriptingAccess["Disabled"] = "disabled-all-users";
+    ScriptingAccess["OptIn"] = "opt-in";
+})(ScriptingAccess = exports.ScriptingAccess || (exports.ScriptingAccess = {}));
 //# sourceMappingURL=types.js.map

package/docs/src/centos8_instructions.rst

@@ -0,0 +1,248 @@
+.. _centos8_instructions:
+
+Step-by-step instructions for CentOS 8
+======================================
+
+.. note::
+
+    These instructions should also work for RHEL 8, AlmaLinux, and Rocky Linux. Some changes may be necessary for RHEL 7 / CentOS 7.
+
+
+1. Install Node.js
+~~~~~~~~~~~~~~~~~~
+
+The CARTA controller uses `Node.js <https://nodejs.org/>`_ and supports v12, v14, and v16. Node.js can easily be installed from the CentOS 8 AppStream repository. Here we install v14, as well as the ``npm`` package manager.
+
+.. code-block:: shell
+
+    # Install Node.js v14:
+    sudo dnf module enable nodejs:14
+    sudo dnf install -y nodejs npm
+
+    # Check it is installed and working:
+    node --version
+    npm --version
+
+2. Install MongoDB
+~~~~~~~~~~~~~~~~~~
+
+The CARTA controller uses `MongoDB <https://www.mongodb.com/>`_ to store user preferences, etc.. MongoDB is not available through the default CentOS 8 repositories, but we can add a custom repository to install it more easily.
+
+.. code-block:: shell
+    
+    # Create a custom MongoDB repo file:
+    sudo cat <<EOT >> /etc/yum.repos.d/mongodb-org.repo
+    [mongodb-org-4.4]
+    name=MongoDB Repository
+    baseurl=https://repo.mongodb.org/yum/redhat/$releasever/mongodb-org/4.4/x86_64/
+    gpgcheck=1
+    enabled=1
+    gpgkey=https://www.mongodb.org/static/pgp/server-4.4.asc
+    EOT
+
+    # Install MongoDB:
+    sudo dnf update
+    sudo dnf install -y mongodb-org
+    
+    # Start and enable MongoDB to run on startup:
+    sudo systemctl start mongod
+    sudo systemctl enable mongod
+
+    # Check that it is working
+    sudo systemctl status mongod
+
+.. note::
+
+    On RHEL7/CentOS7, MongoDB v14 can be installed as follows:
+    ``curl -fsSL https://rpm.nodesource.com/setup_14.x | bash - && yum install -y nodejs``
+
+
+3. Install the CARTA controller
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+The easiest way to install the CARTA controller is using ``npm``. 
+
+.. code-block:: shell
+
+    sudo dnf install -y python3 make gcc-c++
+    sudo npm install -g --unsafe-perm carta-controller@beta
+
+.. note::
+
+    The CARTA controller executable will be installed at ``/usr/local/lib/node_modules/carta-controller``.
+    The CARTA frontend will be installed at ``/usr/local/lib/node_modules/carta-controller/node_modules/carta-frontend/build``.
+
+.. note::
+    
+    Do not pass the ``--unsafe-perm`` flag to ``npm`` if using a local install.
+
+.. note::
+    
+    On RHEL7/CentOS7 the CARTA controller package can not run with the default gcc version 4.8.5 (there would be an error due to ``node-linux-pam``). 
+    A work around is to install a newer GCC version from source in order to get a newer ``libstdc++.so.6``, then add the location of the newer 
+    ``libstdc++.so.6`` to the LD_LIBRARY_PATH. After that, the CARTA controller can run on RHEL7/CentOS7.
+
+
+
+4. Install the CARTA backend
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+The easiest way may be to install the CARTA backend is from our cartavis RPM repository.
+
+.. code-block:: shell
+
+    # Install the CARTA backend
+    sudo curl https://packages.cartavis.org/cartavis-el8.repo --output /etc/yum.repos.d/cartavis.repo
+    sudo dnf -y install 'dnf-command(config-manager)'
+    sudo dnf -y install epel-release
+    sudo dnf -y config-manager --set-enabled powertools
+    sudo dnf -y install carta-backend-beta
+
+    # Check that the backend can run and matches the major version number of the controller
+    /usr/bin/carta_backend --version
+
+
+5. Install Nginx
+~~~~~~~~~~~~~~~~
+
+The CARTA controller requires a webserver. Here we use `NGINX <https://www.nginx.com/>`_, but Apache should work too.
+
+.. code-block:: shell
+
+    # Install nginx:
+    sudo dnf install -y nginx
+    sudo systemctl start nginx
+    sudo systemctl enable nginx
+    sudo setsebool -P httpd_can_network_connect 1
+    sudo firewall-cmd --permanent --zone=public --add-service=http
+    sudo firewall-cmd --permanent --zone=public --add-service=https
+    sudo firewall-cmd --reload
+
+    # Set up the nginx configuration file using our sample configuration file linked below:
+    sudo cd /etc/nginx/conf.d/
+    sudo vi /etc/nginx/conf.d/carta.conf
+    sudo systemctl restart nginx
+
+    # Check it is running:
+    sudo systemctl status nginx
+
+A :ref:`sample configuration file<example_nginx>` is provided in the configuration section. This should be adapted to your server configuration.
+
+.. note::
+    If there are problems, you can debug with ``journactl -xe`` and by checking log files in ``/var/log/nginx/``.
+
+
+6. Create the 'carta' user and modify sudoers
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+For security, we recommend not to run the CARTA controller as the root user. Therefore we create a new user called ``carta``. 
+
+We will assign the group ``carta-users`` to every user account and enable them to run ``/usr/bin/carta_backend`` and the script to close the CARTA backend, ``/usr/local/bin/carta-kill-script``, by adding a custom entry to the ``sudoers`` file.
+
+.. code-block:: shell
+    
+    # Create the carta user:
+    sudo adduser carta
+    # Check everything is OK
+    id carta
+    # It should show 'uid=1000(carta) gid=1000(carta) groups=1000(carta)'
+
+    # So that log files can be written:
+    sudo mkdir -p /var/log/carta
+    sudo chown -R carta /var/log/carta
+
+    # Add the custom sudoers file entry using our sample linked below
+    sudo visudo -f /etc/sudoers.d/carta_controller
+    
+An :ref:`example sudoers configuration<example_sudoers>` is provided in the configuration section.
+
+.. note::
+    The only safe way to modify sudoers is using ``visudo``. Any syntax errors from directly editing sudoers could make your system unusable.
+
+.. note::
+    The ``carta`` user should not be in the ``carta-users`` group. ``carta-users`` should only be assigned to the normal user accounts.
+
+7. Set up the user authentication method
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+This is the most difficult step and depends on how you authenticate users at your institute. In this step-by-step guide we use PAM local authentication and a local user, ``bob``, on the server running the CARTA controller. The user ``bob`` needs to be part of the ``carta-users`` group.
+
+With PAM authentication, the ``carta`` user that runs the CARTA controller requires access to the ``/etc/shadow`` file in order to authenticate other users. We can enable this by creating a new group called ``shadow`` and assigning the ``/etc/shadow`` file to that group.
+
+.. note::
+    Only PAM with local authentication requires ``/etc/shadow`` access. PAM using LDAP, and Google OAuth, do not require ``/etc/shadow`` access. 
+
+.. code-block:: shell
+
+    # Create the test user 'bob':
+    sudo useradd -G carta-users bob
+    sudo passwd bob
+
+    # A new group called 'shadow' needs to be assinged to the /etc/shadow file and user 'carta':
+    sudo groupadd shadow
+    sudo chgrp shadow /etc/shadow
+    sudo chmod g+r /etc/shadow
+    sudo usermod -a -G shadow carta
+    ls -l /etc/shadow
+    # It should show permissions as ----r-----. 1 root shadow
+    # It could be helpful to reboot the server at this point
+    sudo reboot 
+
+
+8. Configure the CARTA controller
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+Create and fill in the ``config.json`` using our :ref:`sample configuration file<example_config>`. 
+Also generate private/public keys as they are used by the CARTA controller to sign/verify/refresh access tokens.
+
+.. code-block:: shell
+
+    sudo mkdir /etc/carta
+    sudo chown -R carta /etc/carta
+    vi /etc/carta/config.json
+    
+    # Generate private/public keys:
+    cd /etc/carta
+    sudo openssl genrsa -out carta_private.pem 4096
+    sudo openssl rsa -in carta_private.pem -outform PEM -pubout -out carta_public.pem
+
+Please check the `CARTA Configuration Schema <https://carta-controller.readthedocs.io/en/latest/schema.html#schema>`_ for all available options.
+
+
+9. Check everything is working
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+Here we switch to the ``carta`` user and test the CARTA controller with our test user ``bob``:
+
+.. code-block:: shell
+
+    su - carta
+    carta-controller -verbose -test bob
+
+If the test is successful, the CARTA controller should be ready to deploy.
+
+
+10. Start the CARTA controller
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+.. code-block:: shell
+
+    su - carta
+    carta-controller
+
+Now your users should be able to access your server's URL and log into CARTA.
+
+
+Optional: Set up the CARTA controller to run with pm2
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+`pm2 <https://pm2.keymetrics.io/>`_ is a very convenient tool to keep the CARTA controller service running in the background, and even start it up automatically after a reboot.
+
+.. code-block:: shell
+
+    sudo npm install -g pm2
+    su -carta
+    pm2 start carta-controller
+
+Please refer to the `pm2 documentation <https://pm2.keymetrics.io/docs/usage/startup/>`_ for detailed instructions.
+

package/docs/src/conf.py

@@ -22,7 +22,7 @@ copyright = '2021, Angus Comrie, Adrianna Pińska and Robert Simmonds'
 author = 'Angus Comrie, Adrianna Pińska and Robert Simmonds'
 
 # The full version, including alpha/beta/rc tags
-release = '3.0.0-beta.1d'
+release = '3.0.0-beta.2'
 
 
 # -- General configuration ---------------------------------------------------