• Applets
  • Getting started
  • Team
  • Donate

Google Server Setup Guide

By default, MindLogger response data are end-to-end encrypted and stored on the non-profit Child Mind Institute’s AWS account. We provide instructions below for owners of MindLogger applets who need to have all response data from their applets stored on their own GCP account’s server. If this situation applies to you, please contact matter[email protected] before continuing with the instructions below.

Contents

  • Information MindLogger developers will need to set up your GCP server connection
  • Set up GCP bucket
    • Create GCP project
    • Create GCP user role
    • Create GCP storage bucket
    • Create GCP storage access keys
  • Set up PostgreSQL with Cloud SQL (recommended way)
    • Create Cloud SQL Database
  • Set up PostgreSQL manually
    • Create GCP instance
    • Allow PostgreSQL external port
    • Set up PostgreSQL with apt



Information MindLogger developers will need to set up your server connection

Routing encrypted data collected from the MindLogger app to your GCP server requires initial setup assistance from MindLogger developers. If you follow the instructions in this guide, you will be able to provide them with the following required information to connect your server:

  • GCP variables to access your PostgreSQL database:
    • MindLogger account owner email address
    • PostgreSQL database name (if changed from “mindlogger” in step 35)
    • Database username (if changed from “mindlogger” in step 36)
    • Database password (step 36)
    • Database port (if different than the default 5432)
    • Public IP address for your MindLogger instance (step 22)
  • GCP variables to access your MindLogger Google storage bucket (for media files):
    • Storage bucket name (if changed from “my-mindlogger-bucket” in step 11)
    • Service account (step 23)
    • Access key (step 15)
    • Secret access key (step 15)


arrow



Set up GCP bucket

Create GCP project

Everything related to your MindLogger server should be housed within a single project. The following instructions will guide you to set up a new GCP project.

  • Sign in to Google Cloud Platform:

    step1-gcp-sign-in


  • Enter “project” in the search box at top and select “Create a Project”:

    step2-search-project


  • Name the project and tap the blue “CREATE” button:

    step3-new-project-name


  • Tap “SELECT PROJECT” or select the new project from the dropdown menu at top:

    step4-select-new-project


arrow



Create GCP user role

You do not want to share information about a user with root access to your GCP account to MindLogger developers or anyone else! The following instructions will guide you to assign a role with restricted access to a new storage bucket for (optional) media files collected by your MindLogger applets.

  • Tap the “ADD PEOPLE TO THIS PROJECT” link in the new project’s dashboard:

    step5-new-project


  • Add a principal (user, in this case the owner of the account):

    step6-add-principal


  • In the “Select a role” search box, enter “storage”:

    step7-filter-role


  • Select “Storage Object Admin”, then tap the blue “SAVE” button:

    step8-select-role


arrow



Create GCP storage bucket

This section will guide you to create a new GCP bucket for (optional) media files collected by your MindLogger applets.

  • Enter “storage” in the search box at top and select “Cloud Storage”:

    step9-search-storage


  • On the Cloud Storage page, tap the blue “CREATE BUCKET” button:

    step10-cloud-storage


  • Enter “my-mindlogger-bucket” into the Bucket name field and make it unique: append your company name or the project name. Tap the blue “CREATE” button:

    step11-name-bucket


  • You will then be taken to the new bucket’s page:

    step12-bucket


arrow



Create GCP storage access keys

This section will guide you to generate access keys that you will need to share with MindLogger developers [see top].

  • On the Cloud Storage page, select the “INTEROPERABILITY” tab in “Settings”:

    step13-storage-settings


  • Scroll down to “Access keys for your user account” under “User Account HMAC”:

    step14-storage-access-keys


  • Tap the “CREATE A KEY” button to generate an Access key and Secret access key:

    *** SHARE THIS INFORMATION ONLY WITH MINDLOGGER ADMINISTRATORS ***

    [see top]

    step15-create-access-key


arrow



Set up PostgreSQL with Cloud SQL

Create Cloud SQL Database

  • Start typing sql in the search box at top and select SQL:

    gcp-search


  • Click create instance:

    create-db


  • Choose DB type PostgreSQL:

    db-type


  • Specify DB instance (mindlogger-server) and the DB password. Use safe and complex one.

    Note: Share the instance id and password with MindLogger administrators

    db-pass


  • Specify PostgreSQL 15 and Enterprise edition:

    db-version


  • Specify Production preset, us-east-1 region and Multiple zones:

    db-zone


  • Click Show Configuration Options

    db-options


  • Choose the slowest machine configuration:

    db-cpu


  • Specify the storage size 20gb SSD:

    db-storage


  • Expand Connections, mark public IP assigned and click Add network:

    db-public


  • Add network for each of the following IPs: 3.227.120.88, 50.16.133.36, 18.210.53.226, 54.145.72.213

    db-network


  • Click Create instance. Once it’s done, you will be redirected to the instance page.

    Copy the database IP and share it with MindLogger administrators:

    db-ip


arrow



Set up PostgreSQL manually

Create GCP instance

Your MindLogger database needs to be set up somewhere to store the response data collected by your MindLogger applets. This section will guide you to create a new GCP Ubuntu Linux instance.

  • Enter “vm” in the search box at top and select “Add VM Instance”:

    step16-search-vm


  • Tap the blue “ENABLE” button on the Compute Engine API page:

    step17-enable-compute-engine-api


  • Tap the blue “CREATE INSTANCE” button on the Compute Engine page:

    step18-compute-engine


  • Name the instance:

    step19-name-instance


  • Set the “Machine type” to “e2-micro”:

    step20-instance-machine-type


  • Find “Boot disk” section and click Change:

    step18-search-ec2


  • Specify Ubuntu 22.04 x86/64 and the disk size 20 GB:

    step18-search-ec2


  • Create the instance by tapping the blue “CREATE” button:

    step21-create-instance


  • Select the newly-created instance under “INSTANCES”:

    Note: Share the External IP address with MindLogger administrators [see top]

    step22-select-instance


    Note: Share Service account information with MindLogger administrators [see top]

    step23-instance-details


arrow



Allow PostgreSQL external port

In order to get access to PostgreSQL instance from the internet you will need to open external port.

  • In the search input type Firewall and click on the found item.
    open firewall


  • Click Create Firewall Rule.
    create rule


  • Enter “allow-postgres” to the rule name.
    rule name


  • Enter “allow-postgres” to the rule tags and hit enter.
    rule tags


  • Enter “100.26.87.223/32,107.20.238.236/32” to the rule ip range.
    rule ip


  • Enter “5432” to the TCP ports input.
    rule port


  • Click save button.

  • Go to instances, and click to the instance name.
    show instance


  • Click edit instance.
    edit instance


  • Enter “allow-postgres” to the network tags, hit enter and click Save.
    add network tags



Set up PostgreSQL with apt

This section will guide you to create an empty MindLogger postgres database.

Install PostgreSQL

  • Run the following command in terminal:

    sudo apt-get update -y
    
  • Install the PostgreSQL server:

    sudo apt-get install postgresql-14 -y
    
  • Check its status

    sudo systemctl status postgresql
    
  • Enable service autostart

    sudo systemctl enable postgresql
    

Create user and database

  • Create database “mindlogger” with the following commands:
    su postgres
    createdb mindlogger
    

    Note: Share the database name with MindLogger administrators [see top]

  • Get into PostgreSQL console by running psql mindlogger in terminal

  • Create a mindlogger user with the following commands:
    CREATE USER mindlogger WITH ENCRYPTED PASSWORD 'new_password';
    GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO mindlogger;
    GRANT ALL PRIVILEGES ON DATABASE mindlogger TO mindlogger;
    GRANT ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA public TO mindlogger;
    GRANT ALL ON DATABASE mindlogger TO mindlogger;
    GRANT USAGE, CREATE ON SCHEMA public TO mindlogger;
    

    Note: replace new_password with a new safe and complex password.

    Note: Share the database username and password with MindLogger administrators [see top]

  • Exit from PostgreSQL console by typing exit

  • Exit from postgres user by typing exit

Configure PostgreSQL security

  • Let’s configure the Postgres Listening IP. Edit the postgres settings file

    sudo nano /etc/postgresql/14/main/postgresql.conf
    
  • Find the #listen_addresses = 'localhost' line and replace it with this line:

    listen_addresses = '*'
    
  • Save and exit the editor. You need to press Ctrl+O, hit enter and then press Ctrl+X

  • Let’s configure the Postgres Allowed IPs. Edit the postgres settings file

    sudo nano /etc/postgresql/14/main/pg_hba.conf
    
  • Paste the following content at the end of this file:

    host    all             all             100.26.87.223/32          md5
    host    all             all             107.20.238.236/32         md5
    
  • Save and exit the editor. You need to press Ctrl+O, hit enter and then press Ctrl+X

  • Restart the service

    sudo service postgresql restart
    


arrow




Updated by Arno 2022-07-02
nimh-logo
mit-logo
lpi-logo
hearst-logo
hirani-logo
Contact: [email protected]
© Child Mind Institute 2023
  • Terms
  • Conduct
  • Principles