README.md 2.18 KB
Newer Older
Lukas Burgey's avatar
Lukas Burgey committed
1 2
FEderated User Credential Deployment PortAL (FEUDAL)
====
ubedv's avatar
ubedv committed
3 4
- User interface: [Webpage](https://git.scc.kit.edu/feudal/feudalWebpage)
- Component at the sites: [Client](https://git.scc.kit.edu/feudal/feudalClient)
Lukas Burgey's avatar
Lukas Burgey committed
5 6


Lukas Burgey's avatar
Lukas Burgey committed
7 8

Installation
Lukas Burgey's avatar
Lukas Burgey committed
9
----
Lukas Burgey's avatar
Lukas Burgey committed
10

11
- apt install nginx uwsgi-plugin-python3 virtualenv default-libmysqlclient-dev gcc
Lukas Burgey's avatar
Lukas Burgey committed
12
	- Notes: gcc is needed for the python package mysqlclient
13 14 15
- Install rabbitmq 3.7.7 (e.g. from: [here](https://www.rabbitmq.com/install-debian.html#bintray-apt-repo-erlang))
- Add a user for the backend
	- useradd -m feudal
Lukas Burgey's avatar
Lukas Burgey committed
16
- su feudal
17 18
	- git clone git.scc.kit.edu/feudal/feudalBackend ~/feudalBackend
	- cd ~/feudalBackend
Lukas Burgey's avatar
Lukas Burgey committed
19
		- ./install
20 21 22 23


Configuration
----
ubedv's avatar
ubedv committed
24 25 26

- Please inspect the [example configuration](https://git.scc.kit.edu/feudal/feudalBackend/tree/master/example-config)

27
- Configure your database in ~/.my.cnf
ubedv's avatar
ubedv committed
28 29 30 31 32
- Django / UWSGI configuration is done in ~/config
	- Configure django in ~/config/django_settings.py
	- Configure uwsgi using ~/config/uwsgi.ini
		- Enable the uwsgi service using systemd
			- systemctl --user --now enable uwsgi
Lukas Burgey's avatar
Lukas Burgey committed
33
- Configure nginx in /etc/nginx/conf.d/feudal.conf
34 35 36 37 38 39 40 41
	- Copy the dhparam.pem file to /etc/nginx/cert
	- Enable nginx service using systemd
		- systemctl --now enable nginx
- Configure rabbitmq in /etc/rabbitmq/rabbitmq.conf
	- Enable rabbitmq plugins:
		- rabbitmq-plugins enable rabbitmq_web_stomp rabbitmq_stomp rabbitmq_auth_backend_http
	- Enable rabbitmq using systemd
		- systemctl --now enable rabbitmq-server
ubedv's avatar
ubedv committed
42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59


		
Runtime Configuration
----

- For runtime configuration we use the django inbuilt admin interface.
 	- Default path of the django admin: `/backend/admin`	
	- The credentials for the admin were entered by you during the run of the `install` script
- Your OpenId Connect clients are configured in `Home > Backend > Oidc configs`
	- The default redirect URI is: `/backend/auth/v1/callback`
	- `scopes` is a list of strings (JSON)
- Users *and* FEUDAL Clients are managed in `Home > Backend > Users`
	- You can manually add FEUDAL Clients
	- You can specify admin users
- You need to configure the `sites`, which provide services to your users in `Home > Backend > Sites`
- Configure your RabbitMQ instance in `Home > Backend > Rabbit mq instances`