Commit 2642cd48 authored by Lukas Burgey's avatar Lukas Burgey

Update example config, README, and install script

parent 58aa92a6
......@@ -8,20 +8,31 @@ FEderated User Credential Deployment PortAL (FEUDAL)
Installation
----
- apt install nginx rabbitmq-server uwsgi-plugin-python3 virtualenv default-libmysqlclient-dev gcc
- apt install nginx uwsgi-plugin-python3 virtualenv default-libmysqlclient-dev gcc
- Notes: gcc is needed for the python package mysqlclient
- useradd -m feudal
- Install rabbitmq 3.7.7 (e.g. from: [here](https://www.rabbitmq.com/install-debian.html#bintray-apt-repo-erlang))
- Add a user for the backend
- useradd -m feudal
- su feudal
- git clone git.scc.kit.edu/feudal/feudalBackend ~/backend
- Configure your database in ~/.my.cnf
- Configure django in ~/backend/feudal/settings.py
- cd ~/backend
- git clone git.scc.kit.edu/feudal/feudalBackend ~/feudalBackend
- cd ~/feudalBackend
- ./install
- Configure uwsgi in /etc/uwsgi/feudal.ini
Configuration
----
- Configure your database in ~/.my.cnf
- Configure django in ~/config/django_settings.py
- Most configuration is done in ~/config
- Configure uwsgi using ~/config/uwsgi.ini
- Enable the uwsgi service using systemd
- systemctl --user --now enable uwsgi
- Configure nginx in /etc/nginx/conf.d/feudal.conf
- su feudal
- cd ~/backend
- source env/bin/activate
- ./manage.py makemigrations backend
- ./manage.py migrate
- ./manage.py create superuser
- Copy the dhparam.pem file to /etc/nginx/cert
- Enable nginx service using systemd
- systemctl --now enable nginx
- Configure rabbitmq in /etc/rabbitmq/rabbitmq.conf
- Enable rabbitmq plugins:
- rabbitmq-plugins enable rabbitmq_web_stomp rabbitmq_stomp rabbitmq_auth_backend_http
- Enable rabbitmq using systemd
- systemctl --now enable rabbitmq-server
......@@ -20,15 +20,15 @@ auth_backends.2 = http
# external authentication endpoints at the feudal backend
auth_http.http_method = post
auth_http.user_path = https://hdf-portal.data.kit.edu:443/backend/auth/v1/client/user
auth_http.vhost_path = https://hdf-portal.data.kit.edu:443/backend/auth/v1/client/vhost
auth_http.resource_path = https://hdf-portal.data.kit.edu:443/backend/auth/v1/client/resource
auth_http.topic_path = https://hdf-portal.data.kit.edu:443/backend/auth/v1/client/topic
auth_http.user_path = https://hdf-portal-dev.data.kit.edu:443/backend/auth/v1/client/user
auth_http.vhost_path = https://hdf-portal-dev.data.kit.edu:443/backend/auth/v1/client/vhost
auth_http.resource_path = https://hdf-portal-dev.data.kit.edu:443/backend/auth/v1/client/resource
auth_http.topic_path = https://hdf-portal-dev.data.kit.edu:443/backend/auth/v1/client/topic
# ssl setup (needed for amqp)
ssl_options.cacertfile = /etc/ssl/hdf-portal.data.kit.edu/chain.pem
ssl_options.certfile = /etc/ssl/hdf-portal.data.kit.edu/cert.pem
ssl_options.keyfile = /etc/ssl/hdf-portal.data.kit.edu/key.pem
ssl_options.cacertfile = /etc/ssl/hdf-portal-dev.data.kit.edu/chain.pem
ssl_options.certfile = /etc/ssl/hdf-portal-dev.data.kit.edu/cert.pem
ssl_options.keyfile = /etc/ssl/hdf-portal-dev.data.kit.edu/key.pem
ssl_options.verify = verify_none
ssl_options.fail_if_no_peer_cert = false
......
/home/feudal/.config/systemd/user/uwsgi.service
\ No newline at end of file
......@@ -4,12 +4,11 @@ After=syslog.target
[Service]
Type=notify
ExecStart=/usr/local/bin/uwsgi --ini /etc/uwsgi/feudal.ini --uid www-data --gid www-data
ExecStart=/usr/bin/uwsgi --ini %h/config/uwsgi.ini
RuntimeDirectory=uwsgi
KillSignal=SIGQUIT
StandardError=syslog
User=hdf
Restart=on-failure
[Install]
WantedBy=multi-user.target
WantedBy=default.target
......@@ -2,11 +2,11 @@
# Django-related settings
# the base directory (full path)
chdir = /home/feudal/backend
chdir = /home/feudal/feudalBackend
# Django's wsgi file
module = feudal.wsgi
# the virtualenv (full path)
home = /home/feudal/backend/env
home = /home/feudal/feudalBackend/env
# process-related settings
# master
......@@ -14,10 +14,9 @@ master = true
# maximum number of worker processes
processes = 1
# the socket (use the full path to be safe
socket = /home/feudal/backend/feudal.sock
socket = /home/feudal/feudalBackend/feudal.sock
# ... with appropriate permissions - may be needed
chmod-socket = 666
# clear environment on exit
vacuum = true
env = DJANGO_SETTINGS_MODULE=/home/feudal/configs/dango_settings.py
......@@ -8,6 +8,9 @@ echo "Using logs dir: $logs_dir"
mkdir -p $logs_dir $config_dir
cp ./example-config/home/feudal/config/* $config_dir/
mkdir -p ~/.config
cp ./example-config/home/feudal/.config/systemd $config_dir/
ln -s $config_dir/django_settings.py ./feudal/settings.py
echo
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment