README.md 3.79 KB
Newer Older
1
# EduGAIN Connectivity Check Service 2 - ECCS2
Marco Malavolti's avatar
Marco Malavolti committed
2

3
4
5
6
7
8
9
10
11
12
# Requirements Hardware

* OS: Debian 9,10 (tested)
* HDD: 10 GB
* RAM: 4 GB
* CPU: >= 2 vCPU

# Requirements Software

* Apache Server + WSGI
13
* Python 3.8 (tested with v3.8.3)
14
15
16
17
* Selenim + Chromium Web Brower

# HOWTO Install and Configure

18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
# Install Python 3.8.x

1. Update the system packages:
   * `sudo apt update ; sudo apt upgrade -y`

2. Install needed packages to build python:
   * `sudo apt install build-essential zlib1g-dev libncurses5-dev libgdbm-dev libnss3-dev libssl-dev libreadline-dev libffi-dev`

3. Download the last version of Python 3.8.x from https://www.python.org/downloads/source/:
   * `sudo wget https://www.python.org/ftp/python/3.8.3/Python-3.8.3.tgz -O /usr/local/src/Python-3.8.3.tar.gz`

4. Extract Python source package:
   * `sudo cd /usr/local/src/`
   * `sudo tar xzf Python-3.8.3.tar.gz`

5. Build Python from the source package:
   * `sudo cd /usr/local/src/Python-3.8.3`
   * `sudo ./configure --enable-optimizations`
   * `sudo make -j 4`

6. Install Python 3.8.x (without replacing the system `python3` command) under `/usr/local/bin/python3.8`:
   * `sudo make altinstall`
   * `python3.8 --version`

7. Create link of Python3.8 for scripts:
   * `sudo ln -s /usr/local/bin/python3.8 /usr/bin/python3.8`

45
46

# Install requirements for uWSGI used by ECCS2 API:
47
48
49

* `sudo apt-get install libpcre3 libpcre3-dev libapache2-mod-proxy-uwsgi build-essentials python3-dev`

50
51

# Install Chromium used by Selenium
52

53
* `sudo apt install chromium chromium-l10n git jq`
54

55

56
57
58
59
60
61
# Install ECCS2

* `cd ~ ; git clone https://github.com/malavolti/eccs2.git`
* `cd eccs2`
* `python3.8 -m pip install --user --upgrade virtualenv`
* `virtualenv -p python38 eccs2venv`
62
* `source eccs2venv/bin/activate`   (`deactivate` to exit Virtualenv)
63
64
65
66
67
  * `pip install --upgrade pip uwsgi`
  * `pip install -r requirements.txt`

# Configure ECCS2

68
69
1. Configure ECCS2 properties
   * `vim eccs2properties.py` (and change it on your needs)
70

71
72
2. Configure ECCS2 cron job for your local user (`debian` into this example):
   * `sudo crontab -u debian -e`
73

74
75
76
     ```bash
     0 4 * * * /bin/bash /opt/eccs2/cleanAndRunEccs2.sh > /opt/eccs2/logs/eccs2cron.log 2>&1  
     ```
Marco Malavolti's avatar
Marco Malavolti committed
77

78
79
80
81
82
3. Configure the ECCS2 systemd service to enable its API:
   * `sudo cp eccs2.service /etc/systemd/system/eccs2.service`
   * `sudo systemctl daemon-reload`
   * `sudo systemctl enable eccs2.service`
   * `sudo systemctl start eccs2.service`
83

84
85
86
87
4. Configure Apache for the ECCS2 Web side:
   * `sudo cp eccs2.conf /etc/apache2/conf-available/eccs2.conf`
   * `sudo a2enconf eccs2.conf`
   * `sudo systemctl reload apache2.service`
88

89

90
# Run ECCS2 manually
91

92
93
94
95
96
97
  * `cd ~/eccs2`
  * `./cleanAndRunEccs2.py` (to run a full and clean check)
  * `./runEccs2.py` (to run a full check on the existing inputs)
  * `./runEccs2.py --idp <IDP-ENTITYID>` (to run check on a single IdP)
  * `./runEccs2.py --idp --test` (to run a full check on a single IdP without effects)
  * `./runEccs2.py --idp <IDP-ENTITYID> --test` (to run check on a single IdP without effects)
98

99

100
101
102
# ECCS2 API Development Server

* `cd ~/eccs2 ; ./api.py`
103
104


105
106
107
108
109
110
111
112
113
114
115
116
117
118
# ECCS2 API JSON

* `/api/test` (Trivial Test)
* `/api/eccsresults` (Return the results of the last check ready for ECCS Gui)
* `/api/eccsresults?<parameter>=<value>`:
  * `date=2020-02-20` (select date)
  * `idp=https://idp.example.org/idp/shibboleth`  (select a specific idp)
  * `status=` (select specific ECCS2 status)
    * 'OK'
    * 'ERROR'
    * 'DISABLED'
  * `reg_auth=https://reg.auth.example.org` (select a specific Registration Authority)
* `/api/fedstats`
* `/api/fedstats?reg_auth=https://reg.auth.example.org`:
119

120
121
122
123

# UTILITY FOR WEB INTERFACE

The available dates are provided by the first and the last file created into the `output/` directory
124
125
126

To clean the ECCS2 results from files older than last 7 days use:

Marco Malavolti's avatar
Marco Malavolti committed
127
* `clean7daysOldFiles.sh`