README.md 3.9 KB
Newer Older
1
# EduGAIN Connectivity Check Service 2 - ECCS2
Marco Malavolti's avatar
Marco Malavolti committed
2

3
4
5
6
7
8
9
10
11
12
# Requirements Hardware

* OS: Debian 9,10 (tested)
* HDD: 10 GB
* RAM: 4 GB
* CPU: >= 2 vCPU

# Requirements Software

* Apache Server + WSGI
13
* Python 3.8 (tested with v3.8.3)
14
15
16
17
* Selenim + Chromium Web Brower

# HOWTO Install and Configure

18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
# Install Python 3.8.x

1. Update the system packages:
   * `sudo apt update ; sudo apt upgrade -y`

2. Install needed packages to build python:
   * `sudo apt install build-essential zlib1g-dev libncurses5-dev libgdbm-dev libnss3-dev libssl-dev libreadline-dev libffi-dev`

3. Download the last version of Python 3.8.x from https://www.python.org/downloads/source/:
   * `sudo wget https://www.python.org/ftp/python/3.8.3/Python-3.8.3.tgz -O /usr/local/src/Python-3.8.3.tar.gz`

4. Extract Python source package:
   * `sudo cd /usr/local/src/`
   * `sudo tar xzf Python-3.8.3.tar.gz`

5. Build Python from the source package:
   * `sudo cd /usr/local/src/Python-3.8.3`
   * `sudo ./configure --enable-optimizations`
   * `sudo make -j 4`

6. Install Python 3.8.x (without replacing the system `python3` command) under `/usr/local/bin/python3.8`:
   * `sudo make altinstall`
   * `python3.8 --version`

7. Create link of Python3.8 for scripts:
   * `sudo ln -s /usr/local/bin/python3.8 /usr/bin/python3.8`

45
46

# Install requirements for uWSGI used by ECCS2 API:
47
48
49

* `sudo apt-get install libpcre3 libpcre3-dev libapache2-mod-proxy-uwsgi build-essentials python3-dev`

50
51

# Install Chromium used by Selenium
52

53
* `sudo apt install chromium chromium-l10n git jq`
54

55

56
57
58
59
60
61
# Install ECCS2

* `cd ~ ; git clone https://github.com/malavolti/eccs2.git`
* `cd eccs2`
* `python3.8 -m pip install --user --upgrade virtualenv`
* `virtualenv -p python38 eccs2venv`
62
* `source eccs2venv/bin/activate`   (`deactivate` to exit Virtualenv)
63
64
65
  * `pip install --upgrade pip uwsgi`
  * `pip install -r requirements.txt`

Marco Malavolti's avatar
Marco Malavolti committed
66

67
68
# Configure ECCS2

69
1. Configure ECCS2 properties
Marco Malavolti's avatar
Marco Malavolti committed
70
   * `vim eccs2properties.py` (and change it upon your needs)
71

72
73
2. Configure ECCS2 cron job for your local user (`debian` into this example):
   * `sudo crontab -u debian -e`
74

75
76
77
     ```bash
     0 4 * * * /bin/bash /opt/eccs2/cleanAndRunEccs2.sh > /opt/eccs2/logs/eccs2cron.log 2>&1  
     ```
Marco Malavolti's avatar
Marco Malavolti committed
78

79
80
81
82
83
3. Configure the ECCS2 systemd service to enable its API:
   * `sudo cp eccs2.service /etc/systemd/system/eccs2.service`
   * `sudo systemctl daemon-reload`
   * `sudo systemctl enable eccs2.service`
   * `sudo systemctl start eccs2.service`
84

85
86
87
88
4. Configure Apache for the ECCS2 Web side:
   * `sudo cp eccs2.conf /etc/apache2/conf-available/eccs2.conf`
   * `sudo a2enconf eccs2.conf`
   * `sudo systemctl reload apache2.service`
89

90

91
# Run ECCS2 manually
92

93
94
95
  * `./cleanAndRunEccs2.py` (to run a full and clean check)
  * `./runEccs2.py` (to run a full check on the existing inputs)
  * `./runEccs2.py --idp <IDP-ENTITYID>` (to run check on a single IdP)
Marco Malavolti's avatar
Marco Malavolti committed
96
  * `./runEccs2.py --test` (to run a full check without effects)
97
  * `./runEccs2.py --idp <IDP-ENTITYID> --test` (to run check on a single IdP without effects)
98

Marco Malavolti's avatar
Marco Malavolti committed
99
100
  The "--test" parameter will not change the result of ECCS2, but will write the output on the `logs/stdout_YYYY-MM-DD.log` file.

101

102
103
104
# ECCS2 API Development Server

* `cd ~/eccs2 ; ./api.py`
105
106


107
108
109
110
# ECCS2 API JSON

* `/api/test` (Trivial Test)
* `/api/eccsresults` (Return the results of the last check ready for ECCS Gui)
Marco Malavolti's avatar
Marco Malavolti committed
111
* `/api/eccsresults?<parameter1>=<value1>&<parameter2>=<value2>`:
112
  * `date=2020-02-20` (select date)
Marco Malavolti's avatar
Marco Malavolti committed
113
  * `idp=https://idp.example.org/idp/shibboleth` (select a specific idp)
114
115
116
117
118
119
120
  * `status=` (select specific ECCS2 status)
    * 'OK'
    * 'ERROR'
    * 'DISABLED'
  * `reg_auth=https://reg.auth.example.org` (select a specific Registration Authority)
* `/api/fedstats`
* `/api/fedstats?reg_auth=https://reg.auth.example.org`:
121

122
123
124
125

# UTILITY FOR WEB INTERFACE

The available dates are provided by the first and the last file created into the `output/` directory
126
127
128

To clean the ECCS2 results from files older than last 7 days use:

Marco Malavolti's avatar
Marco Malavolti committed
129
* `clean7daysOldFiles.sh`