Name		Name	Last commit message	Last commit date
Latest commit History 101 Commits
.github/workflows		.github/workflows
contrib		contrib
debian		debian
openli_provisioner_web		openli_provisioner_web
public		public
rpm		rpm
scripts		scripts
src		src
.gitignore		.gitignore
.npmignore		.npmignore
LICENSE		LICENSE
Makefile		Makefile
README.md		README.md
debpkg-build.sh		debpkg-build.sh
debpkg-setup.sh		debpkg-setup.sh
package.json		package.json
requirements.txt		requirements.txt
rpmpkg-build.sh		rpmpkg-build.sh
rpmpkg-setup.sh		rpmpkg-setup.sh

Repository files navigation

OpenLI Provisioner Web Interface

Web interface for the OpenLI provisioner.

Installation

For more details on how to install and configure this software, please go to the wiki page at https://github.com/OpenLI-NZ/openli/wiki/OpenLI-Provisioner-Web-UI

Manual install

Install requirements:
- python >= 3.6
- python3-venv
- redis-server
- systemd
- curl
- make
- sudo
- apache2 (optional)

Clone the github repository and change into the cloned directory:

git clone https://github.com/OpenLI-NZ/openli-provisioner-web.git
cd openli-provisioner-web

Use the provided install script:

sudo ./scripts/openli-web-provisioner-install-manual.sh

Configure config.yml (see Configuration file) and gunicorn.py under /etc/openli-provisioner-web. It is recommended to set workers in gunicorn.py to the number of logical threads in your system + 1.

Note: In production, it is highly recommended to configure a password for the redis server.

Start systemd service:

sudo systemctl enable openli-provisioner-web
sudo systemctl start openli-provisioner-web
sudo systemctl restart redis-server

Configure web server (In this example we use apache2 for Debian/Ubuntu, but you can use any web server application with a similar configuration):
```
sudo cp contrib/apache.conf /etc/apache2/sites-available/openli-provisioner-web.conf
```
Note: Make sure to edit the apache site configuration to set the appropriate values for hostnames, listening ports and SSL certificates.
```
sudo a2ensite openli-provisioner-web
sudo systemctl restart apache2
```

Uninstall

./scripts/openli-provisioner-web-uninstall-manual.sh

Configuration file

Configuration is provided by a YAML file located at either:

Path provided by the OPENLI_PROVISIONER_WEB_CONFIG_FILE environment variable.
<installation directory>/openli_provisioner_web/config/config.yml

Variable	Type	Required	Default	Description
`site_title`	string	`false`		Title to display for the web interface instance.
`api_url`	string	`false`	`http://localhost:8992`	URL for the OpenLI intercept configuration REST API.
`api_auth_enabled`	boolean	`false`	`true`	Set to `true` if the REST API authentication is enabled.
`log_level`	string	`false`	`INFO`	Log level for output to stdout/stderr. Choices: ERROR, WARNING, INFO, DEBUG.
`redis_host`	string	`false`	`localhost`	Redis database hostname or IP address (when `api_auth_enabled: true`)
`redis_port`	integer	`false`	`6379`	Redis database port (when `api_auth_enabled: true`)
`redis_db`	integer	`false`	`0`	Redis database ID (when `api_auth_enabled: true`)
`redis_password`	string	`false`		Redis database password (when `api_auth_enabled: true`)
`session_cookie_domain`	string	`true` when `api_auth_enabled: true`		Domain for the session cookie (when `api_auth_enabled: true`). This should be set to the server name of the web server.
`session_cookie_path`	string	`false`	`/`	Path for the session cookie (when `api_auth_enabled: true`).
`session_cookie_secure`	boolean	`false`	`false`	If `true`, require secure connections (when `api_auth_enabled: true`). It is recommended to set this to `true` in production.
`session_lifetime_seconds`	integer	`false`	`3600` (1 hour)	Session lifetime in seconds (when `api_auth_enabled: true`).
`session_cookie_signing_key`	string	`true` when `api_auth_enabled: true`		A secure random string for signing session cookies with (when `api_auth_enabled: true`). It is recommended to provide a string of length 40. The minimum required length is 20 to provide a good level of security.

Note: Redis and session configuration is only used when API authentication is required.

Environment varables

Variable	Description
`OPENLI_PROVISIONER_WEB_DEBUG`	If `true`, start in debug mode.
`OPENLI_PROVISIONER_WEB_CONFIG_FILE`	Path to main configuation file.
`OPENLI_PROVISIONER_WEB_API_FILE`	Path to API definition file.
`OPENLI_PROVISIONER_WEB_ROUTES_FILE`	Path to routes configuration file.

Development

Requirements

nodejs >= 16.0.0

Note: If newer versions are not available on your distribution, install nodejs via https://nodejs.org/en/download/package-manager/
python >= 3.6
python3-venv
redis-server

Build from source

# Replace <project directory> with the directory you cloned the repository to
cd <project directory>
npm install
BUILD_PATH=openli_provisioner_web/build npm run build

Run development server

Build from source
Create a configuration file and make sure to set session_cookie_domain to localhost.localdomain

python3 -m venv .venv
source .venv/bin/activate
pip install -r requirements.txt
# Replace <path to config file> with the path to your configuration file
OPENLI_PROVISIONER_WEB_CONFIG_FILE="<path to config file>" flask --app openli_provisioner_web run

Goto http://localhost.localdomain:5000

License

OpenLI-NZ/openli-provisioner-web

Folders and files

Latest commit

History

Repository files navigation

OpenLI Provisioner Web Interface

Installation

Manual install

Uninstall

Configuration file

Environment varables

Development

Requirements

Build from source

Run development server

About

Resources

License

Stars

Watchers

Forks

Languages