i-astakos.rst 5.89 KB
Newer Older
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27
.. _i-astakos:

Synnefo
-------

:ref:`synnefo <i-synnefo>` ||
:ref:`ns <i-ns>` ||
:ref:`apt <i-apt>` ||
:ref:`mq <i-mq>` ||
:ref:`db <i-db>` ||
:ref:`gunicorn <i-gunicorn>` ||
:ref:`apache <i-apache>` ||
:ref:`webproject <i-webproject>` ||
astakos ||
:ref:`cms <i-cms>` ||
:ref:`pithos <i-pithos>` ||
:ref:`cyclades <i-cyclades>` ||
:ref:`kamaki <i-kamaki>` ||
:ref:`backends <i-backends>`

Astakos Setup
+++++++++++++

The following apply to ``astakos`` node. In the following sections
we will refer to its IP as ``accounts.example.com`` . Make sure
you have db, mq, apache and gunicorn setup already.

28 29
IMPORTANT: Currently if astakos coexists with cyclades/pithos roles, your setup is prone to csrf attacks.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
30 31 32 33 34 35 36 37 38 39 40 41

First install the corresponding package:

.. code-block:: console

   # apt-get install snf-astakos-app

In `/etc/synnefo/astakos.conf` add:

.. code-block:: console

    CLOUDBAR_LOCATION = 'https://accounts.example.com/static/im/cloudbar/'
42 43
    CLOUDBAR_SERVICES_URL = 'https://accounts.example.com/astakos/api/get_services'
    CLOUDBAR_MENU_URL = 'https://accounts.example.com/astakos/api/get_menu'
44 45 46 47 48 49 50 51 52 53 54 55 56 57

    ASTAKOS_IM_MODULES = ['local']

    ASTAKOS_BASEURL = 'https://accounts.example.com'

    ASTAKOS_SITENAME = '~okeanos @ example.com'
    ASTAKOS_RECAPTCHA_PUBLIC_KEY = '6LeFidMSAAAAAM7Px7a96YQzsBcKYeXCI_sFz0Gk'
    ASTAKOS_RECAPTCHA_PRIVATE_KEY = '6LeFidMSAAAAAFv5U5NSayJJJhr0roludAidPd2M'

    ASTAKOS_RECAPTCHA_USE_SSL = True
    ASTAKOS_RECAPTCHA_ENABLED = True

    ASTAKOS_COOKIE_DOMAIN = 'example.com'

Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122
    ASTAKOS_LOGIN_MESSAGES = []
    ASTAKOS_SIGNUP_MESSAGES = []
    ASTAKOS_PROFILE_MESSAGES = []
    ASTAKOS_GLOBAL_MESSAGES = []

    ASTAKOS_PROFILE_EXTRA_LINKS = []
    ASTAKOS_INVITATION_EMAIL_SUBJECT = 'Invitation to %s' % ASTAKOS_SITENAME
    ASTAKOS_GREETING_EMAIL_SUBJECT = 'Welcome to %s' % ASTAKOS_SITENAME
    ASTAKOS_FEEDBACK_EMAIL_SUBJECT = 'Feedback from %s' % ASTAKOS_SITENAME
    ASTAKOS_VERIFICATION_EMAIL_SUBJECT = '%s account activation is needed' % ASTAKOS_SITENAME
    ASTAKOS_ADMIN_NOTIFICATION_EMAIL_SUBJECT = '%s account created (%%(user)s)' % ASTAKOS_SITENAME
    ASTAKOS_HELPDESK_NOTIFICATION_EMAIL_SUBJECT = '%s account activated (%%(user)s)' % ASTAKOS_SITENAME
    ASTAKOS_EMAIL_CHANGE_EMAIL_SUBJECT = 'Email change on %s' % ASTAKOS_SITENAME
    ASTAKOS_PASSWORD_RESET_EMAIL_SUBJECT = 'Password reset on %s' % ASTAKOS_SITENAME

    ASTAKOS_QUOTAHOLDER_TOKEN = '1234'
    ASTAKOS_QUOTAHOLDER_URL = 'https://qh.example.com/quotaholder/v'

    EMAIL_BACKEND = 'django.core.mail.backends.dummy.EmailBackend'
    ASTAKOS_SERVICES = {
        'cyclades': {
            'url': 'https://cyclades.example.com/ui/',
            'resources': [{
                'name':'disk',
                'group':'compute',
                'uplimit':30*1024*1024*1024,
                'unit':'bytes',
                'desc': 'Virtual machine disk size'
                },{
                'name':'cpu',
                'group':'compute',
                'uplimit':6,
                'desc': 'Number of virtual machine processors'
                },{
                'name':'ram',
                'group':'compute',
                'uplimit':6*1024*1024*1024,
                'unit':'bytes',
                'desc': 'Virtual machines'
                },{
                'name':'vm',
                'group':'compute',
                'uplimit':2,
                'desc': 'Number of virtual machines'
                },{
                'name':'network.private',
                'group':'network',
                'uplimit':1,
                'desc': 'Private networks'
                }
            ]
        },
        'pithos+': {
            'url': 'https://pithos.example.com/ui/',
            'resources':[{
                'name':'diskspace',
                'group':'storage',
                'uplimit':5 * 1024 * 1024 * 1024,
                'unit':'bytes',
                'desc': 'Pithos account diskspace'
                }]
        }
    }


123 124 125 126 127 128 129
If ``astakos`` is on the same node with ``cyclades`` or ``pithos``, add the following
line in `/etc/synnefo/astakos.conf` but please note that your setup will be prone to
csrf attacks:

.. code-block:: console

   MIDDLEWARE_CLASSES.remove('django.middleware.csrf.CsrfViewMiddleware')
130 131 132 133 134 135 136

Then initialize the Database and register services with:

.. code-block:: console

   # /etc/init.d/gunicorn restart
   # snf-manage syncdb --noinput
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
137
   # snf-manage migrate im --delete-ghost-migrations
138
   # snf-manage loaddata groups
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
139
   # snf-manage service-add "home" https://cms.example.com/ home-icon.png
140 141
   # snf-manage service-add "cyclades" https://cyclades.example.com/ui/
   # snf-manage service-add "pithos+" https://pithos.example.com/ui/
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
142 143
   # snf-manage astakos-init --load-service-resources
   # snf-manage astakos-quota --sync
144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170
   # /etc/init.d/gunicorn restart
   # /etc/init.d/apache2 restart

Please note that in case pithos and cyclades nodes are the same node, the pithos url
should be ``https://pithos.example.com/pithos/ui/`` .

Let's create our first user. Go at ``http://accounts.example.com/im/`` and
click the "CREATE ACCOUNT" button and fill all your data at the sign up form.
Then click "SUBMIT". You should now see a green box on the top, which informs
you that you made a successful request and the request has been sent to the
administrators. So far so good, let's assume that you created the user with
username ``user@example.com``.

Now we need to activate that user. Return to a command prompt aand run:

.. code-block:: console

   # snf-manage user-list
   # snf-manage user-modify --set-active 1

where 1 should be the id of the user you previously created.

All this can be done with one command:

.. code-block:: console

   # snf-manage user-add --password=12345 --active user@example.com Name LastName
171 172 173 174


Test your Setup:
++++++++++++++++
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
175 176

Visit ``http://accounts.example.com/im/`` and login with your credentials.