Portail d’administration
Go to file
Frédéric Péters 20018fbac8 settings loaders: add all theme details in settings.THEME_INFO (#34025) 2019-06-16 20:22:56 +02:00
debian debian: move python-systemd to depends (#33699) 2019-06-05 12:09:04 +02:00
hobo settings loaders: add all theme details in settings.THEME_INFO (#34025) 2019-06-16 20:22:56 +02:00
tests tests: mock more things in secondary hobo cook test 2019-06-04 15:42:03 +02:00
tests_authentic use BRANCH_NAME for naming test databases (#31337) 2019-03-18 11:53:15 +01:00
tests_multipublik use BRANCH_NAME for naming test databases (#31337) 2019-03-18 11:53:15 +01:00
tests_multitenant tests_multitenant: add test on settings.json reloading (#33563) 2019-06-04 16:41:54 +02:00
tests_passerelle use BRANCH_NAME for naming test databases (#31337) 2019-03-18 11:53:15 +01:00
tests_schemas tests: add unit tests for import_template.py (#33333) 2019-05-31 10:48:01 +02:00
.gitignore gitignore: ignore local_settings.py 2015-02-12 10:19:05 +01:00
COPYING initial commit with copying 2014-03-24 18:41:39 +01:00
Jenkinsfile misc: require django 1.11 (#33238) 2019-05-31 08:28:42 +02:00
MANIFEST.in misc: ship matomo integration templates 2019-05-02 17:33:23 +02:00
README doc: typo into README file (#33224) 2019-05-31 10:35:51 +02:00
config_example.py settings: use a single settings.py file 2015-02-09 15:55:38 +01:00
getlasso.sh use tox for running tests 2015-12-17 11:23:20 +01:00
jenkins.sh jenkins.sh: add -r to rm htmlcov (#29776) 2019-01-17 09:32:12 +01:00
manage.py settings: use a single settings.py file 2015-02-09 15:55:38 +01:00
merge-coverage.py add merge-coverage script (#8425) 2015-10-05 21:18:30 +02:00
merge-junit-results.py add merge-junit-results script (#8425) 2015-10-05 21:18:54 +02:00
requirements.txt misc: require django 1.11 (#33238) 2019-05-31 08:28:42 +02:00
setup.py misc: require django 1.11 (#33238) 2019-05-31 08:28:42 +02:00
tox.ini tests_multitenant: add test on settings.json reloading (#33563) 2019-06-04 16:41:54 +02:00

README

Hobo
====

Administration portal to configure and deploy applications.


Installation
------------

Dependencies can be installed with pip,

 $ pip install -r requirements.txt

It's then required to get the database configured (./manage.py syncdb); by
default it will create a db.sqlite3 file.

Hobo can then be run like typical django applications (./manage.py runserver),
it will communicate to deployment agents using Celery and expects a running
RabbitMQ server running on localhost.

The agent in charge of deploying application can then be run on the application
servers, for example:

  celery --app=hobo.agent.worker worker --loglevel=info

The agent will use settings from the file declared in the HOBO_AGENT_SETTINGS_FILE
environment variable (examples in hobo/agent/worker/settings.py)


Configuration
-------------

Hobo server configuration take place in hobo/settings.py, which import local
settings from the file declared in the HOBO_SETTINGS_FILE environment variable.

Adapt BROKER_URL if RabbitMQ doesn't run on localhost.

Some applications may support deployments templates, they can be specified in
the configuration with the SERVICE_TEMPLATES variable.

  SERVICE_TEMPLATES = {
        'wcs': [('export-auquo-light.wcs', u'Au quotidien light'),
                ('export-auquo.wcs', u'Au quotidien'),
                ('export-demo.wcs', u'Démo au quotidien')
                ],
  }


Agent configuration
-------------------

Agent configuration take place in hobo/agent/worker/settings.py, which import
local settings from the file declared in the HOBO_AGENT_SETTINGS_FILE
environment variable.

It's possible to limit agents to particular applications, or particular
hostnames, using the AGENT_HOST_PATTERNS configuration variable.

The format is a dictionary with applications as keys and a list of hostnames as
value. The hostnames can be prefixed by an exclamation mark to exclude them.

  AGENT_HOST_PATTERNS = {
     'wcs': ['*.example.net', '!  *.dev.example.net'],
  }

Will limit wcs deployments to *.example.net hostnames, while excluding
*.dev.example.net.


Usage
-----

Go to environment settings, pick a service, fill its name and URL, and watch it
being deployed.  Successfully deployed services will add a link to their
administration pages on the homepage.


Environment
-----------

An Hobo agent is a class defined in `hobo.agent.worker.services` and derived from
`BaseService`. For each service in the environment dictionary sent by the hobo
portal, it's instantiated with the key `base_url`, `title` and `secret_key` of
the service. If the `base_url` matches the `AGENT_HOST_PATTERNS` locally
defined, the `execute()` method of the instance is called, passing it his
`base_url` and the full environment dictionary.

The environment dictionary contains services for this particular agent and all
other services defined on the portal. The `execute()` method should only create
a tenant for the service whose `base_url` was passed to constructor. All other
informations are only for defining links with other services. The schema of the
dictionary is::

    {
        'timestamp': <current_time_as_an_unix_timestamp>,
        'users': [
            {
                'username': 'john.doe',
                'first_name': 'John',
                'last_name': 'Doe',
                'email': 'john.doe@example.com',
                'password': '<django-compatible-hashed-password>',
            }
        ],
        'services': [
           {
                'service-id': 'authentic' / 'wcs' / 'passerelle',
                'service-label': 'Authentic' / 'w.c.s.' / 'Passerelle',
                'title': 'name of service,
                'secret_key': '..', # base secret for Django applications or other needs
                'base_url': 'base url of the service',
                'saml-sp-metadata-url': '...',
                'template_name': 'demo', # name of the template bundle to use
                'variables': {
                    'variable-1': 'value-of-variable-1'
                }
           }
        ],
        'fields': [
           {
               'disabled': boolean,
               'name': unique identifier (e.g. 'first_name'),
               'label': '..' (e.g. 'First Name'),
               'kind': 'title' / 'string' / 'email',
               'asked_on_registration': boolean,
               'user_editable': boolean,
               'required': boolean,
               'user_visible': boolean,
               'order': 1
           },
        ],
        'variables': {
            'variable-1': 'value-of-variable-1'
        }
    }

Agents
------

 - w.c.s.

w.c.s. instances will be deployed using "/usr/bin/wcsctl" by default, this
command can be adapted in the WCS_MANAGE_COMMAND setting. It should be run
with the same rights as the wcs process (redefine the command to use sudo
if necessary).

Template keys defined in SERVICE_TEMPLATES have to map wcs skeleton sites
(created from settings / export) stored in /var/lib/wcs/skeletons (the exact
directory may vary according to the wcs configuration).

 - authentic2

authentic2 instances will be deployed using
"/usr/bin/authentic2-multitenant-manage" by default, this command can be
adapted in the AUTHENTIC_MANAGE_COMMAND setting. It should be run with the
same rights as the authentic2 process (redefine the command to use sudo if
necessary).

The agent also provide a commands to import roles from w.c.s named
import-wcs-roles. It computes the web-service credentials from the hobo.json
and use the email of the oldest superuser. Cron job can be created for calling
this command when regular synchronization of roles with your w.c.s.  instances
is needed. The sole option named "--delete" indicate if you want to delete
stale roles, default is to not delete them.  

Tests
-----

For testing hobo server, do in a virtualenv:

   pip install pytest pytest-django

   DJANGO_SETTINGS_MODULE=hobo.settings HOBO_SETTINGS_FILE=tests/settings.py py.test tests

For testing multitenant framework, do in a virtualenv:

   pip install pytest pytest-django python-memcached mock .

   cd tests_multitenant ; PYTHONPATH=. DJANGO_SETTINGS_MODULE=settings py.test .