Portail d’administration
Go to file
Emmanuel Cazenave 0132005608 provisionning: protect against missing role (#52482) 2021-03-30 15:01:01 +02:00
debian debian: remove python 2 support (#51514) 2021-03-01 16:33:22 +01:00
hobo provisionning: protect against missing role (#52482) 2021-03-30 15:01:01 +02:00
tests tests: truncate database name to 63 characters 2021-03-05 15:25:43 +01:00
tests_authentic tests: truncate database name to 63 characters 2021-03-05 15:25:43 +01:00
tests_multipublik tests: truncate database name to 63 characters 2021-03-05 15:25:43 +01:00
tests_multitenant tests: truncate database name to 63 characters 2021-03-05 15:25:43 +01:00
tests_passerelle tests: truncate database name to 63 characters 2021-03-05 15:25:43 +01:00
tests_schemas tests: truncate database name to 63 characters 2021-03-05 15:25:43 +01:00
.gitignore build: switch to scss (#41672) 2020-04-14 16:56:48 +02:00
COPYING initial commit with copying 2014-03-24 18:41:39 +01:00
Jenkinsfile run tests against django 2.2 (#49283) 2021-02-02 11:48:38 +01:00
MANIFEST.in misc: add sms configuration (#46444) 2020-09-17 17:07:41 +02:00
README authentic agent: remove obsolete import-wcs-roles command (#35374) 2019-08-12 16:31:36 +02:00
config_example.py settings: use a single settings.py file 2015-02-09 15:55:38 +01:00
getlasso.sh use tox for running tests 2015-12-17 11:23:20 +01:00
getlasso3.sh tests: adapt tox.ini to run tests in python3 too (#40012) 2020-02-28 15:07:01 +01:00
manage.py debian: run hobo & hobo-agent with python 3 (#41640) 2020-04-15 14:20:04 +02:00
requirements.txt misc: require django 1.11 (#33238) 2019-05-31 08:28:42 +02:00
setup.py run tests against django 2.2 (#49283) 2021-02-02 11:48:38 +01:00
tox.ini tox: remove python 2 tests (#45561) 2021-03-01 16:33:22 +01:00

README

Hobo
====

Administration portal to configure and deploy applications.


Installation
------------

Dependencies can be installed with pip,

 $ pip install -r requirements.txt

It's then required to get the database configured (./manage.py syncdb); by
default it will create a db.sqlite3 file.

Hobo can then be run like typical django applications (./manage.py runserver),
it will communicate to deployment agents using Celery and expects a running
RabbitMQ server running on localhost.

The agent in charge of deploying application can then be run on the application
servers, for example:

  celery --app=hobo.agent.worker worker --loglevel=info

The agent will use settings from the file declared in the HOBO_AGENT_SETTINGS_FILE
environment variable (examples in hobo/agent/worker/settings.py)


Configuration
-------------

Hobo server configuration take place in hobo/settings.py, which import local
settings from the file declared in the HOBO_SETTINGS_FILE environment variable.

Adapt BROKER_URL if RabbitMQ doesn't run on localhost.

Some applications may support deployments templates, they can be specified in
the configuration with the SERVICE_TEMPLATES variable.

  SERVICE_TEMPLATES = {
        'wcs': [('export-auquo-light.wcs', u'Au quotidien light'),
                ('export-auquo.wcs', u'Au quotidien'),
                ('export-demo.wcs', u'Démo au quotidien')
                ],
  }


Agent configuration
-------------------

Agent configuration take place in hobo/agent/worker/settings.py, which import
local settings from the file declared in the HOBO_AGENT_SETTINGS_FILE
environment variable.

It's possible to limit agents to particular applications, or particular
hostnames, using the AGENT_HOST_PATTERNS configuration variable.

The format is a dictionary with applications as keys and a list of hostnames as
value. The hostnames can be prefixed by an exclamation mark to exclude them.

  AGENT_HOST_PATTERNS = {
     'wcs': ['*.example.net', '!  *.dev.example.net'],
  }

Will limit wcs deployments to *.example.net hostnames, while excluding
*.dev.example.net.


Usage
-----

Go to environment settings, pick a service, fill its name and URL, and watch it
being deployed.  Successfully deployed services will add a link to their
administration pages on the homepage.


Environment
-----------

An Hobo agent is a class defined in `hobo.agent.worker.services` and derived from
`BaseService`. For each service in the environment dictionary sent by the hobo
portal, it's instantiated with the key `base_url`, `title` and `secret_key` of
the service. If the `base_url` matches the `AGENT_HOST_PATTERNS` locally
defined, the `execute()` method of the instance is called, passing it his
`base_url` and the full environment dictionary.

The environment dictionary contains services for this particular agent and all
other services defined on the portal. The `execute()` method should only create
a tenant for the service whose `base_url` was passed to constructor. All other
informations are only for defining links with other services. The schema of the
dictionary is::

    {
        'timestamp': <current_time_as_an_unix_timestamp>,
        'users': [
            {
                'username': 'john.doe',
                'first_name': 'John',
                'last_name': 'Doe',
                'email': 'john.doe@example.com',
                'password': '<django-compatible-hashed-password>',
            }
        ],
        'services': [
           {
                'service-id': 'authentic' / 'wcs' / 'passerelle',
                'service-label': 'Authentic' / 'w.c.s.' / 'Passerelle',
                'title': 'name of service,
                'secret_key': '..', # base secret for Django applications or other needs
                'base_url': 'base url of the service',
                'saml-sp-metadata-url': '...',
                'template_name': 'demo', # name of the template bundle to use
                'variables': {
                    'variable-1': 'value-of-variable-1'
                }
           }
        ],
        'fields': [
           {
               'disabled': boolean,
               'name': unique identifier (e.g. 'first_name'),
               'label': '..' (e.g. 'First Name'),
               'kind': 'title' / 'string' / 'email',
               'asked_on_registration': boolean,
               'user_editable': boolean,
               'required': boolean,
               'user_visible': boolean,
               'order': 1
           },
        ],
        'variables': {
            'variable-1': 'value-of-variable-1'
        }
    }

Agents
------

 - w.c.s.

w.c.s. instances will be deployed using "/usr/bin/wcsctl" by default, this
command can be adapted in the WCS_MANAGE_COMMAND setting. It should be run
with the same rights as the wcs process (redefine the command to use sudo
if necessary).

Template keys defined in SERVICE_TEMPLATES have to map wcs skeleton sites
(created from settings / export) stored in /var/lib/wcs/skeletons (the exact
directory may vary according to the wcs configuration).

 - authentic2

authentic2 instances will be deployed using
"/usr/bin/authentic2-multitenant-manage" by default, this command can be
adapted in the AUTHENTIC_MANAGE_COMMAND setting. It should be run with the
same rights as the authentic2 process (redefine the command to use sudo if
necessary).


Tests
-----

For testing hobo server, do in a virtualenv:

   pip install pytest pytest-django

   DJANGO_SETTINGS_MODULE=hobo.settings HOBO_SETTINGS_FILE=tests/settings.py py.test tests

For testing multitenant framework, do in a virtualenv:

   pip install pytest pytest-django python-memcached mock .

   cd tests_multitenant ; PYTHONPATH=. DJANGO_SETTINGS_MODULE=settings py.test .