|
|
|
Use this mode if you want to run ESAP in Docker containers on a host machine where it can be accessed remotely.
|
|
|
|
|
|
|
|
* this will install ESAP on a server, including a nginx webserver in a Docker container.
|
|
|
|
* you need to register your instance at IAM (see screenshot further down the page).
|
|
|
|
|
|
|
|
## prerequisites
|
|
|
|
* git
|
|
|
|
* Docker & docker-compose
|
|
|
|
* curl
|
|
|
|
|
|
|
|
## Installation
|
|
|
|
|
|
|
|
---
|
|
|
|
|
|
|
|
### STEP 1 (automatic) - install_esap.sh
|
|
|
|
|
|
|
|
```
|
|
|
|
curl -fsSL https://git.astron.nl/astron-sdc/esap-api-gateway/-/raw/master/esap/deploy/install_esap.sh -o install_esap.sh && chmod +x install_esap.sh && ./install_esap.sh
|
|
|
|
```
|
|
|
|
|
|
|
|
This creates 2 directories:
|
|
|
|
`~/esap_root` contains the source code
|
|
|
|
`~/esap_shared` contains shared configuration and configuration databases
|
|
|
|
|
|
|
|
|
|
|
|
---
|
|
|
|
|
|
|
|
### STEP 2 (manual configuration)
|
|
|
|
|
|
|
|
Your ESAP-GUI frontend needs to know where your ESAP-API backend is before the frontend is compiled into a Javascript bundle.
|
|
|
|
|
|
|
|
```
|
|
|
|
nano ~/esap_root/esap-gui/src/contexts/GlobalContext.js
|
|
|
|
```
|
|
|
|
|
|
|
|
Look for this snippet of code in [GlobalContext.js](https://git.astron.nl/astron-sdc/esap-gui/-/blob/master/src/contexts/GlobalContext.js) and make sure that the `api_host` of production is
|
|
|
|
set correctly.
|
|
|
|
|
|
|
|
```python
|
|
|
|
const api_host =
|
|
|
|
process.env.NODE_ENV === "development"
|
|
|
|
? "http://localhost:5555/esap-api/"
|
|
|
|
: "<your_host>:8000/esap-api/";
|
|
|
|
```
|
|
|
|
|
|
|
|
#### Registering at IAM
|
|
|
|
You need to register your instance of ESAP as a client at IAM for <your_host> on this website:
|
|
|
|
https://iam-escape.cloud.cnaf.infn.it/manage/dev/dynreg
|
|
|
|
|
|
|
|
The only important setting is a `Redirect URI`, which in this screenshot example is `http://192.168.22.3/esap-api/oidc/callback/`. Where `http://192.168.22.3` should be <your_host>.
|
|
|
|
|
|
|
|
After clicking 'save', copy the `Client ID` and `Client Secret`, you need those in the next step.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
#### Fill in OIDC settings
|
|
|
|
Fill in`OIDC_RP_CIENT_ID` and `OIDC_RP_CLIENT_SECRET` that you received from your own IAM registration.
|
|
|
|
And fill in the redirect urls' to your ESAP-GUI frontend.
|
|
|
|
|
|
|
|
```
|
|
|
|
nano ~/esap_shared/oidc.env
|
|
|
|
```
|
|
|
|
|
|
|
|
```
|
|
|
|
OIDC_RP_CLIENT_ID=<your-new-client-id>
|
|
|
|
OIDC_RP_CLIENT_SECRET=<your-new-client-secret>
|
|
|
|
|
|
|
|
LOGIN_REDIRECT_URL=<your_host>/esap-gui/login
|
|
|
|
LOGOUT_REDIRECT_URL=<your_host>/esap-gui/logout
|
|
|
|
LOGIN_REDIRECT_URL_FAILURE=<your_host>/esap-gui/error
|
|
|
|
```
|
|
|
|
---
|
|
|
|
|
|
|
|
### STEP 3 (automatic) - run_esap.sh
|
|
|
|
```
|
|
|
|
curl -fsSL https://git.astron.nl/astron-sdc/esap-api-gateway/-/raw/master/esap/deploy/run_esap.sh -o run_esap.sh && chmod +x run_esap.sh && ./run_esap.sh
|
|
|
|
```
|
|
|
|
|
|
|
|
This builds the frontend and spins up the Docker containers
|
|
|
|
|
|
|
|
|
|
|
|
---
|
|
|
|
|
|
|
|
### STEP 4 (manual) - adding a superuser for the admin app
|
|
|
|
|
|
|
|
You can use the Django admin app to change the configuration of ESAP. (See the 'ESAP configuration' documentation). But you need to create a 'superuser' with admin rights for that.
|
|
|
|
|
|
|
|
Execute the following docker command to create a superuser with admin rights and follow the instructions on screen. Note that this is not your IAM account, it is recommended to create a user 'admin' for this.
|
|
|
|
|
|
|
|
```
|
|
|
|
docker exec -it esap_api_gateway python manage.py createsuperuser --settings=esap.settings.docker
|
|
|
|
```
|
|
|
|
|
|
|
|
You should now be able to login with the superuser that you just created:
|
|
|
|
* admin app: `<your_host>/esap-api/admin/`
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
## Testing:
|
|
|
|
|
|
|
|
|
|
|
|
`docker container ls` should show the 2 containers
|
|
|
|
|
|
|
|
```
|
|
|
|
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
|
|
|
|
26439ee6c80d esap_gui:latest "/docker-entrypoint.…" 16 minutes ago Up 16 minutes 0.0.0.0:80->80/tcp esap_gui
|
|
|
|
e3d8162e444a esap_api_gateway:latest "/bin/sh -c 'exec gu…" 16 minutes ago Up 16 minutes 8000/tcp esap_api_gateway
|
|
|
|
```
|
|
|
|
|
|
|
|
* backend: `<your_host>/esap-api/query/`
|
|
|
|
* frontend: `<your_host>/esap-gui/`
|
|
|
|
|
|
|
|
|
|
|
|
---
|
|
|
|
|
|
|
|
## Updates
|
|
|
|
If you want to update your ESAP installation then you can rerun the two script commands.
|
|
|
|
This will not override your databases and configuration in the `~/esap_shared` directory, unless you first delete them manually.
|
|
|
|
|
|
|
|
```
|
|
|
|
curl -fsSL https://git.astron.nl/astron-sdc/esap-api-gateway/-/raw/master/esap/deploy/install_esap.sh -o install_esap.sh && chmod +x install_esap.sh && ./install_esap.sh
|
|
|
|
```
|
|
|
|
```
|
|
|
|
curl -fsSL https://git.astron.nl/astron-sdc/esap-api-gateway/-/raw/master/esap/deploy/run_esap.sh -o run_esap.sh && chmod +x run_esap.sh && ./run_esap.sh
|
|
|
|
``` |
|
|
\ No newline at end of file |
