barry
/
bobinoscope-portal
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
Browse Source

startup.sh script update

master
barry 6 years ago
parent
b1a13fdabb
commit
4065f8787e
2 changed files with 108 additions and 51 deletions
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 159
      doc/PXEN310-0000_TN_PXPortal_Integration.md
  2. BIN
      doc/PXEN310-0000_TN_PXPortal_Integration.pdf

159
doc/PXEN310-0000_TN_PXPortal_Integration.md
View File

@ -164,6 +164,7 @@ This repository contains:
* __docker-compose.yml__: docker config of three PXPortal services * __docker-compose.yml__: docker config of three PXPortal services
* __conf__: dnsmasq and Nginx configuration * __conf__: dnsmasq and Nginx configuration
* __webapp__: sources of portal webpage * __webapp__: sources of portal webpage
* __setup.sh__: script to setup PXPortal
```{#plantuml title="ECA-captive tree"} ```{#plantuml title="ECA-captive tree"}
@ -178,18 +179,19 @@ This repository contains:
+++ nginx.conf +++ nginx.conf
++ docker-compose.yml ++ docker-compose.yml
++ webapp ++ webapp
++ setup.sh
} }
} }
@endsalt @endsalt
``` ```
### 2. Run PXPortal
### 2. Running PXPortal for the first time
```bash ```bash
# Go into ECA-captive folder # Go into ECA-captive folder
cd ECA-captive cd ECA-captive
# Start all services in daemon mode # Start all services in daemon mode
docker-compose up -d
./setup.sh
``` ```
@ -208,62 +210,118 @@ docker-compose up -d
\clearpage \clearpage
## SSH Config
## startup.sh
__startup.sh__ allows to:
Such as portal_service requires MAC addresses thanks to ARP command. But from a docker context, the command has to execute from the host in order to get MAC addresses from IP clients. This is _how to do this_ in few steps
* start PXPortal and perform some sanity checks
* setup ssh config and update environment varianles used by _docker-compose.yml_ file in order to execute arp commands from docker to host. (Required by portal_service to get MAC addresses from IP clients)
* check portal APIs are alive
### 1. Generate a docker SSH Public key
\clearpage
```bash ```bash
### On your HOST
# Launch portal_service shell
docker exec -it pxportal_service sh
### On portal_service shell
# Generate a SSH key to be able to send ARP command from docker to host
ssh-keygen
# Display and copy ssh public key
cat /root/.ssh/id_rsa.pub
### Exit portal_shell
# Edit HOST ssh authorized_keys
# and paste previous ssh public key of portal_service
vi ~/.ssh/authorized_keys
```
#/bin/sh
check_ping () {
echo "[-] ping $1"
echo $1 | xargs ping -c 1 > /dev/null
if [ "$?" -ne "0" ]
then
exit
fi
}
### 2. Update HOST IP address from portal_service
check_wget () {
echo "[-] wget $1"
echo $1 | xargs wget -q -O out > /dev/null
if [ "$?" -ne "0" ]
then
exit
fi
}
```bash
### On your HOST
# Launch portal_service shell
docker exec -it pxportal_service sh
### On portal_service shell
# Show all network interfaces available
ifconfig
# Keep in memory the inet addr of eth0
# HOST IP address from docker should be this IP address
# by remplacing last number by 1
# EX: 172.20.0.2 => 172.20.0.1 = HOST_IP
# Check your ssh public key is set correctly
# and update known_hosts on first SSH connection
ssh [HOST_NAME]@[HOST_IP]
# EX ssh elta@172.20.0.1
# Check ARP command can be run
ssh [HOST_NAME]@[HOST_IP] arp -n
# A list of IP with matching MAC will be appeared
# If not, try again from the beginning
```
check_docker () {
local IS_RUN=$(docker ps | grep $1 | wc -l | xargs echo -n)
if [ "$IS_RUN" -ne "1" ]
then
echo "/!\ Docker $1 is not running"
echo " Run following command for more details"
echo " docker-compose up"
exit
fi
}
### 3. Update docker-compose.yml ARP_CMD
faildMsg () {
if [ "$1" -ne "0" ]
then
echo "---"
echo "/!\ Setup Failed"
echo " $2"
exit
fi
}
Update the environment variable __ARP_CMD__ in _your docker-compose.yml_ with the right HOST_NAME and HOST_IP found in step 2.
getGateway () {
local NETWORK_MODE=`docker inspect -f "{{ .HostConfig.NetworkMode }}" $1`
docker inspect -f "{{ .NetworkSettings.Networks.$NETWORK_MODE.Gateway }}" $1
}
```bash
# Go into ECA-captive folder
cd ECA-captive
# Start all services in daemon mode
echo "[>] Starting PXPortal"
docker-compose up -d docker-compose up -d
sleep 1
check_docker pxportal_nginx
check_docker pxportal_dnsmasq
check_docker pxportal_service
echo "Gateway pxportal_service: $(getGateway pxportal_service)"
echo "Gateway pxportal_dnsmasq: $(getGateway pxportal_dnsmasq)"
echo "Gateway pxportal_nginx : $(getGateway pxportal_nginx)"
echo "[>] Checking ssh keys"
docker exec pxportal_service cat /root/.ssh/id_rsa.pub > /dev/null
if [ "$?" -ne "0" ]
then
echo "[>] generating ssh keys"
docker exec pxportal_service ssh-keygen -N "" -f /root/.ssh/id_rsa
fi
SSH_PUB=$(docker exec pxportal_service cat /root/.ssh/id_rsa.pub)
HAS_SSH=$(cat ~/.ssh/authorized_keys | grep "$SSH_PUB" | wc -l | xargs echo -n)
if [ "$HAS_SSH" -eq "0" ]
then
echo "[>] Copying public key into host authorized_keys"
echo $SSH_PUB >> ~/.ssh/authorized_keys
fi
echo "[>] Try ARP command from docker"
GATEWAY=$(getGateway pxportal_service)
ARP_CMD_OPT='"StrictHostKeyChecking no"'
ARP_CMD="ssh -o $ARP_CMD_OPT $USER@$GATEWAY arp -n"
echo $ARP_CMD | xargs docker exec pxportal_service
faildMsg $? "Failed to exec arp command from docker | check ssh config"
echo "[>] Updating .env"
echo "# Updated at $(date)" > .env
echo "ARP_CMD=$ARP_CMD" >> .env
echo "[>] Restarting PXPortal"
docker-compose up -d
mkdir -p /tmp/pxportal-tst
cd /tmp/pxportal-tst
echo "[>] Checking all"
check_ping "google.com"
check_ping "apple.com"
check_ping "portal.eca.aero"
check_ping "captive.eca.aero"
check_wget "test.google.com"
check_wget "test.google.com/validate"
echo "---"
echo "[!] Setup done with success"
``` ```
\clearpage \clearpage
@ -286,7 +344,7 @@ server {
proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Host $remote_addr; proxy_set_header X-Forwarded-Host $remote_addr;
proxy_pass http://172.19.0.1:8031;
proxy_pass http://172.19.0.1:8031;
} }
access_log captive-pxportal-access.log; access_log captive-pxportal-access.log;
@ -339,8 +397,7 @@ services:
- pxportal - pxportal
environment: environment:
- REDIRECT_TO=http://portal.eca.aero/index.html - REDIRECT_TO=http://portal.eca.aero/index.html
# TO UPDATE FROM SSH Config part
- ARP_CMD=ssh elta@172.21.0.1 arp -n
- ARP_CMD=${ARP_CMD}
ports: ports:
- "8889:8889" - "8889:8889"

BIN
doc/PXEN310-0000_TN_PXPortal_Integration.pdf
View File

Write Preview
Loading…
Cancel
Save