~martijnbraam/pts-centralcontroller - Central web application for the Phone Testing Setup

d0ee9fbd — Martijn Braam 6 months ago

Add job status endpoint

791906a1 — Martijn Braam 6 months ago

Improve error responses for the submission API

94147d5a — Martijn Braam 6 months ago

Return end-user links in the job submission API

refs

master: browse log

clone

read-only: https://git.sr.ht/~martijnbraam/pts-centralcontroller
read/write: git@git.sr.ht:~martijnbraam/pts-centralcontroller

#PTS Central Controller

This is the central controller software for PTS (phone testing setup). It implements a webinterface for managing and tracking the builds that are distributed across controller nodes.

This is a flask webapplication using alembic for database migrations. For small setups it can run from an sqlite database.

#Installation

From source:

$ pip install -r requirements.txt
$ export DATABASE_URI=mydatabase.db
$ export SECRET=hunter2
$ export FLASK_APP=pts_central
$ flask db upgrade
$ flask create-user --admin theadministrator
Password:  
$ flask run
 * Serving Flask app 'pts_central'
 * Debug mode: off
 * Running on http://127.0.0.1:5000

After installation you can log in on the webinterface using the account created in the create-user step with the supplied password. Additional user accounts can be created using the admin panel in the webinterface.

For a production installation use one of the recommended uwsgi application containers instead of flask run

#Mosquitto dynsec

Mosquitto config:

per_listener_settings false
plugin /usr/lib/mosquitto_dynamic_security.so
plugin_opt_config_file /var/lib/mosquitto/dynsec.json

Create initial dynsec admin user

# mosquitto_ctrl dynsec init /var/lib/mosquitto/dynsec.json adminusername
# service mosquitto restart

Create dynsec configuration for PTS

Create pts user for the webapplication
# mosquitto_ctrl -u adminusername dynsec createClient pts

Create a role for the r/w actions on the pts/# topic, the system requires the role to have the "pts" name
# mosquitto_ctrl -u adminusername dynsec createRole pts
# mosquitto_ctrl -u adminusername dynsec addRoleACL pts publishClientSend "pts/#" allow
# mosquitto_ctrl -u adminusername dynsec addRoleACL pts publishClientReceive "pts/#" allow
# mosquitto_ctrl -u adminusername dynsec addRoleACL pts subscribePattern "pts/#" allow

Allow the pts account to use the pts/# topic and the admin topics
# mosquitto_ctrl -u adminusername dynsec addClientRole pts pts
# mosquitto_ctrl -u adminusername dynsec addClientRole pts admin

The centralcontroller will use the admin permissions to dynamically create new mosquitto accounts for the controllers that are defined in the webinterface.

#Funding

This project was funded through the NGI0 PET Fund, a fund established by NLnet with financial support from the European Commission's Next Generation Internet programme, under the aegis of DG Communications Networks, Content and Technology under grant agreement No 825310.