zydronium/internetee-registry
1
0
Fork 0
mirror of https://github.com/internetee/registry.git synced 2025-05-17 17:59:47 +02:00
Code Issues Projects Releases Packages Wiki Activity

readme cleanup and added apache config examples

Browse source
This commit is contained in:
Priit Tark 2015-01-02 11:55:34 +02:00
parent cd7151b463
commit f08b268bcc
1 changed files with 57 additions and 56 deletions
Download patch file Download diff file Expand all files Collapse all files

113
README.md
View file

@ -23,18 +23,16 @@ Installation
### Registry app ### Registry app
Usual Rails 4 app installation, rvm and bundler are your friends. Usual Rails 4 app installation (rbenv install is under Debian build doc)
git clone git@github.com:internetee/registry.git git clone git@github.com:internetee/registry.git
cd registry cd registry
rvm install ruby-2.1.2 rbenv local 2.1.2
bundle bundle
rake db:setup
mv config/secrets-example.yml config/secrets.yml # generate your own keys mv config/secrets-example.yml config/secrets.yml # generate your own keys
If you desire other database locale, you have to create database manually first and Create database manually, example:
skip rake db:setup. Example:
create database registry owner registry encoding 'UTF-8' LC_COLLATE 'et_EE.utf8' LC_CTYPE 'et_EE.utf8' template template0; create database registry owner registry encoding 'UTF-8' LC_COLLATE 'et_EE.utf8' LC_CTYPE 'et_EE.utf8' template template0;
rake db:schema:load rake db:schema:load
@ -64,11 +62,57 @@ Enable ssl:
sudo a2enmod ssl sudo a2enmod ssl
sudo nano /etc/apache2/sites-enabled/epp_ssl.conf sudo nano /etc/apache2/sites-enabled/epp_ssl.conf
For development configuration, add: For Apache, registry admin goes to port 443 in production, /etc/apache2/sites-enabled/registry.conf short example:
```
<VirtualHost *:443>
ServerName your-domain
ServerAdmin your@example.com
PassengerEnabled on
PassengerMinInstances 10
PassengerMaxPoolSize 10
PassengerPoolIdleTime 0
PassengerMaxRequests 1000
RailsEnv production
DocumentRoot /home/registry/registry/current/public
# Possible values include: debug, info, notice, warn, error, crit,
LogLevel info ssl:warn
ErrorLog /var/log/apache2/registry.error.log
CustomLog /var/log/apache2/registry.access.log combined
<Directory /home/registry/registry/current/public>
Require all granted
Options -MultiViews
</Directory>
SSLEngine On
SSLCertificateFile /etc/ssl/certs/your.crt
SSLCertificateKeyFile /etc/ssl/private/your.key
SSLCertificateChainFile /etc/ssl/certs/your-chain-fail.pem
SSLCACertificateFile /etc/ssl/certs/ca.pem
SSLProtocol TLSv1
SSLHonorCipherOrder On
SSLCipherSuite RC4-SHA:HIGH:!ADH
<Directory />
Options FollowSymLinks -Indexes
AllowOverride None
</Directory>
<Directory /app/registry/registry/current/public>
Options -MultiViews -Indexes
AllowOverride all
</Directory>
</VirtualHost>
```
For Apache, epp goes to port 700, /etc/apache2/sites-enabled/epp.conf short example:
```apache ```apache
<IfModule mod_epp.c> <IfModule mod_epp.c>
Listen 701 Listen 700
<VirtualHost *:701> <VirtualHost *:700>
SSLEngine on SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /etc/apache2/ssl/apache.crt SSLCertificateFile /etc/apache2/ssl/apache.crt
@ -81,7 +125,7 @@ For development configuration, add:
EPPSessionRoot /proxy/session EPPSessionRoot /proxy/session
EPPErrorRoot /proxy/error EPPErrorRoot /proxy/error
ProxyPass /proxy/ http://localhost:8989/epp/ ProxyPass /proxy/ http://localhost:443/epp/
EPPAuthURI implicit EPPAuthURI implicit
EPPReturncodeHeader X-EPP-Returncode EPPReturncodeHeader X-EPP-Returncode
@ -89,61 +133,18 @@ For development configuration, add:
</IfModule> </IfModule>
``` ```
Configuration on plain TCP EPP is as follows: Enable epp_ssl and restart apache
```apache
<IfModule mod_epp.c>
<Directory "/usr/lib/cgi-bin/epp">
Options ExecCGI
SetHandler cgi-script
</Directory>
Listen 1701
<VirtualHost *:1701>
EPPEngine On
EPPCommandRoot /proxy/command
EPPSessionRoot /proxy/session
ProxyPass /proxy/ http://localhost:8080/epp/
EPPErrorRoot /cgi-bin/epp/error
EPPAuthURI implicit
EPPReturncodeHeader X-EPP-Returncode
</VirtualHost>
</IfModule>
```
Note: Its best to go with two virtual hosts, one for autotest and one for dev,
then you don't have to worry about quitting
the dev appserver for running autotests (because of colliding ports).
sudo a2ensite epp_ssl sudo a2ensite epp_ssl
sudo service apache2 restart sudo service apache2 restart
Try it out: Now you should see registry admin at https://your-domain
Fire up your appserver on port 8989 All registry demo data can be found at:
cd $mod_epp
./epptelnet.pl localhost 701 -s
You should receive the greeting from the registry server.
Wait for the greeting message on the STD, then send EPP/TCP frame:
```xml
<epp><command>
<login>
<clID>registrar1</clID>
<pw>test1</pw>
</login>
<clTRID>sample1trid</clTRID>
</command></epp>
```
All demo data locates at:
db/seeds.rb db/seeds.rb
There are two type of users: admin users and EPP users. Initially you can use two type of users: admin users and EPP users.
### EPP web client ### EPP web client