Mathis/allianceauth
1
0
Fork 0
mirror of https://gitlab.com/allianceauth/allianceauth.git synced 2025-07-09 12:30:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

MyST conversion

Browse Source
This commit is contained in:
Ariel Rin 2023-10-31 23:31:41 +10:00
parent 7024552c4e
commit 98e91fe207
No known key found for this signature in database
25 changed files with 348 additions and 332 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
docs/development/custom/integrating-services.md
View File

@ -20,6 +20,7 @@ Typically a service will contain 5 key components:
The architecture looks something like this:
```none
urls -------▶ Views
▲ |
| |
@ -33,6 +34,7 @@ The architecture looks something like this:
Where:
Module --▶ Dependency/Import
```
While this is the typical structure of the existing services modules, there is no enforcement of this structure and you are, effectively, free to create whatever architecture may be necessary. A service module need not even communicate with an external service, for example, if similar triggers such as validate_user, delete_user are required for a module it may be convenient to masquerade as a service. Ideally though, using the common structure improves the maintainability for other developers.
@ -40,9 +42,11 @@ While this is the typical structure of the existing services modules, there is n
In order to integrate with Alliance Auth service modules must provide a `services_hook`. This hook will be a function that returns an instance of the `services.hooks.ServiceHook` class and decorated with the `@hooks.registerhook` decorator. For example:
```python
@hooks.register('services_hook')
def register_service():
return ExampleService()
```
This would register the ExampleService class which would need to be a subclass of `services.hooks.ServiceHook`.
@ -52,6 +56,7 @@ This would register the ExampleService class which would need to be a subclass o
A subclassed `ServiceHook` might look like this:
```python
class ExampleService(ServicesHook):
def __init__(self):
ServicesHook.__init__(self)
@ -61,6 +66,7 @@ A subclassed `ServiceHook` might look like this:
"""
Overload base methods here to implement functionality
"""
```
### The ServiceHook class
@ -70,9 +76,9 @@ You will need to subclass `services.hooks.ServiceHook` in order to provide imple
Instance Variables:
- [self.name](#self-name)
- [self.urlpatterns](#self-url-patterns)
- [self.service_ctrl_template](#self-service-ctrl-template)
- [self.name](#selfname)
- [self.urlpatterns](#selfurlpatterns)
- [self.service_ctrl_template](#selfservice_ctrl_template)
Properties:
@ -87,8 +93,6 @@ Functions:
- [update_groups](#update_groups)
- [update_groups_bulk](#update_groups_bulk)
- [update_all_groups](#update_all_groups)
- [service_enabled_members](#service_enabled_members)
- [service_enabled_blues](#service_enabled_blues)
- [service_active_for_user](#service_active_for_user)
- [show_service_ctrl](#show_service_ctrl)
- [render_service_ctrl](#render_service_ctrl)
@ -101,18 +105,20 @@ Internal name of the module, should be unique amongst modules.
You should define all of your service URLs internally, usually in `urls.py`. Then you can import them and set `self.urlpatterns` to your defined urlpatterns.
```python
from . import urls
...
class MyService(ServiceHook):
def __init__(self):
...
self.urlpatterns = urls.urlpatterns
```
All of your apps defined urlpatterns will then be included in the `URLconf` when the core application starts.
#### self.service_ctrl_template
This is provided as a courtesy and defines the default template to be used with [render_service_ctrl](#render-service-ctrl). You are free to redefine or not use this variable at all.
This is provided as a courtesy and defines the default template to be used with [render_service_ctrl](#render_service_ctrl). You are free to redefine or not use this variable at all.
#### title
@ -134,10 +140,12 @@ Validate the users service account, deleting it if they should no longer have ac
An implementation will probably look like the following:
```python
def validate_user(self, user):
logger.debug('Validating user %s %s account' % (user, self.name))
if ExampleTasks.has_account(user) and not self.service_active_for_user(user):
self.delete_user(user, notify_user=True)
```
No return value is expected.
@ -206,18 +214,19 @@ Should the service be shown for the given `user` with the given `state`? The `us
Usually you wont need to override this function.
For more information see the [render_service_ctrl](#render-service-ctrl) section.
For more information see the [render_service_ctrl](#render_service_ctrl) section.
#### render_service_ctrl
`def render_services_ctrl(self, request):`
Render the services control row. This will be called for all active services when a user visits the `/services/` page and [show_service_ctrl](#show-service-ctrl) returns `True` for the given user.
Render the services control row. This will be called for all active services when a user visits the `/services/` page and [show_service_ctrl](#show_service_ctrl) returns `True` for the given user.
It should return a string (usually from `render_to_string`) of a table row (`<tr>`) with 4 columns (`<td>`). Column #1 is the service name, column #2 is the users username for this service, column #3 is the services URL, and column #4 is the action buttons.
You may either define your own service template or use the default one provided. The default can be used like this example:
```python
def render_services_ctrl(self, request):
"""
Example for rendering the service control panel row
@ -237,6 +246,7 @@ You may either define your own service template or use the default one provided.
'service_url': self.service_url,
'username': 'example username'
}, request=request)
```
the `Urls` class defines the available URL names for the 4 actions available in the default template:
@ -293,3 +303,9 @@ You should have a look through some of the other service modules before you get
## Testing
You will need to add unit tests for all aspects of your service module before it is accepted. Be mindful that you don't actually want to make external calls to the service so you should mock the appropriate components to prevent this behavior.
```{eval-rst}
.. autoclass:: allianceauth.services.hooks.ServicesHook
:members:
:undoc-members:
```

11
docs/development/custom/logging.md
View File

@ -1,7 +1,9 @@
# Logging from Custom Apps
Alliance Auth provides a logger for use with custom apps to make everyone's life a little easier.
## Using the Extensions Logger
AllianceAuth provides a helper function to get the logger for the current module to reduce the amount of
code you need to write.
@ -15,19 +17,28 @@ This works by creating a child logger of the extension logger which propagates a
to the parent (extensions) logger.
## Changing the Logging Level
By default, the extension logger's level is set to `DEBUG`.
To change this, uncomment (or add) the following line in `local.py`.
```python
LOGGING['handlers']['extension_file']['level'] = 'INFO'
```
*(Remember to restart your supervisor workers after changes to `local.py`)*
This will change the logger's level to the level you define.
Options are: *(all options accept entries of levels listed below them)*
* `DEBUG`
* `INFO`
* `WARNING`
* `ERROR`
* `CRITICAL`
```{eval-rst}
.. automodule:: allianceauth.services.hooks.get_extension_logger
:members:
:undoc-members:
```

7
docs/development/custom/menu-hooks.md
View File

@ -4,10 +4,10 @@ The menu hooks allow you to dynamically specify menu items from your plugin app
To register a MenuItemHook class you would do the following:
```Python
```python
@hooks.register('menu_item_hook')
def register_menu():
return MenuItemHook('Example Item', 'glyphicon glyphicon-heart', 'example_url_name',150)
return MenuItemHook('Example Item', 'fas fa-users fa-fw', 'example_url_name',150)
```
The `MenuItemHook` class specifies some parameters/instance variables required for menu item display.
@ -42,12 +42,13 @@ This is a great feature to signal the user, that he has some open issues to take
:::{hint}
Here is how to stay consistent with the Auth design philosophy for using this feature:
1. Use it to display open items that the current user can close by himself only. Do not use it for items, that the user has no control over.
2. If there are currently no open items, do not show a badge at all.
:::
To use it set count the `render()` function of your subclass in accordance to the current user. Here is an example:
```Python
```python
def render(self, request):
# ...
self.count = calculate_count_for_user(request.user)

2
docs/development/custom/url-hooks.md
View File

@ -20,7 +20,7 @@ An app can opt-out of this feature by adding a list of views to be excluded when
:::{note}
Note that for a public view to work, administrators need to also explicitly allow apps to have public views in their AA installation, by adding the apps label to ``APPS_WITH_PUBLIC_VIEWS`` setting.
```
:::
## Examples

25
docs/development/dev_setup/aa-dev-setup-wsl-vsc-v2.md
View File

@ -26,7 +26,7 @@ We will use the build-in Django development web server, so we don't need to setu
:::{note}
This setup works with both WSL 1 and WSL 2. However, due to the significantly better performance we recommend WSL 2.
```
:::
## Requirement
@ -37,19 +37,14 @@ The only requirement is a PC with Windows 10 and Internet connection in order to
### Windows Subsystem for Linux
- Install from here: [Microsoft docs](https://docs.microsoft.com/en-us/windows/wsl/install-win10)
- Choose Ubuntu 18.04. LTS or higher
### Visual Studio Code
- Install from here: [VSC Download](https://code.visualstudio.com/Download)
- Open the app and install the following VSC extensions:
- Remote WSL
- Connect to WSL. This will automatically install the VSC server on the VSC server for WSL
- Once connected to WSL install the Python extension on the WSL side
## Setting up WSL / Linux
@ -71,18 +66,18 @@ sudo apt-get install gettext
Next we need to install Python and related development tools.
:::{hint}
:::
:::{note}
Should your Ubuntu come with a newer version of Python we recommend to still setup your dev environment with the oldest Python 3 version currently supported by AA (e.g Python 3.8 at this time of writing) to ensure your apps are compatible with all current AA installations
You an check out this `page <https://askubuntu.com/questions/682869/how-do-i-install-a-different-python-version-using-apt-get/1195153>`_ on how to install additional Python versions on Ubuntu.
If you install a different python version from the default you need to adjust some of the commands below to install appopriate versions of those packages for example using Python 3.8 you might need to run the following after using the setup steps for the repository mentioned in the AskUbuntu post above:
`sudo apt-get install python3.8 python3.8-dev python3.8-venv python3-setuptools python3-pip python-pip`
```shell
sudo apt-get install python3.8 python3.8-dev python3.8-venv python3-setuptools python3-pip python-pip
```
:::
Use the following command to install Python 3 with all required libraries with the default version:
```shell
@ -111,7 +106,7 @@ sudo apt-get install mysql-server mysql-client libmysqlclient-dev
:::{note}
We chose to use MySQL instead of MariaDB, because the standard version of MariaDB that comes with this Ubuntu distribution will not work with AA.
```
:::
We need to apply a permission fix to mysql or you will get a warning with every startup:
@ -148,15 +143,15 @@ sudo mysql_tzinfo_to_sql /usr/share/zoneinfo | sudo mysql -u root mysql
:::{note}
If your WSL does not have an init.d service, it will not automatically start your services such as MySQL and Redis when you boot your Windows machine and you have to manually start them. For convenience we recommend putting these commands in a bash script. Here is an example:
::
```shell
#/bin/bash
# start services for AA dev
sudo service mysql start
sudo redis-server --daemonize yes
```
:::
### Setup dev folder on WSL
Setup your folders on WSL bash for your dev project. Our approach will setup one AA project with one venv and multiple apps running under the same AA project, but each in their own folder and git.
@ -316,7 +311,7 @@ Once running you can access your auth site on the browser under `http://localhos
Usually it is best to run your dev AA instance in debug mode, so you get all the detailed error messages that helps a lot for finding errors. But there might be cases where you want to test features that do not exist in debug mode (e.g. error pages) or just want to see how your app behaves in non-debug / production mode.
When you turn off debug mode you will see a problem though: Your pages will not render correctly. The reason is that Django will stop serving your static files in production mode and expect you to serve them from a real web server. Luckily, there is an option that forces Django to continue serving your static files directly even when not in debug mode. Just start your server with the following option: ``python manage.py runserver --insecure``
```
:::
### Celery

18
docs/development/tech_docu/celery.md
View File

@ -16,7 +16,7 @@ As a rule of thumb we therefore recommend to use celery tasks for every process
:::{note}
Another solution for dealing with long response time in particular when loading pages is to load parts of a page asynchronously, for example with AJAX.
```
:::
### Recurrence
@ -39,7 +39,7 @@ Please use the following approach to ensure your tasks are working properly with
Here is an example implementation of a task:
```Python
```python
import logging
from celery import shared_task
@ -53,7 +53,7 @@ def example():
This task can then be started from any another Python module like so:
```Python
```python
from .tasks import example
example.delay()
@ -79,7 +79,7 @@ However, many long running tasks consist of several smaller processes that need
Example implementation for a celery chain:
```Python
```python
import logging
from celery import shared_task, chain
@ -119,7 +119,7 @@ Periodic tasks are normal celery tasks which are added the scheduler for periodi
Example setting:
```Python
```python
CELERYBEAT_SCHEDULE['structures_update_all_structures'] = {
'task': 'structures.tasks.update_all_structures',
'schedule': crontab(minute='*/30'),
@ -160,7 +160,7 @@ To run a task with a different priority you need to specify it when starting it.
Example for starting a task with priority 3:
```Python
```python
example.apply_async(priority=3)
```
@ -179,18 +179,18 @@ Celery-once is a celery extension "that allows you to prevent multiple execution
We use a custom backend for celery_once in Alliance Auth defined [here](https://gitlab.com/allianceauth/allianceauth/-/blob/master/allianceauth/services/tasks.py#L14)
You can import it for use like so:
```Python
```python
from allianceauth.services.tasks import QueueOnce
```
An example of AllianceAuth's use within the `@sharedtask` decorator, can be seen [here](https://gitlab.com/allianceauth/allianceauth/-/blob/master/allianceauth/services/modules/discord/tasks.py#L62) in the discord module
You can use it like so:
```Python
```python
@shared_task(bind=True, name='your_modules.update_task', base=QueueOnce)
```
Please see the [official documentation](hhttps://pypi.org/project/celery_once/) of celery-once for details.
Please see the [official documentation](https://pypi.org/project/celery_once/) of celery-once for details.
### task priorities

9
docs/features/apps/autogroups.md
View File

@ -1,9 +1,5 @@
# Auto Groups
:::{note}
New in 2.0
```
Auto groups allows you to automatically place users of certain states into Corp or Alliance based groups. These groups are created when the first user is added to them and removed when the configuration is deleted.
## Installation
@ -21,14 +17,11 @@ When you create an autogroup config you will be given the following options:
:::{warning}
After creating a group you wont be able to change the Corp and Alliance group prefixes, name source and the replace spaces settings. Make sure you configure these the way you want before creating the config. If you need to change these you will have to create a new autogroup config.
:::
- States selects which states will be added to automatic Corp/Alliance groups
- Corp/Alliance groups checkbox toggles Corp/Alliance autogroups on or off for this config.
- Corp/Alliance group prefix sets the prefix for the group name, e.g. if your Corp was called `MyCorp` and your prefix was `Corp`, your autogroup name would be created as `Corp MyCorp`. This field accepts leading/trailing spaces.
- Corp/Alliance name source sets the source of the Corp/Alliance name used in creating the group name. Currently the options are Full name and Ticker.
- Replace spaces allows you to replace spaces in the autogroup name with the value in the Replace spaces with field. This can be blank.
## Permissions

1
docs/features/apps/fleetactivitytracking.md
View File

@ -24,5 +24,4 @@ Users do not require any permissions to interact with FAT Links created.
+---------------------------------------+------------------+--------------------------------------------------------------------------+
| auth.fleetactivitytracking_statistics | None | Can view detailed statistics for corp models and other characters. |
+---------------------------------------+------------------+--------------------------------------------------------------------------+
```

4
docs/features/core/admin_site.md
View File

@ -13,6 +13,7 @@ For small to medium size alliances it is often sufficient to have no more then t
:::{warning}
Superusers have read & write access to everything on your AA installation. Superusers also automatically have all permissions and therefore access to all features of your apps. Therefore we recommend to be very careful to whom you give superuser privileges.
:::
## Setup for large installations
For large alliances and coalitions you may want to have a couple of administrators to be able to distribute and handle the work load. However, having a larger number of superusers may be a security concern.
@ -32,7 +33,8 @@ To create a staff admin you need to do two things:
- Can not add/remove permissions for users, groups and states
These limitations exist to prevent staff admins to promote themselves to quasi superusers. Only superusers can perform these actions.
```
:::
### Staff property

7
docs/features/core/groups.md
View File

@ -45,14 +45,13 @@ When a group is restricted only superuser admins can directly add or remove them
```{eval-rst}
.. _ref-reserved-group-names:
```
## Reserved group names
When using Alliance Auth to manage external services like Discord, Auth will automatically duplicate groups on those services. E.g. on Discord Auth will create roles of the same name as groups. However, there may be cases where you want to manage groups on external services by yourself or by another bot. For those cases you can define a list of reserved group names. Auth will ensure that you can not create groups with a reserved name. You will find this list on the admin site under groupmanagement.
:::{note}
While this feature can help to avoid naming conflicts with groups on external services, the respective service component in Alliance Auth also needs to be build in such a way that it knows how to prevent these conflicts. Currently only the Discord and Teamspeak3 services have this ability.
```
:::
## Managing groups
@ -102,7 +101,7 @@ GROUPMANAGEMENT_AUTO_LEAVE = True
:::{note}
Before you set `GROUPMANAGEMENT_AUTO_LEAVE = True`, make sure there are no pending leave requests, as this option will hide the "Leave Requests" tab.
```
:::
## Settings
@ -127,7 +126,7 @@ When a user loses this permission, they will be removed from all groups _except_
:::{note}
By default, the ``groupmanagement.request_groups`` permission is applied to the ``Member`` group. In most instances this, and perhaps adding it to the ``Blue`` group, should be all that is ever needed. It is unsupported and NOT advisable to apply this permission to a public group. See #697 for more information.
```
:::
Group Management should be mostly done using group leaders, a series of permissions are included below for thoroughness:

13
docs/features/services/discord.md
View File

@ -35,7 +35,7 @@ CELERYBEAT_SCHEDULE['discord.update_all_usernames'] = {
:::{note}
You will have to add most the values for these settings, e.g. your Discord server ID (aka guild ID), later in the setup process.
```
:::
### Creating a Server
@ -49,8 +49,7 @@ Update your auth project's settings file, inputting the server ID as `DISCORD_GU
:::{note}
If you already have a Discord server skip the creation step, but be sure to retrieve the server ID
```
:::
### Registering an Application
Navigate to the [Discord Developers site.](https://discord.com/developers/applications/me) Press the plus sign to create a new application.
@ -107,13 +106,12 @@ To exclude roles from being managed by Auth you only have to add them to the lis
:::{note}
Role names on Discord are case sensitive, while reserved group names on Auth are not. Therefore reserved group names will cover all roles regardless of their case. For example if you have reserved the group name "alpha", then the Discord roles "alpha" and "Alpha" will both be persisted.
```
:::
```{eval-rst}
.. seealso::
For more information see :ref:`ref-reserved-group-names`.
```
## Tasks
The Discord service contains a number of tasks that can be run to manually perform updates to all users.
@ -134,10 +132,9 @@ Name Description
`update_all` Update groups, nicknames, usernames of all users
======================== ====================================================
```
:::{note}
Depending on how many users you have, running these tasks can take considerable time to finish. You can calculate roughly 1 sec per user for all tasks, except update_all, which needs roughly 3 secs per user.
```
:::
## Settings
@ -159,7 +156,6 @@ Name Description
`DISCORD_TASKS_MAX_RETRIES` max retries of tasks after an error occurred `3`
=================================== ============================================================================================= =======
```
## Permissions
To use this service, users will require some of the following.
@ -171,7 +167,6 @@ To use this service, users will require some of the following.
| discord.access_discord | None | Can Access the Discord Service |
+---------------------------------------+------------------+--------------------------------------------------------------------------+
```
## Troubleshooting
### "Unknown Error" on Discord site when activating service

9
docs/features/services/mumble.md
View File

@ -4,7 +4,7 @@ Mumble is a free voice chat server. While not as flashy as TeamSpeak, it has all
:::{note}
Note that this guide assumes that you have installed Auth with the official :doc:`/installation/allianceauth` guide under ``/home/allianceserver`` and that it is called ``myauth``. Accordingly it assumes that you have a service user called ``allianceserver`` that is used to run all Auth services under supervisor.
```
:::
:::{warning}
This guide is currently for Ubuntu only.
@ -13,6 +13,9 @@ Mumble is a free voice chat server. While not as flashy as TeamSpeak, it has all
### Installing Mumble Server
::::{tabs}
:::{group-tab} Ubuntu 2004, 2204
The mumble server package can be retrieved from a repository, which we need to add:
```shell
@ -29,6 +32,10 @@ Now three packages need to be installed:
sudo apt-get install python-software-properties mumble-server libqt5sql5-mysql
```
:::
::::
### Installing Mumble Authenticator
Next, we need to download the latest authenticator release from the [authenticator repository](https://gitlab.com/allianceauth/mumble-authenticator).

5
docs/features/services/nameformats.md
View File

@ -29,10 +29,9 @@ Currently the following services support custom name formats:
| Xenforo | Username | ``{character_name}`` |
+-------------+-----------+-------------------------------------+
```
:::{note}
It's important to note here, before we get into what you can do with a name formatter, that before the generated name is passed off to the service to create an account it will be sanitized to remove characters (the letters and numbers etc.) that the service cannot support. This means that, despite what you configured, the service may display something different. It is up to you to test your formatter and understand how your format may be disrupted by a certain services sanitization function.
```
:::
## Available format data
@ -75,5 +74,5 @@ Some examples of strings you could use:
:::
:::{important}
You must only create one formatter per service per state. E.g. don't create two formatters for Mumble for the Member state. In this case one of the formatters will be used and it may not be the formatter you are expecting.
You must only create one formatter per service per state. E.g. don't create two formatters for Mumble for the Member state. In this case one of the formatters will be used and it may not be the formatter you are expecting:
:::

51
docs/features/services/openfire.md
View File

@ -23,23 +23,37 @@ BROADCAST_SERVICE_NAME = "broadcast"
Openfire require a Java 8 runtime environment.
Ubuntu 1804, 2004, 2204:
::::{tabs}
:::{group-tab} Ubuntu 2004, 2204
```shell
sudo apt-get install openjdk-11-jre
```
Centos 7:
:::
:::{group-tab} CentOS 7
```shell
sudo yum install java-11-openjdk java-11-openjdk-devel
```
Centos Stream 8, Stream 9:
:::
:::{group-tab} CentOS Stream 8
```shell
sudo dnf install java-11-openjdk java-11-openjdk-devel
```
:::
:::{group-tab} CentOS Stream 9
```shell
sudo dnf install java-11-openjdk java-11-openjdk-devel
```
:::
::::
## Setup
### Download Installer
@ -51,31 +65,40 @@ On your PC, navigate to the [Ignite Realtime downloads section](https://www.igni
Retrieve the file location by copying the URL from the “click here” link, depending on your browser you may have a Copy Link or similar option in your right click menu.
In the console, ensure youre in your users home directory:
```shell
cd ~
```
Download and install the package, replacing the URL with the latest you got from the Openfire download page earlier
Ubuntu 1804, 2004, 2204:
::::{tabs}
:::{group-tab} Ubuntu 2004, 2204
```shell
wget https://www.igniterealtime.org/downloadServlet?filename=openfire/openfire_4.7.2_all.deb
:::
:::{group-tab} CentOS 7
wget <https://www.igniterealtime.org/downloadServlet?filename=openfire/openfire_4.7.2_all.deb>
dpkg -i openfire_4.7.2_all.deb
```
Centos 7, Stream 8, Stream 9:
```shell
wget https://www.igniterealtime.org/downloadServlet?filename=openfire/openfire-4.7.2-1.noarch.rpm
:::
:::{group-tab} CentOS Stream 8
wget <https://www.igniterealtime.org/downloadServlet?filename=openfire/openfire-4.7.2-1.noarch.rpm>
yum install -y openfire-4.7.2-1.noarch.rpm
```
:::
:::{group-tab} CentOS Stream 9
wget <https://www.igniterealtime.org/downloadServlet?filename=openfire/openfire-4.7.2-1.noarch.rpm>
yum install -y openfire-4.7.2-1.noarch.rpm
:::
::::
### Create Database
Performance is best when working from a SQL database. If you installed MySQL or MariaDB alongside your auth project, go ahead and create a database for Openfire:
```shell
mysql -u root -p
```
```sql
create database alliance_jabber;
grant all privileges on alliance_jabber . * to 'allianceserver'@'localhost';
exit;
@ -83,7 +106,7 @@ exit;
### Web Configuration
The remainder of the setup occurs through Openfires web interface. Navigate to http://example.com:9090, or if youre behind CloudFlare, go straight to your servers IP:9090.
The remainder of the setup occurs through Openfires web interface. Navigate to <http://example.com:9090>, or if youre behind CloudFlare, go straight to your servers IP:9090.
Select your language. I sure hope its English if youre reading this guide.

21
docs/features/services/smf.md
View File

@ -11,6 +11,7 @@ SMF requires PHP installed in your web server. Apache has `mod_php`, NGINX requi
## Prepare Your Settings
In your auth project's settings file, do the following:
- Add `'allianceauth.services.modules.smf',` to your `INSTALLED_APPS` list
- Append the following to the bottom of the settings file:
@ -31,8 +32,7 @@ DATABASES['smf'] = {
### Download SMF
Using your browser, you can download the latest version of SMF to your desktop computer. All SMF downloads can be found at SMF Downloads. The latest recommended version will always be available at http://www.simplemachines.org/download/index.php/latest/install/. Retrieve the file location from the hyperlinked box icon for the zip full install, depending on your browser you may have a Copy Link or similar option in your right click menu.
Using your browser, you can download the latest version of SMF to your desktop computer. All SMF downloads can be found at SMF Downloads. The latest recommended version will always be available at <http://www.simplemachines.org/download/index.php/latest/install/>. Retrieve the file location from the hyperlinked box icon for the zip full install, depending on your browser you may have a Copy Link or similar option in your right click menu.
Download using wget, replacing the URL with the URL for the package you just retrieved
@ -41,11 +41,13 @@ wget https://download.simplemachines.org/index.php?thanks;filename=smf_2-1-2_ins
```
This needs to be unpackaged. Unzip it, replacing the file name with that of the file you just downloaded
```shell
unzip smf_2-1-2_install.zip
```
Now we need to move this to our web directory. Usually `/var/www/forums`.
```shell
mv smf /var/www/forums
```
@ -56,19 +58,18 @@ Apache: `chown -R www-data:www-data /var/www/forums`
Nginx: `chown -R nginx:nginx /var/www/forums`
:::{tip}
Nginx: Some distributions use the ``www-data:www-data`` user:group instead of ``nginx:nginx``. If you run into problems with permissions try it instead.
..
:::
### Database Preparation
SMF needs a database. Create one:
```shell
mysql -u root -p
```
```mysql
```sql
create database alliance_smf;
grant all privileges on alliance_smf . * to 'allianceserver'@'localhost';
exit;
@ -81,7 +82,8 @@ Enter the database information into the `DATABASES['smf']` section of your auth
Your web server needs to be configured to serve SMF.
A minimal Apache config might look like:
```apache
```ini
<VirtualHost *:80>
ServerName forums.example.com
DocumentRoot /var/www/forums
@ -92,7 +94,8 @@ A minimal Apache config might look like:
````
A minimal Nginx config might look like:
```nginx
```ini
server {
listen 80;
server_name forums.example.com;
@ -108,7 +111,8 @@ server {
include fastcgi_params;
}
}
````
```
Enter the web address to your forums into the `SMF_URL` setting in your auth project's settings file.
### Web Install
@ -120,6 +124,7 @@ Click on the `Install` tab.
All the requirements should be met. Press `Start Install`.
Under Database Settings, set the following:
- Database Type is `MySQL`
- Database Server Hostname is `127.0.0.1`
- Database Server Port is left blank

2
docs/features/services/teamspeak3.md
View File

@ -38,7 +38,7 @@ To install we need a copy of the server. You can find the latest version from th
Download the server, replacing the link with the link you got earlier.
```bash
```shell
cd ~
wget https://files.teamspeak-services.com/releases/server/3.13.7/teamspeak3-server_linux_amd64-3.13.7.tar.bz2
```

62
docs/installation/allianceauth.md
View File

@ -32,13 +32,7 @@ It is recommended to ensure your OS is fully up to date before proceeding. We ma
```shell
sudo apt-get update
```
```shell
sudo apt-get upgrade
```
```shell
sudo do-dist-upgrade
```
@ -47,9 +41,6 @@ sudo do-dist-upgrade
```shell
yum install epel-release
```
```shell
sudo yum upgrade
```
@ -58,13 +49,7 @@ sudo yum upgrade
```shell
sudo dnf config-manager --set-enabled powertools
```
```shell
sudo dnf install epel-release epel-next-release
```
```shell
sudo yum upgrade
```
@ -73,13 +58,7 @@ sudo yum upgrade
```shell
sudo dnf config-manager --set-enabled crb
```
```shell
sudo dnf install epel-release epel-next-release
```
```shell
sudo yum upgrade
```
@ -96,13 +75,7 @@ Install Python 3.11 and related tools on your system.
```shell
sudo add-apt-repository ppa:deadsnakes/ppa
```
```shell
sudo apt-get update
```
```shell
sudo apt-get install python3.11 python3.11-dev python3.11-venv
```
@ -110,31 +83,13 @@ sudo apt-get install python3.11 python3.11-dev python3.11-venv
:::{group-tab} CentOS 7, Stream 8, Stream 9
We need to build Python from source
```shell
```bash
cd ~
```
```shell
sudo yum install gcc openssl-devel bzip2-devel libffi-devel wget
```
```shell
wget https://www.python.org/ftp/python/3.11.5/Python-3.11.5.tgz
```
```shell
tar xvf Python-3.11.5.tgz
```
```shell
cd Python-3.11.5/
```
```shell
./configure --enable-optimizations --enable-shared
```
```shell
sudo make altinstall
```
@ -219,9 +174,6 @@ sudo yum install gcc gcc-c++ unzip git redis curl bzip2-devel openssl-devel libf
```shell
sudo systemctl enable redis.service
```
```shell
sudo systemctl start redis.service
```
@ -234,9 +186,6 @@ sudo dnf install gcc gcc-c++ unzip git redis curl bzip2-devel openssl-devel libf
```shell
sudo systemctl enable redis.service
```
```shell
sudo systemctl start redis.service
```
@ -249,9 +198,6 @@ sudo dnf install gcc gcc-c++ unzip git redis curl bzip2-devel openssl-devel libf
```shell
sudo systemctl enable redis.service
```
```shell
sudo systemctl start redis.service
```
@ -285,7 +231,7 @@ mysql_tzinfo_to_sql /usr/share/zoneinfo | sudo mysql -u root mysql
:::{note}
You may see errors when you add the timezone tables. To make sure that they were correctly added run the following commands and check for the ``time_zone`` tables
```bash
```shell
mysql -u root -p
use mysql;
show tables;
@ -476,7 +422,7 @@ python /home/allianceserver/myauth/manage.py check
:::{hint}
If you are using root, ensure the allianceserver user has read/write permissions to this directory before proceeding::
```
```shell
chown -R allianceserver:allianceserver /home/allianceserver/myauth
```
@ -511,7 +457,7 @@ The default configuration is good enough for most installations. Additional info
:::{note}
You will need to exit the allianceserver user back to a user with sudo capabilities to install supervisor::
```bash
```shell
exit
```

4
docs/installation/apache.md
View File

@ -130,7 +130,7 @@ a2dissite 000-default.conf
## Sample Config File
```conf
```ini
<VirtualHost *:80>
ServerName auth.example.com
@ -168,7 +168,7 @@ It's 2018 - there's no reason to run a site without SSL. The EFF provides free,
After acquiring SSL the config file needs to be adjusted. Add the following lines inside the `<VirtualHost>` block:
```conf
```ini
RequestHeader set X-FORWARDED-PROTOCOL https
RequestHeader set X-FORWARDED-SSL On
```

6
docs/installation/gunicorn.md
View File

@ -8,7 +8,7 @@ Check out the full [Gunicorn docs](http://docs.gunicorn.org/en/latest/index.html
:::{note}
The page contains additional steps on how to setup and configure Gunicorn that are not required for users who decide to stick with the default Gunicorn configuration as described in the main installation guide for AA.
```
:::
## Setting up Gunicorn
@ -16,7 +16,7 @@ Check out the full [Gunicorn docs](http://docs.gunicorn.org/en/latest/index.html
If you're using a virtual environment, activate it now::
sudo su allianceserver
source /home/allianceserver/venv/auth/bin/activate
```
:::
Install Gunicorn using pip
@ -47,6 +47,7 @@ autostart=true
autorestart=true
stopsignal=INT
```
- `[program:gunicorn]` - Change `gunicorn` to whatever you wish to call your process in Supervisor.
- `user = allianceserver` - Change to whatever user you wish Gunicorn to run as. You could even set this as allianceserver if you wished. I'll leave the question security of that up to you.
- `directory=/home/allianceserver/myauth/` - Needs to be the path to your Alliance Auth project.
@ -79,6 +80,7 @@ Following this guide, you are running with a virtual environment. Therefore you'
e.g. `command=/path/to/venv/bin/gunicorn myauth.wsgi`
The example config is using the myauth venv from the main installation guide:
```ini
command=/home/allianceserver/venv/auth/bin/gunicorn myauth.wsgi
```

32
docs/installation/nginx.md
View File

@ -22,7 +22,6 @@ Nginx is lightweight for a reason. It doesn't try to do everything internally an
+-----------+----------------------------------------+
| mod_wsgi | Gunicorn or other external WSGI server |
+-----------+----------------------------------------+
```
Your .htaccess files won't work. Nginx has a separate way of managing access to folders via the server config. Everything you can do with htaccess files you can do with Nginx config. [Read more on the Nginx wiki](https://www.nginx.com/resources/wiki/start/topics/examples/likeapache-htaccess/)
@ -34,7 +33,6 @@ Install Nginx via your preferred package manager or other method. If you need he
Nginx needs to be able to read the folder containing your auth project's static files. `chown -R nginx:nginx /var/www/myauth/static`.
:::{tip}
Some specific distros may use ``www-data:www-data`` instead of ``nginx:nginx``, causing static files (images, stylesheets etc) not to appear. You can confirm what user Nginx will run under by checking either its base config file ``/etc/nginx/nginx.conf`` for the "user" setting, or once Nginx has started ``ps aux | grep nginx``.
Adjust your chown commands to the correct user if needed.
:::
@ -43,24 +41,41 @@ You will need to have [Gunicorn](gunicorn.md) or some other WSGI server setup fo
## Install
Ubuntu 1804, 2004, 2204:
::::{tabs}
:::{group-tab} Ubuntu 2004, 2204
```shell
sudo apt-get install nginx
```
CentOS 7
:::
:::{group-tab} CentOS 7
```shell
sudo yum install nginx
```
CentOS Stream 8, Stream 9:
:::
:::{group-tab} CentOS Stream 8
```shell
sudo dnf install nginx
```
:::
:::{group-tab} CentOS Stream 9
```shell
sudo dnf install nginx
```
:::
::::
Create a config file in `/etc/nginx/sites-available` (`/etc/nginx/conf.d` on CentOS) and call it `alliance-auth.conf` or whatever your preferred name is.
Create a symbolic link to enable the site (not needed on CentOS):
```shell
ln -s /etc/nginx/sites-available/alliance-auth.conf /etc/nginx/sites-enabled/
```
@ -69,8 +84,7 @@ ln -s /etc/nginx/sites-available/alliance-auth.conf /etc/nginx/sites-enabled/
Copy this basic config into your config file. Make whatever changes you feel are necessary.
```
```ini
server {
listen 80;
listen [::]:80;
@ -106,7 +120,7 @@ With [Let's Encrypt](https://letsencrypt.org/) offering free SSL certificates, t
Your config will need a few additions once you've got your certificate.
```
```ini
listen 443 ssl http2; # Replace listen 80; with this
listen [::]:443 ssl http2; # Replace listen [::]:80; with this
@ -122,7 +136,7 @@ Your config will need a few additions once you've got your certificate.
If you want to redirect all your non-SSL visitors to your secure site, below your main configs `server` block, add the following:
```
```ini
server {
listen 80;
listen [::]:80;

96
docs/installation/upgrade_python.md
View File

@ -6,7 +6,7 @@ This guide shares many similarities with the Alliance Auth install guide, but it
:::{note}
This guide will upgrade the software components only but not change any data or configuration.
```
:::
## Install a new Python version
@ -14,59 +14,67 @@ To run AA with a newer Python 3 version than your system's default you need to i
To install other Python versions than those included with your distribution, you need to add a new installation repository. Then you can install the specific Python 3 to your system.
Ubuntu 1804, 2004:
:::{note}
Ubuntu 2204 ships with Python 3.10 already
```
```shell
sudo add-apt-repository ppa:deadsnakes/ppa
```
```shell
sudo apt-get update
```
```shell
sudo apt-get install python3.10 python3.10-dev python3.10-venv
```
CentOS 7:
We need to build Python from source
:::
Centos Stream 8/9:
:::{note}
A Python 3.9 Package is available for Stream 8 and 9. You _may_ use this instead of building your own package. But our documentation will assume Python3.10 and you may need to substitute as neccessary
A Python 3.9 Package is available for Stream 8 and 9. You _may_ use this instead of building your own package. But our documentation will assume Python3.11 and you may need to substitute as neccessary
sudo dnf install python39 python39-devel
```
:::
::::{tabs}
:::{group-tab} Ubuntu 2004, 2204
```shell
sudo add-apt-repository ppa:deadsnakes/ppa
sudo apt-get update
sudo apt-get install python3.11 python3.11-dev python3.11-venv
```
:::
:::{group-tab} CentOS 7
```bash
cd ~
```
```shell
sudo yum install gcc openssl-devel bzip2-devel libffi-devel wget
```
```shell
wget https://www.python.org/ftp/python/3.10.5/Python-3.10.5.tgz
```
```shell
tar xvf Python-3.10.5.tgz
```
```shell
cd Python-3.10.5/
```
```shell
wget https://www.python.org/ftp/python/3.11.5/Python-3.11.5.tgz
tar xvf Python-3.11.5.tgz
cd Python-3.11.5/
./configure --enable-optimizations --enable-shared
```
```shell
sudo make altinstall
```
:::
:::{group-tab} CentOS Stream 8
```bash
cd ~
sudo yum install gcc openssl-devel bzip2-devel libffi-devel wget
wget https://www.python.org/ftp/python/3.11.5/Python-3.11.5.tgz
tar xvf Python-3.11.5.tgz
cd Python-3.11.5/
./configure --enable-optimizations --enable-shared
sudo make altinstall
```
:::
:::{group-tab} CentOS Stream 9
```bash
cd ~
sudo yum install gcc openssl-devel bzip2-devel libffi-devel wget
wget https://www.python.org/ftp/python/3.11.5/Python-3.11.5.tgz
tar xvf Python-3.11.5.tgz
cd Python-3.11.5/
./configure --enable-optimizations --enable-shared
sudo make altinstall
```
:::
::::
## Preparing your venv
Before updating your venv it is important to make sure that your current installation is stable. Otherwise your new venv might not be consistent with your data, which might create problems.
@ -76,6 +84,7 @@ Start by navigating to your main project folder (the one that has `manage.py` in
:::{note}
If you installed Alliance Auth under the allianceserver user, as reccommended. Remember to switch users for easier permission management::
```bash
sudo su allianceserver
```
@ -134,6 +143,7 @@ python manage.py migrate
```shell
python manage.py collectstatic
```
### Restart and final check
Do a final restart of your AA supervisors and make sure your installation is still running normally.
@ -190,10 +200,10 @@ mv /home/allianceserver/venv/auth /home/allianceserver/venv/auth_old
## Create your new venv
Now let's create our new venv with Python 3.10 and activate it:
Now let's create our new venv with Python 3.11 and activate it:
```shell
python3.10 -m venv /home/allianceserver/venv/auth
python3.11 -m venv /home/allianceserver/venv/auth
```
```shell

3
docs/maintenance/apps.md
View File

@ -15,8 +15,7 @@ The following instructions will explain how you can remove an app properly fom y
:::{note}
We recommend following these instructions to avoid dangling foreign keys or orphaned Python packages on your system, which might cause conflicts with other apps down the road.
```
:::
### Step 1 - Removing database tables

16
docs/maintenance/tuning/celery.md
View File

@ -3,10 +3,11 @@
:::{hint}
Most tunings will require a change to your supervisor configuration in your `supervisor.conf` file. Note that you need to restart the supervisor daemon in order for any changes to take effect. And before restarting the daemon you may want to make sure your supervisors stop gracefully:(Ubuntu):
::
```bash
supervisor stop myauth:
systemctl supervisor restart
```
:::
## Task Logging
@ -31,7 +32,6 @@ Celery workers often have memory leaks and will therefore grow in size over time
The 256 MB limit is just an example and should be adjusted to your system configuration. We would suggest to not go below 128MB though, since new workers start with around 80 MB already. Also take into consideration that this value is per worker and that you may have more than one worker running in your system.
:::
### Supervisor
It is also possible to configure your supervisor to monitor and automatically restart programs that exceed a memory threshold.
@ -75,7 +75,7 @@ process_name=%(program_name)s_%(process_num)02d
This number will be multiplied by your concurrency setting,
```
```math
numprocs * concurency = workers
```
@ -91,9 +91,9 @@ command=... -p worker_00=256MB -p worker_01=256MB -p worker_02=256MB
:::{hint}
You will want to experiment with different settings to find the optimal. One way to generate task load and verify your configuration is to run a model update with the following command:
::
```bash
celery -A myauth call allianceauth.eveonline.tasks.run_model_update
```
:::
@ -108,9 +108,9 @@ This can be achieved by the setting the concurrency parameter of the celery work
:::{hint}
The optimal number will hugely depend on your individual system configuration and you may want to experiment with different settings to find the optimal. One way to generate task load and verify your configuration is to run a model update with the following command:
::
```bash
celery -A myauth call allianceauth.eveonline.tasks.run_model_update
```
:::

2
docs/maintenance/tuning/redis.md
View File

@ -2,7 +2,7 @@
## Compression
Cache compression can help tame the memory usage of specialised installation configurations and Community Apps that heavily utilize Redis.
Cache compression can help tame the memory usage of specialised installation configurations and Community Apps that heavily utilize Redis, in exchange for increased CPU utilization.
Various compression algorithms are supported, with various strengths. Our testing has shown that lzma works best with our use cases. You can read more at [Django-Redis Compression Support](https://github.com/jazzband/django-redis#compression-support)