Mathis/allianceauth
1
0
Fork 0
mirror of https://gitlab.com/allianceauth/allianceauth.git synced 2026-02-09 16:46:20 +01:00
Code Issues Packages Projects Releases Wiki Activity

Move documentation into repository (#613)

Browse Source
This commit is contained in:
Basraah
2017-01-06 15:11:24 +10:00
committed by Adarnof
parent 8e64fe145e
commit 9ad61c1f4c
33 changed files with 2303 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

77
docs/installation/auth/apache.md Normal file
View File

@@ -0,0 +1,77 @@
# Apache Setup
### Overview
AllianceAuth gets served using a Web Server Gateway Interface (WSGI) script. This script passes web requests to AllianceAuth which generates the content to be displayed and returns it. This means very little has to be configured in Apache to host AllianceAuth.
### Required Parameters for AllianceAuth Core
The AllianceAuth core requires the following parameters to be set:
WSGIDaemonProcess
WSGIProcessGroup
WSGIScriptAlias
The following aliases are required:
Alias /static/ to point at the static folder
Alias /templates/ to point at the templates folder
## Description of Parameters
- `WSGIDaemonProcess` is the name of the process/application. It also needs to be passed the python-path parameter directing python to search the AllianceAuth directory for modules to load.
- `WSGIProcessGroup` is the group to run the process under. Typically the same as the name of the process/application.
- `WSGIScriptAlias` points to the WSGI script.
## Additional Parameters for Full Setup
To pass additional services the following aliases and directories are required:
- `Alias /forums` to point at the forums folder
- `Alias /killboard` to point at the killboard
Each of these require directory permissions allowing all connections.
For Apache 2.4 or greater:
<Directory "/path/to/alias/folder">
Require all granted
</Directory>
For Apache 2.3 or older:
<Directory "/path/to/alias/folder">
Order Deny,Allow
Allow from all
</Directory>
## SSL
You can supply your own SSL certificates if you so desire. The alternative is running behind cloudflare for free SSL.
## Sample Config Files
### Own SSL Cert
- Apache 2.4 or newer:
- [000-default.conf](http://pastebin.com/3LLzyNmV)
- [default-ssl.conf](http://pastebin.com/HUPPEp0R)
- Apache 2.3 or older:
- [000-default](http://pastebin.com/HfyKpQNu)
- [default-ssl](http://pastebin.com/2WCS5jnb)
### No SSL or Cloudflare
- Apache 2.4 or newer:
- [000-default.conf](http://pastebin.com/j1Ps3ZK6)
- Apache 2.3 or older:
- [000-default](http://pastebin.com/BHQzf2pj)
## Enabling and Disabling Sites
To instruct apache to serve traffic from a virtual host, enable it:
sudo a2ensite NAME
where NAME is the name of the configuration file (eg 000-default.conf)
To disable traffic from a site, disable the virtual host:
sudo a2dissite NAME
where NAME is the name of the configuration file (eg 000-default.conf)

74
docs/installation/auth/centos.md Normal file
View File

@@ -0,0 +1,74 @@
# CentOS Installation
Its recommended to update all packages before proceeding.
`sudo yum update`
`sudo yum upgrade`
`sudo reboot`
Now install all [dependencies](dependencies.md). For this guide you'll need the optional [JDK](dependencies.md) and [Apache](dependencies.md) sections as well.
sudo yum install xxxxxxx
replacing the x's with the list of packages.
For security and permissions, its highly recommended you create a user to install under who is not the root account.
sudo adduser allianceserver
sudo passwd allianceserver
This user needs sudo powers. Add them by editing the sudoers file:
sudo nano /etc/sudoers
Find the line which says `root ALL=(ALL) ALL` - beneath it add another line `allianceserver ALL=(ALL) ALL` - now reboot.
**From this point on you need to be logged in as the allianceserver user**
start your mariadb server `sudo systemctl start mariadb`
secure your MYSQL / Maria-db server by typing `mysql_secure_installation `
AllianceAuth needs a MySQL user account. Create one as follows, replacing `PASSWORD` with an actual secure password:
mysql -u root -p
CREATE USER 'allianceserver'@'localhost' IDENTIFIED BY 'PASSWORD';
GRANT ALL PRIVILEGES ON * . * TO 'allianceserver'@'localhost';
Now we need to make the requisite databases.
create database alliance_auth;
create database alliance_forum;
create database alliance_jabber;
create database alliance_mumble;
create database alliance_killboard;
Ensure you are in the allianceserver home directory by issuing `cd`
Now we clone the source code:
git clone https://github.com/R4stl1n/allianceauth.git
Enter the folder by issuing `cd allianceauth`
Python package dependencies can be installed from the requirements file:
sudo pip install -r requirements.txt
The settings file needs configuring. See this lengthy guide for specifics.
Django needs to install models to the database before it can start.
python manage.py syncdb
AllianceAuth needs to generate corp and alliance models before it can assign users to them.
python manage.py shell < run_alliance_corp_update.py
Now we need to round up all the static files required to render templates. Answer yes when prompted.
python manage.py collectstatic
Test the server by starting it manually.
python manage.py runserver 0.0.0.0:8000
If you see an error, stop, read it, and resolve it. If the server comes up and you can access it at `yourip:8000`, you're golden. It's ok to stop the server if you're going to be installing apache.

71
docs/installation/auth/dependencies.md Normal file
View File

@@ -0,0 +1,71 @@
# Dependencies
## Ubuntu
Tested on Ubuntu 12, 14, 15, and 16. Package names and repositories may vary.
### Core
Required for base auth site
#### Python
python python-dev python-mysqldb python-setuptools python-mysql.connector python-pip
#### MySQL
mysql-server mysql-client libmysqlclient-dev
#### Utilities
screen unzip git redis-server curl libssl-dev libbz2-dev libffi-dev
### Apache
Required for displaying web content
apache2 libapache2-mod-php5 libapache2-mod-wsgi
### PHP
Required for phpBB, smf, evernus alliance market, etc
php5 php5-gd php5-mysqlnd php5-curl php5-gd php5-intl php-pear php5-imagick php5-imap php5-mcrypt php5-memcache php5-ming php5-ps php5-pspell php5-recode php5-snmp php5-sqlite php5-tidy php5-xmlrpc php5-xsl
### Java
Required for hosting jabber server
oracle-java8-installer
## CentOS 7
### Add The EPEL Repository
yum --enablerepo=extras install epel-release
yum update
### Core
Required for base auth site
#### Python
python python-devel MySQL-python python-setuptools mysql-connector-python python-pip
#### MySQL
mariadb-server mariadb-devel mariadb
#### Utilities
screen gcc unzip git redis curl nano
### Apache
Required for displaying web content
httpd mod_wsgi
### PHP
Required for phpBB, smf, evernus alliance market, etc
php php-gd php-mysqlnd php-intl php-pear ImageMagick php-imap php-mcrypt php-memcache php-pspell php-recode php-snmp php-pdo php-tidy php-xmlrpc
### Java
Required for hosting jabber server
java libstdc++.i686

12
docs/installation/auth/index.md Normal file
View File

@@ -0,0 +1,12 @@
# Auth
```eval_rst
.. toctree::
dependencies
ubuntu
centos
settings
apache
quickstart
```

14
docs/installation/auth/quickstart.md Normal file
View File

@@ -0,0 +1,14 @@
# Quick Start
Once youve installed AllianceAuth, perform these steps to get yourself up and running.
First you need a superuser account. You can use this as a personal account. From the command line, `python manage.py createsuperuser` and follow the prompts.
The big goal of AllianceAuth is the automation of group membership, so well need some groups. In the admin interface, select `Groups`, then at the top-right select `Add Group`. Give it a name and select permissions. Special characters (including spaces) are removing before syncing to services, so try not to have group names which will be the same upon cleaning. A description of permissions can be found in the [readme file](https://github.com/R4stl1n/allianceauth/blob/master/README.md). Repeat for all the groups you see fit, whenever you need a new one.
### Background Processes
To start the background processes to sync groups and check api keys, issue these commands:
screen -dm bash -c 'python manage.py celeryd'
screen -dm bash -c 'python manage.py celerybeat'

400
docs/installation/auth/settings.md Normal file
View File

@@ -0,0 +1,400 @@
# Settings Overview
The `alliance_auth/settings.py` file is used to pass settings to the django app needed to run.
### Words of Warning
Certain fields are quite sensitive to leading `http://` and trailing `/` - if you see these present in the default text, be sure to include them in your values.
Every variable value is opened and closed with a single apostrophe `'` - please do not include these in your values or it will break things. If you absolutely must, replace them at the opening and closing of the value with double quotes `"`.
Certain variables are booleans, and come in a form that looks like this:
MEMBER_CORP_GROUPS = 'True' == os.environ.get('AA_MEMBER_CORP_GROUPS', 'True')
They're handled as strings because when settings are exported from shell commands (eg `export AA_MEMBER_CORP_GROUPS False`) they're interpreted as strings, so a string comparison is done.
When changing these booleans, edit the setting within the brackets (eg `('AA_MEMBER_CORP_GROUPS', 'True')` vs `('AA_MEMBER_CORP_GROUPS', 'False')`) and not the `True` earlier in the statement. Otherwise these will have unexpected behaviours.
## Fields to Modify
### Required
- [SECRET_KEY](#secret_key)
- Use [this tool](http://www.miniwebtool.com/django-secret-key-generator/) to generate a key on initial install
- [DEBUG](#debug)
- If issues are encountered, set this to `True` to view a more detailed error report, otherwise set `False`
- [ALLOWED_HOSTS](#allowed_hosts)
- Should include localhost `127.0.0.1` and `yourdomain.com`
- [DATABASES](#databases)
- Fill out the database name and user credentials to manage the auth database.
- [IS_CORP](#is_corp)
- Set to `True` to run in corp mode, or `False` to run in alliance mode
- [DOMAIN](#domain)
- Set to the domain name AllianceAuth will be accessible under
- [EMAIL_HOST_USER](#email_host_user)
- Username to send emails from. If gmail account, the full gmail address.
- [EMAIL_HOST_PASSWORD](#email_host_password)
- Password for the email user.
- [CORP_ID](#corp_id)
- If running in corp mode, set to the corp ID of the owning corp.
- [CORP_NAME](#corp_name)
- If running in corp mode, set to the name of the owning corp.
- [ALLIANCE_ID](#alliance_id)
- If running in alliance mode, set to the alliance ID of the owning alliance.
- [ALLIANCE_NAME](#alliance_name)
- If running in alliance mode, set to the name of the owning alliance.
- [MEMBER_API_MASK](#member_api_mask)
- Set the minimum access mask for member API keys.
- [MEMBER_API_ACCOUNT](#member_api_account)
- Set to `True` to require member API keys be account keys.
- [BLUE_API_MASK](#blue_api_mask)
- Set the minimum access mask for blue API keys.
- [BLUE_API_ACCOUNT](#blue_api_account)
- Set to `True` to require blue API keys be account keys.
## Services
### Member Services
After installing services, enable specific services for members by setting the following to `True`
- [ENABLE_AUTH_FORUM](#enable_auth_forum)
- [ENABLE_AUTH_JABBER](#enable_auth_jabber)
- [ENABLE_AUTH_MUMBLE](#enable_auth_mumble)
- [ENABLE_AUTH_IPBOARD](#enable_auth_ipboard)
- [ENABLE_AUTH_TEAMSPEAK3](#enable_auth_teamspeak3)
- [ENABLE_AUTH_DISCORD](#enable_auth_discord)
- [ENABLE_AUTH_DISCOURSE](#enable_auth_discourse)
- [ENABLE_AUTH_IPS4](#enable_auth_ips4)
- [ENABLE_AUTH_SMF](#enable_auth_smf)
- [ENABLE_AUTH_MARKET](#enable_auth_market)
- [ENABLE_AUTH_XENFORO](#enable_auth_xenforo)
### Blue Services
After installing services, enable specific services for blues by setting the following to `True`
- [ENABLE_BLUE_FORUM](#enable_blue_forum)
- [ENABLE_BLUE_JABBER](#enable_blue_jabber)
- [ENABLE_BLUE_MUMBLE](#enable_blue_mumble)
- [ENABLE_BLUE_IPBOARD](#enable_blue_ipboard)
- [ENABLE_BLUE_TEAMSPEAK3](#enable_blue_teamspeak3)
- [ENABLE_BLUE_DISCORD](#enable_blue_discord)
- [ENABLE_BLUE_DISCOURSE](#enable_blue_discourse)
- [ENABLE_BLUE_IPS4](#enable_blue_ips4)
- [ENABLE_BLUE_SMF](#enable_blue_smf)
- [ENABLE_BLUE_MARKET](#enable_blue_market)
- [ENABLE_BLUE_XENFORO](#enable_blue_xenforo)
### IPBoard
If using IPBoard, the following need to be set
- [IPBOARD_ENDPOINT](#ipboard_endpoint)
- [IPBOARD_APIKEY](#ipboard_apikey)
- [IPBOARD_APIMODULE](#ipboard_apimodule)
### XenForo
If using XenForo, the following need to be set
- [XENFORO_ENDPOINT](#xenforo_endpoint)
- [XENFORO_APIKEY](#xenforo_apikey)
### Openfire
If using Openfire, the following need to be set
- [JABBER_URL](#jabber_url)
- [JABBER_PORT](#jabber_port)
- [JABBER_SERVER](#jabber_server)
- [OPENFIRE_ADDRESS](#openfire_address)
- [OPENFIRE_SECRET_KEY](#openfire_secret_key)
- [BROADCAST_USER](#broadcast_user)
- [BROADCAST_USER_PASSWORD](#broadcast_user_password)
- [BROADCAST_SERVICE_NAME](#broadcast_service_name)
### Mumble
If using Mumble, the following need to be set
- [MUMBLE_URL](#mumble_url)
### PHPBB3
If using phpBB3, the database needs to be defined.
### Teamspeak3
If using Teamspeak3, the following need to be set
- [TEAMSPEAK3_SERVER_IP](#teamspeak3_server_ip)
- [TEAMSPEAK3_SERVER_PORT](#teamspeak3_server_port)
- [TEAMSPEAK3_SERVERQUERY_USER](#teamspeak3_serverquery_user)
- [TEAMSPEAK3_SERVERQUERY_PASSWORD](#teamspeak3_serverquery_password)
- [TEAMSPEAK3_VIRTUAL_SERVER](#teamspeak3_virtual_server)
- [TEAMSPEAK3_PUBLIC_URL](#teamspeak3_public_url)
### Discord
If connecting to a Discord server, set the following
- [DISCORD_SERVER_ID](#discord_server_id)
- [DISCORD_USER_EMAIL](#discord_user_email)
- [DISCORD_USER_PASSWORD](#discord_user_password)
### Discourse
If connecting to Discourse, set the following
- [DISCOURSE_URL](#discourse_url)
- [DISCOURSE_API_USERNAME](#discourse_api_username)
- [DISCOURSE_API_KEY](#discourse_api_key)
### IPSuite4
If using IPSuite4 (aka IPBoard4) the following are required:
- [IPS4_URL](#ips4_url)
- the database needs to be defined
### SMF
If using SMF the following are required:
- [SMF_URL](#smf_url)
- the database needs to be defined
## Optional
### Standings
To allow access to blues, a corp API key is required to pull standings from. Corp does not need to be owning corp or in owning alliance. Required mask is 16 (Communications/ContactList)
- [CORP_API_ID](#corp_api_id)
- [CORP_API_VCODE](#corp_api_vcode)
### Jacknife
To view APIs on a different Jacknife install, set [JACK_KNIFE_URL](#jack_knife_url)
### Auto Groups
Groups can be automatically assigned based on a user's corp or alliance. Set the following to `True` to enable this feature.
- [MEMBER_CORP_GROUPS](#member_corp_groups)
- [MEMBER_ALLIANCE_GROUPS](#member_alliance_groups)
- [BLUE_CORP_GROUPS](#blue_corp_groups)
- [BLUE_ALLIANCE_GROUPS](#blue_alliance_groups)
### Fleet-Up
Fittings and operations can be imported from Fleet-Up. Define the following to do so.
- [FLEETUP_APP_KEY](#fleetup_app_key)
- [FLEETUP_USER_ID](#fleetup_user_id)
- [FLEETUP_API_ID](#fleetup_api_id)
- [FLEETUP_GROUP_ID](#fleetup_group_id)
# Description of Settings
## Django
### SECRET_KEY
A random string used in cryptographic functions, such as password hashing. Changing after installation will render all sessions and password reset tokens invalid.
### DEBUG
Replaces the generic `SERVER ERROR (500)` page when an error is encountered with a page containing a traceback and variables. May expose sensitive information so not recommended for production.
### ALLOWED_HOSTS
A list of addresses used to validate headers: AllianceAuth will block connection coming from any other address unless `DEBUG` is `True`. This should be a list of URLs and IPs to allow. For instance, include 'mydomain.com', 'www.mydomain.com', and the server's IP address to ensure connections will be accepted.
### DATABASES
List of databases available. Contains the Django database, and may include service ones if enabled. Service databases are defined in their individual sections and appended as needed automatically.
### LANGUAGE_CODE
Friendly name of the local language.
### TIME_ZONE
Friendly name of the local timezone.
### STATIC_URL
Absolute URL to serve static files from.
### STATIC_ROOT
Root folder to store static files in.
### SUPERUSER_STATE_BYPASS
Overrides superuser account states to always return True on membership tests. If issues are encountered, or you want to test access to certain portions of the site, set to False to disable.
## ALLIANCE / CORP TOGGLE
### IS_CORP
Used to determine the criteria used for member and blue validation, either requiring membership in the corp or alliance specified later, and being a standing of the corp or alliance specified later.
## EMAIL SETTINGS
### DOMAIN
The URL to which emails will link.
### EMAIL_HOST
The host address of the email server.
### EMAIL_PORT
The host port of the email server.
### EMAIL_HOST_USER
The username to authenticate as on the email server.
### EMAIL_HOST_PASSWORD
The password of the user used to authenticate on the email server.
### EMAIL_USE_TLS
Enable TLS connections to the email server.
## Front Page Links
### KILLBOARD_URL
Link to a killboard.
### EXTERNAL_MEDIA_URL
Link to another media site, eg YouTube channel.
### FORUM_URL
Link to forums. Also used as the phpbb3 URL if enabled.
## SSO Settings
If defined below, a `LOG IN WITH EVE ONLINE` button will be present on the login page. This allows registered users to log in as their characters instead of username/password.
### EVE_SSO_CLIENT_ID
The application cliend ID generated from the [developers site.](https://developers.eveonline.com)
### EVE_SSO_CLIENT_SECRET
The application secret key generated from the [developers site.](https://developers.eveonline.com)
### EVE_SSO_CALLBACK_URL
The callback URL for authentication handshake. Should be `https://mydomain.com/sso/callback`.
## Default Group Settings
### DEFAULT_AUTH_GROUP
Name of the group members of the owning corp or alliance are put in.
### DEFAULT_BLUE_GROUP
Name of the group blues of the owning corp or alliance are put in.
### MEMBER_CORP_GROUPS
If `True`, add members to groups with their corp name, prefixed with `Corp_`
### MEMBER_ALLIANCE_GROUPS
If `True`, add members to groups with their alliance name, prefixed with `Alliance_`
### BLUE_CORP_GROUPS
If `True`, add blues to groups with their corp name, prefixed with `Corp_`
### BLUE_ALLIANCE_GROUPS
If `True`, add blues to groups with their alliance name, prefixed with `Alliance_`
## Alliance Service Setup
### ENABLE_AUTH_FORUM
Allow members of the owning corp or alliance to generate accounts on a Phpbb3 install.
### ENABLE_AUTH_JABBER
Allow members of the owning corp or alliance to generate accounts on an Openfire install.
### ENABLE_AUTH_MUMBLE
Allow members of the owning corp or alliance to generate accounts on a Mumble install.
### ENABLE_AUTH_IPBOARD
Allow members of the owning corp or alliance to generate accounts on an IPBoard install.
### ENABLE_AUTH_TEAMSPEAK3
Allow members of the owning corp or alliance to generate accounts on a Teamspeak3 install.
### ENABLE_AUTH_DISCORD
Allow members of the owning corp or alliance to link accounts to a Discord server.
### ENABLE_AUTH_DISCOURSE
Allow members of the owning corp or alliance to generate accounts on a Discourse install
### ENABLE_AUTH_IPS4
Allow members of the owning corp or alliance to generate accounts on a IPSuite4 install.
### ENABLE_AUTH_SMF
Allow members of the owning corp or alliance to generate accounts on a SMF install.
### ENABLE_AUTH_MARKET
Allow members of the owning corp or alliance to generate accounts on an alliance market install.
### ENABLE_AUTH_XENFORO
Allow members of the owning corp or alliance to generate accounts on a XenForo install.
## Blue Service Setup
### BLUE_STANDING
The lowest standings to consider blue. Default is 5.0
### ENABLE_BLUE_FORUM
Allow blues of the owning corp or alliance to generate accounts on a Phpbb3 install.
### ENABLE_BLUE_JABBER
Allow blues of the owning corp or alliance to generate accounts on an Openfire install.
### ENABLE_BLUE_MUMBLE
Allow blues of the owning corp or alliance to generate accounts on a Mumble install.
### ENABLE_BLUE_IPBOARD
Allow blues of the owning corp or alliance to generate accounts on an IPBoard install.
### ENABLE_BLUE_TEAMSPEAK3
Allow blues of the owning corp or alliance to generate accounts on a Teamspeak3 install.
### ENABLE_BLUE_DISCORD
Allow blues of the owning corp or alliance to link accounts to a Discord server.
### ENABLE_BLUE_DISCOURSE
Allow blues of the owning corp or alliance to generate accounts on a Discourse install.
### ENABLE_BLUE_IPS4
Allow blues of the owning corp or alliance to generate accounts on an IPSuite4 install.
### ENABLE_BLUE_SMF
Allow blues of the owning corp or alliance to generate accounts on a SMF install.
### ENABLE_BLUE_MARKET
Allow blues of the owning corp or alliance to generate accounts on an alliance market install.
### ENABLE_BLUE_XENFORO
Allow blues of the owning corp or alliance to generate accounts on a XenForo install.
## Corp Configuration
### CORP_ID
EVE corp ID of the owning corp, if `IS_CORP` is set to `True`
## CORP_NAME
Name of the owning corp, if `IS_CORP` is set to `True`
## CORP_API_ID
The ID of an API key for a corp from which to pull standings, if desired. Needed for blues to gain access.
## CORP_API_VCODE
The verification code of an API key for a corp from which to pull standings, if desired. Needed for blues to gain access.
## Alliance Configuration
### ALLIANCE_ID
EVE alliance ID of the owning alliance, if `IS_CORP` is set to `False`
### ALLIANCE_NAME
Name of the owning alliance, if `IS_CORP` is set to `False`
## API Configuration
### MEMBER_API_MASK
Required access mask for members' API keys to be considered valid.
### MEMBER_API_ACCOUNT
If `True`, require API keys from members to be account-wide, not character-restricted.
### BLUE_API_MASK
Required access mask for blues' API keys to be considered valid.
### BLUE_API_ACCOUNT
If `True`, require API keys from blues to be account-wide, not character-restricted.
### REJECT_OLD_APIS
Require each submitted API be newer than the latest submitted API. Protects against recycled or stolen API keys.
### REJECT_OLD_APIS_MARGIN
Allows newly submitted APIs to have their ID this value lower than the highest API ID on record and still be accepted. Default is 50, 0 is safest.
## HR Configuration
### JACK_KNIFE_URL
Link to an install of [eve-jackknife](https://code.google.com/archive/p/eve-jackknife/)
## Forum Configuration
### IPBOARD_ENDPOINT
URL to the `index.php` file of a IPBoard install's API server.
### IPBOARD_APIKEY
API key for accessing an IPBoard install's API
### IPBOARD_APIMODULE
Module to access while using the API
## XenForo Configuration
### XENFORO_ENDPOINT
The address of the XenForo API. Should look like `https://mydomain.com/forum/api.php`
### XENFORO_DEFAULT_GROUP
The group ID of the group to assign to member. Default is 0.
### XENFORO_APIKEY
The API key generated from XenForo to allow API access.
## Jabber Configuration
### JABBER_URL
Address to instruct members to connect their jabber clients to, in order to reach an Openfire install. Usually just `mydomain.com`
### JABBER_PORT
Port to instruct members to connect their jabber clients to, in order to reach an Openfire install. Usually 5223.
### JABBER_SERVER
Server name of an Openfire install. Usually `mydomain.com`
### OPENFIRE_ADDRESS
URL of the admin web interface for an Openfire install. Usually `http://mydomain.com:9090`. If HTTPS is desired, change port to 9091: `https://mydomain.com:9091`
### OPENFIRE_SECRET_KEY
Secret key used to authenticate with an Openfire admin interface.
### BROADCAST_USER
Openfire user account used to send broadcasts from. Default is `Broadcast`.
### BROADCAST_USER_PASSWORD
Password to use when authenticating as the `BROADCAST_USER`
### BROADCAST_SERVICE_NAME
Name of the broadcast service running on an Openfire install. Usually `broadcast`
## Mumble Configuration
### MUMBLE_URL
Address to instruct members to connect their Mumble clients to.
## Teamspeak3 Configuration
### TEAMSPEAK3_SERVER_IP
IP of a Teamspeak3 server on which to manage users. Usually `127.0.0.1`
### TEAMSPEAK3_SERVER_PORT
Port on which to connect to a Teamspeak3 server at the `TEAMSPEAK3_SERVER_IP`. Usually `10011`
### TEAMSPEAK3_SERVERQUERY_USER
User account with which to authenticate on a Teamspeak3 server. Usually `serveradmin`.
### TEAMSPEAK3_SERVERQUERY_PASSWORD
Password to use when authenticating as the `TEAMSPEAK3_SERVERQUERY_USER`. Provided during first startup or when you define a custom serverquery user.
### TEAMSPEAK3_VIRTUAL_SERVER
ID of the server on which to manage users. Usually `1`.
### TEAMSPEAK3_PUBLIC_URL
Address to instruct members to connect their Teamspeak3 clients to. Usually `mydomain.com`
## Discord Configuration
### DISCORD_GUILD_ID
The ID of a Discord server on which to manage users.
### DISCORD_BOT_TOKEN
The bot token obtained from defining a bot on the [Discord developers site.](https://discordapp.com/developers/applications/me)
### DISCORD_INVITE_CODE
A no-limit invite code required to add users to the server. Must be generated from the Discord server itself (instant invite).
### DISCORD_APP_ID
The application ID obtained from defining an application on the [Discord developers site.](https://discordapp.com/developers/applications/me)
### DISCORD_APP_SECRET
The application secret key obtained from defining an application on the [Discord developers site.](https://discordapp.com/developers/applications/me)
### DISCORD_CALLBACK_URL
The callback URL used for authenticaiton flow. Should be `https://mydomain.com/discord_callback`. Must match exactly the one used when defining the application.
### DISCORD_SYNC_NAMES
Override usernames on the server to match the user's main character.
## Discourse Configuration
### DISCOURSE_URL
The web address of the Discourse server to direct users to.
### DISCOURSE_API_USERNAME
Username of the account which generated the API key on Discourse.
### DISCOURSE_API_KEY
API key defined on Discourse.
## IPS4 Configuration
### IPS4_URL
URL of the IPSuite4 install to direct users to.
### IPS4_API_KEY
Depreciated.
### IPS4_DB
The database connection to manage users on.
## SMF Configuration
### SMF_URL
URL of the SMF install to direct users to.
### SMF_DB
The database connection to manage users on.
## Fleet-Up Configuration
### FLEETUP_APP_KEY
Application key as [defined on Fleet-Up.](http://fleet-up.com/Api/MyApps)
### FLEETUP_USER_ID
API user ID as [defined on Fleet-Up.](http://fleet-up.com/Api/MyKeys)
### FLEETUP_API_ID
API ID as [defined on Fleet-Up.](http://fleet-up.com/Api/MyKeys)
### FLEETUP_GROUP_ID
The group ID from which to pull data. Can be [retrieved from Fleet-Up](http://fleet-up.com/Api/Endpoints#groups_mygroupmemberships)
## Logging Configuration
This section is used to manage how logging messages are processed.

72
docs/installation/auth/ubuntu.md Normal file
View File

@@ -0,0 +1,72 @@
# Ubuntu Installation
Its recommended to update all packages before proceeding.
sudo apt-get update
sudo apt-get upgrade
sudo reboot
Now install all [dependencies](dependencies.md). For this guide you'll need the optional [Apache section](dependencies.md) as well.
sudo apt-get install xxxxxxx
replacing the xs with the list of packages.
For security and permissions, its highly recommended you create a user to install under who is not the root account.
sudo adduser allianceserver
This user needs sudo powers. Add them by editing the sudoers file:
sudo nano /etc/sudoers
Find the line which says `root ALL=(ALL:ALL) ALL` - beneath it add another line `allianceserver ALL=(ALL:ALL) ALL` - now reboot.
**From this point on you need to be logged in as the allianceserver user**
AllianceAuth needs a MySQL user account. Create one as follows, replacing `PASSWORD` with an actual secure password:
mysql -u root -p
CREATE USER 'allianceserver'@'localhost' IDENTIFIED BY 'PASSWORD';
GRANT ALL PRIVILEGES ON * . * TO 'allianceserver'@'localhost';
Now we need to make the requisite databases.
create database alliance_auth;
create database alliance_forum;
create database alliance_jabber;
create database alliance_mumble;
Ensure you are in the allianceserver home directory by issuing `cd`
Now we clone the source code:
git clone https://github.com/R4stl1n/allianceauth.git
Enter the folder by issuing `cd allianceauth`
Python package dependencies can be installed from the requirements file:
sudo pip install requests>=2.9.1
sudo pip install -r requirements.txt
The settings file needs configuring. See [this lengthy guide](settings.md) for specifics.
Django needs to install models to the database before it can start.
python manage.py migrate
AllianceAuth needs to generate corp and alliance models before it can assign users to them.
python manage.py shell < run_alliance_corp_update.py
Now we need to round up all the static files required to render templates. Answer yes when prompted.
python manage.py collectstatic
Test the server by starting it manually.
python manage.py runserver 0.0.0.0:8000
If you see an error, stop, read it, and resolve it. If the server comes up and you can access it at `yourip:8000`, you're golden. It's ok to stop the server if you're going to be installing apache.
Once installed, follow the [Quick Start Guide](quickstart.md)