2021-01-26 18:22:37 +02:00
|
|
|
# Installation
|
|
|
|
|
|
|
|
|
|
npm install
|
|
|
|
|
|
2021-01-31 22:43:25 +02:00
|
|
|
# Generate server certificates
|
2021-01-26 18:22:37 +02:00
|
|
|
|
|
|
|
|
From within the config/ directory:
|
|
|
|
|
|
|
|
|
|
openssl genrsa -out key.pem
|
|
|
|
|
openssl req -new -key key.pem -out csr.pem
|
|
|
|
|
openssl x509 -req -days 9999 -in csr.pem -signkey key.pem -out cert.pem
|
|
|
|
|
rm csr.pem
|
|
|
|
|
|
|
|
|
|
# Configuration
|
|
|
|
|
|
2021-01-31 22:43:25 +02:00
|
|
|
Ensure the config file in config/ matches your details.
|
|
|
|
|
|
|
|
|
|
The SSH key used must be the correct format, e.g. generated with:
|
|
|
|
|
|
|
|
|
|
ssh-keygen -m PEM -t rsa -C "your@email.address"
|
2021-01-26 18:22:37 +02:00
|
|
|
|
|
|
|
|
# Running the server
|
|
|
|
|
|
|
|
|
|
node bin/server.js config/prod.json
|
|
|
|
|
|
2021-04-11 00:06:24 +03:00
|
|
|
The server generates a lot of JSON data about every request. This is easier
|
|
|
|
|
for a human to handle if they have bunyan installed ("npm install -g bunyan"),
|
|
|
|
|
and instead:
|
|
|
|
|
|
|
|
|
|
node bin/server.js config/prod.json | bunyan
|
|
|
|
|
|
2021-01-26 18:22:37 +02:00
|
|
|
# Endpoints
|
|
|
|
|
|
2021-04-10 22:14:09 +03:00
|
|
|
## GET /*
|
2021-01-26 18:22:37 +02:00
|
|
|
|
|
|
|
|
This is where all the front-end code goes. All files will be served as-is as
|
2021-04-10 22:14:09 +03:00
|
|
|
found in that directory (by default a symlink to app/dist). The default is
|
|
|
|
|
static/index.html. There is no authentication; all files are public.
|
2021-01-26 18:22:37 +02:00
|
|
|
|
2021-04-10 22:14:09 +03:00
|
|
|
## GET /api/login
|
2021-01-26 18:22:37 +02:00
|
|
|
|
|
|
|
|
Call this endpoint to begin the login cycle. It will redirect you to the SSO
|
2021-02-02 17:20:21 +02:00
|
|
|
login page: an HTTP 302, with a Location header.
|
2021-01-26 18:22:37 +02:00
|
|
|
|
2021-04-10 22:14:09 +03:00
|
|
|
## GET/POST/PUT/DELETE/HEAD /api/*
|
2021-01-26 18:22:37 +02:00
|
|
|
|
2021-04-10 22:14:09 +03:00
|
|
|
All calls will be passed through to cloudapi. For these calls to succeed,
|
|
|
|
|
they MUST provide an X-Auth-Token header, containing the token returned from
|
|
|
|
|
SSO.
|
2021-02-02 17:20:21 +02:00
|
|
|
|
|
|
|
|
# Interaction cycle
|
|
|
|
|
|
2021-04-10 22:14:09 +03:00
|
|
|
client --- GET /api/login --------> this server
|
2021-02-02 17:20:21 +02:00
|
|
|
<-- 302 Location #1 ----
|
|
|
|
|
|
|
|
|
|
client --- GET <Location #1> --> SSO server
|
|
|
|
|
<separate SSO cycle>
|
2021-04-10 22:14:09 +03:00
|
|
|
<-- 302 with token query arg
|
2021-02-02 17:20:21 +02:00
|
|
|
|
|
|
|
|
From now on call this server as if it were a cloudapi server (using [cloudapi
|
|
|
|
|
paths](https://github.com/joyent/sdc-cloudapi/blob/master/docs/index.md#api-introduction)),
|
2021-04-10 22:14:09 +03:00
|
|
|
except prefixing any path with "/api". Also always provide the X-Auth-Token.
|
|
|
|
|
|
|
|
|
|
For example, to retrieve a list of packages:
|
2021-02-02 17:20:21 +02:00
|
|
|
|
2021-04-10 22:14:09 +03:00
|
|
|
client --- GET /api/my/packages --> this server
|
2021-02-02 17:20:21 +02:00
|
|
|
<-- 200 JSON body ------
|
|
|
|
|
|
|
|
|
|
The most useful cloudapi endpoints to begin with will be ListPackages,
|
|
|
|
|
GetPackage, ListImages, GetImage, ListMachines, GetMachine, CreateMachine and
|
|
|
|
|
DeleteMachine (see cloudapi docs).
|
