update docs

14c604ad · Hahn Axel (hahn) · 83c4df04 · 14c604ad · 14c604ad · 14c604ad
Commit 14c604ad authored 1 year ago by Hahn Axel (hahn)
--- a/docs/20_Installation.md
+++ b/docs/20_Installation.md
 # Installation on server

-
 ## Receive data

 * Create an ssh user "deployment" to receive data
-* Create a package directory - it can be outside webroot eg. /var/www/cipkg.example.com/packages/ with write permissions for user "deployment" and read persmissions for webserver.
+* Create a package directory - it can be outside webroot eg. /var/www/cipkg.example.com/packages/ with write permissions for user "deployment" and read permissions for webserver.

 ```txt
 mkdir /var/www/cipkg.example.com/packages/
@@ -12,7 +11,11 @@ chown deployment:www-data /var/www/cipkg.example.com/packages/
 chmod 750 /var/www/cipkg.example.com/packages/
 ```

-* Configue the ci sever to rsync with ssh user "deployment" here
+In the config of CI web server add a sync target. Use
+
+* the deployment user as ssh
+* the fqdn as hostname
+* the defined *packagedir* in your inc_config.php as target directory

 ## Xsentfile module

@@ -29,7 +32,6 @@ path on your websever.

 Redirect all requests to /packages/[whatever] to /packages/index.php

-
 Example snippet

 ```text
@@ -39,6 +41,9 @@ Example snippet

    <Location "/packages">

+        # for Php as php-fpm service:
+        SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
+
        RewriteEngine on
        RewriteCond %{REQUEST_FILENAME} !-f
        RewriteRule ^(.*)$ index.php [QSA,L]

--- a/docs/30_Configuration.md
+++ b/docs/30_Configuration.md
@@ -21,8 +21,6 @@ return array(
    'maxage'=>60,

    // force that a hash can be used only once
-    // a side effect is that fast repeat or simultanius requests
-    // will be denied.
    'onetimesecret'=>true,

    // filesize of lock file with stored hashed before starting garbage collection
@@ -35,27 +33,20 @@ return array(
    // allow directory listing when accessing a path of a package
    // true is required to fetch all packages
    'showdircontent'=>true,
-);
-```
-
-## Prepare receive of packages
-
-* Create an deployment account package server that can be used to be connected 
-  via SSH by the ci server
-* add the public key of www-data of the ci server into
-  /home/deployment/.ssh/authorized keys
-* Set permissions that the deployment user can write into
-  /var/www/cipkg.example.com/packages/
-  and the user of the webeservice can read it 
-  `chown deployment:apache /var/www/cipkg.example.com/packages/` and
-  `chmod 750 /var/www/cipkg.example.com/packages/`

-## Ci server: add a sync target
+    // Enable for troubleshooting
+    'debug'=>false,

-TODO
-
-In the config of CI web server add a sync target. Use
+);
+```

-* the deployment user as ssh
-* the fqdn as hostname
-* the defined *packagedir* in your inc_config.php as target directory
+| Key                | Description |
+|---                 |---          |
+| apikey             | A secret for the server. A client that wants to fetch a package must use the same secret |
+| packagedir         | physical folder where to find the packages. To this folder you need to point XSendFilePath in your apache httpd vhost too. |
+| maxage             | max age of request ... client and server need to be in sync |
+| onetimesecret      | force that a hash can be used only once. There should be no reason to turn it off. |
+| maxlockfilesize    | filesize of lock file with stored hashed before starting garbage collection. 10.000 byte are reached after 114 req |
+| tmpdir             | tmp dir to store used hashes  |
+| showdircontent     | allow directory listing when accessing a path of a package. true is required to fetch all packages by a single request |
+| debug              | enable debug output |
--- a/docs/40_Usage.md
+++ b/docs/40_Usage.md
@@ -7,6 +7,11 @@ See deployment project <https://git-repo.iml.unibe.ch/iml-open-source/imldeploym

 The download script is bin/getfile.sh.

+```text
+wget -O getfile.sh "https://git-repo.iml.unibe.ch/iml-open-source/imldeployment-client/-/raw/master/bin/getfile.sh?ref_type=heads"
+chmod 755 getfile.sh
+```
+
 ## How does it work?

 TODO: needs to be completed.
@@ -33,3 +38,57 @@ Possible GET requests are:

 If a valid request came in then the hash will be written to `[approot]/tmp/used_hashes.txt`.
 This file will be cleaned up if reaching the defined file size with value of *maxlockfilesize*.
+
+## Test package download
+
+If you use the docker environment for development:
+
+In your app root you there is a folder "example-packages". Inside the docker container it is available as /var/www/ci-pkg/example-packages/.
+
+* Below the package folder folders are subfolders for phases (preview, stage, live and "test").
+* below a phase are the folders with the project id
+* inside the project folder are the files per project
+
+```text
+example-packages/
+├── live
+├── preview
+├── stage
+└── test
+    └── example-prj
+        └── hello.txt
+```
+
+In your app root go to the the "tests" folder.
+This will download the "hello.txt" into the current folder:
+
+```txt
+./getfile.sh -u http://localhost:8001 -s myapikey -e test -p example-prj -f hello.txt
+-rw-r--r-- 1 axel axel 1152 Sep 15 14:34 hello.txt
+```
+
+For less params with getfile.sh there is a config:
+
+```txt
+cat getfile.sh.cfg
+# for less params with getfile.sh
+IMLCI_PKG_SECRET=myapikey
+IMLCI_URL=http://localhost:8001
+IMLCI_PHASE=test
+```
+
+With it you can execute ``./getfile.sh -p example-prj -f hello.txt`` too.
+
+If you enabled the file listing you get a list of files:
+
+```txt
+./getfile.sh -p example-prj
+file:hello.txt
+```
+
+## Troubleshooting
+
+To have more output you have these possibilities:
+
+* in the command with ./getfile.sh add the flag ``-d`` to enable debugging for this script
+* in public_html/inc_config.php set the key debug to enable the debugging on server (disable it as soon you can)