risotto/README.md

Projet Risotto
==============

Démarrer le server de l'API Risotto :
```
python3 script/server.py
```

Accéder à un message :
```
wget http://localhost:8080/v1/config.session.server.start
```

Démarrer un serveur LemonLDAP de test
```
docker pull coudot/lemonldap-ng
echo "127.0.0.1 auth.example.com manager.example.com test1.example.com test2.example.com" >> /etc/hosts
docker run -d --add-host reload.example.com:127.0.0.1 -p 80:80 coudot/lemonldap-ng
```

Démarrer un serveur postgresql de test
```
docker run -dt -p 5432:5432 --name postgres postgres:11-alpine
docker exec -ti postgres bash

psql -U postgres -h localhost -c "CREATE ROLE risotto WITH LOGIN PASSWORD 'risotto';"
psql -U postgres -h localhost -c "CREATE DATABASE risotto;"
psql -U postgres -h localhost -c "GRANT ALL ON DATABASE risotto TO risotto;"
#psql -U postgres -h localhost -c "CREATE EXTENSION hstore;" risotto
```

Gestion de la base de données

La plupart des services se greffant à risotto nécessite une table dans la base de données risotto.
Chacun de ces services documente la structure de la table mais ne se charge pas de sa création.
La création de la table, selon le schéma fournit dans la documentation, est à la charge de l’administrateur du système.

# Empty database:

````
psql -U postgres
drop database risotto;
drop user risotto;
\q
reconfigure
```

```
psql -U postgres tiramisu
drop table value; drop table property; drop table permissive; drop table information; drop table session;
```

# Import EOLE
./script/cucchiaiata source.create -n eole -u http://localhost
./script/cucchiaiata source.release.create -s eole -n 2.7.1.1 -d last
./script/cucchiaiata applicationservice.dataset.updated -s eole -r last
./script/cucchiaiata servermodel.dataset.updated -s eole -r last

# Create a new user and set role 'server_rw' for this server
./script/cucchiaiata user.create -l gnunux -n gnunux -s gnunux
./script/cucchiaiata user.role.create -u gnunux -n 'server_rw' -a 'Server.ServerName' -v test

# Heritage
## ACA
./script/cucchiaiata servermodel.create -n aca -d Aca -p base -s eole -r last
./script/cucchiaiata session.servermodel.start -s aca
S=xxxxxxxxxxxxxxxxxxxxxx
### verif
./script/cucchiaiata session.servermodel.get -s $S -n creole.reseau.unbound_route_address
./script/cucchiaiata session.servermodel.get -s $S -n creole.reseau.unbound_domain_name
./script/cucchiaiata session.servermodel.get -s $S -n creole.serveur_dns.unbound_local_zones
./script/cucchiaiata session.servermodel.get -s $S -n creole.reseau.unbound_ip_address_cidr

./script/cucchiaiata session.servermodel.configure -s $S --creole.reseau.unbound_route_address 192.168.1.2
./script/cucchiaiata session.servermodel.configure -s $S --creole.serveur_dns.unbound_allowed_client_cidr 192.168.1.0/24
./script/cucchiaiata session.servermodel.stop -s $S -a

## etab1
./script/cucchiaiata servermodel.create -n etab1 -d "Etab 1" -p aca -s internal -r last
./script/cucchiaiata session.servermodel.start -s etab1
S=xxxxxxxxxxxxxxxxxxxxxx
./script/cucchiaiata session.servermodel.configure -s $S --creole.reseau.unbound_domain_name test.cadoles.com
./script/cucchiaiata session.servermodel.stop -s $S -a

## unbound
./script/cucchiaiata servermodel.create -n unbound -d "generic unbound configuration" -s eole -r last
./script/cucchiaiata session.servermodel.start -s unbound
S=xxxxxxxxxxxxxxxxxxxxxx
./script/cucchiaiata session.servermodel.configure -s $S --creole.serveur_dns.unbound_local_zones cadoles.com
./script/cucchiaiata session.servermodel.filter -s $S -n unbound
./script/cucchiaiata session.servermodel.configure -s $S --unbound.unbound_zone_cadoles_com.hostname_cadoles_com.hostname_cadoles_com toto titi
./script/cucchiaiata session.servermodel.configure -s $S --unbound.unbound_zone_cadoles_com.hostname_cadoles_com.ip_cadoles_com 0 192.168.1.25
./script/cucchiaiata session.servermodel.configure -s $S --unbound.unbound_zone_cadoles_com.hostname_cadoles_com.type_cadoles_com 1 CNAME
./script/cucchiaiata session.servermodel.configure -s $S --unbound.unbound_zone_cadoles_com.hostname_cadoles_com.cname_cadoles_com 1 toto.cadoles.com
./script/cucchiaiata session.servermodel.stop -s $S -a

## unbound_etab1
./script/cucchiaiata servermodel.create -n unbound_etab1 -d "unbound configuration for etab1" -p etab1 unbound -s internal -r last

### verif
./script/cucchiaiata session.servermodel.start -s unbound_etab1
S=xxxxxxxxxxxxxxxxxxxxxx
XXXXX

# Create a server
./script/cucchiaiata server.create -s test.cadoles.com -d description -m unbound_etab1 -r last

./script/cucchiaiata session.server.start -s test
S=xxxxxxxxxxxxxxxxxxxxxx
./script/cucchiaiata session.server.configure -s $S --creole.reseau.unbound_ip_address_cidr 192.168.1.1/24
./script/cucchiaiata session.server.validate -s $S
./script/cucchiaiata session.server.stop -s $S -a

# Generate configuration
./script/cucchiaiata config.configuration.server.deploy -s test
./script/cucchiaiata template.generate -s test

# OpenSSH
./script/cucchiaiata applicationservice.dependency.add -n local_aca -a openssh -s eole -r last