Skip to content

warwick-one-metre/dashboard

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

La Palma observatory dashboard

A Flask application that hosts dashboards showing the current / historical weather, webcams / audio, and telescope-specific information.

See Software Infrastructure for an overview of the observatory software architecture and instructions for developing and deploying the code.

Software Setup

Installing observatory-dashboard will pull in the nginx web server, uwsgi application container service, and the weather database updater and observatory log daemons.

The first step should be to configure the database as described in the weatherlogd and obslogd repository READMEs.

The web dashboard requires two additional tables in the ops database, which can be created using:

CREATE TABLE `dashboard_config` (
  `id` int(11) NOT NULL,
  `keyname` text NOT NULL,
  `value` text NOT NULL
) ENGINE=InnoDB DEFAULT CHARSET=utf8;

CREATE TABLE `dashboard_sessions` (
  `github_token` VARCHAR(40) UNIQUE,
  `data` text NOT NULL,
  `timestamp` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP
) ENGINE=InnoDB DEFAULT CHARSET=utf8;

The dashboard_config table is expected to contain three rows:

id keyname Description
1 SECRET_KEY A complex random value used for encrypting cookies and other data. This should be a string of at least 40 random characters.
2 GITHUB_CLIENT_ID Part of the GitHub authentication support. This should be set to the "Client ID" listed in the "Warwick one-metre telescope" OAuth App in the organization settings on GitHub.
3 GITHUB_CLIENT_SECRET Part of the GitHub authentication support. This should be set to the "Client Secret" listed in the "Warwick one-metre telescope" OAuth App in the organization settings on GitHub.
4 WEBCAM_STING_PASSWORD Webcam root accounnt password for toggling IR lights.
5 WEBCAM_W1M_PASSWORD Webcam root accounnt password for toggling IR lights.
6 WEBCAM_CLASP_PASSWORD Webcam root accounnt password for toggling IR lights.
7 WEBCAM_HALFMETRE_PASSWORD Webcam root accounnt password for toggling IR lights.

Once that is working, you can configure the dashboard and web-serving infrastructure to run at startup using:

sudo systemctl enable nginx uwsgi dashboard update-dashboard-data

They can then be started immediately (without waiting for a reboot) using:

sudo systemctl start nginx uwsgi dashboard update-dashboard-data

Next, allow access through the firewall:

sudo firewall-cmd --permanent --zone=public --add-service=http
sudo firewall-cmd --permanent --zone=public --add-service=https
sudo firewall-cmd --reload

We then need to convince SELinux to let nginx talk to the dashboard:

sudo yum install policycoreutils-python
sudo semanage fcontext -at httpd_sys_rw_content_t "/srv/dashboard(/.*)?"
sudo restorecon -Rv /srv/dashboard

Now we need to share the temp data directory so that the pipeline daemon (on the TCS) can write preview data. Edit /etc/exports and add the following line:

/srv/dashboard/generated    10.2.6.0/24(rw,sync,no_root_squash,no_all_squash)

Note that this is the IP of the machine running pipelined and should be updated if that changes.

Next enable the NFS daemons:

sudo systemctl enable rpcbind
sudo systemctl enable nfs-server
sudo systemctl enable nfs-lock
sudo systemctl enable nfs-idmap

and systemctl start them or reboot.

Finally, allow NFS connections through the firewall:

sudo firewall-cmd --permanent --zone=public --add-service=nfs
sudo firewall-cmd --permanent --zone=public --add-service=mountd
sudo firewall-cmd --permanent --zone=public --add-service=rpc-bind
sudo firewall-cmd --reload

The nginx configuration (dashboard.conf) explicitly defines the IP of the hosting machine (currently 10.2.6.100). If the machine/ip changes then this should be updated to match.

The GitHub team IDs used to determine permissions are set in the get_user_account function in dashboard/__init__.py. The IDs can be queried from the GitHub API with curl -H "Authorization: token <personal access token>" https://api.github.com/orgs/warwick-one-metre/teams. The <personal access token> can be generated from your GitHub settings, and should have at least the repo scope.

The dashboard URL is also set in the "Authorization callback URL" in the GitHub settings. The target endpoint is login-callback, so e.g. http://lapalma-observatory.warwick.ac.uk/login-callback. If the dashboard is moved then this should be updated to match.

If you want to export / backup the database you must add the --skip-tz-utc argument to mysqldump to prevent it from breaking timestamps!

About

No description, website, or topics provided.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published