Skip to content
This repository has been archived by the owner on Apr 19, 2019. It is now read-only.

Home

Jump to bottom
Leonardo Crauss Daronco edited this page Jun 5, 2014 · 51 revisions

Documentação para instalação do portal web da RNP.

O código da aplicação está em https://github.com/mconf-rnp/mconf-web/tree/branch-v2, que é uma versão customizada do original em https://github.com/mconf/mconf-web/tree/branch-v2.

Instalação

Seguir o guia padrão de instalação do Mconf-Web que está nesta página, observando o seguinte:

  • Na seção 3, baixar a aplicação do endereço git://github.com/mconf-rnp/mconf-web.git.
  • Ainda na seção 3, no lugar de git checkout v0.7, utilizar o comando: git checkout branch-v2.
    • Nota: a última versão deste portal estará sempre no branch branch-v2!

Instalação e configuração shibboleth

  1. Habilitar SSL/HTTPS: ver manual.
  2. Habilitar o Shibboleth no servidor: ver manual.

Algumas configurações do Shibboleth devem ser adaptadas pra federação da RNP.

Uma das coisas, é restringir o acesso para algumas instituições. Edite o arquivo /etc/shibboleth/attribute-policy.xml e adicione o seguinte bloco dentro da tag afp:AttributeFilterPolicy, logo acima da tag <afp:AttributeRule attributeID="*">:

<afp:AttributeRule attributeID="Shib-eduPerson-eduPersonPrincipalName">
    <afp:PermitValueRule xsi:type="AttributeScopeRegex" regex="^rnp\.br$" />
</afp:AttributeRule>

Veja mais abaixo o que deve ser configurado no portal para o Shibboleth funcionar.

Configuração inicial

Após instalar a aplicação, acessar o endereço /login da mesma (e.g. http://mconf.rnp.br/login) e logar com o usuário admin padrão:

  • Username: admin
  • Senha: admin

Após entrar com a conta admin, a senha deste usuário pode ser modificada acessando a página "account".

Acessar a página de configuração da aplicação (mais detalhes aqui) para configurar os campos abaixo. Alguns desses campos requerem que a aplicação seja reiniciada para serem aplicados. Para reiniciar a aplicação veja esta página.

Configurações básicas:

  • Application Domain: colocar o domínio atribuído ao site, e.g. mconf.rnp.br
  • Language: pt-br
  • Requerer que administradores aceitem novas contas: --marcar--

Para a autenticação Shibboleth:

Configurações do SMTP para utilizar uma conta do Gmail (normalmente a maneira mais fácil de testar o envio de emails inicialmente):

  • SMTP login: --email e.g. rnp@gmail.com--
  • SMTP password: --senha--
  • SMTP server: smtp.gmail.com
  • SMTP domain: gmail.com
  • SMTP port: 587
  • Use TLS in SMTP: --marcar--
  • Auto start TLS in SMTP: --marcar--
  • SMTP authentication type: plain
  • SMTP sender: --email e.g. rnp@gmail.com--

Configurações do SMTP para utilizar um servidor de emails da RNP:

  • SMTP login: --deixar em branco--
  • SMTP password: --deixar em branco--
  • SMTP server: smtpapp.rnp.br
  • SMTP domain: rnp.br
  • SMTP port: --deixar em branco--
  • Use TLS in SMTP: --não marcar--
  • Auto start TLS in SMTP: --não marcar--
  • SMTP authentication type: --deixar em branco--
  • SMTP sender: --email e.g. mconf-se@rnp.br-- (ou outro)

Configurações do Shibboleth:

  • Shibboleth: Enable: --marcar--

  • Shibboleth: Field for email: inetOrgPerson-mail

  • Shibboleth: Field for name: inetOrgPerson-cn

  • Shibboleth: Field for principal name: Shib-eduPerson-eduPersonPrincipalName

  • Shibboleth: Field for login: --deixar em branco--

  • Shibboleth: Environment variables:

    inetOrgPerson-.*
shib-.*

Configurações do LDAP (nota: informações temporárias utilizadas em desenvolvimento, ainda não em produção):

  • LDAP: Enable authentication: --marcar--
  • LDAP: Server IP or domain: 200.143.193.85.
  • LDAP: Server port: 636
  • LDAP: Full DN for the user: uid=app.ufrgs.w,ou=APLICACOES,dc=homolog,dc=rnp
  • LDAP: User password: --consultar admin--
  • LDAP: Full DN for UsersTreebase: ou=UFRGS,ou=RNP,dc=homolog,dc=rnp
  • LDAP: Field to obtain the username: uid
  • LDAP: Field to obtain the user's email: mail
  • LDAP: Field to obtain the user's full name: cn

Na aba "BigBlueButton", haverá um servidor de web conferência já pré-cadastrado. Modifcar as configurações deste servidor para:

  • Name: Default Server
  • URL: http://mconf-lb.rnp.br/bigbluebutton/api
  • Security Salt: --consultar admin--
  • Version: 0.8
  • String ID: default-server

Atualização de versão

Atualizar a versão do software (baixar nova versão do branch branch-v2):

cd ~/mconf-web/current
git fetch origin
git checkout branch-v2
git pull origin branch-v2

Atualizar as dependências:

git submodule update
bundle install --without=development test

Migrar o banco de dados:

bundle exec rake db:migrate RAILS_ENV=production

Atualizar a crontab:

bundle exec whenever --update-crontab mconf-web --set environment=production --roles db

Mais detalhes sobre as versões do portal estão abaixo. Para o Mconf-Web base, changelog e road map estão neste link.

Por fim, reiniciar o servidor. Instruções nesta página.

Changelog

(list of issues here and here. Last revision considered: 10a6ed8476)

??/06/2014

  • [#1225] Fix the number of users and spaces in management lists shown to institutional admins
  • [#1079] Automatically set a user's institution when signing in via CAFe
  • [#1239] Block shibboleth users from institutions that are not registered in the portal yet
  • [#1231] Fix redirections when signing in from a few pages where it was redirecting to the wrong page
  • [#1226] Consistent time zones for events
  • [#1148] Improved permissions when joining web conferences in spaces: 1) only administrators of a space and the person that started the web conference will be moderators; 2) all members of a space can start a web conference in the space; 3) only administrators and the person that started the web conference can stop a web conference in the space.
  • Fix bugs when users tried to join a space
  • Better inputs to select dates and times in events and web conference invitations: now it uses a javascript component to select a date and simple <select> tags to select a time.

15/05/2014

  • [#1250] Fix user/space losing institution on save
  • [#1107] Allow site admin to bypass user limit when approving users

16/04/2014

  • [#1153] Allow admins to remove spaces completely, not only disable them.
  • Added a "copy and paste" button to user's web conference rooms, to make it easier to copy the room's URL.
  • Fix count for spaces in manage/spaces (wasn't considering disabled spaces).
  • Better page when a user logs out of a conference. Now with a countdown to automatically close the window.
  • Fix setting the record flag when a web conference is started. Was setting it always as false.
  • Fix time zones for events, now consistent when editing and seeing an event.
  • Improved the calendar to pick dates and times for events.

12/04/2014

  • [#1188] Allow admins to remove the institution of a space/user.
  • Fix search of events for users that are non-admins.
  • [#1159] Improved the listing of events: now the number of events is consistent across all filters; the filters now always start on the first page.
  • When a user clicks to register on an event, if the user is signed in, it will automatically register the user without asking for an email.
  • Updating more missing translations for pt-br
  • [#1215] Fix update of recordings. Recordings were not being fetched from the infrastructure due to a few bugs.
  • [#1129] Added option to disable user registration. Users are then only able to login (with any method available, including local authentication, shibboleth or LDAP).
  • Improved the visual of lists of events to be cleaner and with a bit more focus on the events' name.

27/03/2014

  • [#1053] Reviewed all locales to match the translation to pt-br with the original en files.
  • Fix time zone being always set to UTC when a new user registered. Now it is not set, then it will use the website's time zone until the user selects his own time zone.
  • If a user is disabled and leaves a space that's left without any admin, disable the space.
  • Now users can set a welcome message in all web conference rooms. Sets by default the default message, and allow the user to change it if desired.
  • Improved the way the application prevents users from recording sessions if they are not allowed to (see c66a9a4).
  • Fixed bug on user's home for institution admins.

06/03/2014

  • [#1179] Improved the modal to invite people to web conferences. The form now has new inputs: start date, end date, title. It's cleaner and easier to use. Several things were improved in the back-end. The emails now also contain an .ics file attached with information about the meeting.
  • [#1145] Links to recordings now open in a new page
  • [#1054] Added a timeout to LDAP connections to prevent it from hanging for too long
  • [#1076, #1077] When LDAP is enabled, it will always be used (the user cannot decide if he wants it or not). If the authentication fails, it falls back to the local authentication
  • [#1055] A lot more error messages are being added to the logfile to several possible breaks in the LDAP authentication. However, the user will not see these errors: if the authentication via LDAP fails, the application will try to authenticate the user in the local database; if the latter succeeds, the user is signed in and will not see any error; if it fails, the user will see the error generated by the local authentication, not the error generated by the LDAP authentication. When the option to disable the local authentication (#1078) is implemented, it will be possible to enable only the authentication via LDAP, and so the user will see the errors generated by the LDAP authentication.
  • [#1146] A lot of improvements when an administrator is editing other users. Now it is clear for him that his is editing other user and not himself.
  • [#1083] Added labels showing the total of users/spaces found in the management lists of users/spaces.
  • [#457] A lot of improvements in the join requests, specially in the pages where a user asks to join a space and in the page where a user invites other people to his space.
  • [#275] Now all inputs that are used to search for users are using select2 (they won't preload users in the html anymore, everything is made with ajax).
  • [#951, #952] Several improvements in institutions, specially in the organization and layout of some pages. Now institutional administrators can also edit the spaces that belong to their institution.
  • [#1071] Fixed issues with duplicated permalinks: when a user and a space had the same permalink
  • Removed the button "details" from the list of servers, recordings and meetings; was unnecessary.
  • Sidebar in the profile page moved to the left to get more focus.
  • Several layout improvements: the lists (of users, spaces, etc.) are cleaner, the typography is better, and others.
  • Better warning to users that have not confirmed their account yet. Now the warning won't bother the user in every single page load. It shows only in the home page and in the account page.
  • Added buttons to cancel several modal windows.
  • Fixed the layout of the modal used to edit and create news.
  • [#1081] Added limitation in the number of users that can record in an institution
  • [#1069] Allow administrators to edit the institution of spaces
  • Other smaller bug fixes and improvements in the translations.

29/11/2013

  • [#950] Automatically suggest a list of institutions when the user is setting his institution.
  • [#954] Prevent errors when a user has no institution set.
  • [#955] Limit the number of users a institution can have.
  • [#957] Add search option in the list of spaces in the management area.
  • [#958] Add search option in the list of users in the management area.
  • [#1058] Allow global admins to change the institution of a user.
  • Fix links to user profiles on recent activity items
  • Fix wrong permissions for attachments
  • Prevent crashes when sending invitations for a conference if the "internal message" checkbox was unchecked.
  • Add option to disapprove users previously approved.
  • Several visual improvements in the list of users, spaces and institutions in the management area.

14/11/2013

Nota: Primeira instalação da nova versão do portal web. A lista de mudanças na versão nova do portal e do que ainda está em desenvolvimento está nesta página. Abaixo está a lista de coisas que são específicas para o portal da RNP, incluídas sobre as mudanças do portal base:

  • Overall list of changes for Mconf-Web
  • [#951, #952, #954, #950] Organized the users inside the application by institution. The user has to pick an institution when he is registering his account from a list of institutions that is controlled by the administrators. Spaces will belong to the institution of the user that created the space. Users can also be made administrators of an institution, with permissions to: edit the users in the institution, edit the spaces that belong to the institution and accept new registrations for users that selected his institution.

11/09/2013

  • [#918] Fix wrong layout in the footer in some pages that prevented buttons from being clicked.
  • [#908] Fix permission error when a user tried to update all of his recordings (in /home/recordings).
  • [#972] Fix error on Shibboleth login for users that have accents in their name.
  • [#973] Fix wrong name attributed to users on login via Shibboleth.

18/07/2013

  • [#807] Added information about Mconf-Mobile in the "join from mobile" page.
  • [#756] Use the correct locale to display success message when changing languages.
  • [#630] Mark private messages as read when user clicks to read them.
  • [#859] Fix missing translation when the list of attachments is empty.
  • [#854] Fix wrong tags in the list of attachments when seeing the page as an anonymous user.
  • [#815] Redirect to the page to ask permission to join a space when trying to access a private space you're not a member of.
  • [#816] All links in the list of spaces now point to the space's home (not to the page to ask to join the space).
  • [#809] Block invited users from creating a conference when accessing it using the moderator password.
  • [#865] The page with the list of recordings of a private space is now only available to members of the space.
  • [#763] Fix wrong error messages when a private message fails to be sent.
  • [#820] The role "invited" in spaces is now functional and explained in the interface.

21/06/2013

  • [#789] New pages to join the conference when invited, to make clear the separation between user login and user access to a room (that doesn't necessarily require a login but might require an access code).
  • [#814] Redirect the user to the pages he was in when logging in (works when clicking in the "login" link in the top bar).
  • [#821] Translated user roles in spaces ("Admin", "Member", "Invited").
  • [#837] Change the name of the room when a user changes his login (affects the welcome message shown in the webconference).
  • [#817] When a user tries to access the page to send a join request to a space he's already a member of he is redirected to the space's home page.
  • [#829] Added a button to force meetings to be closed.
  • [#808] When an anonymous user access a space he sees a simple button to join the conference instead of a button with a dropdown menu as shown to logged users.
  • [#813] Fix errors when editing the name of a space.
  • [#822] When a private space is created the webconference room is also created as private.
  • [#774] Fix the tab webconference of public spaces requiring authentication for anonymous users.
  • [#727] Replaced simple_captcha with reCaptcha in the registration form.
    • Important: Requires a reCaptcha key to be generated for you domain on http://www.google.com/recaptcha/whyrecaptcha (Click in "Sign up Now!") and configured in the management page of Mconf-Web, otherwise the registration form will have no captcha validation.

06/06/2013

  • [#812] Fix unclosed <b> tags in the user's home page.
  • [#724] Fix error when sending webconference invitations to multiple emails.
  • [#718] Rooms that belongs to disabled users or spaces cannot be accessed.
  • [#766] Fix bug causing errors when trying to update a space (name, description, logo, etc).
  • [#731] When a user tried to accept and invitation to join a space he was asked to create a new account, now he can only login or create an account in the default registration page.
  • [#728] Fix huge horizontal scroll bar when uploading profile picture.
  • [#737] Minimum length for user's login and room's param is now 1 char.
  • [#530] Add options to configure an external help page.
  • [#726] Mark the required fields in the registration.
  • [#725] Split "Register / Login" links at the top menu in two separate links.
  • Updated translations.

10/05/2013

  • First version.

This is the technical documentation of Mconf-Web for RNP.

You can access the full documentation of Mconf-Web in this page.

See more about Mconf at mconf.org.

Clone this wiki locally