From 392aef0d1eb4582e56d58455517e9a6ab9523442 Mon Sep 17 00:00:00 2001 From: Daniel Date: Tue, 9 Jan 2024 16:18:50 +0000 Subject: [PATCH] repos --- .DS_Store | Bin 8196 -> 8196 bytes docs/.DS_Store | Bin 10244 -> 10244 bytes docs/Server_Config/credoias_ports.md | 45 + site/404.html | 21 + .../Installations/new conda mipcvs/index.html | 21 + site/MIPCV_Site/jinja2/index.html | 21 + site/MKDocs/markdown/index.html | 21 + site/MKDocs/setup/index.html | 21 + site/Server_Config/2FA management/index.html | 21 + site/Server_Config/FASTAPI/index.html | 29 +- site/Server_Config/credoias_ports/index.html | 887 ++++++++++++++++++ site/Server_Config/floating_ip/index.html | 29 +- site/Server_Config/nginx/index.html | 21 + site/Server_Config/ports/index.html | 21 + site/Server_Config/ssh/index.html | 21 + site/index.html | 21 + site/scripts/update_repos/index.html | 21 + site/search/search_index.json | 2 +- site/sitemap.xml.gz | Bin 127 -> 127 bytes 19 files changed, 1214 insertions(+), 9 deletions(-) create mode 100644 docs/Server_Config/credoias_ports.md create mode 100644 site/Server_Config/credoias_ports/index.html diff --git a/.DS_Store b/.DS_Store index 3f26c490176c1ce7d39e223ed6da8d4f0f7c8911..822fceca567e1c0addffc193ed9b01c2926d5c1f 100644 GIT binary patch delta 20 ccmZp1XmQwZLU{5g!F`ikMMO8x7RlrW0AR%ke*gdg delta 44 zcmZp1XmQwZLU?k$KqSi8+|IDn<85kJ!HVcS^GHbIl6f-0<6ftBn6fl%96np06 sCnx3PCjk`*FfcHsgB1P;0|ti40+Mo@8^j|yHnS_lv6HHEa)Wpn0NLXx*#H0l delta 47 zcmZn(XbG6$C7U^hRb%4Qyc|IDoK7#JABHw%b_GH;$NUcxc4L2om=LLB?#$>Q?? DY-|r2 diff --git a/docs/Server_Config/credoias_ports.md b/docs/Server_Config/credoias_ports.md new file mode 100644 index 0000000..387aed4 --- /dev/null +++ b/docs/Server_Config/credoias_ports.md @@ -0,0 +1,45 @@ +# Ports and Security groups (CREDOIAS) + + +1\. Navigate to [https://horizon.cloudferro.com/project/](https://horizon.cloudferro.com/project/) + + +2\. Click "Network" + +![](https://ajeuwbhvhr.cloudimg.io/colony-recorder.s3.amazonaws.com/files/2024-01-09/b7acd38f-0c15-4e4a-a524-8ab4c0e0770c/user_cropped_screenshot.jpeg?tl_px=0,45&br_px=727,473&force_format=png&width=764&wat_scale=68&wat=1&wat_opacity=1&wat_gravity=northwest&wat_url=https://colony-recorder.s3.amazonaws.com/images/watermarks/0EA5E9_standard.png&wat_pad=104,280) + + +3\. Click "Security Groups" + +![](https://ajeuwbhvhr.cloudimg.io/colony-recorder.s3.amazonaws.com/files/2024-01-09/a2034aa0-e989-4c21-af26-d9a577c6b05e/user_cropped_screenshot.jpeg?tl_px=0,0&br_px=221,284&force_format=png&width=670&wat_scale=59&wat=1&wat_opacity=1&wat_gravity=northwest&wat_url=https://colony-recorder.s3.amazonaws.com/images/watermarks/0EA5E9_standard.png&wat_pad=521,527) + + +4\. Click "Create Security Group" + +![](https://ajeuwbhvhr.cloudimg.io/colony-recorder.s3.amazonaws.com/files/2024-01-09/96359664-ddc1-473a-9571-d48e1d98f118/user_cropped_screenshot.jpeg?tl_px=429,0&br_px=1289,480&force_format=png&width=860&wat_scale=76&wat=1&wat_opacity=1&wat_gravity=northwest&wat_url=https://colony-recorder.s3.amazonaws.com/images/watermarks/0EA5E9_standard.png&wat_pad=575,134) + + +5\. Enter the name. + +![](https://ajeuwbhvhr.cloudimg.io/colony-recorder.s3.amazonaws.com/files/2024-01-09/ba140600-5a75-4782-9dc8-173d194aec36/user_cropped_screenshot.jpeg?tl_px=0,0&br_px=729,337&force_format=png&width=860&wat_scale=76&wat=1&wat_opacity=1&wat_gravity=northwest&wat_url=https://colony-recorder.s3.amazonaws.com/images/watermarks/0EA5E9_standard.png&wat_pad=283,102) + + +6\. Click "Add Rule" + +![](https://ajeuwbhvhr.cloudimg.io/colony-recorder.s3.amazonaws.com/files/2024-01-09/743df60e-8cd7-414c-8c32-a4d78d5d1d32/user_cropped_screenshot.jpeg?tl_px=433,0&br_px=1293,370&force_format=png&width=860&wat_scale=76&wat=1&wat_opacity=1&wat_gravity=northwest&wat_url=https://colony-recorder.s3.amazonaws.com/images/watermarks/0EA5E9_standard.png&wat_pad=646,20) + + +7\. Click the "Description" field. + +![](https://ajeuwbhvhr.cloudimg.io/colony-recorder.s3.amazonaws.com/files/2024-01-09/cac20782-8f79-4ecf-9228-927f95824319/ascreenshot.jpeg?tl_px=0,0&br_px=859,480&force_format=png&width=860&wat_scale=76&wat=1&wat_opacity=1&wat_gravity=northwest&wat_url=https://colony-recorder.s3.amazonaws.com/images/watermarks/0EA5E9_standard.png&wat_pad=370,196) + + +8\. Press [[cmd]] + [[v]] + + +9\. Click the "Port" field. + +![](https://ajeuwbhvhr.cloudimg.io/colony-recorder.s3.amazonaws.com/files/2024-01-09/21dc1ee0-4849-4d09-a3f8-720e2366727e/user_cropped_screenshot.jpeg?tl_px=9,189&br_px=868,670&force_format=png&width=860&wat_scale=76&wat=1&wat_opacity=1&wat_gravity=northwest&wat_url=https://colony-recorder.s3.amazonaws.com/images/watermarks/0EA5E9_standard.png&wat_pad=402,212) + + +10\. Save diff --git a/site/404.html b/site/404.html index a5ea129..e412689 100644 --- a/site/404.html +++ b/site/404.html @@ -540,6 +540,27 @@ +
  • + + + + + Ports and Security groups (CREDOIAS) + + + + +
    • + + + + + + + + + +
  • diff --git a/site/Installations/new conda mipcvs/index.html b/site/Installations/new conda mipcvs/index.html index 287be9b..b0f7751 100644 --- a/site/Installations/new conda mipcvs/index.html +++ b/site/Installations/new conda mipcvs/index.html @@ -624,6 +624,27 @@ +
  • + + + + + Ports and Security groups (CREDOIAS) + + + + +
    • + + + + + + + + + +
  • diff --git a/site/MIPCV_Site/jinja2/index.html b/site/MIPCV_Site/jinja2/index.html index 5917804..abfe6db 100644 --- a/site/MIPCV_Site/jinja2/index.html +++ b/site/MIPCV_Site/jinja2/index.html @@ -669,6 +669,27 @@ +
  • + + + + + Ports and Security groups (CREDOIAS) + + + + +
    • + + + + + + + + + +
  • diff --git a/site/MKDocs/markdown/index.html b/site/MKDocs/markdown/index.html index 6786381..f24a89b 100644 --- a/site/MKDocs/markdown/index.html +++ b/site/MKDocs/markdown/index.html @@ -721,6 +721,27 @@ +
  • + + + + + Ports and Security groups (CREDOIAS) + + + + +
    • + + + + + + + + + +
  • diff --git a/site/MKDocs/setup/index.html b/site/MKDocs/setup/index.html index 814a53d..43ea5d5 100644 --- a/site/MKDocs/setup/index.html +++ b/site/MKDocs/setup/index.html @@ -717,6 +717,27 @@ +
  • + + + + + Ports and Security groups (CREDOIAS) + + + + +
    • + + + + + + + + + +
  • diff --git a/site/Server_Config/2FA management/index.html b/site/Server_Config/2FA management/index.html index b53edbb..333c2ea 100644 --- a/site/Server_Config/2FA management/index.html +++ b/site/Server_Config/2FA management/index.html @@ -618,6 +618,27 @@ +
  • + + + + + Ports and Security groups (CREDOIAS) + + + + +
    • + + + + + + + + + +
  • diff --git a/site/Server_Config/FASTAPI/index.html b/site/Server_Config/FASTAPI/index.html index 6da06bc..9cbcf1e 100644 --- a/site/Server_Config/FASTAPI/index.html +++ b/site/Server_Config/FASTAPI/index.html @@ -16,7 +16,7 @@ - + @@ -600,6 +600,27 @@ +
  • + + + + + Ports and Security groups (CREDOIAS) + + + + +
    • + + + + + + + + + +
  • @@ -887,16 +908,16 @@

    Gunicorn YAML Config
    Next
    - Adding a floating IP on CREODIAS + Ports and Security groups (CREDOIAS)
    diff --git a/site/Server_Config/credoias_ports/index.html b/site/Server_Config/credoias_ports/index.html new file mode 100644 index 0000000..5dec158 --- /dev/null +++ b/site/Server_Config/credoias_ports/index.html @@ -0,0 +1,887 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + Ports and Security groups (CREDOIAS) - Developer Documentation for CMIP-IPO related tasks + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    + + + + Skip to content + + +
    +
    + +
    + + + + + + +
    + + +
    + +
    + + + + + + +
    +
    + + + +
    +
    +
    + + + + + +
    +
    +
    + + + +
    +
    +
    + + + +
    +
    +
    + + + +
    +
    + + + + +

    Ports and Security groups (CREDOIAS)

    +

    1. Navigate to https://horizon.cloudferro.com/project/

    +

    2. Click "Network"

    +

    +

    3. Click "Security Groups"

    +

    +

    4. Click "Create Security Group"

    +

    +

    5. Enter the name.

    +

    +

    6. Click "Add Rule"

    +

    +

    7. Click the "Description" field.

    +

    +

    8. Press [[cmd]] + [[v]]

    +

    9. Click the "Port" field.

    +

    +

    10. Save

    + + + + + + + + + + + + + +
    +
    + + + +
    + +
    + + + + + +
    +
    +
    +
    + + + + + + + + + + \ No newline at end of file diff --git a/site/Server_Config/floating_ip/index.html b/site/Server_Config/floating_ip/index.html index f0247bf..0a77509 100644 --- a/site/Server_Config/floating_ip/index.html +++ b/site/Server_Config/floating_ip/index.html @@ -13,7 +13,7 @@ - + @@ -549,6 +549,27 @@ + + +
  • + + + + + Ports and Security groups (CREDOIAS) + + + + +
    • + + + + + + + + @@ -872,9 +893,9 @@

    How to assign a Floating IP?

    @@ -885,7 +906,7 @@

    How to assign a Floating IP?

    Previous
    - FastAPI (Gunicorn) + Ports and Security groups (CREDOIAS)
    diff --git a/site/Server_Config/nginx/index.html b/site/Server_Config/nginx/index.html index ba31c7c..f0cd4c4 100644 --- a/site/Server_Config/nginx/index.html +++ b/site/Server_Config/nginx/index.html @@ -551,6 +551,27 @@ +
  • + + + + + Ports and Security groups (CREDOIAS) + + + + +
    • + + + + + + + + + +
  • diff --git a/site/Server_Config/ports/index.html b/site/Server_Config/ports/index.html index bbda579..75a64fd 100644 --- a/site/Server_Config/ports/index.html +++ b/site/Server_Config/ports/index.html @@ -551,6 +551,27 @@ +
  • + + + + + Ports and Security groups (CREDOIAS) + + + + +
    • + + + + + + + + + +
  • diff --git a/site/Server_Config/ssh/index.html b/site/Server_Config/ssh/index.html index 0020bfd..d0cb14c 100644 --- a/site/Server_Config/ssh/index.html +++ b/site/Server_Config/ssh/index.html @@ -551,6 +551,27 @@ +
  • + + + + + Ports and Security groups (CREDOIAS) + + + + +
    • + + + + + + + + + +
  • diff --git a/site/index.html b/site/index.html index bd29b94..77815e3 100644 --- a/site/index.html +++ b/site/index.html @@ -605,6 +605,27 @@ +
  • + + + + + Ports and Security groups (CREDOIAS) + + + + +
    • + + + + + + + + + +
  • diff --git a/site/scripts/update_repos/index.html b/site/scripts/update_repos/index.html index 36bf782..6f7eb48 100644 --- a/site/scripts/update_repos/index.html +++ b/site/scripts/update_repos/index.html @@ -547,6 +547,27 @@ +
  • + + + + + Ports and Security groups (CREDOIAS) + + + + +
    • + + + + + + + + + +
  • diff --git a/site/search/search_index.json b/site/search/search_index.json index f1eb951..9a4d6e9 100644 --- a/site/search/search_index.json +++ b/site/search/search_index.json @@ -1 +1 @@ -{"config":{"lang":["en"],"separator":"[\\s\\-]+","pipeline":["stopWordFilter"]},"docs":[{"location":"","title":"Welcome","text":"

    Welcome to Technical Documentation Wiki

    Documentation in progress

    The contents of the pages are currently in development, and many aspects still in flux.

    "},{"location":"#contents","title":"Contents","text":"

    The contents of this documentation is accessable using the menu on the left. Certain pages may be confidetial and therefore require password credentials to log-in. To get access to these, contact cmipipo@esa.int .

    "},{"location":"#useful-links","title":"Useful Links","text":"

    There are number of links that may infulence your workflow. Many of these can be found on the CMIP-IPO website .

    "},{"location":"Installations/new%20conda%20mipcvs/","title":"Creating a new Mamba Environment","text":""},{"location":"Installations/new%20conda%20mipcvs/#installation","title":"Installation.","text":"

    Information on how to install Mamba can be be found here .

    Please ensure that you have the latest curl and tar versions installed and then download the relevant files:

    # Linux Intel (x86_64):\ncurl -Ls https://micro.mamba.pm/api/micromamba/linux-64/latest | tar -xvj bin/micromamba\n# Linux ARM64:\ncurl -Ls https://micro.mamba.pm/api/micromamba/linux-aarch64/latest | tar -xvj bin/micromamba\n# Linux Power:\ncurl -Ls https://micro.mamba.pm/api/micromamba/linux-ppc64le/latest | tar -xvj bin/micromamba\n# macOS Intel (x86_64):\ncurl -Ls https://micro.mamba.pm/api/micromamba/osx-64/latest | tar -xvj bin/micromamba\n# macOS Silicon/M1 (ARM64):\ncurl -Ls https://micro.mamba.pm/api/micromamba/osx-arm64/latest | tar -xvj bin/micromamba```\n
    "},{"location":"Installations/new%20conda%20mipcvs/#setting-aliases-and-activating","title":"Setting aliases and activating","text":"

    Start by activating your micromamba installation 

    ./micromamba shell init\n
    This adds it to our .rc file and allows us to choose a custom mamba environment 

    ./bin/micromamba shell init -s bash -p ~/micromamba\nor\n./micromamba shell init -s zsh -p ~/micromamba\n

    Don't forget to source the respective rc file.

    "},{"location":"Installations/new%20conda%20mipcvs/#creating-a-new-environment","title":"Creating a new environment","text":"
    # create a new env\nmamba create --name <envname>\n\n#initiate mamba\nmamba init\n\n# activate our environment\nmamba activate <envname>\n

    ca mipcvs

    "},{"location":"Installations/new%20conda%20mipcvs/#pip-install-fastapi-sso","title":"pip install fastapi-sso","text":"

    mamba insall uvicorn fastapi itsdangrous requests

    pip install fastapi-login

    "},{"location":"MIPCV_Site/jinja2/","title":"Jinja2 Quickstart","text":"

    Jinja2 is a templating engine used to dynamically generate scripted content. This has its application in the creation of the MIPCV website generation.

    "},{"location":"MIPCV_Site/jinja2/#example","title":"Example","text":"

    Some example uses of the things possible with JINJA are shown below.

    "},{"location":"MIPCV_Site/jinja2/#inline-html","title":"Inline HTML","text":"

    Escape HTML code in literals with |safe, e.g., {{ item.description |safe }}.

    "},{"location":"MIPCV_Site/jinja2/#batches","title":"Batches","text":"

    Process items in batches using the batch filter.

    {% for group in changes|batch(2) %}\n    <!-- Make a row -->\n    {% for item in group %}\n        <!-- Process every two items -->\n    {% endfor %}\n{% endfor %}\n
    "},{"location":"MIPCV_Site/jinja2/#dictionary","title":"Dictionary","text":"

    Iterate through dictionary items.

    {% for key, value in my_dict.items() %}\n  Key: {{ key }}<br>\n  Value: {{ value }}<br><br>\n{% endfor %}\n
    "},{"location":"MIPCV_Site/jinja2/#conditional-statements","title":"Conditional Statements","text":"

    Use if statements for conditional rendering.

    {% if condition %}\n    <!-- Content to display if condition is true -->\n{% else %}\n    <!-- Content to display if condition is false -->\n{% endif %}\n
    "},{"location":"MIPCV_Site/jinja2/#macros","title":"Macros","text":"

    Define reusable code snippets with macros.

    {% macro my_macro(arg) %}\n    <!-- Reusable code here using {{ arg }} -->\n{% endmacro %}\n
    "},{"location":"MIPCV_Site/jinja2/#filters","title":"Filters","text":"

    Apply filters for formatting and transformations.

    {{ variable|filter_name }}\n
    "},{"location":"MIPCV_Site/jinja2/#loops","title":"Loops","text":"

    Use for loops for iteration.

    {% for item in items %}\n    <!-- Process each item -->\n{% endfor %}\n
    "},{"location":"MKDocs/markdown/","title":"Markdown Quick-Start","text":"

    Markdown is a lightweight markup language creating easy-to-read documentation. Here is a quickstart guide to get you started.

    "},{"location":"MKDocs/markdown/#advanced-tools","title":"Advanced tools","text":"

    Advanced entries can be found at: https://squidfunk.github.io/mkdocs-material/reference/admonitions/

    "},{"location":"MKDocs/markdown/#general-entries","title":"General Entries","text":""},{"location":"MKDocs/markdown/#headers","title":"Headers","text":"

    Headers are create sections in your document.

    # Heading 1\n## Heading 2\n### Heading 3\n
    "},{"location":"MKDocs/markdown/#lists","title":"Lists","text":"

    Create ordered and unordered lists to organize content.

    - Bullet 1\n- Bullet 2\n\n1. Numbered item 1\n2. Numbered item 2\n
    • Bullet 1

    • Bullet 2

    • Numbered item 1

    • Numbered item 2
    "},{"location":"MKDocs/markdown/#links","title":"Links","text":"

    Hyperlink text to external URLs or pages

    [Visit MkDocs](https://www.mkdocs.org/)\n
    Visit MkDocs

    "},{"location":"MKDocs/markdown/#images","title":"Images","text":"

    Insert images into your documentation.

    ![Alt text](image.jpg)\n
    "},{"location":"MKDocs/markdown/#emphasis","title":"Emphasis","text":"

    Emphasize text using bold or italics.

    **Bold text**\n*Italic text*\n
    Bold text Italic text

    "},{"location":"MKDocs/markdown/#code-blocks","title":"Code Blocks","text":"

    Display code snippets in a formatted block.

    ```python\ndef example():\n    print(\"Hello, MkDocs!\")\n
    ```python\ndef example():\n    print(\"Hello, MkDocs!\")\n

    "},{"location":"MKDocs/markdown/#quotes","title":"Quotes","text":"

    Quote text for better readability.

    > This is a quote.\n

    This is a quote.

    "},{"location":"MKDocs/markdown/#horizontal-rule","title":"Horizontal Rule","text":"

    Separate sections with a horizontal line.

    "},{"location":"MKDocs/markdown/#-","title":"
    ---\n
    ","text":""},{"location":"MKDocs/markdown/#tables","title":"Tables","text":"

    Create tables to organize data.

    | Header 1 | Header 2 |\n| -------- | -------- |\n| Content 1| Content 2|\n
    | Header 1 | Header 2 | | -------- | -------- | | Content 1| Content 2|

    "},{"location":"MKDocs/markdown/#footnotes","title":"Footnotes","text":"

    Add footnotes for additional information.

    Here is some text[^1].\n\n[^1]: This is a footnote.\n
    Here is some text[^1].

    [^1]: This is a footnote.

    "},{"location":"MKDocs/setup/","title":"Setup and Compilation","text":""},{"location":"MKDocs/setup/#mamba","title":"Mamba","text":""},{"location":"MKDocs/setup/#install","title":"Install","text":"

    To install mkdocs, we can use mamba to create a enw environment. 

    mamba create --name docs\n\nmamba activate docs\n\nmamba init\n\nmamba install mkdocs mkdocs-material pymdown-extensions\n

    "},{"location":"MKDocs/setup/#build","title":"Build","text":"
    mkdocs build --clean\n
    "},{"location":"MKDocs/setup/#docker","title":"Docker","text":""},{"location":"MKDocs/setup/#install_1","title":"Install","text":"

    docker pull squidfunk/mkdocs-material

    "},{"location":"MKDocs/setup/#creating-a-site-dont-run","title":"Creating a site. (Dont run)","text":"

    docker run --rm -it -v ${PWD}:/docs squidfunk/mkdocs-material new .

    "},{"location":"MKDocs/setup/#preview","title":"Preview","text":"

    docker run --rm -it -p 8000:8000 -v ${PWD}:/docs squidfunk/mkdocs-material

    "},{"location":"MKDocs/setup/#build_1","title":"Build","text":"

    docker run --rm -it -v ${PWD}:/docs squidfunk/mkdocs-material build

    "},{"location":"MKDocs/setup/#resources","title":"Resources","text":""},{"location":"MKDocs/setup/#demo-files-and-structure","title":"Demo files and structure:","text":"

    https://github.com/selfhostedshow/wiki/tree/master

    "},{"location":"MKDocs/setup/#permissable-items","title":"Permissable items","text":"

    https://squidfunk.github.io/mkdocs-material/reference/admonitions/

    "},{"location":"MKDocs/setup/#developer-notes","title":"Developer notes","text":"

    The following are Notes and will be tidied away in due course.

    https://squidfunk.github.io/mkdocs-material/getting-started/

    "},{"location":"Server_Config/2FA%20management/","title":"2FA (CREODIAS)","text":""},{"location":"Server_Config/2FA%20management/#location","title":"Location","text":"

    We start by going to: https://identity.cloudferro.com/auth/realms/Creodias-new/account/#/security/signingin

    "},{"location":"Server_Config/2FA%20management/#install-the-cisco-duo-app-on-your-mobile-device","title":"Install the CISCO DUO app on your mobile device.","text":"

    Download Duo Mobile for iOS Download Duo Mobile for Android

    More info can be found here

    "},{"location":"Server_Config/2FA%20management/#scan-the-qr-code-and-complete-form","title":"Scan the QR code, and complete form","text":"

    Follow the instructions and you should then be able to select an alternative 2FA source when logging in.

    "},{"location":"Server_Config/FASTAPI/","title":"FastAPI (Gunicorn)","text":"

    --bind 0.0.0.0:8000 essentially tells Gunicorn to listen on all available network interfaces on port 8000. This is a common configuration when you want your Gunicorn server to be accessible from external sources, such as when deploying a web application.

    For example, if you deploy a Flask, Django or FastAPI application with Gunicorn using this bind option, your application will be accessible over HTTP at http://your_server_ip:8000.

    "},{"location":"Server_Config/FASTAPI/#gunicorn-yaml-config","title":"Gunicorn YAML Config","text":"
    workers = 3              # number of workers Gunicorn will spawn \n\nbind = '127.0.0.1:8000'  # this is where you declare on which address your \n\n\n# gunicorn app is running.\n                         # Basically where Nginx will forward the request to\n\npidfile = '/var/run/gunicorn/mysite.pid' # create a simple pid file for gunicorn. \n\nuser = 'user'          # the user gunicorn will run on\n\ndaemon = True          # this is only to tell gunicorn to deamonize the server process\n\nerrorlog = '/var/log/gunicorn/error-mysite.log'    # error log\n\naccesslog = '/var/log/gunicorn/access-mysite.log'  # access log\n\nproc_name = 'gunicorn-mysite'            # the gunicorn process name\n
    "},{"location":"Server_Config/floating_ip/","title":"Adding a floating IP on CREODIAS","text":"

    To access our machine externally we first need to give it an address on how to do this. This page does just that.

    "},{"location":"Server_Config/floating_ip/#what-are-floating-ips","title":"What are floating IPs","text":"

    Floating IPs in OpenStack are public IP addresses assigned to your Virtual Machines.These allow us to host services like SSH or HTTP(s) over the Internet.

    "},{"location":"Server_Config/floating_ip/#how-to-assign-a-floating-ip","title":"How to assign a Floating IP?","text":"
    1. Open the instances tab in Horizon
    2. Use the dropdown menu and select the Associate Floating IP option.
    3. You may choose an address from the dropdown menu, but if it\u2019s empty, you need to allocate an address first. Click the + icon on the right.
    4. Allocate IP.

    The IP address should be associated with a local address from the 192.168.x.x subnet. If you have a 10.x.x.x address change it to an 192.168.x.x address.

    "},{"location":"Server_Config/nginx/","title":"Nginx","text":"

    Nginx is a powerful and widely-used open-source web server, reverse proxy server, and load balancer. Known for its efficiency and low resource usage, Nginx excels in handling concurrent connections and serving static content, making it a popular choice for high-traffic websites.

    "},{"location":"Server_Config/nginx/#installation","title":"Installation","text":"
    sudo apt update\nsudo apt install nginx\n
    "},{"location":"Server_Config/nginx/#configuration","title":"Configuration","text":"

    Nginx's main configuration file is typically located at /etc/nginx/nginx.conf. Additional configurations for specific sites or applications are placed in the /etc/nginx/sites-available/ directory.

    "},{"location":"Server_Config/nginx/#basic-configuration","title":"Basic Configuration","text":"
    1. Start Nginx:
    sudo systemctl start nginx\n
    1. Enable Nginx to start on boot:
    sudo systemctl enable nginx\n
    "},{"location":"Server_Config/nginx/#server-block-virtual-host","title":"Server Block (Virtual Host)","text":"

    To configure a server block for a specific domain or application, create a new configuration file within the sites-available directory and create a symbolic link to sites-enabled:

    sudo nano /etc/nginx/sites-available/example.com\n

    Example configuration:

    server {\n    listen 80;\n    server_name example.com www.example.com;\n\n    location / {\n        root /var/www/html;\n        index index.html;\n    }\n}\n

    Create a symbolic link:

    sudo ln -s /etc/nginx/sites-available/example.com /etc/nginx/sites-enabled/\n

    Restart Nginx to apply changes:

    sudo systemctl restart nginx\n

    This basic example serves files from /var/www/html for the specified domain.

    "},{"location":"Server_Config/nginx/#more-advanced-configurations","title":"More advanced configurations","text":"

    Nginx documentation.

    ! tip \"Remember to test your configuration before restarting Nginx\"

    ```bash\nsudo nginx -t\n```\n
    "},{"location":"Server_Config/nginx/#restricting-files-using-nginx","title":"Restricting files using Nginx.","text":"

    Lets restrict files in two locations: (/admin, /private).

    1. Create Password Files: Use the htpasswd tool to create password files for each location:

    sudo htpasswd -c /etc/nginx/.htpasswd_admin admin_user\n\nsudo htpasswd -c /etc/nginx/.htpasswd_private private_user\n
    ! warn \"You will be prompted to enter and confirm passwords for each user.\"

    1. Configure Nginx: Update your Nginx configuration:
    server {\n    listen 80;\n    server_name example.com;\n\n    location /admin {\n        auth_basic \"Admin Area\";\n        auth_basic_user_file /etc/nginx/.htpasswd_admin;\n\n        # Your configuration for the admin area goes here\n    }\n\n    location /private {\n        auth_basic \"Private Area\";\n        auth_basic_user_file /etc/nginx/.htpasswd_private;\n\n        # Your configuration for the private area goes here\n    }\n     ...\n}\n
    1. Test and Reload Nginx: Test the Nginx configuration and reload:
    sudo nginx -t\nsudo systemctl reload nginx\n
    "},{"location":"Server_Config/ports/","title":"Configuring the Ports","text":"

    There are two parts to configuring the ports used by your virutal machine.:

    • The first involves configuring the firewall and opening access to the ports.

    • [optional] The second requires you to allow access to the afforementioned ports on your cloud service provider.

    "},{"location":"Server_Config/ports/#installing-the-firewall","title":"Installing the Firewall","text":""},{"location":"Server_Config/ports/#what-is-ufw","title":"What is UFW","text":"

    Uncomplicated Firewall (UFW) is a user-friendly interface for managing iptables on Linux systems. It simplifies the configuration of firewall rules, making it accessible even for users with limited networking knowledge.

    "},{"location":"Server_Config/ports/#installation-instructions","title":"Installation instructions","text":"
    sudo apt update\nsudo apt upgrade\nsudo apt install ufw\n
    "},{"location":"Server_Config/ports/#system-commands-to-check-enable-and-add-ports-to-the-firewall","title":"System Commands to check, enable and add ports to the firewall.","text":""},{"location":"Server_Config/ports/#check-status-and-enable","title":"Check status, and enable","text":"

    Check the service status with standard systemctl command:

    sudo systemctl status ufw

    If UFW is not working, we can enable it with:

    sudo ufw enable

    "},{"location":"Server_Config/ports/#allowing-a-new-port","title":"Allowing a new port.","text":"

    Syntax to open specific TCP port:

    sudo ufw allow <port>\nsudo ufw reload\n

    Example:

    sudo ufw allow 53/tcp\n\n# Syntax supports also names which refer to specific ports:\nsudo ufw allow https\n\n# To allow incoming tcp and udp packets on port 21, enter:\nsudo ufw allow 21\n\n# Example for specific IP Address:\nsudo ufw allow from 190.34.21.113 to any port\n
    "},{"location":"Server_Config/ports/#checking-the-configuration-of-the-firewall-ports","title":"Checking the configuration of the firewall ports.","text":"

    Let\u2019s check the configuration:

    sudo ufw status verbose Command displays a provisional table with three columns:

    "},{"location":"Server_Config/ports/#explanation","title":"Explanation:","text":"

    • To Describes the particular protocol

    • Action Tells us whether it is allowed or denied

    • From It says about the source e.g anywhere or one ip address like presented above

    "},{"location":"Server_Config/ports/#selecting-a-port","title":"Selecting a port.","text":"

    We need to select the correct ports for the purpose and only open those which we require. Our choices should ensure that prevent any potential security vulnerabilitues by strategically assigning and managing ports witih a network,

    Port Protocol Main Description 80 HTTP Yes Default port for unsecured web traffic. Widely supported and commonly used. 443 HTTPS Yes Default port for secure web traffic using SSL/TLS. Encrypted communication for sensitive data. 8080 HTTP Yes Common alternative for HTTP. Often used for testing and development. 8443 HTTPS Yes Common alternative for HTTPS. Often used for testing and development with SSL/TLS. 8000 HTTP Yes Another alternative for HTTP. Can be used for various applications and testing. 3000 HTTP Yes Commonly used in development environments for web applications. 5000 HTTP Yes Often used for web applications, including some frameworks like Flask. 8888 HTTP Yes Commonly used in development environments, especially with Jupyter Notebooks. 8081 HTTP No Often used as an alternative HTTP port, especially in development environments. 8880 HTTP No Another alternative for HTTP, sometimes used in testing and development. 9000 HTTP No Commonly used in development environments, especially with PHP applications. 8088 HTTP No Used in some applications and development scenarios as an alternative HTTP port. 8090 HTTP No Frequently used as an alternative HTTP port for various applications. 8181 HTTP No Occasionally used for HTTP, especially in testing and development. 8889 HTTP No Another alternative for HTTP, sometimes chosen for specific applications. 9090 HTTP No Used in some applications and development environments as an alternative HTTP port."},{"location":"Server_Config/ssh/","title":"SSH login and RSA keys","text":"

    Info

    We need to ensure that port 22 is allowed in the security groups before we can connect to the machine through ssh.

    Similarly we also need to assign it a Floating IP such that the machine is globally accessible.

    "},{"location":"Server_Config/ssh/#creating-a-new-ssh-keygen","title":"Creating a new ssh keygen","text":"

    We can create a new RSA pair using the following command. 

    ssh-keygen -t rsa -C \"yourname@work_email.ext\"\n
    "},{"location":"Server_Config/ssh/#additional-considerations","title":"Additional considerations","text":""},{"location":"Server_Config/ssh/#adding-a-key-to-a-local-agent","title":"Adding a key to a local agent","text":"

    We can add the key to our local agent to use keyless login. This is done through 

    ssh-add /Absolute/Path/to/.ssh/keyname\n

    "},{"location":"Server_Config/ssh/#ensure-the-key-has-the-correct-permissions","title":"Ensure the key has the correct permissions","text":"
    PRIVATE_KEY_PATH=\"</Absolute/Path/to/.ssh/keyname>\"\nchmod 700 ~/.ssh\nchmod 600 $PRIVATE_KEY_PATH\n
    "},{"location":"Server_Config/ssh/#remote-machine","title":"Remote Machine","text":""},{"location":"Server_Config/ssh/#logging-in","title":"Logging in:","text":"

    This requires the use of a key already in the machines 'approved hosts'. 

    REMOTE_HOST=\"<user>@<ip.address>\"\nPRIVATE_KEY_PATH=\"</Absolute/Path/to/.ssh/keyname>\"\n\nssh $REMOTE_HOST -i $PRIVATE_KEY_PATH -v\n

    "},{"location":"Server_Config/ssh/#copy-the-public-key-to-the-remote-host","title":"Copy the public key to the remote host","text":"

    To add a new key to a machine through which we already have access to, we can use: 

    PRIVATE_KEY_PATH=\"</Absolute/Path/to/.ssh/keyname>\"\nREMOTE_HOST=\"<user>@<ip.address>\"\nREMOTE_PORT=22\n\nssh-copy-id -i \"$PRIVATE_KEY_PATH.pub\" -p $REMOTE_PORT $REMOTE_HOST\n
    "},{"location":"Server_Config/ssh/#alternative","title":"Alternative","text":"

    It is also possible to fetch the host key and append it to the known_hosts file 

    ssh-keyscan -t rsa -p $REMOTE_PORT $REMOTE_HOST >> ~/.ssh/known_hosts\n

    "},{"location":"scripts/update_repos/","title":"CRON update github repositories.","text":"

    We have a number of repositories on our VM that we would wish to keep up to date.

    To ensure this is the case we run a timed job (CRON) which checks and updates a list of repositories.

    The basic code required to accomplish this can be found: 

    #!/bin/bash\n\n# Define the list of repositories\nrepositories=(\n    \"$HOME/repo1-location\"\n    \"$HOME/repos/repo2-location\"\n    ...\n)\n\n# Specify the branch to check for updates\nbranch=\"main\"\n\n# Specify the log file with date\nlog_file=\"$HOME/.logs/repo_update_$(date +\\%Y\\%m\\%d).log\"\n\n# Specify the backup folder\nbackup_folder=\"$HOME/backup\"\n\n# Create the backup folder if it doesn't exist\nmkdir -p \"$backup_folder\"\n\n# Loop through each repository and update if changes are found\nfor repo in \"${repositories[@]}\"; do\n    echo \"------------------------------\"\n    echo \"Checking for updates in $repo\"\n\n    # Navigate to the repository\n    cd \"$repo\" || exit 1\n\n    # Fetch remote changes\n    git fetch origin \"$branch\"\n\n    # Check if there are any changes on the specified branch\n    if [[ $(git rev-list HEAD..origin/\"$branch\" --count) -gt 0 ]]; then\n        echo \"Updating $repo\"\n\n        # Create a backup with date timestamp\n        backup_file=\"$backup_folder/$(basename \"$repo\")_backup_$(date +\\%Y\\%m\\%d_\\%H\\%M\\%S).tar.gz\"\n        tar -czf \"$backup_file\" . >> \"$log_file\" 2>&1\n\n        # Pull changes and force overwrite conflicts\n        git pull origin \"$branch\" --force >> \"$log_file\" 2>&1\n\n        # Log the status of the update with the date\n        echo \"$(date): Update status for $repo: Success\" >> \"$log_file\"\n        echo \"$(date): Repository backed up to $backup_file\" >> \"$log_file\"\n    else\n        echo \"No updates found in $repo\"\n\n        # Log the status of the update with the date\n        echo \"$(date): Update status for $repo: No updates found\" >> \"$log_file\"\n    fi\n\n    # Return to the script's directory\n    cd - || exit 1\ndone\n
    "}]} \ No newline at end of file +{"config":{"lang":["en"],"separator":"[\\s\\-]+","pipeline":["stopWordFilter"]},"docs":[{"location":"","title":"Welcome","text":"

    Welcome to Technical Documentation Wiki

    Documentation in progress

    The contents of the pages are currently in development, and many aspects still in flux.

    "},{"location":"#contents","title":"Contents","text":"

    The contents of this documentation is accessable using the menu on the left. Certain pages may be confidetial and therefore require password credentials to log-in. To get access to these, contact cmipipo@esa.int .

    "},{"location":"#useful-links","title":"Useful Links","text":"

    There are number of links that may infulence your workflow. Many of these can be found on the CMIP-IPO website .

    "},{"location":"Installations/new%20conda%20mipcvs/","title":"Creating a new Mamba Environment","text":""},{"location":"Installations/new%20conda%20mipcvs/#installation","title":"Installation.","text":"

    Information on how to install Mamba can be be found here .

    Please ensure that you have the latest curl and tar versions installed and then download the relevant files:

    # Linux Intel (x86_64):\ncurl -Ls https://micro.mamba.pm/api/micromamba/linux-64/latest | tar -xvj bin/micromamba\n# Linux ARM64:\ncurl -Ls https://micro.mamba.pm/api/micromamba/linux-aarch64/latest | tar -xvj bin/micromamba\n# Linux Power:\ncurl -Ls https://micro.mamba.pm/api/micromamba/linux-ppc64le/latest | tar -xvj bin/micromamba\n# macOS Intel (x86_64):\ncurl -Ls https://micro.mamba.pm/api/micromamba/osx-64/latest | tar -xvj bin/micromamba\n# macOS Silicon/M1 (ARM64):\ncurl -Ls https://micro.mamba.pm/api/micromamba/osx-arm64/latest | tar -xvj bin/micromamba```\n
    "},{"location":"Installations/new%20conda%20mipcvs/#setting-aliases-and-activating","title":"Setting aliases and activating","text":"

    Start by activating your micromamba installation 

    ./micromamba shell init\n
    This adds it to our .rc file and allows us to choose a custom mamba environment 

    ./bin/micromamba shell init -s bash -p ~/micromamba\nor\n./micromamba shell init -s zsh -p ~/micromamba\n

    Don't forget to source the respective rc file.

    "},{"location":"Installations/new%20conda%20mipcvs/#creating-a-new-environment","title":"Creating a new environment","text":"
    # create a new env\nmamba create --name <envname>\n\n#initiate mamba\nmamba init\n\n# activate our environment\nmamba activate <envname>\n

    ca mipcvs

    "},{"location":"Installations/new%20conda%20mipcvs/#pip-install-fastapi-sso","title":"pip install fastapi-sso","text":"

    mamba insall uvicorn fastapi itsdangrous requests

    pip install fastapi-login

    "},{"location":"MIPCV_Site/jinja2/","title":"Jinja2 Quickstart","text":"

    Jinja2 is a templating engine used to dynamically generate scripted content. This has its application in the creation of the MIPCV website generation.

    "},{"location":"MIPCV_Site/jinja2/#example","title":"Example","text":"

    Some example uses of the things possible with JINJA are shown below.

    "},{"location":"MIPCV_Site/jinja2/#inline-html","title":"Inline HTML","text":"

    Escape HTML code in literals with |safe, e.g., {{ item.description |safe }}.

    "},{"location":"MIPCV_Site/jinja2/#batches","title":"Batches","text":"

    Process items in batches using the batch filter.

    {% for group in changes|batch(2) %}\n    <!-- Make a row -->\n    {% for item in group %}\n        <!-- Process every two items -->\n    {% endfor %}\n{% endfor %}\n
    "},{"location":"MIPCV_Site/jinja2/#dictionary","title":"Dictionary","text":"

    Iterate through dictionary items.

    {% for key, value in my_dict.items() %}\n  Key: {{ key }}<br>\n  Value: {{ value }}<br><br>\n{% endfor %}\n
    "},{"location":"MIPCV_Site/jinja2/#conditional-statements","title":"Conditional Statements","text":"

    Use if statements for conditional rendering.

    {% if condition %}\n    <!-- Content to display if condition is true -->\n{% else %}\n    <!-- Content to display if condition is false -->\n{% endif %}\n
    "},{"location":"MIPCV_Site/jinja2/#macros","title":"Macros","text":"

    Define reusable code snippets with macros.

    {% macro my_macro(arg) %}\n    <!-- Reusable code here using {{ arg }} -->\n{% endmacro %}\n
    "},{"location":"MIPCV_Site/jinja2/#filters","title":"Filters","text":"

    Apply filters for formatting and transformations.

    {{ variable|filter_name }}\n
    "},{"location":"MIPCV_Site/jinja2/#loops","title":"Loops","text":"

    Use for loops for iteration.

    {% for item in items %}\n    <!-- Process each item -->\n{% endfor %}\n
    "},{"location":"MKDocs/markdown/","title":"Markdown Quick-Start","text":"

    Markdown is a lightweight markup language creating easy-to-read documentation. Here is a quickstart guide to get you started.

    "},{"location":"MKDocs/markdown/#advanced-tools","title":"Advanced tools","text":"

    Advanced entries can be found at: https://squidfunk.github.io/mkdocs-material/reference/admonitions/

    "},{"location":"MKDocs/markdown/#general-entries","title":"General Entries","text":""},{"location":"MKDocs/markdown/#headers","title":"Headers","text":"

    Headers are create sections in your document.

    # Heading 1\n## Heading 2\n### Heading 3\n
    "},{"location":"MKDocs/markdown/#lists","title":"Lists","text":"

    Create ordered and unordered lists to organize content.

    - Bullet 1\n- Bullet 2\n\n1. Numbered item 1\n2. Numbered item 2\n
    • Bullet 1

    • Bullet 2

    • Numbered item 1

    • Numbered item 2
    "},{"location":"MKDocs/markdown/#links","title":"Links","text":"

    Hyperlink text to external URLs or pages

    [Visit MkDocs](https://www.mkdocs.org/)\n
    Visit MkDocs

    "},{"location":"MKDocs/markdown/#images","title":"Images","text":"

    Insert images into your documentation.

    ![Alt text](image.jpg)\n
    "},{"location":"MKDocs/markdown/#emphasis","title":"Emphasis","text":"

    Emphasize text using bold or italics.

    **Bold text**\n*Italic text*\n
    Bold text Italic text

    "},{"location":"MKDocs/markdown/#code-blocks","title":"Code Blocks","text":"

    Display code snippets in a formatted block.

    ```python\ndef example():\n    print(\"Hello, MkDocs!\")\n
    ```python\ndef example():\n    print(\"Hello, MkDocs!\")\n

    "},{"location":"MKDocs/markdown/#quotes","title":"Quotes","text":"

    Quote text for better readability.

    > This is a quote.\n

    This is a quote.

    "},{"location":"MKDocs/markdown/#horizontal-rule","title":"Horizontal Rule","text":"

    Separate sections with a horizontal line.

    "},{"location":"MKDocs/markdown/#-","title":"
    ---\n
    ","text":""},{"location":"MKDocs/markdown/#tables","title":"Tables","text":"

    Create tables to organize data.

    | Header 1 | Header 2 |\n| -------- | -------- |\n| Content 1| Content 2|\n
    | Header 1 | Header 2 | | -------- | -------- | | Content 1| Content 2|

    "},{"location":"MKDocs/markdown/#footnotes","title":"Footnotes","text":"

    Add footnotes for additional information.

    Here is some text[^1].\n\n[^1]: This is a footnote.\n
    Here is some text[^1].

    [^1]: This is a footnote.

    "},{"location":"MKDocs/setup/","title":"Setup and Compilation","text":""},{"location":"MKDocs/setup/#mamba","title":"Mamba","text":""},{"location":"MKDocs/setup/#install","title":"Install","text":"

    To install mkdocs, we can use mamba to create a enw environment. 

    mamba create --name docs\n\nmamba activate docs\n\nmamba init\n\nmamba install mkdocs mkdocs-material pymdown-extensions\n

    "},{"location":"MKDocs/setup/#build","title":"Build","text":"
    mkdocs build --clean\n
    "},{"location":"MKDocs/setup/#docker","title":"Docker","text":""},{"location":"MKDocs/setup/#install_1","title":"Install","text":"

    docker pull squidfunk/mkdocs-material

    "},{"location":"MKDocs/setup/#creating-a-site-dont-run","title":"Creating a site. (Dont run)","text":"

    docker run --rm -it -v ${PWD}:/docs squidfunk/mkdocs-material new .

    "},{"location":"MKDocs/setup/#preview","title":"Preview","text":"

    docker run --rm -it -p 8000:8000 -v ${PWD}:/docs squidfunk/mkdocs-material

    "},{"location":"MKDocs/setup/#build_1","title":"Build","text":"

    docker run --rm -it -v ${PWD}:/docs squidfunk/mkdocs-material build

    "},{"location":"MKDocs/setup/#resources","title":"Resources","text":""},{"location":"MKDocs/setup/#demo-files-and-structure","title":"Demo files and structure:","text":"

    https://github.com/selfhostedshow/wiki/tree/master

    "},{"location":"MKDocs/setup/#permissable-items","title":"Permissable items","text":"

    https://squidfunk.github.io/mkdocs-material/reference/admonitions/

    "},{"location":"MKDocs/setup/#developer-notes","title":"Developer notes","text":"

    The following are Notes and will be tidied away in due course.

    https://squidfunk.github.io/mkdocs-material/getting-started/

    "},{"location":"Server_Config/2FA%20management/","title":"2FA (CREODIAS)","text":""},{"location":"Server_Config/2FA%20management/#location","title":"Location","text":"

    We start by going to: https://identity.cloudferro.com/auth/realms/Creodias-new/account/#/security/signingin

    "},{"location":"Server_Config/2FA%20management/#install-the-cisco-duo-app-on-your-mobile-device","title":"Install the CISCO DUO app on your mobile device.","text":"

    Download Duo Mobile for iOS Download Duo Mobile for Android

    More info can be found here

    "},{"location":"Server_Config/2FA%20management/#scan-the-qr-code-and-complete-form","title":"Scan the QR code, and complete form","text":"

    Follow the instructions and you should then be able to select an alternative 2FA source when logging in.

    "},{"location":"Server_Config/FASTAPI/","title":"FastAPI (Gunicorn)","text":"

    --bind 0.0.0.0:8000 essentially tells Gunicorn to listen on all available network interfaces on port 8000. This is a common configuration when you want your Gunicorn server to be accessible from external sources, such as when deploying a web application.

    For example, if you deploy a Flask, Django or FastAPI application with Gunicorn using this bind option, your application will be accessible over HTTP at http://your_server_ip:8000.

    "},{"location":"Server_Config/FASTAPI/#gunicorn-yaml-config","title":"Gunicorn YAML Config","text":"
    workers = 3              # number of workers Gunicorn will spawn \n\nbind = '127.0.0.1:8000'  # this is where you declare on which address your \n\n\n# gunicorn app is running.\n                         # Basically where Nginx will forward the request to\n\npidfile = '/var/run/gunicorn/mysite.pid' # create a simple pid file for gunicorn. \n\nuser = 'user'          # the user gunicorn will run on\n\ndaemon = True          # this is only to tell gunicorn to deamonize the server process\n\nerrorlog = '/var/log/gunicorn/error-mysite.log'    # error log\n\naccesslog = '/var/log/gunicorn/access-mysite.log'  # access log\n\nproc_name = 'gunicorn-mysite'            # the gunicorn process name\n
    "},{"location":"Server_Config/credoias_ports/","title":"Ports and Security groups (CREDOIAS)","text":"

    1. Navigate to https://horizon.cloudferro.com/project/

    2. Click \"Network\"

    3. Click \"Security Groups\"

    4. Click \"Create Security Group\"

    5. Enter the name.

    6. Click \"Add Rule\"

    7. Click the \"Description\" field.

    8. Press [[cmd]] + [[v]]

    9. Click the \"Port\" field.

    10. Save

    "},{"location":"Server_Config/floating_ip/","title":"Adding a floating IP on CREODIAS","text":"

    To access our machine externally we first need to give it an address on how to do this. This page does just that.

    "},{"location":"Server_Config/floating_ip/#what-are-floating-ips","title":"What are floating IPs","text":"

    Floating IPs in OpenStack are public IP addresses assigned to your Virtual Machines.These allow us to host services like SSH or HTTP(s) over the Internet.

    "},{"location":"Server_Config/floating_ip/#how-to-assign-a-floating-ip","title":"How to assign a Floating IP?","text":"
    1. Open the instances tab in Horizon
    2. Use the dropdown menu and select the Associate Floating IP option.
    3. You may choose an address from the dropdown menu, but if it\u2019s empty, you need to allocate an address first. Click the + icon on the right.
    4. Allocate IP.

    The IP address should be associated with a local address from the 192.168.x.x subnet. If you have a 10.x.x.x address change it to an 192.168.x.x address.

    "},{"location":"Server_Config/nginx/","title":"Nginx","text":"

    Nginx is a powerful and widely-used open-source web server, reverse proxy server, and load balancer. Known for its efficiency and low resource usage, Nginx excels in handling concurrent connections and serving static content, making it a popular choice for high-traffic websites.

    "},{"location":"Server_Config/nginx/#installation","title":"Installation","text":"
    sudo apt update\nsudo apt install nginx\n
    "},{"location":"Server_Config/nginx/#configuration","title":"Configuration","text":"

    Nginx's main configuration file is typically located at /etc/nginx/nginx.conf. Additional configurations for specific sites or applications are placed in the /etc/nginx/sites-available/ directory.

    "},{"location":"Server_Config/nginx/#basic-configuration","title":"Basic Configuration","text":"
    1. Start Nginx:
    sudo systemctl start nginx\n
    1. Enable Nginx to start on boot:
    sudo systemctl enable nginx\n
    "},{"location":"Server_Config/nginx/#server-block-virtual-host","title":"Server Block (Virtual Host)","text":"

    To configure a server block for a specific domain or application, create a new configuration file within the sites-available directory and create a symbolic link to sites-enabled:

    sudo nano /etc/nginx/sites-available/example.com\n

    Example configuration:

    server {\n    listen 80;\n    server_name example.com www.example.com;\n\n    location / {\n        root /var/www/html;\n        index index.html;\n    }\n}\n

    Create a symbolic link:

    sudo ln -s /etc/nginx/sites-available/example.com /etc/nginx/sites-enabled/\n

    Restart Nginx to apply changes:

    sudo systemctl restart nginx\n

    This basic example serves files from /var/www/html for the specified domain.

    "},{"location":"Server_Config/nginx/#more-advanced-configurations","title":"More advanced configurations","text":"

    Nginx documentation.

    ! tip \"Remember to test your configuration before restarting Nginx\"

    ```bash\nsudo nginx -t\n```\n
    "},{"location":"Server_Config/nginx/#restricting-files-using-nginx","title":"Restricting files using Nginx.","text":"

    Lets restrict files in two locations: (/admin, /private).

    1. Create Password Files: Use the htpasswd tool to create password files for each location:

    sudo htpasswd -c /etc/nginx/.htpasswd_admin admin_user\n\nsudo htpasswd -c /etc/nginx/.htpasswd_private private_user\n
    ! warn \"You will be prompted to enter and confirm passwords for each user.\"

    1. Configure Nginx: Update your Nginx configuration:
    server {\n    listen 80;\n    server_name example.com;\n\n    location /admin {\n        auth_basic \"Admin Area\";\n        auth_basic_user_file /etc/nginx/.htpasswd_admin;\n\n        # Your configuration for the admin area goes here\n    }\n\n    location /private {\n        auth_basic \"Private Area\";\n        auth_basic_user_file /etc/nginx/.htpasswd_private;\n\n        # Your configuration for the private area goes here\n    }\n     ...\n}\n
    1. Test and Reload Nginx: Test the Nginx configuration and reload:
    sudo nginx -t\nsudo systemctl reload nginx\n
    "},{"location":"Server_Config/ports/","title":"Configuring the Ports","text":"

    There are two parts to configuring the ports used by your virutal machine.:

    • The first involves configuring the firewall and opening access to the ports.

    • [optional] The second requires you to allow access to the afforementioned ports on your cloud service provider.

    "},{"location":"Server_Config/ports/#installing-the-firewall","title":"Installing the Firewall","text":""},{"location":"Server_Config/ports/#what-is-ufw","title":"What is UFW","text":"

    Uncomplicated Firewall (UFW) is a user-friendly interface for managing iptables on Linux systems. It simplifies the configuration of firewall rules, making it accessible even for users with limited networking knowledge.

    "},{"location":"Server_Config/ports/#installation-instructions","title":"Installation instructions","text":"
    sudo apt update\nsudo apt upgrade\nsudo apt install ufw\n
    "},{"location":"Server_Config/ports/#system-commands-to-check-enable-and-add-ports-to-the-firewall","title":"System Commands to check, enable and add ports to the firewall.","text":""},{"location":"Server_Config/ports/#check-status-and-enable","title":"Check status, and enable","text":"

    Check the service status with standard systemctl command:

    sudo systemctl status ufw

    If UFW is not working, we can enable it with:

    sudo ufw enable

    "},{"location":"Server_Config/ports/#allowing-a-new-port","title":"Allowing a new port.","text":"

    Syntax to open specific TCP port:

    sudo ufw allow <port>\nsudo ufw reload\n

    Example:

    sudo ufw allow 53/tcp\n\n# Syntax supports also names which refer to specific ports:\nsudo ufw allow https\n\n# To allow incoming tcp and udp packets on port 21, enter:\nsudo ufw allow 21\n\n# Example for specific IP Address:\nsudo ufw allow from 190.34.21.113 to any port\n
    "},{"location":"Server_Config/ports/#checking-the-configuration-of-the-firewall-ports","title":"Checking the configuration of the firewall ports.","text":"

    Let\u2019s check the configuration:

    sudo ufw status verbose Command displays a provisional table with three columns:

    "},{"location":"Server_Config/ports/#explanation","title":"Explanation:","text":"

    • To Describes the particular protocol

    • Action Tells us whether it is allowed or denied

    • From It says about the source e.g anywhere or one ip address like presented above

    "},{"location":"Server_Config/ports/#selecting-a-port","title":"Selecting a port.","text":"

    We need to select the correct ports for the purpose and only open those which we require. Our choices should ensure that prevent any potential security vulnerabilitues by strategically assigning and managing ports witih a network,

    Port Protocol Main Description 80 HTTP Yes Default port for unsecured web traffic. Widely supported and commonly used. 443 HTTPS Yes Default port for secure web traffic using SSL/TLS. Encrypted communication for sensitive data. 8080 HTTP Yes Common alternative for HTTP. Often used for testing and development. 8443 HTTPS Yes Common alternative for HTTPS. Often used for testing and development with SSL/TLS. 8000 HTTP Yes Another alternative for HTTP. Can be used for various applications and testing. 3000 HTTP Yes Commonly used in development environments for web applications. 5000 HTTP Yes Often used for web applications, including some frameworks like Flask. 8888 HTTP Yes Commonly used in development environments, especially with Jupyter Notebooks. 8081 HTTP No Often used as an alternative HTTP port, especially in development environments. 8880 HTTP No Another alternative for HTTP, sometimes used in testing and development. 9000 HTTP No Commonly used in development environments, especially with PHP applications. 8088 HTTP No Used in some applications and development scenarios as an alternative HTTP port. 8090 HTTP No Frequently used as an alternative HTTP port for various applications. 8181 HTTP No Occasionally used for HTTP, especially in testing and development. 8889 HTTP No Another alternative for HTTP, sometimes chosen for specific applications. 9090 HTTP No Used in some applications and development environments as an alternative HTTP port."},{"location":"Server_Config/ssh/","title":"SSH login and RSA keys","text":"

    Info

    We need to ensure that port 22 is allowed in the security groups before we can connect to the machine through ssh.

    Similarly we also need to assign it a Floating IP such that the machine is globally accessible.

    "},{"location":"Server_Config/ssh/#creating-a-new-ssh-keygen","title":"Creating a new ssh keygen","text":"

    We can create a new RSA pair using the following command. 

    ssh-keygen -t rsa -C \"yourname@work_email.ext\"\n
    "},{"location":"Server_Config/ssh/#additional-considerations","title":"Additional considerations","text":""},{"location":"Server_Config/ssh/#adding-a-key-to-a-local-agent","title":"Adding a key to a local agent","text":"

    We can add the key to our local agent to use keyless login. This is done through 

    ssh-add /Absolute/Path/to/.ssh/keyname\n

    "},{"location":"Server_Config/ssh/#ensure-the-key-has-the-correct-permissions","title":"Ensure the key has the correct permissions","text":"
    PRIVATE_KEY_PATH=\"</Absolute/Path/to/.ssh/keyname>\"\nchmod 700 ~/.ssh\nchmod 600 $PRIVATE_KEY_PATH\n
    "},{"location":"Server_Config/ssh/#remote-machine","title":"Remote Machine","text":""},{"location":"Server_Config/ssh/#logging-in","title":"Logging in:","text":"

    This requires the use of a key already in the machines 'approved hosts'. 

    REMOTE_HOST=\"<user>@<ip.address>\"\nPRIVATE_KEY_PATH=\"</Absolute/Path/to/.ssh/keyname>\"\n\nssh $REMOTE_HOST -i $PRIVATE_KEY_PATH -v\n

    "},{"location":"Server_Config/ssh/#copy-the-public-key-to-the-remote-host","title":"Copy the public key to the remote host","text":"

    To add a new key to a machine through which we already have access to, we can use: 

    PRIVATE_KEY_PATH=\"</Absolute/Path/to/.ssh/keyname>\"\nREMOTE_HOST=\"<user>@<ip.address>\"\nREMOTE_PORT=22\n\nssh-copy-id -i \"$PRIVATE_KEY_PATH.pub\" -p $REMOTE_PORT $REMOTE_HOST\n
    "},{"location":"Server_Config/ssh/#alternative","title":"Alternative","text":"

    It is also possible to fetch the host key and append it to the known_hosts file 

    ssh-keyscan -t rsa -p $REMOTE_PORT $REMOTE_HOST >> ~/.ssh/known_hosts\n

    "},{"location":"scripts/update_repos/","title":"CRON update github repositories.","text":"

    We have a number of repositories on our VM that we would wish to keep up to date.

    To ensure this is the case we run a timed job (CRON) which checks and updates a list of repositories.

    The basic code required to accomplish this can be found: 

    #!/bin/bash\n\n# Define the list of repositories\nrepositories=(\n    \"$HOME/repo1-location\"\n    \"$HOME/repos/repo2-location\"\n    ...\n)\n\n# Specify the branch to check for updates\nbranch=\"main\"\n\n# Specify the log file with date\nlog_file=\"$HOME/.logs/repo_update_$(date +\\%Y\\%m\\%d).log\"\n\n# Specify the backup folder\nbackup_folder=\"$HOME/backup\"\n\n# Create the backup folder if it doesn't exist\nmkdir -p \"$backup_folder\"\n\n# Loop through each repository and update if changes are found\nfor repo in \"${repositories[@]}\"; do\n    echo \"------------------------------\"\n    echo \"Checking for updates in $repo\"\n\n    # Navigate to the repository\n    cd \"$repo\" || exit 1\n\n    # Fetch remote changes\n    git fetch origin \"$branch\"\n\n    # Check if there are any changes on the specified branch\n    if [[ $(git rev-list HEAD..origin/\"$branch\" --count) -gt 0 ]]; then\n        echo \"Updating $repo\"\n\n        # Create a backup with date timestamp\n        backup_file=\"$backup_folder/$(basename \"$repo\")_backup_$(date +\\%Y\\%m\\%d_\\%H\\%M\\%S).tar.gz\"\n        tar -czf \"$backup_file\" . >> \"$log_file\" 2>&1\n\n        # Pull changes and force overwrite conflicts\n        git pull origin \"$branch\" --force >> \"$log_file\" 2>&1\n\n        # Log the status of the update with the date\n        echo \"$(date): Update status for $repo: Success\" >> \"$log_file\"\n        echo \"$(date): Repository backed up to $backup_file\" >> \"$log_file\"\n    else\n        echo \"No updates found in $repo\"\n\n        # Log the status of the update with the date\n        echo \"$(date): Update status for $repo: No updates found\" >> \"$log_file\"\n    fi\n\n    # Return to the script's directory\n    cd - || exit 1\ndone\n
    "}]} \ No newline at end of file diff --git a/site/sitemap.xml.gz b/site/sitemap.xml.gz index f1e03f07114582b40281e20d946a4e9c366de68f..d6500cd66eac18358cdef68f0226dc3e49c6ecc2 100644 GIT binary patch delta 12 Tcmb=gXOr*d;J8pYk*yK{8I%MN delta 12 Tcmb=gXOr*d;Fz2