# deploying requirement
- the machine id where authentication service located in,deferent public Cloud-Service has its own method.
- https certification file is required
- web browser visit authentication service
- compile service visit authentication service
- authentication service visit public Internet
# required files
File Description | File Name | File Path |
---|---|---|
authenticator | NvAuthenticator | /opt/authserver/ |
license file | bseditor.lic | /opt/authserver/ |
https cert file | [domain name].crt [domain name].key | /opt/authserver/ |
configuration file | config.json | /opt/authserver/ |
configuration file | config.yaml | /opt/authserver/ |
# directory structure of deploying
we recommend that certification file should be configured at this path /opt/cert ,and there are difference compared with
the picture maybe.
# configuration file example:
DEFAULT_PORT: attention to do not use non-ssl port MAX_GOROUTINE: default number of GOROUTINE
{
"USE_SSL": false,
"DEFAULT_PORT": ":7443",
"SSL_PEM_FILE_PATH": "/opt/authserver/1_eapi.meishesdk.com_bundle.crt",
"SSL_KEY_FILE_PATH": "/opt/authserver/2_eapi.meishesdk.com.key",
"LICENSE_FILE_PATH": "/opt/authserver/bseditor.lic",
"MAX_GOROUTINE": 200,
"LOG_CONFIG_FILE_PATH": "/opt/authserver/config.yaml",
"SERVER_INSTANCE_TYPE": "privateCloud",
"SSL_SERVER_HOST": "www.meishesdk.com",
"EMAIL_FROM": "",
"EMAIL_TO": "",
"EMAIL_SMTP_SERVER": "smtp.exmail.qq.com",
"EMAIL_PORT": 25,
"EMAIL_USERNAME": "",
"EMAIL_PASSWORD": "",
"LOCALE": "en"
}
Field | Description | Default | Required |
---|---|---|---|
USE_SSL | Whether to enable SSL | false | yes |
DEFAULT_PORT | Default HTTP port Note that DEFAULT_SSL_PORT is deprecated | empty string | yes |
SSL_PEM_FILE_PATH | absolute path to ssl certificate | empty string | yes |
SSL_KEY_FILE_PATH | Absolute path to ssl certificate key | empty string | yes |
LICENSE_FILE_PATH | Absolute path of cloud clip certificate | empty string | yes |
MAX_GOROUTINE | maximum number of goroutines | 200 | yes |
LOG_CONFIG_FILE_PATH | absolute path to log file | empty string | yes |
SERVER_INSTANCE_TYPE | server type privateCloud: private cloud aliyun: Aliyun tencentyun: Tencent Cloud huaweiyun: Huawei Cloud offline: offline cmbchina: China Merchants Bank | privateCloud | Yes |
SSL_SERVER_HOST | Server HOST | Empty String | No |
EMAIL_FROM | Email alert service, sender | empty string | No |
EMAIL_TO | Email alert service, recipient | empty string | No |
EMAIL_SMTP_SERVER | Email alert service, SMTP server | empty string | No |
EMAIL_PORT | Email alert service, SMTP port | empty string | No |
EMAIL_USERNAME | Email alert service, sender username | empty string | No |
EMAIL_PASSWORD | Email reminder service, sender password | empty string | No |
LOCALE | Localized Identifier en: English environment zhCN: Chinese Environment | Empty String | No |
Note: The email reminder service means that when the SSL certificate is about to expire (within one month), if there are related configurations in the configuration file, the service will send a reminder email to the specified recipient to update the SSL certificate.
# logs file config.yaml
please put config.yaml to resource directory
#zap logger configuration
zap: # "debug", "info", "warn", "error", "dpanic", "panic", "fatal",
level: 'info'
#console, json: //json format output
format: 'console'
prefix: '[NV]'
director: '/opt/authserver/log'
linkName: 'latest_log'
showLine: true
#LowercaseLevelEncoder: //lowercase, LowercaseColorLevelEncoder: //lowercase with color,CapitalLevelEncoder: //uppercase, CapitalColorLevelEncoder: //uppercase with color,
encodeLevel: 'LowercaseColorLevelEncoder'
stacktraceKey: 'stacktrace'
logInConsole: true
# running NvAuthenticator
cd /opt/authserver
setsid ./NvAuthenticator &
# generating of machine id
machine id is required when lic generating
VM type | how to get machine id |
---|---|
Aliyun-Cloud | running at vm wget http://100.100.100.200/latest/meta-data/instance-id (opens new window) |
Tencent-Cloud | wget http://metadata.tencentyun.com/latest/meta-data/uuid (opens new window) |
Huawei-Cloud | wget http://169.254.169.254/openstack/latest/meta_data.json (opens new window) |
others | Mac of VM(authentication server) |
# testing
# run this command, deploying is successful if there is result.
wget https: //<host:port>/app/test