# deploying requirement
- the machine id where authentication service located in,deferent public Cloud-Service has its own method.
- https certification file is required
- web browser visit authentication service
- compile service visit authentication service
- authentication service visit public Internet
# required files
| File Description | File Name | File Path |
|---|---|---|
| authenticator | NvAuthenticator | /opt/authserver/ |
| license file | bseditor.lic | /opt/authserver/ |
| https cert file | [domain name].crt [domain name].key | /opt/authserver/ |
| configuration file | config.json | /opt/authserver/ |
| configuration file | config.yaml | /opt/authserver/ |
# directory structure of deploying
we recommend that certification file should be configured at this path /opt/cert ,and there are difference compared with
the picture maybe.
# configuration file example:
DEFAULT_PORT: attention to do not use non-ssl port MAX_GOROUTINE: default number of GOROUTINE
{
"USE_SSL": false,
"DEFAULT_PORT": ":7443",
"SSL_PEM_FILE_PATH": "/opt/authserver/1_eapi.meishesdk.com_bundle.crt",
"SSL_KEY_FILE_PATH": "/opt/authserver/2_eapi.meishesdk.com.key",
"LICENSE_FILE_PATH": "/opt/authserver/bseditor.lic",
"MAX_GOROUTINE": 200,
"LOG_CONFIG_FILE_PATH": "/opt/authserver/config.yaml",
"SERVER_INSTANCE_TYPE": "privateCloud",
"SSL_SERVER_HOST": "www.meishesdk.com",
"EMAIL_FROM": "",
"EMAIL_TO": "",
"EMAIL_SMTP_SERVER": "smtp.exmail.qq.com",
"EMAIL_PORT": 25,
"EMAIL_USERNAME": "",
"EMAIL_PASSWORD": "",
"LOCALE": "en"
}
| Field | Description | Default | Required |
|---|---|---|---|
| USE_SSL | Whether to enable SSL | false | yes |
| DEFAULT_PORT | Default HTTP port Note that DEFAULT_SSL_PORT is deprecated | empty string | yes |
| SSL_PEM_FILE_PATH | absolute path to ssl certificate | empty string | yes |
| SSL_KEY_FILE_PATH | Absolute path to ssl certificate key | empty string | yes |
| LICENSE_FILE_PATH | Absolute path of cloud clip certificate | empty string | yes |
| MAX_GOROUTINE | maximum number of goroutines | 200 | yes |
| LOG_CONFIG_FILE_PATH | absolute path to log file | empty string | yes |
| SERVER_INSTANCE_TYPE | server type privateCloud: private cloud aliyun: Aliyun tencentyun: Tencent Cloud huaweiyun: Huawei Cloud offline: offline cmbchina: China Merchants Bank | privateCloud | Yes |
| SSL_SERVER_HOST | Server HOST | Empty String | No |
| EMAIL_FROM | Email alert service, sender | empty string | No |
| EMAIL_TO | Email alert service, recipient | empty string | No |
| EMAIL_SMTP_SERVER | Email alert service, SMTP server | empty string | No |
| EMAIL_PORT | Email alert service, SMTP port | empty string | No |
| EMAIL_USERNAME | Email alert service, sender username | empty string | No |
| EMAIL_PASSWORD | Email reminder service, sender password | empty string | No |
| LOCALE | Localized Identifier en: English environment zhCN: Chinese Environment | Empty String | No |
Note: The email reminder service means that when the SSL certificate is about to expire (within one month), if there are related configurations in the configuration file, the service will send a reminder email to the specified recipient to update the SSL certificate.
# logs file config.yaml
please put config.yaml to resource directory
#zap logger configuration
zap: # "debug", "info", "warn", "error", "dpanic", "panic", "fatal",
level: 'info'
#console, json: //json format output
format: 'console'
prefix: '[NV]'
director: '/opt/authserver/log'
linkName: 'latest_log'
showLine: true
#LowercaseLevelEncoder: //lowercase, LowercaseColorLevelEncoder: //lowercase with color,CapitalLevelEncoder: //uppercase, CapitalColorLevelEncoder: //uppercase with color,
encodeLevel: 'LowercaseColorLevelEncoder'
stacktraceKey: 'stacktrace'
logInConsole: true
# running NvAuthenticator
cd /opt/authserver
setsid ./NvAuthenticator &
# generating of machine id
machine id is required when lic generating
| VM type | how to get machine id |
|---|---|
| Aliyun-Cloud | running at vm wget http://100.100.100.200/latest/meta-data/instance-id (opens new window) |
| Tencent-Cloud | wget http://metadata.tencentyun.com/latest/meta-data/uuid (opens new window) |
| Huawei-Cloud | wget http://169.254.169.254/openstack/latest/meta_data.json (opens new window) |
| others | Mac of VM(authentication server) |
# testing
# run this command, deploying is successful if there is result.
wget https: //<host:port>/app/test