Alternate Installation Methods

Prerequisites

  • Atlas Automation Hub is setup to install on an Ubuntu server, however with a few tweaks to the install script it will work well on most Linux OS.
  • curl or wget should be installed
  • Ideally, you will have your own git repository, holding updated config files, and will publish from there.

An install script is provided to easily install onto your Ubuntu server. Update the publish/install.sh file “dns” value to be the dns of your server, and the “remote” to point to your repo path. If you plan to use ssl you can add the certs into the publish folder as well. Use names “cert.crt” and “cert.key”.

The publish takes place over SSH from a git server. It is possible to use an accesskey when publishing from fabric.

Update username and hostname with your planned login. Commands require sudo. sudo bash...

MethodCommand
fabriccd publish && fab publish && cd ..
curlbash -c "$(curl -kfsSL https://raw.githubusercontent.com/Riverside-Healthcare/extract_management/main/publish/install.sh)"
wgetbash -c "$(wget -O- https://raw.githubusercontent.com/Riverside-Healthcare/extract_management/main/publish/install.sh)"

After cloning the repository the install.sh script will install all packages necessary to start up the app.

Configuration

A configuration file should be created at the project root, along size the config.py file.

The custom configuration file should be called config_cust.py. Settings can be copied from config.py and updated as needed.

At a minimum, the config_cust.py should import the base configuration.

from config import Config as BaseConfig

class Config(BaseConfig):
ALLOWED_HOSTS = ["localhost"]
...

Creating Database

export FLASK_APP=web;export FLASK_DEBUG=0;export FLASK_ENV=production;
flask db init;
flask db upgrade;
flask cli seed

# add demo data in needed
# flask cli seed_demo

Authentication

There are two primary authentication options -

  • SAML2
  • LDAP

SAML2

The PySAML2 library is used for SAML authentication, and all the sp configuration parameters are supported. See the example config file for an ADFS setup example.

Note

SAML2 requires that the xmlsec1 binary be present and mapped to in the config file.

LDAP

LDAP login follows this basic process:

  1. config.py file holds the general connection info. A connection to the ldap server is made with the service account credentials supplied in the config file.
  2. Once a connection is established and a user attempts to access the site the package first verifies that the user exists, by doing a search for the user. If the user exists we save their details and groups.
  3. If the user exists then we attempt to log them in… this returns true if they had a valid username/pass.
  4. Finally, as this site can be restricted to users in a certain LDAP group, for example, we only allow users that have the “Analytics” group on their profile.

Note

The python package python-simpleldap has been customized to work with this installation, but most paramters will be accepted.