Table of Contents

Hackhub

Hackhub is our member database and lives on Finzean.

It is very closely integrated with 57North ID and both need to be running.

Hackhub code is hosted at Github.

Hibby's work in progress attempt to set up hackhub on a server

Requirements

Some form of OS (Debian stable):

Process

  1. Install Debian Stable
  2. apt install python-flask sqlite3 slapd ldap-utils ldapscripts git apache2 libapache2-mod-wsgi python-virtualenv python-ldap
  3. Import LDAP
  4. Migrate hackhub DB - /home/hackhub/hackhub.db
  5. adduser hackhub - ensure hackhub has no password, has a /home/hackhub and a shell of /bin/sh
  6. pip2 install python-cas monthdelta
  7. su -l hackhub
    1. Configure hackhub/local_settings.py
    2. cd && virtualenv .hackhub
  8. Configure ID

LDAP

Exporting LDAP

Export Database Schema and cn=config

  1. slapcat -n 0 -l /tmp/57nldap.config

Export user data:

  1. slapcat -n 1 -l /tmp/57nldap.users

Copy these two files to where the new db is. Use SCP or something secure

Importing LDAP

Stop slapd:

  1. systemctl stop slapd

Make sure that the existing slapd.d folder on the new machine is empty:

  1. rm -rf /etc/ldap/slapd.d/*

Add the schema and cn=config:

  1. slapadd -n 0 -F /etc/ldap/slapd.d -l /tmp/57nldap.config

Add the user data:

  1. slapadd -n 1 -l /tmp/57nldap.users

Change the ownership of the slapd.d folder:

  1. chown -R openldap:openldap slapd.d

Start slapd:

  1. systemctl start slapd

Apache

Modules

  1. a2enmod rewrite
  2. a2enmod wsgi

Hackhub site file

Cleartext

<VirtualHost *:80>
        ServerName hub.57north.org.uk
        ServerAdmin ctte-private@57north.co
        RewriteEngine on
        RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [L,QSA,R=permanent]
</VirtualHost>

# vim: syntax=apache ts=4 sw=4 sts=4 sr noet

SSL

<IfModule mod_ssl.c>
WSGIPythonPath /home/hackhub/hackhub
<VirtualHost *:443>
        ServerName hub.57north.org.uk
        ServerAdmin ctte-private@57north.co
        SSLCertificateFile /etc/letsencrypt/live/hub.57north.org.uk/fullchain.pem
        SSLCertificateKeyFile /etc/letsencrypt/live/hub.57north.org.uk/privkey.pem
        Include /etc/letsencrypt/options-ssl-apache.conf

        WSGIDaemonProcess hackhub user=hackhub group=hackhub threads=2
        WSGIScriptAlias / /home/hackhub/hackhub/hackhub.wsgi
        DocumentRoot /home/hackhub/hackhub

        RewriteEngine On
        RewriteRule ^/$ https://57north.org.uk [L,R=301]

        <Directory /home/hackhub/hackhub>
                WSGIProcessGroup hackhub
                WSGIApplicationGroup %{GLOBAL}
                Require all granted
        </Directory>
</VirtualHost>


# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
</IfModule>