Project:Tool Access Control/ACNet: Difference between revisions

From London Hackspace Wiki
(Added troubleshooting info for the acserver)
(update a bit)
 
(5 intermediate revisions by one other user not shown)
Line 3: Line 3:
This page aims to scope out the different projects that work together as part of the Access Control Network.
This page aims to scope out the different projects that work together as part of the Access Control Network.
The main components are:
The main components are:
* [[#AC_Node|ACNode]] - The clients that sit on the tool that is being controlled and manage physical access by reading the rfid card.
 
* [[#AC_Server|ACServer]] - The server stores the authentication information and pulls membership information from Turing over JSON and stores is at a SQLite DB
* [[#AC_Node|ACNode]] - The clients that sit on the tool or door that is being controlled and manage physical access by reading the rfid card.
* [[#AC_Server|ACServer]] - The server stores the authentication information and pulls membership information from Turing over JSON and stores it in a Postgres DB
* [[#Membership_DB|Membership DB]] - Secured storage of membership data.
* [[#Membership_DB|Membership DB]] - Secured storage of membership data.
== TODO ==
* Add a secondary acnode and test multiple acnode functionality (Sol)
* Move the acserver to a separate VM running on the server downstairs (tgreer + mentar)
* Add a way of adding cached tool useage using  POST /[nodeID]/cachedtooluse/[cardID]/[timeUsed]/[timestamp] (mentar + sol)
* Code a basic web ui for adding tools/maintainers/nodes (mentar)


== System diagram ==
== System diagram ==
Line 19: Line 14:
   rankdir=TD;
   rankdir=TD;
   size="10,5!";
   size="10,5!";
 
 
   subgraph cluster_0 {
   subgraph cluster_0 {
node [shape=box,style=filled,color=lightgrey];
node [shape=box,style=filled,color=lightgrey];
Line 49: Line 44:


=== AC Node ===
=== AC Node ===
Currently proposed  (and built) by Solexious [[Project:Tool_Access_Control/Solexious_Proposal|Link]]
Currently working implementation [[Project:Tool_Access_Control/ACNode-cl]]
 
=== AC Server ===
=== AC Server ===
2 versions
Python Flask implementation started by [[User:ms7821|ms7821]] can be located [https://github.com/londonhackspace/ACNode here] further improved by [[User:asoko|asoko]]


PHP Code Igniter implementation developed by [[User:mentar|mentar]] and Oskar located [https://github.com/mentarus/ACServer here]
Current: [https://github.com/londonhackspace/acserver-django/ acserver-django], more info(?) [[Project:Tool_Access_Control/ACServer|ACServer]], running on a vm called 'acserver' on [[landin]]


Usage: curl http://[server]:[port]/[node_id]/card/[card_id]
Legacy: PHP CI implementation developed by [[User:mentar|mentar]] and Oskar, more info [[Project:Tool_Access_Control/ACServer|ACServer]]


For testing it's installed on babbage port 1234
Legacy: Python Flask implementation started by [[User:ms7821|ms7821]] can be located [https://github.com/londonhackspace/ACNode here] further improved by [[User:asoko|asoko]] (shelved)


=== Membership DB ===
=== Membership DB ===
Running on Turing VM slice (hosted outside the space as it has personal data). Accessed in JSON format.
Running on Turing VM slice (hosted outside the space as it has personal data). Accessed in JSON format.
=== Troubleshooting ===
The server currently runs in "beta" on babage:1234.
The acserver permission database is synced with our membership database every minute and leaves a heartbeat at /var/log/acserver_update.log. So check the last modified stamp on that and if the heartbeat is returning 1
The application itself is in /var/www/acserver and relies on the local mysql database to work properly also it uses the nginx webserver (leaner, quicker than apache2) so make sure that is running too

Latest revision as of 16:45, 4 August 2018

Summary

This page aims to scope out the different projects that work together as part of the Access Control Network. The main components are:

  • ACNode - The clients that sit on the tool or door that is being controlled and manage physical access by reading the rfid card.
  • ACServer - The server stores the authentication information and pulls membership information from Turing over JSON and stores it in a Postgres DB
  • Membership DB - Secured storage of membership data.

System diagram

<graphviz border='frame' format='png' >

digraph rfboard{
  rankdir=TD;
  size="10,5!";
 
  subgraph cluster_0 {

node [shape=box,style=filled,color=lightgrey]; label = "ACServer";

       local_db [label="local db",shape=box];
       httpserver [label="HTTP server",shape=box];
       httpserver -> local_db;
       local_db -> httpserver; 
  }
  acnode1 [label="ACNode",shape=box];
  acnode2 [label="ACNode",shape=box];
  acnode3 [label="ACNode",shape=box];
 
  membershipdb [label="Membership DB",shape=box];


  acnode1 -> httpserver;
  acnode2 -> httpserver;
  acnode3 -> httpserver;
  httpserver -> acnode1;
  httpserver -> acnode2;
  httpserver -> acnode3;
  membershipdb-> httpserver;

} </graphviz>

AC Node

Currently working implementation Project:Tool_Access_Control/ACNode-cl

AC Server

Current: acserver-django, more info(?) ACServer, running on a vm called 'acserver' on landin

Legacy: PHP CI implementation developed by mentar and Oskar, more info ACServer

Legacy: Python Flask implementation started by ms7821 can be located here further improved by asoko (shelved)

Membership DB

Running on Turing VM slice (hosted outside the space as it has personal data). Accessed in JSON format.