Integrate FlexiAPI in the RPM package (logs, conf, env…)

Update the GitlabCI and fix integration issues Add a /api/ping authenticated endpoint
2026-01-17 10:08:05 +00:00 · 2020-02-05 18:07:58 +01:00 · 2020-02-05 18:07:58 +01:00 · d2bfc6e9f9
commit d2bfc6e9f9
parent 5eb6a644db
13 changed files with 199 additions and 91 deletions
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@ -5,20 +5,47 @@
 variables:
 DEPLOY_SERVER: buildbot@www.linphone.org
 CENTOS7_DEPLOY_DIRECTORY: snapshots/centos7
- 
+
+stages:
+  - package
+  - deploy
+  - test
+
 job-centos7-rpm:

  tags: [ "docker-centos7" ]
-  image: gitlab.linphone.org:4567/bc/public/linphone-sdk/bc-dev-centos:7
-    
+  image: gitlab.linphone.org:4567/bc/public/linphone-sdk/bc-dev-centos7-php
+
  stage: package
  script:
-    - make rpm
+    - make rpm-dev
  artifacts:
    paths:
-    - rpmbuild/x86_64/*.rpm
+      - rpmbuild/x86_64/*.rpm
    when: always
    expire_in: 1 year
+  cache:
+    key: ${CI_COMMIT_REF_SLUG}
+    paths:
+      - flexiapi/vendor/
+
+job-centos7-rpm-test:
+
+  tags: [ "docker-centos7" ]
+  image: gitlab.linphone.org:4567/bc/public/linphone-sdk/bc-dev-centos7-php
+
+  stage: test
+  script:
+    - yum -y localinstall rpmbuild/x86_64/*.rpm
+    - cd /opt/belledonne-communications/share/flexisip-account-manager/flexiapi
+    - scl enable rh-php73 "php artisan key:generate"
+    - scl enable rh-php73 "vendor/bin/phpunit --log-junit $CI_PROJECT_DIR/flexiapi_phpunit.log"
+  artifacts:
+    paths:
+      - $CI_PROJECT_DIR/flexiapi_phpunit.log
+      - flexiapi/storage/logs/
+    when: always
+    expire_in: 1 day

 job-centos7-rpm-deploy:

@ -33,7 +60,7 @@ job-centos7-rpm-deploy:
    refs:
      - master
    changes:
-      - flexisip-account-manager.spec  
+      - flexisip-account-manager.spec

  dependencies:
    - job-centos7-rpm
@ -41,8 +68,3 @@ job-centos7-rpm-deploy:
  script:
   - cd rpmbuild/x86_64 && rsync -e "ssh -o StrictHostKeyChecking=no" -pr . $DEPLOY_SERVER:$CENTOS7_DEPLOY_DIRECTORY
   - ssh $DEPLOY_SERVER "chmod a+r $CENTOS7_DEPLOY_DIRECTORY/*.rpm && createrepo_c --update $CENTOS7_DEPLOY_DIRECTORY/."
-
-
-stages:
- - package
- - deploy
--- a/15
+++ b/15
@ -2,8 +2,11 @@ $(eval GIT_DESCRIBE = $(shell sh -c "git describe"))
 OUTPUT_DIR = ${CURDIR}
 prepare:
 	cd flexiapi && composer install --no-dev
-		
-rpm-only: 
+
+prepare-dev:
+	cd flexiapi && composer install
+
+rpm-only:
 	rm -rf $(OUTPUT_DIR)/flexisip-account-manager
 	mkdir $(OUTPUT_DIR)/flexisip-account-manager
 	mkdir -p $(OUTPUT_DIR)/rpmbuild/SPECS
@ -11,7 +14,14 @@ rpm-only:
 	cp -R --parents src/**/*.php $(OUTPUT_DIR)/flexisip-account-manager/
 	cp -R --parents src/api/**/*.php $(OUTPUT_DIR)/flexisip-account-manager/
 	cp -R --parents conf/*.conf $(OUTPUT_DIR)/flexisip-account-manager/
+
 	cp -R --parents flexiapi/**/* $(OUTPUT_DIR)/flexisip-account-manager/
+	cp flexiapi/composer* $(OUTPUT_DIR)/flexisip-account-manager/flexiapi/
+	cp flexiapi/README.md $(OUTPUT_DIR)/flexisip-account-manager/flexiapi/
+	cp flexiapi/.env.example $(OUTPUT_DIR)/flexisip-account-manager/flexiapi/.env.example
+	cp flexiapi/artisan $(OUTPUT_DIR)/flexisip-account-manager/flexiapi/
+	cp flexiapi/phpunit.xml $(OUTPUT_DIR)/flexisip-account-manager/flexiapi/
+
 	cp README.md $(OUTPUT_DIR)/flexisip-account-manager/
 	cp -R httpd/ $(OUTPUT_DIR)/flexisip-account-manager/
 	cp flexisip-account-manager.spec $(OUTPUT_DIR)/rpmbuild/SPECS/
@ -21,5 +31,6 @@ rpm-only:
 	rm -rf $(OUTPUT_DIR)/flexisip-account-manager

 rpm: prepare rpm-only
+rpm-dev: prepare-dev rpm-only

 .PHONY: rpm
--- a/README.md
+++ b/README.md
@ -63,16 +63,29 @@ Finally start composer:

 `cd /opt/belledonne-communications/share/flexisip-account-manager/ && composer install`

-### 6. Packaging
+### 4. Configure the API
+------------------------------
+
+The FlexiAPI configuration is located in the same directory as for the XMLRPC server. You can find its whole configuration in `/etc/flexisip-account-manager/flexiapi.env`.
+
+You should normally only change the `DB_EXTERNAL` parameters then rollback and re-run the migrations (by default the API is assuming that it runs on two SQLite databases). To do so, find the root directory of `flexiapi` (normally under `/opt/belledonne-communications/share/flexisip-account-manager`), authenticate as your web user (`www-data` or `apache`) and run rollback and migrate (all the content will be destroyed, we recommend to do always do backup of your databases before running any migrations):
+
+    php artisan migrate:rollback
+    php artisan migrate
+
+### 5. Packaging
 --------------------
 To build a rpm package on centos7:
 make rpm
 To build a rpm package with docker:
-docker run -v $PWD:/home/bc -it gitlab.linphone.org:4567/bc/public/flexisip-account-manager/bc-dev-centos:7 make rpm
-The flexisip-account-manager rpm package can be found in rpmbuild/RPMS/x86_64/bc-flexisip-account-manager*.rpm
-Installation requires package centos-release-scl-rh to be installed for php7.1

-### 7. Miscellaneous
+    docker run -v $PWD:/home/bc -it gitlab.linphone.org:4567/bc/public/flexisip-account-manager/bc-dev-centos:7 make rpm
+
+GitLab is running the command above using `make rpm-dev`, this also install all the required dependencies to run `phpunit` properly (they are disabled by default to save space in the final rpm file).
+
+The flexisip-account-manager rpm package can be found in `rpmbuild/RPMS/x86_64/bc-flexisip-account-manager*.rpm`
+
+### 6. Miscellaneous
 --------------------

 - For remote provisioning create a `default.rc` file in `/opt/belledonne-communications/` and set the values you want
@ -92,4 +105,3 @@ client side, set the provisioning uri to the same host but to `provisioning.php`

 - Also it can listen on IPv6 only.
 To fix that, edit `/opt/rh/httpd24/root/etc/httpd/conf.d/ssl.conf` and add/set: `Listen 0.0.0.0:444 https`
-
--- a/docker/build-image.docker
+++ b/docker/build-image.docker
@ -2,7 +2,7 @@ FROM gitlab.linphone.org:4567/bc/public/linphone-sdk/bc-dev-centos:7
 USER root

 # Install dependencies
-RUN yum -y install centos-release-scl.noarch
+RUN yum -y install centos-release-scl.noarch sysvinit-tools
 RUN yum -y install composer.noarch rh-php73 rh-php73-php-mbstring
 RUN mkdir -p /usr/local/bin
 RUN echo -e "#!/usr/bin/bash\nsource scl_source enable rh-php73\nexec \"\$@\"\n" >> /usr/local/bin/entry-point.sh
--- a/flexiapi/.env.example
+++ b/flexiapi/.env.example
@ -1,16 +1,14 @@
-APP_NAME=Laravel
+APP_NAME=FlexiAPI
 APP_ENV=local
 APP_KEY=
-APP_DEBUG=true
+APP_DEBUG=false
 APP_URL=http://localhost

 LOG_CHANNEL=stack

-DB_CONNECTION=local
-
 DB_DATABASE=/var/www/flexiapi/db.sqlite

-DB_EXTERNAL_CONNECTION=mysql
+DB_EXTERNAL_DRIVER=mysql
 DB_EXTERNAL_HOST=127.0.0.1
 DB_EXTERNAL_PORT=3306
 DB_EXTERNAL_DATABASE=flexisip
@ -22,27 +20,3 @@ CACHE_DRIVER=file
 QUEUE_CONNECTION=sync
 SESSION_DRIVER=cookie
 SESSION_LIFETIME=120
-
-REDIS_HOST=127.0.0.1
-REDIS_PASSWORD=null
-REDIS_PORT=6379
-
-MAIL_DRIVER=smtp
-MAIL_HOST=smtp.mailtrap.io
-MAIL_PORT=2525
-MAIL_USERNAME=null
-MAIL_PASSWORD=null
-MAIL_ENCRYPTION=null
-
-AWS_ACCESS_KEY_ID=
-AWS_SECRET_ACCESS_KEY=
-AWS_DEFAULT_REGION=us-east-1
-AWS_BUCKET=
-
-PUSHER_APP_ID=
-PUSHER_APP_KEY=
-PUSHER_APP_SECRET=
-PUSHER_APP_CLUSTER=mt1
-
-MIX_PUSHER_APP_KEY="${PUSHER_APP_KEY}"
-MIX_PUSHER_APP_CLUSTER="${PUSHER_APP_CLUSTER}"
--- a/flexiapi/README.md
+++ b/flexiapi/README.md
@ -6,7 +6,7 @@ This tool connects to the Flexisip CLI interface and exposes several endpoints t

 Clone the repository, install the dependencies and generate a key.

-    composer install
+    composer install --no-dev
    php artisan key:generate

 Then configure the two databases connections in the `.env` file (from the `.env.example` one). And migrate the tables.
@ -29,4 +29,4 @@ To expire and/or clear old nonces a specific command should be called periodical

 ## Usage

-The root page contains all the required documentation to authenticate and request the API.
+The root page contains all the required documentation to authenticate and request the API.
--- a/flexiapi/app/Helpers/Utils.php
+++ b/flexiapi/app/Helpers/Utils.php
@ -19,6 +19,8 @@

 namespace App\Helpers;

+use Illuminate\Support\Str;
+
 use App\Account;
 use App\DigestNonce;

@ -26,9 +28,7 @@ class Utils
 {
    public static function generateNonce(): string
    {
-        return base64_encode(random_bytes(
-            SODIUM_CRYPTO_SECRETBOX_NONCEBYTES
-        ));
+        return Str::random(32);
    }

    public static function generateValidNonce(Account $account): string
--- a/flexiapi/app/Http/Controllers/Api/PingController.php
+++ b/flexiapi/app/Http/Controllers/Api/PingController.php
@ -0,0 +1,14 @@
+<?php
+
+namespace App\Http\Controllers\Api;
+
+use App\Http\Controllers\Controller;
+use Illuminate\Http\Request;
+
+class PingController extends Controller
+{
+    public function ping(Request $request)
+    {
+        return 'pong';
+    }
+}
--- a/flexiapi/public/.htaccess
+++ b/flexiapi/public/.htaccess
@ -18,4 +18,6 @@
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteRule ^ index.php [L]
+
+    RewriteBase /flexiapi/
 </IfModule>
--- a/flexiapi/routes/api.php
+++ b/flexiapi/routes/api.php
@ -24,6 +24,7 @@ Route::middleware('auth:api')->get('/user', function (Request $request) {
 });

 Route::group(['middleware' => ['auth.digest']], function () {
+    Route::get('ping', 'Api\PingController@ping');
    Route::get('devices', 'Api\DeviceController@index');
    Route::delete('devices/{uuid}', 'Api\DeviceController@destroy');
 });
--- a/flexiapi/tests/Feature/AuthenticateDigestTest.php
+++ b/flexiapi/tests/Feature/AuthenticateDigestTest.php
@ -30,7 +30,7 @@ class AuthenticateDigestTest extends TestCase
 {
    use RefreshDatabase;

-    const ROUTE = '/api/devices';
+    const ROUTE = '/api/ping';
    const METHOD = 'GET';
    const ALGORITHMS = ['md5' => 'MD5', 'sha256' => 'SHA-256'];

--- a/flexisip-account-manager.spec
+++ b/flexisip-account-manager.spec
@ -9,6 +9,9 @@
 #%define _docdir            %{_datadir}/doc

 %define build_number 17
+%define var_dir /var/opt/belledonne-communications
+%define opt_dir /opt/belledonne-communications/share/flexisip-account-manager
+%define env_file "$RPM_BUILD_ROOT/etc/flexisip-account-manager/flexiapi.env"
 #%if %{build_number}
 #%define build_number_ext -%{build_number}
 #%endif
@ -22,11 +25,11 @@ Group:          Applications/Communications
 License:        GPL
 URL:            http://www.linphone.org
 #Source0:        %{name}-%{version}%{?build_number_ext}.tar.gz
-Source0:	flexisip-account-manager.tar.gz
+Source0:        flexisip-account-manager.tar.gz
 #BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-buildroot

 # dependencies
-Requires:	rh-php73-php rh-php73-php-xmlrpc rh-php73-php-pdo rh-php73-php-mysqlnd rh-php73-php-mbstring
+Requires:       rh-php73-php rh-php73-php-xmlrpc rh-php73-php-pdo rh-php73-php-mysqlnd rh-php73-php-mbstring

 %description
 PHP server for Linphone and Flexisip providing module for account creation.
@ -37,11 +40,13 @@ PHP server for Linphone and Flexisip providing module for account creation.

 %install
 rm -rf "$RPM_BUILD_ROOT"
-mkdir -p "$RPM_BUILD_ROOT/opt/belledonne-communications/share/flexisip-account-manager"
-cp -R src/* "$RPM_BUILD_ROOT/opt/belledonne-communications/share/flexisip-account-manager/"
-mkdir -p "$RPM_BUILD_ROOT/opt/belledonne-communications/share/flexisip-account-manager/flexiapi"
-cp -R flexiapi/* "$RPM_BUILD_ROOT/opt/belledonne-communications/share/flexisip-account-manager/flexiapi"
-cp README* "$RPM_BUILD_ROOT/opt/belledonne-communications/share/flexisip-account-manager/"
+mkdir -p "$RPM_BUILD_ROOT%{opt_dir}"
+cp -R src/* "$RPM_BUILD_ROOT%{opt_dir}/"
+
+cp -R flexiapi "$RPM_BUILD_ROOT%{opt_dir}"
+cp flexiapi/composer.json "$RPM_BUILD_ROOT%{opt_dir}/flexiapi"
+
+cp README* "$RPM_BUILD_ROOT%{opt_dir}/"
 mkdir -p "$RPM_BUILD_ROOT/etc/flexisip-account-manager"
 cp -R conf/* "$RPM_BUILD_ROOT/etc/flexisip-account-manager/"
 mkdir -p $RPM_BUILD_ROOT/opt/rh/httpd24/root/etc/httpd/conf.d
@ -50,24 +55,54 @@ cp httpd/flexisip-account-manager.conf "$RPM_BUILD_ROOT/opt/rh/httpd24/root/etc/

 %post
 if [ $1 -eq 1 ] ; then
-mkdir -p /var/opt/belledonne-communications/log
-touch /var/opt/belledonne-communications/log/account-manager.log
-chown apache:apache /var/opt/belledonne-communications/log/account-manager.log
-chcon -t httpd_sys_rw_content_t /var/opt/belledonne-communications/log/account-manager.log
-setsebool -P httpd_can_network_connect_db on
+    mkdir -p %{var_dir}/log
+    touch %{var_dir}/log/account-manager.log
+    chown apache:apache %{var_dir}/log/account-manager.log
+    chcon -t httpd_sys_rw_content_t %{var_dir}/log/account-manager.log
+    setsebool -P httpd_can_network_connect_db on
+
+    # FlexiAPI base directories setup and rights
+    mkdir -p %{var_dir}/flexiapi/storage/app/public
+    mkdir -p %{var_dir}/flexiapi/storage/framework/cache %{var_dir}/flexiapi/storage/framework/sessions %{var_dir}/flexiapi/storage/framework/testing %{var_dir}/flexiapi/storage/framework/views
+    mkdir -p %{opt_dir}/flexiapi/bootstrap/cache
+    touch %{var_dir}/flexiapi/storage/db.sqlite
+    touch %{var_dir}/flexiapi/storage/external.db.sqlite
+    chown -R apache:apache %{var_dir}/flexiapi/storage
+
+    ln -s %{var_dir}/flexiapi/storage %{opt_dir}/flexiapi/.
+
+    # FlexiAPI logs file
+    mkdir -p %{var_dir}/log/flexiapi
+    chown -R apache:apache %{var_dir}/log/flexiapi
+
+    ln -s %{var_dir}/log/flexiapi %{opt_dir}/flexiapi/storage/logs
+
+    # FlexiAPI env file configuration
+    cd %{opt_dir}/flexiapi/
+    cp .env.example %{env_file}
+    sed -i 's/DB_DATABASE=.*/DB_DATABASE=\/var\/opt\/belledonne-communications\/flexiapi\/storage\/db.sqlite/g' %{env_file}
+    sed -i 's/DB_EXTERNAL_DRIVER=.*/DB_EXTERNAL_DRIVER=sqlite/g' %{env_file}
+    sed -i 's/DB_EXTERNAL_DATABASE=.*/DB_EXTERNAL_DATABASE=\/var\/opt\/belledonne-communications\/flexiapi\/storage\/external.db.sqlite/g' %{env_file}
+
+    ln -s %{env_file} .env
+
+    scl enable rh-php73 "php artisan key:generate"
+    scl enable rh-php73 "php artisan migrate"
 fi


 %files
-/opt/belledonne-communications/share/flexisip-account-manager/flexiapi/**/*
-/opt/belledonne-communications/share/flexisip-account-manager/api/account/*.php
-/opt/belledonne-communications/share/flexisip-account-manager/config/*.php
-/opt/belledonne-communications/share/flexisip-account-manager/database/*.php
-/opt/belledonne-communications/share/flexisip-account-manager/misc/*.php
-/opt/belledonne-communications/share/flexisip-account-manager/objects/*.php
-/opt/belledonne-communications/share/flexisip-account-manager/tools/*.php
-/opt/belledonne-communications/share/flexisip-account-manager/xmlrpc/*.php
-/opt/belledonne-communications/share/flexisip-account-manager/README*
+%{opt_dir}/flexiapi/
+%{opt_dir}/api/account/*.php
+%{opt_dir}/config/*.php
+%{opt_dir}/database/*.php
+%{opt_dir}/misc/*.php
+%{opt_dir}/objects/*.php
+%{opt_dir}/tools/*.php
+%{opt_dir}/xmlrpc/*.php
+%{opt_dir}/README*
+%exclude %{opt_dir}/flexiapi/storage/
+%exclude %{opt_dir}/flexiapi/bootstrap/cache

 %config(noreplace) /etc/flexisip-account-manager/*.conf
 %config(noreplace) /opt/rh/httpd24/root/etc/httpd/conf.d/flexisip-account-manager.conf
@ -76,6 +111,8 @@ fi
 rm -rf $RPM_BUILD_ROOT

 %changelog
+* Tue Jan 5 2020 Timothée Jaussoin <timothee.jaussoin@belledonne-communications.com>
+- Import and configure the new API package
 * Thu Jul 4 2019 Sylvain Berfini <sylvain.berfini@belledonne-communications.com>
 - New files layout
 * Fri Jun 28 2019 Johan Pascal <johan.pascal@belledonne-communications.com>
--- a/httpd/flexisip-account-manager.conf
+++ b/httpd/flexisip-account-manager.conf
@ -1,20 +1,55 @@
+Alias /flexiapi /opt/belledonne-communications/share/flexisip-account-manager/flexiapi/public
 Alias /flexisip-account-manager /opt/belledonne-communications/share/flexisip-account-manager/xmlrpc
+
 <Directory /opt/belledonne-communications/share/flexisip-account-manager/xmlrpc/>
-	Options FollowSymLinks MultiViews
-	AllowOverride None
-	Require all denied
+    Options FollowSymLinks MultiViews
+    AllowOverride None
+    Require all denied

-	<Files xmlrpc.php>
-		<RequireAll>
-			Require all granted
-			Require not env blockAccess
-		</RequireAll>
-	</Files>
+    <Files xmlrpc.php>
+        <RequireAll>
+            Require all granted
+            Require not env blockAccess
+        </RequireAll>
+    </Files>
+
+    <Files provisioning.php>
+        <RequireAll>
+            Require all granted
+            Require not env blockAccess
+        </RequireAll>
+    </Files>
+</Directory>
+
+<Directory /opt/belledonne-communications/share/flexisip-account-manager/flexiapi/public>
+    AllowOverride All
+    Order allow,deny
+    allow from all
+    Require all granted
+    DirectoryIndex index.php
+
+    <IfModule mod_rewrite.c>
+        <IfModule mod_negotiation.c>
+            Options -MultiViews -Indexes
+        </IfModule>
+
+        RewriteEngine On
+
+        # Handle Authorization Header
+        RewriteCond %{HTTP:Authorization} .
+        RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
+
+        # Redirect Trailing Slashes If Not A Folder...
+        RewriteCond %{REQUEST_FILENAME} !-d
+        RewriteCond %{REQUEST_URI} (.+)/$
+        RewriteRule ^ %1 [L,R=301]
+
+        # Handle Front Controller...
+        RewriteCond %{REQUEST_FILENAME} !-d
+        RewriteCond %{REQUEST_FILENAME} !-f
+        RewriteRule ^ index.php [L]
+
+        RewriteBase /flexiapi/
+    </IfModule>

-	<Files provisioning.php>
-		<RequireAll>
-			Require all granted
-			Require not env blockAccess
-		</RequireAll>
-	</Files>
 </Directory>