Troubleshooting Support Server
Description๐
The server accepts incident reports from the Troubleshooting Server, encrypts them, and sends Slack notifications to the Support Team.
Api Docs๐
The server documentation is available at: https://173.0.146.228:5556/docs#/
Start manually๐
To start the app, you need to create a Python environment first:
python3 -m venv ../tempesta-monitoring-venv
source ../tempesta-monitoring-venv/bin/activate
pip install -r requirements.txt
The server requires a JSON database with client client-id/token records used during the client authorization process.
Here is an example of such a DB file: /etc/tempesta-support/db.json
The application allows setting several environment variables:
| Name | Example | Description |
|---|---|---|
debug |
False | Turns on application debug mode |
path_to_json_db |
/etc… | Path to the JSON database with client auth data |
backup_allowed |
True | Store copies of archived reports on the local server |
backup_crashes_report_dir |
/path/to/dir | Directory to back up reports |
slack_token |
xxxxx | Slack Bot API Token |
slack_channel |
A19999 | Slack channel ID to send notifications to |
fernet_key |
xxx-xxx-xxx | Key used to encrypt report archives |
TEMPESTA_SUPPORT_CONFIG |
/path/to/config | Path to the application config |
Here is an example of the app env file: /etc/tempesta-support/env
path_to_json_db=/etc/tempesta-support/db.json
slack_token=secret
slack_channel=C0AAAAAA
fernet_key=sfq9ruh-2q9ufhaiuhdfas
backup_crashes_report_dir=/var/tempesta-troubleshooting-backups
You can generate a Fernet key using the command:
./archiver.py --generate-key
Then you can start the app using the following command:
TEMPESTA_SUPPORT_CONFIG=/etc/tempesta-support/env uvicorn app:app
Or, if you want to use it with SSL directly:
TEMPESTA_SUPPORT_CONFIG=/etc/tempesta-support/env uvicorn app:app \
--ssl-keyfile path_to_key --ssl-certfile path_to_cert
Start with a Docker๐
Another way to run it is to use Docker:
docker build -t tempesta-support .
docker run -d -p 192.168.122.1:5556:5556 \
-v /etc/tempesta-support:/etc/tempesta-support:ro \
-e PORT=5556 \
--name tempesta-support tempesta-support
And with SSL support:
docker run -d -p 192.168.122.1:5556:5556 \
-v /etc/tempesta-support:/etc/tempesta-support:ro \
-v /local_certs:/certs \
-e USE_SSL=true \
-e PORT=8443 \
-e SSL_KEYFILE=/certs/key.pem \
-e SSL_CERTFILE=/certs/cert.pem \
--name tempesta-support tempesta-support
Archiver๐
Since the application archives the received reports and encrypts the files, it is mandatory to use a special archiver for this.
Here is an example of how to read such an archive:
./archiver.py -xf my_encrypted_archive.tar.gz.f -F output_dir -k MY_FERNET_KEY
Use MY_FERNET_KEY โ the same key you passed to the app.
If for some reason you want to create an encrypted .tar.gz archive, use this command:
./archiver.py -cf my_file.txt -F my_file.tar.gz.f -k MY_FERNET_KEY
The full list of available parameters:
| Name | Short | Example | Description |
|---|---|---|---|
--generate-key |
-g |
-g |
Generate a new Fernet key |
--compress-mode |
-c |
-c |
Compress and encrypt |
--extract-mode |
-x |
-x |
Uncompress and decrypt |
--input-file |
-f |
-f my_file |
Path to input file or dir. With -c, it’s a file/dir to compress. With -x, it’s an encrypted archive |
--output-file |
-F |
-F dir |
Output file or directory. With -c, it’s the output archive. With -x, it’s the extraction directory |
--archive-key |
-k |
-k KEY |
Fernet key used to encrypt/decrypt the archive |