1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
|
=============
Leap Platform
=============
What is it?
===========
The LEAP Provider Platform is the server-side part of the LEAP Encryption Access Project that is run by service providers. It consists of a set of complementary packages and recipes to automate the maintenance of LEAP services in a hardened GNU/Linux environment. LEAP makes it easy and straightforward for service providers and ISPs to deploy a secure communications platform for their users.
The LEAP Platform is essentially a git repository of puppet recipes, with a few scripts to help with bootstrapping and deployment. A service provider who wants to deploy LEAP services will clone or fork this repository, edit the main configuration file to specify which services should run on which hosts, and run scripts to deploy this configuration.
Documentation
=============
Most of the current documentation can be found in Readme files of the different pieces. Eventually this will be consolidated on the website https://leap.se
Requirements
============
This highly depends on your (expected) user base.
For a minimal test or develop install we recommend a fairly recent computer x86_64 with hardware virtualization features (AMD-V or VT-x) with plenty of RAM. You could use Vagrant or KVM to simulate a live deployment.
For a live deployment of the platform the amount of required (virtual) servers depends on your needs and which services you want to deploy.
In it's initial release you can deploy OpenVPN, CouchDB and a webapp to administer your users (billing, help tickets,...).
While you can deploy all services on one server, we stronly recommend to use seperate servers for better security.
To get started you will need to have git, ruby1.8, rails, rubygems, bundler, ruby1.8-dev, libgpgme-ruby.
Installation
============
Create a working directory
--------------------------
mkdir ~/Leap
cd ~/Leap
Install leap_cli
----------------
git clone git://code.leap.se/leap_cli
cd leap_cli
See also README.md for installation hints, but this should work in most cases:
bundle
rake build
rake install
leap help - this should provide you with the help output of the leap command-line tool
Install leap_platform
---------------------
cd ~/Leap
git clone git://code.leap.se/leap_platform
cd leap_platform
Right now, use the develop branch
git checkout develop
Initialize Submodules
git submodule update --init
Configuration
=============
Create config file templates
----------------------------
cd ~/Leap
leap init-provider vagrant_test
cd vagrant_test
Configure
---------
Edit following files:
* common.yaml
* nodes/COUCHDB_SERVER.yaml
* nodes/WEBAPP_SERVER.yaml
* nodes/VPN_SERVER.yaml
leap add-user --self
leap compile
Initialize and deploy nodes
---------------------------
For every server you configured do:
leap node-init SERVERNAME
leap -v 2 deploy SERVERNAME
More Information
----------------
For more information about the LEAP Encryption Access Project, please visit the website https://leap.se which also lists contact data.
Following needs to be written:
Copyright/License
-----------------
Read LICENSE
Known bugs
----------
Troubleshooting
---------------
Changelog
---------
For a changelog of the current branch:
cd ~/Leap
git log
Authors and Credits
------------------
a file manifest
|
