summaryrefslogtreecommitdiff
path: root/README.md
blob: b7f07e277e7f6e149a01ea6fd0ae1dee950469c3 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
=============
Leap Platform
=============

What is it?
===========

The LEAP Provider Platform is the server-side part of the LEAP Encryption Access Project that is run by service providers. It consists of a set of complementary packages and recipes to automate the maintenance of LEAP services in a hardened GNU/Linux environment. LEAP makes it easy and straightforward for service providers and ISPs to deploy a secure communications platform for their users.

The LEAP Platform is essentially a git repository of puppet recipes, with a few scripts to help with bootstrapping and deployment. A service provider who wants to deploy LEAP services will clone or fork this repository, edit the main configuration file to specify which services should run on which hosts, and run scripts to deploy this configuration.

Documentation
=============

Most of the current documentation can be found in Readme files of the different pieces. Eventually this will be consolidated on the website https://leap.se

Requirements
============

This highly depends on your (expected) user base. 
For a minimal test or develop install we recommend a fairly recent computer x86_64 with hardware virtualization features (AMD-V or VT-x) with plenty of RAM. You could use Vagrant or KVM to simulate a live deployment.

For a live deployment of the platform the amount of required (virtual) servers depends on your needs and which services you want to deploy. 
In it's initial release you can deploy OpenVPN, CouchDB and a webapp to administer your users (billing, help tickets,...).
While you can deploy all services on one server, we stronly recommend to use seperate servers for better security.

To get started you will need to have git, ruby1.8, rails, rubygems, bundler, ruby1.8-dev, libgpgme-ruby. 


Installation
============

Create a working directory
--------------------------

  mkdir ~/Leap
  cd ~/Leap 

Install leap_cli
----------------

  git clone git://code.leap.se/leap_cli
  cd leap_cli

See also README.md for installation hints, but this should work in most cases:

  bundle
  rake build
  rake install
  leap help - this should provide you with the help output of the leap command-line tool

Install leap_platform
---------------------

  cd ~/Leap
  git clone git://code.leap.se/leap_platform
  cd leap_platform
  
Right now, use the develop branch

  git checkout develop

Initialize Submodules

  git submodule update --init

Configuration
=============

Create config file templates 
----------------------------

  cd ~/Leap
  leap init-provider vagrant_test
  cd vagrant_test

Configure 
---------

Edit following files: 
  
  * common.json
  * nodes/<COUCHDB_SERVER>.json - change <COUCHDB_SERVER> to be the hostname of the server hosting couchdb
  * nodes/<WEBAPP_SERVER>.json  - change <WEBAPP_SERVER> to be the hostname of the server hosting the webapp
  * nodes/<VPN_SERVER>.json     - change <VPN_SERVER> to be the hostname of the server hosting the VPN server
 
  leap add-user --self
  leap compile

Initialize and deploy nodes
---------------------------

For every server you configured do:
  
  leap init-node SERVERNAME
  leap -v 2 deploy SERVERNAME

More Information
----------------
For more information about the LEAP Encryption Access Project, please visit the website https://leap.se which also lists contact data.


Following needs to be written:

Copyright/License
-----------------

Read LICENSE

Known bugs
----------

Troubleshooting
---------------

Changelog
---------

For a changelog of the current branch:

  cd ~/Leap
  git log 

Authors and Credits
------------------

a file manifest