Go Home
In order to run Aesel, you should have at least one server with a minimum of:
Note that production systems will likely require significantly more resources.
In order to run Aesel on Docker, you should have at least:
Running Aesel natively is supported on the following platforms:
Note that the above recommendations are minimum requirements, and production deployments will likely require significantly more resources, especially when handling very high-volumes of traffic.
This is a great option for Demo environments, or small LAN-based networks which only need to handle scenes for a few users.
While this is secure, it is not intended for deployment in a cloud production environment. The security of this deployment depends on the security of the underlying server running Aesel.
First, Download the Aesel setup files from https://github.com/AO-StreetArt/Aesel/archive/master.zip.
Unzip the files, and open a terminal/command prompt from the main folder.
Open the aesel.sh file. This contains the central definitions for the variables you’ll fill out. First, pay attention to the ‘SSL_BASE_DIR’ variable. This sets the base directory where your SSL Certificates are contained, with a default of ‘/var/ssl’.
Make sure to update the ‘NETWORK_INTERFACE_ADDRESS’ environment variable to your server’s public IP address before continuing.
Finally, set the Mongo init credentials, that can be used to connect only from the same server that Mongo is running on, in order to administer it.
Before we go any further, let’s go ahead and obtain valid SSL Certificates. The best way to do this is through Let’s Encrypt, you can follow the tutorials at https://certbot.eff.org/. Self-Signed Certificates are not supported. Make sure that you’re certificates are registered to the same domain that you enter into the AESEL_DOMAIN variable. A basic example certbot command is shown below:
certbot certonly –standalone –preferred-challenges http -d AESEL_DOMAIN
You may need to copy/convert some of the certs around, below is a tree of the basic file structure needed in /var/ssl (or whatever you enter for the SSL_BASE_DIR):
The pem files generated by certbot can be simply copied anywhere a .crt or .pem file is required. To get a .p12 file, an example is shown below:
openssl pkcs12 -export -in fullchain.pem -inkey privkey.pem -out /var/ssl/adrestia/certificate.p12 -name tomcat -CAfile chain.pem -caname root
Then, you’ll need to open up the aesel.sh file, and enter your export password in the ‘SSL_KEYSTORE_PW’
AES Information is set in the aesel.sh script, and can be generated with:
openssl enc -aes-256-cbc -k secret -P -md sha1
Where ‘secret’ is a password for generating the key.
To start the Aesel DB Layer, run the below command:
./aesel.sh db
The easiest way to update the neo4j login information is to use Neo4j Client. Simply connect to your instance with username and password neo4j/neo4j, and you will be prompted to change the password.
Finally, you’ll need to setup a Mongo admin user, and separate users for Adrestia and CLyman. You can connect from the same server running Mongo by using the mongo shell with:
mongo admin -u <mongo-init-un> -p <mongo-init-pw>
Create an administrator user:
use admin
}
)`
Then, an example user creation for Adrestia is shown below:
use _adrestia
user:”test1”, pwd:”test1”, roles:[
- {
- role:”readWrite”, db:”_adrestia”
}
], mechanisms:[
“SCRAM-SHA-1”
]
})`
A similar user should be created for CLyman in the database ‘clyman’, Projects in the database ‘_projects’, and Kelona in the database ‘_avc’.
Open back up the aesel.sh file, and start by entering the Neo4j login into the NEO4J_UN and NEO4J_PW variables. Then, you can update the variables for:
Starting a Scene Cluster (Crazy Ivan and CLyman), can be done with the below command:
./aesel.sh cluster
Core, Stateless Services (Adrestia, Kelona, Projects), can be started with:
./aesel.sh core
Now you can open your web browser and navigate to https://localhost:8080/portal/home. Login with an account you setup on your Auth0 dashboard.
