IoT Cloud

Privacy friendly framework for IoT Cloud.

Prerequisites

For server:

• Docker
• docker-compose

For running tests:

• Python 3.x
• Charm-Crypto

Running using Docker

• First follow steps to bring up PostgreSQL database
• Next, from root directory run: CURRENT_UID=$(id -u):$(id -g) docker-compose up
  • NOTE: CURRENT_UID=$(id -u):$(id -g) is necessary because test container needs to run under current user to write reports
• to clean up _pycache_ and .pytest_cache directories created by docker use following commands:
  • sudo find . -path '*/__pycache__*' ! -path "./venv*" -delete
  • sudo find . -path '*/.pytest_cache*' ! -path "./venv*" -delete
  • NOTE: run commands first without -delete flag to test, to make sure you don't damage your system

Running tests

• When running tests make sure you set environment variable TESTING_ENV to host_testing(defaults to testing), so the application uses config.env variables needed for running tests on host. If not set, tests will run as if they were inside docker container ( = with different URLs).
• To run (from ./tests directory) use
  pytest . --junitxml=./reports/test_report.xml --html=./reports/test_report.html --self-contained-html --cov=../ --cov-config=../.coveragerc --cov-report term
• To see HTML or XML test and coverage reports check ./tests/reports directory
• NOTE: When running tests on Docker host it's necessary to have server application running, because CLI tests are ran against this instance

TLS

It's necessary to provide certificates to use application. When using Mosquitto, please use steps at Mosquitto website

• Files created in previous steps should be placed in certs folder both for Mosquitto and application, replacing *.dummy files
• Application currently does not require client certificates, to change that, you need to set require_certificate true in mosquitto.conf and provide client certfile and keyfile to client.tls_set in create_app.py through CLIENT_CERTFILE_PATH and CLIENT_KEYFILE_PATH config attributes
• in production SSL_INSECURE attribute in config should be set to False, so when generating certificates, make sure that broker name (hostname) matches name on certificate

Setting up HTTPS

• You need to provide certificate and key for Nginx server to be accessible - this should be done by replacing dummy files in ./webserver/ssl folder
• To generate self-signed certificate:
  • change directory to ./webserver/ssl
  • run sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout ./private/webserver.key -out ./certs/webserver.crt

Troubleshooting

• If you have issues running tests inside container (there are some tests that need to be excluded when running inside container), try docker container prune and docker-compose up again
• If testing DB inside docker container is not being created by create_db.sh, you need to first remove persistent volume (docker volume rm iot-cloud_data_test and docker volume rm postgres_data) and prune containers (docker container prune)
• if you encounter this error message: libpbc.so.1: cannot open shared object file: No such file or directory, make sure you run ldconfig after installing pbc, if that doesn't help:
  • check whether path to pbc is in LD_LIBRARY_PATH (echo $LD_LIBRARY_PATH )
  • if not, then run sudo find / -name libpbc.so
  • add path outputted by previous command to LD_LIBRARY_PATH - e.g. LD_LIBRARY_PATH=/usr/local/lib and export it
  • if that solves the issue, add LD_LIBRARY_PATH to ~/.bashrc and source it
• if you encounter error message when installing Charm (running ./configure.sh) stating that you don't have python3-dev or python3-config:
  • check whether you have any other version installed e.g python3.6-config, if yes, replace occurrence(s) of python3-config in ./configure.sh with the one you have installed and run it again