Skip to content

Latest commit

 

History

History
254 lines (180 loc) · 9.89 KB

README.rdoc

File metadata and controls

254 lines (180 loc) · 9.89 KB

sequreisp

sequreisp is an ISP management software.

  • Has a really nice and powerful web interface

  • Can handle up to 3000 or more clients in a single server, thus it is oriented to small/medium ISPs

  • Can group multiple internet providers and do load balancing and failover between them (current record is 32 DSL lines balanced in a single server)

  • Supports all kind of internet providers, dedicated, DSL lines, cable-modem, etc.

  • Does a meticulous bandwidth control and traffic prioritization

    • Allows to set maximum and minimum(guaranteed) for download/upload traffic

    • Efficiently detects P2P traffic and allows to set a maximum as a percent of client’s bandwidth

    • Prioritization can be customized even to a per client basis

  • Integrates with Squid proxy to do transparent web cache(optional)

  • Has a plug-in interface, you can write your custom functionality in top of sequreisp

  • It is written in Ruby on Rails

  • And a lot more

    • Instant and historical graphs

    • Backup & restore from the web interface with a single and lightweight file

    • Port forwarding, full DNAT, and proxy ARP to clients

    • VLAN support

    • E-mail notifications

    • Role based authentication, with audit system

    • Multilingual support (currently Spanish and English, contributions are welcome)

Demo

There is an online demo of the application available

Url: http://demo.sequreisp.com/
User: [email protected]
Pass: 1234

Requirements

Currently we are using Ubuntu Server for all of our setups, so this instructions apply to Ubuntu or any other Debian based distribution. It is possible to run sequreisp in other Linux distributions but maybe some minor changes are needed.

  • Ubuntu Server 10.4 LTS (or greater)

  • ruby1.8, ruby1-8-dev, libopenssl-ruby1.8

  • apache2, libapache2-mod-passenger

  • imagemagick

  • librrd, librrd-dev

  • git-core (to clone our repo)

  • mysql-server, libmysqlclient-dev

  • rails 2.3.11

  • bundler

In the command line that will be as root

apt-get install apache2 libapache2-mod-passenger ruby1.8 ruby1.8-dev libopenssl-ruby1.8 imagemagick librrd-dev librrd4 git-core mysql-server libmysqlclient-dev
gem install rails -v=2.3.11
gem install bundler

Installation

1) Create user and dirs

Sequreisp defaults to install in /opt/sequreisp, here you need to create a couple of directories that serves different purposes

  • deploy Contains the sequreisp code itself

  • scripts Contains the scripts that apply all the commands generated by sequreisp, this scripts runs on boot and every time you hit “apply changes” button

  • etc This directory holds hooks to be run by sequreisp, this allow to integrate a firewall script and other custom commands into sequreisp

    • iptables_pre.sh is a shell script where you can put iptables rules to be executed before the sequreisp iptables rules get applied

    • iptables_post.sh is a shell script where you can put iptables rules to be executed after the sequreisp iptables rules get applied

    • sequreisp_post.sh is a shell script where you can put any aditional command you need

It is safer if the web interface runs as a simple non-privileged user, so we are going to create a sequreisp user with /opt/sequreisp as home directory to accomplish that and then create the directories mentioned above

adduser sequreisp --home /opt/sequreisp
su - sequreisp
mkdir /opt/sequreisp/scripts
mkdir /opt/sequreisp/etc
mkdir /opt/sequreisp/deploy

2) Download the code

Download and install the code into the deploy directory

cd /opt/sequreisp/deploy
git clone http://github.com/sequre/sequreisp.git
ln -s sequreisp current

3) Create and config the database

We need to create the mysql database, we also recommend to create a sequreisp user in your mysql database

mysql -u root -p
create database sequreisp_production CHARACTER SET = utf8; 
grant all privileges on sequreisp_production.* to 'sequreisp'@'localhost' identified by 'somepassword';
flush privileges;

In order to sequreisp connects to the newly created database we need to adjust the username/password/database values in the database.yml file

cd /opt/sequreisp/deploy/current
cp config/database.yml.sample config/database.yml
vi config/database.yml

4) Install the gem dependencies

Sequreisp uses bundle to handle gem dependencies, bundle is a gem itself so the default instalation leaves the executables in a ruby directory oustide from default PATH. I recommend to do a symlink for convenience (or you can simply add /var/lib/gems/1.8/bin to your PATH if you know how to do that)

ln -s /var/lib/gems/1.8/bin/bundle /usr/local/bin/bundle

Then you can run (as root if you prefer system wide gems)

cd /opt/sequreisp/deploy/current
bundle install

5) Initialize the database

To initialize the database, we need to invoke the rake command, which comes in the rake gem. Maybe you already have this command in your path, just check it simply typing ‘rake’, if not, I recommend to do a symlink for convenience (or you can simply add /var/lib/gems/1.8/bin to your PATH if you know how to do that)

ln -s /var/lib/gems/1.8/bin /usr/local/bin/rake

Then run migration and seeds

cd /opt/sequreisp/deploy/current
rake db:migrate RAILS_ENV=production
rake db:seed RAILS_ENV=production

6) Setup the daemon and the init scripts

The daemon is the only part of sequreisp that run as root, and is responsible for apply changes (tc and iptables rules) and to check provider state among other functions

We need to create a init.d file like /etc/init.d/sequreisp with the following content

#!/bin/sh
#
# sequreisp     Startup script for the sequreisp server solution.

NAME=sequreisp
PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
SEQUREISP_DEPLOY="/opt/sequreisp/deploy/current"
SEQUREISP_SCRIPTS="/opt/sequreisp/scripts"

start_daemon () {
        $SEQUREISP_DEPLOY/lib/daemons/sequreispd_ctl start
}

stop_daemon () {
        $SEQUREISP_DEPLOY/lib/daemons/sequreispd_ctl stop
}

case "$1" in
    start)
        echo -n "Starting $NAME: "
        $SEQUREISP_SCRIPTS/boot.sh 2>&1 >/opt/sequreisp/scripts/boot.sh.log
                                start_daemon
        echo "$NAME."
        ;;
    stop)
        echo -n "Stopping $NAME: "
        stop_daemon
        ;;
    restart|reload)
        echo -n "Restarting $NAME: "
        stop_daemon
        start_daemon
        echo "$NAME."
        ;;
    *)
        echo "Usage: /etc/init.d/$NAME {start|stop|restart|reload}"
        exit 3
        ;;
esac

exit 0

Then be sure that sequreisp loads on system boot and start the daemon

chmod +x /etc/init.d/sequreisp
update-rc.d sequreisp defaults 10 80
service sequreisp start

Make shure the daemon is running, you can use ps command for that

ps x | grep sequreisp

You should see an output like this

11659 ?        S      0:01 sequreispd.rb
11660 ?        S      0:00 sequreispd.rb_monitor

The sequreispd.rb is the daemon process itself, while sequreipd.rb_monitor is a monitor that ensures that daemon keeps allways running. Both should be running all time. If the daemon is not running you can check /opt/sequreisp/deploy/current/log/sequreispd.rb.log for error messages.

7) Cronjobs

We need to create a crontab entry to feed the user interface graphics. Sequreisp now uses the whenever gem to automate the deploy of cron jobs It is extremley simple to use, you just need to use the whenever command. This command is in it’s own gem path by default and, once again, you may make a symblink for convenience (or you can simply add /var/lib/gems/1.8/bin to your PATH if you know how to do that)

ln -s /var/lib/gems/1.8/bin/whenever /usr/local/bin/whenever

After this you just need to do, as sequreisp user

cd /opt/sequreisp/deploy/current
whenever --update-crontab

And it will update your crontab to run the needed jobs. You can check how it looks doing

crontabl -l

8) Setup web interface

In order to access the web interface you need to setup the vhost definition

# in /etc/apache2/sites-available/sequreisp 
<VirtualHost *:80>
  ServerName localhost
  ServerAlias *
  DocumentRoot /opt/sequreisp/deploy/current/public
  RailsEnv production

  <Directory /opt/sequreisp/deploy/current/public>
    Options Indexes FollowSymLinks MultiViews
    AllowOverride None
    Order allow,deny
    allow from all
  </Directory>

  ErrorLog /var/log/apache2/error.sequreisp.log
  LogLevel warn
  CustomLog /var/log/apache2/access.sequreisp.log combined
</VirtualHost>

Enable the new vhost

a2ensite sequreisp
service apache reload

Log in using your server’s ip with default credentials username: [email protected] pass: 1234

Use

There is currently a step by step user guide available in spanish.

It will introduce you in the basic concepts behind sequreisp from a fresh instalation to get your first provider and client to work.

The guide is meant for the comercial version but still applies to the opensource branch. The guide mentions an easy-install-CD that is only available for the comercial version, so you have to skip that part and begin at 2.3 “Puesta a punto” section.

Community

We have released a forum for open discution and user support, if you have any questions you can start a thread there.

If you have a bug report or any suggestion you can create a git-hub issue.

If you want to contribute to this project you can send a pull-request or mail me at “lruete NO@SPAM sequre.com.ar”

License

Sequreisp is licensed under the terms of the GNU Afero General Public license

A Comercial version of sequreisp is also available which includes support, an easy-install-CD and modules with extra functionality, you can find more information in the sequreisp website.