Automatic pull of documentation from Wiki.

svn path=/trunk/; revision=5231

1 files changed, 84 insertions, 0 deletions

diff --git a/doc/doc.RPKI.CA.UI.GUI.Configuring b/doc/doc.RPKI.CA.UI.GUI.Configuring
new file mode 100644
index 00000000..026aa0e6
--- /dev/null
+++ b/doc/doc.RPKI.CA.UI.GUI.Configuring
@@ -0,0 +1,84 @@
+****** Configuring the Web Portal ******
+
+Also see doc/RPKI/CA/Configuration for documentation on the /etc/rpki.conf
+configuration file.
+
+***** Creating Users *****
+
+See doc/RPKI/CA/UI/GUI/UserModel
+
+***** Configuring Apache *****
+
+In order to use the web portal, Apache must be installed and configured to
+serve the application. See doc/RPKI/CA/UI/GUI/Configuring/Apache.
+
+***** Error Notifications via Email *****
+
+If an exception is generated while the web portal is processing a request, by
+default will be logged to the apache log file, and an email will be set to
+root@localhost. If you wish to change where email is sent, you can edit /etc/
+rpki/local_settings.py and add the following lines:
+
+  ADMINS = (('YOUR NAME', 'YOUR EMAIL ADDRESS'),)
+
+For example,
+
+  ADMINS = (('Joe User', 'joe@example.com'),)
+
+***** Cron Jobs *****
+
+The web portal makes use of some external data sources to display the
+validation status of routing entries. Therefore, it is necessary to run some
+background jobs periodically to refresh this data. The web portal software
+makes use of the cron facility present in POSIX operating systems to perform
+these tasks.
+
+**** Importing Routing Table Snapshot ****
+
+Requires: wget
+
+In order for the web portal to display the validation status of routes covered
+by a resource holder's RPKI certificates, it needs a source of the currently
+announced global routing table. The web portal includes a script which can
+parse the output of the RouteViews full snapshot (warning: links to very large
+file!).
+
+When the software is installed, there will be a /usr/local/share/routeviews.sh
+script that should be invoked periodically. Routeviews.org updates the snapshot
+every two hours, so it does not make sense to run it more frequently than two
+hours. How often to run it depends on how often the routes you are interested
+in are changing.
+
+Create an entry in root's crontab such as
+
+  30  */2 *   *   *      /usr/local/share/routeviews.sh
+
+**** Importing ROAs ****
+
+If you want the GUI's "routes" page to see ROAs when you click those buttons,
+you will need to run rcynic. see the instructions for setting up rcynic.
+
+This data is imported by the rcynic-cron script. If you have not already set up
+that cron job, you should do so now. Note that by default, rcynic-cron is run
+once an hour. What this means is that the routes view in the GUI will not
+immediately update as you create/destroy ROAs. You may wish to run rcynic-cron
+more frequently, or configure rcynic.conf to only include the TAL that is the
+root of your resources, and run the script more frequently (perhaps every 2-
+5 minutes).
+
+If you are running rootd, you may want to run with only your local trust
+anchor. In this case, to have the GUI be fairly responsive to changes, you may
+want to run the rcynic often. In this case, you may want to look at the value
+of jitter in rcynic.conf.
+
+**** Expiration Checking ****
+
+The web portal can notify users when it detects that RPKI certificates will
+expire in the near future. Run the following script as a cron job, perhaps once
+a night:
+
+  /usr/local/sbin/rpkigui-check-expired
+
+By default it will warn of expiration 14 days in advance, but this may be
+changed by using the -t command line option and specifying how many days in
+advance to check.