-
Notifications
You must be signed in to change notification settings - Fork 10
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
35 changed files
with
1,361 additions
and
209 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,14 @@ | ||
| Create and Consume OAI-ORE Documents | ||
| ==================================== | ||
|
|
||
| d1_pyore is a DataONE python library for working with `OAI-ORE`_ documents which are used by DataONE Member Nodes to describe data packages. | ||
|
|
||
| Two commandline scripts ``ore2txt`` and ``pids2ore`` are included to produce a more human readable representation of an OAI-ORE document and to create an OAI-ORE document from a list of identifiers respectively. | ||
|
|
||
| A brief tutorial_ is provided. | ||
|
|
||
| .. _OAI-ORE: https://www.openarchives.org/ore/ | ||
| .. _rdflib: https://github.com/RDFLib/rdflib | ||
| .. _rdflib-jsonld: https://github.com/RDFLib/rdflib-jsonld | ||
| .. _requests: http://docs.python-requests.org/en/master/ | ||
| .. _tutorial: https://github.com/DataONEorg/dataone_examples/blob/master/api_examples/resource_map.ipynb |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,4 @@ | ||
| Unit tests | ||
| ========== | ||
|
|
||
| This library is shipped with unit tests that verify correct operation. It is recommended that these are executed after installation. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,13 @@ | ||
| DataONE Type Bindings | ||
| ===================== | ||
|
|
||
| DataONE services use XML messaging over HTTP as the primary means of communication between service nodes and clients. The XML messages are defined by XML Schema specifications and must be valid. d1_common_python provides binding classes for serialization of DataONE XML messages using implementations generated by the PyXB library. | ||
|
|
||
| PyXB generated classes are specific to the version of the schema and the version of PyXB installed. Hence, even though PyXB generated classes are provided with the distribution of ``d1_common_python``, it may be necessary to regenerate the classes depending on the particular version of PyXB installed. | ||
|
|
||
| The bash script ``d1_common/types/scripts/genbind`` will regenerate the binding classes. To regenerate binding classes:: | ||
|
|
||
| cd to the src folder of this distribution | ||
| $ export D1COMMON_ROOT="$(pwd)" | ||
| $ bash ${D1COMMON_ROOT}/d1_common/types/scripts/genbind | ||
|
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,8 @@ | ||
| Usage | ||
| ===== | ||
|
|
||
| .. toctree:: | ||
| :maxdepth: 2 | ||
|
|
||
| type-bindings | ||
| resource-maps |
Binary file not shown.
Empty file.
This file was deleted.
Oops, something went wrong.
Empty file.
Empty file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,143 @@ | ||
| CentOS 7.3 Firewall Setup | ||
| ========================= | ||
|
|
||
|
|
||
|
|
||
| Install firewalld | ||
| ~~~~~~~~~~~~~~~~~ | ||
|
|
||
| GMN will require ports 80 and 443 to be opened. So after logging in to your server as a user with sudoer privileges, the first step is to get the firewall | ||
| setup. We begin by ensuring that the firewall management package is installed on your server and started. | ||
|
|
||
|
|
||
| **Update yum.**:: | ||
|
|
||
| $ sudo yum -y update | ||
|
|
||
|
|
||
| **Install firewalld**:: | ||
|
|
||
| $ sudo yum install firewalld | ||
| $ sudo systemctl unmask firewalld | ||
| $ sudo systemctl start firewalld | ||
|
|
||
|
|
||
|
|
||
|
|
||
| Configure Firewall with Network Interfaces | ||
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | ||
|
|
||
| Next we want to achieve the binding of network interfaces to firewalld zones. This example uses the default public zone. First we need to identify your network interfaces.:: | ||
|
|
||
| $ ifconfig -a | ||
|
|
||
|
|
||
| The interfaces described in response will look something like this:: | ||
|
|
||
| eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 | ||
| inet 138.197.100.216 netmask 255.255.240.0 broadcast 138.197.111.255 | ||
| inet6 fe80::3c64:d3ff:fe95:187b prefixlen 64 scopeid 0x20<link> | ||
| ether 3e:64:d3:95:18:7b txqueuelen 1000 (Ethernet) | ||
| RX packets 467254 bytes 268127560 (255.7 MiB) | ||
| RX errors 0 dropped 0 overruns 0 frame 0 | ||
| TX packets 335825 bytes 72203530 (68.8 MiB) | ||
| TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 | ||
|
|
||
| eth1: flags=4098<BROADCAST,MULTICAST> mtu 1500 | ||
| ether f2:ac:61:7b:73:10 txqueuelen 1000 (Ethernet) | ||
| RX packets 0 bytes 0 (0.0 B) | ||
| RX errors 0 dropped 0 overruns 0 frame 0 | ||
| TX packets 0 bytes 0 (0.0 B) | ||
| TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 | ||
|
|
||
| lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 | ||
| inet 127.0.0.1 netmask 255.0.0.0 | ||
| inet6 ::1 prefixlen 128 scopeid 0x10<host> | ||
| loop txqueuelen 1 (Local Loopback) | ||
| RX packets 81687 bytes 26998580 (25.7 MiB) | ||
| RX errors 0 dropped 0 overruns 0 frame 0 | ||
| TX packets 81687 bytes 26998580 (25.7 MiB) | ||
| TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 | ||
|
|
||
|
|
||
|
|
||
| There should be one or more network interfaces available, such as "eth0" or | ||
| "eth1". Ignore an entry such as *“LOOPBACK,RUNNING”*.The firewall management system we are using binds these network interfaces to something called a “zone”. There is the potential for multiple zones which can have different configuration options, but we aren’t going to worry about that here. We just need t he simplest configuration using the default zone. The | ||
| *public zone* will be the default. So at this point we will check whether or not the network interfaces we identified with “ifconfig -a” are bound to the public zone. We can check that with this command:: | ||
|
|
||
| $ sudo firewall-cmd --zone=public --list-all | ||
|
|
||
|
|
||
| Which return:: | ||
|
|
||
| public (active) | ||
| target: default | ||
| icmp-block-inversion: no | ||
| interfaces: | ||
| sources: | ||
| services: dhcpv6-client http https ssh | ||
| ports: 443/tcp | ||
| protocols: | ||
| masquerade: no | ||
| forward-ports: | ||
| sourceports: | ||
| icmp-blocks: | ||
| rich rules: | ||
|
|
||
|
|
||
| If the space next to the “interfaces” line contains the network interfaces, such as eth0 and eth1 in this example, then they are already bound to the public zone. However, if that line is empty, you will need to bind your network interfaces to the firewall zone as follows. | ||
|
|
||
|
|
||
|
|
||
| **Bind Network Interfaces to Zone**:: | ||
|
|
||
| $ sudo firewall-cmd --permanent --zone=public --change-interface=eth0 | ||
| $ sudo firewall-cmd --permanent --zone=public --change-interface=eth1 | ||
| $ sudo firewall-cmd --reload | ||
|
|
||
|
|
||
| Substituting the names of your interfaces in ``--change-interface=``. Now, when you enter the command:: | ||
|
|
||
| $ sudo firewall-cmd --zone=public --list-all | ||
|
|
||
| The network interfaces should be listed:: | ||
|
|
||
| public (active) | ||
| target: default | ||
| icmp-block-inversion: no | ||
| interfaces: eth0 eth1 | ||
| sources: | ||
| services: dhcpv6-client ssh | ||
| ports: | ||
| protocols: | ||
| masquerade: no | ||
| forward-ports: | ||
| sourceports: | ||
| icmp-blocks: | ||
| rich rules: | ||
|
|
||
|
|
||
| Another way to confirm that everything is as it should be is to use this command:: | ||
|
|
||
| $ firewall-cmd --get-active-zones | ||
|
|
||
|
|
||
| Which will return output similar to:: | ||
|
|
||
| public | ||
| interfaces: eth1 eth0 | ||
|
|
||
| Open HTTP & HTTPS Ports | ||
| ~~~~~~~~~~~~~~~~~~~~~~~ | ||
|
|
||
|
|
||
| Now we can specify rules for handling specific ports and services, using the below commands.:: | ||
|
|
||
| $ sudo firewall-cmd --permanent --add-service=http | ||
| $ sudo firewall-cmd --permanent --add-service=https | ||
| $ sudo firewall-cmd --permanent --add-port=80/tcp | ||
| $ sudo firewall-cmd --permanent --add-port=443/tcp | ||
| $ sudo firewall-cmd --reload | ||
|
|
||
| $ sudo systemctl enable firewalld | ||
|
|
Oops, something went wrong.