...
Die SIP2 Kommunikation sollte z.B. mit stunnel verschlüsselt werden. Evtl. kann auch überlegt werden, ob das edge-sip2 Modul nahe beim Automaten installiert wird, wenn man die Kommunikation mit den Folio APIs dafür verschlüsselt.
Konfiguration
echo '{
"module": "edge-sip2",
"configName": "acsTenantConfig",
"enabled": true,
"value": "{\"supportedMessages\": [{\"messageName\": \"PATRON_STATUS_REQUEST\",\"isSupported\": \"N\"},{\"messageName\": \"CHECKOUT\",\"isSupported\": \"Y\"},{\"messageName\": \"CHECKIN\",\"isSupported\": \"Y\"},{\"messageName\": \"BLOCK_PATRON\",\"isSupported\": \"N\"},{\"messageName\": \"SC_ACS_STATUS\",\"isSupported\": \"Y\"},{\"messageName\": \"LOGIN\",\"isSupported\": \"Y\"},{\"messageName\": \"PATRON_INFORMATION\",\"isSupported\": \"Y\"},{\"messageName\": \"END_PATRON_SESSION\",\"isSupported\": \"Y\"},{\"messageName\": \"FEE_PAID\",\"isSupported\": \"N\"},{\"messageName\": \"ITEM_INFORMATION\",\"isSupported\": \"N\"},{\"messageName\": \"ITEM_STATUS_UPDATE\",\"isSupported\": \"N\"},{\"messageName\": \"PATRON_ENABLE\",\"isSupported\": \"N\"},{\"messageName\": \"HOLD\",\"isSupported\": \"N\"},{\"messageName\": \"RENEW\",\"isSupported\": \"N\"},{\"messageName\": \"RENEW_ALL\",\"isSupported\": \"N\"}, {\"messageName\": \"REQUEST_SC_ACS_RESEND\",\"isSupported\": \"Y\"}],\"statusUpdateOk\": false,\"offlineOk\": false,\"patronPasswordVerificationRequired\":
|
truefalse}"
}' | ./OkapiCLI.py -v -u https:
./OkapiCLI.py -v -u https:
echo '{
"module": "edge-sip2",
"configName": "selfCheckoutConfig.7c5abc9f-f3d7-4856-b8d7-6712462ca007",
"enabled": true,
"value": "{\"timeoutPeriod\": 5,\"retriesAllowed\": 3,\"checkinOk\": true,\"checkoutOk\": true,\"acsRenewalPolicy\": false,\"libraryName\": \"Datalogisk Institut\",\"terminalLocation\": \"e0ab8c91-2a4a-433d-a3cf-1837053c89a8\"}"
}' | ./OkapiCLI.py -v -u https:
|
Modul starten auf dem Rechner
docker run -d --restart unless-stopped -p 6443:6443 -v /root/edge-sip2/conf:/sip2conf folioorg/edge-sip2:1.4.0 -conf /sip2conf/sip2.conf
|
Oder per Docker compose (hier werden zwei verschiedene Versionen auf unterschiedlichen Ports gestartet)
version: '2'
services:
edge-sip2:
container_name: edge-sip2
image: folioorg/edge-sip2:2.0.1
restart: unless-stopped
ports:
- "6443:6443"
volumes:
- /root/edge-sip2/conf:/sip2conf
command: -conf /sip2conf/sip2.conf
edge-sip2-latest:
container_name: edge-sip2-latest
image: folioorg/edge-sip2
restart: unless-stopped
ports:
- "6444:6443"
volumes:
- /root/edge-sip2/conf:/sip2conf
command: -conf /sip2conf/sip2.conf
|
Die Konfiguration sieht so aus:
root@foliotest-20:~/edge-sip2# cat conf/sip2.conf
{
"port": 6443,
"okapiUrl": "http://192.168.128.19:9130",
"tenantConfigRetrieverOptions": {
"scanPeriod": 300000,
"stores": [{
"type": "file",
"format": "json",
"config": {
"path": "/sip2conf/sip2-tenants.conf"
},
"optional": false
}]
}
}
root@foliotest-20:~/edge-sip2# cat conf/sip2-tenants.conf
{
"scTenants": [
{
"scSubnet": "131.188.00.00/16",
"tenant": "bvb",
"errorDetectionEnabled": true,
"charset": "ISO-8859-1"
}
]
}
|
Hier ist wichtig, dass die Okapi URl angepasst ist.
...
Installation per helm chart. z.B.:
helm -n folio-test install sip2 edge/ -f global-values.yml -f edge/valuesd/kiwi-h1-edge-sip2.yaml
|
Wichtig: anpassen der modul-values file unter edge/valuesd, zumindest den tenant!
Manuelle settings über okapicli:
TENANT_ID=<hier tenantid eintragen>
ADMIN_PASSWORD=<admin password in der entsprechenden configmap/secret nachschaun>
OKAPI_CLI_RAW="./OkapiCLI.py -v --url http://okapi:9130 --username admin --password $ADMIN_PASSWORD -t $TENANT_ID -i raw -r"
$OKAPI_CLI_RAW "/configurations/entries" -m post << EOF
{
"module": "edge-sip2",
"configName": "acsTenantConfig",
"enabled": true,
"value": "{\"supportedMessages\": [{\"messageName\": \"PATRON_STATUS_REQUEST\",\"isSupported\": \"N\"},{\"messageName\": \"CHECKOUT\",\"isSupported\": \"Y\"},{\"messageName\": \"CHECKIN\",\"isSupported\": \"Y\"},{\"messageName\": \"BLOCK_PATRON\",\"isSupported\": \"N\"},{\"messageName\": \"SC_ACS_STATUS\",\"isSupported\": \"Y\"},{\"messageName\": \"LOGIN\",\"isSupported\": \"Y\"},{\"messageName\": \"PATRON_INFORMATION\",\"isSupported\": \"Y\"},{\"messageName\": \"END_PATRON_SESSION\",\"isSupported\": \"Y\"},{\"messageName\": \"FEE_PAID\",\"isSupported\": \"N\"},{\"messageName\": \"ITEM_INFORMATION\",\"isSupported\": \"N\"},{\"messageName\": \"ITEM_STATUS_UPDATE\",\"isSupported\": \"N\"},{\"messageName\": \"PATRON_ENABLE\",\"isSupported\": \"N\"},{\"messageName\": \"HOLD\",\"isSupported\": \"N\"},{\"messageName\": \"RENEW\",\"isSupported\": \"N\"},{\"messageName\": \"RENEW_ALL\",\"isSupported\": \"N\"}, {\"messageName\": \"REQUEST_SC_ACS_RESEND\",\"isSupported\": \"Y\"}],\"statusUpdateOk\": false,\"offlineOk\": false,\"patronPasswordVerificationRequired\": true}"
}
EOF
$OKAPI_CLI_RAW "/service-points"
$OKAPI_CLI_RAW "/configurations/entries" -m post << EOF
{
"module": "edge-sip2",
"configName": "selfCheckoutConfig.7c5abc9f-f3d7-4856-b8d7-6712462ca007",
"enabled": true,
"value": "{\"timeoutPeriod\": 5,\"retriesAllowed\": 3,\"checkinOk\": true,\"checkoutOk\": true,\"acsRenewalPolicy\": false,\"libraryName\": \"Datalogisk Institut\",\"terminalLocation\": \"e0ab8c91-2a4a-433d-a3cf-1837053c89a8\"}"
}
EOF
|
ingress-nginx tcp ingress per config anpassen, siehe Ingress ohne Http, firewall Einstellungen nicht vergessen!
...