...
Die SIP2 Kommunikation sollte z.B. mit stunnel verschlüsselt werden. Evtl. kann auch überlegt werden, ob das edge-sip2 Modul nahe beim Automaten installiert wird, wenn man die Kommunikation mit den Folio APIs dafür verschlüsselt.
Konfiguration
echo '{
"module" : "edge-sip2" ,
"configName" : "acsTenantConfig" ,
"enabled" : true ,
"value" : "{\"supportedMessages\": [{\"messageName\": \"PATRON_STATUS_REQUEST\",\"isSupported\": \"N\"},{\"messageName\": \"CHECKOUT\",\"isSupported\": \"Y\"},{\"messageName\": \"CHECKIN\",\"isSupported\": \"Y\"},{\"messageName\": \"BLOCK_PATRON\",\"isSupported\": \"N\"},{\"messageName\": \"SC_ACS_STATUS\",\"isSupported\": \"Y\"},{\"messageName\": \"LOGIN\",\"isSupported\": \"Y\"},{\"messageName\": \"PATRON_INFORMATION\",\"isSupported\": \"Y\"},{\"messageName\": \"END_PATRON_SESSION\",\"isSupported\": \"Y\"},{\"messageName\": \"FEE_PAID\",\"isSupported\": \"N\"},{\"messageName\": \"ITEM_INFORMATION\",\"isSupported\": \"N\"},{\"messageName\": \"ITEM_STATUS_UPDATE\",\"isSupported\": \"N\"},{\"messageName\": \"PATRON_ENABLE\",\"isSupported\": \"N\"},{\"messageName\": \"HOLD\",\"isSupported\": \"N\"},{\"messageName\": \"RENEW\",\"isSupported\": \"N\"},{\"messageName\": \"RENEW_ALL\",\"isSupported\": \"N\"}, {\"messageName\": \"REQUEST_SC_ACS_RESEND\",\"isSupported\": \"Y\"}],\"statusUpdateOk\": false,\"offlineOk\": false,\"patronPasswordVerificationRequired\":
|
truefalse}"
}' | ./OkapiCLI.py -v -u https:
./OkapiCLI.py -v -u https:
echo '{
"module" : "edge-sip2" ,
"configName" : "selfCheckoutConfig.7c5abc9f-f3d7-4856-b8d7-6712462ca007" ,
"enabled" : true ,
"value" : "{\"timeoutPeriod\": 5,\"retriesAllowed\": 3,\"checkinOk\": true,\"checkoutOk\": true,\"acsRenewalPolicy\": false,\"libraryName\": \"Datalogisk Institut\",\"terminalLocation\": \"e0ab8c91-2a4a-433d-a3cf-1837053c89a8\"}"
}' | ./OkapiCLI.py -v -u https:
|
Modul starten auf dem Rechner
docker run -d --restart unless-stopped -p 6443 : 6443 -v /root/edge-sip2/conf:/sip2conf folioorg/edge-sip2: 1.4 . 0 -conf /sip2conf/sip2.conf
|
Oder per Docker compose (hier werden zwei verschiedene Versionen auf unterschiedlichen Ports gestartet)
version: '2'
services:
edge-sip2:
container_name: edge-sip2
image: folioorg/edge-sip2 : 2.0.1
restart: unless-stopped
ports:
- "6443:6443"
volumes:
- /root/edge-sip2/conf : /sip2conf
command: -conf /sip2conf/sip2.conf
edge-sip2-latest:
container_name: edge-sip2-latest
image: folioorg/edge-sip2
restart: unless-stopped
ports:
- "6444:6443"
volumes:
- /root/edge-sip2/conf : /sip2conf
command: -conf /sip2conf/sip2.conf
|
Die Konfiguration sieht so aus:
root @foliotest - 20 :~/edge-sip2# cat conf/sip2.conf
{
"port" : 6443 ,
"okapiUrl" : "http://192.168.128.19:9130" ,
"tenantConfigRetrieverOptions" : {
"scanPeriod" : 300000 ,
"stores" : [{
"type" : "file" ,
"format" : "json" ,
"config" : {
"path" : "/sip2conf/sip2-tenants.conf"
},
"optional" : false
}]
}
}
root @foliotest - 20 :~/edge-sip2# cat conf/sip2-tenants.conf
{
"scTenants" : [
{
"scSubnet" : "131.188.00.00/16" ,
"tenant" : "bvb" ,
"errorDetectionEnabled" : true ,
"charset" : "ISO-8859-1"
}
]
}
|
Hier ist wichtig, dass die Okapi URl angepasst ist.
...
Installation per helm chart. z.B.:
helm -n folio-test install sip2 edge/ -f global-values.yml -f edge/valuesd/kiwi-h1-edge-sip2.yaml
|
Wichtig: anpassen der modul-values file unter edge/valuesd, zumindest den tenant!
Manuelle settings über okapicli:
TENANT_ID=<hier tenantid eintragen>
ADMIN_PASSWORD=<admin password in der entsprechenden configmap/secret nachschaun>
OKAPI_CLI_RAW= "./OkapiCLI.py -v --url http://okapi:9130 --username admin --password $ADMIN_PASSWORD -t $TENANT_ID -i raw -r"
$OKAPI_CLI_RAW "/configurations/entries" -m post << EOF
{
"module" : "edge-sip2" ,
"configName" : "acsTenantConfig" ,
"enabled" : true ,
"value" : "{\"supportedMessages\": [{\"messageName\": \"PATRON_STATUS_REQUEST\",\"isSupported\": \"N\"},{\"messageName\": \"CHECKOUT\",\"isSupported\": \"Y\"},{\"messageName\": \"CHECKIN\",\"isSupported\": \"Y\"},{\"messageName\": \"BLOCK_PATRON\",\"isSupported\": \"N\"},{\"messageName\": \"SC_ACS_STATUS\",\"isSupported\": \"Y\"},{\"messageName\": \"LOGIN\",\"isSupported\": \"Y\"},{\"messageName\": \"PATRON_INFORMATION\",\"isSupported\": \"Y\"},{\"messageName\": \"END_PATRON_SESSION\",\"isSupported\": \"Y\"},{\"messageName\": \"FEE_PAID\",\"isSupported\": \"N\"},{\"messageName\": \"ITEM_INFORMATION\",\"isSupported\": \"N\"},{\"messageName\": \"ITEM_STATUS_UPDATE\",\"isSupported\": \"N\"},{\"messageName\": \"PATRON_ENABLE\",\"isSupported\": \"N\"},{\"messageName\": \"HOLD\",\"isSupported\": \"N\"},{\"messageName\": \"RENEW\",\"isSupported\": \"N\"},{\"messageName\": \"RENEW_ALL\",\"isSupported\": \"N\"}, {\"messageName\": \"REQUEST_SC_ACS_RESEND\",\"isSupported\": \"Y\"}],\"statusUpdateOk\": false,\"offlineOk\": false,\"patronPasswordVerificationRequired\": true}"
}
EOF
$OKAPI_CLI_RAW "/service-points"
$OKAPI_CLI_RAW "/configurations/entries" -m post << EOF
{
"module" : "edge-sip2" ,
"configName" : "selfCheckoutConfig.7c5abc9f-f3d7-4856-b8d7-6712462ca007" ,
"enabled" : true ,
"value" : "{\"timeoutPeriod\": 5,\"retriesAllowed\": 3,\"checkinOk\": true,\"checkoutOk\": true,\"acsRenewalPolicy\": false,\"libraryName\": \"Datalogisk Institut\",\"terminalLocation\": \"e0ab8c91-2a4a-433d-a3cf-1837053c89a8\"}"
}
EOF
|
ingress-nginx tcp ingress per config anpassen, siehe Ingress ohne Http, firewall Einstellungen nicht vergessen!
...