iNethi
diff --git a/‎README.md‎
Lines changed: 4 additions & 9 deletions b/‎README.md‎
Lines changed: 4 additions & 9 deletions
diff --git a/‎docker-compose-dev.yml‎
Lines changed: 4 additions & 1 deletion b/‎docker-compose-dev.yml‎
Lines changed: 4 additions & 1 deletion
diff --git a/‎docker-compose-prod.yml‎
Lines changed: 12 additions & 12 deletions b/‎docker-compose-prod.yml‎
Lines changed: 12 additions & 12 deletions
diff --git a/‎docs/README.md‎
Lines changed: 13 additions & 0 deletions b/‎docs/README.md‎
Lines changed: 13 additions & 0 deletions
diff --git a/‎docs/examples/sample_radiusdesk_config.json‎
Lines changed: 148 additions & 0 deletions b/‎docs/examples/sample_radiusdesk_config.json‎
Lines changed: 148 additions & 0 deletions
diff --git a/‎docs/examples/smart_contracts.json‎
Lines changed: 20 additions & 0 deletions b/‎docs/examples/smart_contracts.json‎
Lines changed: 20 additions & 0 deletions
diff --git a/‎docs/examples/users.json‎
Lines changed: 12 additions & 0 deletions b/‎docs/examples/users.json‎
Lines changed: 12 additions & 0 deletions
diff --git a/‎docs/keycloak/README.md‎
Lines changed: 63 additions & 0 deletions b/‎docs/keycloak/README.md‎
Lines changed: 63 additions & 0 deletions
diff --git a/‎inethi/api_key/migrations/0001_initial.py‎
Lines changed: 3 additions & 3 deletions b/‎inethi/api_key/migrations/0001_initial.py‎
Lines changed: 3 additions & 3 deletions
@@ -4,6 +4,10 @@ The backend for the bespoke iNethi system.
 
 ## Commands
 
+### Prerequisites
+
+Read the [docs](./docs/README.md) for details of the set up and requirements.
+
 ### Running the Code
 
 Look at [.env.example](.env.example) and create a `.env` file with all the variables listed in this file. See
@@ -55,12 +59,3 @@ print(f"Your encryption key: {encryption_key.decode()}")
 from django.core.management.utils import get_random_secret_key
 print(get_random_secret_key())
 ```
-
-## Contributing
-
-Pull requests and issues are welcome! Please open an issue to discuss major changes or new features.
-
-## License
-
-> [!WARNING]
-> Closed-source commercial usage of this code is not permitted with the GPL-3.0. If that license is not compatible with your use case, please contact [email protected] for queries.
@@ -13,7 +13,9 @@ services:
     volumes:
       - ./inethi:/inethi
     command: >
-      sh -c "python manage.py wait_for_db &&
+      sh -c "sleep 10 &&
+              python manage.py wait_for_db &&
+              python manage.py makemigrations &&
               python manage.py migrate &&
               python manage.py runserver 0.0.0.0:8000"
     environment:
@@ -37,6 +39,7 @@ services:
       - POSTGRES_DB=${DB_NAME:-devdb}
       - POSTGRES_USER=${DB_USER:-devuser}
       - POSTGRES_PASSWORD=${DB_PASS:-devpass}
+    command: postgres -c shared_preload_libraries=timescaledb
 
   keycloak:
     image: quay.io/keycloak/keycloak:25.0.6
 
@@ -1,6 +1,6 @@
 services:
   app:
-    container_name: inethi-backend
+    container_name: inethi-backend-v1
     restart: unless-stopped
     env_file:
       - ./.env
@@ -25,29 +25,30 @@ services:
       - db
     labels:
       - "traefik.enable=true"
-      - "traefik.http.routers.backend.rule=Host(`backend.inethicloud.net`)"
-      - "traefik.http.routers.backend.entrypoints=websecure"
+      - "traefik.http.routers.backend.rule=Host(`${TRAEFIK_BACKEND_HOST:-backend.inethicloud.net}`)"
+      - "traefik.http.routers.backend.entrypoints=${TRAEFIK_ENTRYPOINTS:-websecure}"
       - "traefik.http.services.backend.loadbalancer.server.port=8000"
+      - "traefik.http.routers.backend.tls.certresolver=${TRAEFIK_CERTRESOLVER:-letsencrypt}"
 
   db:
     image: timescale/timescaledb:latest-pg17
     restart: unless-stopped
-    container_name: inethi-backend-db-timescale
+    container_name: inethi-backend-db-timescale-v1
     env_file:
       - ./.env
     volumes:
-      - prod-db-data-timescale:/var/lib/postgresql/data
+      - prod-db-data-timescale-v1:/var/lib/postgresql/data
     environment:
       - POSTGRES_DB=${DB_NAME:-devdb}
       - POSTGRES_USER=${DB_USER:-devuser}
       - POSTGRES_PASSWORD=${DB_PASS:-devpass}
     labels:
       - "traefik.enable=true"
-      - "traefik.http.routers.backenddb.entrypoints=websecure"
+      - "traefik.http.routers.backenddbv1.entrypoints=${TRAEFIK_ENTRYPOINTS:-websecure}"
 
   redis:
     image: redis:alpine
-    container_name: inethi-backend-celery-redis
+    container_name: inethi-backend-celery-redis-v1
 
   celery:
     build:
@@ -61,7 +62,7 @@ services:
     environment:
       - CELERY_BROKER=redis://redis:6379/0
       - CELERY_BACKEND=redis://redis:6379/0
-    container_name: inethi-backend-celery
+    container_name: inethi-backend-celery-v1
     depends_on:
       - redis
       - db
@@ -76,16 +77,15 @@ services:
     environment:
       - CELERY_BROKER=redis://redis:6379/0
       - CELERY_BACKEND=redis://redis:6379/0
-    container_name: inethi-backend-celery-beat
+    container_name: inethi-backend-celery-beat-v1
     depends_on:
       - redis
       - db
 
-
 networks:
   default:
     external:
-      name: "inethi-bridge-traefik"
+      name: "${TRAEFIK_NETWORK_BRIDGE:-inethi-bridge-traefik}"
 
 volumes:
-  prod-db-data-timescale:
+  prod-db-data-timescale-v1:
@@ -0,0 +1,13 @@
+# Setting Up The System
+
+1. Populate a `.env` file.
+2. If you don't have keycloak and radiusdesk you need to set these up. The details for Keycloak can be found [here](./keycloak/README.md).
+3. Run the compose file of your choosing then run `docker exec inethi-backend python manage.py create_superuser`.
+4. Create json files and place them in the [inethi dir](../inethi/) for your NETWORK admin user(s), RADIUSDesk instance(s) and smart contract(s) commands, see the [users example](./examples/users.json), [RADIUSDesk example](./examples/sample_radiusdesk_config.json) and the contracts [example](./examples/smart_contracts.json) then run the following:
+
+```
+docker exec -it inethi-backend sh
+python manage.py create_users_from_json user.json
+python manage.py create_smart_contracts_from_json smart_contracts.json
+python manage.py create_radiusdesk_from_json sample_radiusdesk_config.json
+```
@@ -0,0 +1,148 @@
+[
+  {
+    "name": "Main RADIUSdesk Instance",
+    "base_url": "https://radiusdesk.example.com",
+    "username": "admin",
+    "password": "admin_password",
+    "accepts_crypto": true,
+    "administrators": ["devuser", "network_admin"],
+    "clouds": [
+      {
+        "name": "Main Cloud",
+        "radius_desk_id": 1,
+        "realms": [
+          {
+            "name": "Default Realm",
+            "radius_desk_id": 1,
+            "profiles": [
+              {
+                "name": "Basic Plan",
+                "radius_desk_id": 1,
+                "data_limit_enabled": true,
+                "data_limit_gb": 5.0,
+                "data_limit_reset": "monthly",
+                "speed_limit_enabled": true,
+                "speed_limit_mbs": 10.0,
+                "limit_session_enabled": false,
+                "session_limit": 0,
+                "cost": 0.0
+              },
+              {
+                "name": "Premium Plan",
+                "radius_desk_id": 2,
+                "data_limit_enabled": true,
+                "data_limit_gb": 20.0,
+                "data_limit_reset": "monthly",
+                "speed_limit_enabled": true,
+                "speed_limit_mbs": 50.0,
+                "limit_session_enabled": false,
+                "session_limit": 0,
+                "cost": 10.0
+              },
+              {
+                "name": "Unlimited Plan",
+                "radius_desk_id": 3,
+                "data_limit_enabled": false,
+                "data_limit_gb": 0,
+                "data_limit_reset": "never",
+                "speed_limit_enabled": true,
+                "speed_limit_mbs": 100.0,
+                "limit_session_enabled": true,
+                "session_limit": 1,
+                "cost": 25.0
+              }
+            ]
+          },
+          {
+            "name": "Guest Realm",
+            "radius_desk_id": 2,
+            "profiles": [
+              {
+                "name": "Guest Access",
+                "radius_desk_id": 4,
+                "data_limit_enabled": true,
+                "data_limit_gb": 1.0,
+                "data_limit_reset": "daily",
+                "speed_limit_enabled": true,
+                "speed_limit_mbs": 5.0,
+                "limit_session_enabled": true,
+                "session_limit": 2,
+                "cost": 0.0
+              }
+            ]
+          }
+        ]
+      },
+      {
+        "name": "Secondary Cloud",
+        "radius_desk_id": 2,
+        "realms": [
+          {
+            "name": "Business Realm",
+            "radius_desk_id": 3,
+            "profiles": [
+              {
+                "name": "Business Basic",
+                "radius_desk_id": 5,
+                "data_limit_enabled": true,
+                "data_limit_gb": 50.0,
+                "data_limit_reset": "monthly",
+                "speed_limit_enabled": true,
+                "speed_limit_mbs": 25.0,
+                "limit_session_enabled": false,
+                "session_limit": 0,
+                "cost": 15.0
+              },
+              {
+                "name": "Business Pro",
+                "radius_desk_id": 6,
+                "data_limit_enabled": true,
+                "data_limit_gb": 100.0,
+                "data_limit_reset": "monthly",
+                "speed_limit_enabled": true,
+                "speed_limit_mbs": 100.0,
+                "limit_session_enabled": true,
+                "session_limit": 5,
+                "cost": 35.0
+              }
+            ]
+          }
+        ]
+      }
+    ]
+  },
+  {
+    "name": "Test RADIUSdesk Instance",
+    "base_url": "https://test-radiusdesk.example.com",
+    "username": "test_admin",
+    "password": "test_password",
+    "accepts_crypto": false,
+    "administrators": ["devuser"],
+    "clouds": [
+      {
+        "name": "Test Cloud",
+        "radius_desk_id": 1,
+        "realms": [
+          {
+            "name": "Test Realm",
+            "radius_desk_id": 1,
+            "profiles": [
+              {
+                "name": "Test Profile",
+                "radius_desk_id": 1,
+                "data_limit_enabled": false,
+                "data_limit_gb": 0,
+                "data_limit_reset": "never",
+                "speed_limit_enabled": false,
+                "speed_limit_mbs": 0,
+                "limit_session_enabled": false,
+                "session_limit": 0,
+                "cost": 0.0
+              }
+            ]
+          }
+        ]
+      }
+    ]
+  }
+]
@@ -0,0 +1,20 @@
+[
+  {
+    "name": "iNethi Registry",
+    "address": "0x9b1a3F8FadD0dc86FBae5Cf66Fa682fDcd84a9b0",
+    "contract_type": "account index",
+    "description": "iNethi account registry for celo eth faucet",
+    "write_access": false,
+    "read_access": false,
+    "user_name": "inethiofficial"
+  },
+  {
+    "name": "iNethi Faucet",
+    "address": "0xB821E49ADB53F0AbeD834278d5dFc57901c30Eea",
+    "contract_type": "eth faucet",
+    "description": "iNethi faucet for celo",
+    "write_access": false,
+    "read_access": false,
+    "user_name": "inethiofficial"
+  }
+]
@@ -0,0 +1,12 @@
+[
+  {
+    "username": "network_admin_1",
+    "password": "password1",
+    "email": "[email protected]"
+  },
+  {
+    "username": "network_admin_2",
+    "password": "password2",
+    "email": "[email protected]"
+  }
+]
@@ -0,0 +1,63 @@
+# Keycloak Integration with iNethi Backend
+
+## Set Up
+
+To get auth working for the UI and App you need to set up your keycloak instance. Navigate to your keycloak URL. If you use the dev compose file then navigate to [http://localhost:8080/](http://localhost:8080/).
+
+### Configuration
+
+These steps will use the following env variables. Repalce them with your own where neccessary:
+
+```
+KEYCLOAK_MASTER_ADMIN="devuser"
+KEYCLOAK_MASTER_ADMIN_PASSWORD="devpass"
+KEYCLOAK_ADMIN="inethi"
+KEYCLOAK_ADMIN_PASSWORD="iNethi2023#"
+KEYCLOAK_URL="http://192.168.0.1:8080"
+KEYCLOAK_REALM="inethi-services"
+KEYCLOAK_BACKEND_CLIENT_ID="inethi-backend-client"
+KEYCLOAK_CLIENT_SECRET="oq3BKpcKtiVyNXatzaelqW2QV2zji7YG"
+```
+
+These will be used in the [settings.py file](../../inethi/inethi/settings.py) to generate the `KEYCLOAK_OPENID`:
+
+```
+KEYCLOAK_OPENID = KeycloakOpenID(
+    server_url=env("KEYCLOAK_URL"),
+    client_id=env("KEYCLOAK_BACKEND_CLIENT_ID"),
+    realm_name=env("KEYCLOAK_REALM"),
+    client_secret_key=env("KEYCLOAK_CLIENT_SECRET"),
+)
+```
+
+1. Create a new realm called `inethi-services`.
+
+2. Ensure you are in this realm and then create a user with the username of `inethi` and password of `iNethi2023#`. Ensure email verification is set to on.
+
+3. Navigate to `Role mapping` and assign the inethi user these roles:
+
+- `realm-management` create-client
+- `realm-management` manage-clients
+- `realm-management` view-clients
+- `realm-management` manage-users
+
+4. Navigate to clients and create a client with the following details:
+
+- Type: `OpenID Connect`
+- Client ID: `inethi-backend-client`
+- Name: `inethi-backend-client`
+- Client authentication: `on`
+- Authorization: `on`
+- AUthentication flow: `standard flow, direct access grants, service account roles`
+- Home URL: (enter your backend's URL): `http://localhost:8000`
+- Valid redirect URIs: `http://localhost:8000/*`
+- Valid post logout redirect URIs: `+`
+- Web origins: `+`
+
+5. Navigate to Credentials on the client and copy the `Client Secret` into your `.env` file and replace the default value for `KEYCLOAK_CLIENT_SECRET`. Then restart your backend docker containers:
+
+```
+docker compose -f docker-compose-dev.yml down
+docker compose -f docker-compose-dev.yml build
+docker compose -f docker-compose-dev.yml up -d
+```
@@ -1,4 +1,4 @@
-# Generated by Django 5.1 on 2025-02-03 09:30
+# Generated by Django 5.1 on 2025-08-08 14:01
 
 import django.db.models.deletion
 from django.conf import settings
@@ -18,9 +18,9 @@ class Migration(migrations.Migration):
             name='APIKey',
             fields=[
                 ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
-                ('key', models.CharField(db_index=True, max_length=255, unique=True)),
-                ('created_at', models.DateTimeField(auto_now_add=True)),
+                ('key', models.CharField(blank=True, max_length=255, unique=True)),
                 ('is_active', models.BooleanField(default=True)),
+                ('created_at', models.DateTimeField(auto_now_add=True)),
                 ('user', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='api_keys', to=settings.AUTH_USER_MODEL)),
             ],
         ),