Portal status (experimental)

The Portal status page displays in JSON format its activity. It can provide a view of all returned codes.

Plugin configuration

  • Ordered List ItemSet portalStatus = 1 in lemonldap-ng.ini file (section [Portal])

  • Note that handler status must also been enabled

  • The URL http://portal/status must be protected by your webserver configuration

Handler Status

Presentation

When status feature is enabled, Handlers and portal will collect statistics and save them in their local cache. This means that if several Handlers are deployed, each will manage its own statistics.

Tip

This page can be browsed for example by MRTG using the MRTG monitoring script.

Statistics are collected through a daemon launched by the Handler. It can be supervised in system processes.

The statistics are displayed when calling the status path on an Handler (for example: http://reload.example.com/status).

Example of status page:

image0

Configuration

Nginx

You need to give access to status path in the Handler Nginx configuration:

server {
  listen __PORT__;
  server_name reload.__DNSDOMAIN__;
  root /var/www/html;
  ...
  location = /status {
    allow 127.0.0.1;
    deny all;
    include /etc/nginx/fastcgi_params;
    fastcgi_pass unix:__FASTCGISOCKDIR__/llng-fastcgi.sock;
    fastcgi_param LLTYPE status;
  }
}

Apache

You need to give access to status path in the Handler Apache configuration:

# Uncomment this to activate status module
<Location /status>
    Order deny,allow
    Allow from 127.0.0.0/8
    PerlHeaderParserHandler Lemonldap::NG::Handler->status
</Location>

Then restart Apache.

Tip

You should change the Allow directive to match administration IP, or use another Apache protection mean.

Portal data

By default Apache handler status process listen to localhost:64321 (UDP). You can change this using LLNGSTATUSLISTEN environment variable. If you want to collect portal data, you just have to set LLNGSTATUSHOST environment variable (see comments in our ``portal-apache2.conf``).

<Files *.fcgi>
  SetHandler fcgid-script
  # For Authorization header to be passed, please uncomment one of the following:
  # for Apache >= 2.4.13
  #CGIPassAuth On
  # for Apache < 2.4.13
  #RewriteCond %{HTTP:Authorization} ^(.*)
  #RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]
  Options +ExecCGI
  header unset Lm-Remote-User
</Files>
FcgidInitialEnv LLNGSTATUSHOST 127.0.0.1:64321

LemonLDAP::NG

Edit lemonldap-ng.ini, and activate status in the handler section:

[all]
# Set status to 1 if you want to have the report of activity (used for
# example to inform MRTG)
status = 1

Then restart webserver.

Advanced

  1. You can also open the UDP port with Nginx if you set LLNGSTATUSLISTEN environment variable (host:port)

  2. When querying status (using portal or handler status) and if UDP is used, query is given to LLNGSTATUSHOST (host:port) and response is waiting on a dynamic UDP port given in query (between 64322 and 64331). By default this dynamic UDP port is opened on loopback (``localhost`` entry in ``/etc/hosts``). To change this, set an IP address or a host using LLNGSTATUSCLIENT environment variable.