## page was renamed from ProvisioningNeu
##master-page:Unknown-Page
##master-date:Unknown-Date
#format wiki
#language en

= Provisioning Neu =

Goal: Provisioning System for free networks, based on the current FunkFeuer Graz provisioning system

Main reason for changes: assignment of public IP addresses mandates support for IPsec key management and authentication of users

== Current functionality ==
 * MySQL database with Ruby on Rails, Perl and PHP frontends
 * autogenerate DNS config from db
 * autogenerate Cisco IPsec config from db
 * autogenerate Google Map
 * autogenerate Topo Map from OLSR data and db
 * xml export - topo data
 * user selfcare provisioning
 * rudimentary admin provisioning

== Requirements ==

=== mandatory requirements ===
 * do not introduce new technology - Ruby on Rails will do
 * do not reinvent the wheel
 * document everything
 * use role-function paradigm for authorisation (neighbourhood managers, node owners, core team, ...)
 * db support for generic authentication system / trust model
   * authenticate e-mail address (automatic) - first level of authentication
   * manual f2f authentication (photo id check) - second level of authentication
 * authorisation system (anonymous users, l1 id, l2 id, admin, user groups...)
 * auditing (log photo id check, optional: IP assignments, config changes, ...)
   * timestamp
   * who
   * what
 * IP network management
   * create/modify/delete IP ranges
   * assign/revoke IP network to/from location
   * management of both public and private IPs
   * support for IPSEC key management for public IPs
   * support tinc tunnel management
   * optional: request larger network: support for renumbering
 * status report for IP network requests
 * safety net: deleted objects are flagged, not permanently deleted

=== optional requirements ===
 * support for IPv6 addresses
 * server side interface for HardwareAutoProvisioning (device management)
 * versioning of data (-> rollback functionality)
 * opt-in for autoconfiguration and automatic firmware upgrade
 * possibility for nodes to participate in software tests, new routing protocols etc. (stable, testing, unstable nodes)
 * enter user website URL to be linked from the home page
 * enter mobile phone number, opt-in to be contacted via SMS (FunkFeuer-Treffen Terminänderungen etc.)
 * management of hotspot requests, interface for sponsoring ISPs


== Data model constraints ==

 * introduce foreign keys
 * PKs must not be hardcoded: use shortnames to get PKs
 * node type: fixed, mobile, experimental, ...
 * node may have owner
 * node may have location (mandatory for fixed nodes)
 * node may have interfaces (wired, wireless, ...)
 * interfaces have properties depending on interface type (speed, output power, channel)
 * wireless interface may have cabling and antennas attached (cable type and length, antenna)
 * antenna has type (from template), polarization, azimuth, elevation, aperture, gain, ...
 * location must have owner
 * person must have verified e-mail address
 * person should have telephone number
 * person may be either real or virtual (person groups)

== Use cases ==

 * show workflow to users/admins
 * user: register as person, verify e-mail address, add location, add node, request IP net, request photo identification appointment, lookup/modify/delete entries, generate IPsec key
 * admin: pending requests (photo id, approve network assignment request, enter audit data, revoke IPsec key), override all user functions, change node owner