Le logiciel PIA est un outil distribué librement par la CNIL afin de faciliter la réalisation d’analyses d’impact sur la protection des données prévues par le RGPD. PIA-BACK est développé avec le framework RubyOnRails mettant à disposition une API RESTful à destination des outils PIA et PIA-APP.
The PIA software is a free tool published by the CNIL which aims to help data controllers build and demonstrate compliance to the GDPR. PIA-BACK is developped with RubyOnRails providing a RESTful API for the PIA and PIA-APP applications.
You can follow this runbook for a full installation of pia (back-end) and pia (front-end) applications on a ubuntu 17.10 server.
- pia (front-end) application and/or pia (stand-alone) application
- Ruby 2.6.x or 2.7.x
- Rails 6.0.x
- PostgreSQL 12.0+
- CPU : i5
- Ram: 4Go
- Disk Space : 20Go
- OS : preferably Linux but other OS works as well
Basic installation on Debian you can use the following documentation: wiki.debian.org/PostgreSql on Ubuntu you can use: help.ubuntu.com/community/PostgreSQL
Also, you need to create a new user with password.
git clone https://github.com/LINCnil/pia-back.git
cd pia-back
cp config/database.example.yml config/database.yml
Fill the fields username
and password
for each environment with the PostgreSQL username and password created in the step "PostgreSQL installation".
bundle install
cp .env-example .env
Generate the SECRET_KEY_BASE with bin/rake secret
and paste the secret key in the file.
Generate the DEVISE_SECRET_KEY with bin/rake secret
and paste the secret key in the file.
Generate the DEVISE_PEPPER with bin/rake secret
and paste the secret key in the file.
Fill MAILER_SENDER with the default address email sender
Fill DEFAULT_URL with the URL of your server
If needed, fill DEFAULT_PORT to the PORT you use
bin/rake db:create
bin/rake db:migrate
Set ENABLE_AUTHENTICATION=true
inside your .env
file
Enter the rails console with bin/rails c
Launch the command Doorkeeper::Application.create(name: "PIA", redirect_uri: "urn:ietf:wg:oauth:2.0:oob", scopes: ["read", "write"])
Find your UID and SECRET information Doorkeeper::Application.select(:uid, :secret).first
Use these credentials into your PIA application
Enter the rails console with bin/rails c
Launch the command User.create(email: 'YOUR_EMAIL', password: 'azeazeaze', password_confirmation: 'azeazeaze')
Unlock your user with the unlock_access! method
a = User.last
a.is_technical_admin = true
a.is_functional_admin = true
a.is_user = true
a.unlock_access!
-
bin/rails s
your server will be accessible with the URLlocalhost:3000
-
You can specify the option
-b
to bind to a public IP address or domain name and-p
to use a different port.For example:
bin/rails s -b 123.456.789.101 -p 8080
your server will be accessible with the URL123.456.789.101:8080
-
Then, in the pia (front-end) application, use this URL to enable the server mode.
-
Fill the field in "Tools" > "Settings"
- Fill the
production
section in thedatabase.yml
file. - Create the database:
RAILS_ENV=production bin/rake db:create
- Create the tables:
RAILS_ENV=production bin/rake db:migrate
- Run the server:
RAILS_ENV=production bin/rails s
Go to the folder pia-back : cd pia-back
Update the repository : git pull
Update the dependencies : bundle install
Update the database : RAILS_ENV=production bin/rake db:migrate
bin/rake
Pia back mailer work with rails-i18n. For update default locale, go to change this line in rails configuration:
In config/application.rb
config.i18n.default_locale = :en
- Docker set-up (Kosmas Schütz): a Docker-Compose configuration for production purpose. Everything is automated from creating containers to setting up the database.
- Installation runbook (ylachgar): runbook to install the pia tool server version on a ubuntu 17.10 server.