Spushnik

NOTE: This feature has been introduced into the version 2.5.0

Sometimes, you will need to check the status of an Opush server without connecting a phone;
then, Spushnik is here for you.

Spushnik is a Java webapp probe able to check the status of an Opush server instance.
It may be installed anywhere, you only have to be able to access to the Opush service.
The only prerequise is to have a user account on OBM.

NOTE: Comming with Opush release 3.0.0 or higher, the Spushnik port has changed

If you upgrade Spushnik using the Opush release 3.0.0 or higher repository, you will need to change the port in the Healthcheck configuration file (/etc/obm/healthcheck.ini). It's now a standalone server with it's own port: 8083.

Installation

Debian Squeeze

Modify your /etc/apt/sources.list by adding "contrib" and "non-free".
Example could be found on Installing OBM On Debian Squeeze page

Modify your /etc/apt/sources.list by adding "release" OBM repository:

deb http://deb.obm.org/opush/stable opush opush

And finally

wget -q  http://deb.obm.org/obmgpg.pub -O - | apt-key  add -
aptitude update
aptitude install spushnik

CentOS 6

First, you must install OpenJDK to have the java alternatives preconfigured properly for jre and java_sdk.
Example could be found on Installing OBM 2.4.1 on CentOS 6 page

You have to create a yum repo file containing "release" OBM repository:

[obm-contrib]
name=obm-contrib
baseurl=http://rpm.obm.org/25/release/contrib/$releasever
enabled=1
gpgcheck=0

[obm-next]
name=obm-next
baseurl=http://rpm.obm.org/25/release/latest/$releasever
enabled=1
gpgcheck=0

And finally

yum install spushnik

Usage

On a linux client computer, type the following command:

curl http://Spushnik_IP:Spushnik_port/spushnik/foldersync?serviceUrl=https://Opush_IP/Microsoft-Server-ActiveSync -v -H "Accept: application/json" -H "Content-type: application/json" -X POST -d 'input_JSON'

Where:

  • Spushnik_IP is the IP of the server where spushnik is running
  • Spushnik_port is the port of the web server (Jetty on default installation) where spushnik is running (8082 with OBM 2.5, 8083 with OBM 3.0+)
  • Opush_IP is the IP of the server where spushnik is running
  • input_JSON is the input JSON

Input JSON

{
  "loginAtDomain":"loginAtDomain_value",
  "password":"password_value",
  "pkcs12Password":"pkcs12_password",
  "pkcs12":"'`base64 pkcs12_file -w0`'"
}

Where:

  • loginAtDomain_value mandatory: is the login of an existing user of the Opush target (ex.: user@opush.com)
  • password_value mandatory: is the password corresponding to the Opush user
  • pkcs12_password optional: is the password of the PKCS#12, replace https with http when not given
  • pkcs12_file optional: is the full path to the PKCS#12 bundle encoded in base64 (ex.: /tmp/user.p12)

PKCS#12

Some phones support client certificate authentication, this is possible with Opush by configuring the reverse proxy.
In order to run Spushnik with certificate behaviour, you have to generate the PKCS#12 file.
This can be done with openssl on the Opush frontend server:

openssl genrsa -out user.key 2048
openssl req -new -key user.key -out user.csr
openssl ca -config /var/lib/obm-ca/ca.cnf -in user.csr -out user.pem -cert /var/lib/obm-ca/cacert.pem -keyfile /var/lib/obm-ca/private/cakey.pem -days 365
openssl pkcs12 -export -inkey user.key -in user.pem -out user.p12 -name "usera"

And then copy the user.p12 file to your client computer.

Output JSON

On success, the service will return a JSON like this:

{"status":0,"messages":[]}

On error during folder sync scenario, for example on IMAP server not started, the JSON will look like this:

{"status":2,"messages":["HTTP error: 500"]}

On error accessing to Spushnik, the result may look like:

curl: (7) couldn't connect to host

Status value map:

  • 0: success
  • 1: warning
  • 2: error

Healthcheck

A Opush folder sync scenario is executed by healthcheck invoking spushnik. To make it work, you must add this block in /etc/obm/healthcheck.ini

[spushnik]
spushnikIp=Spushnik_IP
spushnikPort=Spushnik_port

Where:

  • Spushnik_IP is the IP of the server where spushnik is running
  • Spushnik_port is the port of the web server (Jetty on default installation) where spushnik is running (8082 with OBM 2.5, 8083 with OBM 3.0+)

Under the hood

Spushnik implements a folder sync scenario, which acccess all backends and so all dependencies needed by Opush.
With such a scenario, Spushnik give us the state of health of Opush and components it depends on.