Environment setup

In order to let Chronos work correctly you'll need to modify some variables in the app.py file located in the main directory of your Python Virtual Environment.

Setting up Chronos

Navigate to Chronos installation directory

cd /mnt/chronos

Open the configuration file by giving the following command.

nano chronosconf.py

After you opened the file you'll see some code like this:

#Chronos configuration file

#Need help? See docs.poleis.cloud



appConf = {

"OAUTH2_CLIENT_ID": "chronos",

"OAUTH2_CLIENT_SECRET": "mysecret",

"OAUTH2_ISSUER": "https://id.poleis.cloud/realms/poleis",

"FLASK_SECRET": "a_long_and_secret_string",

}



BoAuth = {

"allowed_subs": [

"11111111-3333-aaaa-5555-777777777777",

"22222222-4444-aaaa-6666-333333333333"

]

}



KIOSKtotem = {

"allowed_totem": [

"11111111111111111111111111111111111",

]

}

1. Filling the appConf section

See the table below that contains useful information on how to fill the first section of the chronosconf.py file.

Value	Sample data	What is it
OAUTH2_CLIENT_ID	chronos	The Client ID generated by your Identity and Access Management software, such as Keycloak
OAUTH2_CLIENT_SECRET	asdfghjkk10293845867	The Client Secret, also generated by your Identity and Access Management software
OAUTH2_ISSUER	https://id.poleis.cloud/realms/poleis	The public URL for your Identity and Access Management software
FLASK_SECRET	knajUSBnbsaj8283Nskabnd	A long string used for securing your Chronos installation (A-Z,a-z,0-9 characters only)

2. Configuring the Back Office Authentication (BoAuth)

We presume that you've already configured:

• The Identity Server;
• The appConf section;
• Obtained the user 'sub' unique value as specified in this guide.

Everything you'll have to do is paste the desired users ID/sub in the list.

Let's say my user John Doe sub is IAM-JOHNDOE-ANDTHIS-ISMYSUB-13004

I'll have to adapt the BoAuth section as follows

BoAuth = {

"allowed_subs": [

"IAM-JOHNDOE-ANDTHIS-ISMYSUB-13004"
]

}

John Doe can now access the BackOffice at chronos-url.tld/visualizza

3. Configure KIOSK

On your Keycloak instance (or equivalent IAM) create a dedicated user just for the KIOSK totem. Copy the user sub as specified in this guide and paste it in the KIOSK totem list.

Let's say my user TOTEM AffariGenerali sub is IAM-TOTEMUSER-ANDTHIS-ISMYSUB-028432

KIOSKtotem = {

"allowed_totem": [

"IAM-TOTEMUSER-ANDTHIS-ISMYSUB-028432`",

]

}

The KIOSK can now access your Chronos instance.

3.1 Configure the EndUser client

If you are using Chronos (kiosk version) you'll need to configure EndUser client as specified in the guide provided to you by the Poleis team.

Do you need an updated copy of the guide? Send us an email.

Finished!😁

You completed Aulabook file configuration. Save by giving 'Control + X' and confirm with Y.