github usnistgov/NEMO 1.1.0
on GitHub

latest releases: 7.2.5, 7.2.4, 7.2.3...
7 years ago

New features

  • Added "scheduled outages" for tools. Users who are designated as "staff" in NEMO can now create scheduled outages for a tool from the calendar page. A scheduled outage prevents users from using a tool during the outage period. It does not interrupt use if a tool is already enabled. Staff are still able to enable a tool during a scheduled outage (in order to perform maintenance or other tasks).
  • Added a "safe user deactivation" page. This ensures that there are no billable charges in progress nor in the future (i.e. tool usage, staff charges, reservations, and area access). This can be found in the /users/<id>/ page.

Authentication & security improvements:

  • Added support for Nginx kerberos module.
  • Fixed a bug where permissions were not properly applied when using LDAP authentication. Thanks to Princeton University's David Barth (@dsbarth) and Daniel McNesby (@przcomp) for finding and diagnosing the bug.
  • Added more robust error checking for invalid username/passwords in LDAP authentication.
  • LDAP authentication now requires TLS version 1.2 between the web server and authentication server.

Stability fixes:

  • Pinned all dependency versions (in setup.py) so code doesn't break over time.

Setup and provisioning of NEMO:

  • Added two new commands to the "nemo" provisioning utility (binary program) that is created with setup.py:
    • nemo query_public_key gets the public key of an IP address and port. If the DNS name resolves to multiple IP addresses (e.g. round-robin DNS load balancing), the query is performed for each IP address. This assists with downloading public keys for LDAP authentication setup.
    • nemo test_ldap_authentication tests LDAP authentication, the same way it is performed in NEMO's code.

Usability improvements

  • Added a "getting started" message to the landing page. When there are no choices on the landing page, a message is displayed for the system administrator to tell them how to configure and customize NEMO. This will help new system administrators get started with configuring NEMO.
  • Landing page choices can now be hidden from normal users, but visible to staff/super-users/technicians. Fixed a column spacing bug on the landing page.
  • Added visual highlights and tool ownership information to the maintenance page. If you are a tool owner, the problems that you "own" on the maintenance page are highlighted in red. If you are a backup tool owner, those problems are highlighted in yellow.

Roadmap and future imporvements

For the next release of NEMO, we plan to implement scheduled resource outages and improved tool-downtime data analytics. This will also coincide with improvements to the NEMO API, to get that data out.

It has also become clear that there are two major challenges with setting up a new instance of NEMO:

  1. Authentication is always difficult to integrate with - whether it's LDAP, Kerberos, or some other type. There will likely be some improvements to this area coming soon.
  2. Bootstrapping NEMO is also difficult. Organizations that are trying out NEMO for the first time often want to download and run it in a test environment to try it out. It seems pretty clear that there needs to be a simple way to run a test version of NEMO, with no external configuration required. Perhaps creating a separate test/evaluation Docker image would be the best way to go, and we'll be exploring this possibility.
Check out latest releases or
releases around usnistgov/NEMO 1.1.0

Don't miss a new NEMO release

NewReleases is sending notifications on new releases.

Get notifications