Service setup#
Configure Selinux and Firewall on your own so that they do not block the service.
Navigate to the /lunapassapi directory:
cd /var/lib/luna-pass/current/lunapassapi
In the configuration files lunapassapi.config.toml, lunapassvideo.config.toml, lunapassvideo.task.py make the necessary settings corresponding to the actual parameters of LUNA SDK and presented in the Table 12.
Table 12. LUNA PASS configuration parameters
|
Parameter |
Description |
|---|---|
|
LUNA PASS configuration parameters |
|
|
env= |
Mode:
Default: production |
|
host= |
IP address where the service will be launched. Default: 0.0.0.0 |
|
port= |
Port on which the service will be launched. Default: 8321 |
|
logLevel= |
Logging level. Available values:
Default: 1 |
|
FACEENGINE configuration parameters |
|
|
sdkBindingsPath= |
Path to Python bindings. Default: /fsdk/pythonBindings/build |
|
sdkDataPath= |
Path to data directory Default: /fsdk/data |
|
sdkLicensePath= |
Path to the license file. Default: /fsdk/data/license.conf |
|
Configuration parameters LUNA_PASS.JWT |
|
|
algorithm= |
Successful frame encryption algorithm. Default: HS256 |
|
key= |
The secret to encrypting a successful frame. Default: secret |
|
LIVENESS configuration parameters |
|
|
maxAttempts= |
Maximum number of frames received within 1 session. If the value is exceeded, the current frame is sent as is and the connection is terminated. If no value is present, the frames are checked until there is a successfully passed Liveness Default: -1 |
|
maxLivenessAttempts= |
The maximum number of frames that have reached the Liveness estimation. If the value is exceeded, the current frame is sent as is and the connection is terminated. If no value is present, the frames are checked until there is a successfully passed Liveness Default: -1 |
|
LIVENESS.THRESHOLDS estimation thresholds |
|
|
blur= |
Photo blurring Default: 0.61 |
|
light= |
Backlighting of the photo image Default: 0.57 |
|
dark= |
Darkening of the photo image Default: 0.5 |
|
illumination= |
Image illumination uniformity, 0 – равномерно, 1 – есть пересветы Default: 0.1 |
|
specularity= |
Glare on the image, 0 – бликов нет, 1 – есть блики. Default: 0.1 |
|
ags= |
Predictive estimation of whether an incoming image is suitable for further comparing Default: 0.8 |
|
Frame parameters (frame to face ratio) |
|
|
frameMargin= |
Indentation from frame borders Default: 10 |
|
Face parameters |
|
|
faceWidth= |
Face frame width Default: 200 |
|
faceHeight= |
Face frame height Default: 200 |
|
yaw= |
Rotation around the vertical axis of the head Default: 20 |
|
pitch= |
Rotation around the transverse axis of the head Default: 20 |
|
roll= |
Rotation around the longitudinal axis of the head Default: 20 |
|
mouth= |
Required accuracy of mouth status assessment Default: 0.4 |
|
glasses= |
Availability of glasses. Available values:
Default: |
|
livenessScore=; livenessQualityScore= |
Thresholds for the OneShot Liveness test result at which a person will be considered «alive» Default: 0.5; 0.5 |
|
multifacePolicy= |
Policy for selecting a person to check Liveness. Available values:
Default: 0 |
|
Configuration options for query plugins |
|
|
MIDDLEWARES.REQUEST.BasicAuth plugin |
|
|
isEnabled= |
BASIC authorization Default: 0 |
|
args.username= |
Login for Basic Auth Default: - |
|
args.password= |
Password for Basic Auth Default: - |
|
args.origin= |
ORIGIN header to protect against Cross-Site WebSocket Hijacking. Can represent the ip address of the server when accessed by ip address or the domain when accessed by domain name Default: - |
|
MIDDLEWARES.WS.FileLogger plugin |
|
|
isEnabled= |
Saves all incoming photos and the results of their estimation within one session to a file Default: 0 |
|
args.path= |
Path for saving file logs Default: './LOGS' |
|
MIDDLEWARES.WS.Bestshot plugin |
|
|
isEnabled= |
Selection of the bestshot according to liveness estimation from those sent for estimation. Only a frame that has reached the Liveness estimation and with a Liveness quality score higher than LIVENESS.THRESHOLDS.livenessQualityScore can be used as the bestshot Default: 0 |
|
MIDDLEWARES.WS.Luna3DescriptorQualityCheck plugin |
|
|
isEnabled |
Checking the quality of the photo with a given threshold in the external system LUNA PLATFORM version 3. This plugin should be placed after the bestshot plugin if it is used Default: 0 |
|
args.connectionString= |
Connection address to LUNA3 API Default: |
|
args.authToken= |
Authorization token to execute the request Default: - |
|
args.descriptor QualityThreshold= |
Descriptor quality threshold Default: - |
|
MIDDLEWARES.WS.AggregateLiveness plugin |
|
|
isEnabled= |
Aggregation of Liveness by N frames Default: 0 |
|
args.framesCount= |
Number of frames to be aggregated Default: 3 |
|
Plugin MIDDLEWARES.WS.ActiveLiveness |
|
|
isEnabled= |
Active Liveness Default: 0 |
|
args.cooldownFramesCount= |
Minimum number of frames after passing active Liveness Default: 0 |
|
args.interactionsCount= |
Number of user interactions used, maximum 5 Default: 2 |
|
args.acceptOneEyed= |
Allow user interaction with one eye to blink Default: 0 |
|
args.yawStartDeg= |
Initial angle of rotation at which it is possible to begin interaction with head turns Default: 10 |
|
args.yawThresholdDeg= |
Threshold angle of rotation at which interaction on head turns is considered completed Default: 20 |
|
args.pitchStartDeg= |
The initial head tilt angle at which it is possible to begin head tilt interaction Default: 10 |
|
args.pitchThresholdDeg= |
The head tilt angle threshold at which the head tilt interaction is considered completed Default: 20 |
|
MIDDLEWARES.WS.Result plugin |
|
|
isEnabled= |
Result plugin, used when bestshot, aggregate_liveness, luna3_descriptor_quality_check or a combination of these are enabled. Based on data from other plugins, decides on the result of Liveness. For correct operation, the following settings and plugins may be required:
Default: 1 |
|
MIDDLEWARES.WS.VideoRedis |
|
|
isEnabled= |
Plugin for sending session frames to Redis Default: 0 |
|
args.connectionString= |
Redis connection string Default: |
|
args.queueName= |
Redis queue name for working with video Default: default |
|
args.resultTtl= |
How long does Redis store information about the success of tasks and their results 500s |
|
args.failureTtl= |
How long Redis stores information about unsuccessful tasks Default: 1y |
|
args.sessionTimeout= |
Number of seconds to start building video after session termination if no bestshot is available Default: 300 |
|
args.workerTask= |
The name of the task that lunapassworker will run when it receives a task to build a video Default: task.run |
|
args.framesLimit= |
Limit the maximum number of frames in a video.
Default: 0 |
* The paths are specified from the LUNA SDK directory.
Dependency installation#
Installing LUNA PASS API dependencies when Internet access is available#
To correctly install the service dependencies, the gcc, python3-devel packages must be installed on the system.
Go to the /lunapassapi directory.
Install system packages if they are not already installed:
yum install -y gcc python3-devel
Perform the following steps.
1․ Change to the module directory:
cd /var/lib/luna-pass/current/lunapassapi
2․ Create a virtual environment:
python3.9 -m venv venv
3․ Activate the virtual environment:
source venv/bin/activate
4․ Run the Python dependency installation:
pip3.6 install -r requirements.txt
5․ Deactivate the virtual environment:
deactivate
Installing LUNA PASS API dependencies when there is no Internet access#
First, on a machine with Internet access, you need to download the packages necessary for the operation of the service for the target platform where the service will be deployed.
All actions are performed in the /lunapassapi directory.
1․ Create a virtual environment:
python3.9 -m venv venv
2․ Activate the virtual environment:
source venv/bin/activate
3․ Download the packages required for the service to work. The target platform is specified in the --platform key, in this case the example shown here is for gathering dependencies for the CentOS platform:
pip download -d ./packs/ -r requirements.txt --platform=linux_x86_64 --python-version=3.9 --no-deps --prefer-binary
4․ Deactivate the virtual environment:
deactivate
After getting all the necessary dependencies, which will be located in the /lunapassapi/packs directory, move the /packs directory to the target platform. After the migration, perform the installation.
All actions are performed in the /lunapassapi directory, provided that it already contains the /packs directory, which contains all the necessary dependencies for the target platform.
5․ Go to the module directory:
cd /var/lib/luna-pass/current/lunapassapi
6․ Activate the virtual environment:
source venv/bin/activate
7․ Install all required dependencies from the local directory:
pip install -r requirements.txt --no-index --find-links=packs
LUNA PASS service files#
There is a unit file for the service in the distribution kit. Copy this file to the /system directory to start the service after installation. Perform the following actions.
1․ Copy the service files from the distribution kit to the system directory:
cp /var/lib/luna-pass/current/extras/systemd/lunapassapi.service /etc/systemd/system/
2․ Restart system services:
systemctl daemon-reload
Starting LUNA PASS#
Start the LUNA PASS API service and add it to startup.
systemctl start lunapassapi.service
systemctl enable lunapassapi.service