===================== Project specification ===================== Full specification available in the `tech info `_ document Technical requirements ----------------------- The following standing requirements should apply to all features and changes introduced to the project: Performance All pages should respond within 2 seconds (including API and HTMX) Reliability Pages and API should always respond with a non-5xx status code Code style: Code should adhere to the :ref:`code style`. Test coverage: All code paths (Python, HTML templates, java script) need to be covered by tests; Documentation All functions and public class methods should have docstrings Ringfencing Users must never be able to see or access data belonging to another organization, even by manipulating urls Authentication All pages containing client data should require authentication Encryption All data sent into and from the server, including third party API calls must be encrypted via TLS (HTTPS) Limits and restrictions ------------------------ Maximum request size: 100 Mb Maximum request size is set by :envvar:`WSGI_LIMIT_REQUEST_BODY` on web-server level. There is also a `Django setting `_ set by :envvar:`DATA_UPLOAD_MAX_MEMORY_SIZE`. There is no limit on individual field size, but overall submission must fit within this limit. Request timeout: 10 min Request timeout is a time limit the server can take to respond. Requests longer than the limit are aborted due to timeout. Timeout is set by the following variables: :envvar:`WSGI_SOCKET_TIMEOUT`, :envvar:`WSGI_REQUEST_TIMEOUT` Client requirements --------------------- Web browser ~~~~~~~~~~~~ Browser with support for `ES9 `_ is required to use this site. Supported web browsers: * Chrome Version 88 or newer * Firefox Version 86 or newer * Safari Version 14 or newer * Microsoft Edge Version 89 or newer E-mail ~~~~~~~~ encoding MEG uses UTF-8 encoding for sent and received e-mail messages. Other encoding formats (e.g. iso-8859-1) are also supported as long as the message is correctly encoded by the sender's e-mail client. Network ~~~~~~~~ The following domains (and their subdomains) should be whitelisted to use MEG: * megit.com The following ports are used to communicate with MEG QMS: * HTTP (80) * HTTPS (443) .. note:: While port 80 is open, in production it is used only to redirect to a secure https connection. This is controlled by :envvar:`SECURE_SSL_REDIRECT`. Server requirements --------------------- Minimum requirements ~~~~~~~~~~~~~~~~~~~~~~ The following are the minimum requirements for running the project. .. list-table:: Minimum requirements :header-rows: 1 :stub-columns: 1 * - Service - RAM (GiB) - CPU (cores) - Storage (GiB) * - CMS - 0.4 - 0.5 - 50 * - Celery worker - 0.4 - 0.1 - * - Celery beat - 0.4 - 0.05 - * - Redis - 0.25 - 0.05 - 1.0 * - Postgres - 2.0 - 2.0 - 2.0 Recommended requirements ~~~~~~~~~~~~~~~~~~~~~~~~~~ It is recommended to run two instances each of **CMS** and **Celery worker** for redundancy, and scale up to more instances as required depending on traffic and workload. One of each remaining services (Redis, Postgres, etc) should be available. .. list-table:: Recommended requirements :header-rows: 1 :stub-columns: 1 * - Service - RAM (GiB) - CPU (cores) - Storage (GiB) * - CMS - 1.5 - 1 - 1000 * - Celery worker - 1.5 - 1 - * - Celery beat - 0.4 - 0.05 - * - Redis - 2 - 1 - 4 * - Postgres - 8.0 - 4.0 - 32 Third party dependencies ~~~~~~~~~~~~~~~~~~~~~~~~~~ Direct dependencies ^^^^^^^^^^^^^^^^^^^^^ .. literalinclude:: ../../../requirements.txt :lines: 2- Transitive dependencies ^^^^^^^^^^^^^^^^^^^^^^^^ Some third party packages may require further dependencies. Latest versions of those dependencies are used. **The following packages are pinned down to a specific version:** .. literalinclude:: ../../../constraints.txt