You are here
Installation of FromDual Ops Center for MariaDB and MySQL
Sat, 2015-12-19 17:47 — oli
Installation of FromDual Ops Center for MariaDB and MySQL
Table of Contents
- From Ubuntu or Debian repository
- DEB package on Debian 10/11 DEB or Ubuntu 20.04/22.04
- Tarball on Debian 10/11 or Ubuntu 20.04/22.04
- Securing focmm under Debian and Ubuntu
- From Redhat 7 repository
- From Redhat 8 and 9 repository
- RPM on Redhat 7
- Tarball on Redhat 7
- Securing focmm under RHEL 7
- Preparing repository database
- Creating Ops Center Repository
From Ubuntu or Debian repository
Add the FromDual APT repository as described here.
Then install focmm with the following command:
apt install focmm
Continue with Securing focmm under Debian and Ubuntu.
DEB package on Debian 10/11 DEB or Ubuntu 20.04/22.04
To install FromDual Ops Center for MariaDB and MySQL manually you can download it from our download site and store it under /tmp.
apt update
VERSION="1.2.0"
apt install /tmp/focmm_${VERSION}-1_all.deb
Continue with Securing focmm under Debian and Ubuntu.
Tarball on Debian 10/11 or Ubuntu 20.04/22.04
To install FromDual Ops Center for MariaDB and MySQL manually you can download it from our download site and store it under /tmp. Please check Prerquisites first before continuing!
VERSION=1.2.0
tar -C /var/www/html -xf /tmp/focmm-${VERSION}.tar.gz
cd /var/www/html
chown -R www-data: /var/www/html/focmm-${VERSION}
ln -s focmm-${VERSION} focmm
chown -h www-data: focmm
mkdir /etc/focmm
chown www-data: /etc/focmm
Continue with Securing focmm under Debian and Ubuntu.
Securing focmm under Debiand and Ubuntu
If you are not allowed to modify your web-server configuration files please consider to use our .htaccess template (tpl/htaccess.template).
SSL
To configure the focmm web-server to use https/SSL you have to create some certificates first:
mkdir /etc/apache2/ssl chmod 700 /etc/apache2/ssl openssl req -x509 -newkey rsa:4096 -keyout /etc/apache2/ssl/focmm.key -out /etc/apache2/ssl/focmm.crt -days 3650 -nodes a2enmod ssl a2ensite default-ssl
Then change your Apache configuration file as follows:
# /etc/apache2/sites-available/default-ssl.conf SSLEngine on SSLCertificateFile /etc/apache2/ssl/focmm.crt SSLCertificateKeyFile /etc/apache2/ssl/focmm.key
and then create an apache focmmm configuration file:
cat >/etc/apache2/conf-available/focmm.conf <<_EOF
#
# /etc/apache2/conf-available/focmm.conf
#
<Directory /var/www/html/focmm>
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule (.*) https://%{SERVER_NAME}/focmm/$1 [R,L]
</Directory>
_EOF
Do not forget to restart Apache afterwards with:
a2enmod rewrite a2enconf focmm systemctl restart apache2
http basic access authentication
If you want additionally use http "basic access authentication" to add another layer of security. You have to add the following lines to the /etc/apache2/conf-available/focmm.conf file:
AuthType Basic AuthName "focmm admin" AuthUserFile /var/www/html/.htpasswd-focmm Require valid-user
And then to set a password:
htpasswd -c -b /var/www/html/.htpasswd-focmm admin admin systemctl restart apache2
Remember the user (admin) and the password (admin) for later login.
Continue with Preparing Repository Database.
From Redhat 7 repository
Add the FromDual RPM repository as described here.
Then install focmm with the following command:
yum install focmm
Continue with Securing focmm under RHEL 7.
RPM on Redhat 7
To install FromDual Ops Center for MariaDB and MySQL manually you can download it from our download site and store it under /tmp.
VERSION="1.2.0"
cd /tmp
yum localinstall focmm-${VERSION}-1.el7.noarch.rpm
Continue with Securing focmm under RHEL 7.
Tarball on Redhat 7
To install FromDual Ops Center for MariaDB and MySQL manually you can download it from our download site and store it under /tmp.
yum install httpd php php-mysqli mariadb-server php-posix php-mysqli redhat-lsb-core mod_ssl openssl
VERSION=1.2.0
tar -C /var/www/html -xf /tmp/focmm-${VERSION}.tar.gz
cd /var/www/html
chown -R apache: /var/www/html/focmm-${VERSION}
ln -s focmm-${VERSION} focmm
chown -h apache: focmm
mkdir /etc/focmm
chown apache: /etc/focmm
Continue with Securing focmm under RHEL 7.
From Redhat 8 and 9 repository
CentOS, Redhat, Oracle Linux, Rocky Linux and AlmaLinux are currently not supported any more because of problems with O/S interaction. Please let us know if you need these distributions...
Securing focmm under Redhat 7
Set firewall rules and load some default SElinux policies:
systemctl enable mariadb
systemctl start mariadb
systemctl enable httpd
systemctl start httpd
iptables -L
firewall-cmd --permanent --add-port=80/tcp
firewall-cmd --permanent --add-port=443/tcp
firewall-cmd --reload
sestatus
VERSION=1.2.0
semodule -i /var/www/html/focmm-${VERSION}/tpl/focmm.pp
semodule --list | grep focmm
Important: Please note that focmm does currently not work correctly with SElinux enabled.
To make focmm working correctly set SElinux to permissive:
setenforce 0 sed -i 's/^SELINUX=enforcing/SELINUX=permissive/' /etc/selinux/config
If you are not allowed to modify your web-server configuration files please consider to use our .htaccess template (tpl/htaccess.template).
SSL
To configure the focmm web-server to use https/SSL you have to create some certificates first:
mkdir /etc/ssl/private chmod 700 /etc/ssl/private openssl req -x509 -newkey rsa:4096 -keyout /etc/ssl/private/focmm.key -out /etc/ssl/certs/focmm.crt -days 3650 -nodes
Then change your Apache configuration file as follows:
# /etc/httpd/conf.d/ssl.conf SSLEngine on SSLCertificateFile /etc/ssl/certs/focmm.crt SSLCertificateKeyFile /etc/ssl/private/focmm.key systemctl restart httpd
and then create an apache focmmm configuration file:
cat >/etc/httpd/conf.d/focmm.conf <<_EOF
#
# /etc/httpd/conf.d/focmm.conf
#
<Directory /var/www/html/focmm>
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule (.*) https://%{SERVER_NAME}/focmm/$1 [R,L]
</Directory>
_EOF
Do not forget to restart Apache afterwards with:
# /etc/httpd/conf.modules.d/00-base.conf LoadModule rewrite_module modules/mod_rewrite.so systemctl restart httpd
http basic access authentication
If you want additionally use http "basic access authentication" to add another layer of security. You have to add the following lines to the /etc/httpd/conf.d/focmm.conf file:
AuthType Basic AuthName "focmm admin" AuthUserFile /var/www/html/.htpasswd-focmm Require valid-user
And then to set a password:
htpasswd -c -b /var/www/html/.htpasswd-focmm admin admin systemctl restart httpd
Remember the user (admin) and the password (admin) for later login.
Continue with Preparing Repository Database.
Preparing repository database
Create the Ops Center Schema in the repository database as follows:
mysql --user=root CREATE SCHEMA focmm; CREATE USER 'focmm_owner'@'127.0.0.1' IDENTIFIED BY 'secret'; GRANT ALL ON focmm.* to 'focmm_owner'@'127.0.0.1';
Continue with Creating Ops Center Repository.
Creating Ops Center Repository
Now you have to connect with your browser to the FromDual Ops Center. The URL looks like this: https://192.168.56.101/focmm/. If you are using self signed certificates you possible get some warnings of your web browser:
More information about this topic you can find on the Mozilla website.
If you have configured http "Basic Access Authentication" above you will be prompted for the user and the password:
When you have logged in and you did it the first time Ops Center tries to do some basic checks and lets you know about the diagnosis:
If you get an error code 3002 or 3004 and/or the following error in your Apache error log, then it is most probably SElinux which causes troubles:
PHP Warning: error_log(/var/www/html/focmm-v1.2.0/log/error.log): failed to open stream: Permission denied in /var/www/html/focmm-v1.2.0/lib/Log.inc on line 109 sestatus SELinux status: enabled SELinuxfs mount: /sys/fs/selinux SELinux root directory: /etc/selinux Loaded policy name: targeted Current mode: enforcing Mode from config file: enforcing Policy MLS status: enabled Policy deny_unknown status: allowed Max kernel policy version: 31 setenforce 0
Before you continue installing Ops Center you can Test the connection with the button:
At the end you have to enter the connect information for your Ops Center Repository Database you have created above. The Ops Center will start installing the Repository.
If everything completed successful you can login. The defaul user/password is admin/admin.
After the login you reach the Ops Center dashboard. Currently it will be empty and thus shows a nice architecture overview.
If you reached this step Ops Center is installed and needs to be configured.