2020-05-14 23:29:41 +02:00
|
|
|
Installation on Red Hat/CentOS
|
|
|
|
==============================
|
|
|
|
|
|
|
|
|
2020-05-21 15:13:24 +02:00
|
|
|
.. attention::
|
2020-05-14 23:29:41 +02:00
|
|
|
|
2022-02-18 16:25:59 +01:00
|
|
|
LemonLDAP::NG requires at least Red Hat/CentOS 7
|
2020-05-14 23:29:41 +02:00
|
|
|
|
2022-02-18 16:25:59 +01:00
|
|
|
List of pacakges
|
|
|
|
----------------
|
2020-05-14 23:29:41 +02:00
|
|
|
|
|
|
|
LemonLDAP::NG provides packages for Red Hat/Centos 7:
|
|
|
|
|
2022-02-18 16:25:59 +01:00
|
|
|
- ``lemonldap-ng``: metapackage, contains no file but dependencies on other
|
|
|
|
packages
|
|
|
|
- ``lemonldap-ng-doc``: contains HTML documentation and project docs
|
|
|
|
(README, etc.)
|
|
|
|
- ``lemonldap-ng-conf``: contains default configuration (DNS domain:
|
|
|
|
example.com)
|
|
|
|
- ``lemonldap-ng-test``: contains sample CGI test page
|
|
|
|
- ``lemonldap-ng-handler``: contains Apache Handler implementation (agent)
|
|
|
|
- ``lemonldap-ng-manager``: contains administration interface and session
|
|
|
|
explorer
|
|
|
|
- ``lemonldap-ng-portal``: contains authentication portal and menu
|
|
|
|
- ``lemonldap-ng-fastcgi-server``: FastCGI server needed to use Nginx
|
|
|
|
- ``lemonldap-ng-nginx``: contains Nginx configuration and dependencies
|
|
|
|
- ``lemonldap-ng-uwsgi-app``: contains Uwsgi application
|
|
|
|
- ``lemonldap-ng-selinux``: contains the SELinux policy for httpd
|
|
|
|
- ``perl-Lemonldap-NG-Common``: CPAN - Shared modules
|
|
|
|
- ``perl-Lemonldap-NG-Handler``: CPAN - Handler modules
|
|
|
|
- ``perl-Lemonldap-NG-Manager``: CPAN - Manager modules
|
|
|
|
- ``perl-Lemonldap-NG-Portal``: CPAN - Portal modules
|
2020-05-14 23:29:41 +02:00
|
|
|
|
|
|
|
|
2020-05-21 15:13:24 +02:00
|
|
|
.. danger::
|
2020-05-14 23:29:41 +02:00
|
|
|
|
|
|
|
The package lemonldap-ng-nginx requires the nginx
|
|
|
|
community package. If you use openrestry or Nginx plus, you must ignore
|
|
|
|
this dependency. To do this, download the package and install it with:
|
2020-05-18 09:56:39 +02:00
|
|
|
|
2020-05-14 23:29:41 +02:00
|
|
|
::
|
2020-05-18 09:56:39 +02:00
|
|
|
|
2020-05-14 23:29:41 +02:00
|
|
|
rpm --nodeps -i lemonldap-ng-nginx*.rpm
|
2020-05-18 09:56:39 +02:00
|
|
|
|
2020-05-14 23:29:41 +02:00
|
|
|
|
2022-02-18 16:25:59 +01:00
|
|
|
Prerequisites
|
|
|
|
-------------
|
|
|
|
|
|
|
|
LemonLDAP::NG has dependencies which are not in base RHEL repositories
|
|
|
|
|
|
|
|
You need to enable `EPEL repositories <https://docs.fedoraproject.org/en-US/epel/#Quickstart>`__ before installing.
|
|
|
|
|
|
|
|
On RHEL8 and derivatives, you also also need to enable the PowerTools repository in ``/etc/yum.repos.d``.
|
2020-05-14 23:29:41 +02:00
|
|
|
|
|
|
|
Get the packages
|
|
|
|
----------------
|
|
|
|
|
2020-05-18 09:56:39 +02:00
|
|
|
.. _installrpm-yum-repository:
|
|
|
|
|
2020-05-14 23:29:41 +02:00
|
|
|
YUM repository
|
|
|
|
~~~~~~~~~~~~~~
|
|
|
|
|
|
|
|
You can add this YUM repository to get recent packages:
|
|
|
|
|
|
|
|
::
|
|
|
|
|
|
|
|
vi /etc/yum.repos.d/lemonldap-ng.repo
|
|
|
|
|
|
|
|
::
|
|
|
|
|
|
|
|
[lemonldap-ng]
|
|
|
|
name=LemonLDAP::NG packages
|
|
|
|
baseurl=https://lemonldap-ng.org/redhat/stable/$releasever/noarch
|
|
|
|
enabled=1
|
|
|
|
gpgcheck=1
|
|
|
|
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-OW2
|
|
|
|
|
|
|
|
|
2020-05-18 09:56:39 +02:00
|
|
|
.. tip::
|
2020-05-14 23:29:41 +02:00
|
|
|
|
|
|
|
Replace ``stable`` by ``2.0`` to avoid upgrade to next major
|
|
|
|
version
|
|
|
|
|
|
|
|
You may also need some extras packages, available here:
|
|
|
|
|
|
|
|
::
|
|
|
|
|
|
|
|
[lemonldap-ng-extras]
|
|
|
|
name=LemonLDAP::NG extra packages
|
|
|
|
baseurl=https://lemonldap-ng.org/redhat/extras/$releasever
|
|
|
|
enabled=1
|
|
|
|
gpgcheck=1
|
|
|
|
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-OW2
|
|
|
|
|
|
|
|
Run this to update packages cache:
|
|
|
|
|
|
|
|
::
|
|
|
|
|
|
|
|
yum update
|
|
|
|
|
|
|
|
|
|
|
|
Manual download
|
|
|
|
~~~~~~~~~~~~~~~
|
|
|
|
|
2022-02-18 09:21:43 +01:00
|
|
|
RPMs are available on the `Download page <https://lemonldap-ng.org/download.html>`__.
|
2020-05-14 23:29:41 +02:00
|
|
|
|
|
|
|
Package GPG signature
|
|
|
|
---------------------
|
|
|
|
|
|
|
|
|
2021-12-16 21:50:47 +01:00
|
|
|
Get the `RPM signing key <https://lemonldap-ng.org/_media/rpm-gpg-key-ow2>`__ onto your LemonLDAP::NG server:
|
2020-05-14 23:29:41 +02:00
|
|
|
|
|
|
|
::
|
|
|
|
|
|
|
|
curl https://lemonldap-ng.org/_media/rpm-gpg-key-ow2 > /etc/pki/rpm-gpg/RPM-GPG-KEY-OW2
|
|
|
|
|
|
|
|
Install packages
|
|
|
|
----------------
|
|
|
|
|
|
|
|
With YUM
|
|
|
|
~~~~~~~~
|
|
|
|
|
|
|
|
If the packages are stored in a yum repository:
|
|
|
|
|
2020-05-21 15:13:24 +02:00
|
|
|
.. code-block:: shell
|
2020-05-14 23:29:41 +02:00
|
|
|
|
|
|
|
yum install lemonldap-ng
|
|
|
|
|
2020-12-16 16:25:50 +01:00
|
|
|
# If you use SELinux
|
|
|
|
yum install lemonldap-ng-selinux
|
|
|
|
|
2020-05-14 23:29:41 +02:00
|
|
|
You can also use yum on local RPMs file:
|
|
|
|
|
|
|
|
::
|
|
|
|
|
|
|
|
yum localinstall lemonldap-ng-* perl-Lemonldap-NG-*
|
|
|
|
|
|
|
|
With RPM
|
|
|
|
~~~~~~~~
|
|
|
|
|
|
|
|
You have then to install all the downloaded packages:
|
|
|
|
|
|
|
|
::
|
|
|
|
|
2022-02-18 16:25:59 +01:00
|
|
|
yum install lemonldap-ng-* perl-Lemonldap-NG-*
|
2020-05-14 23:29:41 +02:00
|
|
|
|
|
|
|
|
2020-05-18 09:56:39 +02:00
|
|
|
.. tip::
|
2020-05-14 23:29:41 +02:00
|
|
|
|
|
|
|
You can choose to install only one component by choosing the
|
|
|
|
package ``lemonldap-ng-portal``, ``lemonldap-ng-handler`` or
|
|
|
|
``lemonldap-ng-manager``.
|
2020-05-18 09:56:39 +02:00
|
|
|
|
2020-05-14 23:29:41 +02:00
|
|
|
Install the package ``lemonldap-ng-conf`` on all server which contains
|
2020-05-18 09:56:39 +02:00
|
|
|
one of those packages.
|
2020-05-14 23:29:41 +02:00
|
|
|
|
|
|
|
First configuration steps
|
|
|
|
-------------------------
|
|
|
|
|
|
|
|
Change default DNS domain
|
|
|
|
~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
|
|
|
|
|
|
By default, DNS domain is ``example.com``. You can change it quick with
|
|
|
|
a sed command. For example, we change it to ``ow2.org``:
|
|
|
|
|
2020-05-21 15:13:24 +02:00
|
|
|
.. code-block:: shell
|
2020-05-14 23:29:41 +02:00
|
|
|
|
|
|
|
sed -i 's/example\.com/ow2.org/g' /etc/lemonldap-ng/* /var/lib/lemonldap-ng/conf/lmConf-1.json /etc/nginx/conf.d/* /etc/httpd/conf.d/*
|
|
|
|
|
|
|
|
Upgrade
|
|
|
|
~~~~~~~
|
|
|
|
|
2022-02-18 16:25:59 +01:00
|
|
|
If you upgraded LemonLDAP::NG, check all :doc:`upgrade notes<upgrade>`.
|
2020-05-14 23:29:41 +02:00
|
|
|
|
|
|
|
DNS
|
|
|
|
~~~
|
|
|
|
|
|
|
|
Configure your DNS server to resolve names with your server IP:
|
|
|
|
|
2022-02-18 16:25:59 +01:00
|
|
|
- ``auth.<your domain>``: main portal, must be public
|
|
|
|
- ``manager.<your domain>``: manager, only for adminsitrators
|
|
|
|
- ``test1.<your domain>``, ``test2.<your domain>``: sample applications
|
2020-05-14 23:29:41 +02:00
|
|
|
|
2020-05-18 09:56:39 +02:00
|
|
|
Follow the :ref:`next steps<start-configuration>`
|
2020-05-14 23:29:41 +02:00
|
|
|
|
|
|
|
File location
|
|
|
|
-------------
|
|
|
|
|
2022-02-18 16:25:59 +01:00
|
|
|
- Configuration is in ``/etc/lemonldap-ng``
|
2020-05-14 23:29:41 +02:00
|
|
|
- LemonLDAP::NG configuration (edited by the Manager) is in
|
2022-02-18 16:25:59 +01:00
|
|
|
``/var/lib/lemonldap-ng/conf/``
|
|
|
|
- All Perl modules are in the ``/usr/share/perl5/vendor_perl`` directory
|
|
|
|
- All Perl scripts/pages are in ``/var/lib/lemonldap-ng/``
|
2020-05-14 23:29:41 +02:00
|
|
|
- All static content (examples, CSS, images, etc.) is in
|
2022-02-18 16:25:59 +01:00
|
|
|
``/usr/share/lemonldap-ng/``
|
|
|
|
- Administration scripts are in ``/usr/libexec/lemonldap-ng/bin``
|
2020-05-14 23:29:41 +02:00
|
|
|
|
|
|
|
Build your packages
|
|
|
|
-------------------
|
|
|
|
|
|
|
|
If you need it, you can rebuild RPMs:
|
|
|
|
|
|
|
|
- Install rpm-build package
|
|
|
|
- Install all build dependencies (see BuildRequires in
|
2022-02-18 16:25:59 +01:00
|
|
|
``lemonldap-ng.spec`` )
|
|
|
|
- Put LemonLDAP::NG tarball in ``%_topdir/SOURCES``
|
|
|
|
- Edit ``~/.rpmmacros`` and set your build parameters:
|
2020-05-14 23:29:41 +02:00
|
|
|
|
|
|
|
::
|
|
|
|
|
|
|
|
%_topdir /home/user/build
|
|
|
|
%dist .el7
|
|
|
|
%rhel 7
|
|
|
|
|
2022-02-18 16:25:59 +01:00
|
|
|
- Go to ``%_topdir``
|
2020-05-14 23:29:41 +02:00
|
|
|
- Build:
|
|
|
|
|
|
|
|
::
|
|
|
|
|
|
|
|
rpmbuild -ta SOURCES/lemonldap-ng-VERSION.tar.gz
|
|
|
|
|
|
|
|
|