This is a bottom-up guide on installing openDCIM on a CentOS 7 server.
This guide is released in the Public Domain, except from the section "Enable HTTPS" which is a snippet from CentOS Wiki and is licenced under Creative Commons Attribution-Share Alike 3.0 Unported License.
Contents
Software Used
This guide has been tested with:
- openDCIM version 4.0.1, the current version as of the writing of the guide, but it should apply to previous versions, and possibly to future ones as well.
- CentOS 7.1 Minimal 64bit, with the latest updates as of 2015-09-18, but it should apply to previous versions, and possibly to future ones as well.
- The
vim
editor is used in the commands below, because it adds nice colored syntax highlighting when editing configuration files. If you don't havevim
, you can usevi
, which comes preinstalled with CentOS.
Install Apache, PHP, MySQL
Install, start and enable Apache:
yum -y install httpd systemctl enable httpd.service systemctl start httpd.service
Install PHP, and the MBSTRING module required for internationalization:
yum -y install php yum -y install php-mysql yum -y install php-mbstring yum -y install php-snmp
Install, start and enable MySQL Server:
yum -y install mariadb-server systemctl enable mariadb.service systemctl start mariadb.service
Secure MySQL Server:
mysql_secure_installation
During this step, you will:
- Set a root password
- Remove anonymous users
- Disallow root login remotely
- Remove test database and access to it
- Reload privilege tables
Create a database for openDCIM (change the database name dcim
and the password dcimpassword
to something that suits you):
mysql -u root -p MariaDB [(none)]> create database dcim; MariaDB [(none)]> grant all privileges on dcim.* to 'dcim' identified by 'dcimpassword'; MariaDB [(none)]> exit
Enable HTTPS
Install Apache SSL Module:
yum -y install mod_ssl
Generate the necessary keys and copy them to the proper directories:
cd /root openssl genrsa -out ca.key 1024 openssl req -new -key ca.key -out ca.csr openssl x509 -req -days 365 -in ca.csr -signkey ca.key -out ca.crt cp ca.crt /etc/pki/tls/certs cp ca.key /etc/pki/tls/private/ca.key cp ca.csr /etc/pki/tls/private/ca.csr
To set the server name:
vim +/ServerName /etc/httpd/conf/httpd.conf
Find the line...
#ServerName www.example.com:80
...and add below it:
ServerName opendcim.example.net:443
Finally restart Apache...
systemctl restart httpd.service
Create a VirtualHost
Now create a new configuration file for the openDCIM VirtualHost...
vim /etc/httpd/conf.d/opendcim.example.net.conf
... add the lines...
<VirtualHost *:443> SSLEngine On SSLCertificateFile /etc/pki/tls/certs/ca.crt SSLCertificateKeyFile /etc/pki/tls/private/ca.key ServerAdmin you@example.net DocumentRoot /opt/openDCIM/opendcim ServerName opendcim.example.net <Directory /opt/openDCIM/opendcim> AllowOverride All AuthType Basic AuthName "openDCIM" AuthUserFile /opt/openDCIM/opendcim/.htpasswd Require valid-user </Directory> </VirtualHost>
Enable User Authentication
You have protected the openDCIM web directory with a requirement for Basic authentication, with the lines already added in your Apache configuration file above.
Now, to create at least on user, do:
touch /opt/openDCIM/opendcim/.htpasswd htpasswd /opt/openDCIM/opendcim/.htpasswd Administrator
You will be asked for a password for user "Administrator" twice.
Open Web Access on Firewall
The FirewallD
firewall is enabled on CentOS be default, and blocks access to HTTPS port 443. To allow it...
firewall-cmd --zone=public --add-port=443/tcp --permanent
Restart FirewallD:
firewall-cmd --reload
Download and Install openDCIM
Download the latest version of openDCIM from opendcim.com (version 4.0.1 at the time of updating this guide):
mkdir /opt/openDCIM cd /opt/openDCIM curl -O http://www.opendcim.org/packages/openDCIM-4.0.1.tar.gz
Extract the archive and create a symbolic link:
tar zxvf openDCIM-4.0.1.tar.gz ln -s openDCIM-4.0.1 opendcim
The symbolic link is not required. If you don't want to create it, just rename the directory openDCIM-4.0.1
to opendcim
. However, having a symbolic link in place allows you to find out the version of openDCIM at a glance, and makes upgrades easier.
Now, prepare the configuration file for access to the database:
cd /opt/openDCIM/opendcim cp db.inc.php-dist db.inc.php vim db.inc.php
Edit the following lines, to reflect your settings of database host (in this example localhost
), database name (dcim
), and credentials that you assigned when creating the database:
$dbhost = 'localhost'; $dbname = 'dcim'; $dbuser = 'dcim'; $dbpass = 'dcimpassword';
Finally, restart Apache one last time:
systemctl restart httpd.service
Now, you can open openDCIM in your browser to proceed with the installation. If you have set up a DNS entry for a domain name to point to your web server's IP, you will go to something similar to https://opendcim.example.com/. Otherwise, you can visit https://IP_of_web_server/.
In any case, you will be asked to accept the web server's HTTPS certificate. This will only happen once per browser. You will then be asked for the Authentication credentials that you configured earlier with htpasswd
.
To finish with the installation, rename the install.php file to install.php.original so that the application will no longer try to call it.