From OpenDCIM Wiki
Jump to: navigation, search

This is a bottom-up guide on installing openDCIM on a CentOS 7 server.

This guide is released in the Public Domain, except from the section "Enable HTTPS" which is a snippet from CentOS Wiki and is licenced under Creative Commons Attribution-Share Alike 3.0 Unported License.


Software Used

This guide has been tested with:

  • openDCIM version 4.0.1, the current version as of the writing of the guide, but it should apply to previous versions, and possibly to future ones as well.
  • CentOS 7.1 Minimal 64bit, with the latest updates as of 2015-09-18, but it should apply to previous versions, and possibly to future ones as well.
  • The vim editor is used in the commands below, because it adds nice colored syntax highlighting when editing configuration files. If you don't have vim, you can use vi, which comes preinstalled with CentOS.

Install Apache, PHP, MySQL

Install, start and enable Apache:

yum -y install httpd
systemctl enable httpd.service
systemctl start httpd.service

Install PHP, and the MBSTRING module required for internationalization:

 yum -y install php
 yum -y install php-mysql
 yum -y install php-mbstring
 yum -y install php-snmp

Install, start and enable MySQL Server:

 yum -y install mariadb-server
 systemctl enable mariadb.service
 systemctl start mariadb.service

Secure MySQL Server:

 mysql_secure_installation

During this step, you will:

  1. Set a root password
  2. Remove anonymous users
  3. Disallow root login remotely
  4. Remove test database and access to it
  5. Reload privilege tables

Create a database for openDCIM (change the database name dcim and the password dcimpassword to something that suits you):

 mysql -u root -p
 MariaDB [(none)]> create database dcim;
 MariaDB [(none)]> grant all privileges on dcim.* to 'dcim' identified by 'dcimpassword';
 MariaDB [(none)]> exit

Enable HTTPS

Install Apache SSL Module:

 yum -y install mod_ssl

Generate the necessary keys and copy them to the proper directories:

 cd /root
 openssl genrsa -out ca.key 1024 
 openssl req -new -key ca.key -out ca.csr
 openssl x509 -req -days 365 -in ca.csr -signkey ca.key -out ca.crt
 cp ca.crt /etc/pki/tls/certs
 cp ca.key /etc/pki/tls/private/ca.key
 cp ca.csr /etc/pki/tls/private/ca.csr

To set the server name:

 vim +/ServerName /etc/httpd/conf/httpd.conf

Find the line...

 #ServerName www.example.com:80

...and add below it:

 ServerName opendcim.example.net:443

Finally restart Apache...

 systemctl restart httpd.service 

Create a VirtualHost

Now create a new configuration file for the openDCIM VirtualHost...

 vim /etc/httpd/conf.d/opendcim.example.net.conf

... add the lines...

 <VirtualHost *:443>
     SSLEngine On
     SSLCertificateFile /etc/pki/tls/certs/ca.crt
     SSLCertificateKeyFile /etc/pki/tls/private/ca.key
     ServerAdmin you@example.net
     DocumentRoot /opt/openDCIM/opendcim
     ServerName opendcim.example.net
     <Directory /opt/openDCIM/opendcim>
         AllowOverride All
         AuthType Basic
         AuthName "openDCIM"   
         AuthUserFile /opt/openDCIM/opendcim/.htpasswd
         Require valid-user
     </Directory>
 </VirtualHost>

Enable User Authentication

You have protected the openDCIM web directory with a requirement for Basic authentication, with the lines already added in your Apache configuration file above.

Now, to create at least on user, do:

 touch /opt/openDCIM/opendcim/.htpasswd
 htpasswd /opt/openDCIM/opendcim/.htpasswd Administrator

You will be asked for a password for user "Administrator" twice.

Open Web Access on Firewall

The FirewallD firewall is enabled on CentOS be default, and blocks access to HTTPS port 443. To allow it...

 firewall-cmd --zone=public --add-port=443/tcp --permanent

Restart FirewallD:

 firewall-cmd --reload

Download and Install openDCIM

Download the latest version of openDCIM from opendcim.com (version 4.0.1 at the time of updating this guide):

 mkdir /opt/openDCIM
 cd /opt/openDCIM
 curl -O http://www.opendcim.org/packages/openDCIM-4.0.1.tar.gz

Extract the archive and create a symbolic link:

 tar zxvf openDCIM-4.0.1.tar.gz
 ln -s openDCIM-4.0.1 opendcim

The symbolic link is not required. If you don't want to create it, just rename the directory openDCIM-4.0.1 to opendcim. However, having a symbolic link in place allows you to find out the version of openDCIM at a glance, and makes upgrades easier.

Now, prepare the configuration file for access to the database:

 cd /opt/openDCIM/opendcim
 cp db.inc.php-dist db.inc.php
 vim db.inc.php

Edit the following lines, to reflect your settings of database host (in this example localhost), database name (dcim), and credentials that you assigned when creating the database:

 $dbhost = 'localhost';
 $dbname = 'dcim';
 $dbuser = 'dcim';
 $dbpass = 'dcimpassword';

Finally, restart Apache one last time:

 systemctl restart httpd.service

Now, you can open openDCIM in your browser to proceed with the installation. If you have set up a DNS entry for a domain name to point to your web server's IP, you will go to something similar to https://opendcim.example.com/. Otherwise, you can visit https://IP_of_web_server/.

In any case, you will be asked to accept the web server's HTTPS certificate. This will only happen once per browser. You will then be asked for the Authentication credentials that you configured earlier with htpasswd.

To finish with the installation, rename the install.php file to install.php.original so that the application will no longer try to call it.

Additional Resources