Configuration and Installation
The installation and configuration must be carried out as a root user (or alternatively using sudo). Once all the required packages have been stored on the server, you can start the installation. Each command must be executed in the directory in which the installation files are located.
yum install *.rpm |
Once the installation is confirmed and all the dependencies are resolved, you must start the setup script.
dracoon_setup |
The setup begins with a search for installed components.
Once this is complete, the configuration can start the individual modules:
Database
The DRACOON database can be installed on an existing database server (or database cluster).
If you wish to install MariaDB, you must choose <YES> here.
You are guided through mysql_secure_installation directly after the installation.
A root password is initially not set.
Please do not use any special characters in the passwords for the database, because this may lead to problems.
You can simply confirm all the other points with YES.
Once MariaDB is installed, you can configure it.
Parameter
|
Description
|
Default
|
---|---|---|
DB Host | The IP of the database server that the API server must be able to access. | 127.0.0.1 |
Root DB User | The root DB user. | root |
Root DB PW | The password for the root DB user. | |
Tenant DB User | The tenant DB user. Service account that is being created. | tenant |
Tenant DB PW | The tenant DB password. A randomly generated password. | |
DRACOON DB User | The DRACOON DB user. Service account that is being created. | dracoon |
DRACOON DB PW | The DRACOON DB password. A randomly generated password. | |
DB API Host | The user DB context. We recommend using a wildcard (%) here and setting a restriction using firewall rules. | % |
API
Parameter
|
Description
|
Default
|
---|---|---|
DRACOON URL | The URL under which you want DRACOON to be accessible. | |
DB Host | The IP of the database server that the API server must be able to access. | 127.0.0.1 |
Tenant DB User | The tenant DB user. | tenant |
Tenant DB PW | The tenant DB password. | |
DRACOON DB User | The DRACOON DB user. | dracoon |
DRACOON DB PW | The DRACOON DB password. | |
DB Encryption Key | Password for database encryption. | |
Data Mountpoint | Directory in which all uploaded files are stored. | |
Service Token | Service token for creating the first customer. | |
Oauth Connection Authentication Token | Token for authentication between OAuth and API. | |
Oauth Connection Encryption Key | Password for encryption between OAuth and API. |
In a distributed installation, the core (API server) must have access to the database server (port 3306).
OAuth
Parameter
|
Description
|
Default
|
---|---|---|
Oauth Session Encryption Key | Key for session encryption. | |
Oauth Connection Authentication Token | Token for authentication between OAuth and API. | |
Oauth Connection Encryption Key | Password for encryption between OAuth and API. |
WebUI
The Web client does not require separate configuration.
Webdav Proxy
The Webdav proxy is installed as a standalone service and does not require separate configuration.
Reverse Proxy
HAProxy is used as the reverse proxy; the following information must be specified:
Tomcat Optimization
Parameter
|
Description
|
Default
|
---|---|---|
Set Tomcat Temp |
Set the Tomcat temp on the mount point. | true |
Set Tomcat Compression | Enable GZIP compression for Tomcat. | true |
Set Java Server Mode | Enable Java Server mode. | true |
Set Java Heap Size | Adjust the maximum RAM available to Tomcat (calculated automatically). | true |
Set Java Headless |
Enable Java Headless mode. | true |
MariaDB Optimization
Parameter
|
Description
|
Default
|
---|---|---|
Optimize MariaDB | Optimize MariaDB and the maximum RAM available (calculated automatically). | true |
System Hardening
Parameter
|
Description
|
Default
|
---|---|---|
Install firewalld | Install and configure firewalld. | true |
Enable header Strict-Transport-Security | Enable HSTS header for the reverse proxy. | true |
Enable header X-Content-Type-Options | Enable X-Content-Type-Options header for the reverse proxy. | true |
Enable header X-Xss-Protection | Enable X-Xss-Protection header for the reverse proxy. | true |
Enable header X-Frame-Options | Enable X-Frame-Options header for the reverse proxy. | true |
Remove header Server | Disable the header server for the reverse proxy. |
true |
Write Config
Once all the settings are checked, you can now apply the initial configuration.
Start Modules
Once the configuration is complete, the modules can be started together.
API Post Installation
Once the modules are started, you can create a customer using the API. All the fields must be filled to do so.
Accessing DRACOON
Access to DRACOON depends on the selected URL.
Comments
0 comments
Article is closed for comments.