This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
getting_started:20_install_ubuntu_nginx [2021/01/22 20:56] admin [Install RADIUSdesk] |
getting_started:20_install_ubuntu_nginx [2022/01/14 13:09] (current) admin [Install RADIUSdesk] |
||
---|---|---|---|
Line 1: | Line 1: | ||
====== Installing RADIUSdesk on Ubuntu 20.04 using Nginx ====== | ====== Installing RADIUSdesk on Ubuntu 20.04 using Nginx ====== | ||
+ | ===== Skills Required to Install ===== | ||
+ | |||
+ | To install RADIUSdesk you need sufficient knowledge and experience on Linux to: | ||
+ | * Install the Linux operating system | ||
+ | * Edit text files from the terminal using a text editor like **Vi** or **Nano**. | ||
+ | * Install packages from a repository. | ||
+ | * Be comfortable with the working of TCP/IP networking. | ||
+ | |||
===== Background ===== | ===== Background ===== | ||
Line 18: | Line 26: | ||
| Interpret PHP Scripts | We would like the web server to call the PHP interpreter when a page ending with .php is requested. | | | Interpret PHP Scripts | We would like the web server to call the PHP interpreter when a page ending with .php is requested. | | ||
| Be able to have access to the MySQL functions of PHP | Since we set up a LEMP server, we need to have a MySQL server installed and accessible from PHP. | | | Be able to have access to the MySQL functions of PHP | Since we set up a LEMP server, we need to have a MySQL server installed and accessible from PHP. | | ||
- | | Modify the expiry date of http headers to encourage caching | We want files that does not change (e.g. css or images) to be cached on the client's side to make the client's experience more pleasant | | + | | Modify the expiry date of HTTP headers to encourage caching | We want files that does not change (e.g. CSS or images) to be cached on the client's side to make the client's experience more pleasant | |
| Compress text before they are served to the client | We can compress the text that flows between the client and the server and in this way reduce the //over the line// bytes which in turn should also give the client a more pleasant experience | | | Compress text before they are served to the client | We can compress the text that flows between the client and the server and in this way reduce the //over the line// bytes which in turn should also give the client a more pleasant experience | | ||
| Enable rewrite rules in CakePHP for pretty URL's | CakePHP makes use of the .htaccess files in Apache to enable pretty URLs. Since Nginx does not support .htaccess files, we need to change Nginx to behave in the same way. | | | Enable rewrite rules in CakePHP for pretty URL's | CakePHP makes use of the .htaccess files in Apache to enable pretty URLs. Since Nginx does not support .htaccess files, we need to change Nginx to behave in the same way. | | ||
Line 39: | Line 47: | ||
* Since there is such a huge difference between the way of doing things in Ubuntu 16.04 and Ubuntu 20.04 we felt that adding this section will help those who are getting used to this newer way of doing things. | * Since there is such a huge difference between the way of doing things in Ubuntu 16.04 and Ubuntu 20.04 we felt that adding this section will help those who are getting used to this newer way of doing things. | ||
* For this we assume you have a bare VM (like the ones from https://www.osboxes.org/ubuntu-server/ ) | * For this we assume you have a bare VM (like the ones from https://www.osboxes.org/ubuntu-server/ ) | ||
- | * We also assume you used this to create a VM in Virtualbox and are now faced with only the local loopback interface (127.0.0.1) when issuing the **ifconfig** command. | + | * We also assume you used this to create a VM in Virtualbox and are now faced with only the local loopback interface (127.0.0.1) when issuing the **ip a** command. |
* To see which interfaces are available (yet some might just not yet be configured) | * To see which interfaces are available (yet some might just not yet be configured) | ||
<code bash> | <code bash> | ||
Line 101: | Line 109: | ||
<code bash> | <code bash> | ||
sudo systemctl stop apache2.service | sudo systemctl stop apache2.service | ||
- | sudo apt-get remove apache2 | + | sudo apt-get -y remove apache2 |
</code> | </code> | ||
</WRAP> | </WRAP> | ||
Line 114: | Line 122: | ||
* Ensure the English language pack is installed | * Ensure the English language pack is installed | ||
<code bash> | <code bash> | ||
- | sudo apt-get install language-pack-en-base | + | sudo apt-get -y install language-pack-en-base |
</code> | </code> | ||
* Install Nginx | * Install Nginx | ||
<code bash> | <code bash> | ||
- | sudo apt-get install nginx | + | sudo apt-get -y install nginx |
</code> | </code> | ||
* Ensure the web server starts up and is running | * Ensure the web server starts up and is running | ||
Line 134: | Line 142: | ||
* Install the php-fpm service: | * Install the php-fpm service: | ||
<code bash> | <code bash> | ||
- | sudo apt-get install php-fpm | + | sudo apt-get -y install php-fpm |
sudo systemctl enable php7.4-fpm | sudo systemctl enable php7.4-fpm | ||
sudo systemctl start php7.4-fpm | sudo systemctl start php7.4-fpm | ||
Line 197: | Line 205: | ||
* Be sure to supply a root password for the MariaDB database when asked for it if you are security conscious else simply hit the ESC key. | * Be sure to supply a root password for the MariaDB database when asked for it if you are security conscious else simply hit the ESC key. | ||
<code bash> | <code bash> | ||
- | sudo apt-get install mariadb-server php-mysql | + | sudo apt-get -y install mariadb-server php-mysql |
sudo systemctl enable mariadb | sudo systemctl enable mariadb | ||
sudo systemctl restart mariadb | sudo systemctl restart mariadb | ||
Line 242: | Line 250: | ||
---------- | ---------- | ||
- | ==== Install RADIUSdesk ==== | + | ==== Install RADIUSdesk ==== |
* The first part prepared everything to install **RADIUSdesk**. | * The first part prepared everything to install **RADIUSdesk**. | ||
- | * This part will go through the steps to install the latest RADIUSdesk. | + | * This part will go through the steps to install the latest **RADIUSdesk**. |
* RADIUSdesk consists of three components. | * RADIUSdesk consists of three components. | ||
* **rd** directory with its contents contains all the HTML and JavaScript code and is used as the presentation layer. | * **rd** directory with its contents contains all the HTML and JavaScript code and is used as the presentation layer. | ||
* **cake3** is a CakePHPv3 application and can be considered the engine room. Here the data is processed before being presented by the presentation layer. | * **cake3** is a CakePHPv3 application and can be considered the engine room. Here the data is processed before being presented by the presentation layer. | ||
- | * **login** is a directory with various login pages which are centrally managed through the RADIUSdesk **Dynamic Login Pages** applet. Although this is optional, it is used by most installs. | + | * **login** is a directory with various login pages which are centrally managed through the RADIUSdesk **Dynamic Login Pages** applet. |
- | * We will use git to check out the latest version (master) of RADIUSdesk. | + | * Later we will create various symbolic links from locations inside the **rdcore** directory to locations inside the web server's document root directory. |
=== Required packages === | === Required packages === | ||
* Make sure the following packages are installed: | * Make sure the following packages are installed: | ||
<code bash> | <code bash> | ||
- | sudo apt-get install php-cli php-mysql php-gd php-curl php-xml php-mbstring php-intl git wget | + | sudo apt-get -y install php-cli php-mysql php-gd php-curl php-xml php-mbstring php-intl git wget |
+ | sudo systemctl restart php7.4-fpm | ||
</code> | </code> | ||
- | * Check out the RdCore git repository. | + | * Check out the **rdcore** git repository. |
<code bash> | <code bash> | ||
cd /var/www | cd /var/www | ||
- | sudo git clone https://git.code.sf.net/p/radiusdesk/git rd_code | + | sudo git clone https://github.com/RADIUSdesk/rdcore.git |
</code> | </code> | ||
- | * This will create an **rd_code** directory containing some sub-folders. | + | * This will create an **rdcore** directory containing some sub-folders. |
=== Create soft links === | === Create soft links === | ||
Line 267: | Line 276: | ||
<code bash> | <code bash> | ||
cd /var/www/html | cd /var/www/html | ||
- | sudo ln -s ../rd_code/rd/build/production/Rd/ ./rd | + | sudo ln -s ../rdcore/rd ./rd |
- | sudo ln -s ../rd_code/cake3 ./cake3 | + | sudo ln -s ../rdcore/cake3 ./cake3 |
- | sudo ln -s ../rd_code/login ./login | + | sudo ln -s ../rdcore/login ./login |
+ | sudo ln -s ../rdcore/AmpConf/build/production/AmpConf ./conf_dev | ||
+ | sudo ln -s ../rdcore/cake3/rd_cake/setup/scripts/reporting ./reporting | ||
</code> | </code> | ||
Line 284: | Line 295: | ||
sudo chown -R www-data. /var/www/html/cake3/rd_cake/webroot/img/dynamic_photos | sudo chown -R www-data. /var/www/html/cake3/rd_cake/webroot/img/dynamic_photos | ||
sudo chown -R www-data. /var/www/html/cake3/rd_cake/webroot/img/access_providers | sudo chown -R www-data. /var/www/html/cake3/rd_cake/webroot/img/access_providers | ||
- | sudo chown -R www-data. /var/www/html/cake3/rd_cake/webroot/img/nas | + | sudo chown -R www-data. /var/www/html/cake3/rd_cake/webroot/img/hardwares |
sudo chown -R www-data. /var/www/html/cake3/rd_cake/webroot/files/imagecache | sudo chown -R www-data. /var/www/html/cake3/rd_cake/webroot/files/imagecache | ||
</code> | </code> | ||
Line 311: | Line 322: | ||
sudo mysql -u root rd < /var/www/html/cake3/rd_cake/setup/db/rd.sql | sudo mysql -u root rd < /var/www/html/cake3/rd_cake/setup/db/rd.sql | ||
</code> | </code> | ||
+ | |||
=== Configure Nginx === | === Configure Nginx === | ||
- | * Since CakePHP uses rewrite rules, we have to configure Nginx in such a way as to allow rewriting of the URL's that starts with /cake3/rd_cake. | + | |
+ | * Configure Nginx to rewrite some RdCore URLs starting with ///cake3/rd_cake//. | ||
* Edit ///etc/nginx/sites-enabled/default// | * Edit ///etc/nginx/sites-enabled/default// | ||
<code bash> | <code bash> | ||
sudo vi /etc/nginx/sites-enabled/default | sudo vi /etc/nginx/sites-enabled/default | ||
</code> | </code> | ||
- | * Add the following section inside the server section: | + | * Add this once section directly below **server_name** item. (This is so that this rule is **hit** first for the reporting side. We do not use CakePHP for the reporting anymore due to performance issues. |
+ | <code bash> | ||
+ | server_name _; | ||
+ | location /cake3/rd_cake/node-reports/submit_report.json { | ||
+ | try_files $uri $uri/ /reporting/reporting.php; | ||
+ | } | ||
+ | </code> | ||
+ | * Add the following configuration block inside the server section (This you can add towards the end): | ||
<code bash> | <code bash> | ||
location /cake3/rd_cake { | location /cake3/rd_cake { | ||
Line 324: | Line 344: | ||
} | } | ||
</code> | </code> | ||
- | * Reload the Nginx web server: | + | * Reload the Nginx: |
<code bash> | <code bash> | ||
- | sudo systemctl reload nginx.service | + | sudo systemctl reload nginx |
</code> | </code> | ||
=== Important URLs === | === Important URLs === | ||
* The following URLs are important to reach the UI | * The following URLs are important to reach the UI | ||
- | * To load the standard UI, go to http://127.0.0.1/rd | + | * To load the optimized UI, go to http://127.0.0.1/rd/build/production/Rd/ |
* If you want to serve the content directly out of the webroot, do the following: | * If you want to serve the content directly out of the webroot, do the following: | ||
<code bash> | <code bash> | ||
- | sudo cp -R /var/www/html/rd/* /var/www/html/ | + | sudo cp -R /var/www/html/rd/build/production/Rd/* /var/www/html/ |
</code> | </code> | ||
+ | |||
== Login Credentials == | == Login Credentials == | ||
* By default you can log in with the following credentials | * By default you can log in with the following credentials | ||
Line 348: | Line 369: | ||
sudo cp /var/www/html/cake3/rd_cake/setup/cron/cron3 /etc/cron.d/ | sudo cp /var/www/html/cake3/rd_cake/setup/cron/cron3 /etc/cron.d/ | ||
</code> | </code> | ||
- | * If you want to change the default intervals at which the scripts get executed, just edit the /etc/cron.d/rd file. | + | * If you want to change the default intervals at which the scripts get executed, just edit the /etc/cron.d/cron3 file. |
+ | |||
+ | ===== Add LETSENCRYPT certificate ===== | ||
+ | * Rather than repeating existing documentation we will just add a URL with the instructions to do it. | ||
+ | * You might want to run the following first before going to the instructions in the URL | ||
+ | |||
+ | <code bash> | ||
+ | sudo apt-get update | ||
+ | sudo apt-get -y install software-properties-common | ||
+ | </code> | ||
+ | * https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-20-04 | ||
===== Next steps ===== | ===== Next steps ===== | ||
* Be sure to also install **FreeRADIUS** | * Be sure to also install **FreeRADIUS** | ||
* [[Getting Started:20_install_ubuntu_freeradius_3|Install FreeRADIUS]] | * [[Getting Started:20_install_ubuntu_freeradius_3|Install FreeRADIUS]] |