Debian 7/ Debian 8 

 

Debian 8 currently uses PHP 5.6 and is not supported. However, it will be supported in a future release.

Before You Begin

Ensure that System Requirements have been met prior to proceeding with the Installation Guide.

Install Requirements

1) Upgrade your current packages

Upgrade your current packages.

 

   apt-get update
   apt-get upgrade

 

2) Install Required Packages

PHP

This step is only applicable to Debian 7 users. If you are using Debian 8, please skip this step.

 

All installations of ProVision require at least PHP 5.5 (and related extensions). Debian Wheezy comes with PHP 5.4 by default. You can either add a repository which provides PHP 5.5 or install PHP manually. In this example, we are going to use 3rd party repository that also upgrades the Apache to 2.4 as well as some other packages.

 

Edit sources.list:
(shown using the vi editor, though you may use the editor of your choice)

 

  vi /etc/apt/sources.list


Add the following lines to sources.list:

 

  deb http://packages.dotdeb.org wheezy-php55 all
  deb-src http://packages.dotdeb.org wheezy-php55 all
Install the GPG key:

 

  wget https://www.dotdeb.org/dotdeb.gpg
  apt-key add dotdeb.gpg

 

And update the packages list:

 

   apt-get update

 

Install Apache2/PHP5/MySQL and development tools for pecl:

 

PHP5 / Apache2 / extensions

  • apache2 

  • libapache2-mod-php5 

  • php5 

  • php5-cgi 

  • php5-cli 

  • php5-gd 

  • php5-curl 

  • php5-ldap 

  • php5-mysqlnd 

  • php5-ssh2 

  • php-pear 

  • php5-dev 

Development tools for pecl / additional system packages:

  • curl 
  • openssl 
  • memcached 

  • php5-memcache

   apt-get install apache2 libapache2-mod-php5 php5 php5-cgi php5-cli php5-gd php5-curl php5-ldap php5-mysqlnd php5-ssh2 php-pear php5-dev curl openssl memcached php5-memcache

 

 While installing you will be asked to set the MySQL root password.

MySQL

Install MySQL to use a local database.

 

apt-get install mysql-server
You will be asked to enter a root password for the mysql server.

 

DNS and Additional Utilities

Install the DNS and other utilities:
 
  • curl 
  • openssl 
  • memcached 
  • php5-memcache 
  • nmap 
  • dnsutils 
  • bind9utils 
  • dnssec-tools 
  • expect

 


apt-get install curl openssl memcached php5-memcache nmap dnsutils bind9utils dnssec-tools expect

 


3) Configuring the requirements:

SSL

Enable the necessary apache modules with the following command:

 

a2enmod php5 ssl rewrite
In order to create self signed certificates and to work properly, the hostname must be resolved properly. 
    Open the hosts file for editing: 

 

    vi /etc/hosts

 

    Add a record for your hostname

 

    yourhostname X.X.X.X

 

Create self signed certificate:

 

    make-ssl-cert generate-default-snakeoil --force-overwrite

Apache

Please note that mod_rewrite is required! If it is not enabled in Apache, key elements will not work as expected.

 

Enable the default vhost for apache

 

    a2ensite default-ssl

 

Allow overwrites in the apache vhosts

 

    sed -i 's/AllowOverride None/AllowOverride All/g' /etc/apache2/sites-available/default* 

 

6. Reload apache

 

    service apache2 reload

MySQL

MySQL Configuration:

 

    mysql -p -e "SET GLOBAL sql_mode='NO_ENGINE_SUBSTITUTION';SET SESSION sql_mode='NO_ENGINE_SUBSTITUTION';"

 

Then, enter the MySQL root password when prompted.

 

4) Optional configurations:

 

Radius (Optional)

This section only needs to be followed if the customer will be using Radius for authentication.


1. Install radius module:
Debian 7:

 

    pecl install radius

 

Debian 8:

 

    apt-get install php5-radius

 

Create module loading configuration:
(shown using the vi editor, though you may use the editor of your choice)

 

    vi /etc/php5/mods-available/radius.ini

 

  Add the following lines to radius.ini:

 

    ; configuration for php radius module
    ; priority=20
    extension=radius.so

 

  To enable the radius module, type the following command:

 

    php5enmod radius

 

  

Source Guardian

 Source Guardian is only required for ProVision versions 5.1.2 and earlier. If installing ProVision 5.1.3 or later, skip this step.

Install the Source Guardian php extension 

 

Download and find additional details from http://www.sourceguardian.com/ixeds/.  Choose either Linux 32 or Linux 64 .tar.gz depending on architecture.

Download the loader and put it in the appropriate place. 

Place the file in your php extension directory as specified in your php.ini
Note: The PHP cli binary path must be set in the ProVision software Admin section if is different from default. By default it is /usr/bin/php. 

 
    wget https://www.sourceguardian.com/loaders/download/loaders.linux-x86_64.tar.bz2
    tar -xjf loaders.linux-x86_64.tar.bz2
    cp -rpPf ixed.5.5.lin /usr/lib/php5/20121212/
 
 
Create module loading configuration:
 (shown using the vi editor, though you may use the editor of your choice)

 

    vi /etc/php5/mods-available/ixed.ini

 

  Add the following lines to ixed.ini (adding extension=ixed.x.x.y.y to your php.ini):

 

    ; configuration for php ixed module
    ; priority=20
    extension=ixed.5.5.lin

 

To enable the radius module, type the following command:
 

 

    php5enmod ixed

 

Reload apache
   
service apache2 reload

If you have any issues with getting Source Guardian installed, and the instructions are not working in your case, please check out http://www.sourceguardian.com/loaders/download.php - this page allows you paste in the output of your phpinfo page and then it will tell you the steps that need to be taken for your particular use case. If you are still having issues, please contact 6connect at support@6connect.com so one of our engineers can assist you.

 

 

5) Install 6connect ProVision Software:

1. Remove the current contents in the ProVision web folder (currently the www root) and after extract the archive contents:

 	tar -xf productionBuild-5.1.2-php5.5.tar -C /var/www/

2. Change the permissions to be the web user permissions

   

 

chown -R www-data.www-data /var/www

 

3. Go to http://﹤web root﹥/configTest.php.  If there are any configuration errors listed in red, other than in the Database and Configuration Files section, they must be corrected.

4. Run configDir.sh ﹤web user﹥ from the command line as root in the web root.  This will setup the directories apache user needs read/write access to.

     cd /var/www/
     /var/www/configDir.sh www-data

5. Create the default database and initial user in MySQL

6. Go to http://﹤web root﹥/configBootstrap.php.  Fill in the requested information, noting any login credentials.

7.  Create a secure directory and run configSecureKeys.sh ﹤web user﹥ ﹤path to secure directory﹥ from the command line as root.  This sets up the secure directory where your key file for password management will be stored.  The secure directory should be a location outside of the web root that is only accessible by appropriate users.

     mkdir /secure
     ./configSecureKeys.sh www-data /secure

8.   Log in using the credentials that were generated in Step 6 and change your password!