doc/install/rhes/auth-server

Introduction

These are step by step instructions to install an auth server installation on a virgin Red Hat Enterprise Linux 4 installation.

Step-by-step instructions

Install prerequisites

up2date postgresql-client postgresql-server
up2date gcc flex libxml2-devel postgresql-devel httpd-devel libtool libpng-devel subversion

Note: With Centos5, at least, "postgresql-client" is replaced by "postgresql." This appears to be true for RHEL5 as well.

Install PHP5 from source

RHEL4 doesn't have a recent enough PHP to run the wifidog auth server. We will have to compile one from source

Download PHP5 sources  http://www.php.net/get/php-5.1.6.tar.bz2/from/a/mirror:

cd folder_where_you_downloaded
tar -jxvf php-5.1.6.tar.bz2

Compile PHP with the required options:

cd php-5.1.6
./configure --with-pgsql --with-apxs2 --with-gettext --with-zlib --with-gd --enable-mbstring --with-config-file-path=/etc 
make
sudo make install
sudo cp php.ini-dist /etc/php.ini

Install the auth server

svn checkout https://dev.wifidog.org/svn/trunk/wifidog-auth
sudo mv wifidog-auth/ /var/www/

Install auth server external dependencies

Install required PEAR modules:

sudo pear install --alldeps Image_Graph-alpha

FCKEditor

wget http://umn.dl.sourceforge.net/sourceforge/fckeditor/FCKeditor_2.3.1.tar.gz 
tar -zxvf FCKeditor_2.3.1.tar.gz
cd FCKeditor
sudo mv * /var/www/wifidog-auth/wifidog/lib/FCKeditor/ 

Note: Attempting to use a specific Sourceforge server, e.g.  http://umn.dl.sourceforge.net/ is likely to time out or otherwise fail. Instead, use the "generic" download address, like this:

wget http://dl.sourceforge.net/sourceforge/fckeditor/FCKeditor_2.3.1.tar.gz

Configure apache

In file /etc/httpd/conf/httpd.conf:

Add php to the DirectoryIndex? directive:

DirectoryIndex index.html index.html.var index.php

Add the following new directive:

AddType application/x-httpd-php .php

Change DocumentRoot? to

DocumentRoot "/var/www/wifidog-auth/wifidog/"

Optional: Setup a ssl self signed key

Make sure you don't already have a proper key, this will destroy it!

cd /etc/httpd/conf/
rm ssl.key/server.key
rm ssl.crt/server.crt
make genkey
cd /usr/share/ssl/certs
make testcert
cd /etc/httpd/conf/ssl.key
cp server.key server.key.encrypted
openssl rsa -in server.key.encrypted -out server.key
chmod 400 server.key

Configure postgresql

While Postgres 8+ would be much faster on modern machines, version 7.4 in RHEL4 is NOT sufficient to run wifidog.

Note: For a completely new installation, the files listed below will not exist until the PostgreSQL service has been started for the first time. You must then either SIGHUP or restart the service after making changes.

Add the following line to /var/lib/pgsql/data/postgresql.conf:

tcpip_socket = true

Note: 8.0 has replaced the tcpip_socket flag with the listen_addresses setting. PostgreSQL 8.0 and up will not start with "tcpip_socket" in the configuration. If you are using PostgreSQL 8.0 and up, use the following instead:

'listen_addresses = 'localhost'

As this is the default, it may not be necessary to make a change to postgresql.conf.

You probably also want to add

log_destination = 'syslog' 

to the "Reporting and Logging" section of postgresql.conf, or otherwise make sure that server error messages are put someplace where you can find them.

Add the following lines to /var/lib/pgsql/data/pg_hba.conf:

host wifidog wifidog 127.0.0.1/32            md5
local wifidog wifidog           md5

Setup cron jobs

Add the following lines to /etc/crontab:

##Wifidog
#Send status emails every two minutes
*/2 * * * * apache /usr/local/bin/php
/var/www/wifidog-auth/wifidog/cron/page.php
#Vacuum the database every hour
01 * * * * apache /usr/local/bin/php
/var/www/wifidog-auth/wifidog/cron/vacuum.php

If the file /var/www/wifidog-auth/wifidog/cron/cleanup.php exists, also add the following lines to /etc/crontab:

*/5 * * * * apache /usr/local/bin/php
/var/www/wifidog-auth/wifidog/cron/cleanup.php

Configure the auth server

Go to  http://your_server_adress_here/install.php and follow the instructions.

Note: As you follow the instructions, you will be asked to create a database and user, and to assign a password. The configuration file contains a hard-coded password: wifidogtest. If you are experimenting, use that password when you set up the PostgreSQL user. Otherwise, you must edit config.php with your desired password before you start the installation process. Changing local.config.php doesn't work at this point in the installation.

Remove installation files

Of course, the only one that should have access to the install.php file is you. You will need to move the file "install.php" out of public sight.

1) Go to your wifidog directory (/var/www/wifidog-auth/wifidog in our case).

cd /var/www/wifidog-auth/wifidog

2) Move "install.php" file to the parent directory which is not visible to the public:

mv install.php ../install.php

note that you can move it wherever you want, but make sure it's not public.