Installation on Red Hat/CentOS¶
Attention
LemonLDAP::NG requires at least Red Hat/CentOS 7
List of pacakges¶
LemonLDAP::NG provides packages for RHEL (and derivatives) 7/8/9:
lemonldap-ng
: metapackage, contains no file but dependencies on other packageslemonldap-ng-doc
: contains HTML documentation and project docs (README, etc.)lemonldap-ng-conf
: contains default configuration (DNS domain: example.com)lemonldap-ng-test
: contains sample CGI test pagelemonldap-ng-handler
: contains Apache Handler implementation (agent)lemonldap-ng-manager
: contains administration interface and session explorerlemonldap-ng-portal
: contains authentication portal and menulemonldap-ng-fastcgi-server
: FastCGI server needed to use Nginxlemonldap-ng-nginx
: contains Nginx configuration and dependencieslemonldap-ng-uwsgi-app
: contains Uwsgi applicationlemonldap-ng-selinux
: contains the SELinux policy for httpdperl-Lemonldap-NG-Common
: CPAN - Shared modulesperl-Lemonldap-NG-Handler
: CPAN - Handler modulesperl-Lemonldap-NG-Manager
: CPAN - Manager modulesperl-Lemonldap-NG-Portal
: CPAN - Portal modulesperl-Lemonldap-NG-SSOaaS-Apache-Client
: SSOaaS client module
Danger
The package lemonldap-ng-nginx requires the Nginx community package. If you use OpenResty or Nginx plus, you must ignore this dependency. To do this, download the package and install it with:
rpm --nodeps -i lemonldap-ng-nginx*.rpm
Prerequisites¶
LemonLDAP::NG has dependencies which are not in base RHEL repositories.
You need to enable EPEL repositories before installing.
On RHEL8 and derivatives, you also also need to enable the PowerTools repository in /etc/yum.repos.d
.
On OracleLinux, the corresponding repo is called Oracle Linux 8 CodeReady Builder.
Get the packages¶
YUM repository¶
You can add this YUM repository to get recent packages:
vi /etc/yum.repos.d/lemonldap-ng.repo
[lemonldap-ng]
name=LemonLDAP::NG packages
baseurl=https://lemonldap-ng.org/redhat/stable/$releasever/noarch
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-OW2
Tip
Replace stable
by 2.0
to avoid upgrade to next major
version
You may also need some extras packages, available here:
[lemonldap-ng-extras]
name=LemonLDAP::NG extra packages
baseurl=https://lemonldap-ng.org/redhat/extras/$releasever
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-OW2
Run this to update packages cache:
yum update
Manual download¶
RPMs are available on the Download page.
Package GPG signature¶
Get the RPM signing key onto your LemonLDAP::NG server:
curl https://lemonldap-ng.org/_media/rpm-gpg-key-ow2 > /etc/pki/rpm-gpg/RPM-GPG-KEY-OW2
Install packages¶
With YUM¶
If the packages are stored in a yum repository:
yum install lemonldap-ng
# If you use SELinux
yum install lemonldap-ng-selinux
You can also use yum on local RPMs file:
yum localinstall lemonldap-ng-* perl-Lemonldap-NG-*
With RPM¶
You have then to install all the downloaded packages:
yum install lemonldap-ng-* perl-Lemonldap-NG-*
Tip
You can choose to install only one component by choosing the
package lemonldap-ng-portal
, lemonldap-ng-handler
or
lemonldap-ng-manager
.
Install the package lemonldap-ng-conf
on all server which contains
one of those packages.
First configuration steps¶
Change default DNS domain¶
By default, DNS domain is example.com
. You can change it quick with
a sed command. For example, we change it to ow2.org
:
sed -i 's/example\.com/ow2.org/g' /etc/lemonldap-ng/* /var/lib/lemonldap-ng/conf/lmConf-1.json /etc/nginx/conf.d/* /etc/httpd/conf.d/*
Upgrade¶
If you upgraded LemonLDAP::NG, check all upgrade notes.
DNS¶
Configure your DNS server to resolve names with your server IP:
auth.<your domain>
: main portal, must be publicmanager.<your domain>
: manager, only for adminsitratorstest1.<your domain>
,test2.<your domain>
: sample applications
Follow the next steps
File location¶
Configuration is in
/etc/lemonldap-ng
LemonLDAP::NG configuration (edited by the Manager) is in
/var/lib/lemonldap-ng/conf/
All Perl modules are in the
/usr/share/perl5/vendor_perl
directoryAll Perl scripts/pages are in
/var/lib/lemonldap-ng/
All static content (examples, CSS, images, etc.) is in
/usr/share/lemonldap-ng/
Administration scripts are in
/usr/libexec/lemonldap-ng/bin
Build your packages¶
If you need it, you can rebuild RPMs:
Install rpm-build package
Install all build dependencies (see BuildRequires in
lemonldap-ng.spec
)Put LemonLDAP::NG tarball in
%_topdir/SOURCES
Edit
~/.rpmmacros
and set your build parameters:
%_topdir /home/user/build
%dist .el7
%rhel 7
Go to
%_topdir
Build:
rpmbuild -ta SOURCES/lemonldap-ng-VERSION.tar.gz