Installation on Red Hat/CentOS¶
Attention
LemonLDAP::NG requires at least Red Hat/CentOS 7
List of pacakges¶
LemonLDAP::NG provides packages for RHEL (and derivatives) 7/8/9:
lemonldap-ng
: metapackage, contains no file but dependencies on other packageslemonldap-ng-doc
: HTML documentation and project docs (README, etc.)lemonldap-ng-test
: sample CGI test pagelemonldap-ng-common
: configuration and common fileslemonldap-ng-handler
: Handler common librarieslemonldap-ng-manager
: Manager fileslemonldap-ng-portal
: Portal fileslemonldap-ng-fastcgi-server
: FastCGI server needed to use Nginxlemonldap-ng-uwsgi-app
: Uwsgi applicationlemonldap-ng-selinux
: SELinux policyperl-Lemonldap-NG-SSOaaS-Apache-Client
: SSOaaS client module
Prerequisites¶
LemonLDAP::NG has dependencies which are not in base RHEL repositories.
You need to enable EPEL repositories before installing.
On RHEL8 and derivatives, you also also need to enable the PowerTools repository in /etc/yum.repos.d
.
On OracleLinux, the corresponding repo is called Oracle Linux 8 CodeReady Builder.
Get the packages¶
YUM repository¶
You can add this YUM repository to get recent packages:
vi /etc/yum.repos.d/lemonldap-ng.repo
[lemonldap-ng]
name=LemonLDAP::NG packages
baseurl=https://lemonldap-ng.org/redhat/stable/$releasever/noarch
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-OW2
Tip
Replace stable
by 2.0
to avoid upgrade to next major
version
You may also need some extras packages for SAML, available here:
[lemonldap-ng-extras]
name=LemonLDAP::NG extra packages
baseurl=https://lemonldap-ng.org/redhat/extras/$releasever
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-OW2
Run this to update packages cache:
yum update
Official Fedora packages¶
Packages are available in EPEL, so you can choose to install them directly from here.
Manual download¶
RPMs are available on the Download page.
Package GPG signature¶
For EL7¶
Get the legacy RPM signing key onto your LemonLDAP::NG server:
curl https://lemonldap-ng.org/_media/rpm-gpg-key-ow2 > /etc/pki/rpm-gpg/RPM-GPG-KEY-OW2
For EL8 and higher¶
Install the GPG Security key on your LemonLDAP::NG server:
curl https://lemonldap-ng.org/security/GPG-KEY-LLNG-SECURITY.asc > /etc/pki/rpm-gpg/RPM-GPG-KEY-OW2
Install packages¶
With YUM¶
If the packages are stored in a yum repository:
yum install lemonldap-ng
# If you use SELinux
yum install lemonldap-ng lemonldap-ng-selinux
You can also use yum on local RPMs file:
yum localinstall lemonldap-ng-* perl-Lemonldap-NG-*
With RPM¶
You have then to install all the downloaded packages:
yum install lemonldap-ng-* perl-Lemonldap-NG-*
Tip
You can choose to install only one component by choosing the
package lemonldap-ng-portal
, lemonldap-ng-handler
or
lemonldap-ng-manager
.
First configuration steps¶
Change default DNS domain¶
By default, DNS domain is example.com
. You can change it quick with
a sed command. For example, we change it to ow2.org
:
sed -i 's/example\.com/ow2.org/g' /etc/lemonldap-ng/* /var/lib/lemonldap-ng/conf/lmConf-1.json /etc/nginx/conf.d/* /etc/httpd/conf.d/*
Upgrade¶
If you upgraded LemonLDAP::NG, check all upgrade notes.
DNS¶
Configure your DNS server to resolve names with your server IP:
auth.<your domain>
: main portal, must be publicmanager.<your domain>
: manager, only for adminsitratorstest1.<your domain>
,test2.<your domain>
: sample applications
Follow the next steps
File location¶
Configuration is in
/etc/lemonldap-ng
LemonLDAP::NG configuration (edited by the Manager) is in
/var/lib/lemonldap-ng/conf/
All Perl modules are in the
/usr/share/perl5/vendor_perl
directoryAll Perl scripts/pages are in
/var/lib/lemonldap-ng/
All static content (examples, CSS, images, etc.) is in
/usr/share/lemonldap-ng/
Administration scripts are in
/usr/libexec/lemonldap-ng/bin