Différences

Ci-dessous, les différences entre deux révisions de la page.

--- meshcentral-sur-lxc [2020/11/08 14:57] – créée pielo
+++ meshcentral-sur-lxc [2021/12/26 09:35] (Version actuelle) – [Apache revese proxy] pielo
@@ Ligne 1: / Ligne 1: @@
-====== Installation de Meshcentral sur LXC ======
+====== Installation de Meshcentral sur LXC Ubuntu 18.04 ======
 ===== Liens =====
-* http://info.meshcentral.com/downloads/MeshCentral2/MeshCentral2InstallGuide.pdf
+  * [[http://info.meshcentral.com/downloads/MeshCentral2/MeshCentral2InstallGuide.pdf|Installation Guide]]
+  * [[http://info.meshcentral.com/downloads/MeshCentral2/MeshCentral2UserGuide.pdf|User's Guide]]
+===== Outils =====
+<code bash>
+apt install net-tools bash-completion software-properties-common
+dpkg-reconfigure locales
+cat <<EOF | tee -a /etc/bash.bashrc
+if [ -f /etc/bash_completion ]; then
+        . /etc/bash_completion
+fi
+EOF
+</code>
+===== Réseau =====
 <code bash>
@@ Ligne 21: / Ligne 37: @@
           - 8.8.8.8
 EOF
+</code>
+===== Meshcentral =====
+<code bash>
+apt install -y nodejs npm
+node -v
+npm -v
+apt install mongodb -y
+systemctl start mongodb
+systemctl enable mongodb
+setcap cap_net_bind_service=+ep /usr/bin/node
+echo "@reboot setcap cap_net_bind_service=+ep /usr/bin/node" | crontab -
+useradd -r -d /opt/meshcentral -s /sbin/nologin meshcentral
+mkdir /opt/meshcentral
+cd /opt/meshcentral
+npm install meshcentral
+npm install archiver@4.0.2 otplib@10.2.3 mongodb
+mkdir /opt/meshcentral/meshcentral-data
+chown -R meshcentral:meshcentral /opt/meshcentral
+chmod 755 -R /opt/meshcentral/meshcentral-*
+cat <<'EOF' | tee /opt/meshcentral/meshcentral-data/config.json
+{
+  "settings": {
+    "MongoDb": "mongodb://127.0.0.1:27017/meshcentral",
+    "Cert": "myservername.domain.com",
+    "AliasPort": 443,
+    "Port": 4430,
+    "RedirPort": 800,
+    "AgentPong": 300,
+    "TlsOffload": "10.0.3.177"
+  }
+  "domains": {
+  "": {"certUrl": "https://myservername.domain.com/"}
+  }
+}
+EOF
+sudo -u meshcentral node ./node_modules/meshcentral
+</code>
+===== Apache reverse proxy =====
+https://github.com/Ylianst/MeshCentral/issues/317#issuecomment-525048548
+<code apache>
+RewriteEngine on
+RewriteCond %{HTTP:Upgrade} websocket [NC]
+RewriteCond %{HTTP:Connection} upgrade [NC]
+RewriteRule . "ws://10.0.3.133:4430%{REQUEST_URI}" [P]
+ProxyPass / http://10.0.3.133:4430/ connectiontimeout=86400 timeout=30
+ProxyPassReverse / http://10.0.3.133:4430/
+ProxyPreserveHost On
+</code>
+===== Systemd service =====
+<code>
+cat <<EOF | tee /etc/systemd/system/meshcentral.service
+[Unit]
+Description=MeshCentral Server
+[Service]
+Type=simple
+LimitNOFILE=1000000
+ExecStart=/usr/bin/node /opt/meshcentral/node_modules/meshcentral
+WorkingDirectory=/opt/meshcentral
+Environment=NODE_ENV=production
+User=meshcentral
+Group=meshcentral
+Restart=always
+# Restart service after 10 seconds if node service crashes
+RestartSec=10
+# Set port permissions capability
+AmbientCapabilities=cap_net_bind_service
+[Install]
+WantedBy=multi-user.target
+EOF
+systemctl enable meshcentral.service
+systemctl start meshcentral.service
+systemctl status meshcentral.service
+systemctl stop meshcentral.service
 </code>