Skip to content

Commit

Permalink
Public release tinkering
Browse files Browse the repository at this point in the history
  • Loading branch information
Olegs Capligins committed Jan 16, 2018
1 parent a8b5573 commit dcfad1b
Show file tree
Hide file tree
Showing 18 changed files with 298 additions and 219 deletions.
4 changes: 2 additions & 2 deletions LICENSE-ru.md
View file
@@ -1,5 +1,5 @@
Генеральная публичная лицензия GNU
=================================
Генеральная публичная лицензия GNU Affero
=========================================

_Редакция 3, 19 Ноября 2007_<br>
_Copyright © 2007 Free Software Foundation, Inc. &lt;<http://fsf.org/>&gt;_<br>
Expand Down
4 changes: 4 additions & 0 deletions docs/administrators-guide/cds.md
View file
Expand Up @@ -15,3 +15,7 @@ By pressing <i class="fa fa-caret-square-o-down"></i> you can look through the c
# Managing installed entities

Once entry is downloaded it can be removed via corresponding cBackup functions as [device management](devices/#device-management) and [authentication template management](authentication/#authentication-templates). For reinstalling entry - see warning above.

# Isolated system

If your cBackup appliance doesn't have access to the internet and can't fetch data from [cbackup content repository](https://github.com/cBackup/content), you can manually [download the repository as zip file](https://github.com/cBackup/content/archive/master.zip) and extract it to `/cbackup/modules/cds/content/` folder. Of course content update feature won't be available and it will be necessary to reupload data manually every time you need an update.
19 changes: 15 additions & 4 deletions docs/administrators-guide/daemon.md
View file
@@ -1,6 +1,6 @@
# General info

As you already know, cBackup consists of two parts: **web core** and **daemon**. Web core is used for system management and daily work, and the daemon processes defined tasks, gathers data from nodes and runs discovery process through defined subnets.
As you may already know, cBackup consists of two parts: **web core** and **daemon**. Web core is used for system management and daily work, and the daemon processes defined tasks, gathers data from nodes and runs discovery process through defined subnets.

cBackup daemon itself is java executable file `cbackup.jar`, running as background service. Therefore it can be managed as a regular system service: you can start it, stop, restart, enable or disable its autostart with operating system controls (e.g. via `systemctl`). cBackup daemon is posessed by internal scheduler to avoid dependency on system crontab.

Expand All @@ -23,7 +23,7 @@ _Command_ | _Description_ | _Additional keys_

# Logs

By default all service logs are falling into `/var/log/messages`. To forward it into separate log file, use syslog functionality.
By default all service logs on systemd-controlled OS are falling into `/var/log/messages`. To forward it into separate log file, use syslog functionality. Please note, that on CentOS 6 (or other sysvinit) service logs are written into `/var/log/cbackup.log`.

**Snippet for rsyslog.conf**

Expand Down Expand Up @@ -63,7 +63,7 @@ To omit cbackup log entry from going any further in syslog-ng (e.g. in _messages
As long as logging relies on syslog, you can add your new log `/var/log/cbackup` to `/etc/logrotate.d/syslog` file. Just make sure, there's `sharedscripts` directive in it, e.g.:

/var/log/cron
/var/log/cbackup
/var/log/cbackup/cbackup.log
/var/log/maillog
/var/log/messages
/var/log/secure
Expand All @@ -78,4 +78,15 @@ As long as logging relies on syslog, you can add your new log `/var/log/cbackup`
postrotate
/bin/kill -HUP `cat /var/run/syslogd.pid 2> /dev/null` 2> /dev/null || true
endscript
}
}

Please note, that on CentOS 6 (or other sysvinit) you want to logortate `/var/log/cbackup.log` with `copytruncate` option to avoid file open resource reset, e.g.:

/var/log/cbackup.log {
weekly
missingok
notifempty
rotate 4
compress
copytruncate
}
23 changes: 17 additions & 6 deletions docs/administrators-guide/notification-area.md
View file
@@ -1,9 +1,20 @@
The top right corner of cBackup web interface is the notification area and quick access to logged user's account settings.

* **Left button**<br>Is the daemon control. You can start/stop/restart the daemon itself or perform similar actions on it's internal scheduler. In normal operation mode for cBackup both services are running:<br>
![](../assets/daemon.png)
<br><br>
* **Bell button**<br>Is the quick access to messages about new unknown equipment found durring discovery process. Review messages and [recognize newly found devices](devices/#add-discovered-device). When device will be added as recognized, acknowledge the entry in [messages interface](system-messages.md)<br>
#### Left button...

...is the daemon control. You can start/stop/restart the daemon itself or perform similar actions on it's internal scheduler. Red background on a row means that web application was unable to establish connection to the socket. Either settings are wrong or something went wrong with the service itself. You may try to hover on the <i class="fa fa-exclamation-triangle text-danger"></i> red triangle to read the exception message.

In normal operation mode for cBackup both services are running | Something is broken
------------------------ | ----------------------------
![](../assets/daemon.png) | ![](../assets/daemon-error.png)

#### Bell button...

...is the quick access to messages about new unknown equipment found durring discovery process. Review messages and [recognize newly found devices](devices/#add-discovered-device). When device will be added as recognized, acknowledge the entry in [messages interface](system-messages.md)

![](../assets/messages.png)
<br><br>
* **Username dropdown**<br>Provides access to signing out, personalization options and user credentials editing.


#### Username dropdown...

...provides access to signing out, personalization options and user credentials editing.
4 changes: 4 additions & 0 deletions docs/administrators-guide/processes.md
View file
Expand Up @@ -8,6 +8,10 @@ Available under `Processes -> Global variables` menu, these variables can repres

# Schedules

On the scheduled task list you may see two tabs for two schedule types: Tasks and Mail. The second one can be used to send regular reports about system state. And the first one can be called 'internal crontab' with appearance you may find familiar. To make things easier to comprehend, there's also a column 'Next run' with information when next sheduled task will be ckicked in:

![Schedules](../assets/schedules.png)

Schedule is an entity, defining when particular task has to be executed and run. Generally you want to schedule every task to a particular time - do it wisely considering order and previous task execution time. Schedules are available under `Processes -> Schedules` menu and they look like a Linux crontab. However, a user friendly interface is provided:

![Cron UI](../assets/discovery3.png)
8 changes: 8 additions & 0 deletions docs/administrators-guide/system-configuration.md
View file
Expand Up @@ -84,3 +84,11 @@ These settings are related to the cBackup Java daemon:

7. **Thread count**<br>
How much threads Java daemon will launch. For two cores on VM on Xeon E5620, 30 threads utilizes CPU completely when backup is running, but yet without excessive overload

### Server credentials

These are credentials used by cBackup web core to connect _to the server_ via SSH protocol to start, stop or restart cBackup system daemon.

### Daemon credentials

These are credentials used by cBackup web core to connect _to the java daemon socket_ via SSH protocol to manage the internal daemon scheduler.
Binary file added docs/assets/daemon-error.png
View file
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file modified docs/assets/daemon.png
View file
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added docs/assets/schedules.png
View file
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
32 changes: 5 additions & 27 deletions docs/getting-started/install-web.md
View file
@@ -1,46 +1,24 @@
This process is maintained by wizard and contains of 5 steps. Every step is reversable, so you are able to go back manually or wizard will redirect you to the erroneous step giving you a chance to fix certain options.
!!! cite "Web setup"
This process is maintained by wizard and contains of 5 steps. Every step is reversable, so you are able to go back manually or wizard will redirect you to the erroneous step giving you a chance to fix certain options.

## 1. Initialization

Basic system requirements are being checked. Installation process will be aborted if web-server is configured incorrectly and system files are world-accessible. You want to mark the `web` folder as wwwroot in your web-server configuration.

Apache:
```apacheconfig
<VirtualHost *:%httpsport%>
# ....
DocumentRoot /var/www/html/web
# ....
</VirtualHost>
```

Nginx:
```
server {
# ...
location / {
root /var/www/html/web;
# ...
}
}
```
Basic system requirements are being checked. Installation process will be aborted if web-server is configured incorrectly and system files are world-accessible. You want to mark the `web` folder as wwwroot in your web-server configuration and make sure the folders and files on the level above are not visible.

## 2. Requirements check

During this step installer checks if all required PHP extensions and environmental systems are available (including Java runtime and Git).
During this step installer checks if all required PHP extensions and environmental systems are available (including Java runtime and Git). If any extensions are missing, don't hesitate to go back to SSH CLI on your server and setup missing stuff. Reload page to check if changes took effect.

## 3. Acquire credentials

You will be prompted to enter database and system credentials, as well as path to your Git executable if installer is unable to find it aidless. Fill all form inputs and proceed.

## 4. Integrity check

All settings are being set in the beginning of this step. Acquired data is saved to relevant files and database. Therefore the step might take some time to complete. When data is saved, the integrity check will be performed. If everything works as intended, you may proceed to final step and start working with cBackup.
All settings are being validated and set in the beginning of this step. Acquired data is saved to relevant files and database. Therefore the step might take some time to complete. When data is saved, the integrity check will be performed. If everything works as intended, you may proceed to final step and start working with cBackup.

Also all files and directories permissions will be checked. Look through if everything is set correctly. If necessary - fix it from the shell via `chmod` command.

## 5. Finalizing

The final step removes all runtime installation data from the system and redirects you to the authentication page.

!!! note
Now you have to [register cBackup service](/getting-started/servers/service.md)
32 changes: 15 additions & 17 deletions docs/getting-started/install.md
View file
@@ -1,15 +1,14 @@
!!! note "Installation fundamentals"
Installation process can be divided in 3 stages:
Using RPM or DEB packages, installation process can be divided in 2 stages:

1. [Prepare server](#1-prepare-server)
2. [Setup cBackup web core](#2-setup-cbackup-web-core)
3. [Register service](#3-register-service)
2. [Setup cBackup](#2-setup-cbackup)

### 1. Prepare server

To use cBackup you want to have Linux server (Windows is not officially supported yet) with the following software:

* PHP 7.0 or newer
* PHP 7.0 or newer
* With the following extensions: _mbstring, snmp, SSH2, Reflection, pcre, spl, ctype, openssl, intl, mysqlnd, pdo_mysql, PDO, gmp, curl, zip_
* Web server (e.g. Apache or NGinx)
* PHP support must be enabled as module or FastCGI/FPM
Expand All @@ -20,23 +19,22 @@ To use cBackup you want to have Linux server (Windows is not officially supporte
* libCurl 7.29 or newer
* OpenSSH

First, install operating system. We recommend using latest x64 distribs like CentOS 7, Ubuntu 16 with systemd (systemctl) init management system. Further in this documentation we consider minimal package is installed and related software should be installed manually.
First, install operating system. We recommend using latest x64 distribs like CentOS 7, Ubuntu 16 with systemd (systemctl) init management system. Further in this documentation we consider minimal package is installed and related software should be installed manually.

_OS_ | _Documentation_ | _Comment_
--------- | --------- | ---------
CentOS 7 | [/getting-started/servers/centos7](/getting-started/servers/centos7.md) | Can be applied to all latest RHEL-based distribs with systemctl
Ubuntu 16 | [/getting-started/servers/ubuntu16](/getting-started/servers/ubuntu16.md) | Can be applied to all latest Debian-based distribs
!!! warning "OS-related settings"
While choosing your operating system, make sure, your security settings are adjusted to necessary level. E.g. **SELinux** in CentOS must be set to `permissive` or `disabled` state. Firewalld, ufw or iptables must allow connections to the web server. And so on and so forth.

## 2. Setup cBackup web core
_OS_ | _Documentation_ | _Comment_ | Note
--------- | --------- | --------- | ---------
CentOS 6 | [/getting-started/servers/centos6](/getting-started/servers/centos6.md) | Can be applied to SysV init CentOS 6 operating system | Disable SELinux and setup iptables
CentOS 7 | [/getting-started/servers/centos7](/getting-started/servers/centos7.md) | Can be applied to all latest RHEL-based distribs with systemctl | Disable SELinux and setup firewalld
Ubuntu 16 | [/getting-started/servers/ubuntu16](/getting-started/servers/ubuntu16.md) | Can be applied to all latest Debian-based distribs | Setup ufw if necessary
Other | [/getting-started/servers/general](/getting-started/servers/general.md) | General description of manual installation on any *nix system | -

This process is maintained by wizard and contains of 5 steps. Every step is reversable, so you are able to go back manually or wizard will redirect you to the erroneous step giving you a chance to fix certain options.
## 2. Setup cBackup

First, following the guide from the table above, install DEB or RPM package and then proceed to cBackup web installer. This process is maintained by wizard and contains of 5 steps. Every step is reversable, so you are able to go back manually or wizard will redirect you to the erroneous step giving you a chance to fix certain options.

!!! note
Detailed guide for web core setup, installation second stage, is [available here](install-web.md).

## 3. Register service

This step depends on OS you are using. In general, it's necessary to register `cbackup.jar` as a service via `systemctl`, enable its startup with system and add to `sudoers.d` commands for its control.

!!! note
Detailed information about registering service, installation third and the last stage, is [available here](/getting-started/servers/service.md).
84 changes: 84 additions & 0 deletions docs/getting-started/servers/centos6.md
View file
@@ -0,0 +1,84 @@
!!! cite "General info"
This section describes cBackup installation for CentOS 6 from RPM package. If you are want to undergo manual installation, please refer to [general *nix installation description](/getting-started/servers/general.md). Also please note, that RPM will unpack installation to `/opt/cbackup` by default and use Apache web server. If you want to choose e.g. Nginx, or place installation into different folder, refer to the same [general installation description](/getting-started/servers/general.md).

#### Update system and disable SELinux

```bash
yum update
sed -i --follow-symlinks 's/^SELINUX=.*/SELINUX=disabled/g' /etc/sysconfig/selinux
reboot
```

#### Install required software

```bash
sudo yum install -y wget git net-snmp epel-release yum-utils jre
```

#### Install web server

```bash
sudo yum install -y httpd
sudo /etc/init.d/start httpd
sudo chkconfig httpd on
```

#### Install PHP 7

For RHEL-based distrib you want to add repository with PHP 7 or newer. E.g. for CentOS it could be [REMI repository](https://rpms.remirepo.net/):

```bash
sudo rpm -ivh https://rpms.remirepo.net/enterprise/remi-release-7.rpm
sudo yum-config-manager --enable remi-php71
sudo yum install -y php php-gmp php-pecl-zip php-pdo php-mysqlnd php-intl php-pecl-ssh2 php-snmp php-mbstring php-mcrypt php-bcmath php-common php-cli
```

#### Install MySQL

Go to [mariadb.org](https://mariadb.com/kb/en/library/yum/) and setup external repo:

```bash
sudo yum install -y MariaDB-server
sudo /etc/init.d/mysql start
sudo chkconfig mysql on
mysql_secure_installation
```

Prepare user and database for cBackup. You want to use MySQL console to complete this task:

```mysql
CREATE DATABASE cbackup CHARSET utf8 COLLATE utf8_general_ci;
CREATE USER 'cbackup'@'localhost' IDENTIFIED BY 'mypassword';
GRANT USAGE ON *.* TO cbackup@localhost;
GRANT ALL PRIVILEGES ON cbackup.* TO cbackup@localhost;
```

#### Adjust security

```bash
sudo iptables -A INPUT -p tcp --dport 80 -j ACCEPT
sudo /etc/init.d/iptable save
```

#### Download cbackup RPM and install it

```bash
wget -O ~/cbackup.el6.noarch.rpm "http://cbackup.me/latest?package=rpm&sub=el6"
cd ~ && sudo rpm -ivh cbackup.el6.noarch.rpm
```

#### Change cbackup system user password and restart httpd service

```bash
sudo passwd cbackup
sudo /etc/init.d/httpd restart
```

This `cbackup` system user will be used to manage system daemon via SSH.

#### Start cBackup web setup

Open up you browser pointing to `http://your.server.name/cbackup/index.php` and compele setup process.

!!! cite "Setup complete"
Now you can start using your cBackup and proceed with its [initial setup](/getting-started/initial-setup.md)

0 comments on commit dcfad1b

Please sign in to comment.