Installing RatticDB - OpenSource Password Manager On CentOS7
Install CentOS 7
Install CentOS 7 with 'minimal install' option
- yum install epel-release
- yum update
- yum upgrade
- yum groupinstall development
- yum groupinstall "Web Server"
- yum install gcc openldap-devel bzip2-devel sqlite-devel libxml2-devel libxslt-devel wget openssl-devel python-pip cryptsetup mod_wsgi vim
- yum install tk-devel ncurses-devel readline-devel mysql-devel ntp
- yum install httpd-devel python-devel
- chkconfig ntpd on
- service ntpd start
Setup the hostname:
#vim /etc/hostname
pwdmngr.example.com
Disable SELINUX
NOTE: With CentOS 6.6 i have managed to move mysql to encrypted partition when SELINUX is enable, i haven't managed to do it with CentOS 7.
- vim /etc/selinux/config
- SELINUX=enforcing
+ SELINUX=disabled
- reboot
Install and Set up MySQL (You can also install MariaDB with epel repo)
- rpm -Uvh http://dev.mysql.com/get/
mysql-community-release-el7-5. noarch.rpm - yum -y install mysql-community-server
- /usr/bin/systemctl start mysqld
- /usr/bin/mysql_secure_
installation
Change the root password? [Y/n] Y
Remove anonymous users? [Y/n] y
Disallow root login remotely? [Y/n] y
Remove test database and access to it? [Y/n] y
Reload privilege tables now? [Y/n] y
- mysql -u root -p
create database rattic;
create user rattic@localhost identified by '***rattic-db-password***';
grant all on rattic.* to rattic;
Optional: Set up encrypted device for MySQL
- cryptsetup luksFormat /dev/sdb1
- cryptsetup luksOpen /dev/sdb1 rattic_encrypted
- pvcreate /dev/mapper/rattic_encrypted
- vgcreate rattic_VG /dev/mapper/rattic_encrypted
- lvcreate -l 100%VG -n rattic_LV rattic_VG
- mkfs.ext4 /dev/mapper/rattic_VG-rattic_
LV - mkdir /opt/apps/mysql
- mount /dev/mapper/rattic_VG-rattic_
LV /opt/apps/mysql
Optional: Change MySQL Database directory
- systemctl stop mysqld.service
- cp -r /var/lib/mysql/* /opt/apps/mysql
- mv /var/lib/mysql /var/lib/mysql_OLD
- ln -s /opt/apps/mysql /var/lib/mysql
- chown -R mysql:mysql mysql
- vim /etc/my.cnf
- datadir=/var/lib/mysql
- socket=/var/lib/mysql/mysql. sock
+ datadir=/opt/apps/mysql
+ socket=/opt/apps/mysql/mysql. sock
- systemctl start mysql.service
Configure RatticDB
- cd /tmp
Download latest stable version from github
- wget https://github.com/tildaslash/RatticWeb/archive/master.zip
- unzip master.zip
- mv RatticWeb /opt/apps/RatticWeb
- cd /opt/apps/RatticWeb
- pip install -r requirements-mysql.txt
- mkdir /opt/apps/RatticWeb/static
- chown -R rattic /opt/apps/RatticWeb
- useradd -c "RatticWeb" -m rattic
- su - rattic
Note: Change hostname with your hostname, set any secret key, set the myql password here.
- vim /opt/apps/RatticWeb/conf/
local.cfg
[ratticweb]
debug = False
secretkey = ***rattic-secret-key***
hostname = ratticdb
[filepaths]
static = /opt/apps/RatticWeb/static
[database]
engine = django.db.backends.mysql
name = rattic
user = rattic
password = ***rattic-db-password***
host = localhost
port = 3306
- exit (back to root)
Configure Apache
Note: Change the "Server Name, Server Alias and Redirect Permanent url with hostname
Note: Change the "Server Name, Server Alias and Redirect Permanent url with hostname
- vim /etc/httpd/conf.d/rattic.conf
<VirtualHost *:80>
ServerName ratticdb
ServerAlias ratticdb
Redirect permanent / https://ratticdb
</VirtualHost>
Alias /robots.txt /opt/apps/RatticWeb/static/ robots.txt
Alias /favicon.ico /opt/apps/RatticWeb/static/ favicon.ico
AliasMatch ^/([^/]*\.css) /opt/apps/RatticWeb/static/ styles/$1
Alias /media/ /opt/apps/RatticWeb/media/
Alias /static/ /opt/apps/RatticWeb/static/
<Directory /opt/apps/RatticWeb/static>
#Order deny,allow
#Allow from all
Require all granted
</Directory>
<Directory /opt/apps/RatticWeb/media>
#Order deny,allow
#Allow from all
Require all granted
</Directory>
#WSGISocketPrefix run/wsgi
WSGIScriptAlias / /opt/apps/RatticWeb/ratticweb/ wsgi.py
WSGIPassAuthorization On
WSGIDaemonProcess rattic processes=2 threads=25 home=/opt/apps/RatticWeb/ python-path=/opt/apps/ RatticWeb display-name=%{GROUP}
WSGIProcessGroup rattic
<Directory /opt/apps/RatticWeb/ratticweb>
<Files wsgi.py>
#Order deny,allow
#Allow from all
Require all granted
</Files>
</Directory>
- systemctl start httpd.service
Modify firewall
- iptables -I INPUT -m state --state NEW -p tcp --dport 80 -j ACCEPT
- iptables -I INPUT -m state --state NEW -p tcp --dport 443 -j ACCEPT
Go to: https://ratticdb
# cd /usr/local/lib/python2.7/dist-packages # this path probably varies from system to system # rm -rf kombu/transport/django/migrations djcelery/migrations # mv kombu/transport/django/south_migrations kombu/transport/django/migrations # mv djcelery/south_migrations djcelery/migrations
To sync db follow the below stepls
# pip install -r requirements-base.txt
./manage.py scripts
./manage.py syncdb --noinput
./manage.py migrate --all
./manage.py collectstatic -c --noinput
./manage.py demosetup