Installing NAV on CentOS 5

###
### NAV 3 installation
###
### for CentOS 5
###
### Roger Aas, Atea AS
###
###
### 25.02.2010:
###   - Fixed a lot of dependency problems, removed unneeded packages, upgraded others
### 22.02.2010:
###   - NAV version is 3.5.5
###   - Fixed some minor problems
### 26.01.2010:
###   - Tested on CentOS 5.4 i386 DVD
###   - NAV version is 3.5.4
###   - FCGI-0.68, CGI.pm-3.48, psycopg2-2.0.13, IPy-0.70, setuptools-0.6c11, pyrad-1.2, Django-1.1.1
### 10.09.2009:
###   - Tested on CentOS 5.3 i386 DVD
###   - NAV version is latest 3.5.4
###   - Many changes since 3.4
### 26.08.2008:
###   - Fixed several small issues
###   - Configured alternatives system with new java
### 22.08.2008:
###   - First (beta?) release of documentation for CentOS 5
###   - This version includes compiling the source of NAV
###   - Tested on CentOS 5.2 i386 DVD
###   - NAV version is latest 3.4.2
###   - Please report any problems with this version if you test it
###
### For feedback please contact me on the NAV mailing list or directly
### at <roger.aas at atea.no>

# Important information about site specific information that is needed:
#
# There are a lot of site specific information that you have to put in
# yourself (ip address, netmask, hostname, gateway, dns-servers,
# ntp provider, smtp server, linux-logs email-address, snmp community,
# ip-addresses to be allowed past firewall and so on). Make sure you have
# put in all the correct information. I have added information about
# this site specific information in each section header that will need it.



###
### Installation of CentOS 5
###
# I have included a very basic installation of CentOS 5 from DVD here.
# I have selected to do a "minimal" install and rather do an up2date or yum
# for the extra packages NAV needs in addition to that. That way I don't get
# a lot of services running on the machine that I don't need. I use static
# network configuration so the NAV server don't need to rely on a DHCP
# server functioning.
#
# Site-specific:
#   ip-address and netmask
#   hostname.yourdomain.tld
#   gateway ip-address
#   dns server ip-address(es)
#   root password
#
# Boot from CentOS 5.4 i386 DVD
# "Boot:", press Enter
# "CD Found", select Skip
# Screen 1: "CentOS"
#   Press Next
# Screen 2: "Language Selection"
#   Press Next
#   ("English (English)" is already selected)
# Screen 3: "Keyboard Configuration"
#   Select Norwegian and press Next
#   (for us with that kind of keyboard)
# Screen 4: "Partitioning"
#   Press Next
#   or if your situation needs it select
#    (a) if you want to remove all previous partitions on selected drives
#    (b) if you want to encrypt system
#    (c) which drives you want to use
#    (d) if you need any advanced storage configuration
#    (e) if you want to review and modify partitioning layout
#   Window 1: "Warning"
#     Press Yes 
# Screen 5: "Network Configuration"
#   Select eth0 and press Edit
#   Window 1: "Edit Interface"
#      Under IPv4 select "Manual configuration", type IP Address and Prefix (Netmask)
#      Deselect "Enable IPv6 support"
#      Press OK
#   Type in Hostname as hostname.yourdomain.tld
#   Under "Miscellaneous Settings" type in ip addresses for gateway and DNS servers
#   Press Next
# Screen 6: "Time Zone Selection"
#   Select "Europe/Oslo" and press Next
#   (For us living in Norway)
# Screen 7: "Set Root Password"
#   Enter root password twice and press Next
# Screen 8: "Package Group Selection"
#   Deselect "Desktop - Gnome", press Next
# Screen 9: "About to Install"
#   Press Next
# Screen 10: "Congratulations, the installation is complete."
#   Remove DVD and press Reboot

# Firstboot configuration
#
# WARNING! If you choose to use SELinux here you MUST do some configuration
# of that to get NAV to work. You are on your own.
#
# Firstboot:
#   Select "Firewall configuration"
#   Press Run Tool
#     Select Security Level: Disabled
#     Select SELinux: Disabled
#     Press OK
#   Press Exit



###
### Configure the system
###

##
## Stop some unneeded services
##
chkconfig autofs off        # Don't need automounting filesystems in this setup
chkconfig avahi-daemon off  # Don't need Zeroconf service discovery in this setup
chkconfig cups off          # Don't need printing directly on the NAV server
chkconfig gpm off           # Don't need a console mouse
chkconfig mcstrans off      # No SELinux on this machine
chkconfig mdmonitor off     # No software RAID in this setup
chkconfig netfs off         # I will not use any Network FS in this setup
chkconfig nfslock off       # Same
chkconfig portmap off       # No RPC programs in this setup
chkconfig rpcgssd off       # Don't need NFSv4 in this setup
chkconfig rpcidmapd off     # Same


##
## Other services that depends on the hardware of the specific machine you use for NAV
##
## Check the syslog and other log files to see if they are needed f.ex.:
##   grep apm /var/log/messages
##   grep microcode /var/log/messages
##   grep smart /var/log/messages
##
chkconfig apmd off          # Run this if your machine is not using APM (mostly laptops/or using ACPI)
chkconfig bluetooth off     # Run this if your machine do not have BT (mostly laptops/or using ACPI)
chkconfig cpuspeed off      # Run this if the processor is not a speedstep processor (mostly laptops)
chkconfig hidd off          # Run this if your machine do not have BT (mostly laptops/or using ACPI)
#chkconfig irqbalance off    # Run this if you have one processor with a single core
chkconfig isdn off          # Run this if your machine don't have an isdn connection
#chkconfig microcode_ctl off # Run this if microcode is older than your BIOS/Processor microcode
chkconfig pcscd off         # Run this if your machine does not use any smart cards
#chkconfig smartd off        # Run this if your HD is not SMART capable


##
## The CentOS5 installation over disabled IPv6, and /etc/sysconfig/network
## have a setting called NETWORKING_IPV6 that is then set to "no". But
## still some applications connect to IPv6 addresses and the IPv6 kernel
## module is autoloaded. We are still not using IPv6 and I am not ready to
## look into setting this up in a functioning way so instead I disable IPv6
## in this way:
##
# Remove IPv6 from CentOS5
echo "alias net-pf-10 off" >>/etc/modprobe.conf
# Also stop ipv6 firewall from trying to start
chkconfig ip6tables off


##
## Import RPM Key
##
gpg --import /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5
rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5


##
## Update installed packages to newest versions
##
# Check available updates
yum check-update
# Install updates
yum -y update


##
## Make a local user
##
#
# Site-specific:
#   "John Doe"
#   nn
#
useradd -c "John Doe" nn
passwd nn


##
## Configure ssh
##
#
# Site-specific:
#   nn
#
# - Disable X11 forwarding
# - Don't allow root logins
# - Select which account(s) can log in
# - Lower some time limits
sed -e 's/^X11Forwarding/#X11Forwarding/' -i /etc/ssh/sshd_config
cat << EOF >>/etc/ssh/sshd_config
PermitRootLogin no
AllowUsers nn
LoginGraceTime 20
MaxStartups 5
EOF


##
## Install and configure ntp
##
#
# Install ntp
yum -y install ntp
# First set the clock directly. The ntp daemon (ntpd) will not sync if time diff is too high.
ntpdate 0.centos.pool.ntp.org
# Start ntpd on reboot
chkconfig ntpd on
# Start the ntp daemon now
service ntpd start
# Run this command after some time. A * in front of the ntp server means it is synced.
ntpq -p


##
## Install sendmail-cf and configure sendmail:
##
#
# Site-specific:
#  yoursmtpserver.yourdomain.tld
#  yourlogemail@yourdomain.tld
#

# We use a SMART_HOST server that we want outgoing mail to go through.
# If you do not use that you can skip this part
# Start of smart host setup
# Install sendmail-cf
yum -y install sendmail-cf
# Edit the sendmail config file
cd /etc/mail
sed -e '/SMART_HOST/s/dnl //' -e 's/smtp.your.provider/yoursmtpserver.yourdomain.tld/' -i sendmail.mc
make -C /etc/mail
cd
# Restart sendmail
service sendmail restart
# End of smart host setup

# Decide who gets the mail to the root user (system logs etc.)
echo "root: yourlogemail@yourdomain.tld" >>/etc/aliases
newaliases


##
## Install net-snmp and configure snmpd
##
#
# Site-specific:
#  yoursnmpcommunity
#  YourPlace
#  You <yourcontactemail@yourdomain.tld>
#
# Install net-snmp
yum -y install net-snmp net-snmp-utils
# Edit the snmpd config file
cat << EOF >/etc/snmp/snmpd.conf
com2sec snmpuser default yoursnmpcommunity
group snmpgroup v1 snmpuser
group snmpgroup v2c snmpuser
view allsnmpview included .1
access snmpgroup "" any noauth exact allsnmpview none none
syslocation YourPlace
syscontact You <yourcontactemail@yourdomain.tld>
EOF

chkconfig snmpd on


##
## Configure syslog to accept syslog messages from external hosts
##
sed -e '/SYSLOGD_OPTIONS/s/m 0/m 0 -r/' -i /etc/sysconfig/syslog


##
## Configure the firewall
##
## Here I have added a sample firewall setup
##
## If you do not care about a local firewall just skip this step
##
## Site-specific:
##
## To use this you will have to enter the hosts that you want to have
## access to the web-server and the hosts that needs ssh access to NAV.
## In addition you can give access to NMS servers that need snmp-access
## and servers that need syslog access. You can define this with either
## a single host (158.37.22.2) or a subnet (158.37.22.0/24) or have
## several lines - both single hosts and subnets. If you need help in
## setting this up for your situation send me an email.
## Beware: Setting it up this way means you can not use the program
## system-config-network to set up the firewall. It will overwrite this
## file.

# Create an iptables file
cat << EOF >/etc/sysconfig/iptables
*mangle
COMMIT
*nat
COMMIT
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT DROP [0:0]
#
# Accept established and related packets
#
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
#
# Accept packets to loopback
#
-A INPUT -i lo -j ACCEPT
#
# Accept ping packets but rate-limit them
#
-A INPUT -m limit -p icmp --icmp-type echo-request --limit 1/s -j ACCEPT
#
# Accept SSH from specified addresses (EDIT THIS ONE)
#
-A INPUT -s 158.37.22.0/24 -p tcp --dport 22 -j ACCEPT
#
# Accept HTTP/HTTPS from specified addresses (EDIT THIS ONE)
#
-A INPUT -s 158.37.22.0/24 -p tcp --dport 80 -j ACCEPT
-A INPUT -s 158.37.22.0/24 -p tcp --dport 443 -j ACCEPT
#
# Accept SNMP from NMS'es (EDIT THIS ONE)
#
-A INPUT -s 158.37.22.2 -p udp --dport 161 -j ACCEPT
#
# Accept syslog from specified addresses (EDIT THIS ONE)
#
-A INPUT -s 158.37.22.2 -p udp --dport 514 -j ACCEPT
#
# If you want to access the database from some other machine
# remove the remark from this line and edit the source ip.
# You will also have to edit the postgresql config file pg_hba.conf
# so postgresql will listen to more than the loopback address.
#
#-A INPUT -s 158.37.22.2 -p tcp --dport 5432 -j ACCEPT
#
# Accept new, established and related packets to leave server
#
-A OUTPUT -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT
COMMIT
EOF

# Set right permissions on the file
chmod 600 /etc/sysconfig/iptables
# Start firewall
service iptables start


##
## Time to reboot the server
##
shutdown -r 0


##
## Log in with your new user and become root
## Root privileges is needed for installing and configuring NAV
##
su -


##
## Install and configure Apache, mod_ssl and mod_python:
##
#
# Site-specific:
#  Certificate:
#   Country Name
#   State or Province Name
#   Locality Name
#   Organization Name
#   Organizational Unit Name
#   Common Name (hostname.yourdomain.tld)
#   Email Address (webmaster@yourdomain.tld)
#  Apache config:
#   ServerAdmin (webmaster@yourdomain.tld)
#   ServerName (hostname.yourdomain.tld)
#  SSL config:
#   hostname.yourdomain.tld
#
# Install Apache
yum -y install httpd mod_ssl mod_python # php (PHP NO LONGER NEEDED)
# Remove autocreated cert and make a new certificate.
rm -f /etc/pki/tls/certs/localhost.crt
rm -f /etc/pki/tls/private/localhost.key
openssl genrsa 1024 >/etc/pki/tls/private/localhost.key
chmod go-rwx /etc/pki/tls/private/localhost.key
# I install a self-signed certificate valid for 10 years.
# I guess NAV4 should be out before that... :-)
# Enter your own data in the cert creation.
cat << EOF > openssl.conf
[ req ]
default_bits           = 1024
distinguished_name     = req_distinguished_name
prompt                 = no

[ req_distinguished_name ]
countryName            = NO
stateOrProvinceName    = Rogaland
localityName           = Haugesund
organizationName       = Atea AS
organizationalUnitName = Haugesund
commonName             = atealinux.haugesund.kommune.no
emailAddress           = roger.aas@atea.no
EOF

openssl req -new -key /etc/pki/tls/private/localhost.key \
 -x509 -days 3652 -out /etc/pki/tls/certs/localhost.crt -config openssl.conf
chmod go-rwx /etc/pki/tls/certs/localhost.crt
# Enable httpd to start on boot
chkconfig httpd on
# Configure Apache according with the example conf from
# the NAV3 distribution.
# Edit the httpd config file
sed \
 -e '/^StartServers/s/8/5/' \
 -e '/^MaxSpareServers/s/20/ 8/' \
 -e '/^ServerAdmin/s/root@localhost/webmaster@yourdomain.tld/' \
 -e 's/^#ServerName www.example.com/ServerName hostname.yourdomain.tld/' \
 -e '/^DocumentRoot/s/\/var\/www\/html/\/usr\/local\/nav\/apache\/webroot/' \
 -e '/^<Directory/s/\/var\/www\/html/\/usr\/local\/nav\/apache\/webroot/' \
 -e 's/Options Indexes FollowSymLinks/Options Indexes FollowSymLinks ExecCGI/' \
 -e '/FollowSymLinks ExecCGI/,/Controls who/s/AllowOverride None/AllowOverride All/' \
 -e '/^DirectoryIndex/s/index.html.var/index.html.var index.cgi/' \
 -e 's/^#AddHandler cgi-script .cgi/AddHandler cgi-script .cgi/' \
 -i /etc/httpd/conf/httpd.conf
# Edit the SSL config file
cat << EOF >>/etc/httpd/conf.d/ssl.conf

<IfModule mod_rewrite.c>
    RewriteEngine on
    RewriteLog logs/rewrite.log

    # We make sure the full host name is always used, so that cookies are
    # always valid through internal redirects on the NAV website.
    RewriteCond %{HTTP_HOST} !^hostname.yourdomain.tld\$
    RewriteRule ^/(.*) https://hostname.yourdomain.tld/\$1 [R=301]

    # We force the client to use the SSL server for security.
    RewriteCond %{HTTPS} !^on\$
    RewriteRule ^/(.*) https://hostname.yourdomain.tld/\$1 [R=301]
</IfModule>
EOF


##
## Install some more needed packages that is included with CentOS5
##
yum -y install gcc
yum -y install postgresql postgresql-server postgresql-jdbc # NAV dependency
yum -y install python-ldap # NAV dependency
yum -y install samba-client # NAV dependency (Arnold uses nmblookup)
yum -y install autoconf # NAV dependency
yum -y install ant # NAV dependency
yum -y install postgresql-devel # psycopg build dependency
yum -y install python-devel # psycopg build dependency
yum -y install mx # psycopg build dependency
yum -y install perl-libwww-perl # Cricket dependency
yum -y install db4-devel # Cricket dependency
yum -y install perl-TimeDate # Cricket dependency
yum -y install mysql # gammu dependency
yum -y install pkgconfig # python-gammu dependency


###
### Install and configure NAV and dependencies
###

##
## Make download/source directory
##
mkdir ~/nav3
cd ~/nav3


##
## Download NAV source tar and extract it
##
wget http://www.pannekake.net/nav/nav-3.5.5.tar.gz
tar xvzf nav-3.5.5.tar.gz


##
## Install Java Developer Kit, NAV dependency
##
wget http://www.pannekake.net/nav/jdk-6u18-linux-i586-rpm.bin
bash jdk-6u18-linux-i586-rpm.bin
# Fix the alternatives system to use new JDK
alternatives --install /usr/bin/java java /usr/java/default/bin/java 16180
alternatives --install /usr/bin/javac javac /usr/java/default/bin/javac 16180
# Set environment variables for Java used for installation
export PATH=/usr/java/default/bin:$PATH
export JAVA_HOME=/usr/java/default


##
## Install Java SNMP Package, NAV dependency
##
mkdir JavaSNMP
cd JavaSNMP
wget http://www.pannekake.net/nav/source_1.4.2.zip
unzip source_1.4.2.zip
make SNMPPackage
cd ..


##
## Use GPG-key for installing RPMs from Dag Wieers
##
wget http://www.pannekake.net/nav/RPM-GPG-KEY.dag.txt
gpg --import RPM-GPG-KEY.dag.txt
rpm --import RPM-GPG-KEY.dag.txt


##
## Install gammu, NAV dependency
##
wget http://www.pannekake.net/nav/gammu-1.11.0-1.el5.rf.i386.rpm
rpm -ivh gammu-1.11.0-1.el5.rf.i386.rpm
wget http://www.pannekake.net/nav/gammu-devel-1.11.0-1.el5.rf.i386.rpm
rpm -ivh gammu-devel-1.11.0-1.el5.rf.i386.rpm


##
## Install rrdtool, NAV dependency
##
wget http://www.pannekake.net/nav/rrdtool-1.2.23-1.el5.rf.i386.rpm
wget http://www.pannekake.net/nav/perl-rrdtool-1.2.23-1.el5.rf.i386.rpm
wget http://www.pannekake.net/nav/python-rrdtool-1.2.23-1.el5.rf.i386.rpm
wget http://www.pannekake.net/nav/rrdtool-devel-1.2.23-1.el5.rf.i386.rpm
rpm -ivh rrdtool-1.2.23-1.el5.rf.i386.rpm perl-rrdtool-1.2.23-1.el5.rf.i386.rpm
rpm -ivh python-rrdtool-1.2.23-1.el5.rf.i386.rpm
rpm -ivh rrdtool-devel-1.2.23-1.el5.rf.i386.rpm


##
## Perl module installations
##

# Cricket dependency
wget http://www.pannekake.net/nav/SNMP_Session-1.12.tar.gz
tar xvzf SNMP_Session-1.12.tar.gz
cd SNMP_Session-1.12
perl Makefile.PL
make
make install
cd ..

# Cricket dependency
wget http://www.pannekake.net/nav/MD5-2.03.tar.gz
tar xvzf MD5-2.03.tar.gz
cd MD5-2.03
perl Makefile.PL
make
make install
cd ..

# Cricket dependency
wget http://www.pannekake.net/nav/DB_File-1.820.tar.gz
tar xvzf DB_File-1.820.tar.gz
cd DB_File-1.820
perl Makefile.PL
make
make install
cd ..

# NAV dependency
wget http://www.pannekake.net/nav/pgsql_perl5-1.9.0.tar.gz
tar xvzf pgsql_perl5-1.9.0.tar.gz
cd pgsql_perl5-1.9.0
export POSTGRES_INCLUDE=/usr/include/pgsql POSTGRES_LIB=/usr/lib/pgsql
perl Makefile.PL
make
make install
unset POSTGRES_INCLUDE POSTGRES_LIB
cd ..


##
## Python module installations
##

# NAV dependency
wget http://www.pannekake.net/nav/psycopg-1.1.21.tar.gz
tar xvzf psycopg-1.1.21.tar.gz
cd psycopg-1.1.21
./configure \
 --with-postgres-includes=/usr/include/pgsql/server \
 --with-mxdatetime-includes=/usr/lib/python2.4/site-packages/mx/DateTime/mxDateTime
# Configure fails to read Postgresql version from config file because of a Red Hat
# include file kludge, so we fix this with another kludge
sed -e 's/POSTGRESQL_MAJOR=/POSTGRESQL_MAJOR=8/' -e 's/POSTGRESQL_MINOR=/POSTGRESQL_MINOR=1/' -i Makefile
make
make install
cd ..

# NAV dependency
wget http://www.pannekake.net/nav/psycopg2-2.0.13.tar.gz
tar xvzf psycopg2-2.0.13.tar.gz
cd psycopg2-2.0.13
python setup.py install
cd ..

# NAV dependency
wget http://www.pannekake.net/nav/IPy-0.70.tar.gz
tar xvzf IPy-0.70.tar.gz
cd IPy-0.70
python setup.py install
cd ..

# NAV dependency
wget http://www.pannekake.net/nav/pysnmp-2.0.9.tar.gz
tar xvzf pysnmp-2.0.9.tar.gz
cd pysnmp-2.0.9
python setup.py install
cd ..

# NAV dependency
wget http://www.pannekake.net/nav/Cheetah-2.2.1.tar.gz
tar xvzf Cheetah-2.2.1.tar.gz
cd Cheetah-2.2.1
python setup.py install
cd ..

# NAV dependency
wget http://www.pannekake.net/nav/forgetSQL-0.5.1.tar.gz
tar xvzf forgetSQL-0.5.1.tar.gz
# Patch it with patch from NAV source
cp nav-3.5.5/contrib/patches/forgetSQL-0.5.1.patch forgetSQL-0.5.1/lib
cd forgetSQL-0.5.1/lib
patch <forgetSQL-0.5.1.patch
cd ..
python setup.py install
cd ..

# pyrad dependency
wget http://www.pannekake.net/nav/setuptools-0.6c11.tar.gz
tar xvzf setuptools-0.6c11.tar.gz
cd setuptools-0.6c11
python setup.py install
cd ..

# NAV dependency
wget http://www.pannekake.net/nav/pyrad-1.2.tar.gz
tar xvzf pyrad-1.2.tar.gz
cd pyrad-1.2
python setup.py install
cd ..

# NAV dependency
wget http://www.pannekake.net/nav/Django-1.1.1.tar.gz
tar xvzf Django-1.1.1.tar.gz
cd Django-1.1.1
python setup.py install
cd ..

# gammu dependency
wget http://www.pannekake.net/nav/python-gammu-0.20.tar.gz
tar xvzf python-gammu-0.20.tar.gz
cd python-gammu-0.20
python setup.py install
cd ..


##
## Compile and install NAV
##
export CLASSPATH=/root/nav3/JavaSNMP/snmp.jar
cd nav-3.5.5
autoconf
./configure CRICKETDIR=/usr/local/nav/cricket/cricket
make
make install
cd



###
### Nav configuration
###

##
## NAV setup
##
# You may want to edit some or all of the files in the directory
# /usr/local/nav/etc/webfront now. This is to personalise your
# NAV installation.
#
# Edit NAV configuration file
#
# Site-specific:
#   ADMIN_MAIL (yournavemail@yourdomain.tld)
#   DOMAIN_SUFFIX (yourdomain.tld)
#
sed \
 -e '/ADMIN_MAIL/s/root@localhost/yournavemail@yourdomain.tld/' \
 -e '/DOMAIN_SUFFIX/s/ntnu.no/yourdomain.tld/' \
 -i /usr/local/nav/etc/nav.conf
#
# Arnold needs its log file existing
touch /usr/local/nav/var/log/arnold/arnold.log


##
## Make NAV user and group
##
groupadd nav
useradd -M -g nav -d /usr/local/nav navcron
chown -R navcron /usr/local/nav/var/log
chown -R navcron /usr/local/nav/var/run


##
## Profile setup
##
cat << EOF > /etc/profile.d/nav_environ.sh
export JAVA_HOME=/usr/java/default
export PATH=\$JAVA_HOME/jre/bin:\$PATH
EOF

chmod 755 /etc/profile.d/nav_environ.sh


##
## Link in the JDBC driver
##
ln -s /usr/share/java/postgresql-jdbc.jar /usr/local/nav/lib/java


##
## Copy in the snmp library
##
cp /root/nav3/JavaSNMP/snmp.jar /usr/local/nav/lib/java


##
## Link in some NAV Perl scripts into the Perl library
##
ln -s /usr/local/nav/lib/perl/NAV.pm /usr/lib/perl5/site_perl/5.8.8
ln -s /usr/local/nav/lib/perl/NAV /usr/lib/perl5/site_perl/5.8.8
ln -s /usr/local/nav/lib/perl/NetAddr /usr/lib/perl5/site_perl/5.8.8


##
## Append to Python the path to NAV python scripts
##
cat << EOF > /usr/lib/python2.4/site-packages/sitecustomize.py
import sys
__navpath = "/usr/local/nav/lib/python"
if __navpath not in sys.path:
    sys.path.append(__navpath)
EOF


##
## Configure Postgresql database
##
#
# Site-specific:
#   navdbpassword
#
# Start postgres when the machine boots and now
chkconfig postgresql on
service postgresql start
# Configure postgres with correct net authorization
sed -e 's/^local/#local/' -i /var/lib/pgsql/data/pg_hba.conf
sed -e 's/^host/#host/' -i /var/lib/pgsql/data/pg_hba.conf
cat << EOF >>/var/lib/pgsql/data/pg_hba.conf
local   all     postgres        ident   sameuser
local   all     all             md5
host    all     all             127.0.0.1       255.255.255.255 md5
host    all     all             0.0.0.0         0.0.0.0         reject
EOF

# Restart service
service postgresql restart
# Become postgresql admin
su - postgres
# Use NAV script to make db user with password, make and init nav db
cd /usr/local/nav/doc/sql
sh createdb.sh -p navdbpassword
# Go back to root user
exit
# Configure NAV config file with the nav user password you chose
sed -e 's/userpw_nav=/userpw_nav=navdbpassword/' -i /usr/local/nav/etc/db.conf


##
## Configure gammu
##
#
# Site-specific:
#   /etc/gammurc config
#   YourMobileNumber

#
# First you have to edit the /etc/gammurc file to support your mobile phone
#
# Check out the original /etc/gammurc file for hints on different setups
#
# Two examples:
#

# Nokia 6310i with DLR-3 cable to serial port
cat << EOF > /etc/gammurc
[gammu]
port = /dev/ttyS0
connection = dlr3
EOF

# Nokia E51 with DKE-2 cable to USB port
cat << EOF > /etc/gammurc
[gammu]
port=/dev/ttyACM0
connection=dku2at
EOF

#
# You can now test that the gammu program works by doing this test as root:
#
gammu nothing --identify
#
# and when that test gives correct data send yourself a test SMS like this:
#
echo Test | gammu nothing --sendsms TEXT YourMobileNumber
#
# Since the NAV program runs as the navcron user it needs permissions to use
# the /dev/tty* device files. Use this command to give the navcron user the
# needed permission:
#
usermod -G uucp navcron
#
# Now you can test the smsd.py module to see that it will send SMS'es:
#
su - navcron
/usr/local/nav/bin/smsd.py -t YourMobileNumber
exit


##
## Install and configure cricket
##
chgrp nav /usr/local/nav
chmod g+sw /usr/local/nav
su - navcron
mkdir ~/cricket
cd ~/cricket
wget http://www.pannekake.net/nav/cricket-1.0.5.tar.gz
tar xvzf cricket-1.0.5.tar.gz
ln -s cricket-1.0.5 cricket
cd cricket
sh configure
cp cricket-conf.pl.sample cricket-conf.pl
sed \
 -e '/^$gCricketHome/s/\/home\/cricket/\/usr\/local\/nav\/cricket/' \
 -e 's/^#$gConfigRoot/$gConfigRoot/' \
 -e 's/^#$gDbAccess = "slurp"/$gDbAccess = "slurp"/' \
 -i cricket-conf.pl
cd ~/cricket
mkdir public_html
cd public_html/
ln -s ../cricket/images
ln -s ../cricket/grapher.cgi
ln -s ../cricket/lib
ln -s ../cricket/mini-graph.cgi
ln -s ../cricket/VERSION
ln -s ../cricket/grapher.cgi index.cgi
cp /usr/local/nav/doc/cricket/public_html/cricket.css .
mkdir ../cricket-data
ln -s ../cricket-data
cp -r /usr/local/nav/doc/cricket/cricket-config ..
ln -s ../cricket-config
cd ~/cricket/cricket
cp /usr/local/nav/doc/cricket/cricket/* .
cd ~
mkdir cricket/cricket-logs
touch /usr/local/nav/cricket/cricket-logs/changelog
cricket/cricket/compile
bin/makecricketconfig.pl
exit
cd /usr/local/nav/apache/webroot
ln -s ~navcron/cricket/public_html cricket
cd cricket
echo "SetHandler none" > .htaccess



###
### Installation and configuration is done. Lets start the program.
###

##
## Reboot machine. This is necessary, the environment needs new settings
## before starting NAV and the web-server needs to be started.
##
shutdown -r 0


##
## Log in and become root
##
su -


##
## Start NAV
##
/usr/local/nav/bin/nav start


## Now NAV is up and running and it is time to log in and seed the database.
## Go to the webpage and log in as admin with password admin (remember to change
## the password!) and go to Toolbox, Edit database


## Here is a very simple startup that I put on my server. This will
## start NAV, but not stop it on shutdown of the server.
## Use it if you want or make a better one and share it.

cat << EOF >> /etc/rc.d/rc.local

# Start NAV
. /etc/profile.d/nav_environ.sh
/usr/local/nav/bin/nav start
EOF


##
## As you can see I have put the packages on a local webserver to make it
## easier to reinstall (I don't have to rely on the remote servers being up and
## having the same versions available), and you are welcome to download from
## that server. But if you want to get the files yourself here are the links:
##
#
# http://launchpad.net/nav/3.5/3.5.5/+download/nav-3.5.5.tar.gz
# http://java.sun.com
# http://gicl.cs.drexel.edu/people/sevy/snmp/source_1.4.2.zip
# http://dag.wieers.com/rpm/packages/RPM-GPG-KEY.dag.txt
# http://dag.wieers.com/rpm/packages/gammu/gammu-1.11.0-1.el5.rf.i386.rpm
# http://dag.wieers.com/rpm/packages/gammu/gammu-devel-1.11.0-1.el5.rf.i386.rpm
# http://dag.wieers.com/rpm/packages/rrdtool/rrdtool-1.2.23-1.el5.rf.i386.rpm
# http://dag.wieers.com/rpm/packages/rrdtool/perl-rrdtool-1.2.23-1.el5.rf.i386.rpm
# http://dag.wieers.com/rpm/packages/rrdtool/python-rrdtool-1.2.23-1.el5.rf.i386.rpm
# http://dag.wieers.com/rpm/packages/rrdtool/rrdtool-devel-1.2.23-1.el5.rf.i386.rpm
# http://www.switch.ch/misc/leinen/snmp/perl/dist/SNMP_Session-1.12.tar.gz
# ftp://ftp.uninett.no/pub/CPAN/modules/by-module/MD5/GAAS/MD5-2.03.tar.gz
# ftp://ftp.uninett.no/pub/CPAN/modules/by-module/DB_File/DB_File-1.820.tar.gz
# ftp://ftp.uninett.no/pub/CPAN/modules/by-module/Pg/pgsql_perl5-1.9.0.tar.gz
# http://www.initd.org/pub/software/psycopg/psycopg-1.1.21.tar.gz
# http://www.initd.org/pub/software/psycopg/psycopg2-2.0.13.tar.gz
# http://pypi.python.org/packages/source/I/IPy/IPy-0.70.tar.gz
# http://heanet.dl.sourceforge.net/sourceforge/pysnmp/pysnmp-2.0.9.tar.gz
# http://heanet.dl.sourceforge.net/sourceforge/cheetahtemplate/Cheetah-2.2.1.tar.gz
# http://heanet.dl.sourceforge.net/sourceforge/forgetsql/forgetSQL-0.5.1.tar.gz
# http://pypi.python.org/packages/source/s/setuptools/setuptools-0.6c11.tar.gz
# http://pypi.python.org/packages/source/p/pyrad/pyrad-1.2.tar.gz
# http://www.djangoproject.com/download/1.1.1/tarball/
# http://dl.cihar.com/python-gammu/latest/python-gammu-0.20.tar.gz
# http://heanet.dl.sourceforge.net/sourceforge/cricket/cricket-1.0.5.tar.gz
#