Installing NAV on RedHat Enterprise Linux 4

###
### NAV 3 installation
###
### for CentOS 4 or Red Hat Enterprise Linux 4 Advanced Server
###
### Roger Aas, Stord/Haugesund University College
###
###
### 27.07.2007:
###   - Tested for RHEL4 Update 5
###   - No need to make ~/.gnupg anymore
###   - Included a patch for forgetSQL-0.5.1
###   - Fixed smsd.py setup, now sends SMSes again
###   - Big rewrite mainly because of this fix
### 12.07.2007:
###   - Updated for NAV 3.2.2
###   - Tested for CentOS 4.5
###   - Updated seven packages:
###     - Java 1.5.0_11 -> 1.5.0_12
###     - SNMP_Session 1.08 -> 1.10
###     - CGI.pm 3.25 -> 3.29
###     - IPy 0.52 -> 0.54
###     - JavaSNMP 1.4.1 -> 1.4.2
###     - gammu 1.08 -> 1.11
###     - tomcat 5.5.20 -> 5.5.23
### 22.02.2007:
###   - Updated for NAV 3.2.1
###   - Use the default LVM setup
###   - Small change in sample firewall setup
###   - Set options for Tomcat
###   - Place jdbc and snmp jars in nav java folder
###   - New security setup for postgresql for nav 3.2.1
###   - No in-built backup of the database
###   - Updated two packages:
###     - Java 1.5.0_09 -> 1.5.0_11
###     - DB_File 1.814 -> 1.815
### 24.11.2006:
###   - Fixes to make Arnold work (Thanks Kjartan@UiS)
### 23.11.2006 by Roger Aas:
###   - Build Java SNMP Package from source
###   - That means Java SDK instead of JRE to have Java compiler
###   - Removed all the rest of the vi edits
###   - Added "Site-specific" information
###   - Fix database backup problem (from NAV 3.2 this goes out)
### 20.11.2006 by Roger Aas:
###   - Finished update to NAV 3.1.1
###   - Tested for RHEL4 Update 4 and CentOS 4.4
###   - Removed CentOS mirror setup, not necessary anymore
###   - Configured and started snmpd
###   - Configured syslog to accept messages from remote hosts
###   - Added sample firewall setup
###   - Removed some 3.0.0 patches
###   - Added simple autostart
###   - Updated some packages:
###     - Java 1.5.0_06 -> 1.5.0_09
###     - CGI.pm 3.15 -> 3.25
###     - IPy 0.42 -> 0.52
###     - gammu 1.04 -> 1.08
###     - tomcat 5.5.12 -> 5.5.20
### 14.11.2006 by Morten Brekkevold:
###   - Updated for NAV 3.1.1.
###   - NOT TESTED
### 05.01.2006:
###   - Tested for RHEL 4 Update 2
###   - Fix for pkgSkipList edit for Red Hat
###   - Updated some packages:
###     - Java 1.5.0_05 -> 1.5.0_06
###     - New revision of rrdtool
###     - SNMP_Session 1.07 -> 1.08
###     - DB_File 1.811 -> 1.814
###     - CGI.pm 3.11 -> 3.15
###     - Cheetah 0.9.18 -> 1.0
###     - gammu 0.96 -> 1.04
### 19.10.2005:
###   - Added warning about SELinux and firewall
###   - Rewrote the introduction
### 17.10.2005:
###   - tested for CentOS 4.2
###   - Fixed yum repository setup for CentOS
###   - Shortened it a little
###   - rrdtool 1.0.50 again, this time working :-)
### 13.10.2005:
###   - Backrev'ed rrdtool, new version did not include perl modules
###     and that broke cricket (note to self: must test much more)
### 12.10.2005:
###   - Reworked to include installation on CentOS 4.1
###   - Updated some packages, most notable Java and Tomcat
###   - Easier file editing
###   - More valuable(?) information :-)
###
### For feedback please contact me on the NAV3 mailing list or directly
### at <roger at hsh.no>

# NB!
#
# There are a lot of site specific information that you have to put in
# yourself (ip address, netmask, hostname, gateway, dns-servers,
# ntp provider, smtp server, linux-logs email-address, snmp community,
# ip-addresses to be allowed past firewall and so on). Make sure you have
# put in all the correct information. I have added information about
# this site specific information in each section header that will need it.


###
### Installation of RHEL4 or CentOS 4
###
# I have included a very basic installation of RHEL4 and CentOS 4 here.
# I have selected to do a "minimal" install and rather do an up2date or yum
# for the extra packages NAV needs in addition to that. That way I don't get
# a lot of services running on the machine that I don't need. I use static
# network configuration so the NAV3 server don't need to rely on a DHCP
# server functioning. I disable SELinux.
#
# WARNING! If you choose to use SELinux here you MUST do some configuration
# to get NAV to work.
#
# Site-specific:
#   ip-address and netmask
#   hostname.yourdomain.tld
#   gateway ip-address
#   dns server ip-addresses
#
## Red Hat Enterprise Linux 4 AS installation:
#
# Boot from RHEL4AS CD1
# "Boot:", press Enter
# "CD Found", select Skip
# "Welcome to Red Hat Enterprise Linux AS", press Next
# "Language Selection" Press Next ("English (English)" is already selected)
# "Keyboard Configuration", select Norwegian and press Next (for us with that kind of keyboard)
# "Disk Partitioning Setup", press Next (Already set to "Automatically partition")
# "Automatic Partitioning", press Next (Already set to "Remove all partitions on this system",
#    "sda" and "Review (and modify if needed) the partitions created")
# "Warning", press Yes
# "Disk Setup", press Next
# "Boot Loader Configuration", press Next
# "Network Configuration"
#   Press Edit on eth0
#      Remove "Configure using DHCP", type IP-address and mask, press OK
#   Type in hostname.yourdomain.tld
#   Type in ip-addresses for gateway and DNS servers
#   Press Next
# "Firewall Configuration", select "No firewall", select "Disabled" on "Enable SELinux?", press Next
# "Warning - No Firewall", press Proceed
# "Additional Language Support", press Next
# "Time Zone Selection", select "Europe/Oslo", press Next (For us living in Norway)
# "Set Root Password", enter password twice, press Next
# "Package Installation Defaults", Select "Customize software packages to be installed", press Next
# "Package Group Selection", select "Minimal", press Next
# "About to Install", press Next
# "Required Install Media", press Continue
# "Change CDROM", insert CD2, press OK
# "Change CDROM", insert CD1, press OK
# "Congratulations, the installation is complete.", remove CD1, press Reboot
#
## CentOS 4 installation:
#
# Boot from CentOS 4 CD1 or DVD
# "Boot:", press Enter
# "CD Found", select Skip
# "Welcome to CentOS-4 i386", press Next
# "Language Selection" Press Next ("English (English)" is already selected)
# "Keyboard Configuration", select Norwegian and press Next (for us with that kind of keyboard)
# "Installation Type", select "Custom" and press Next
# "Disk Partitioning Setup", press Next (Already set to "Automatically partition")
# "Automatic Partitioning", select "Remove all partitions on this system" and press Next (Set to
#    "sda" and "Review (and modify if needed) the partitions created")
# "Warning", press Yes 
# "Disk Setup", press Next
# "Boot Loader Configuration", press Next
# "Network Configuration"
#   Press Edit on eth0
#      Remove "Configure using DHCP", type IP-address and mask, press OK
#   Type in hostname.yourdomain.tld
#   Type in ip-addresses for gateway and DNS servers
#   Press Next
# "Firewall Configuration", select "No firewall", select "Disabled" on "Enable SELinux?", press Next
# "Warning - No Firewall", press Proceed
# "Additional Language Support", press Next
# "Time Zone Selection", select "Europe/Oslo", press Next (For us living in Norway)
# "Set Root Password", enter password twice, press Next
# "Package Group Selection", select "Minimal", press Next
# "About to Install", press Next
# "Congratulations, the installation is complete.", remove CD1 or DVD, press Reboot


###
### Configure the system
###

##
## Stop some unneeded services
##
chkconfig autofs off        # Don't need automounting filesystems in this setup
chkconfig cups off          # Don't need printing directly on the NAV server
chkconfig gpm off           # Don't need a console mouse
chkconfig mdmonitor off     # No software RAID in this setup
chkconfig netfs off         # I will not use any Network FS in this setup
chkconfig nfslock off       # Same
chkconfig portmap off       # No RPC programs in this setup
chkconfig rpcgssd off       # Don't need NFSv4 in this setup
chkconfig rpcidmapd off     # Same
chkconfig xinetd off        # Will not use any services under xinet in this setup


##
## Other services that depends on the machine you use for NAV
##
## Check the syslog and other log files to see if they are needed f.ex.:
##   grep apm /var/log/messages
##   grep microcode /var/log/messages
##   grep smart /var/log/messages
##
chkconfig apmd off          # Run this if your machine is not using APM (mostly laptops/or using ACPI)
chkconfig cpuspeed off      # Run this if the processor is not a speedstep processor (mostly laptops)
chkconfig irqbalance off    # Run this if you have one processor with a single core
chkconfig isdn off          # Run this if your machine don't have an isdn connection
chkconfig microcode_ctl off # Run this if microcode is older than your BIOS/Processor microcode
chkconfig openibd off       # Run this if your machine don't use InfiniBand
chkconfig pcmcia off        # Run this if your machine don't have any PCMCIA ports
chkconfig smartd off        # Run this if your HD is not SMART capable


##
## RHEL4/CentOS4 should use only IPV4 by default (/etc/sysconfig/network
## have a setting called NETWORKING_IPV6 that is "no" by default). But
## still some applications connect to IPV6 addresses and the IPV6 kernel
## module is autoloaded. We are still not using IPV6 in the college and
## I am not ready to look into setting this up in a functioning way so
## instead I disable IPV6 in this way:
##
# Remove IPV6 from RHEL4/CentOS4
echo "alias net-pf-10 off" >>/etc/modprobe.conf


##
## Import RPM Key
##
gpg --import /usr/share/rhn/RPM-GPG-KEY
rpm --import /usr/share/rhn/RPM-GPG-KEY


##
## Start RHEL4 only - up2date:
##
# I want up2date to install new kernels
sed -e 's/pkgSkipList=kernel\*/pkgSkipList=/' -i /etc/sysconfig/rhn/up2date
# Register with RHN
rhn_register
# Check available updates
up2date -l
# Install updates
up2date -u
##
## End RHEL4 only
##


##
## Start CentOS4 only - yum:
##
# Newer versions of CentOS finds the nearest mirror. No need
# to set up local mirrors yourself.
# Check available updates
yum check-update
# Install updates
yum -y update
# If you want you can make CentOS update itself nightly
chkconfig yum on
##
## End CentOS4 only
##


##
## Make a local user
##
#
# Site-specific:
#   "John Doe"
#   nn
#
useradd -c "John Doe" nn
passwd nn


##
## Configure ssh
##
#
# Site-specific:
#   nn
#
# - Disable X11 forwarding
# - Only allow protocol 2
# - Don't allow root logins
# - Select which account(s) can log in
# - Lower some time limits
sed -e 's/^X11Forwarding/#X11Forwarding/' -i /etc/ssh/sshd_config
cat << EOF >>/etc/ssh/sshd_config
Protocol 2
PermitRootLogin no
AllowUsers nn
LoginGraceTime 20
MaxStartups 5
EOF


##
## Install and configure ntp
##
#
# Site-specific:
#   yourntpsource
#
# RHEL4:
up2date ntp
# CentOS4:
yum -y install ntp
# Enter your ntp source
sed \
 -e 's/^server 0.pool.ntp.org/server yourntpsource/' \
 -e '/server 1.pool.ntp.org/d' \
 -e '/server 2.pool.ntp.org/d' \
 -i /etc/ntp.conf
# First set the clock directly. The ntp daemon (ntpd) will not sync if time diff is too high.
ntpdate yourntpsource
# Start ntpd on reboot
chkconfig ntpd on
# Start the ntp daemon now
service ntpd start
# Run this command after some time. A * in front of the ntp server means it is synced.
ntpq -p


##
## Install sendmail-cf and configure sendmail:
##
#
# Site-specific:
#  yoursmtpserver.yourdomain.tld
#  yourlogemail@yourdomain.tld
#
# We use a SMART_HOST server that we want the mail to go through.
# And I set up root's email to go to a specified email address.
# RHEL4:
up2date sendmail-cf
# CentOS4:
yum -y install sendmail-cf
# Edit the sendmail config file
cd /etc/mail
sed -e '/SMART_HOST/s/dnl //' -e 's/smtp.your.provider/yoursmtpserver.yourdomain.tld/' -i sendmail.mc
make -C /etc/mail
cd
echo "root: yourlogemail@yourdomain.tld" >>/etc/aliases
newaliases
service sendmail restart


##
## Install net-snmp and configure snmpd
##
#
# Site-specific:
#  yoursnmpcommunity
#  YourPlace
#  You <yourcontactemail@yourdomain.tld>
#
# RHEL4:
up2date net-snmp net-snmp-utils
# CentOS4:
yum -y install net-snmp net-snmp-utils
# Edit the snmpd config file
cat << EOF >/etc/snmp/snmpd.conf
com2sec snmpuser default yoursnmpcommunity
group snmpgroup v1 snmpuser
group snmpgroup v2c snmpuser
view allsnmpview included .1
access snmpgroup "" any noauth exact allsnmpview none none
syslocation YourPlace
syscontact You <yourcontactemail@yourdomain.tld>
EOF

chkconfig snmpd on
service snmpd start


##
## Configure syslog to accept syslog messages from other hosts
##
sed -e '/SYSLOGD_OPTIONS/s/m 0/m 0 -r/' -i /etc/sysconfig/syslog
service syslog restart


##
## Configure the firewall
##
## Here I have added a sample firewall setup
##
## Site-specific:
##
## To use this you will have to enter the hosts that you want to have
## access to the web-server and the hosts that needs ssh access to NAV.
## In addition you can give access to NMS servers that need snmp-access
## and servers that need syslog access. You can define this with either
## a single host (158.37.22.2) or a subnet (158.37.22.0/24) or have
## several lines - both single hosts and subnets. If you need help in
## setting this up for your situation send me an email.
## Beware: Setting it up this way means you can not use the program
## system-config-network to set up the firewall. It will overwrite this
## file.

# Create an iptables file
cat << EOF >/etc/sysconfig/iptables
*mangle
COMMIT
*nat
COMMIT
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT DROP [0:0]
#
# Accept established and related packets
#
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
#
# Accept packets to loopback
#
-A INPUT -i lo -j ACCEPT
#
# Accept ping packets but rate-limit them
#
-A INPUT -m limit -p icmp --icmp-type echo-request --limit 1/s -j ACCEPT
#
# Accept SSH from specified addresses (EDIT THIS ONE)
#
-A INPUT -s 158.37.22.0/24 -p tcp --dport 22 -j ACCEPT
#
# Accept HTTP/HTTPS from specified addresses (EDIT THIS ONE)
#
-A INPUT -s 158.37.22.0/24 -p tcp --dport 80 -j ACCEPT
-A INPUT -s 158.37.22.0/24 -p tcp --dport 443 -j ACCEPT
#
# Accept SNMP from NMS'es (EDIT THIS ONE)
#
-A INPUT -s 158.37.22.2 -p udp --dport 161 -j ACCEPT
#
# Accept syslog from specified addresses (EDIT THIS ONE)
#
-A INPUT -s 158.37.22.2 -p udp --dport 514 -j ACCEPT
#
# If you want to access the database from some other machine
# remove the remark from this line and edit the source ip.
# You will also have to edit the postgresql config file pg_hba.conf
#
#-A INPUT -s 158.37.22.2 -p tcp --dport 5432 -j ACCEPT
#
# Accept new, established and related packets to leave server
#
-A OUTPUT -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT
COMMIT
EOF

# Set right permissions on the file
chmod 600 /etc/sysconfig/iptables
# Start firewall
chkconfig iptables on
service iptables start


##
## Time to reboot the server
##
shutdown -r 0


##
## Log in with your new user and become root
## Root access is needed for installing and configuring NAV
##
su -


##
## Install and configure Apache, mod_ssl, mod_python and php:
##
#
# Site-specific:
#  Certificate:
#   Country Name
#   State or Province Name
#   Locality Name
#   Organization Name
#   Organizational Unit Name
#   Common Name (hostname.yourdomain.tld)
#   Email Address (webmaster@yourdomain.tld)
#  Apache config:
#   ServerAdmin (webmaster@yourdomain.tld)
#   ServerName (hostname.yourdomain.tld)
#  SSL config:
#   hostname.yourdomain.tld
#
# RHEL4:
up2date httpd mod_ssl mod_python php # + curl apr apr-util distcache httpd-suexec libidn php-pear
# CentOS4:
yum -y install httpd mod_ssl mod_python php # + curl apr apr-util distcache httpd-suexec libidn php-pear
# Remove autocreated cert and make a new certificate.
rm -f /etc/httpd/conf/ssl.crt/server.crt
rm -f /etc/httpd/conf/ssl.key/server.key
openssl genrsa 1024 >/etc/httpd/conf/ssl.key/server.key
chmod go-rwx /etc/httpd/conf/ssl.key/server.key
# I install a self-signed certificate valid for 10 years.
# I guess NAV4 should be out before that... :-)
# Enter your own data in the cert creation.
openssl req -new -key /etc/httpd/conf/ssl.key/server.key \
 -x509 -days 3652 -out /etc/httpd/conf/ssl.crt/server.crt
NO
Rogaland
Haugesund
Stord/Haugesund College

hostname.yourdomain.tld
webmaster@yourdomain.tld

chmod go-rwx /etc/httpd/conf/ssl.crt/server.crt
# Enable httpd to start on boot
chkconfig httpd on
# Configure Apache according with the example conf from
# the NAV3 distribution.
# Edit the httpd config file
sed \
 -e '/^StartServers/s/8/5/' \
 -e '/^MaxSpareServers/s/20/ 8/' \
 -e '/^ServerAdmin/s/root@localhost/webmaster@yourdomain.tld/' \
 -e 's/^#ServerName new.host.name/ServerName hostname.yourdomain.tld/' \
 -e '/^DocumentRoot/s/\/var\/www\/html/\/usr\/local\/nav\/apache\/webroot/' \
 -e '/^<Directory/s/\/var\/www\/html/\/usr\/local\/nav\/apache\/webroot/' \
 -e 's/Options Indexes FollowSymLinks/Options Indexes FollowSymLinks ExecCGI/' \
 -e '/FollowSymLinks ExecCGI/,/Controls who/s/AllowOverride None/AllowOverride All/' \
 -e '/^DirectoryIndex/s/index.html.var/index.html.var index.cgi/' \
 -e 's/^#AddHandler cgi-script .cgi/AddHandler cgi-script .cgi/' \
 -i /etc/httpd/conf/httpd.conf
# Edit the SSL config file
cat << EOF >>/etc/httpd/conf.d/ssl.conf

<IfModule mod_rewrite.c>
    RewriteEngine on
    RewriteLog logs/rewrite.log

    # We make sure the full host name is always used, so that cookies are
    # always valid through internal redirects on the NAV website.
    RewriteCond %{HTTP_HOST} !^hostname.yourdomain.tld\$
    RewriteRule ^/(.*) https://hostname.yourdomain.tld/\$1 [R=301]

    # We force the client to use the SSL server for security.
    RewriteCond %{HTTPS} !^on\$
    RewriteRule ^/(.*) https://hostname.yourdomain.tld/\$1 [R=301]
</IfModule>
EOF


##
## Install some more needed packages that is included with RHEL4/CentOS4
##
# RHEL4:
up2date gcc # + cpp glibc-devel glibc-headers glibc-kernheaders
up2date postgresql postgresql-server postgresql-jdbc php-pgsql # + postgresql-libs
up2date postgresql-devel # Checked out, psycopg needs it to compile
up2date mx # Checked out, psycopg needs it to compile
up2date python-devel # Checked out, psycopg needs it to compile
up2date perl-DBI # Checked out, AlertEngine needs it [Engine.pm]
up2date perl-DBD-Pg # Checked out, AlertEngine needs it
up2date perl-libwww-perl # Cricket needs it? + perl-HTML-Parser perl-URI perl-HTML-Tagset
up2date db4-devel # Checked out, DB_File needs it to compile
up2date mysql # Checked out, gammu needs it to install
up2date samba-client # Arnold uses nmblookup
up2date pkgconfig # python-gammu needs it to install
# CentOS4:
yum -y install gcc # + cpp glibc-devel glibc-headers glibc-kernheaders
yum -y install postgresql postgresql-server postgresql-jdbc php-pgsql # + postgresql-libs
yum -y install postgresql-devel # Checked out, psycopg needs it to compile
yum -y install mx # Checked out, psycopg needs it to compile
yum -y install python-devel # Checked out, psycopg needs it to compile
yum -y install perl-DBI # Checked out, AlertEngine needs it [Engine.pm]
yum -y install perl-DBD-Pg # Checked out, AlertEngine needs it
yum -y install perl-libwww-perl # Cricket needs it? + perl-HTML-Parser perl-URI perl-HTML-Tagset
yum -y install db4-devel # Checked out, DB_File needs it to compile
yum -y install mysql # Checked out, gammu needs it to install
yum -y install samba-client # Arnold uses nmblookup
yum -y install pkgconfig # python-gammu needs it to install


###
### Install and configure NAV and dependencies
###

##
## Make source dir
##
mkdir ~/nav3
cd ~/nav3


##
## Install NAV rpm made by Alexander Krapivin of OILspace Inc., UK
##
wget http://ans.hsh.no/home/roger/nav3/nav-3.2.2-1.noarch.rpm
rpm -ivh --nodeps nav-3.2.2-1.noarch.rpm


##
## Download NAV source tar and extract patches
##
wget http://ans.hsh.no/home/roger/nav3/nav-3.2.2.tar.gz
tar xvzf nav-3.2.2.tar.gz nav-3.2.2/contrib/patches/


##
## Install Java Developer Kit
##
wget http://ans.hsh.no/home/roger/nav3/jdk-1_5_0_12-linux-i586-rpm.bin
chmod 755 jdk-1_5_0_12-linux-i586-rpm.bin
./jdk-1_5_0_12-linux-i586-rpm.bin
 yes


##
## Install Tomcat
##
wget http://ans.hsh.no/home/roger/nav3/apache-tomcat-5.5.23.tar.gz
tar --extract --verbose --ungzip --file apache-tomcat-5.5.23.tar.gz --directory /usr/local


##
## Install Java SNMP Package
##
mkdir JavaSNMP
cd JavaSNMP
wget http://ans.hsh.no/home/roger/nav3/source_1.4.2.zip
unzip source_1.4.2.zip
export PATH=$PATH:/usr/java/jdk1.5.0_12/bin
make SNMPPackage
cp snmp.jar /usr/local/nav/lib/java
cd ..


##
## Use GPG-key for installing RPMs from Dag Wieers
##
wget http://ans.hsh.no/home/roger/nav3/RPM-GPG-KEY.dag.txt
gpg --import RPM-GPG-KEY.dag.txt
rpm --import RPM-GPG-KEY.dag.txt


##
## Install gammu
##
wget http://ans.hsh.no/home/roger/nav3/gammu-1.11.0-1.el4.rf.i386.rpm
rpm -ivh gammu-1.11.0-1.el4.rf.i386.rpm
wget http://ans.hsh.no/home/roger/nav3/gammu-devel-1.11.0-1.el4.rf.i386.rpm
rpm -ivh gammu-devel-1.11.0-1.el4.rf.i386.rpm


##
## Install rrdtool version 1.0 (1.2 is not supported in py-rrdtool)
##
wget http://ans.hsh.no/home/roger/nav3/rrdtool-1.0.50-3.el4.rf.i386.rpm
rpm -ivh rrdtool-1.0.50-3.el4.rf.i386.rpm
wget http://ans.hsh.no/home/roger/nav3/perl-rrdtool-1.0.50-3.el4.rf.i386.rpm
rpm -ivh perl-rrdtool-1.0.50-3.el4.rf.i386.rpm
wget http://ans.hsh.no/home/roger/nav3/rrdtool-devel-1.0.50-3.el4.rf.i386.rpm
rpm -ivh rrdtool-devel-1.0.50-3.el4.rf.i386.rpm


##
## Perl module installations
##

# Checked out, cricket/compile needs it
wget http://ans.hsh.no/home/roger/nav3/perl-TimeDate-1.16-1.2.el4.rf.noarch.rpm
rpm -ivh perl-TimeDate-1.16-1.2.el4.rf.noarch.rpm

# Checked out, cricket/compile needs it
wget http://ans.hsh.no/home/roger/nav3/SNMP_Session-1.10.tar.gz
tar xvzf SNMP_Session-1.10.tar.gz
cd SNMP_Session-1.10
perl Makefile.PL
make
make install
cd ..

# MD5 CPAN Perl module
wget http://ans.hsh.no/home/roger/nav3/MD5-2.03.tar.gz
tar xvzf MD5-2.03.tar.gz
cd MD5-2.03
perl Makefile.PL
make
make install
cd ..

# Checked out, cricket/compile needs it
wget http://ans.hsh.no/home/roger/nav3/DB_File-1.815.tar.gz
tar xvzf DB_File-1.815.tar.gz
cd DB_File-1.815
perl Makefile.PL
make
make install
cd ..

# CGI CPAN Perl module
wget http://ans.hsh.no/home/roger/nav3/CGI.pm-3.29.tar.gz
tar xvzf CGI.pm-3.29.tar.gz
cd CGI.pm-3.29
perl Makefile.PL
make
make install
cd ..

# Checked out, bin/makecricketconfig.pl needs it
wget http://ans.hsh.no/home/roger/nav3/pgsql_perl5-1.9.0.tar.gz
tar xvzf pgsql_perl5-1.9.0.tar.gz
cd pgsql_perl5-1.9.0
export POSTGRES_INCLUDE=/usr/include/pgsql POSTGRES_LIB=/usr/lib/pgsql
perl Makefile.PL
make
make install
unset POSTGRES_INCLUDE POSTGRES_LIB
cd ..


##
## Python module installations
##

#
wget http://ans.hsh.no/home/roger/nav3/psycopg-1.1.21.tar.gz
tar xvzf psycopg-1.1.21.tar.gz
cd psycopg-1.1.21
./configure \
 --with-postgres-includes=/usr/include/pgsql/server \
 --with-mxdatetime-includes=/usr/lib/python2.3/site-packages/mx/DateTime/mxDateTime
make
make install
cd ..

# Checked out, machinetracker.py needs it
wget http://ans.hsh.no/home/roger/nav3/IPy-0.54.tar.gz
tar xvzf IPy-0.54.tar.gz
cd IPy-0.54
python setup.py install
cd ..

# Checked out, servicemon needs it
wget http://ans.hsh.no/home/roger/nav3/py-rrdtool-0.2.1.tar.gz
tar xvzf py-rrdtool-0.2.1.tar.gz
cd py-rrdtool-0.2.1
python setup.py install
cd ..

# Needs version 2 of pysnmp
wget http://ans.hsh.no/home/roger/nav3/pysnmp-2.0.9.tar.gz
tar xvzf pysnmp-2.0.9.tar.gz
cd pysnmp-2.0.9
python setup.py install
cd ..

# Checked out
wget http://ans.hsh.no/home/roger/nav3/Cheetah-1.0.tar.gz
tar xvzf Cheetah-1.0.tar.gz
cd Cheetah-1.0
python setup.py install
cd ..

#
wget http://ans.hsh.no/home/roger/nav3/forgethtml-cvs-2004-10-21.tar.gz
tar xvzf forgethtml-cvs-2004-10-21.tar.gz
cd forgethtml
python setup.py install
cd ..

# thresholdMon.py
wget http://ans.hsh.no/home/roger/nav3/forgetSQL-0.5.1.tar.gz
tar xvzf forgetSQL-0.5.1.tar.gz
# Patch it with patch from NAV source
cp nav-3.2.2/contrib/patches/forgetSQL-0.5.1.patch forgetSQL-0.5.1/lib
cd forgetSQL-0.5.1/lib
patch <forgetSQL-0.5.1.patch
cd ..
python setup.py install
cd ..

# Install Python bindings for gammu
wget http://ans.hsh.no/home/roger/nav3/python-gammu-0.20.tar.gz
tar xvzf python-gammu-0.20.tar.gz
cd python-gammu-0.20
python setup.py install
cd ..


###
### Nav configuration
###

##
## NAV setup
##
# I want to have the alert emails to give the correct servername in the "From:" header.
# I do this by changing line 22 of /usr/local/nav/etc/alertengine.cfg
# from "alertengine\@nav" to "alertengine"
#
# You may want to edit some or all of the files in the directory
# /usr/local/nav/etc/webfront now. This is to personalise your
# NAV installation.
#
# Edit NAV configuration file
#
# Site-specific:
#   ADMIN_MAIL (yournavemail@yourdomain.tld)
#   DOMAIN_SUFFIX (yourdomain.tld)
#
sed \
 -e '/ADMIN_MAIL/s/root@localhost/yournavemail@yourdomain.tld/' \
 -e '/DOMAIN_SUFFIX/s/ntnu.no/yourdomain.tld/' \
 -i /usr/local/nav/etc/nav.conf
#
# Arnold needs its log file existing
touch /usr/local/nav/var/log/arnold/arnold.log


##
## Profile setup
##
cat << EOF > /etc/profile.d/nav_environ.sh
JAVA_HOME=/usr/java/jdk1.5.0_12
PATH=\$PATH:\$JAVA_HOME/jre/bin
export JAVA_HOME
CATALINA_OPTS="-Djava.awt.headless=true -Xmx128M -server -Djava.ext.dirs=/usr/local/nav/lib/java"
export CATALINA_OPTS
EOF

chmod 755 /etc/profile.d/nav_environ.sh


##
## Link in the JDBC driver
##
ln -s /usr/share/java/pg74.215.jdbc3.jar /usr/local/nav/lib/java


##
## Link in some NAV Perl scripts into the Perl library
##
ln -s /usr/local/nav/lib/perl/NAV.pm /usr/lib/perl5/site_perl/5.8.5
ln -s /usr/local/nav/lib/perl/NAV /usr/lib/perl5/site_perl/5.8.5
ln -s /usr/local/nav/lib/perl/NetAddr /usr/lib/perl5/site_perl/5.8.5


##
## Append to Python the path to NAV python scripts
##
cat << EOF > /usr/lib/python2.3/site-packages/sitecustomize.py
import sys
sys.path.append('/usr/local/nav/lib/python')
EOF


##
## Configure gammu
##
#
# Site-specific:
#   /etc/gammurc config
#   YourMobileNumber
#
# First you have to edit the /etc/gammurc file to support your mobile phone
# I use a Nokia 6310i with a DLR3 cable connected to the serial port on the
# computer so I make this /etc/gammurc file:
#
cat << EOF > /etc/gammurc
[gammu]
port = /dev/ttyS0
connection = dlr3
EOF

#
# Check out the original /etc/gammurc file for hints on different setups
#
# You can test that the gammu program works by doing this test as root:
#
gammu nothing --identify
#
# and when that test gives correct data send yourself a test SMS like this:
#
echo Test | gammu nothing --sendsms TEXT YourMobileNumber
#
# and of course change "YourMobileNumber" with the phone number of your mobile :-)
# 
# Since the NAV program runs as the navcron user (that was created when installing
# the nav rpm) it needs permissions to use the /dev/ttyS0 device file. Use this
# command to give the navcron user the needed permission:
#
usermod -G uucp navcron
#
# Now you can test the smsd.py module to see that it will send SMS'es:
#
/usr/local/nav/bin/smsd.py -t YourMobileNumber
#
# Again change "YourMobileNumber" with the phone number of your mobile


##
## Configure Tomcat
##
# Let Tomcat only listen to the localhost address
sed -e 's/port="8080"/port="8080" address="127.0.0.1"/' -i /usr/local/apache-tomcat-5.5.23/conf/server.xml
# Link in the NAV servlets
ln -s /usr/local/nav/apache/webapps/*.war /usr/local/apache-tomcat-5.5.23/webapps


##
## Configure Postgresql database
##
#
# Site-specific:
#   nav user password
#
# Start postgres (also on boot)
chkconfig postgresql on
service postgresql start
# Configure postgres with tcp/ip and net authorization
sed -e 's/#tcpip_socket = false/tcpip_socket = true/' -i /var/lib/pgsql/data/postgresql.conf
sed -e 's/^local/#local/' -i /var/lib/pgsql/data/pg_hba.conf
cat << EOF >>/var/lib/pgsql/data/pg_hba.conf
local   all     postgres        ident   sameuser
local   all     all             md5
host    all     all             127.0.0.1       255.255.255.255 md5
host    all     all             0.0.0.0         0.0.0.0         reject
EOF

service postgresql restart
# Create a NAV DB user and set a password on it
su postgres
createuser --no-createdb --no-adduser --pwprompt nav
# Set up the NAV databases
createdb --owner nav --encoding UTF-8 manage
createdb --owner nav --encoding UTF-8 navprofiles
createdb --owner nav --encoding UTF-8 logger
createdb --owner nav --encoding UTF-8 arnold
createlang plpgsql manage
createlang plpgsql navprofiles
cd /usr/local/nav/doc/sql
# Use the nav user password you just made here
export PGPASSWORD=******
psql -f manage.sql manage nav
psql -f types.sql manage nav
psql -f snmpoid.sql manage nav
psql -f navprofiles.sql navprofiles nav
psql -f logger.sql logger nav
psql -f arnold.sql arnold nav
exit
# Configure NAV config file with the nav user password you chose
sed -e 's/userpw_nav=/userpw_nav=*******/' -i /usr/local/nav/etc/db.conf


##
## Install and configure cricket
##
chgrp nav /usr/local/nav
chmod g+sw /usr/local/nav
su navcron
mkdir ~/cricket
cd ~/cricket
wget http://ans.hsh.no/home/roger/nav3/cricket-1.0.5.tar.gz
tar xvzf cricket-1.0.5.tar.gz
ln -s cricket-1.0.5 cricket
cd cricket
sh configure
cp cricket-conf.pl.sample cricket-conf.pl
sed \
 -e '/^$gCricketHome/s/\/home\/cricket/\/usr\/local\/nav\/cricket/' \
 -e 's/^#$gConfigRoot/$gConfigRoot/' \
 -e 's/^#$gDbAccess = "slurp"/$gDbAccess = "slurp"/' \
 -i cricket-conf.pl
cd ~/cricket
mkdir public_html
cd public_html/
ln -s ../cricket/images
ln -s ../cricket/grapher.cgi
ln -s ../cricket/lib
ln -s ../cricket/mini-graph.cgi
ln -s ../cricket/VERSION
ln -s ../cricket/grapher.cgi index.cgi
cp /usr/local/nav/doc/cricket/public_html/cricket.css .
mkdir ../cricket-data
ln -s ../cricket-data
cp -r /usr/local/nav/doc/cricket/cricket-config ..
ln -s ../cricket-config
cd ~/cricket/cricket
cp /usr/local/nav/doc/cricket/cricket/* .
cd ~
mkdir cricket/cricket-logs
touch /usr/local/nav/cricket/cricket-logs/changelog
cricket/cricket/compile
bin/makecricketconfig.pl
exit
cd /usr/local/nav/apache/webroot
ln -s ~navcron/cricket/public_html cricket
cd cricket
echo "SetHandler none" > .htaccess


###
### Installation and configuration is done. Lets start the program.
###

##
## Reboot machine. This is necessary, the environment needs new settings
## before starting NAV and the web-server needs to be started.
##
shutdown -r 0


##
## Log in and become root
##
su -


##
## Start Tomcat
##
/usr/local/apache-tomcat-5.5.23/bin/startup.sh


##
## Start NAV
##
/usr/local/nav/bin/nav start

# Check the startup by using this command:
/usr/local/nav/bin/nav status

# I sometimes have problems starting servicemon and/or pping. I then use this command:
/usr/local/nav/bin/nav start servicemon pping
# Maybe even two times to get it going
# or I stop NAV and start it again this way:
/usr/local/nav/bin/nav stop
/usr/local/nav/bin/nav start


## Now NAV is up and running and it is time to log in and seed the database.
## Go to the webpage and log in as admin (remember to change the password)
## and go to Toolbox, Edit database


## Here is a very simple startup that I put on my server. This will
## start Tomcat and NAV, but not stop them on shutdown of the server.
## Use it if you want or make a better one and share it.

cat << EOF >> /etc/rc.d/rc.local

# Start NAV
. /etc/profile.d/nav_environ.sh
/usr/local/apache-tomcat-5.5.23/bin/startup.sh
/usr/local/nav/bin/nav start
EOF


##
## As you can see I have put the packages on a local webserver to make it
## easier to reinstall (don't have to rely on the remote servers being up and
## having the same versions available), and you are welcome to download from
## that server. But if you want to get the files yourself here are the links:
##
#
# http://heanet.dl.sourceforge.net/sourceforge/nav/nav-3.2.2-1.noarch.rpm
# http://heanet.dl.sourceforge.net/sourceforge/nav/nav-3.2.2.tar.gz
# http://java.sun.com
# http://www.apache.org/dist/tomcat/tomcat-5/v5.5.23/bin/apache-tomcat-5.5.23.tar.gz
# http://gicl.cs.drexel.edu/people/sevy/snmp/source_1.4.2.zip
# http://dag.wieers.com/packages/RPM-GPG-KEY.dag.txt
# http://dag.wieers.com/packages/gammu/gammu-1.11.0-1.el4.rf.i386.rpm
# http://dag.wieers.com/packages/gammu/gammu-devel-1.11.0-1.el4.rf.i386.rpm
# http://dag.wieers.com/packages/rrdtool/rrdtool-1.0.50-3.el4.rf.i386.rpm
# http://dag.wieers.com/packages/rrdtool/perl-rrdtool-1.0.50-3.el4.rf.i386.rpm
# http://dag.wieers.com/packages/rrdtool/rrdtool-devel-1.0.50-3.el4.rf.i386.rpm
# http://dag.wieers.com/packages/perl-TimeDate/perl-TimeDate-1.16-1.2.el4.rf.noarch.rpm
# http://www.switch.ch/misc/leinen/snmp/perl/dist/SNMP_Session-1.10.tar.gz
# ftp://ftp.uninett.no/pub/CPAN/modules/by-module/MD5/GAAS/MD5-2.03.tar.gz
# ftp://ftp.uninett.no/pub/CPAN/modules/by-module/DB_File/DB_File-1.815.tar.gz
# ftp://ftp.uninett.no/pub/CPAN/modules/by-module/CGI/CGI.pm-3.29.tar.gz
# ftp://ftp.uninett.no/pub/CPAN/modules/by-module/Pg/pgsql_perl5-1.9.0.tar.gz
# http://initd.org/pub/software/psycopg/psycopg-1.1.21.tar.gz
# http://cheeseshop.python.org/packages/source/I/IPy/IPy-0.54.tar.gz
# http://heanet.dl.sourceforge.net/sourceforge/py-rrdtool/py-rrdtool-0.2.1.tar.gz
# http://heanet.dl.sourceforge.net/sourceforge/pysnmp/pysnmp-2.0.9.tar.gz
# http://heanet.dl.sourceforge.net/sourceforge/cheetahtemplate/Cheetah-1.0.tar.gz
# http://forgethtml.sourceforge.net/forgethtml-cvs-2004-10-21.tar.gz
# http://heanet.dl.sourceforge.net/sourceforge/forgetsql/forgetSQL-0.5.1.tar.gz
# http://dl.cihar.com/python-gammu/latest/python-gammu-0.20.tar.gz
# http://heanet.dl.sourceforge.net/sourceforge/cricket/cricket-1.0.5.tar.gz
#