Registration Server Software Installation

Enabling the TeamDrive Registration Server dnf Repository

The TeamDrive Registration Server components are available in the form of RPM packages, hosted in a dedicated dnf repository. This makes the installation and applying of future updates very easy — you can simply run dnf update to keep your Registration Server software up to date.

To enable the repository, you need to download the td-regserver.repo file and place it into the directory /etc/yum.repos.d/, e.g. by using wget:

dnf install wget
wget -O /etc/yum.repos.d/td-regserver.repo \
https://repo.teamdrive.net/td-regserver.repo

This will enable the “TeamDrive Registration Server Version 5.0” repository, which you can check by running dnf repolist afterwards:

[root@regserver ~]# dnf repolist
repo id                                    repo name
appstream                                  CentOS Stream 9 - AppStream
baseos                                     CentOS Stream 9 - BaseOS
extras-common                              CentOS Stream 9 - Extras packages
td-regserver-5.0                           TeamDrive Registration Server Version 5.0 (x86_64)

Installing the Registration Server package

To install the Registration Server Software, install the following package via dnf from the “TeamDrive Registration Server” repository. Disable old versions:

dnf install td-regserver

The TeamDrive Registration Server requires the Yvva Runtime Environment. Yvva is a development platform for the production of client-server and web applications and replaces the PrimeBase Application Server that was used in previous versions of the Registration Server (up to and including 3.0.018).

The td-regserver package has a dependency on the yvva RPM package that provides the Yvva Runtime Environment — the dnf package manager will automatically take care of installing it.

Installing the Administration Console

The PHP-based Administration Console can be installed on the same server where the Registration Server has been installed. Alternatively, it can be installed on any other web server that supports Apache and PHP. In this case, you need to ensure that the host running the Admin Console can access the Registration Server’s MySQL Database as well as the Registration Server’s and Host Server’s API URLs.

To install the Administration Console, install the following package via dnf from the “TeamDrive Registration Server” repository:

[root@regserver ~]# dnf install td-regserver-adminconsole

The installation package ships with an example configuration file /var/www/html/tdlibs/globals-sample.php, which needs to be renamed to globals.php and configured to match your environment. If the Administration Console is installed on the same host, the mysql_install.sh script described in the following chapter will take care of this automatically.

Installing the Registration Server HTML Documentation (optional)

Beginning with Registration Server version 3.0.018.5, the documentation (in HTML format) can be installed locally, so you can access it directly from the Registration Server (or any other host running an Apache HTTP Server).

To install the HTML Documentation, install the following package via dnf from the “TeamDrive Registration Server” repository:

[root@regserver ~]# dnf install td-regserver-doc-html

The HTML documents will be installed in the directory /var/www/html/td-regserver-doc. From your web browser, open the following URL to access the documentation:

Note

This step is optional. If you leave the documentation installed when the Registration Server goes into production and is accessible from the public Internet, you should ensure to restrict access to this URL to trusted hosts or networks only. This can be achieved by adding the appropriate access control rules to the file /etc/httpd/conf.d/td-regserver-doc.conf.

Installing the Registration Server External Authentication (optional)

If you require an External Authentication Service, then this should always be installed on a separate instance, i.e. not on the same host as the Registration Server.

The installation process is as described for the Admin Console, then proceed as follows:

[root@regserver ~]# dnf install httpd mod_ssl php php-pear php-mbstring
[root@regserver ~]# pear channel-update pear.php.net
[root@regserver ~]# pear install Log

Note

Due to the server hardening and the modfied umask, you have to fix the rights for the pear Log module for the file /usr/share/pear/Log.php and all files in /usr/share/pear/Log using the command chmod 644 /usr/share/pear/Log.php and chmod 644 /usr/share/pear/Log/*

The /etc/php.ini must be modified setting disable_functions to disable_functions = system, exec, shell_exec, passthru, phpinfo, show_source, highlight_file, popen, proc_open, fopen_with_path, dbmopen, dbase_open, putenv, filepro, filepro_rowcount, filepro_retrieve, posix_mkfifo

To install the External Authentication reference implementations, install the following package via dnf from the “TeamDrive Registration Server” repository:

[root@regserver ~]# dnf install php-ldap.x86_64 php-pecl-mcrypt.x86_64 openldap-clients
[root@regserver ~]# dnf install td-regserver-ext-auth

The files will be installed in the directory /var/www/html/authservice. Before you can use external authentication you must duplicate the appropriate *_config.php.example file and rename it to *_config.php. Then edit the parameters is the file as required.

See the chapter Authentication Service Implementations in the TeamDrive Registration Server Administration Guide for further details.

Installing the Registration Server client log upload (optional)

To install the client log upload script, install the following package via dnf from the “TeamDrive Registration Server” repository:

[root@regserver ~]# dnf install td-regserver-logupload

The php upload script will be installed in the directory /var/www/html/upload.

Note

This step is optional. See the chapter about the client upload configuration as described in Client Log Files.

Running the Server behind component with SSL offloading functionality

Please notice the configuration changes described in EnableXForwardedFor

Create MySQL Database User and the Databases

The TeamDrive Registration Server requires two MySQL databases td2reg and td2apilog, which will be accessed using a dedicated teamdrive MySQL user.

The Registration Server installation package ships with a script that performs the required configuration steps:

  • Modify the local configuration file /etc/my.cnf, start and enable MySQL Server (only when using a local MySQL Server)
  • Create the required MySQL user teamdrive, assign the provided password and the required database privileges (requires access to the MySQL root user)
  • Create and populate the required Registration Server MySQL databases
  • Modify the local Registration Server configuration files /etc/td-regserver.my.cnf and /var/www/html/tdlibs/globals.php (if installed).

The following example assumes that the MySQL database is located on the same system where the TeamDrive Registration Server instance is installed.

If the MySQL Database is hosted on a different system, replace the MySQL host name localhost with the host name or IP address that the MySQL instance is running on.

You need to have the following information available:

  • The password of the MySQL root user
  • The password that you want to assign to the teamdrive user

The script is part of the td-regserver package and is installed in /opt/teamdrive/regserver/mysql/mysql_install.sh. Call it as the root user and follow the instructions:

[root@regserver ~]# /opt/teamdrive/regserver/mysql/mysql_install.sh

TeamDrive Registration Server MySQL Database Install Script
-----------------------------------------------------------

Configuring MySQL database for TeamDrive Registration Server
version 3.6.0

This script will perform the following steps:

 - Modify the local configuration file /etc/my.cnf,
   start and enable MySQL Server
   (only when MySQL Server runs locally)
 - Create the required MySQL user "teamdrive",
   assign the provided password and the required
   database privileges
   (requires access to the MySQL root user)
 - Create and populate the required Registration Server
   MySQL databases
 - Modify the local Registration Server configuration files
   /etc/td-regserver.my.cnf and /var/www/html/tdlibs/globals.php
   (if installed)

Enter MySQL hostname: localhost
Enter MySQL root password for localhost: <root password>
Enter MySQL password to be set for user teamdrive: <teamdrive password>

mysqld (pid  10162) is running...
Stopping mysqld:                                           [  OK  ]
Changing local MySQL Server configuration...
Backing up existing configuration file /etc/my.cnf...
`/etc/my.cnf' -> `/etc/my.cnf-2015-04-20-11:59.bak'
Removing old InnoDB log files...
`/var/lib/mysql/ib_logfile0' -> `/var/lib/mysql/ib_logfile0-2015-04-20-11:59.bak'
`/var/lib/mysql/ib_logfile1' -> `/var/lib/mysql/ib_logfile1-2015-04-20-11:59.bak'
Starting and enabling MySQL Server...
Starting mysqld:                                           [  OK  ]
Trying to connect to the MySQL server as root...
+---------------+
| MySQL Version |
+---------------+
| 8.0.36        |
+---------------+
Creating teamdrive MySQL user on localhost
Trying to connect to the MySQL server as the teamdrive user...
Creating Registration Server databases...
======================
CREATE DATABASE td2reg
======================
CREATE TABLE TD2User
CREATE TABLE TD2UserBlob
CREATE TABLE TD2FreeUserStorage
CREATE TABLE TD2Device
CREATE TABLE TD2Message
CREATE TABLE TD2MessageSF
CREATE TABLE TD2MessageFD
CREATE TABLE TD2Ticket
CREATE TABLE TD2Email
CREATE TABLE TD2AutoTask
CREATE TABLE TD2Owner
CREATE TABLE TD2OwnerMeta
CREATE TABLE TD2OwnerMetaSetting
CREATE TABLE TD2OwnerMetaHistory
CREATE TABLE TD2TicketChanges
CREATE TABLE TD2LicenceType
CREATE TABLE TD2OwnerLicenceType
CREATE TABLE TD2Product
CREATE TABLE TD2OwnerProduct
CREATE TABLE TD2Depot
CREATE TABLE TD2DepotUser
CREATE TABLE TD2Setting
CREATE TABLE TD2UserPrivileges
CREATE TABLE TD2UserPrivilegesSetting
CREATE TABLE TD2Events
CREATE TABLE TD2EventLog
CREATE TABLE TD2LicenseFeatures
CREATE TABLE TD2LargeBinaries
CREATE TABLE TD2BlobData
CREATE TABLE TDAddressRange
CREATE TABLE TD2Parcel
CREATE TABLE Keys
CREATE TABLE TD2SetupSession
CREATE TABLE TD2Notification
CREATE TABLE TD2Group
CREATE TABLE TD2GroupMember
CREATE TABLE TD2Account
CREATE TABLE TD2AccountMember
CREATE TABLE TD2AccountChanges
CREATE TABLE TD2LicenseReport
CREATE TABLE TD2Recovery
CREATE TABLE TD2SendGrid
CREATE TABLE TD2EmailEventLog
CREATE TABLE TD2Domain
CREATE TABLE TD2FailedLookup
CREATE TABLE TD2AuthToken
CREATE TABLE TD2UserLogins
CREATE TABLE TD2ShortUrl
CREATE TABLE TD2History
CREATE TABLE TD2DeviceGroup
CREATE TABLE TD2GlobalUser
CREATE TABLE TD2GroupChanges
CREATE TABLE TD2HostServer
=========================
CREATE DATABASE td2apilog
=========================
create table TD2APIRequests
Updating /etc/td-regserver.my.cnf...
Backing up existing configuration file ...
'/etc/td-regserver.my.cnf' -> '/etc/td-regserver.my.cnf-2024-05-31-12:27.bak'
Setting up /var/www/html/tdlibs/globals.php...
'/var/www/html/tdlibs/globals-sample.php' -> '/var/www/html/tdlibs/globals.php'

Finished!
The MySQL configuration for TeamDrive Registration Server
version 5.0.0.0 is now complete.

Among other things, the mysql_install.sh script modifies a few run-time parameters in the MySQL server configuration file /etc/my.cnf — review these carefully and adapt them to match your system configuration as outlined in the MySQL Reference Manual.

In particular, the value for innodb_buffer_pool_size should be adjusted to the amount of main memory (RAM) available in your system; typically this value should be set to about 80% of the total memory. Also, the size of the InnoDB log files defined in innodb_log_file_size might be worth reviewing.

Warning

Changing the value of innodb_log_file_size after MySQL has already been started will lead to InnoDB error messages when the MySQL server restarts, e.g.:

InnoDB: Error: log file ./ib_logfile0 is of different size 0 5242880 bytes
InnoDB: than specified in the .cnf file 0 67108864 bytes!

In order to avoid these, you need to shut down the MySQL Server cleanly, move away the current InnoDB log files (named ib_logfile0, ib_logfile1 and so on), and restart MySQL, so InnoDB can re-create these logs with the correct size.

See http://www.percona.com/blog/2011/07/09/how-to-change-innodb_log_file_size-safely/ for more details.

As a final test, try logging into the MySQL database from the Registration Server system, using the teamdrive user and the password you defined — you should be able to see and access the TeamDrive Registration Server databases:

[root@regserver ~]# mysql -u teamdrive -p
Enter password:
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 7
Server version: 5.1.73 Source distribution

Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql> SHOW DATABASES;
+--------------------+
| Database           |
+--------------------+
| information_schema |
| td2apilog          |
| td2reg             |
+--------------------+
3 rows in set (0.00 sec)

mysql> QUIT
Bye

The MySQL database has now been configured and populated with the required databases and tables.

CentOS Hardening

We recommend to harden the CentOS system as described in TeamDrive Server Hardening.

The script can be retrieved from TeamDrive Systems.