== Install OMF Services ==

[[TOC(WiMAX/dSite*)]]

=== Configure Apt Repository ===

To begin we'll need to add the Orbit apt repository to the list of sources that our console will pull packages from. This is done by running the follwing two commands. 

'''Note: It is assumed that you have root access and can run these commands as root if needed'''

The first installs the orbit repositories gpg-key into the consoles key-ring.
{{{
wget -qO - http://packages.orbit-lab.org/downloads/orbitapt.gpg.key | sudo apt-key add -
}}}
Next we download the source list for the repository. 
{{{
wget -qO /etc/apt/sources.list.d/orbit.list http://packages.orbit-lab.org/downloads/orbit-precise.list
}}}
Once we have these changes in place, we need to update the repository list via
{{{
apt-get update
}}}

=== Install Services ===
All the services can be installed via a single container package: 
{{{
apt-get install omf-aggmgr-geni-5.4
}}}

This will install:
{{{
The following extra packages will be installed:
  apache2 apache2-mpm-prefork apache2-utils apache2.2-bin apache2.2-common auth-client-config bind9 bind9utils binutils cpp cpp-4.6 frisbee gcc gcc-4.6 gnutls-bin imagezip isc-dhcp-server ldap-auth-client
  ldap-auth-config ldap-utils ldapscripts libapache2-mod-php5 libapr1 libaprutil1 libaprutil1-dbd-sqlite3 libaprutil1-ldap libc-bin libc-dev-bin libc6 libc6-dev libcap2 libdbd-mysql-perl libdbi-perl
  libgomp1 libhtml-template-perl libltdl7 liblua5.1-0 libmpc2 libmpfr4 libmysql-ruby1.9.1 libmysqlclient-dev libmysqlclient18 libnet-daemon-perl libnss-ldap libodbc1 libpam-ldap libperl5.14 libplrpc-perl
  libquadmath0 libruby1.9.1 libslp1 libsqlite3-ruby1.9.1 libssl0.9.8 libterm-readkey-perl libyaml-0-2 linux-libc-dev make manpages-dev mysql-client-5.5 mysql-client-core-5.5 mysql-common mysql-server
  mysql-server-5.5 mysql-server-core-5.5 nmap omf-aggmgr-accountingcommon-5.4 omf-aggmgr-accountmanagement-5.4 omf-aggmgr-autoapprover-5.4 omf-aggmgr-cmc-5.4 omf-aggmgr-common-5.4
  omf-aggmgr-controlpanel-5.4 omf-aggmgr-delegatedam-5.4 omf-aggmgr-frisbee-5.4 omf-aggmgr-genimon-5.4 omf-aggmgr-instr-5.4 omf-aggmgr-inventory-5.4 omf-aggmgr-pxe-5.4 omf-aggmgr-result-5.4
  omf-aggmgr-saveimage-5.4 omf-aggmgr-scheduler-5.4 omf-aggmgr-status-5.4 omf-aggmgr-wimaxrf-5.4 omf-common-5.4 perl perl-base perl-modules php5-cli php5-common php5-fpm php5-ldap phpldapadmin pwgen
  ruby-mysql ruby-sqlite3 ruby1.9.1 ruby1.9.1-dev sharutils slapd sqlite3 ssl-cert tftpd-hpa zlib1g-dev
Suggested packages:
  apache2-doc apache2-suexec apache2-suexec-custom libpam-cracklib bind9-doc binutils-doc cpp-doc gcc-4.6-locales gcc-multilib autoconf automake1.9 libtool flex bison gdb gcc-doc gcc-4.6-multilib
  libmudflap0-4.6-dev gcc-4.6-doc libgcc1-dbg libgomp1-dbg libquadmath0-dbg libmudflap0-dbg binutils-gold isc-dhcp-server-ldap php-pear glibc-doc libipc-sharedcache-perl nscd libmyodbc odbc-postgresql
  tdsodbc unixodbc-bin slpd openslp-doc make-doc tinyca mailx perl-doc libterm-readline-gnu-perl libterm-readline-perl-perl libpod-plainer-perl php5-suhosin ruby1.9.1-examples ri1.9.1 graphviz sqlite3-doc
  openssl-blacklist syslinux-common
The following NEW packages will be installed:
  apache2 apache2-mpm-prefork apache2-utils apache2.2-bin apache2.2-common auth-client-config bind9 bind9utils binutils cpp cpp-4.6 frisbee gcc gcc-4.6 gnutls-bin imagezip isc-dhcp-server ldap-auth-client
  ldap-auth-config ldap-utils ldapscripts libapache2-mod-php5 libapr1 libaprutil1 libaprutil1-dbd-sqlite3 libaprutil1-ldap libc-dev-bin libc6-dev libcap2 libdbd-mysql-perl libdbi-perl libgomp1
  libhtml-template-perl libltdl7 liblua5.1-0 libmpc2 libmpfr4 libmysql-ruby1.9.1 libmysqlclient-dev libmysqlclient18 libnet-daemon-perl libnss-ldap libodbc1 libpam-ldap libperl5.14 libplrpc-perl
  libquadmath0 libruby1.9.1 libslp1 libsqlite3-ruby1.9.1 libssl0.9.8 libterm-readkey-perl libyaml-0-2 linux-libc-dev make manpages-dev mysql-client-5.5 mysql-client-core-5.5 mysql-common mysql-server
  mysql-server-5.5 mysql-server-core-5.5 nmap omf-aggmgr-accountingcommon-5.4 omf-aggmgr-accountmanagement-5.4 omf-aggmgr-autoapprover-5.4 omf-aggmgr-cmc-5.4 omf-aggmgr-common-5.4
  omf-aggmgr-controlpanel-5.4 omf-aggmgr-delegatedam-5.4 omf-aggmgr-frisbee-5.4 omf-aggmgr-geni-5.4 omf-aggmgr-genimon-5.4 omf-aggmgr-instr-5.4 omf-aggmgr-inventory-5.4 omf-aggmgr-pxe-5.4
  omf-aggmgr-result-5.4 omf-aggmgr-saveimage-5.4 omf-aggmgr-scheduler-5.4 omf-aggmgr-status-5.4 omf-aggmgr-wimaxrf-5.4 omf-common-5.4 php5-cli php5-common php5-fpm php5-ldap phpldapadmin pwgen ruby-mysql
  ruby-sqlite3 ruby1.9.1 ruby1.9.1-dev sharutils slapd sqlite3 ssl-cert tftpd-hpa zlib1g-dev
The following packages will be upgraded:
  libc-bin libc6 perl perl-base perl-modules
}}}

during the install process you will be prompted to answer the following questions. The order may not match up, but each will be asked.

==== LDAP Server Installation Questions ====
You will be promted for Ldap root passwords. The password you specify must match the password you give when configuring the client. The installer will guess the organizational structure for LDAP based on FQDN that was set during installation.  For example if your machine name is console.geni.net, it will assume the domain is:
{{{
geni.net => dc=geni,dc=net
}}}

'''Note: For the rest of this guide we assume the domain is dc=geni,dc=net. Please adjust this domain to match your FQDN.'''

==== LDAP Client Installation Questions ====

When Installing you will be asked for the following information:

 * base dc=geni,dc=net
 * uri ldap://console.geni.net/
 * ldap_version 3
 * rootbinddn cn=admin,dc=geni,dc=net

Use the defaults for any questions not mentioned here.

==== MySQL Installation Questions ====

You will be prompted for a MySQL admin password during the install. 

=== Post-installation Configuration ===

Once the installation completes you will need to modify the ''/etc/ldap.conf''. Please make sure the line:
{{{
pam_check_host_attr yes
}}}
is uncommented and is set to '''yes'''. Next add the following line to the end of your ''/etc/ldap.conf''.
{{{
nss_initgroups_ignoreusers backup,bin,daemon,games,gnats,irc,libuuid,libvirt-qemu,list,lp,mail,man,messagebus,news,ntp,postfix,proxy,root,sshd,statd,sync,sys,syslog,usbmux,uucp,www-data
}}}

You can verify your ldap conf config by running:
{{{
egrep -v "^#|^$" /etc/ldap.conf
}}}
It should produce results like:
{{{
base dc=geni,dc=net
uri ldap://ldap.geni.net/
ldap_version 3
pam_check_host_attr yes
rootbinddn cn=admin,dc=geni,dc=net
pam_password md5
nss_initgroups_ignoreusers backup,bin,daemon,games,gnats,irc,libuuid,libvirt-qemu,list,lp,mail,man,messagebus,news,ntp,postfix,proxy,root,sshd,statd,sync,sys,syslog,usbmux,uucp,www-data
}}}

Next edit /etc/nsswitch.conf file so that is has the follow non comment lines:
{{{
    passwd:         files ldap compat
    group:          files ldap compat
    shadow:         files compat

    hosts:          files dns
    networks:       files

    protocols:      db files
    services:       db files
    ethers:         db files
    rpc:            db files

    netgroup:       nis
}}}
Finally add the follow line to the /etc/sudoers file (note this is done with the visudo command).
{{{
    %admin ALL=(ALL) ALL
    %sysadmin ALL=NOPASSWD: ALL
}}}