= Installing red = Reading `overview.txt` is a very good idea before trying to install. ??? there is no `overview.txt` any more. Note: This is not a turn key solution. It will require programming, etc to work properly. Red is designed to write to your computer's system files. Probably a good idea to get it up and running in a test environment with a test destination server that can be borked. Don't test on a live production server! == Requirements == * MySQL * PHP * Apache == Installation == === Database === * Database. Red only supports MySQL. To begin, create database (e.g. `red`) and import [source:red/docs/sql/initialize.sql]. You can safely ignore the remaining dated sql files - you will need to import them if you are upgrading, but not if you are installing from scratch. * Create a mysql user for the client program that has select, update, delete, and insert privileges (such as red-ui). {{{ GRANT ALL ON red.* to 'red-ui'@'localhost' identified by 'secret'; }}} * Create a mysql user (e.g. `red-node`) for the server program using the following grant statements (to limit access to the bare minimum). {{{ GRANT SELECT ON red.* to 'red-node'@'server_domain' identified by 'secret'; GRANT UPDATE ON red.red_item to 'red-node'@'server_domain'; GRANT INSERT ON red.red_error_log to 'red-node'@'server_domain'; }}} === UI === The ui directory contains all the files necessary for the web gui to work. * Copy [source:red/ui/etc/config.inc.php.sample] to `ui/etc/config.inc.php` and edit it. * Set {{{ $config['notify_host'] = false }}} (because we haven't setup the server yet). * Update with the details of the `red-ui` user account you created above. * Find the line that sets `$base` and change it to the red root directory. * If you are not going to be using https, uncomment this line: {{{ $config['secure_cookies'] = false; }}} * In [source:red/ui/share/ihtml] copy the .sample files to files without the .sample suffix. Edit if you want. * In [source:red/ui/www] copy the extra.css.sample to extra.css. Edit if you want. * Configure your web server so it can use the www directory in the ui folder as the `DocumentRoot` * Test the UI. Login with user `admin` and password `admin23`. You should be able to add new items, which will be in the status "pending-insert". * On Fedora you need install the `php-process` package to get the `posix_getuid` function. * Ensure the hostname for the node you are configuring resolves correctly === node === * Your node computer must be able to access the database on your UI. You may need to configure your MySQL server on the UI to listen on a network IP address. * You can checkout the red code anywhere you want, however, `/usr/local/share/red` is the canonical location. * You should create a `/usr/local/etc/red` directory as well and copy the contents of [source:red/node/etc/red/] to this directory. * Configure. Enter the etc/red directory. Copy all `*.sample` files to the name without `.sample` Most files are configured to be used on a default debian configured system, so don't require additional editing. The red_node.conf is the only file that requires editing: * Configure it with the MySQL login details for the red-node user you created above. * Edit the line that says {{{ $node = 'localhost'; }}} and replace localhost with the hostname for the node. * Test the node update command. Execute red-node-update passing the path to the red_node.conf file (the default location is `/usr/local/etc/red/red_node.conf`, you don't need to pass the path as the second argument if your conf file is already located there). For example: {{{ node/sbin/red-node-update /path/to/etc/red/red-node.conf }}} * It should run silently, creating all the items that were in a pending state, changing the status to "active". === Setup ssh triggering === * As the user who your web server runs as, create an ssh private/public key pair, leaving the passphrase empty: {{{ ssh-keygen -t rsa }}} * On each destination node, create a `/root/.ssh/authorized_keys` file for the user that you want red to be logging in as. In a real world environment, you will want this to be the root user (or a user with password-less sudo privs). You should add a line that includes the command option to limit access to executing the `red-node-update` command, for example: {{{ command="/usr/local/share/red/server/sbin/red-node-update" ssh-rsa AAAAB3NzaC1yc etc... }}} * As the user who your web server runs as, test the connection and accept the key fingerprint (if it is correct). * Now - you can change your ui configuration setting to enable the notify variable to be true.