|
| 1 | +Domain Controller |
| 2 | +================= |
| 3 | + |
| 4 | +TBD: Description, purpose |
| 5 | + |
| 6 | +Installation guide |
| 7 | +------------------ |
| 8 | + |
| 9 | +1. Add terraform module to your project and pass all required variables. |
| 10 | +1. Apply plan and log on your VM via SSH (user name is `centos`) |
| 11 | +1. Switch under root user and set password |
| 12 | + ``` |
| 13 | + sudo su |
| 14 | + passwd |
| 15 | + ``` |
| 16 | +1. Run `mount-ebs /dev/xvdb /store` to setup EBS volume. |
| 17 | +Verify if volume is mounted: `df -h` you should see corresponding line |
| 18 | +1. Run `centos-to-clearos` to install ClearOS. At the end VM should reboot. |
| 19 | +1. Open your browser and navigate to `https://YOUR-PUBLIC-IP:81/`. |
| 20 | +Use login `root` and password you previously created. |
| 21 | +1. Go though on boarding wizard: |
| 22 | + 1. Choose Private Server Mode. |
| 23 | + 1. Keep network interface and DNS settings as they are |
| 24 | + (defaults should work in AWS network). |
| 25 | + 1. On system registration step instead of filling into the form navigate to |
| 26 | + the following url to skip registration process: `/app/base/wizard/stop` |
| 27 | + 1. Choose Community Edition version |
| 28 | + 1. Skip registration one more time |
| 29 | +1. Generate self-signed certificates: `System -> Settings -> Certificate Manager` |
| 30 | +1. Configure hostname: |
| 31 | + 1. Navigate to `Network -> Settings -> IP Settings` |
| 32 | + 1. Set hostname, internet host name and default domain |
| 33 | + 1. Set network mode to `Standalone` |
| 34 | +1. Activate LDAP directory: `Server -> Directory -> Directory Server` |
| 35 | + 1. Set base domain to your local base domain e.g. `myproj.lan` |
| 36 | + 1. You may want to update LDAP authorization settings depending on your needs |
| 37 | +1. Create at least one user: `System -> Accounts -> Users` |
| 38 | +1. Enable firewall service: `systemctl enable firewall` |
| 39 | +1. Setup VPN `Network -> VPN -> OpenVPN`: |
| 40 | + 1. Disable default configuration |
| 41 | + 1. Set internet domain to public dns name of your VPN server |
| 42 | + 1. Open SSH again. |
| 43 | + 1. Edit file `/store/openvpn/clients.conf` and update |
| 44 | + routes or other settings if needed. |
| 45 | + 1. Run `chmod 600 /etc/clearos/openvpn.d/authorize` |
| 46 | + 1. Return to the web panel. Activate VPN service (button `Start`) |
| 47 | + 1. Follow user guide on setting up VPN account and verify if all work well. |
| 48 | + |
| 49 | + |
| 50 | +User guide |
| 51 | +---------- |
| 52 | +
|
| 53 | +#### Setup VPN account |
| 54 | +
|
| 55 | +1. Navigate to the VPN web panel (https://YOUR-PUBLIC-IP:81/) |
| 56 | +1. Login with your login and temporary password |
| 57 | +1. Change your password |
| 58 | +1. Open certificates list: Click on your name on upper right conner and choose `User Certificates` |
| 59 | +1. Download all files from `Security sertificates` section except of `PKCS12` |
| 60 | +1. Choose configuration file depending your OS and download it as well. |
| 61 | +1. Put all downloaded files (you should have 4) in the same folder on your machine |
| 62 | +1. Then download VPN client from https://openvpn.net/index.php/open-source/downloads.html |
| 63 | +and follow instructions to setup your connection. |
| 64 | +1. Make sure to choose "Use this connection for resources on it's network" when |
| 65 | +configuring client |
| 66 | +
|
0 commit comments