Jump to content

Meza/Install on existing server

From mediawiki.org

If you already have a server that meets Meza's requirements, run the following commands in your server's terminal to install Meza. This installs git, clones Meza from git, and deploys Meza via the Ansible playbook. This procedure was tested on a DigitalOcean Rocky Linux VM with 8GB of RAM

8 GB Memory / 160 GB Disk / NYC3 - Rocky Linux 8 x64

This procedure uses the 39.x version of Meza from the 'nasa/meza' repository on GitHub. At the time of writing this was on a branch by the same name. Later, you can probably use the main branch.

## Digital Ocean Rocky Linux droplets must be created with a user SSH key.
## So, you will need one of those uploaded into your DO account.
## We will not create a local user, but instead will execute everything as
## the root user in this setup.
## Do NOT dnf upgrade the system! 
## Meza takes care of 
## - managing package repositories
## - versionlocking packages
## - installing and configuring software

# Put SELINUX into permissive mode
# See link in 'References' for more info
sed -i -e 's;SELINUX=enforcing$;SELINUX=permissive;g' /etc/selinux/config
sestatus
# Status should show mode is 'enforcing', but config is 'permissive'
# Reboot the system to ensure that it will boot in permissive mode
shutdown -r now
# Check the current mode of SELINUX. Should be 'permissive'
getenforce

# Check that fips mode is false (0)
cat /proc/sys/crypto/fips_enabled

# Install and configure Git
dnf install -y git
git config --global user.email "greg.rundlett@gmail.com"
git config --global user.name "Greg Rundlett"

# The getmeza.sh script has built-in defaults that normally would be fine,
# Using the nasa/meza repository.
# Here we use environment variables to be explicit about what repo and branch to use
export MEZA_REPOSITORY_URL='https://github.com/nasa/meza.git'
export MEZA_BRANCH_NAME='39.x'
git clone --branch $MEZA_BRANCH_NAME $MEZA_REPOSITORY_URL /opt/meza
# Turn your system into a Meza Controller
bash /opt/meza/src/scripts/getmeza.sh

# ALWAYS issue meza commands from the 'config' directory so that Ansible picks
# up the local configuration
cd /opt/meza/config
# Check the version of Ansible and Python
ansible --version

# You should see output like the following:
# ansible 2.9.27
#   config file = /opt/meza/config/ansible.cfg
#   configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
#   ansible python module location = /usr/lib/python3.6/site-packages/ansible
#   executable location = /usr/bin/ansible
#   python version = 3.6.8 (default, Jan 25 2023, 08:28:52) [GCC 8.5.0 20210514 (Red Hat 8.5.0-18)]

# Create a working Meza instance that is 'all in one' (monolithic)
# Log files will be created automatically in /opt/data-meza/logs/monolith/deploy-output
meza deploy monolith -vvv

This will setup a demo wiki with the user Admin with password adminpass!. For production environments, update this password (go to "preferences" when logged into your wiki as this user) or remove this user.

Note: due to git security, if you want to perform any git actions (even git log) on the directory, you will need to add the repo to your 'safe' directory configuration: git config --global --add safe.directory /opt/meza

References

[edit]

RHEL 8 Changing SELINUX to permissive mode