source: branches/stable/INSTALL@ 507

Last change on this file since 507 was 507, checked in by Kris Deugau, 13 years ago

/branches/stable

Make the fixed web path at least configurable in one place rather
than completely hardcoded across many files.
Update initial database tabledef SQL
Bump version

  • Property svn:keywords set to Id
File size: 5.6 KB
Line 
1$Id: INSTALL 507 2011-11-15 23:08:14Z kdeugau $
2
3Requirements
4============
5
6- Any CGI-capable web server that can execute arbitrary files or
7 files with administrator-defineable extensions
8- PostgreSQL >= 7.4. It should be possible to (fairly) trivially patch
9 the code for any other DBMS that supports:
10 - an IP address/CIDR netblock data type
11 - higher/greater, lower/less than, contains, and is-contained-by
12 operators
13- Perl >= 5.6
14 - Standard modules:
15 These should be included in any base Perl install
16 - File::Path
17 - CGI::Carp
18 - POSIX
19 - Sys::Syslog
20 - Extra modules:
21 - NetAddr::IP >= 4.x. 3.x may work, however 4.x has been out for
22 more than 4 years.
23 - DBI
24 - DBD::Pg
25 - Sys::SigAction. This isn't strictly required; it's used in an
26 example hook for validating customer IDs against an external
27 database. It could arguably be replaced with sigaction() from the
28 POSIX module when using Perl >= 5.8.2. See eg Sys::SigAction on
29 CPAN (http://search.cpan.org/~lbaxter/Sys-SigAction-0.11/lib/Sys/SigAction.pm)
30 for some thoughts on the gritty details.
31
32Installing the IPDB
33===================
34
351) Untar in a convenient location. You should be able to simply use the
36unpacked tarball as-is, or you can run "make install" to install files
37in /usr/local/lib/ipdb-#VERSION#, with configuration modules in
38/usr/local/etc/ipdb-#VERSION#.
39
40The Makefile supports substitution on most standard
41GNU/FHS-ish paths, so you could also run:
42
43 make install prefix=/opt
44
45to install it under /opt.
46
47The Makefile also supports DESTDIR for packaging, so you can use:
48
49 make install libdir=/usr/lib sysconfdir=/etc DESTDIR=/tmp/ipdbpkgroot
50
51to install for packaging under /tmp/ipdbpkgroot with the core scripts
52and HTML packaged under /usr/lib/ipdb-#VERSION#, and the configuration
53modules packaged under /etc/ipdb-#VERSION#.
54
552) Configuration: These module files will either be in the cgi-bin/
56directory from the unpacked tarball, or /usr/local/etc/ipdb-#VERSION#
57if installed with 'make install'.
58 a) Edit MyIPDB.pm: you need to set the database DSN and
59 company info. You should probably also set the syslog facility and
60 default custid.
61 b) Edit CustIDCK.pm as needed to validate customer IDs.
62
634) As a Postgres superuser, create a database user and the database.
64Create the inital tables using cgi-bin/ipdb.psql.
65
665) Configure your webserver to call the IPDB scripts at an appropriate
67web path. A webroot pointing to the HTML files (first level under
68the ipdb-#VERSION#/ tarball directory, or /usr/local/lib/ipdb-#VERSION#)
69should work fine; a server alias under an existing virtual host should
70work as well.
71
72Set $IPDB::webpath (the web path to your IPDB install) in MyIPDB.pm.
73Straight out of the tarball it should work at the webroot, but if you
74want it in a subdirectory, you'll need to set this variable to get all
75of the internal links to behave properly.
76
77The directory containing the HTML and scripts must have at least the
78following Apache directives (or other server equivalent) set:
79
80 Options ExecCGI IncludesNoEXEC
81
826) User lists can be maintained two basic ways:
83
84 a) Use the built-in user manager to add and remove users. This
85 requires mod_auth_pgsql, configured with read/write access to the
86 IPDB users table. A default user admin, password admin, is created
87 in step 4 above - make sure to create a new user as an admin, and
88 remove the default user (or at least change its password).
89
90 b) Use the built-in user manager as in a) but create a short script to
91 export the user list to a standard .htpasswd file. This may be
92 useful if mod_auth_pgsql isn't easily available.
93
94 c) Maintain an external .htpasswd file of your own, configured and
95 maintained however you like. In this case the access-pwd-update.pl
96 script should edited to match the .htpasswd filename/path and should
97 be called from cron to make sure new users get added to the
98 database, and old ones get deleted. This extra maintenance of user
99 lists is necessary to support the access controls, which are stored
100 in the database.
101
102 You will have to either temporarily create a user "admin", so that user
103 can grant other users priviledges, or run the following on the database:
104
105 UPDATE users SET acl='bacdsA' WHERE username='newadminuser';
106
107 Replace 'newadminuser' as appropriate.
108
109 If you don't do this, nobody will be able to make any changes;
110 access-pwd-update.pl only grants minimal read access to new users.
111
1127) (optional) Pick a log facility by setting $IPDB::syslog_facility in
113MyIPDB.pm, and tweak your syslog configuration to direct IPDB logging
114to a custom log. Most logging is at the level of "info" or "warn".
115Full changes are not logged. Logging verbosity isn't very high, so it
116may be acceptable to leave the log stream at the defaults.
117
118---
119
120Basic installation should now be complete! Log in as an admin user,
121add your ARIN, RIPE, LACNIC, AfriNIC, or APNIC allocations and start
122documenting your netblock usage.
123
124If you want to export rWHOIS data, see http://www.unixadmin.cc/rwhois/
125for a place to start on setting up an rWHOIS server. Note that
126db2rwhois.pl creates and maintains the net-<cidr> trees, all you have
127to do is configure the daemon itself. Schedule runs of
128cgi-bin/extras/db2rwhois.pl followed by rwhois_indexer (every hour
129should be plenty often). You'll need to fill in correct organization
130contact info in MyIPDB.pm.
131
132If you're just running from the unpacked tarball directory, you may need
133to create symlinks in cgi-bin/extras/ for IPDB.pm and MyIPDB.pm,
134pointing to ../IPDB.pm and ../MyIPDB.pm respectively. Otherwise
135db2rwhois.pl won't be able to find these modules.
Note: See TracBrowser for help on using the repository browser.