source: trunk/INSTALL@ 952

Last change on this file since 952 was 934, checked in by Kris Deugau, 2 years ago

/trunk

Update INSTALL with modules added since 2012 (!!), and update a CPAN link

  • Property svn:keywords set to Id
File size: 5.8 KB
Line 
1$Id: INSTALL 934 2022-12-08 21:08:05Z kdeugau $
2
3Requirements
4============
5
6- Any CGI-capable web server that can execute arbitrary files or
7 files with administrator-defineable extensions
8- PostgreSQL. It should be possible to (fairly) trivially patch
9 the code for any other DBMS that supports:
10 - an IP address/CIDR netblock data type, supporting higher/greater,
11 lower/less than, contains, and is-contained-by operators
12- Perl >= 5.6
13 - Standard modules:
14 These should be included in any base Perl install
15 - CGI::Carp
16 - File::Basename
17 - File::Path
18 - File::Spec
19 - POSIX
20 - Sys::Syslog
21 - Extra modules:
22 - CGI::Simple
23 - DBI
24 - DBD::Pg
25 - Frontier::Client and Frontier::Responder. Note that you may want to apply patch
26 https://secure.deepnet.cx/releases/Frontier-HTAuth.patch to support calls out to
27 an XMLRPC responder using HTTP AUTH, and will probably want to apply patch
28 https://secure.deepnet.cx/releases/Frontier-undef_scalars.patch if you want to
29 use the IPDB XMLRPC responder to keep your webserver error log from overflowing
30 with "Use of uninitialized value..." warnings.
31 - HTML::Template
32 - NetAddr::IP
33 - Sys::SigAction. This isn't strictly required; it's used in an
34 example hook for validating customer IDs against an external
35 database. It could arguably be replaced with sigaction() from the
36 POSIX module when using Perl >= 5.8.2. See eg Sys::SigAction on
37 CPAN (https://metacpan.org/release/LBAXTER/Sys-SigAction-0.11/view/lib/Sys/SigAction.pm)
38 for some thoughts on the gritty details.
39
40Installing the IPDB
41===================
42
431) Untar in a convenient location. You should be able to simply use the
44unpacked tarball as-is, or you can run "make install" to install files
45in /usr/local/lib/ipdb-#VERSION#, with configuration modules in
46/usr/local/etc/ipdb-#VERSION#.
47
48The Makefile supports substitution on most standard
49GNU/FHS-ish paths, so you could also run:
50
51 make install prefix=/opt
52
53to install it under /opt.
54
55The Makefile also supports DESTDIR for packaging, so you can use:
56
57 make install libdir=/usr/lib sysconfdir=/etc DESTDIR=/tmp/ipdbpkgroot
58
59to install for packaging under /tmp/ipdbpkgroot with the core scripts
60and HTML packaged under /usr/lib/ipdb-#VERSION#, and the configuration
61modules packaged under /etc/ipdb-#VERSION#.
62
632) Configuration: These module files will either be in the cgi-bin/
64directory from the unpacked tarball, or /usr/local/etc/ipdb-#VERSION#
65if installed with 'make install'.
66 a) Edit MyIPDB.pm: you need to set the database DSN and
67 company info. You should probably also set the syslog facility and
68 default custid.
69 b) Edit CustIDCK.pm as needed to validate customer IDs.
70
714) Create the database, and the inital tables using cgi-bin/ipdb.psql.
72
735) Configure your webserver to call the IPDB scripts at an appropriate
74web path. A webroot pointing to the HTML files (first level under
75the ipdb-#VERSION#/ tarball directory, or /usr/local/lib/ipdb-#VERSION#)
76should work fine; a server alias under an existing virtual host should
77work as well.
78
79Set $IPDB::webpath (the web path to your IPDB install) in MyIPDB.pm.
80Straight out of the tarball it should work at the webroot, but if you
81want it in a subdirectory, you'll need to set this variable to get all
82of the internal links to behave properly.
83
84The directory containing the HTML and scripts must have at least the
85following Apache directives (or other server equivalent) set:
86
87 Options ExecCGI IncludesNoEXEC
88
896) User lists can be maintained two basic ways:
90
91 a) Use the built-in user manager to add and remove users. This
92 requires mod_auth_pgsql, configured with read/write access to the
93 IPDB users table. A default user admin, password admin, is created
94 in step 4 above - make sure to create a new user as an admin, and
95 remove the default user (or at least change its password).
96
97 b) Maintain an external .htpasswd file of your own, configured and
98 maintained however you like. In this case the access-pwd-update.pl
99 script should edited to match the .htpasswd filename/path and should
100 be called from cron to make sure new users get added to the
101 database, and old ones get deleted. This extra maintenance of user
102 lists is necessary to support the access controls, which are stored
103 in the database.
104
105You will have to either temporarily create a user "admin", so that user
106can grant other users priviledges, or run the following on the database:
107
108 UPDATE users SET acl='bacdsA' WHERE username='newadminuser';
109
110Replace 'newadminuser' as appropriate.
111
112If you don't do this, nobody will be able to make any changes;
113access-pwd-update.pl only grants minimal read access to new users.
114
1157) (optional) Pick a log facility by setting $IPDB::syslog_facility in
116MyIPDB.pm, and tweak your syslog configuration to direct IPDB logging
117to a custom log. Most logging is at the level of "info" or "warn".
118Full changes are not logged. Logging verbosity isn't very high, so it
119may be acceptable to leave the log stream at the defaults.
120
121---
122
123Basic installation should now be complete! Log in as an admin user,
124add your ARIN, RIPE, LACNIC, AfriNIC, or APNIC allocations and start
125documenting your netblock usage.
126
127If you want to export rWHOIS data, see http://www.unixadmin.cc/rwhois/
128for a place to start on setting up an rWHOIS server. Note that
129db2rwhois.pl creates and maintains the net-<cidr> trees, all you have
130to do is configure the daemon itself. Schedule runs of
131cgi-bin/extras/db2rwhois.pl followed by rwhois_indexer (every hour
132should be plenty often). You'll need to fill in correct organization
133contact info in MyIPDB.pm.
134
135If you're just running from the unpacked tarball directory, you may need
136to create symlinks in cgi-bin/extras/ for IPDB.pm and MyIPDB.pm,
137pointing to ../IPDB.pm and ../MyIPDB.pm respectively. Otherwise
138db2rwhois.pl won't be able to find these modules.
Note: See TracBrowser for help on using the repository browser.