Requirements:
-Centos 7.3 server with minimal hardware configuration (depends of your needs).
-ROOT permission on server.
-Internet connection to download all needed packages.
-Small IT basic knowledge and a bit of patience…
Let’s Start!
First of all update server
yum update
Change hostname at your server if needed
hostnamectl set-hostname kloxomr7.yobicloud.local
Add an entry in your /etc/hosts file (use your own IP Address and Hostname)
vi /etc/hosts
Add the entry
10.0.0.100 kloxomr7 kloxomr7.yobicloud.local
Install some packages required for optimal kloxo MR7 functionality
yum install yum-utils yum-priorities wget vim-minimal subversion curl net-tools zip unzip telnet -y
Move to temp folder, remove old rpm packages if any, now download and install version 7.0.0 (rpm naming as kloxomr7-7.0.0-*.rpm) read WARNING when install rpm package
cd /tmp rm -f mratwork* rpm -ivh https://github.com/mustafaramadhan/rpms/raw/master/mratwork/release/neutral/noarch/mratwork-release-0.0.1-1.noarch.rpm --no-check-certificate cd / yum update mratwork-* -y yum install kloxomr7 -y sh /script/upcp
Once the installation is completed you can login in the web panel using default user and password admin:admin by enter one of the following address
https://10.0.0.100:7777 http://10.0.0.100:7778
(use your own IP address or hostname)
—>>> ENJOY!!! <<<—
Requirements:
-Ubuntu server 16 or 18 with minimal hardware configuration (depends of your needs).
-ROOT permission on server.
-Internet connection to download all needed packages.
-Small IT basic knowledge and a bit of patience…
Let’s Start!
First of all update server repo list
sudo apt-get update
Change hostname at your server if needed
hostnamectl set-hostname pgadmin.yobicloud.local
Install POSTGRESQL packages if is not already installed
sudo apt-get install postgresql postgresql-contribHere is the repo if you need to do it manually “https://download.postgresql.org/pub/repos/“
After DB installation change the password of your user postgres for the postgres DB
sudo -u postgres psql postgres \password postgres
Insert your password twice and quit
\q
Now we are ready to prepare dependency to install last pgAdmin4 version from official Postgresql repo
sudo apt-get install build-essential libssl-dev libffi-dev libgmp3-dev virtualenv python-pip libpq-dev python-dev
Chose the path where Pgadmin will be installed, i use home, and setup a hidden folder with virtualenv move in and activate it
virtualenv .pgadmin4 cd .pgadmin4 source bin/activate
Now install with pip all pgadmin4 dependency
pip install flask-htmlmin pip install wheel pip install cryptography pyopenssl ndg-httpsclient pyasn1
Now we are ready to download and install last pgAdmin4 version from offical repo
wget https://ftp.postgresql.org/pub/pgadmin/pgadmin4/v3.2/pip/pgadmin4-3.2-py2.py3-none-any.whl pip install pgadmin4-3.2-py2.py3-none-any.whl
If you receive some error try with sudo
sudo pip install pgadmin4-3.2-py2.py3-none-any.whl
Once is installed let’s configure it
sudo nano /home/ubu/.pgadmin/lib/python2.7/site-packages/pgadmin4/config.py
And edit the line DEFAULT_SERVER this text or your specific IP:
DEFAULT_SERVER = '0.0.0.0' or ip address server
Now create a file to specific the destination of software data
LOG_FILE = '/var/log/pgadmin4/pgadmin4.log' SQLITE_PATH = '/var/lib/pgadmin4/pgadmin4.db' SESSION_DB_PATH = '/var/lib/pgadmin4/sessions' STORAGE_DIR = '/var/lib/pgadmin4/storage' SERVER_MODE = TRUE
Now is time to run Pgadmin4 and if show to connect to 0.0.0.0:5050 after user and password setup everything went smooth, you can test it or stop here if SSL is not needed
sudo python /home/ubu/.pgadmin4/lib/python2.7/site-packages/pgadmin4/pgAdmin4.pyEmail address: admin@yobicloud.local Password:Type the Password Retype password:Retype the Password pgAdmin 4 - Application Initialisation ======================================CTRL+C to shutdown pgadmin
Deactivate virtualenv in the folder
deactivate
Set the proper permission to write in the folders
sudo chown -R www-data:www-data /var/lib/pgadmin4/ sudo chown -R www-data:www-data /var/log/pgadmin4/
Install Apache2 if is not already installed
sudo apt-get install apache2 apache2-utils libexpat1 ssl-cert python curl sudo apt-get install libapache2-mod-wsgi sudo systemctl restart apache2
Edit apache2 configuration to redirect all pgAdmin4 connection from port 80 to 443 or whatever you chose by creating conf files
sudo nano pgadmin4.conf<VirtualHost *:80> ServerName ubuntu.yobicloud.local[or IP] Redirect permanent / https://[IP or hostname]/login?next=%2F </VirtualHost> <VirtualHost _default_:443> ServerName pgadmin.yobicloud.local DocumentRoot /var/www/html ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined SSLEngine on SSLCertificateFile /etc/apache2/ssl/pgadmin4.crt SSLCertificateKeyFile /etc/apache2/ssl/pgadmin4.key WSGIDaemonProcess pgadmin processes=1 threads=25 WSGIScriptAlias / /home/ubu/.pgadmin4/lib/python2.7/site-packages/pgadmin4/pgAdmin4.wsgi <Directory "/home/ubu/.pgadmin4/lib/python2.7/site-packages/pgadmin4/"> WSGIProcessGroup pgadmin WSGIApplicationGroup %{GLOBAL} Require all granted </Directory> </VirtualHost>
Remove apache default conf files and link the pgadmin4.conf you created
cd /etc/apache2/sites-enabled/ sudo rm -r 000-default.conf sudo ln -s ../sites-available/pgadmin4.conf .
Generate the certificate and fill in all info of the wizard (the path of the certificates is already in the pgadmin.conf apache file)
sudo mkdir /etc/apache2/ssl sudo openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -keyout /etc/apache2/ssl/pgadmin4.key -out /etc/apache2/ssl/pgadmin4.crt
Set SSL mode restart apache2 and enable it at OS boot
sudo a2enmod ssl sudo systemctl restart apache2 sudo systemctl status apache2 sudo systemctl enable apache2 apachectl configtest
Open your browser and write the ip address or hostname of your pgAdmin4 installed machine
—>>> ENJOY!!! <<<—
Requirements:
-Centos 7.3 server with minimal hardware configuration (depends of your needs).
-ROOT permission on server.
-Internet connection to download all needed packages.
-Small IT basic knowledge and a bit of patience…
Let’s Start!
First of all update server
yum update
Change hostname at your server if needed
hostnamectl set-hostname pgadmin.yobicloud.local
Download and install POSTGRESQL packages
yum install https://download.postgresql.org/pub/repos/yum/9.6/redhat/rhel-7-x86_64/pgdg-redhat96-9.6-3.noarch.rpm -y
Install EPEL
yum install epel-release
Now we are ready to install last pgAdmin4 version from repo
yum install pgadmin4
Once the installation finished without any problem, let’s create a file for pgadmin configuration
vi /usr/lib/python2.7/site-packages/pgadmin4-web/config_distro.py
And add this text:
LOG_FILE = '/var/log/pgadmin4/pgadmin4.log' SQLITE_PATH = '/var/lib/pgadmin4/pgadmin4.db' SESSION_DB_PATH = '/var/lib/pgadmin4/sessions' STORAGE_DIR = '/var/lib/pgadmin4/storage' SERVER_MODE = TRUE
Now is time to setup the admin account that will manage your installation, follow the wizard and after the application will start
python /usr/lib/python2.7/site-packages/pgadmin4-web/setup.pyEmail address: admin@yobicloud.local Password:Type the Password Retype password:Retype the Password pgAdmin 4 - Application Initialisation ======================================CTRL+C to shutdown pgadmin
Set the proper permission to write in the folders
chown -R apache:apache /var/lib/pgadmin4 chown -R apache:apache /var/log/pgadmin4 chcon -R -t httpd_sys_content_rw_t "/var/log/pgadmin4/" chcon -R -t httpd_sys_content_rw_t "/var/lib/pgadmin4/"
If you have problem to start the application we suggest to deactivate SElinux.
After everything working well let’s go ahead with the certificate creation to use for HTTPS protection
yum install mod_ssl cd /etc/ssl/certs mkdir /etc/ssl/private chmod 700 /etc/ssl/private openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/sslcert.key -out /etc/ssl/certs/sslcert.crt openssl dhparam -out /etc/ssl/certs/dhgroup.pem 2048 cat /etc/ssl/certs/dhgroup.pem | sudo tee -a /etc/ssl/certs/sslcert.crt
Create and edit the file in the apache path for pgadmin
vi /etc/httpd/conf.d/pgadmin4.conf
Add the text below:
<VirtualHost *:80> ServerName (your ip or host) Redirect permanent / https://(your ip or host)/browser/ </VirtualHost> <VirtualHost *:443> ServerName (your ip or host) SSLEngine on SSLCertificateFile/etc/ssl/certs/sslcert.crt
SSLCertificateKeyFile/etc/ssl/private/sslcert.key
WSGIDaemonProcess pgadmin processes=1 threads=25 WSGIScriptAlias / /usr/lib/python2.7/site-packages/pgadmin4-web/pgAdmin4.wsgi <Directory "/usr/lib/python2.7/site-packages/pgadmin4-web/"> WSGIProcessGroup pgadmin WSGIApplicationGroup %{GLOBAL} Require all granted </Directory> </VirtualHost>
Create a file that redirect any connection from port 80 (HTTP) to port 443 (HTTPS)
vi /etc/httpd/conf.d/non-ssl.conf
Add the text below:
<VirtualHost *:80> ServerName (your ip or host) Redirect permanent / https://(your ip or host) </VirtualHost>
Edit the main SSL config file for all HTTPS connection with some hardening tips
vi /etc/httpd/conf.d/ssl.conf
Uncomment:
DocumentRoot "/var/www/html"
ServerName 192.168.24.20:443
Comment:
# SSLProtocol all -SSLv2
# SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5:!SEED:!IDEA
Edit the certificate files path:
SSLCertificateFile /etc/ssl/certs/sslcert.crt
SSLCertificateKeyFile /etc/ssl/private/sslcert.key
Add this text somewhere in the file:
SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH
SSLProtocol All -SSLv2 -SSLv3
SSLHonorCipherOrder On
Header always set Strict-Transport-Security "max-age=63072000; includeSubdomains"
Header always set X-Frame-Options DENY
Header always set X-Content-Type-Options nosniff
The firewall if active need the ports to be open to properly allow you to use the web services.
After everything working well let’s go ahead with the certificate creation to use for HTTPS protection
firewall-cmd --permanent --add-service=https firewall-cmd --permanent --add-service=http firewall-cmd --reload
Restart Apache service and enable it to start-up at OS boot
systemctl restart httpd systemctl enable httpd
Test Apache config and set SElinux exception on it.
apachectl configtest setsebool -P httpd_can_network_connect 1
Open your browser and write the ip address or hostname of your pgAdmin4 installed machine
—>>> ENJOY!!! <<<—