Express installation instructions#
The express installation instructions cover a minimal configuration without fault tolerance, placing all components on 1 virtual machine.
The instructions are given for the case when the virtual machine is connected to the Internet. The instructions use the name testinstallation.local
as the domain name for installation (it should be corrected). In the scripts used for configuration, the string CHANGE_ME
is used as the password (it must be corrected). All actions are performed with the privileges of the root
user.
The operating system must be updated with current patches before work can be performed.
The Blitz Identity Provider distribution files must be downloaded and extracted to the ~/tmp/blitz
directory before installation on the server (check the correct version in BLITZ_REL
):
export BLITZ_REL=5.14.0
mkdir -p ~/tmp/blitz
wget -q 'https://nc.reaxoft.ru/nextcloud/index.php/s/3W48EBrNXf3R3WC/download?path=%2F'$BLITZ_REL'&files=blitz-'$BLITZ_REL.bin -O ~/tmp/blitz/blitz-$BLITZ_REL.bin
wget -q 'https://nc.reaxoft.ru/nextcloud/index.php/s/3W48EBrNXf3R3WC/download?path=%2F'$BLITZ_REL'&files=resources.zip' -O ~/tmp/blitz/resources.zip
unzip ~/tmp/blitz/resources.zip -d ~/tmp/blitz
find ~/tmp/blitz -name *.sh -o -name *.bin|xargs chmod +x
Astra Linux Special Edition 1.7#
JDK Installation#
Install the Liberica JDK distribution:
apt install ./bellsoft-jdk8u292+10-linux-amd64.deb
Memcached installation#
Install the distribution:
apt install memcached
Start the service:
systemctl enable memcached && systemctl start memcached
PostgreSQL installation#
Install the distribution:
apt install postgresql-11
Add permission in /etc/postgresql/11/main/pg_hba.conf
for the blitz
user to connect to the DBMS:
host blitzdb blitz 127.0.0.1/32 scram-sha-256
Specify the password encryption algorithm in /etc/postgresql/11/main/postgresql.conf
:
password_encryption = scram-sha-256
Restart the service:
systemctl restart postgresql@11-main
Connect to the DBMS and perform initial configuration
su - postgres
psql
create database blitzdb;
create user blitz with encrypted password 'CHANGE_ME';
grant ALL PRIVILEGES ON DATABASE blitzdb to blitz;
grant ALL on ALL tables in schema public to blitz;
Return to the root
user shell and execute the scripts for creating and updating the blitzdb
database structure:
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/000-service-tasks.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/001-init-database.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/002-new_pp_columns.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/003-usd_id_table.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/004-usr_auth_table.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/005-usr_agt_table.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/006-usr_htp_hmc_alg.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/007-usr_atr_cfm.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/008-wak.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/009-fix_pp_column.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/010-add_usr_prp.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/011-pp_audit.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/012-geo_to_audit.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/013-tasks.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/014-sec_ch_ua.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/015-5.12.0.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/016-5.13.0.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/017-5.15.0.sql
RabbitMQ Installation#
Installation of the RabbitMQ queue server is optional and is required if the queue server will be used to pass events to adjacent systems (see Configuring sending events to the queue server) or as a message broker (see Configuring the use of a queue server as a message broker).
Install the distribution:
apt-get install rabbitmq-server
Start the service:
systemctl enable rabbitmq-server && systemctl start rabbitmq-server
Prepare a queue for interaction:
rabbitmqctl add_user blitz CHANGE_ME
rabbitmqctl set_permissions blitz ".*" ".*" ".*"
rabbitmq-plugins enable rabbitmq_management
curl -vvk 127.0.0.1:15672/cli/rabbitmqadmin >rabbitmqadmin
chmod +x rabbitmqadmin
./rabbitmqadmin declare exchange name=blitz-tasks-exh type=direct
./rabbitmqadmin declare queue name=blitz-tasks durable=true
./rabbitmqadmin declare binding source="blitz-tasks-exh"
destination_type="queue" destination="blitz-tasks"
routing_key="blitz-tasks"
389 Directory Server installation#
Install the distribution:
apt-get install 389-ds-base
Enable automatic startup of the service:
systemctl enable dirsrv.target
Initialize the LDAP directory:
dscreate interactive
Perform the initial directory configuration:
/tmp/blitz/ldap/ldap_init.sh
Nginx installation#
Install the distribution:
apt-get install nginx-light
Copy the files for use:
cp /tmp/blitz/nginx/blitz-idp.conf /etc/nginx/sites-enabled/
cp -R /tmp/blitz/static_errors /usr/share/nginx/html
Installing the Blitz Identity Provider#
Install the distribution (substitute the correct version in the file name):
/tmp/blitz/blitz-5.X.X.bin
In case of using keys created during the installation phase, restart nginx:
systemctl restart nginx
Make changes to /etc/blitz-config/blitz.conf
configuration file - specify in the blitz.prod.local.idp.internal-store-jdbc
block:
conn_url
- server address, database name, user name;db_name
- database name;enc_params.pswd
- password for connecting to the DBMS (the password is specified as plain text and will be automatically encrypted when launching Blitz Identity Provider).
"internal-store-jdbc" : {
"conn_url" : "jdbc:postgresql://127.0.0.1:5432/blitzdb?user=blitz&password=${pswd}&loggerLevel=DEBUG",
"db_name" : "blitzdb",
"enc_params" : {
"pswd" : "CHANGE_ME"
},
"keyAlias" : "jdbc",
"pool" : {
"max_idle_conn" : 5,
"max_total_conn" : 20,
"max_wait_conn_ms" : 30000,
"min_idle_conn" : 1
}
}
Add a mapping between the loopback interface address and the domain name specified at installation in /etc/hosts
:
127.0.0.1 localhost.localdomain localhost testinstallation.local
Start the services:
systemctl enable blitz-idp && systemctl start blitz-idp
systemctl enable blitz-console && systemctl start blitz-console
systemctl enable blitz-registration && systemctl start blitz-registration
systemctl enable blitz-recovery && systemctl start blitz-recovery
After successfully completing the installation and configuration of the Blitz Identity Provider, it is possible to connect to the management console using the domain name specified during the installation phase of the distribution, for example, https://testinstallation.local/blitz/console
.
Alt 8 SP Server#
JDK Installation#
Install the JDK distribution:
apt-get install java-1.8.0-openjdk-devel
Memcached installation#
Install the distribution:
apt-get install memcached
Start the service:
systemctl enable memcached && systemctl start memcached
PostgreSQL installation#
Install the distribution:
apt-get install postgresql11-server
Initialize the DBMS with the command:
/etc/init.d/postgresql initdb
Add permission in /etc/postgresql/11/main/pg_hba.conf
for the blitz
user to connect to the DBMS:
host blitzdb blitz 127.0.0.1/32 scram-sha-256
Specify the password encryption algorithm in /etc/postgresql/11/main/postgresql.conf
:
password_encryption = scram-sha-256
Start the service:
systemctl enable postgresql && systemctl start postgresql
Connect to the DBMS and perform initial configuration
psql -U postgres
create database blitzdb;
create user blitz with encrypted password 'CHANGE_ME';
grant ALL PRIVILEGES ON DATABASE blitzdb to blitz;
grant ALL on ALL tables in schema public to blitz;
Return to the shell and execute the scripts for creating and updating the blitzdb
database structure:
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/000-service-tasks.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/001-init-database.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/002-new_pp_columns.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/003-usd_id_table.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/004-usr_auth_table.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/005-usr_agt_table.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/006-usr_htp_hmc_alg.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/007-usr_atr_cfm.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/008-wak.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/009-fix_pp_column.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/010-add_usr_prp.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/011-pp_audit.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/012-geo_to_audit.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/013-tasks.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/014-sec_ch_ua.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/015-5.12.0.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/016-5.13.0.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/017-5.15.0.sql
RabbitMQ Installation#
Installation of the RabbitMQ queue server is optional and is required if the queue server will be used to pass events to adjacent systems (see Configuring sending events to the queue server) or as a message broker (see Configuring the use of a queue server as a message broker).
Install the distribution:
apt-get install rabbitmq-server
Start the service:
systemctl enable rabbitmq && systemctl start rabbitmq
Prepare a queue for interaction:
rabbitmqctl add_user blitz CHANGE_ME
rabbitmqctl set_permissions blitz ".*" ".*" ".*"
rabbitmq-plugins enable rabbitmq_management
curl -vvk 127.0.0.1:15672/cli/rabbitmqadmin >rabbitmqadmin
chmod +x rabbitmqadmin
./rabbitmqadmin declare exchange name=blitz-tasks-exh type=direct
./rabbitmqadmin declare queue name=blitz-tasks durable=true
./rabbitmqadmin declare binding source="blitz-tasks-exh"
destination_type="queue" destination="blitz-tasks"
routing_key="blitz-tasks"
389 Directory Server installation#
Install the distribution:
apt-get install 389-ds-base openldap-clients
Enable automatic startup of the service:
systemctl enable dirsrv.target
Initialize the LDAP directory:
dscreate interactive
Perform the initial directory configuration:
/tmp/blitz/ldap/ldap_init.sh
Nginx installation#
Install the distribution:
apt-get install nginx
Copy the files for use:
mkdir -p /var/www/html
cp /tmp/blitz/nginx/blitz-idp.conf /etc/nginx/sites-enabled.d/
cp -R /tmp/blitz/static_errors /var/www/html
Add the directive to /etc/nginx/sites-enabled.d/blitz-idp.conf
:
location /static_errors {
root /var/www/html;
}
Enable automatic startup of the service:
systemctl enable nginx
Installing the Blitz Identity Provider#
Install the distribution (substitute the correct version in the file name):
/tmp/blitz/blitz-5.X.X.bin
If using keys created during the installation phase, start nginx:
systemctl start nginx
Make changes to /etc/blitz-config/blitz.conf
configuration file - specify in the blitz.prod.local.idp.internal-store-jdbc
block:
conn_url
- server address, database name, user name;db_name
- database name;enc_params.pswd
- password for connecting to the DBMS (the password is specified as plain text and will be automatically encrypted when launching Blitz Identity Provider).
"internal-store-jdbc" : {
"conn_url" : "jdbc:postgresql://127.0.0.1:5432/blitzdb?user=blitz&password=${pswd}&loggerLevel=DEBUG",
"db_name" : "blitzdb",
"enc_params" : {
"pswd" : "CHANGE_ME"
},
"keyAlias" : "jdbc",
"pool" : {
"max_idle_conn" : 5,
"max_total_conn" : 20,
"max_wait_conn_ms" : 30000,
"min_idle_conn" : 1
}
}
Add a mapping between the loopback interface address and the domain name specified at installation in /etc/hosts
:
127.0.0.1 localhost.localdomain localhost testinstallation.local
Start the services:
systemctl enable blitz-idp && systemctl start blitz-idp
systemctl enable blitz-console && systemctl start blitz-console
systemctl enable blitz-registration && systemctl start blitz-registration
systemctl enable blitz-recovery && systemctl start blitz-recovery
After successfully completing the installation and configuration of the Blitz Identity Provider, it is possible to connect to the management console using the domain name specified during the installation phase of the distribution, for example, https://testinstallation.local/blitz/console
.
Alt Server 10#
JDK Installation#
Install the JDK distribution:
apt-get install java-1.8.0-openjdk-devel
Memcached installation#
Install the distribution:
apt-get install memcached
Start the service:
systemctl enable memcached && systemctl start memcached
PostgreSQL installation#
Install the distribution:
apt-get install postgresql14-server
Initialize the DBMS with the command:
/etc/init.d/postgresql initdb
Start the service:
systemctl enable postgresql && systemctl start postgresql
Connect to the DBMS and perform initial configuration
psql -U postgres
create database blitzdb;
create user blitz with encrypted password 'CHANGE_ME';
grant ALL PRIVILEGES ON DATABASE blitzdb to blitz;
grant ALL on ALL tables in schema public to blitz;
Return to the shell and execute the scripts for creating and updating the blitzdb
database structure:
psql -d blitzdb -U blitz -f ~/tmp/blitz/postgres/ddl/000-service-tasks.sql
psql -d blitzdb -U blitz -f ~/tmp/blitz/postgres/ddl/001-init-database.sql
psql -d blitzdb -U blitz -f ~/tmp/blitz/postgres/ddl/002-new_pp_columns.sql
psql -d blitzdb -U blitz -f ~/tmp/blitz/postgres/ddl/003-usd_id_table.sql
psql -d blitzdb -U blitz -f ~/tmp/blitz/postgres/ddl/004-usr_auth_table.sql
psql -d blitzdb -U blitz -f ~/tmp/blitz/postgres/ddl/005-usr_agt_table.sql
psql -d blitzdb -U blitz -f ~/tmp/blitz/postgres/ddl/006-usr_htp_hmc_alg.sql
psql -d blitzdb -U blitz -f ~/tmp/blitz/postgres/ddl/007-usr_atr_cfm.sql
psql -d blitzdb -U blitz -f ~/tmp/blitz/postgres/ddl/008-wak.sql
psql -d blitzdb -U blitz -f ~/tmp/blitz/postgres/ddl/009-fix_pp_column.sql
psql -d blitzdb -U blitz -f ~/tmp/blitz/postgres/ddl/010-add_usr_prp.sql
psql -d blitzdb -U blitz -f ~/tmp/blitz/postgres/ddl/011-pp_audit.sql
psql -d blitzdb -U blitz -f ~/tmp/blitz/postgres/ddl/012-geo_to_audit.sql
psql -d blitzdb -U blitz -f ~/tmp/blitz/postgres/ddl/013-tasks.sql
psql -d blitzdb -U blitz -f ~/tmp/blitz/postgres/ddl/014-sec_ch_ua.sql
psql -d blitzdb -U blitz -f ~/tmp/blitz/postgres/ddl/015-5.12.0.sql
psql -d blitzdb -U blitz -f ~/tmp/blitz/postgres/ddl/016-5.13.0.sql
psql -d blitzdb -U blitz -f ~/tmp/blitz/postgres/ddl/017-5.15.0.sql
RabbitMQ Installation#
Installation of the RabbitMQ queue server is optional and is required if the queue server will be used to pass events to adjacent systems (see Configuring sending events to the queue server) or as a message broker (see Configuring the use of a queue server as a message broker).
Install the distribution:
apt-get install rabbitmq-server
Start the service:
systemctl enable rabbitmq && systemctl start rabbitmq
Prepare a queue for interaction:
rabbitmqctl add_user blitz CHANGE_ME
rabbitmqctl set_permissions blitz ".*" ".*" ".*"
rabbitmq-plugins enable rabbitmq_management
curl -vvk 127.0.0.1:15672/cli/rabbitmqadmin >rabbitmqadmin
chmod +x rabbitmqadmin
./rabbitmqadmin declare exchange name=blitz-tasks-exh type=direct
./rabbitmqadmin declare queue name=blitz-tasks durable=true
./rabbitmqadmin declare binding source="blitz-tasks-exh"
destination_type="queue" destination="blitz-tasks"
routing_key="blitz-tasks"
389 Directory Server installation#
Install the distribution:
apt-get install 389-ds-base
apt-get install openldap-clients
Enable automatic startup of the service:
systemctl enable dirsrv.target
Initialize the LDAP directory:
dscreate interactive
Perform the initial directory configuration:
/tmp/blitz/ldap/ldap_init.sh
Nginx installation#
Install the distribution:
apt-get install nginx
Create a directory to host error pages:
mkdir -p /var/www/html
Copy the files for use:
cp /tmp/blitz/nginx/blitz-idp.conf /etc/nginx/sites-enabled.d/
cp -R /tmp/blitz/static_errors /var/www/html
Add the directive to /etc/nginx/sites-enabled.d/blitz-idp.conf
:
location /static_errors {
root /var/www/html;
}
Enable automatic startup of the service:
systemctl enable nginx && systemctl start nginx
Installing the Blitz Identity Provider#
Install the distribution (substitute the correct version in the file name):
/tmp/blitz/blitz-5.X.X.bin
If using keys created during the installation phase, start nginx:
systemctl start nginx
Make changes to /etc/blitz-config/blitz.conf
configuration file - specify in the blitz.prod.local.idp.internal-store-jdbc
block:
conn_url
- server address, database name, user name;db_name
- database name;enc_params.pswd
- password for connecting to the DBMS (the password is specified as plain text and will be automatically encrypted when launching Blitz Identity Provider).
"internal-store-jdbc" : {
"conn_url" : "jdbc:postgresql://127.0.0.1:5432/blitzdb?user=blitz&password=${pswd}&loggerLevel=DEBUG",
"db_name" : "blitzdb",
"enc_params" : {
"pswd" : "CHANGE_ME"
},
"keyAlias" : "jdbc",
"pool" : {
"max_idle_conn" : 5,
"max_total_conn" : 20,
"max_wait_conn_ms" : 30000,
"min_idle_conn" : 1
}
}
Add a mapping between the loopback interface address and the domain name specified at installation in /etc/hosts
:
127.0.0.1 localhost.localdomain localhost testinstallation.local
Start the services:
systemctl enable blitz-idp && systemctl start blitz-idp
systemctl enable blitz-console && systemctl start blitz-console
systemctl enable blitz-registration && systemctl start blitz-registration
systemctl enable blitz-recovery && systemctl start blitz-recovery
After successfully completing the installation and configuration of the Blitz Identity Provider, it is possible to connect to the management console using the domain name specified during the installation phase of the distribution, for example, https://testinstallation.local/blitz/console
.
OSnova 2.5.1#
JDK Installation#
Install the Liberica JDK distribution:
apt install ./bellsoft-jdk8u292+10-linux-amd64.deb
Memcached installation#
Install the distribution:
apt install memcached
Start the service:
systemctl enable memcached && systemctl start memcached
PostgreSQL installation#
Install the distribution:
apt install postgresql-11 postgresql-client-11
Initialize the DBMS with the command:
/etc/init.d/postgresql initdb
Add permission in /etc/postgresql/11/main/pg_hba.conf
for the blitz
user to connect to the database:
host blitzdb blitz 127.0.0.1/32 scram-sha-256
Specify the password encryption algorithm in /etc/postgresql/11/main/postgresql.conf
:
password_encryption = scram-sha-256
Restart the service:
systemctl restart postgresql
Connect to the DBMS and perform initial configuration
su - postgres
psql
create database blitzdb;
create user blitz with encrypted password 'CHANGE_ME';
grant ALL PRIVILEGES ON DATABASE blitzdb to blitz;
grant ALL on ALL tables in schema public to blitz;
Return to the root
user shell and execute the scripts for creating and updating the blitzdb
database structure:
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/000-service-tasks.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/001-init-database.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/002-new_pp_columns.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/003-usd_id_table.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/004-usr_auth_table.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/005-usr_agt_table.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/006-usr_htp_hmc_alg.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/007-usr_atr_cfm.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/008-wak.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/009-fix_pp_column.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/010-add_usr_prp.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/011-pp_audit.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/012-geo_to_audit.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/013-tasks.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/014-sec_ch_ua.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/015-5.12.0.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/016-5.13.0.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/017-5.15.0.sql
RabbitMQ Installation#
Installation of the RabbitMQ queue server is optional and is required if the queue server will be used to pass events to adjacent systems (see Configuring sending events to the queue server) or as a message broker (see Configuring the use of a queue server as a message broker).
Install the distribution:
apt-get install rabbitmq-server
Start the service:
systemctl enable rabbitmq && systemctl start rabbitmq
Prepare a queue for interaction:
rabbitmqctl add_user blitz CHANGE_ME
rabbitmqctl set_permissions blitz ".*" ".*" ".*"
rabbitmq-plugins enable rabbitmq_management
curl -vvk 127.0.0.1:15672/cli/rabbitmqadmin >rabbitmqadmin
chmod +x rabbitmqadmin
./rabbitmqadmin declare exchange name=blitz-tasks-exh type=direct
./rabbitmqadmin declare queue name=blitz-tasks durable=true
./rabbitmqadmin declare binding source="blitz-tasks-exh"
destination_type="queue" destination="blitz-tasks"
routing_key="blitz-tasks"
389 Directory Server installation#
Install the distribution:
apt-get install 389-ds-base openldap-clients
Enable automatic startup of the service:
systemctl enable dirsrv.target
Initialize the LDAP directory:
dscreate interactive
Perform the initial directory configuration:
/tmp/blitz/ldap/ldap_init.sh
Nginx installation#
Install the distribution:
apt-get install nginx
Copy the files for use:
mkdir -p /var/www/html
cp /tmp/blitz/nginx/blitz-idp.conf /etc/nginx/sites-enabled.d/
cp -R /tmp/blitz/static_errors /var/www/html
Add the directive to /etc/nginx/sites-enabled.d/blitz-idp.conf
:
location /static_errors {
root /var/www/html;
}
Enable automatic startup of the service:
systemctl enable nginx
Installing the Blitz Identity Provider#
Install the distribution (substitute the correct version in the file name):
/tmp/blitz/blitz-5.X.X.bin
If using keys created during the installation phase, start nginx:
systemctl start nginx
Make changes to /etc/blitz-config/blitz.conf
configuration file - specify in the blitz.prod.local.idp.internal-store-jdbc
block:
conn_url
- server address, database name, user name;db_name
- database name;enc_params.pswd
- password for connecting to the DBMS (the password is specified as plain text and will be automatically encrypted when launching Blitz Identity Provider).
"internal-store-jdbc" : {
"conn_url" : "jdbc:postgresql://127.0.0.1:5432/blitzdb?user=blitz&password=${pswd}&loggerLevel=DEBUG",
"db_name" : "blitzdb",
"enc_params" : {
"pswd" : "CHANGE_ME"
},
"keyAlias" : "jdbc",
"pool" : {
"max_idle_conn" : 5,
"max_total_conn" : 20,
"max_wait_conn_ms" : 30000,
"min_idle_conn" : 1
}
}
Add a mapping between the loopback interface address and the domain name specified at installation in /etc/hosts
:
127.0.0.1 localhost.localdomain localhost testinstallation.local
Start the services:
systemctl enable blitz-idp && systemctl start blitz-idp
systemctl enable blitz-console && systemctl start blitz-console
systemctl enable blitz-registration && systemctl start blitz-registration
systemctl enable blitz-recovery && systemctl start blitz-recovery
After successfully completing the installation and configuration of the Blitz Identity Provider, it is possible to connect to the management console using the domain name specified during the installation phase of the distribution, for example, https://testinstallation.local/blitz/console
.
Red OS 7.3#
JDK Installation#
Install the distribution:
dnf install java-1.8.0-openjdk-devel
Memcached installation#
Install the distribution:
dnf install memcached
Start the service:
systemctl enable memcached && systemctl start memcached
PostgreSQL installation#
Install the distribution:
dnf install postgresql14-server
Initialize the DBMS with the command:
/usr/bin/postgresql-14-setup initdb
Add permission in /var/lib/pgsql/14/data/pg_hba.conf
for the blitz
user to connect to the database:
host blitzdb blitz 127.0.0.1/32 scram-sha-256
Specify the password encryption algorithm in /var/lib/pgsql/14/data/postgresql.conf
:
password_encryption = scram-sha-256
Start the service:
systemctl enable postgresql-14 && systemctl start postgresql-14
Connect to the DBMS and perform initial configuration
su - postgres
psql
create database blitzdb;
create user blitz with encrypted password 'CHANGE_ME';
grant ALL PRIVILEGES ON DATABASE blitzdb to blitz;
grant ALL on ALL tables in schema public to blitz;
Return to the root
user shell and execute the scripts for creating and updating the blitzdb
database structure:
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/000-service-tasks.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/001-init-database.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/002-new_pp_columns.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/003-usd_id_table.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/004-usr_auth_table.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/005-usr_agt_table.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/006-usr_htp_hmc_alg.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/007-usr_atr_cfm.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/008-wak.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/009-fix_pp_column.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/010-add_usr_prp.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/011-pp_audit.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/012-geo_to_audit.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/013-tasks.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/014-sec_ch_ua.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/015-5.12.0.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/016-5.13.0.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/017-5.15.0.sql
RabbitMQ Installation#
Installation of the RabbitMQ queue server is optional and is required if the queue server will be used to pass events to adjacent systems (see Configuring sending events to the queue server) or as a message broker (see Configuring the use of a queue server as a message broker).
Install the distribution:
dnf install rabbitmq-server
Start the service:
systemctl enable rabbitmq-server && systemctl start rabbitmq-server
Prepare a queue for interaction:
rabbitmqctl add_user blitz CHANGE_ME
rabbitmqctl set_permissions blitz ".*" ".*" ".*"
rabbitmq-plugins enable rabbitmq_management
curl -vvk 127.0.0.1:15672/cli/rabbitmqadmin >rabbitmqadmin
chmod +x rabbitmqadmin
./rabbitmqadmin declare exchange name=blitz-tasks-exh type=direct
./rabbitmqadmin declare queue name=blitz-tasks durable=true
./rabbitmqadmin declare binding source="blitz-tasks-exh"
destination_type="queue" destination="blitz-tasks"
routing_key="blitz-tasks"
389 Directory Server installation#
Install the distribution:
dnf install 389-ds-base
Enable automatic startup of the service:
systemctl enable dirsrv.target
Initialize the LDAP directory:
dscreate interactive
Perform the initial directory configuration:
/tmp/blitz/ldap/ldap_init.sh
Nginx installation#
Install the distribution:
dnf install nginx
Copy the files for use:
cp /tmp/blitz/nginx/blitz-idp.conf /etc/nginx/sites-enabled.d/
cp -R /tmp/blitz/static_errors /usr/share/nginx/html
Enable automatic startup of the service:
systemctl enable nginx
Installing the Blitz Identity Provider#
Install the distribution (substitute the correct version in the file name):
/tmp/blitz/blitz-5.X.X.bin
If using keys created during the installation phase, start nginx:
systemctl start nginx
Make changes to /etc/blitz-config/blitz.conf
configuration file - specify in the blitz.prod.local.idp.internal-store-jdbc
block:
conn_url
- server address, database name, user name;db_name
- database name;enc_params.pswd
- password for connecting to the DBMS (the password is specified as plain text and will be automatically encrypted when launching Blitz Identity Provider).
"internal-store-jdbc" : {
"conn_url" : "jdbc:postgresql://127.0.0.1:5432/blitzdb?user=blitz&password=${pswd}&loggerLevel=DEBUG",
"db_name" : "blitzdb",
"enc_params" : {
"pswd" : "CHANGE_ME"
},
"keyAlias" : "jdbc",
"pool" : {
"max_idle_conn" : 5,
"max_total_conn" : 20,
"max_wait_conn_ms" : 30000,
"min_idle_conn" : 1
}
}
Add a mapping between the loopback interface address and the domain name specified at installation in /etc/hosts
:
127.0.0.1 localhost.localdomain localhost testinstallation.local
Start the services:
systemctl enable blitz-idp && systemctl start blitz-idp
systemctl enable blitz-console && systemctl start blitz-console
systemctl enable blitz-registration && systemctl start blitz-registration
systemctl enable blitz-recovery && systemctl start blitz-recovery
After successfully completing the installation and configuration of the Blitz Identity Provider, it is possible to connect to the management console using the domain name specified during the installation phase of the distribution, for example, https://testinstallation.local/blitz/console
.
Rocky Linux 8#
JDK Installation#
Install the distribution:
dnf install java-1.8.0-openjdk-devel
Memcached installation#
Install the distribution:
dnf install memcached
Start the service:
systemctl enable memcached && systemctl start memcached
PostgreSQL installation#
Install the distribution:
dnf install postgresql
Initialize the DBMS with the command:
postgresql-setup initdb
Add permission in /var/lib/pgsql/data/pg_hba.conf
for the blitz
user to connect to the database:
host blitzdb blitz 127.0.0.1/32 scram-sha-256
Specify the password encryption algorithm in /var/lib/pgsql/data/postgresql.conf
:
password_encryption = scram-sha-256
Start the service:
systemctl enable postgresql && systemctl start postgresql
Connect to the DBMS and perform initial configuration
su - postgres
psql
create database blitzdb;
create user blitz with encrypted password 'CHANGE_ME';
grant ALL PRIVILEGES ON DATABASE blitzdb to blitz;
grant ALL on ALL tables in schema public to blitz;
Return to the root
user shell and execute the scripts for creating and updating the blitzdb
database structure:
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/000-service-tasks.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/001-init-database.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/002-new_pp_columns.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/003-usd_id_table.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/004-usr_auth_table.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/005-usr_agt_table.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/006-usr_htp_hmc_alg.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/007-usr_atr_cfm.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/008-wak.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/009-fix_pp_column.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/010-add_usr_prp.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/011-pp_audit.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/012-geo_to_audit.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/013-tasks.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/014-sec_ch_ua.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/015-5.12.0.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/016-5.13.0.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/017-5.15.0.sql
RabbitMQ Installation#
Installation of the RabbitMQ queue server is optional and is required if the queue server will be used to pass events to adjacent systems (see Configuring sending events to the queue server) or as a message broker (see Configuring the use of a queue server as a message broker).
Prepare a configuration file with repositories for RabbitMQ in /etc/yum.repos.d/rabbitmq.repo
:
##
## Zero dependency Erlang
##
[rabbitmq_erlang]
name=rabbitmq_erlang
baseurl=https://packagecloud.io/rabbitmq/erlang/el/8/$basearch
repo_gpgcheck=1
gpgcheck=1
enabled=1
# PackageCloud's repository key and RabbitMQ package signing key
gpgkey=https://packagecloud.io/rabbitmq/erlang/gpgkey
https://github.com/rabbitmq/signingkeys/releases/download/2.0/rabbitmq-release-signing-key.asc
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
metadata_expire=300
##
## RabbitMQ server
##
[rabbitmq_server]
name=rabbitmq_server
baseurl=https://packagecloud.io/rabbitmq/rabbitmqserver/el/8/$basearch
repo_gpgcheck=1
gpgcheck=0
enabled=1
# PackageCloud's repository key and RabbitMQ package signing key
gpgkey=https://packagecloud.io/rabbitmq/rabbitmq-server/gpgkey
https://github.com/rabbitmq/signingkeys/releases/download/2.0/rabbitmq-release-signing-key.asc
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
metadata_expire=300
Install the distribution:
dnf install rabbitmq-server
Start the service:
systemctl enable rabbitmq-server && systemctl start rabbitmq-server
Prepare a queue for interaction:
rabbitmqctl add_user blitz CHANGE_ME
rabbitmqctl set_permissions blitz ".*" ".*" ".*"
rabbitmq-plugins enable rabbitmq_management
curl -vvk 127.0.0.1:15672/cli/rabbitmqadmin >rabbitmqadmin
chmod +x rabbitmqadmin
./rabbitmqadmin declare exchange name=blitz-tasks-exh type=direct
./rabbitmqadmin declare queue name=blitz-tasks durable=true
./rabbitmqadmin declare binding source="blitz-tasks-exh"
destination_type="queue" destination="blitz-tasks"
routing_key="blitz-tasks"
389 Directory Server installation#
Install the distribution:
dnf module enable 389-directory-server:stable
dnf install 389-ds-base
Enable automatic startup of the service:
systemctl enable dirsrv.target
Initialize the LDAP directory:
dscreate interactive
Perform the initial directory configuration:
/tmp/blitz/ldap/ldap_init.sh
Nginx installation#
Install the distribution:
dnf install nginx
Copy the files for use:
cp /tmp/blitz/nginx/blitz-idp.conf /etc/nginx/conf.d/
cp -R /tmp/blitz/static_errors /usr/share/nginx/html
Enable automatic startup of the service:
systemctl enable nginx
Installing the Blitz Identity Provider#
Install the distribution (substitute the correct version in the file name):
/tmp/blitz/blitz-5.X.X.bin
If using keys created during the installation phase, start nginx:
systemctl start nginx
Make changes to /etc/blitz-config/blitz.conf
configuration file - specify in the blitz.prod.local.idp.internal-store-jdbc
block:
conn_url
- server address, database name, user name;db_name
- database name;enc_params.pswd
- password for connecting to the DBMS (the password is specified as plain text and will be automatically encrypted when launching Blitz Identity Provider).
"internal-store-jdbc" : {
"conn_url" : "jdbc:postgresql://127.0.0.1:5432/blitzdb?user=blitz&password=${pswd}&loggerLevel=DEBUG",
"db_name" : "blitzdb",
"enc_params" : {
"pswd" : "CHANGE_ME"
},
"keyAlias" : "jdbc",
"pool" : {
"max_idle_conn" : 5,
"max_total_conn" : 20,
"max_wait_conn_ms" : 30000,
"min_idle_conn" : 1
}
}
Add a mapping between the loopback interface address and the domain name specified at installation in /etc/hosts
:
127.0.0.1 localhost.localdomain localhost testinstallation.local
Start the services:
systemctl enable blitz-idp && systemctl start blitz-idp
systemctl enable blitz-console && systemctl start blitz-console
systemctl enable blitz-registration && systemctl start blitz-registration
systemctl enable blitz-recovery && systemctl start blitz-recovery
After successfully completing the installation and configuration of the Blitz Identity Provider, it is possible to connect to the management console using the domain name specified during the installation phase of the distribution, for example, https://testinstallation.local/blitz/console
.
Rocky Linux 9#
JDK Installation#
Install the distribution:
dnf install java-1.8.0-openjdk-devel
Memcached installation#
Install the distribution:
dnf install memcached
Start the service:
systemctl enable memcached && systemctl start memcached
PostgreSQL installation#
Install the distribution:
dnf install postgresql-server
Initialize the DBMS with the command:
postgresql-setup –initdb –unit postgresql
Add permission in /var/lib/pgsql/data/pg_hba.conf
for the blitz
user to connect to the database:
host blitzdb blitz 127.0.0.1/32 scram-sha-256
Specify the password encryption algorithm in /var/lib/pgsql/data/postgresql.conf
:
password_encryption = scram-sha-256
Start the service:
systemctl enable postgresql && systemctl start postgresql
Return to the root
user shell and execute the scripts for creating and updating the blitzdb
database structure:
su - postgres
psql
create database blitzdb;
create user blitz with encrypted password 'CHANGE_ME';
grant ALL PRIVILEGES ON DATABASE blitzdb to blitz;
grant ALL on ALL tables in schema public to blitz;
Execute the scripts for creating and updating the blitzdb
database structure:
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/000-service-tasks.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/001-init-database.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/002-new_pp_columns.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/003-usd_id_table.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/004-usr_auth_table.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/005-usr_agt_table.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/006-usr_htp_hmc_alg.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/007-usr_atr_cfm.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/008-wak.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/009-fix_pp_column.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/010-add_usr_prp.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/011-pp_audit.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/012-geo_to_audit.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/013-tasks.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/014-sec_ch_ua.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/015-5.12.0.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/016-5.13.0.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/017-5.15.0.sql
RabbitMQ Installation#
Installation of the RabbitMQ queue server is optional and is required if the queue server will be used to pass events to adjacent systems (see Configuring sending events to the queue server) or as a message broker (see Configuring the use of a queue server as a message broker).
Prepare a configuration file with repositories for RabbitMQ in /etc/yum.repos.d/rabbitmq.repo
:
##
## Zero dependency Erlang
##
[rabbitmq_erlang]
name=rabbitmq_erlang
baseurl=https://packagecloud.io/rabbitmq/erlang/el/9/$basearch
repo_gpgcheck=1
gpgcheck=1
enabled=1
# PackageCloud's repository key and RabbitMQ package signing key
gpgkey=https://packagecloud.io/rabbitmq/erlang/gpgkey
https://github.com/rabbitmq/signingkeys/releases/download/2.0/rabbitmq-release-signing-key.asc
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
metadata_expire=300
##
## RabbitMQ server
##
[rabbitmq_server]
name=rabbitmq_server
baseurl=https://packagecloud.io/rabbitmq/rabbitmqserver/el/9/$basearch
repo_gpgcheck=1
gpgcheck=0
enabled=1
# PackageCloud's repository key and RabbitMQ package signing key
gpgkey=https://packagecloud.io/rabbitmq/rabbitmq-server/gpgkey
https://github.com/rabbitmq/signingkeys/releases/download/2.0/rabbitmq-release-signing-key.asc
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
metadata_expire=300
Install the distribution:
dnf install rabbitmq-server
Start the service:
systemctl enable rabbitmq-server && systemctl start rabbitmq-server
Prepare a queue for interaction:
rabbitmqctl add_user blitz CHANGE_ME
rabbitmqctl set_permissions blitz ".*" ".*" ".*"
rabbitmq-plugins enable rabbitmq_management
curl -vvk 127.0.0.1:15672/cli/rabbitmqadmin >rabbitmqadmin
chmod +x rabbitmqadmin
./rabbitmqadmin declare exchange name=blitz-tasks-exh type=direct
./rabbitmqadmin declare queue name=blitz-tasks durable=true
./rabbitmqadmin declare binding source="blitz-tasks-exh"
destination_type="queue" destination="blitz-tasks"
routing_key="blitz-tasks"
389 Directory Server installation#
Install the distribution:
dnf install 389-ds-base
Enable automatic startup of the service:
systemctl enable dirsrv.target
Initialize the LDAP directory:
dscreate interactive
Perform the initial directory configuration:
/tmp/blitz/ldap/ldap_init.sh
Nginx installation#
Install the distribution:
dnf install nginx
Copy the files for use:
cp /tmp/blitz/nginx/blitz-idp.conf /etc/nginx/conf.d/
cp -R /tmp/blitz/static_errors /usr/share/nginx/html
Enable automatic startup of the service:
systemctl enable nginx
Installing the Blitz Identity Provider#
Install the distribution (substitute the correct version in the file name):
/tmp/blitz/blitz-5.X.X.bin
If using keys created during the installation phase, start nginx:
systemctl start nginx
Make changes to /etc/blitz-config/blitz.conf
configuration file - specify in the blitz.prod.local.idp.internal-store-jdbc
block:
conn_url
- server address, database name, user name;db_name
- database name;enc_params.pswd
- password for connecting to the DBMS (the password is specified as plain text and will be automatically encrypted when launching Blitz Identity Provider).
"internal-store-jdbc" : {
"conn_url" : "jdbc:postgresql://127.0.0.1:5432/blitzdb?user=blitz&password=${pswd}&loggerLevel=DEBUG",
"db_name" : "blitzdb",
"enc_params" : {
"pswd" : "CHANGE_ME"
},
"keyAlias" : "jdbc",
"pool" : {
"max_idle_conn" : 5,
"max_total_conn" : 20,
"max_wait_conn_ms" : 30000,
"min_idle_conn" : 1
}
}
Add a mapping between the loopback interface address and the domain name specified at installation in /etc/hosts
:
127.0.0.1 localhost.localdomain localhost testinstallation.local
Start the services:
systemctl enable blitz-idp && systemctl start blitz-idp
systemctl enable blitz-console && systemctl start blitz-console
systemctl enable blitz-registration && systemctl start blitz-registration
systemctl enable blitz-recovery && systemctl start blitz-recovery
After successfully completing the installation and configuration of the Blitz Identity Provider, it is possible to connect to the management console using the domain name specified during the installation phase of the distribution, for example, https://testinstallation.local/blitz/console
.