Rocky Linux, AlmaLinux, Oracle Linux, RHEL#

Important

See limitations of when using express instructions.

The list of operating systems for which the instructions for installation and their designation in this section are given:

Rocky 8: Rocky Linux 8;
Alma 8: AlmaLinux 8;
Oracle 8: Oracle Linux 8;
RHEL 8: RHEL 8;
Rocky 9: Rocky Linux 9;
Alma 9: AlmaLinux 9;
Oracle 9: Oracle Linux 9;
RHEL 9: RHEL 9.

Step 1. JDK#

Rocky, Alma, Oracle, RHEL 8

Install the distribution kit:

dnf install java-1.8.0-openjdk-devel

Rocky, Alma, Oracle, RHEL 9

Install the distribution kit:

dnf install java-1.8.0-openjdk-devel

Step 2. Memcached#

Rocky, Alma, Oracle, RHEL 8

Install the distribution kit:

dnf install memcached

Start the service:

systemctl enable memcached && systemctl start memcached

Rocky, Alma, Oracle, RHEL 9

Install the distribution kit:

dnf install memcached

Start the service:

systemctl enable memcached && systemctl start memcached

Step 3. PostgreSQL#

Rocky, Alma, Oracle, RHEL 8

Install the distribution kit:

dnf install postgresql

Initialize the DBMS with the command:

postgresql-setup initdb

Add permission in /var/lib/pgsql/data/pg_hba.conf for the blitz user to connect to the database:

host blitzdb blitz 127.0.0.1/32 scram-sha-256

Specify the password encryption algorithm in /var/lib/pgsql/data/postgresql.conf:

password_encryption = scram-sha-256

Start the service:

systemctl enable postgresql && systemctl start postgresql

Connect to the DBMS and perform initial configuration

su - postgres
psql

create database blitzdb;
create user blitz with encrypted password 'CHANGE_ME';
grant ALL PRIVILEGES ON DATABASE blitzdb to blitz;
grant ALL on ALL tables in schema public to blitz;

Return to the root user shell and execute the scripts for creating and updating the blitzdb database structure:

psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/000-service-tasks.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/001-init-database.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/002-new_pp_columns.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/003-usd_id_table.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/004-usr_auth_table.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/005-usr_agt_table.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/006-usr_htp_hmc_alg.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/007-usr_atr_cfm.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/008-wak.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/009-fix_pp_column.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/010-add_usr_prp.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/011-pp_audit.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/012-geo_to_audit.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/013-tasks.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/014-sec_ch_ua.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/015-5.12.0.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/016-5.13.0.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/017-5.15.0.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/018-5.17.0.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/019-5.18.0.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/020-5.20.0.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/021-5.21.0.sql

Rocky, Alma, Oracle, RHEL 9

Install the distribution kit:

dnf install postgresql-server

Initialize the DBMS with the command:

postgresql-setup –initdb –unit postgresql

Add permission in /var/lib/pgsql/data/pg_hba.conf for the blitz user to connect to the database:

host blitzdb blitz 127.0.0.1/32 scram-sha-256

Specify the password encryption algorithm in /var/lib/pgsql/data/postgresql.conf:

password_encryption = scram-sha-256

Start the service:

systemctl enable postgresql && systemctl start postgresql

Return to the root user shell and execute the scripts for creating and updating the blitzdb database structure:

su - postgres
psql

create database blitzdb;
create user blitz with encrypted password 'CHANGE_ME';
grant ALL PRIVILEGES ON DATABASE blitzdb to blitz;
grant ALL on ALL tables in schema public to blitz;

Execute the scripts for creating and updating the blitzdb database structure:

psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/000-service-tasks.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/001-init-database.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/002-new_pp_columns.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/003-usd_id_table.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/004-usr_auth_table.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/005-usr_agt_table.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/006-usr_htp_hmc_alg.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/007-usr_atr_cfm.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/008-wak.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/009-fix_pp_column.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/010-add_usr_prp.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/011-pp_audit.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/012-geo_to_audit.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/013-tasks.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/014-sec_ch_ua.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/015-5.12.0.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/016-5.13.0.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/017-5.15.0.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/018-5.17.0.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/019-5.18.0.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/020-5.20.0.sql
psql -U blitz -h 127.0.0.1 blitzdb -f ~/tmp/blitz/postgres/ddl/021-5.21.0.sql

Step 4. RabbitMQ#

Rocky, Alma, Oracle, RHEL 8

Prepare a configuration file with repositories for RabbitMQ in /etc/yum.repos.d/rabbitmq.repo:

##
## Zero dependency Erlang
##

[rabbitmq_erlang]
name=rabbitmq_erlang
baseurl=https://packagecloud.io/rabbitmq/erlang/el/8/$basearch
repo_gpgcheck=1
gpgcheck=1
enabled=1
# PackageCloud's repository key and RabbitMQ package signing key
gpgkey=https://packagecloud.io/rabbitmq/erlang/gpgkey

https://github.com/rabbitmq/signingkeys/releases/download/2.0/rabbitmq-release-signing-key.asc
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
metadata_expire=300

##
## RabbitMQ server
##

[rabbitmq_server]
name=rabbitmq_server
baseurl=https://packagecloud.io/rabbitmq/rabbitmqserver/el/8/$basearch
repo_gpgcheck=1
gpgcheck=0
enabled=1
# PackageCloud's repository key and RabbitMQ package signing key
gpgkey=https://packagecloud.io/rabbitmq/rabbitmq-server/gpgkey

https://github.com/rabbitmq/signingkeys/releases/download/2.0/rabbitmq-release-signing-key.asc
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
metadata_expire=300

Install the distribution kit:

dnf install rabbitmq-server

Start the service:

systemctl enable rabbitmq-server && systemctl start rabbitmq-server

Prepare a queue for interaction:

rabbitmqctl add_user blitz CHANGE_ME
rabbitmqctl set_permissions blitz ".*" ".*" ".*"
rabbitmq-plugins enable rabbitmq_management
curl -vvk 127.0.0.1:15672/cli/rabbitmqadmin >rabbitmqadmin
chmod +x rabbitmqadmin
./rabbitmqadmin declare exchange name=blitz-tasks-exh type=direct
./rabbitmqadmin declare queue name=blitz-tasks durable=true
./rabbitmqadmin declare binding source="blitz-tasks-exh"
destination_type="queue" destination="blitz-tasks"
routing_key="blitz-tasks"

Rocky, Alma, Oracle, RHEL 9

Prepare a configuration file with repositories for RabbitMQ in /etc/yum.repos.d/rabbitmq.repo:

##
## Zero dependency Erlang
##

[rabbitmq_erlang]
name=rabbitmq_erlang
baseurl=https://packagecloud.io/rabbitmq/erlang/el/9/$basearch
repo_gpgcheck=1
gpgcheck=1
enabled=1
# PackageCloud's repository key and RabbitMQ package signing key
gpgkey=https://packagecloud.io/rabbitmq/erlang/gpgkey

https://github.com/rabbitmq/signingkeys/releases/download/2.0/rabbitmq-release-signing-key.asc
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
metadata_expire=300

##
## RabbitMQ server
##

[rabbitmq_server]
name=rabbitmq_server
baseurl=https://packagecloud.io/rabbitmq/rabbitmqserver/el/9/$basearch
repo_gpgcheck=1
gpgcheck=0
enabled=1
# PackageCloud's repository key and RabbitMQ package signing key
gpgkey=https://packagecloud.io/rabbitmq/rabbitmq-server/gpgkey

https://github.com/rabbitmq/signingkeys/releases/download/2.0/rabbitmq-release-signing-key.asc
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
metadata_expire=300

Install the distribution kit:

dnf install rabbitmq-server

Start the service:

systemctl enable rabbitmq-server && systemctl start rabbitmq-server

Prepare a queue for interaction:

rabbitmqctl add_user blitz CHANGE_ME
rabbitmqctl set_permissions blitz ".*" ".*" ".*"
rabbitmq-plugins enable rabbitmq_management
curl -vvk 127.0.0.1:15672/cli/rabbitmqadmin >rabbitmqadmin
chmod +x rabbitmqadmin
./rabbitmqadmin declare exchange name=blitz-tasks-exh type=direct
./rabbitmqadmin declare queue name=blitz-tasks durable=true
./rabbitmqadmin declare binding source="blitz-tasks-exh"
destination_type="queue" destination="blitz-tasks"
routing_key="blitz-tasks"

Step 5. 389 Directory Server#

Rocky, Alma, Oracle, RHEL 8

Install the distribution kit:

dnf module enable 389-directory-server:stable
dnf install 389-ds-base

Enable automatic startup of the service:

systemctl enable dirsrv.target

Initialize the LDAP directory:

dscreate interactive

Perform the initial directory configuration:

/tmp/blitz/ldap/ldap_init.sh

Rocky, Alma, Oracle, RHEL 9

Install the distribution kit:

dnf install 389-ds-base

Enable automatic startup of the service:

systemctl enable dirsrv.target

Initialize the LDAP directory:

dscreate interactive

Perform the initial directory configuration:

/tmp/blitz/ldap/ldap_init.sh

Step 6. Nginx#

Rocky, Alma, Oracle, RHEL 8

Install the distribution kit:

dnf install nginx

Copy the files for use:

cp /tmp/blitz/nginx/blitz-idp.conf /etc/nginx/conf.d/
cp -R /tmp/blitz/static_errors /usr/share/nginx/html

Enable automatic startup of the service:

systemctl enable nginx

Rocky, Alma, Oracle, RHEL 9

Install the distribution kit:

dnf install nginx

Copy the files for use:

cp /tmp/blitz/nginx/blitz-idp.conf /etc/nginx/conf.d/
cp -R /tmp/blitz/static_errors /usr/share/nginx/html

Enable automatic startup of the service:

systemctl enable nginx

Step 7. Blitz Identity Provider#

Rocky, Alma, Oracle, RHEL 8

Install the distribution kit (specify the correct version in the file name and the correct JAVA_HOME and set of applications to install):

/tmp/blitz/blitz-5.X.X.bin -- -j /usr/lib/jvm/java-1.8.0-openjdk -i "idp console recovery registration"

Create the blitz_param.txt configuration file with the following content and modify it according to your settings:

DOMAIN=testinstallation.local
MEMCACHED_SERVERS="127.0.0.1"
DB_MODE=PG
PG_HOSTNAME=127.0.0.1
PG_DB_NAME=blitzdb
PG_USER_NAME=blitz
PG_USER_PASSWORD=12ABcd45

Run Blitz Identity Provider initial setup script with the right path to the blitz_param.txt file:

/usr/share/identityblitz/blitz-console/bin/configure -f blitz_param.txt

The script will prepare the configuration files, generate and display the Blitz Identity Provider administrator login and password, and generate a password for the key container:

****************************************************************
Your instance is configured on domain: test.loc
The Administration Console available on addresses:
 http://testinstallation.local:9001/blitz/console

Administration user credentials of Console:
  username - admin
  password - 98aAB0D3f2
Your can change user credentials at file - /usr/share/identityblitz/blitz-config/credentials

Create keystore /usr/share/identityblitz/blitz-config/blitz-keystore.bks and generate:
 - JWS(RSA256) keypair - jws_rs256_rsa_default
 - AES(AES128) security key - jdbc

Generated password for keystore: BeEBcd2239
****************************************************************

In case of using keys created during the installation phase, restart nginx:

systemctl restart nginx

Add a mapping between the loopback interface address and the domain name specified at installation in /etc/hosts:

127.0.0.1 localhost.localdomain localhost testinstallation.local

Start the services:

systemctl enable blitz-idp && systemctl start blitz-idp
systemctl enable blitz-console && systemctl start blitz-console
systemctl enable blitz-registration && systemctl start blitz-registration
systemctl enable blitz-recovery && systemctl start blitz-recovery

After successfully completing the installation and configuration of Blitz Identity Provider, it is possible to connect to the admin console using the domain name specified during the installation phase of the distribution kit, for example, https://testinstallation.local/blitz/console.

Rocky, Alma, Oracle, RHEL 9

Install the distribution kit (specify the correct version in the file name and the correct JAVA_HOME and set of applications to install):

/tmp/blitz/blitz-5.X.X.bin -- -j /usr/lib/jvm/java-1.8.0-openjdk -i "idp console recovery registration"

Create the blitz_param.txt configuration file with the following content and modify it according to your settings:

DOMAIN=testinstallation.local
MEMCACHED_SERVERS="127.0.0.1"
DB_MODE=PG
PG_HOSTNAME=127.0.0.1
PG_DB_NAME=blitzdb
PG_USER_NAME=blitz
PG_USER_PASSWORD=12ABcd45

Run Blitz Identity Provider initial setup script with the right path to the blitz_param.txt file:

/usr/share/identityblitz/blitz-console/bin/configure -f blitz_param.txt

The script will prepare the configuration files, generate and display the Blitz Identity Provider administrator login and password, and generate a password for the key container:

****************************************************************
Your instance is configured on domain: test.loc
The Administration Console available on addresses:
 http://testinstallation.local:9001/blitz/console

Administration user credentials of Console:
  username - admin
  password - 98aAB0D3f2
Your can change user credentials at file - /usr/share/identityblitz/blitz-config/credentials

Create keystore /usr/share/identityblitz/blitz-config/blitz-keystore.bks and generate:
 - JWS(RSA256) keypair - jws_rs256_rsa_default
 - AES(AES128) security key - jdbc

Generated password for keystore: BeEBcd2239
****************************************************************

In case of using keys created during the installation phase, restart nginx:

systemctl restart nginx

Add a mapping between the loopback interface address and the domain name specified at installation in /etc/hosts:

127.0.0.1 localhost.localdomain localhost testinstallation.local

Start the services:

systemctl enable blitz-idp && systemctl start blitz-idp
systemctl enable blitz-console && systemctl start blitz-console
systemctl enable blitz-registration && systemctl start blitz-registration
systemctl enable blitz-recovery && systemctl start blitz-recovery