How to install i-doit asset management tools on Debian 10

How to install i-doit asset management tools on Debian 10

i-doit is a free, open source and IT documentation solution based on a configuration management database. It is a web-based tool that can be used to manage the entire IT system according to ITIL best practices. With this tool, you can track software and hardware assets, their relationships, and visualize the relationships between these components. You can store, maintain and organize all IT document information in one place. It can easily interface with other applications like Nagios and Request Tracker, which allows you to enter data only once in the ITSM environment.

i-doit enables you to create a detailed overview of your entire IT infrastructure for a variety of assets including servers, SANs, graphical rack views, clusters and blade / chassis systems. It has a rich feature set, including IT documents, inventory, infrastructure planning, asset management, virtual systems, IP address management, storage area network, cable management, ticketing systems, and more.

In this tutorial, we will show you how to install and configure the i-doit asset management tool on Debian 10.

prerequisites

  • A server running Debian 10 with a minimum of 2GB of RAM.
  • A valid domain name points to your server IP address. In this tutorial, we will use idoit.linuxbuz.com.
  • A root password is configured on each server.

getting Started

Before you start, it’s a good idea to update your system to the latest version. You can use the following command to update the system:

apt-get update -y apt-get upgrade -y

After updating the system, restart it to implement the changes.

Install LAMP server

First, you need to install Apache, MariaDB, PHP, and other required PHP extensions into your system. You can install all components with:

apt-get install apache2 mariadb-server libapache2-mod-php php php-common php-curl php-bcmath php-gd php-json php-ldap php-mbstring php-mysql php-opcache php-pgsql php-soap php-xml php-soap php-zip php-memcached php-imagick unzip memcached moreutils -y

After installing all the packages, you will need to create a separate i-doit.ini PHP file with the required settings.

You can create it using:

nano /etc/php/7.3/mods-available/i-doit.ini

Add the following lines:

allow_url_fopen = Yes
file_uploads = On
magic_quotes_gpc = Off
max_execution_time = 300
max_file_uploads = 42
max_input_time = 60
max_input_vars = 10000
memory_limit = 256M
post_max_size = 128M
register_argc_argv = On
register_globals = Off
short_open_tag = On
upload_max_filesize = 128M
display_errors = Off
display_startup_errors = Off
error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT
log_errors = On
default_charset = "UTF-8"
default_socket_timeout = 60
date.timezone = Asia/Kolkata  
session.gc_maxlifetime = 604800
session.cookie_lifetime = 0
mysqli.default_socket = /var/run/mysqld/mysqld.sock

Save and close the file when you are finished. Then, enable the required PHP modules using:

phpenmod i-doit phpenmod memcached

Finally, restart the Apache service to implement the changes:

systemctl restart apache2

Configure MariaDB for i-doit

Next, you need to set a MariaDB root password because it is not set in Debian 10.

To do this, log in to the MariaDB shell using the following command:

mysql

After logging in, use the following command to set the MariaDB root password:

MariaDB [(none)]> SET PASSWORD FOR 'root'@'localhost' = PASSWORD("yournewpassword");

Next, set the MariaDB authentication plugin to mysql_native_password using the following command:

MariaDB [(none)]> SET GLOBAL innodb_fast_shutdown = 0; MariaDB [(none)]> UPDATE mysql.user SET plugin = 'mysql_native_password' WHERE User = 'root';

Next, refresh the privileges and exit from the MariaDB shell using the following command:

MariaDB [(none)]> FLUSH PRIVILEGES; MariaDB [(none)]> EXIT;

Next, create a separate MariaDB configuration file for best performance:

nano /etc/mysql/mariadb.conf.d/99-i-doit.cnf

Add the following lines:

[mysqld]
innodb_buffer_pool_size = 1G
innodb_buffer_pool_instances = 1
innodb_log_file_size = 512M
innodb_sort_buffer_size = 64M
sort_buffer_size = 262144 # default
join_buffer_size = 262144 # default
max_allowed_packet = 128M
max_heap_table_size = 32M
query_cache_min_res_unit = 4096
query_cache_type = 1
query_cache_limit = 5M
query_cache_size = 80M
tmp_table_size = 32M
max_connections = 200
innodb_file_per_table = 1
innodb_thread_concurrency = 0
innodb_flush_log_at_trx_commit = 1
innodb_flush_method = O_DIRECT
innodb_lru_scan_depth = 2048
table_definition_cache = 1024
table_open_cache = 2048
innodb_stats_on_metadata = 0
sql-mode = ""

Finally, restart the MariaDB service to apply the changes:

systemctl restart mariadb

Download i-doit

At the time of writing, the latest version of i-doit is 1.14. You can download it using:

wget https://excellmedia.dl.sourceforge.net/project/i-doit/i-doit/1.14/idoit-open-1.14.zip

After the download is complete, extract the downloaded file to the Apache root directory:

unzip idoit-open-1.14.zip -d /var/www/html/idoit

Next, give the i-doit directory the appropriate permissions:

chown -R www-data:www-data /var/www/html/idoit/ chmod -R 775 /var/www/html/idoit/

When you are done, you can proceed to the next step.

Configure Apache for i-doit

Next, you will need to configure an Apache virtual host profile for i-doit. You can create it using:

nano /etc/apache2/sites-available/idoit.conf

Add the following lines:


        ServerAdmin [email protected]
        ServerName  idoit.linuxbuz.com
        DirectoryIndex index.php
        DocumentRoot /var/www/html/idoit
        
                AllowOverride All
                Require all granted
        
        LogLevel warn
        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined

Save and close the file when you are finished. Then, enable the i-doit virtual host file and the Apache rewrite module using the following command:

a2ensite i-doit a2enmod rewrite

Finally, restart the Apache service to implement the changes:

systemctl restart apache2

Access i-doit web interface

Open your web browser and enter the URL http://idoit.linuxbuz.com. You will be redirected to the following page:

Make sure all required PHP extensions are installed and click next Button. You should see the following page:

i-doit directory and configuration

Check the suggested directories and click next Button. You should see the following page:

Database Connectivity

Provide MariaDB root username, password, new database username, password, system database name and click next Button. You should see the following page:

Admin user details

Provide your administrator username, password, and click next Button. You should see the following page:

Configuration check

Next, verify all configurations and click next Button. You should see the following page:

Installation status

Click on next Button to begin installation. When the installation is complete, you should see the following page:

i-doit login

Provide your administrator username, password, and click log in Button. You should see the i-doit dashboard in the following pages:

i-doit dashboard

Let’s encrypt free SSL to protect i-doit

After installing i-doit, it is recommended to protect it with Let’s Encrypt free SSL. You can protect it using the Certbot client.

The Certbot client package is not available in the Debian 10 default repository by default. You can add it using:

echo "deb http://ftp.debian.org/debian buster-backports main" >> /etc/apt/sources.list

Next, update the repository and install the Certbot client using the following command:

apt-get update -y apt-get install python-certbot-apache -t buster-backports

After installation, run the following command to obtain and install the SSL certificate for your domain:

certbot --apache -d idoit.linuxbuz.com

You will be prompted to accept the Terms of Service and provide a valid email address as follows:

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Enter email address (used for urgent renewal and security notices) (Enter 'c' to
cancel): [email protected]

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Please read the Terms of Service at
https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must
agree in order to register with the ACME server at
https://acme-v02.api.letsencrypt.org/directory
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(A)gree/(C)ancel: A

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Would you be willing to share your email address with the Electronic Frontier
Foundation, a founding partner of the Let's Encrypt project and the non-profit
organization that develops Certbot? We'd like to send you email about our work
encrypting the web, EFF news, campaigns, and ways to support digital freedom.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(Y)es/(N)o: Y
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for idoit.linuxbuz.com
Waiting for verification...
Cleaning up challenges
Created an SSL vhost at /etc/apache2/sites-available/idoit-le-ssl.conf
Enabled Apache socache_shmcb module
Enabled Apache ssl module
Deploying Certificate to VirtualHost /etc/apache2/sites-available/idoit-le-ssl.conf
Enabling available site: /etc/apache2/sites-available/idoit-le-ssl.conf

Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access.

Next, you will need to choose whether to redirect HTTP traffic to HTTPS as follows:

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: No redirect - Make no further changes to the webserver configuration.
2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for
new sites, or if you're confident your site works on HTTPS. You can undo this
change by editing your web server's configuration.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2

Types of 2 And hit Enter Then go on. When the installation is complete, you will get the following output:

Redirecting vhost in /etc/apache2/sites-enabled/idoit.conf to ssl vhost in /etc/apache2/sites-available/idoit-le-ssl.conf

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Congratulations! You have successfully enabled https://idoit.linuxbuz.com

You should test your configuration at:
https://www.ssllabs.com/ssltest/analyze.html?d=idoit.linuxbuz.com
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

IMPORTANT NOTES:
 - Congratulations! Your certificate and chain have been saved at:
   /etc/letsencrypt/live/idoit.linuxbuz.com/fullchain.pem
   Your key file has been saved at:
   /etc/letsencrypt/live/idoit.linuxbuz.com/privkey.pem
   Your cert will expire on 2020-04-30. To obtain a new or tweaked
   version of this certificate in the future, simply run certbot again
   with the "certonly" option. To non-interactively renew *all* of
   your certificates, run "certbot renew"
 - Your account credentials have been saved in your Certbot
   configuration directory at /etc/letsencrypt. You should make a
   secure backup of this folder now. This configuration directory will
   also contain certificates and private keys obtained by Certbot so
   making regular backups of this folder is ideal.
 - If you like Certbot, please consider supporting our work by:

   Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate
   Donating to EFF:                    https://eff.org/donate-le

Congratulations! Your i-doit website is now protected by “Let’s Encrypt SSL”. You can now access it securely using the URL https://idoit.linuxbuz.com.

in conclusion

In the above tutorial, we learned how to install i-doit asset management tools on Debian 10. We also learned how to secure it with Let’s Encrypt free SSL. Now you can manage your entire IT documents using the i-doit web interface.

Source

Sidebar