Standalone Installer
The usage manual for the standalone installer
The standalone installer is a program to install all Oz Forensics modules to customers servers, performing all required settings related to personal topology and customer requirements.
This installer is intended to deploy the software to servers directly, under the server administration user account. Servers could have or could have not (with some notes) direct access to the Internet, Linux OS should be preinstalled (CentOS 8 is recommended) with the ability to connect with full access via SSH.
Request your personal copy of the installer with the preliminary ordered product bundle for your test or production environment.
You can order a trial bundle for free. For this bundle, you'll need two servers meeting system requirements listed below.
- OS: any *nix OS that supports Docker, e.g., CentOS 8*
- CPU: 16 cores
- RAM: 16 GB
- Disk: 80 GB
- OS: any *nix OS that supports Docker, e.g., CentOS 8*
- CPU: 8 cores
- RAM: 16 GB
- Disk: 300 GB
*Please check the OS version with our team.
To run the installer, you need any machine with Windows or Linux matching the following system requirements:
- 1 GB RAM, 1 CPU, 3 GB hard drive
- Windows 10+ (recommended)
- Linux 64 bit (Python 3.7 is required)
- 1.Check the minimal system requirements related to the proposed list.
- 2.Check servers are accessible via the local network.
- 3.
- 4.For installation steps, the Docker software is recommended. Alternatively, the Internet should be accessible for automatic Docker download and installation.
- 1.
- 2.
- 5.To install balancer (only in case your installation bundle include it) it is recommended to install nginx (version >= 1.17.5), and, also, SELinux should be switched to permissive mode (actual for CentOS and Redhat only). Alternatively, the Internet should be accessible for automatic download and installation.
- 6.Check the availability of license service by address https://api.cryptlex.com for servers.
Oz-Installer demonstration
Download and unpack your personal installer bundle.
Put the required configuration to the
settings.yml
file. The most important settings are described below. Usually, it is only required to fill the authorization and variables sections.Please note: the configuration file is your personal copy, sharing it with any 3rd side is prohibited.
settings.yml
# authorization block
auth:
ssh_user: # SSH user login
use_sudo: yes # use SUDO as
# full path to private ssh key. optional
ssh_private_key: C:\\cygwin64\\home\\user\\.ssh\\id_rsa
# variables block - could vary for your personal deploy bundle
# please, fill up variables in your copy, don't copy from this example
vars:
# usually, it contains IP addresses of servers by roles
api1: 130.193.58.196
api2: 178.154.232.159
bio1: 130.193.59.58
bio2: 130.193.57.151
text1: 178.154.232.69
balancer: 84.201.145.209
# also, login-password of API user with ADMIN role
common-login: [email protected]
common-password: 123456
# servers list. usually, it uses variable values from the block above
# it is not needed to change anything manually here
servers:
oz-api:
- $api1
- $api2
oz-api-balancer: $balancer
oz-webui:
- $api1
- $api2
oz-webui-balancer:
oz-webadapter:
- $api1
- $api2
oz-webadapter-balancer: $balancer
oz-bio:
- $bio1
- $bio2
oz-bio-balancer: $balancer
oz-text: $text1
# if nothing is defined here, the full API configuration
# will use the host of the database docker service
oz-db:
# precise settings block
settings:
# personal license key
license-key: "123456-123456-123456-123456-123456-123456"
# local path on each server to store configuration and data
working-directory: /opt/oz
# docker settings to `docker-daemon.json`
docker-daemon:
# address space to run containers via Docker
bip: 192.168.0.1/24
# address spaces to run containers via docker-compose
default-address-pools:
- base: 192.168.1.0/24
size: 24
# settings for Oz API
oz-api:
install: yes # turn on installation of the component
install-statistic: no # turn on installation of statistic submodule
balancer: yes # turn on installation of balancer for component
# domain name for external access to component
domain_name:
# SSL certificate and key for HTTPS access (optional)
domain_cert:
domain_key:
# the local path to the host where to save media files
media_path:
# login/password of ADMIN preinstalled account on Oz API
admin:
login: $common-login
password: $common-password
# configuration to config.py - check details in Oz API section of knowledge base
config:
# network port to access component
# (in case of SSL certificate installation, it is always 443)
port: 80
# settings for Oz Liveness Web Adapter
# settings, named the same as in the Oz API block, see above
oz-webadapter:
install: yes
balancer: yes
domain_name:
domain_cert:
domain_key:
# https address for redirect GET request of root /
# by default, demo page here
redirect_url:
# configuration to app_config.json
config:
port: 88
# settings for Oz Web UI
# settings, named the same as in the Oz API block, see above
oz-webui:
install: yes
balancer: yes
domain_name:
domain_cert:
domain_key:
# login/password for service account, is needed to synchronize database
admin:
login: admin
password: admin
# configuration to .env
config:
port: 80
# settings for database for Oz API
oz-db:
# turn on installation of Postgres on the same machine with Oz API
# if "no" is chosen, then Oz API connects to external database
# in that case external address external address is specified in block
# servers -> oz-db
install: yes
# master - password for Postgres, in case of chosen installation
psql_password: CHANGEME
# database name
database: gateway
# login and password for database
user_name: gateway_user
user_password: CHANGEUSERPASS
# Settings for Oz Bio (Liveness + Biometry)
# settings, named the same as in the Oz API block, see above
oz-bio:
install: yes
balancer: yes
# settings and list of models are not intended to be modified by customer
settings:
models:
Run the command prompt with administrator's rights. Use the
cd
command to go to the folder where the unzipped installer is located. Launch the installation. Windows:
oz-installer.cmd install [parameters]
Linux:
chmod +x oz-installer.sh
./oz-installer.sh install [parameters]
Optional parameters:
filename
– filename with settings ('settings.yml' by default)private_key
– a path to the private SSH key (overwrites the appropriate option from settings file)key_password
– password to SSH key (if not specified, the system will ask to enter it in the console)ssh_password
– password for SSH logindebug
– generate additional logging information for support
Usage example:
install.cmd filename=settings.prod.yml key_password=psyco --debug
For Linux, place the private SSH key into the installer directory and set up the corresponding path in configuration:
/installer/priv_key
Every step of the installer echoes information to
process.log
. To report any installation issues, please, attach that file to your ticket.If the installation was interrupted by an issue, then, after the problem resolution, the process usually is allowed to continue. If it doesn't, be ready to reset servers to their original condition. You can try to solve the issue by adding the
--debug
flag to the command line of the installer. You can also contact the Oz team for details.You need to extract the private part of the key and then specify the path to that file in section
auth -> ssh_private_key
This error could arise when the docker-compose tool was installed independently before the installer and default binary was set to
/usr/local/bin
For the correct work of the installer, please, make a symbolic link:
ln -s /usr/local/bin/docker-compose /usr/sbin/docker-compose
Last modified 1d ago