Forum Stats

  • 3,836,792 Users
  • 2,262,193 Discussions
  • 7,900,114 Comments

Discussions

Setup a yum repository using SGD apache server in OCI

Jan-Oracle
Jan-Oracle Member Posts: 122 Employee
edited Aug 7, 2019 7:26PM in Secure Global Desktop

In order to facilitate easier install/upgrade of SGD 5.5 for a range of systems, one can easily setup a yum repository and serve it with the built-in apache server of SGD.

First we need to install the createrepo utility

# yum install createrepo

Next we download the SGD distribution from OSDC and unpack it into a directory (in this example we use /opt/yum). See the attachment how to easily automate the download of SGD5.5

# mkdir /opt/yum# cd /opt/yum# unzip <OSDC zip file>

To index the rpm files and prepare it for yum we run the createrepo command

# createrepo /opt/yum

Next we tell the SGD apache server to serve files from /opt/yum. We create a config file /opt/tarantella/webserver/apache/default/conf.modules.d/01.yum.apache.conf and make sure that the standard /opt/tarantella/webserver/apache/default/conf/httpd.conf contains "Include conf.modules.d/*.conf"

# mkdir -p /opt/tarantella/webserver/apache/default/conf.modules.d# cat > /opt/tarantella/webserver/apache/default/conf.modules.d/01.yum.apache.conf  <<EOFLoadModule alias_module modules/mod_alias.soLoadModule autoindex_module modules/mod_autoindex.soLoadModule authz_host_module modules/mod_authz_host.soAlias /yum/ "/opt/yum/"<Directory "/opt/yum/">    # enable directory indexing    Options +Indexes    # only make it accessible from within my Virtual Cloud Network (VCN)    Require ip 10.0.0.21/22</Directory>EOF

We need to restart the SGD web server for the changes to take effect. We use a nice shortcut that will not affect any user currently using SGD

# source /opt/tarantella/webserver/apache/default/bin/envvars# /opt/tarantella/webserver/apache/default/bin/apachectl -DSSL -k graceful

Now we can test if it works. On an SGD server with co-located gateway (like the OCI Marketplace image) we can do

# curl -k https://$(hostname -f):8443/yum/

and without co-located gatway

# curl -k https://$(hostname -f)/yum/

this should yield as output something like this

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN"><html> <head>  <title>Index of /yum</title> </head> <body><h1>Index of /yum</h1><ul><li><a href="/"> Parent Directory</a></li><li><a href="oracle-sgd-backup-5.50.081-1.noarch.rpm"> oracle-sgd-backup-5.50.081-1.noarch.rpm</a></li><li><a href="oracle-sgd-clients-5.50.081-1.el7.noarch.rpm"> oracle-sgd-clients-5.50.081-1.el7.noarch.rpm</a></li><li><a href="oracle-sgd-clients-legacy-5.50.081-1.el7.noarch.rpm"> oracle-sgd-clients-legacy-5.50.081-1.el7.noarch.rpm</a></li><li><a href="oracle-sgd-gateway-5.50.081-1.el7.x86_64.rpm"> oracle-sgd-gateway-5.50.081-1.el7.x86_64.rpm</a></li><li><a href="oracle-sgd-server-5.50.081-1.el7.x86_64.rpm"> oracle-sgd-server-5.50.081-1.el7.x86_64.rpm</a></li><li><a href="oracle-sgd-tem-5.50.081-1.el7.x86_64.rpm"> oracle-sgd-tem-5.50.081-1.el7.x86_64.rpm</a></li><li><a href="oracle-sgd-tems-5.50.081-1.el7.noarch.rpm"> oracle-sgd-tems-5.50.081-1.el7.noarch.rpm</a></li><li><a href="repodata/"> repodata/</a></li></ul></body></html>

Last but not least we need to create a repository definition for our new SGD yum repository (in this case pointing to a SGD server with co-located gateway)

# cat > /etc/yum.repos.d/sgd.repo << EOF[sgd]name=Oracle Secure Global Desktop $releasever ($basearch)baseurl=https://$(hostname -f):8443/yum/gpgcheck=0enabled=1# ignore the self-signed SSL certsslverify=0EOF

For an SGD server without co-located gateway simply leave out the port 8443

This repo file should now work on any host in your VCN

# yum search oracle-sgd                                                         Loaded plugins: langpacks, ulninfo=============================================== N/S matched: oracle-sgd ==================================================oracle-sgd-backup.noarch : Oracle Secure Global Desktop Backup for Oracle Linuxoracle-sgd-clients.noarch : Oracle Secure Global Desktop Clientsoracle-sgd-clients-legacy.noarch : Oracle Secure Global Desktop Legacy Clientsoracle-sgd-gateway.x86_64 : Oracle Secure Global Desktop Gateway for Oracle Linuxoracle-sgd-server.x86_64 : Oracle Secure Global Desktop Server for Oracle Linuxoracle-sgd-tem.x86_64 : Oracle Secure Global Desktop Enhancement Module for Oracle Linux 7oracle-sgd-tems.noarch : Oracle Secure Global Desktop Enhancement Modules  Name and summary matches only, use "search all" for everything.#

When we add new rpms to our repository, we need to run createrepo again

# createrepo /opt/sgd/ --update