This site is currently read-only as we are migrating to Oracle Forums for an improved community experience. You will not be able to initiate activity until January 30th, when you will be able to use this site as normal.

    Forum Stats

  • 3,890,116 Users
  • 2,269,775 Discussions
  • 7,916,823 Comments

Discussions

Setup a yum repository using SGD apache server in OCI

Jan-Oracle
Jan-Oracle Senior Product ManagerUSMember Posts: 122 Employee
edited Aug 7, 2019 7:26PM in Secure Global Desktop

In order to facilitate easier install/upgrade of SGD 5.5 for a range of systems, one can easily setup a yum repository and serve it with the built-in apache server of SGD.

First we need to install the createrepo utility

# yum install createrepo

Next we download the SGD distribution from OSDC and unpack it into a directory (in this example we use /opt/yum). See the attachment how to easily automate the download of SGD5.5

# mkdir /opt/yum# cd /opt/yum# unzip <OSDC zip file>

To index the rpm files and prepare it for yum we run the createrepo command

# createrepo /opt/yum

Next we tell the SGD apache server to serve files from /opt/yum. We create a config file /opt/tarantella/webserver/apache/default/conf.modules.d/01.yum.apache.conf and make sure that the standard /opt/tarantella/webserver/apache/default/conf/httpd.conf contains "Include conf.modules.d/*.conf"

# mkdir -p /opt/tarantella/webserver/apache/default/conf.modules.d# cat > /opt/tarantella/webserver/apache/default/conf.modules.d/01.yum.apache.conf  <<EOFLoadModule alias_module modules/mod_alias.soLoadModule autoindex_module modules/mod_autoindex.soLoadModule authz_host_module modules/mod_authz_host.soAlias /yum/ "/opt/yum/"<Directory "/opt/yum/">    # enable directory indexing    Options +Indexes    # only make it accessible from within my Virtual Cloud Network (VCN)    Require ip 10.0.0.21/22</Directory>EOF

We need to restart the SGD web server for the changes to take effect. We use a nice shortcut that will not affect any user currently using SGD

# source /opt/tarantella/webserver/apache/default/bin/envvars# /opt/tarantella/webserver/apache/default/bin/apachectl -DSSL -k graceful

Now we can test if it works. On an SGD server with co-located gateway (like the OCI Marketplace image) we can do

# curl -k https://$(hostname -f):8443/yum/

and without co-located gatway

# curl -k https://$(hostname -f)/yum/

this should yield as output something like this

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN"><html> <head>  <title>Index of /yum</title> </head> <body><h1>Index of /yum</h1><ul><li><a href="/"> Parent Directory</a></li><li><a href="oracle-sgd-backup-5.50.081-1.noarch.rpm"> oracle-sgd-backup-5.50.081-1.noarch.rpm</a></li><li><a href="oracle-sgd-clients-5.50.081-1.el7.noarch.rpm"> oracle-sgd-clients-5.50.081-1.el7.noarch.rpm</a></li><li><a href="oracle-sgd-clients-legacy-5.50.081-1.el7.noarch.rpm"> oracle-sgd-clients-legacy-5.50.081-1.el7.noarch.rpm</a></li><li><a href="oracle-sgd-gateway-5.50.081-1.el7.x86_64.rpm"> oracle-sgd-gateway-5.50.081-1.el7.x86_64.rpm</a></li><li><a href="oracle-sgd-server-5.50.081-1.el7.x86_64.rpm"> oracle-sgd-server-5.50.081-1.el7.x86_64.rpm</a></li><li><a href="oracle-sgd-tem-5.50.081-1.el7.x86_64.rpm"> oracle-sgd-tem-5.50.081-1.el7.x86_64.rpm</a></li><li><a href="oracle-sgd-tems-5.50.081-1.el7.noarch.rpm"> oracle-sgd-tems-5.50.081-1.el7.noarch.rpm</a></li><li><a href="repodata/"> repodata/</a></li></ul></body></html>

Last but not least we need to create a repository definition for our new SGD yum repository (in this case pointing to a SGD server with co-located gateway)

# cat > /etc/yum.repos.d/sgd.repo << EOF[sgd]name=Oracle Secure Global Desktop $releasever ($basearch)baseurl=https://$(hostname -f):8443/yum/gpgcheck=0enabled=1# ignore the self-signed SSL certsslverify=0EOF

For an SGD server without co-located gateway simply leave out the port 8443

This repo file should now work on any host in your VCN

# yum search oracle-sgd                                                         Loaded plugins: langpacks, ulninfo=============================================== N/S matched: oracle-sgd ==================================================oracle-sgd-backup.noarch : Oracle Secure Global Desktop Backup for Oracle Linuxoracle-sgd-clients.noarch : Oracle Secure Global Desktop Clientsoracle-sgd-clients-legacy.noarch : Oracle Secure Global Desktop Legacy Clientsoracle-sgd-gateway.x86_64 : Oracle Secure Global Desktop Gateway for Oracle Linuxoracle-sgd-server.x86_64 : Oracle Secure Global Desktop Server for Oracle Linuxoracle-sgd-tem.x86_64 : Oracle Secure Global Desktop Enhancement Module for Oracle Linux 7oracle-sgd-tems.noarch : Oracle Secure Global Desktop Enhancement Modules  Name and summary matches only, use "search all" for everything.#

When we add new rpms to our repository, we need to run createrepo again

# createrepo /opt/sgd/ --update