Snipe IT: Difference between revisions
Jump to navigation
Jump to search
Line 59: | Line 59: | ||
* Using Lets Encrypt certificates is out of scope of this howto | * Using Lets Encrypt certificates is out of scope of this howto | ||
=Create | =Create Directory and Download= | ||
* Create a Directory | * Create a Directory | ||
<pre> | <pre> |
Revision as of 14:52, 14 October 2024
Setup Details |
App Server: snipe Network : 172.16.141.0/24 IP Address : 172.16.141.98 Subnet Mask: 255.255.255.0 Gateway: 172.16.141.1 DNS: 8.8.8.8 sudo user: kedar Container: db1 Network: 172.16.141.0/24 IP Address : 172.16.141.102 Subnet Mask: 255.255.255.0 Gateway: 172.16.141.1 DNS: 8.8.8.8 sudo user: kedar |
Before you proceed
The domain used here is networked.com. This is used only for demonstration and required dns entries for this domain have already been done to the host file to make the domain and any subdomains reachable on the network. This domain may be owned by someone else and we do not know who it is and we are not linked to them. Snipe IT configured for this domain in this 'howto' is not reachable on public IP. If you try networked.com and find any material that may be suitable / unsuitable to you, we are not the owners of the same and we are not responsible for the content.
Introduction
- Installation of Snipe IT with FQDN as: https://assets.networked.net
- Apache2 web server will be used and the root folder will be: /var/www/html/snipe/
- Mariadb server will be used as a database server
- The site will be hosted on port number: 443
- Self signed SSL certificates will be used.
- Host entry to ensure this website is reachable is done in the user PC, in absence of a DNS
Pre-requisites installation
- Log into the appserver / webserver (ssh kedar@172.16.141.98) and run the below commands
sudo apt install php8.3 php8.3-mysql php8.3-curl php8.3-xml php8.3-bcmath php8.3-zip php8.3-ldap php8.3-mbstring php8.3-oauth git libapache2-mod-php8.3 php8.3-cli apache2 php8.3-gd rsync nano openssl sudo a2enmod ssl rewrite
Database Creation
- Database will be created in a mariadb server which is setup in another container. Latest mariadb server has been installed and run the below commands after an ssh into the mariadb server.
sudo mysql -u root -p CREATE DATABASE snipe; GRANT ALL PRIVILEGES ON snipe.* TO "snipe"@"%" IDENTIFIED BY "123456"; FLUSH PRIVILEGES; quit;
- Password used should be strong enough. The password shown above is only for demo purposes.
Create self signed certificates
- Log into the appserver / webserver and run the below commands
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/snipe.key -out /etc/ssl/certs/snipe.crt
- You can use a commercial self signed certificate if you have one or can also use free Lets Encrypt certificate
- Using Lets Encrypt certificates is out of scope of this howto
Create Directory and Download
- Create a Directory
kedar@snipe:~$ cd /var/www/html/ kedar@snipe:/var/www/html$ sudo mkdir snipe
- Download in the correct directory
kedar@snipe:/var/www/html$ cd snipe kedar@snipe:/var/www/html/snipe$ sudo git clone https://github.com/snipe/snipe-it /var/www/html/snipe/
- Using git to download makes sense, as updating Snipe IT with newer versions only requires 'git pull' from the snipe directory
- Other options to download are available, but not recommended as a lot of manual work will be required for updating the Snipe IT instance.
Configure Snipe IT
- Make a copy of the .env.example file (/var/www/html/snipe/) and call it .env - This file is the configuration file where all the information about the Snipe IT installation will be stored.
- Make following changes in the .env file
# REQUIRED: BASIC APP SETTINGS # -------------------------------------------- APP_ENV=production APP_DEBUG=false APP_KEY=ChangeMe APP_URL=https://assets.networked.net APP_TIMEZONE='Asia/Kolkata' APP_LOCALE=en MAX_RESULTS=500 -------------------------------------------- # REQUIRED: DATABASE SETTINGS # -------------------------------------------- DB_CONNECTION=mysql DB_HOST=172.16.141.102 DB_PORT=3306 DB_DATABASE=snipe DB_USERNAME=snipe DB_PASSWORD=123456 DB_PREFIX=null DB_DUMP_PATH='/usr/bin' DB_CHARSET=utf8mb4 DB_COLLATION=utf8mb4_unicode_ci DB_SANITIZE_BY_DEFAULT=false # -------------------------------------------- # REQUIRED: OUTGOING MAIL SERVER SETTINGS # -------------------------------------------- MAIL_MAILER=smtp MAIL_HOST=smtp.gmail.com MAIL_PORT=587 MAIL_USERNAME=fakeid@gmail.com MAIL_PASSWORD=jfhgklhjklg MAIL_FROM_ADDR=fakeid@gmail.com MAIL_FROM_NAME='Kedar Snipe-IT' MAIL_REPLYTO_ADDR=fakeid@gmail.com MAIL_REPLYTO_NAME='Kedar Snipe-IT' MAIL_AUTO_EMBED_METHOD='attachment' MAIL_TLS_VERIFY_PEER=true
- The 'MAIL-PASSWORD' directive will have application password, as gmail will not allow normal password to be used. Create an app password for the email so that Snipe IT can use this email account, for sending out email notifications to all users when an asset is allocated
Install Dependencies
- The root folder needs to have the owner as the local user (not root) which in this case is kedar. Hence set the permissions on the snipe folder first before installing the dependencies
sudo chown - R kedar:kedar /var/www/html/snipe/
- Now run the following commands in the given sequence to install all the dependencies. This takes time depending on the internet speed.
curl -sS https://getcomposer.org/installer | php php composer.phar install --no-dev --prefer-source
- Once the above commands are successful, change the permission to www-data:www-data
sudo chown - R www-data:www-data /var/www/html/snipe/
- To force Snipe IT to use SSL, uncomment below two lines in the file -> /var/www/html/snipe/public/.htaccess.
# Uncomment these two lines to force SSL redirect in Apache RewriteCond %{HTTPS} off RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
Configure Apache webserver
- Create virtual host for the website in /etc/apache2/sites-available/
cd /etc/apache2/sites-available sudo a2dissite 000-default.conf sudo a2dissite default-ssl.conf sudo nano snipe.conf
- Add the below configuration in the snipe.conf file
<VirtualHost *:443> ServerName assets.networked.net ServerAlias assets ServerAdmin fakeid@gmail.com DocumentRoot /var/www/html/snipe/public/ ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined SSLEngine on SSLCertificateFile /etc/ssl/certs/snipe.crt SSLCertificateKeyFile /etc/ssl/private/snipe.key <FilesMatch "\.(cgi|shtml|phtml|php)$"> SSLOptions +StdEnvVars </FilesMatch> <Directory /usr/lib/cgi-bin> SSLOptions +StdEnvVars </Directory> <Directory /var/www/html/snipe/public/> AllowOverride All </Directory> </VirtualHost>
- Enable the site and Restart apache service
sudo a2ensite snipe.conf sudo a2enmod rewrite ssl sudo sysemctl restart apache2
Pre-Flight Test
- Using a browser navigate to https://assets.networked.net
- Click on create database
- Click on Next and create user
- Finaly Login using the user created
Conclusion
- We have a working Snipe IT instance hosted on an apache web server.