Installation on FreeBSD

ClonOS

FreeBSD based distro for virtual hosting platform and appliance


Installing ClonOS/CBSD WEB UI on FreeBSD: easy way - from the ports


Installing ClonOS/CBSD WEB UI on FreeBSD: long but full path

This manual is for those who do not like personal distributions and would like to use the WEB interface on a clean FreeBSD system. Below are the steps in HowTo style that you need to perform to get a working WEB interface for CBSD. We assume that you have a FreeBSD platform not lower than 11.0-RELEASE, on which CBSD installed and configured and not lower than 11.0.15 version. We assume that the working directory is initialized to /usr/jails (if it is not, change it in the configuration files below).

Attention: make sure that CBSD is able to work with bhyve ( vmm modules are loaded and all the necessary software for CBSD/bhyve is installed). To do this, try to create a test virtual machine through:

# cbsd bconstruct-tui
# cbsd bstart

Preparing and setting up the environment

* Install WEB server Nginx, PHP modules, git, supervisord and other necessary software:

# pkg install nginx php72 php72-zip php72-sqlite3 php72-session php72-pdo_sqlite php72-opcache php72-json php72-hash devel/git sysutils/py-supervisor security/ca_root_nss www/node www/npm shells/bash lang/python27 security/gnutls net/libvncserver 

* Let's create a symbolic python link, because some scripts have #!/usr/local/bin/python as shebang:

# ln -sf /usr/local/bin/python2.7 /usr/local/bin/python

* Enable nginx, php-fpm and supervisord to run at system startup:

# sysrc nginx_enable="YES"
# sysrc php_fpm_enable="YES"
# sysrc supervisord_enable="YES"

* Let's create a configuration for nginx. The file /usr/local/etc/nginx/nginx.conf should look like this:

user www;

load_module /usr/local/libexec/nginx/ngx_stream_module.so;

events {
    use kqueue;
}

http {
  include       /usr/local/etc/nginx/mime.types;
  default_type  application/octet-stream;

  client_max_body_size    1m;
  include /usr/local/etc/nginx/sites-enabled/*;
}

stream {
  include /usr/local/etc/nginx/conf.stream.d/*.conf;
  include /usr/local/etc/nginx/streams-enabled/*;
}

* Create mandatory directories:

# mkdir -p /var/log/nginx /usr/local/etc/nginx/streams-enabled /usr/local/etc/nginx/sites-enabled

* Create a virtual host configuration, the file /usr/local/etc/nginx/sites-enabled/cbsdweb.conf should look like this:

server {
  listen *:80;

  root /usr/local/www/clonos/public;
  set $php_root $document_root;

  index  index.php;

  access_log            /var/log/nginx/cbsdweb.acc combined;
  error_log             /var/log/nginx/cbsdweb.err;

  location ~* \.(jpg|jpeg|gif|png|swf|tiff|swf|flv|zip|rar|bz2|iso|xz|img|css|txt|html|js|xsl|eot|svg|ttf|woff|woff2)$ {
    index     index.php;
    try_files $uri $uri/ =404;
  }

  location ~ \.php$ {
    root          /usr/local/www/clonos/public;
    include       /usr/local/etc/nginx/fastcgi_params;

    allow all;
    fastcgi_param  SCRIPT_FILENAME    $php_root$fastcgi_script_name;
    fastcgi_pass  unix:/tmp/php-fpm.sock;
    fastcgi_param WORKDIR /usr/jails;
  }

  location / {
    index     index.php;
    try_files $uri/index.html /index.php$is_args$args;
  }
}

* Copy php.ini sample into production config:

# cp /usr/local/etc/php.ini-production /usr/local/etc/php.ini

* Change in /usr/local/etc/php-fpm.conf events mechanism to BSD-specific. To do this, uncomment and edit the events.mechanism parameter to: vi /usr/local/etc/php-fpm.conf:

..
events.mechanism = kqueue
..

* Change in /usr/local/etc/php-fpm.d/www.conf port to Unix socket and set's correct access permission:

...
listen = /tmp/php-fpm.sock
..
listen.backlog = -1
..
listen.owner = www
listen.group = www
listen.mode = 0660
..

* Add "www" user to "cbsd" group:

# pw groupmod cbsd -M www

* Let's start NGINX and PHP-FPM:

# service php-fpm restart
# service nginx restart
				

Preparing and configuring CBSDWEB

* Create a directory for CBSDWEB and clone the code:

# git clone --depth=1 https://github.com/clonos/cp.git /usr/local/www/clonos
# chown -R www:www /usr/local/www/clonos

* To execute CBSD commands, let the www user run CBSD through sudo:

edit /usr/local/etc/sudoers.d/10_www:

Defaults     env_keep += "workdir DIALOG NOCOLOR"
Cmnd_Alias   WEB_CMD = /usr/local/bin/cbsd
www   ALL=(ALL) NOPASSWD: WEB_CMD

* Make sure the file permissions are safe:

# chmod 0440 /usr/local/etc/sudoers.d/10_www

* The next step is to configure supervisord to run the ws service. Rewrite the configuration in /usr/local/etc/supervisord.conf to the following content:

edit /usr/local/etc/supervisord.conf:

[unix_http_server]
file=/var/run/supervisor.sock
chmod=0777
chown=nobody:nobody

[supervisorctl]
serverurl=unix:///var/run/supervisor.sock

[supervisord]
logfile=/var/log/supervisor/supervisord.log
pidfile=/var/run/supervisor/supervisord.pid
nodaemon=false
minfds=1024
minprocs=200
umask=022
strip_ansi=false

[rpcinterface:supervisor]
supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface

[include]
files=/usr/local/etc/supervisor.d/*.conf

* Create mandatory directories:

# mkdir /usr/local/etc/supervisor.d /var/log/supervisor

* Create supervisor configuration file for noVNC services, by creating /usr/local/etc/supervisor.d/program_vnc2wss.conf file with following content:

edit /usr/local/etc/supervisor.d/program_vnc2wss.conf

[program:vnc2wss]
environment=PATH="/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin"
command=/usr/local/www/clonos/public/novnc/utils/launch.sh --listen 6081 --vnc 127.0.0.1:5900
directory=/usr/local/www/clonos/public/novnc
stdout_logfile=/var/log/supervisor/vnc2wss.log
stderr_logfile=/var/log/supervisor/vnc2wss.err
numprocs=1
numprocs_start=1
autostart=true
autorestart=true
user=www
stdout_logfile_maxbytes=10MB
stdout_logfile_backups=10
stderr_logfile_maxbytes=10MB
stderr_logfile_backups=10

* Create supervisor configuration file for ws services, by creating /usr/local/etc/supervisor.d/program_ws.conf file with following content:

edit /usr/local/etc/supervisor.d/program_ws.conf

[program:ws]
environment=PATH="/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin"
command=/root/bin/ws
directory=/root/bin
numprocs=1
numprocs_start=1
autostart=true
autorestart=true
user=www
stdout_logfile=/var/log/supervisor/ws-srv.log
stderr_logfile=/var/log/supervisor/ws-srv.err
stdout_logfile_maxbytes=2MB
stdout_logfile_backups=5
stderr_logfile_maxbytes=2MB
stderr_logfile_backups=5

* Install noVNC package:

# cd /usr/local/www/clonos/public/novnc/
# npm install

* Create a directory where the ws-server will be located:

# mkdir /root/bin

* Install ws server. This can be done in two ways.

The first way: download the compiled build:

For FreeBSD-11:

# fetch -o /root/bin/ws https://raw.githubusercontent.com/clonos/clonos-ws/master/build-11/ws

For FreeBSD-12:

# fetch -o /root/bin/ws https://raw.githubusercontent.com/clonos/clonos-ws/master/build-12/ws

Set permissions for execution:

# chmod +x /root/bin/ws

* The second way is to build program yourself.

To do this, first install golang:

# pkg install lang/go

Clone ws repo:

# git clone https://github.com/clonos/clonos-ws.git /tmp/ws

Compile and copy build into /root/bin:

setenv GOPATH /tmp/ws
go get
go build
mv ws /root/bin

* On this with the supervisord finished, left to run it:

# service supervisord start

* And make sure that the processes in the RUNNING state:

% supervisorctl status
vnc2wss                          RUNNING   pid 51330, uptime 0:00:04
ws                               RUNNING   pid 51331, uptime 0:00:04

CBSD Modules

We have to do the finishing touches - install additional modules for CBSD for WEB and configure them:

1) VNC terminal module:

# cd /usr/local/cbsd/modules
# git clone --depth=1 https://github.com/cbsd/cbsd-module-vncterm.git vncterm.d
# make -C vncterm.d
# echo "vncterm.d" >> ~cbsd/etc/modules.conf

2) Module for ws:

# cd /usr/local/cbsd/modules
# git clone https://github.com/cbsd/cbsd-module-wsqueue.git cbsd_queue.d
# echo "cbsd_queue.d" >> ~cbsd/etc/modules.conf

3) convectix module:

# cd /usr/local/cbsd/modules
# git clone https://github.com/cbsd/cbsd-module-convectix.git convectix.d
# echo "convectix.d" >> ~cbsd/etc/modules.conf

Copy module configuration:

# cp /usr/local/cbsd/modules/convectix.d/etc-sample/vm_vncwss.conf ~cbsd/etc/

Copy ClonOS users databases schema

git clone https://github.com/cbsd/cbsd-forms-clonos_database.git /usr/local/cbsd/modules/forms.d/clonos_database

4) Re-run for 'cbsd initenv' for additional module initialization:

# cbsd initenv

5) Get wsclonos-sendqueue tools. This can be done in two ways.

* The first way: download the already compiled build.

For FreeBSD-11:

# fetch -o ~cbsd/modules/cbsd_queue.d/wsclonos-sendqueue https://raw.githubusercontent.com/cbsd/cbsd-module-wsqueue-build/master/build-11/wsclonos-sendqueue

For FreeBSD-12:

# fetch -o ~cbsd/modules/cbsd_queue.d/wsclonos-sendqueue https://raw.githubusercontent.com/cbsd/cbsd-module-wsqueue-build/master/build-12/wsclonos-sendqueue

Set execution permissions:

# chmod +x ~cbsd/modules/cbsd_queue.d/wsclonos-sendqueue

* The second way is to build tools yourself.

To do this, first install golang:

# pkg install lang/go

>Compile code and copy executable:

# mkdir /tmp/ws2
# cd /tmp/ws2
# cp /usr/local/cbsd/modules/cbsd_queue.d/src/main.go /tmp/ws2/
# setenv GOPATH /tmp/ws2
# go get
# go build
# mv ws2 ~cbsd/modules/cbsd_queue.d/wsclonos-sendqueue
# chmod +x ~cbsd/modules/cbsd_queue.d/wsclonos-sendqueue

Initial ClonOS database

mkdir /var/db/clonos
/usr/local/cbsd/modules/forms.d/clonos_database/initforms.sh
chown -R www:www /var/db/clonos

Done!

Now you can open the IP address of your server in the browser and use the WEB interface.

Default login: 'admin', default password: 'admin'