Difference between revisions of "Node"

From DHVLab

(Mount skel)
Line 1: Line 1:
== LDAP login ==
== Mount NFS shares ==
== Mount NFS shares ==
To separate local from LDAP users we mount user homes under /home/users. <br/>
To separate local from LDAP users we mount user homes under /home/users. <br/>

Revision as of 21:00, 9 September 2016

LDAP login

Mount NFS shares

To separate local from LDAP users we mount user homes under /home/users.
For a unified skel directory we use the central one.

mkdir /home/users
rm -Rf /etc/skel/*
echo "NFS_SERVER:/exports/homes /home/users/ nfs rw,nosuid,noexec 0 0" >> /etc/fstab
echo "NFS_SERVER:/exports/skel /etc/skel nfs ro,nosuid,noexec 0 0" >> /etc/fstab
mount /home/users
mount /etc/skel

Install Desktop

yum groupinstall "X Window System"
yum groupinstall "Fonts"
yum install kde-workspace
yum install gdm
unlink /etc/systemd/system/default.target
ln -sf /lib/systemd/system/graphical.target /etc/systemd/system/default.target
systemctl isolate graphical.target

Install VNC

yum install tigervnc-server xorg-x11-fonts-Type1 xinetd
nano -w /etc/gdm/custom.conf



Create Xinetd service


service vncserver
flags = IPv4
disable = no
socket_type = stream
protocol = tcp
group = tty
wait = no
user = nobody
server = /usr/bin/Xvnc
server_args = -inetd -query localhost -geometry 1024x768 -depth 24 -once -fp /usr/share/X11/fonts/Type1 -securitytypes=none
#create a VNC service
echo "vncserver 5900/tcp # VNC and GDM" >> /etc/services

#restart and enable xinetd
systemctl enable xinetd.service
systemctl restart xinetd.service

Install Tomcat

yum install java-1.7.0-openjdk-devel

#add tomcat user
groupadd tomcat
useradd -M -s /bin/nologin -g tomcat -d /opt/tomcat tomcat

#download tomcat
wget -O /tmp/tomcat.tar.gz http://mirror.sdunix.com/apache/tomcat/tomcat-8/v8.0.23/bin/apache-tomcat-8.0.23.tar.gz
mkdir /opt/tomcat
tar xvf /tmp/tomcat.tar.gz -C /opt/tomcat --strip-components=1
cd /opt/tomcat

#fix permissions
chgrp -R tomcat conf
chmod g+rwx conf
chmod g+r conf/*
sudo chown -R tomcat webapps/ work/ temp/ logs/

#create service file
nano -w /etc/systemd/system/tomcat.service


# Systemd unit file for tomcat
Description=Apache Tomcat Web Application Container
After=syslog.target network.target
Environment='CATALINA_OPTS=-Xms512M -Xmx1024M -server -XX:+UseParallelGC'
Environment='JAVA_OPTS=-Djava.awt.headless=true -Djava.security.egd=file:/dev/./urandom'
ExecStop=/bin/kill -15 $MAINPID
#enable and start tomcat
systemctl daemon-reload
systemctl start tomcat
systemctl enable tomcat

Setup Tomcat


    <user username="admin" password="password" roles="manager-gui,admin-gui"/>
systemctl restart tomcat

Install and setup Guacamole

#install dependencies
yum install wget
yum install cairo-devel freerdp-devel gcc java-1.8.0-openjdk.x86_64 libguac libguac-client-rdp libguac-client-ssh \
            libguac-client-vnc libjpeg-turbo-devel libpng-devel libssh2-devel libtelnet-devel libvncserver-devel \
            libvorbis-devel libwebp-devel openssl-devel pango-devel pulseaudio-libs-devel terminus-fonts uuid-devel

#download and extract guacamole 0.9.9
cd /tmp
wget http://sourceforge.net/projects/guacamole/files/current/source/guacamole-server-0.9.9.tar.gz
tar -xzf guacamole-server-0.9.9.tar.gz
cd guacamole-server-0.9.9

./configure --with-init-dir=/etc/init.d
make install

#download guacamole webapp
mkdir -p /var/lib/guacamole
wget http://sourceforge.net/projects/guacamole/files/current/binary/guacamole-0.9.9.war -O /var/lib/guacamole/guacamole.war
ln -s /var/lib/guacamole/guacamole.war /opt/tomcat/webapps/

#fix RDP library
rm -rf /usr/lib64/freerdp/guacdr.so
ln -s /usr/local/lib/freerdp/guacdr.so /usr/lib64/freerdp/

#install noauth plugin
mkdir -p /opt/tomcat/.guacamole/extensions/
wget -O /opt/tomcat/.guacamole/extensions/guacamole-auth-noauth-0.9.9.jar \   

#configure guacamole
mkdir -p /etc/guacamole/
nano -w /etc/guacamole/guacamole.properties


guacd-hostname: localhost
guacd-port:     4822
lib-directory:  /opt/tomcat/webapps/guacamole/WEB-INF/classes
noauth-config: /etc/guacamole/noauth-config.xml


    <config name="NODE_NAME" protocol="vnc">
        <param name="hostname" value="localhost" />
        <param name="port" value="5900" />
#link config to webapp directory
ln -s /etc/guacamole/guacamole.properties /opt/tomcat/.guacamole/

rm -rf /tmp/guacamole*

#enable and start service
chkconfig guacd on
systemctl restart guacd