Fix quickstart and mention nip.io (#1986)

5 years ago · 91ee620bbb
parent 192861d639
commit 91ee620bbb
1 changed files with 68 additions and 27 deletions
--- a/doc/sources/admin/quickstart.rst
+++ b/doc/sources/admin/quickstart.rst
@ -7,22 +7,15 @@ Quick start tutorial
    This tutorial will guide you into a minimal
    installation and configuration procedure. You need some prerequisites:

-    -  A computer with a GNU/Linux recent distribution (Debian, Ubuntu,
-       CentOS, RHEL, ...) with root privileges
-    -  A web browser
-    -  The possibility to update your local ``hosts`` file, or an easy
-       access to your DNS server
-    -  A cup of coffee (or tea, we are open minded)
+    - Root access to a Debian, Ubuntu, CentOS or RHEL test system
+    - A web browser
+    - A cup of coffee (or tea, we are open minded)



 Installation
 ------------

-You should install Lemonldap::NG using packages, but you can also
-install it from
-:doc:`the tarball<installtarball>`.
-
 Debian / Ubuntu
 ~~~~~~~~~~~~~~~

@ -40,27 +33,38 @@ CentOS / RHEL
 ::

   curl https://lemonldap-ng.org/_media/rpm-gpg-key-ow2 > /etc/pki/rpm-gpg/RPM-GPG-KEY-OW2
-   echo "[lemonldap-ng]
+   echo '[lemonldap-ng]
   name=LemonLDAP::NG packages
   baseurl=https://lemonldap-ng.org/redhat/stable/$releasever/noarch
   enabled=1
   gpgcheck=1
-   gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-OW2" > /etc/yum.repos.d/lemonldap-ng.repo
+   gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-OW2' > /etc/yum.repos.d/lemonldap-ng.repo
   yum update
+   yum install epel-release
   yum install lemonldap-ng

 SSO domain configuration
 ------------------------

+LemonLDAP::NG needs all its components to be served on the same DNS domain.
+
+If you can edit your `/etc/hosts` file or have access to a DNS server, check :ref:`quickstart_own_domain`, if you have no way to modify your DNS configuration, check :ref:`quickstart_nipio`.
+
+.. _quickstart_own_domain:
+
+Using your own domain
+~~~~~~~~~~~~~~~~~~~~~
+
 The defaut SSO domain is ``example.com``. You can keep it for your tests
 or change it, for example for ``mydomain.com``:

 ::

-   sed -i 's/example\.com/mydomain.com/g' /etc/lemonldap-ng/* /var/lib/lemonldap-ng/conf/lmConf-1.json
-   sed -i 's/example\.com/mydomain.com/g' /etc/nginx/conf.d/*
-   sed -i 's/example\.com/mydomain.com/g' /etc/httpd/conf.d/*
-   sed -i 's/example\.com/mydomain.com/g' /etc/apache2/sites-available/*
+   sed -i 's/example\.com/mydomain.com/g' \
+      /etc/lemonldap-ng/* /var/lib/lemonldap-ng/conf/lmConf-1.json \
+      /etc/nginx/conf.d/* \
+      /etc/httpd/conf.d/* \
+      /etc/apache2/sites-available/*

 In order to be able to test, update your DNS or your local ``hosts``
 file to map this names to the SSO server IP:
@ -70,20 +74,63 @@ file to map this names to the SSO server IP:
 -  test1.mydomain.com
 -  test2.mydomain.com

-For example on your local computer:
+For example on your local computer (adjust your server IP and test domain)

 ::

   echo "192.168.1.30 auth.mydomain.com manager.mydomain.com test1.mydomain.com test2.mydomain.com" >> /etc/hosts

+.. _quickstart_nipio:
+
+Using nip.io (or other DNS wildcard services)
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+If you cannot edit /etc/hosts or your DNS zone, don't give up yet, you can use services such as http://nip.io, http://xip.io, https://sslip.io/, or others.
+
+For example, if your server IP is 192.168.12.13, you can use 192-168-12-13.nip.io as your SSO domain:
+
+::
+
+   sed -i 's/example\.com/192-168-12-13.nip.io/g' \
+      /etc/lemonldap-ng/* /var/lib/lemonldap-ng/conf/lmConf-1.json \
+      /etc/nginx/conf.d/* \
+      /etc/httpd/conf.d/* \
+      /etc/apache2/sites-available/*
+
+.. warning::
+
+   nip.io, xip.io or any DNS wildcard services mentionned in this section are not affiliated with the LemonLDAP::NG project in any way. These services will receive DNS requests that will allow them to know your test server's IP address. If this is an issue for you, do not use these services.
+
 Run
 ---

-Since LemonLDAP::NG 1.2, the
-:doc:`demonstration backend<authdemo>` is
-configured by default.
+Starting services
+~~~~~~~~~~~~~~~~~
+
+Debian / Ubuntu
+'''''''''''''''
+
+Enable the Nginx virtualhosts and restart the web server and LemonLDAP::NG server to apply the configuration changes ::

-Demonstration backend has hard coded user accounts:
+   cd /etc/nginx/sites-enabled
+   ln -s ../sites-available/*nginx* .
+   systemctl restart lemonldap-ng-fastcgi-server
+   systemctl restart nginx
+
+CentOS / RHEL
+'''''''''''''
+
+Enable and start httpd ::
+
+   systemctl enable httpd
+   systemctl start httpd
+
+
+Open SSO session
+~~~~~~~~~~~~~~~~
+
+Go on http://auth.mydomain.com and log with one of the demonstration
+account.

 ====== ======== =============
 Login  Password Role
@ -93,12 +140,6 @@ msmith msmith   user
 dwho   dwho     administrator
 ====== ======== =============

-Open SSO session
-~~~~~~~~~~~~~~~~
-
-Go on http://auth.mydomain.com and log with one of the demonstration
-account.
-
 Access protected application
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~