Deploying DynFi Manager using debian 9 or 10

Submitted by gregory.bernard on December 4, 2020
This blog post will show you how to get DynFi® Manager running on Debian server 9 or 10 in less than ten minutes! You should have a basic knowledge of the Linux operating system and the command line interface! In order to go very fast, you can simply copy / paste the **highlighted ** text on your favorite KVM with Linux Debian 9 / 10 installed.
1.1. First install Java™ Runtime Environment ver. 11 ou higher
We followed the classic installation described here: https://linuxize.com/post/install-java-on-debian-10/
sudo apt install openjdk-11-jre
root@debian:~# apt install openjdk-11-jre
Lecture des listes de paquets... Fait
Construction de l'arbre des dépendances
Lecture des informations d'état... Fait
[…]
Updating certificates in /etc/ssl/certs...
0 added, 0 removed; done.
Running hooks in /etc/ca-certificates/update.d...
done.
done.
You can check the Java version:
java -version
root@debian:~# java -version
openjdk version "11.0.9" 2020-10-20
OpenJDK Runtime Environment (build 11.0.9+11-post-Debian-1deb10u1)
OpenJDK 64-Bit Server VM (build 11.0.9+11-post-Debian-1deb10u1, mixed mode, sharing)
1.2. Install MongoDB 4.x
It is recommended that you follow the steps provided here: https://docs.mongodb.com/manual/tutorial/install-mongodb-on-debian/. Mongodb will be up and running in a few minutes on Debian 9 or 10.
1.2.1. Download gpg repository key
sudo wget -qO - https://www.mongodb.org/static/pgp/server-4.4.asc | sudo apt-key add -
root@debian:~# wget -qO - https://www.mongodb.org/static/pgp/server-4.4.asc | sudo apt-key add -
OK
1.2.2. Install GNUPG
sudo apt-get install gnupg
root@debian:~# sudo apt-get install gnupg
Lecture des listes de paquets... Fait
Construction de l'arbre des dépendances
Lecture des informations d'état... Fait
gnupg est déjà la version la plus récente (2.2.12-1+deb10u1).
0 mis à jour, 0 nouvellement installés, 0 à enlever et 0 non mis à jour.
1.2.3. Add the key of the MongoDB server
wget -qO - https://www.mongodb.org/static/pgp/server-4.4.asc | sudo apt-key add -
root@debian:~# wget -qO - https://www.mongodb.org/static/pgp/server-4.4.asc | sudo apt-key add -
OK
1.2.4. Add the MongoDB source directory
Pour Debian 10: sudo echo “deb http://repo.mongodb.org/apt/debian buster/mongodb-org/4.4 main” | sudo tee /etc/apt/sources.list.d/mongodb-org-4.4.list
Pour Debian 9: echo “deb http://repo.mongodb.org/apt/debian stretch/mongodb-org/4.4 main” | sudo tee /etc/apt/sources.list.d/mongodb-org-4.4.list
root@debian:~# echo "deb http://repo.mongodb.org/apt/debian buster/mongodb-org/4.4 main" | sudo tee /etc/apt/sources.list.d/mongodb-org-4.4.list
deb http://repo.mongodb.org/apt/debian buster/mongodb-org/4.4 main
1.2.5. Update your debian system
sudo apt-get update
root@debian:~# sudo apt-get update
Réception de :1 http://security.debian.org/debian-security buster/updates InRelease [65,4 kB]
Réception de :2 http://ftp.fr.debian.org/debian buster InRelease [121 kB]
Réception de :3 http://ftp.fr.debian.org/debian buster-updates InRelease [51,9 kB]
Réception de :4 http://as-repository.openvpn.net/as/debian buster InRelease [3 186 B]
[…]
Réception de :31 http://repo.mongodb.org/apt/debian buster/mongodb-org/4.4/main amd64 Packages [7 912 B]
22,5 Mo réceptionnés en 9s (2 476 ko/s)
Lecture des listes de paquets... Fait
N: Le dépôt « http://ftp.fr.debian.org/debian buster InRelease » a modifié sa valeur « Version » de « 10.2 » à « 10.6 »
1.2.6. Install MongoDB
sudo apt-get install -y mongodb-org
root@debian:~# sudo apt-get install -y mongodb-org
Lecture des listes de paquets... Fait
Construction de l'arbre des dépendances
Lecture des informations d'état... Fait
Les paquets supplémentaires suivants seront installés :
mongodb-database-tools mongodb-org-database-tools-extra mongodb-org-mongos mongodb-org-server mongodb-org-shell mongodb-org-tools
[…]
Cette clé est obligatoire pour accéder à notre repo apt. Paramétrage de mongodb-org-database-tools-extra (4.4.2) ...
Paramétrage de mongodb-org-tools (4.4.2) ...
Paramétrage de mongodb-org (4.4.2) ...
Traitement des actions différées (« triggers ») pour man-db (2.8.5-2) ...
1.2.7. Start MongoDB :
sudo systemctl start mongod
root@debian:~# sudo systemctl start mongod
1.2.8. Check that MongoDB has started
sudo systemctl status mongod
root@debian:~# systemctl status mongod
● mongod.service - MongoDB Database Server
Loaded: loaded (/lib/systemd/system/mongod.service; disabled; vendor preset: enabled)
Active: active (running) since Fri 2020-12-04 10:39:15 CET; 31s ago
Docs: https://docs.mongodb.org/manual
Main PID: 12162 (mongod)
Memory: 103.2M
CGroup: /system.slice/mongod.service
└─12162 /usr/bin/mongod --config /etc/mongod.conf
déc. 04 10:39:15 debian systemd[1]: Started MongoDB Database Server.
1.2.7. Enable MongoDB at startup
sudo systemctl enable mongod
root@debian:~# systemctl enable mongod
Created symlink /etc/systemd/system/multi-user.target.wants/mongod.service → /lib/systemd/system/mongod.service.
2. Install DynFi Manager
2.1. Download the GPG key
Cette clé est obligatoire pour accéder à notre repo apt.
sudo wget https://archive.dynfi.com/dynfi.gpg
root@debian:~# wget https://archive.dynfi.com/dynfi.gpg
--2020-12-04 10:44:21-- https://archive.dynfi.com/dynfi.gpg
Résolution de archive.dynfi.com (archive.dynfi.com)… 188.165.99.5
Connexion à archive.dynfi.com (archive.dynfi.com)|188.165.99.5|:443… connecté.
requête HTTP transmise, en attente de la réponse… 200 OK
Taille : 1181 (1,2K) [application/octet-stream]
Sauvegarde en : « dynfi.gpg »
dynfi.gpg 100%[==================================================================>] 1,15K --.-KB/s ds 0s
2020-12-04 10:44:21 (31,8 MB/s) — « dynfi.gpg » sauvegardé [1181/1181]
2.2. Ajoutez la clé GPG sur le serveur
sudo apt-key add dynfi.gpg
root@debian:~# apt-key add dynfi.gpg OK
2.3. Ajoutez les bons répertoires pour apt sources.list
Pour Debian 10 : echo “deb https://archive.dynfi.com/debian buster main” > /etc/apt/sources.list.d/dynfi.list
Pour Debian 9 : echo “deb https://archive.dynfi.com/debian stretch main” > /etc/apt/sources.list.d/dynfi.list
root@debian:~# apt update
Atteint :1 http://ftp.fr.debian.org/debian buster InRelease
Atteint :2 http://ftp.fr.debian.org/debian buster-updates InRelease
Atteint :3 http://security.debian.org/debian-security buster/updates InRelease
[…]
17,8 ko réceptionnés en 1s (20,6 ko/s)
Lecture des listes de paquets... Fait
Construction de l'arbre des dépendances
Lecture des informations d'état... Fait
240 paquets peuvent être mis à jour. Exécutez « apt list --upgradable » pour les voir.
2.4. Installez DynFi Manager
sudo apt install dynfi
Lecture des listes de paquets... Fait
Construction de l'arbre des dépendances
Lecture des informations d'état... Fait
Les NOUVEAUX paquets suivants seront installés :
dynfi
[…]
Paramétrage de dynfi (20.3.5) ...
Java is not installed, cannot generate config file and run DynFi!
Once these operations are completed, restart the service: you should now be operational!
2.5. Démarrez DynFi Manager
systemctl start dynfi
2.6. Verify DynFi Manager is correctly installed
systemctl status dynfi
● dynfi.service - DynFi Service
Loaded: loaded (/lib/systemd/system/dynfi.service; enabled; vendor preset: enabled)
Active: active (running) since Fri 2020-12-04 11:01:06 CET; 4s ago
Process: 16478 ExecStartPre=/bin/mkdir -p /run/dynfi (code=exited, status=0/SUCCESS)
Process: 16479 ExecStartPre=/bin/chown -R nobody:nogroup /run/dynfi/ (code=exited, status=0/SUCCESS)
Main PID: 16480 (java)
Tasks: 12 (limit: 1138)
Memory: 70.5M
CGroup: /system.slice/dynfi.service
└─16480 java -jar /usr/share/dynfi/lib/dynfi-20.3.5-all.jar --pid-file=/run/dynfi/dynfi.pid
déc. 04 11:01:06 debian systemd[1]: Starting DynFi Service...
déc. 04 11:01:06 debian systemd[1]: Started DynFi Service.
déc. 04 11:01:09 debian dynfi[16480]: Running DynFi. For other commands run help.
déc. 04 11:01:09 debian dynfi[16480]: Version: 20.3.5 (commit: a60e4bc75171a7ca4532f1eafba09924fa0847cd)```
Redémarrez DynFi Manager : systemctl restart dynfi
Once these operations are completed, restart the service: you should now be operational!
You should now be able to access your DynFi service using your favorite (and up-to-date!) browser.
The default port is 9090 (unless you updated it in the configuration file), so the URL should look like: http://your.local.ip:9090
2.7. Activate DynFi Manager at startup
sudo systemctl enable dynfi
root@debian:~# systemctl enable dynfi
3. Optional configuration to redirect HTTP(s) requests from Nginx to DynFi Manager
You can simply use Nginx to redirect all incoming http & https requests to DynFi Manager.
You need to install the Nginx server first. You can then copy / paste the configuration below (please change the server name and IPs).
Be sure to generate your own SSL certificate or use “let’s encrypt” if you use SSL.
This configuration will allow you to redirect all your requests to the DynFi Manager (to be deployed in /etc/nginx/sites-available/dynfi and create a symbolic link in /etc/nginx/sites-enabled/dynfi).
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name my-server.myname.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl http2 default_server;
listen [::]:443 ssl http2 default_server;
server_name my-server.myname.com;
location /config.js {
proxy_pass http://192.168.1.3:9090;
sub_filter 'http://192.168.1.3:9090' 'https://$host';
sub_filter_types "*";
}
location / {
proxy_pass http://192.168.1.3:9090;
}
ssl_dhparam /etc/ssl/certs/dhparam.pem;
ssl_certificate /etc/ssl/dynfi/bundle.crt;
ssl_certificate_key /etc/ssl/dynfi/myname.com.key;
}