Installing the WAPT Server on Debian Linux

Attention

The upgrade procedure is different from installation. For upgrade, please refer to Upgrading the WAPT Server.

Installing the WAPT Server requires a few steps:

  • configuring the repositories;

  • installing additional Linux packages;

  • installing and provisioning the PostgreSQL database;

  • post-configuring the WAPT Server;

Note

The WAPT Server packages and repository are signed by Tranquil IT and it is necessary to get the gpg public key below in order to avoid warning messages during installation.

Configuring DEB repositories and installing WAPT and PostgreSQL packages

The configuration of repositories for WAPT Enterprise and WAPT Community Edition differs. Make sure to choose the right one!

During installation, you may be asked for the Kerberos realm. Just press Enter to skip this step.

Important

Follow this procedure for getting the right packages for the WAPT Enterprise Edition. For WAPT Community Edition please refer to the next block.

To access WAPT Enterprise ressources, you must use the username and password provided by our sales department.

Replace user and password in the deb parameter to access WAPT Enterprise repository.

apt update && apt upgrade -y
apt install apt-transport-https lsb-release gnupg
wget -O - https://wapt.tranquil.it/debian/tiswapt-pub.gpg  | apt-key add -
echo "deb https://user:password@srvwapt-pro.tranquil.it/entreprise/debian/wapt-1.8/ $(lsb_release -c -s) main" > /etc/apt/sources.list.d/wapt.list

Important

Follow this procedure for getting the right packages for the WAPT Community Edition. For WAPT Enterprise Edition please refer to the previous block.

apt update && apt upgrade -y
apt install apt-transport-https lsb-release gnupg
wget -O - https://wapt.tranquil.it/debian/tiswapt-pub.gpg  | apt-key add -
echo "deb https://wapt.tranquil.it/debian/wapt-1.8/ $(lsb_release -c -s) main" > /etc/apt/sources.list.d/wapt.list

Installing the WAPT Server packages

apt update
apt install tis-waptserver tis-waptsetup

Post-configuring

Attention

For post-configuration to work properly, you must first have properly configured the hostname of the WAPT server. To check hostname configuration use the command echo $(hostname) which must return the hostname that will be used by WAPT agents on client computers.

Hint

This post-configuration script must be run as root.

  • run the script:

    /opt/wapt/waptserver/scripts/postconf.sh
    
  • click on Yes to run the postconf script:

    do you want to launch post configuration tool?
    
           < yes >          < no >
    
  • enter the password for the SuperAdmin account of the WAPT Server (minimum 10 caracters);

    Please enter the wapt server password (min. 10 characters)
    
    *****************
    
    < OK >          < Cancel >
    
  • confirm the password;

    Please enter the server password again:
    
    *****************
    
    < OK >          < Cancel >
    
  • choose the authentication mode for the initial registering of the WAPT agents;

    • choice #1 allows to register computers without authentication (same method as WAPT 1.3). The WAPT server registers all computers that ask;

    • choice #2 activates the initial registration based on Kerberos. (you can activate it later);

    • choice #3 does not activate the Kerberos authentication mechanism for the initial registering of machines equipped with WAPT. The WAPT server will require a login and password for each machine registering with it;

      WaptAgent Authentication type?
      
      -------------------------------------------------------------------------------------------------------------------------------------
      (*) 1 Allow unauthenticated registration, same behavior as wapt 1.3
      ( ) 2 Enable kerberos authentication required for machines registration. Registration will ask for password if kerberos not available
      ( ) 3 Disable Kerberos but registration require strong authentication
      -------------------------------------------------------------------------------------------------------------------------------------
                                                         < OK >          < Cancel >
      
  • select OK to start WAPT Server;

    Press OK to start waptserver
    
           < OK >
    
  • select Yes to configure Nginx;

    Do you want to configure nginx?
    
       < Yes >        < No >
    
  • enter the FQDN of the WAPT Server;

    FQDN for the WAPT server (eg. wapt.mydomain.lan)
    
    ---------------------------------------------
    wapt.mydomain.lan
    ---------------------------------------------
    
          < OK >          < Cancel >
    
  • select OK and a self-signed certificate will be generated, this step may take a long time …

    Generating DH parameters, 2048 bit long safe prime, generator 2
    This is going to take a long time
    .......................................+...............................+...
    

Nginx is now configured, select OK to restart Nginx:

The Nginx config is done.
We need to restart Nginx?

       < OK >

The post-configuration is now finished.

Postconfiguration completed.
Please connect to https://wapt.mydomain.lan/ to access the server.

                 < OK >

Listing of post-configuration script options:

Flag

Description

--force-https

Configures Nginx so that port 80 is permanently redirected to 443

The WAPT Server is now ready.

You may go to the documentation on installing the WAPT console!!