.. Reminder for header structure: Parts (H1) : #################### with overline Chapters (H2) : ******************** with overline Sections (H3) : ==================== Subsections (H4) : -------------------- Subsubsections (H5) : ^^^^^^^^^^^^^^^^^^^^ Paragraphs (H6) : """"""""""""""""""""" .. meta:: :description: Deploying the WAPT Agent on Linux and MacOS :keywords: waptconsole, waptagent, wapt_deploy, WAPT, preferences, documentation, the WAPT Console ########################################## Managing the WAPT Agent on Linux and MacOS ########################################## ******************************************* Deploying the WAPT Agent on Linux and MacOS ******************************************* .. _install_waptagent_linux: .. _install_on_debian: .. _install_on_ubuntu: .. _install_on_redhat-based: The procesude depends on your operating system: .. tabs:: .. comments TAB DEBIAN XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX .. tab:: Debian / Ubuntu based distributions .. hint:: The WAPT Agent for Debian has been tested on Debian 8, 9, 10 and 11. The WAPT Agent for Ubuntu has only been tested on Ubuntu Bionic and Ubuntu Focal. * Update the underlying distribution and check that apt https transport is installed .. code-block:: bash sudo apt update && apt upgrade -y sudo apt install apt-transport-https lsb-release gnupg -y * Retrieve the key :mimetype:`.gpg`, add it to the Tranquil IT repository and install the WAPT Agent. .. code-block:: bash sudo wget -O - https://wapt.tranquil.it/$(lsb_release -is)/tiswapt-pub.gpg | apt-key add - sudo echo "deb https://wapt.tranquil.it/$(lsb_release -is)/wapt-2.2/ $(lsb_release -cs) main" > /etc/apt/sources.list.d/wapt.list export DEBIAN_FRONTEND=noninteractive sudo apt update sudo apt install tis-waptagent -y unset DEBIAN_FRONTEND .. comments TAB REDHAT 7 XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX .. tab:: RedHat 7 based distributions .. hint:: The WAPT Agent for Redhat based system has been tested on Redhat 7 and derivatives. * Update the underlying distribution. .. code-block:: bash yum update * Retrieve the key :file:`.gpg` and configure the WAPT repository. .. code-block:: bash wget -q -O /tmp/tranquil_it.gpg "https://wapt.tranquil.it/redhat7/RPM-GPG-KEY-TISWAPT-7"; rpm --import /tmp/tranquil_it.gpg cat > /etc/yum.repos.d/wapt.repo < /etc/yum.repos.d/wapt.repo <`_ (10.13); * `Mojave `_ (10.14); * `Catalina `_ (10.15); * `Big Sur `_ (11.x); * `Monterey `_ (12.x). * Download and install the WAPT Agent (note: the hash string may change, to get the latest, point your brower on the url https://wapt.tranquil.it/wapt/releases/wapt-2.2/): .. code-block:: bash curl -o tis-waptagent-2.2.0.11586-macos-9c22a4fb.pkg https://wapt.tranquil.it/wapt/releases/wapt-2.2/tis-waptagent-2.2.0.11586-macos-9c22a4fb.pkg sudo installer -target / -pkg tis-waptagent*.pkg Creating the WAPT Agent configuration file ========================================== .. hint:: Use the WAPT Server :abbr:`FQDN (Fully Qualified Domain Name)` address for the :code:`repo_url` and the :code:`wapt_server` arguments. .. code-block:: bash sudo cat > /opt/wapt/wapt-get.ini <`, you **MUST** copy the certificate in your WAPT Linux or macOS Agent. The certificate should be located on your Windows host in :file:`C:\\Program Files (x86)\\wapt\\ssl\\server\\`. * Copy your certificate(s) in :file:`/opt/wapt/ssl/server/` using :program:`WinSCP` or :program:`rsync` if you are deploying on Linux or macOS. * Then, modify in the :file:`/opt/wapt/wapt-get.ini` configuration file the path to your certificate. * And give absolute path of your certificate. .. code-block:: ini verify_cert = /opt/wapt/ssl/server/YOURCERT.crt .. hint:: Change the :mimetype:`.crt` file with your certificate name. Registering ----------- * Finally, execute the following command to register your host with the WAPT Server: .. code-block:: bash sudo wapt-get register Restarting the Agent -------------------- * When you have modifier the configuration of the WAPT Agent, you should restart the WAPT Agent using the following command .. code-block:: bash sudo wapt-get restart-waptservice Feature matrix -------------- There are some features that are not currently available on Linux and MacOS: * installing updates on shutdown (WAPT Exit); * the WAPT Console; * any Windows specific feature. Particularities with domain functionality ----------------------------------------- On Linux: * testing was carried out with sssd with an Active Directory domain and kerberos authentication; * to integrate a host in the Active Directory domain, you can choose to follow `this documentation `_ * in order for Active Directory groups to function properly, you **MUST** verify that the :command:`id hostname$` command returns the list of groups the host is member of; .. attention:: We have noticed that the kerberos LDAP query does not work if the reverse DNS record is not configured correctly for your domain controllers. These records **MUST** therefore be created if they do not exist. ****************************************** Updating the WAPT Agent on Linux and MacOS ****************************************** For each WAPT Server's :ref:`upgrade `, you will have to upgrade the WAPT Agents. To do so, you have to :ref:`generate the WAPT Agent ` and deploy it. Manually ======== You can do that manually :ref:`by following this documentation on installing the WAPT Agent `. .. hint:: It is the only upgrade solution available for now for macOS and Linux.