Install Gluu Flex On SUSE Linux#
This is a step-by-step guide for installation and uninstallation of Gluu Flex on SUSE Linux distributions
Prerequisites#
- Ensure that the OS platform is one of the supported versions
- VM should meet VM system requirements
- Make sure that if
SELinux
is installed then it is put into permissive mode - If the server firewall is running, make sure you allow
https
, which is needed for OpenID and FIDO.sudo firewall-cmd --permanent --zone=public --add-service=https
sudo firewall-cmd --reload
- for SUSE Linux Enterprise(SLES) we need to enable PackageHub as per OS version and architecture
sudo SUSEConnect -p PackageHub/15.4/x86_64
- Please obtain an SSA to trial Flex, after which you are issued a JWT that you can use during installation. SSA should be stored in a text file on an accessible path.
Install the Package#
Download and Verify the Release Package#
-
Download the release package from the GitHub FLEX Releases
wget https://github.com/GluuFederation/flex/releases/download/vreplace-flex-version/flex-replace-flex-version-suse15.x86_64.rpm -P ~/
-
GPG key is used to ensure the authenticity of the downloaded package during the installation process. If the key is not found, the installation step would fail. Use the commands below to download and import the GPG key.
wget https://github.com/GluuFederation/flex/files/11814579/automation-flex-public-gpg.zip
unzip automation-flex-public-gpg.zip
sudo rpm -import automation-flex-public-gpg.asc
-
Verify the integrity of the downloaded package using published
sha256sum
. Download thesha256sum
file for the packagewget https://github.com/GluuFederation/flex/releases/download/vreplace-flex-version/flex-replace-flex-version-suse15.x86_64.rpm.sha256sum -P ~/
-
Verify package integrity
You should see:sha256sum -c flex-replace-flex-version-suse15.x86_64.rpm.sha256sum
flex-replace-flex-version-suse15.x86_64.rpm: ok
Install the Release Package#
Use SUSE zypper
to install
sudo zypper install ~/flex-replace-flex-version-suse15.x86_64.rpm
Run the setup script#
- Run the setup script:
Execute the setup script with command below:
sudo python3 /opt/jans/jans-setup/flex/flex-linux-setup/flex_setup.py
Install Admin UI [Y/n]: y
Please enter path of file containing SSA or paste SSA (q to exit):
sudo python3 /opt/jans/jans-setup/flex/flex-linux-setup/flex_setup.py -admin-ui-ssa [filename]
Verify and Access the Installation#
Verify that installation has been successful and all installed components are accessible using the steps below:
-
Log in to Text User Interface (TUI)
TUI is a text-based configuration tool for Gluu Flex Server./opt/jans/jans-cli/jans_cli_tui.py
-
Log into Admin-UI using URI below
https://FQDN/admin
When troubleshooting issues with Admin UI access, it's advisable to check the logs, refer to the FAQ, and review service dependencies for potential solutions.
- Access Casa using URI below
https://FQDN/jans-casa
Enabling HTTPS#
To enable communication with Janssen Server over TLS (https) in a production
environment, Janssen Server needs details about CA certificate. Update the
HTTPS cofiguration file https_jans.conf
as shown below:
Note
Want to use Let's Encrypt
to get a certificate? Follow this guide.
- Open
_https_jans.conf
sudo vi /etc/apache2/vhosts.d/_https_jans.conf ``` - Update `SSLCertificateFile` and `SSLCertificateKeyFile` parameters values ```bash SSLCertificateFile location_of_fullchain.pem SSLCertificateKeyFile location_of_privkey.pem
- Restart
apache
service for changes to take effectsudo /usr/sbin/rcapache2 restart
Uninstallation#
Removing Flex is a two step process:
If you have not run the setup script, you can skip step 1 and just remove the package.
First use the command below to uninstall the Gluu Flex server
sudo python3 /opt/jans/jans-setup/flex/flex-linux-setup/flex_setup.py --remove-flex
sudo python3 /opt/jans/jans-setup/flex/flex-linux-setup/flex_setup.py --remove-flex
This process is irreversible.
Gluu Flex Components will be removed
Are you sure to uninstall Gluu Flex? [yes/N] yes
Profile was detected as jans.
Log Files:
/opt/jans/jans-setup/logs/flex-setup.log
/opt/jans/jans-setup/logs/flex-setup-error.log
/opt/jans/jans-setup/setup_app/pylib/jwt/utils.py:7: CryptographyDeprecationWarning: Python 3.6 is no longer supported by the Python core team. Therefore, support for it is deprecated in cryptography and will be removed in a future release.
from cryptography.hazmat.primitives.asymmetric.ec import EllipticCurve
Please wait while collecting properties...
Uninstalling Gluu Casa
- Deleting /etc/default/casa
- Deleting /etc/systemd/system/casa.service
- Removing casa directives from apache configuration
- Deleting /opt/jans/jetty/jans-auth/custom/libs/casa-config.jar
- Removing plugin /opt/jans/jetty/jans-auth/custom/libs/casa-config.jar from Jans Auth Configuration
- Deleting /opt/jans/python/libs/Casa.py
- Deleting /opt/jans/python/libs/casa-external_fido2.py
- Deleting /opt/jans/python/libs/casa-external_otp.py
- Deleting /opt/jans/python/libs/casa-external_super_gluu.py
- Deleting /opt/jans/python/libs/casa-external_twilio_sms.py
- Deleting casa client from db backend
- Deleting casa client scopes from db backend
- Deleting casa configuration from db backend
- Deleting script 3000-F75A from db backend
- Deleting /opt/jans/jetty/casa
Uninstalling Gluu Admin-UI
- Deleting Gluu Flex Admin UI Client 2001.732c7b51-57c4-48a5-b64d-8718b3e043bb
- Removing Admin UI directives from apache configuration
- Deleting /opt/jans/jetty/jans-config-api/custom/libs/gluu-flex-admin-ui-plugin.jar
- Removing plugin /opt/jans/jetty/jans-config-api/custom/libs/gluu-flex-admin-ui-plugin.jar from Jans Config API Configuration
- Deleting /opt/jans/jetty/jans-config-api/custom/config/log4j2-adminui.xml
- Deleting /opt/jans/jetty/jans-config-api/custom/config/log4j2.xml
- Rewriting Jans CLI init file for plugins
- Deleting /srv/www/htdocs/admin
Disabling script A51E-76DA
Restarting Apache
Restarting Jans Auth
Restarting Janssen Config Api
Uninstall Janssen Packages#
The command below removes and uninstall the jans
package
sudo python3 /opt/jans/jans-setup/install.py -uninstall
sudo python3 /opt/jans/jans-setup/install.py -uninstall -yes --keep-downloads --keep-setup
This process is irreversible.
You will lose all data related to Janssen Server.
Are you sure to uninstall Janssen Server? [yes/N] yes
Uninstalling Jannsen Server...
Removing /etc/default/jans-config-api
Stopping jans-config-api
Removing /etc/default/jans-auth
Stopping jans-auth
Removing /etc/default/jans-fido2
Stopping jans-fido2
Removing /etc/default/jans-scim
Stopping jans-scim
Removing /etc/default/jans-cache-refresh
Stopping jans-cache-refresh
Executing rm -r -f /etc/certs
Executing rm -r -f /etc/jans
Executing rm -r -f /opt/jans
Executing rm -r -f /opt/amazon-corretto*
Executing rm -r -f /opt/jre
Executing rm -r -f /opt/node*
Executing rm -r -f /opt/jetty*
Executing rm -r -f /opt/jython*
Executing rm -r -f /opt/dist
Removing /etc/apache2/vhosts.d/_https_jans.conf
Second uninstall the package:
You should see the package with:
sudo rpm -qa | grep flex
Remove package with:
sudo zypper remove flex
Updating Admin UI#
To update the Admin UI in an existing Flex installation, execute this command:
sudo python3 /opt/jans/jans-setup/flex/flex-linux-setup/flex_setup.py --update-admin-ui
Created: 2022-09-22