($Id: INSTALL 1 2006-03-06 22:05:41Z root $) --- mysqlRadacct Installation Mini Help Guide mysqlRadius, mysqlRadacct are becoming quickly very useful and stable production tools for any size ISP. But more so for those that like linux, open source tools and solid reliable systems with physical users files and such. Thanks for all the email with suggestions. We have tried and will continue to use your GPL contributed patches and other code changes to make the mysqlRadius family of tools even better. The OpenISP Crew/support @ openisp . net --- Prerequisites (Read the very short and useful tutorial.html in the docs dir!) mySQL server and client libs installed and running on same server as the application. You must know the root password. (Paranoids: Check the install script in mainfunc.h) Must have a running Apache server on the same server with cgi capabilities. Should be SSL enabled if possible (see below for intranet or other just "testing" non-SSL setup) (Now radiusd source is included in distribution!) Must have mysqlRadius Cistron 1.6.6 specially mysql patched radius system to "feed" this app correctly. Read about it, and get it here: http://openisp.net/mysqlRadius --- Example BASH Install Instructions shell>tar xzf mysqlRadacctN.M.tar.gz (where N.M is the latest Major.Minor release) shell>cd mysqlRadacct shell>export CGIDIR=/apache/cgi-bin/ (or whatever your Apache cgi-bin dir is) shell>vi local.h shell>make shell>make install shell>make install-lastmonth shell>export ISMROOT=/home/joe (or whatever dir the mysql application project dir is in) shell>chown mysql $ISMROOT/mysqlRadacct/data (and more commands to insure that mysql can get to the initialize table data, like this: shell>chmod o+x $ISMROOT etc.) shell>/cgi-bin/mysqlRadacct.cgi Initialize (If something bad happens at this step you will have to: mysql>drop database mysqlradacct; and start over with the Initialize after fixing permissions.) This will setup application and allow you to login as user "Root" password "wsxedc" --- Upgrading shell>/cgi-bin/mysqlRadacct.cgi UpdateSchema --- SSL Setup If you have an SSL server handy edit local.h and remove comments: //#define SSLONLY like so... #define SSLONLY Then shell>make clean shell>make shell>make install --- Feeding it with Data For mysqlRadacct to be useful you must feed it radius accounting data! Note that our modified Cistron 1.6.6 server should be started via mysqlRadius.cgi command line for testing and server reboot via rc.local etc. This requires careful tConfiguration settings. This may take some time. You can then use a real live NAS, or Cistron 1.6.6 radclient to feed it test data. Hint: You can use old radius acct detail files and just pipe them into radclient. --- Standard OpenISP setup backup operations If you are planning now or later to use mysqlSendmail or other mysqlISP GPL ISP management tools you should probably setup an SSL Apache server daemon with all logs and the conf file in the ~openisp dir structure. You can read about how to do this in http://openisp.net/mysqlISP. Then you can also use that dir tree to backup all your mysqlISP module data including that from other servers in your ISP service cluster. (Loose instructions adjust to fit for your particular setup) shell>useradd -d openisp -s /bin/nologin (this may have been done standard in mysqlISP setup) shell>mkdir -p ~openisp/mysqlRadacct/data shell>chown mysql ~openisp/mysqlRadacct/data shell>crontab -e Adding the following: Where mysqlpasswd is replaced by YOUR real mysql root passwd. # #mysqlRadacct # ##backup 20 3 * * * ISMROOT=~openisp;export ISMROOT;/cgi-bin/mysqlRadacct.cgi Backup mysqlpasswd > /dev/null --- Other backup ideas You should probably cross server backup all your OpenISP module data like so. Note that this involves using GRANT ALL mysql statements and a very secure internal ISP LAN. See mysql manual. Think about ISP organization with edge servers with 2 NICs and an ISP admin firewall zone with the mysql database server or replication cluster servers. All servers should have internal mirror backup drives or other cheap fast and reliable backup system (NFS and cpio in ISP admin firewall zone?) shell>crontab -e Add something like the following after setting up mysql for remote access from ONLY the IP in question in a VERY secure LAN (non routable IP's...switched hubs...behind firewall...etc) #Extra backup of mysqlRadacct data only even days, using mysqldump from 192.168.100.23 20 4 * * */2 /usr/local/mysql/bin/mysqldump -e -h 192.168.0.43 -u mysqlradacct -pwsxedc --all mysqlradacct > ~openisp/mysqlRadacct/data/dumpall.txt --- Lose your data and your fired Don't be lazy backup and rebackup and database warehouse your mission critical data ALWAYS! Need help contact us! --- Legalese This doc is GPL. Don't forget to give us credit when you quote this stuff. (C) 2003-2004 OpenISP and Gary Wallis --- Thanks Cistron Internet Provider and worldwide RADIUS expert Miquels. Michael Hilton of Multinet, Australia. Ron Fenlon of mtwi.net, USA. Emilio of cablenet.net.ar, Argentina. NHA of South Africa. // vim:tw=78: