search

ronivay / XenOrchestraInstallerUpdater

Xen Orchestra install/update script
GNU General Public License v3.0
1.22k stars 190 forks source link

Update documentation on how to do SSL install? #61

Closed DPerkunas closed 3 years ago

DPerkunas commented 3 years ago

Thank you for the script, can you update the documentation to show how to enable port 443 and self signed cert during install?

I've tried editing the /etc/xo/xo-server/config and install cfg's with no luck.

ronivay commented 3 years ago

Hi,

Documentation tells you to edit the configuration (xo-install.cfg) according to your preference. Change port from 80 to 443 and add paths to your certificate/key files and installation will configure xen orchestra for you.

curvingedge commented 3 years ago

I'm not sure If I can add a question to this. After configuring the cfg file and adding the cert files to the directories, what is the least destructive way to install the certs? ./xo-install.sh --update? Is this the best way for an existing install and also for updating certs when they expire?

curvingedge commented 3 years ago

I'm not sure If I can add a question to this. After configuring the cfg file and adding the cert files to the directories, what is the least destructive way to install the certs? ./xo-install.sh --update? Is this the best way for an existing install and also for updating certs when they expire?

I've tried the update command and it didn't add the ssl certs. Would I need to install? If I do will it overwrite my current install?

ronivay commented 3 years ago

Hi,

Update will also update configuration This requires that there is something to update, if latest master branch version matches currently installed version, nothing is done. This should be clear from the script output when you attempt to run it.

When you run xo-install.sh, it'll tell you the location of xen orchestra configuration file, which by default is $HOME/.config/xo-server/config.toml. You can edit port/certificate details to this configuration file as well if you wish. Just remember to either switch off configuration file update from xo-install.cfg (CONFIGUPDATE variable) or add those port/cert path changes to xo-install.cfg so that next time you run update, it'll add that HTTPS stuff to your xen orchestra config.

For expiring certificates. It's always pointless to change software configuration files to point to new certificate filenames. Just use symlinks if you wish to keep the old files, then you can just restart xo-server service for changes to take effect. This applies to any software, not just xen orchestra.

curvingedge commented 3 years ago

Thanks, I got it working now.