-
Notifications
You must be signed in to change notification settings - Fork 19
Installation development build
To install Gluu Gateway, follow these steps:
- Add the required third party repositories
- Install the
gluu-gateway
package - Run
setup-gluu-gateway.py
- Gluu Server CE 4.0 or 4.1. GG 4.1 is working well in both case.
If you have NodeJS 8 then uninstall it first then start the installation
Gluu Gateway needs to be deployed on a server or VM with the following minimum requirements:
CPU Unit | RAM | Disk Space | Processor Type |
---|---|---|---|
1 | 2 GB | 10 GB | 64 Bit |
!!! Important Always run the following commands as root.
echo "deb https://repo.gluu.org/ubuntu/ focal-devel main" > /etc/apt/sources.list.d/gluu-repo.list
curl https://repo.gluu.org/ubuntu/gluu-apt.key | apt-key add -
echo "deb http://apt.postgresql.org/pub/repos/apt/ focal-pgdg main" > /etc/apt/sources.list.d/psql.list
wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | sudo apt-key add -
curl -sL https://deb.nodesource.com/setup_10.x | sudo -E bash -
echo "deb https://repo.gluu.org/ubuntu/ bionic-devel main" > /etc/apt/sources.list.d/gluu-repo.list
curl https://repo.gluu.org/ubuntu/gluu-apt.key | apt-key add -
echo "deb http://apt.postgresql.org/pub/repos/apt/ bionic-pgdg main" > /etc/apt/sources.list.d/psql.list
wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | sudo apt-key add -
curl -sL https://deb.nodesource.com/setup_10.x | sudo -E bash -
echo "deb https://repo.gluu.org/debian/ buster-testing main" > /etc/apt/sources.list.d/gluu-repo.list
curl https://repo.gluu.org/ubuntu/gluu-apt.key | apt-key add -
echo "deb http://apt.postgresql.org/pub/repos/apt/ buster-pgdg main" > /etc/apt/sources.list.d/psql.list
wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | sudo apt-key add -
curl -sL https://deb.nodesource.com/setup_10.x | sudo -E bash -
echo "deb https://repo.gluu.org/debian/ stretch-testing main" > /etc/apt/sources.list.d/gluu-repo.list
curl https://repo.gluu.org/ubuntu/gluu-apt.key | apt-key add -
echo "deb http://apt.postgresql.org/pub/repos/apt/ stretch-pgdg main" > /etc/apt/sources.list.d/psql.list
wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | sudo apt-key add -
curl -sL https://deb.nodesource.com/setup_10.x | sudo -E bash -
wget https://repo.gluu.org/centos/Gluu-centos-8-testing.repo -O /etc/yum.repos.d/Gluu.repo
wget https://repo.gluu.org/centos/RPM-GPG-KEY-GLUU -O /etc/pki/rpm-gpg/RPM-GPG-KEY-GLUU
rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-GLUU
rpm -Uvh https://yum.postgresql.org/10/redhat/rhel-8-x86_64/pgdg-redhat-repo-latest.noarch.rpm
rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
curl -sL https://rpm.nodesource.com/setup_10.x | sudo -E bash -
wget https://repo.gluu.org/centos/Gluu-centos-7-testing.repo -O /etc/yum.repos.d/Gluu.repo
wget https://repo.gluu.org/centos/RPM-GPG-KEY-GLUU -O /etc/pki/rpm-gpg/RPM-GPG-KEY-GLUU
rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-GLUU
rpm -Uvh https://yum.postgresql.org/10/redhat/rhel-7-x86_64/pgdg-redhat-repo-latest.noarch.rpm
rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
curl -sL https://rpm.nodesource.com/setup_10.x | sudo -E bash -
wget https://repo.gluu.org/rhel/Gluu-rhel-8-testing.repo -O /etc/yum.repos.d/Gluu.repo
wget https://repo.gluu.org/rhel/RPM-GPG-KEY-GLUU -O /etc/pki/rpm-gpg/RPM-GPG-KEY-GLUU
rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-GLUU
rpm -Uvh https://yum.postgresql.org/10/redhat/rhel-8-x86_64/pgdg-redhat-repo-latest.noarch.rpm
rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
curl -sL https://rpm.nodesource.com/setup_10.x | sudo -E bash -
wget https://repo.gluu.org/rhel/Gluu-rhel-7-testing.repo -O /etc/yum.repos.d/Gluu.repo
wget https://repo.gluu.org/rhel/RPM-GPG-KEY-GLUU -O /etc/pki/rpm-gpg/RPM-GPG-KEY-GLUU
rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-GLUU
rpm -Uvh https://yum.postgresql.org/10/redhat/rhel-7-x86_64/pgdg-redhat-repo-latest.noarch.rpm
rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
curl -sL https://rpm.nodesource.com/setup_10.x | sudo -E bash -
!!! important The Gluu Gateway package installs the following required components: PostgreSQL v10, oxd Server 4.0, NodeJS v10, Kong Community Edition v1.3.
apt update
apt install gluu-gateway
yum clean all
yum install gluu-gateway
!!! Important Before start setup, stop your all services which run on ports 443, 8443, 1338, 8000 and 8001.
cd /opt/gluu-gateway-setup
python3 setup-gluu-gateway.py
After acknowledging the Gluu Stepped-Up Support License, you will be prompted to answer several questions. Just hit Enter to accept the default values, which are specified in square brackets.
!!! Important When prompted to provide a two-letter value, make sure to follow the instructions. A mistake may result in the lack of certificates.
Question | Explanation |
---|---|
Enter IP Address | IP Address of your API gateway |
Enter Hostname | Internet-facing FQDN to generate certificates and metadata. Do not use an IP address or localhost. |
Enter two-letter Country Code | Used to generate web X.509 certificates |
Enter two-letter State Code | Used to generate web X.509 certificates |
Enter your City or locality | Used to generate web X.509 certificates |
Enter Organization name | Used to generate web X.509 certificates |
Enter Email Address | Used to generate web X.509 certificates |
Password | If you already have a postgres database password for user postgres , enter it here. Otherwise, enter a new password. |
OP Server Host | The hostname of the Gluu Server that will be used for OAuth 2.0 client credentials and access management. Example: your-op.server.com |
Install OXD Server? | If you choose Y(yes) then it will install fresh oxd server in your machine. If you choose N(No) then it will ask you next question Enter your existing OXD server URL , where you need to enter your existing oxd server URL. Check here for more details about oxd server. |
OXD Server URL | If oxd is installed on a different hostname than Gluu Gateway, provide its URL. If not, enter the hostname for Gluu Gateway |
Generate client credentials to call oxd-server API's? | Register an OpenID Client for Konga, or enter existing client credentials manually. Take care about your Client at your OP server side; make sure to extend this expiration date. It will create a client with the openid , oxd , permission and username scope. You need to enable all this scope for dynamic client registration so that it will include during client creation. In case if missing then you can add this scope after setup complete using Gluu oxTrust UI. If you enter existing client details, make sure your client in Redirect Login URIs and Post Logout Redirect URIs field has the value https://localhost:1338 . |
OXD Id | Used to manually set the oxd ID. |
Client Id | Used to manually set the client ID. |
Client Secret | Used to manually set the client secret. |
Gluu Gateway configuration is successful!!! https://localhost:1338
If you see the above message, it means the installation was successful. To log in to the Gluu Gateway admin portal, create an SSH tunnel on port 1338 from your workstation to the Gluu Gateway server, and point your browser at https://localhost:1338
. Use the login and password that you also use to access the Gluu Server.
!!! Important
If you get any error in setup then check the logs in log file /opt/gluu-gateway/setup/gluu-gateway-setup.log
and /opt/gluu-gateway/setup/gluu-gateway-setup_error.log
!!! Note If you do not want an SSH tunnel connection. See FAQ for global access configuration. After these settings, you also need to update the OP clients redirect URL and post logout URL using oxd update-site API.
Port | Description |
---|---|
1338 | Gluu Gateway Admin GUI |
8001 | Kong Admin API |
8000 | Kong Proxy Endpoint |
443 | Kong SSL Proxy Endpoint. By default, Kong uses 8443 port for SSL proxy, but during setup, it is changed to 443. |
8443 | oxd Server |
!!! Info
To remove GG and all other sub-components, use apt-get purge gluu-gateway kong* postgresql-* oxd-server* node*