Skip to main content
Version: 4.12.x.x LTS

Initial Setup

This chapter explains how to set up nevisAdmin 4 after you have installed the software.

DB Setup

nevisAdmin 4 relies on a local or a remote SQL database (MariaDB), which you can install either manually with the RPM-based installation or through nevisAppliance. The nevisAppliance admin4 images include a MariaDB instance that should be up and running after image installation and reboot.

Now perform the next steps to set up the database:

  1. Change the password of the root user interactively:
mysqladmin -u root password
  1. Connect and create a user and database for nevisAdmin 4, by running the following code:

Enable the commented "CREATE USER" and "GRANT" lines if the database is not running on the same machine as nevisAdmin 4.

# Enter the password when asked
mysql -u root -p <<SQL
  CREATE DATABASE nevisadmin4
    CHARACTER SET = 'utf8mb4'
    COLLATE = 'utf8mb4_unicode_ci';

  CREATE USER 'na4_owner'@'localhost' IDENTIFIED BY 'owner_password';
  GRANT ALL PRIVILEGES ON nevisadmin4.* TO 'na4_owner'@'localhost' WITH GRANT OPTION;
#  CREATE USER 'na4_owner'@'%' IDENTIFIED BY 'owner_password';
#  GRANT ALL PRIVILEGES ON nevisadmin4.* TO 'na4_owner'@'%' WITH GRANT OPTION;

  CREATE USER 'na4_user'@'localhost' IDENTIFIED BY 'user_password';
  GRANT SELECT, INSERT, DELETE, UPDATE, EXECUTE ON nevisadmin4.* TO 'na4_user'@'localhost';
#  CREATE USER 'na4_user'@'%' IDENTIFIED BY 'user_password';
#  GRANT SELECT, INSERT, DELETE, UPDATE, EXECUTE ON nevisadmin4.* TO 'na4_user'@'%';
SQL
  1. Set the maximum allowed package size by adding the following line in /etc/my.cnf under the section [mariadb] (or [mysqld] if you have an older database version):
max_allowed_packet=100M

nevisAdmin 4 Configuration

During the installation of the nevisAppliance images or of the RPM, a nevisAdmin 4 instance is created. The instance home directory is/var/opt/nevisadmin4. Each server/VM supports one nevisAdmin 4 instance at the most.

Java Version

nevisAdmin 4 requires a Java 1.8 JRE to be installed on the server/VM.

You define the Java version in /var/opt/nevisadmin4/conf/env.conf by setting JAVA_HOME. The value of JAVA_HOME depends on the operating system. The following snippet shows the recommended configuration for nevisAppliance:

Contents of /var/opt/nevisadmin4/conf/env.conf

JAVA_HOME=/etc/alternatives/jre_1.8.0

If JAVA_HOME is not set, the Java binary will be searched on the PATH instead. In this case, run the following command to verify that the version is correct:

java -version

DB Connection

As a next step, configure the DB connection in /var/opt/nevisadmin4/conf/nevisadmin4.yml:

db:
 datasource:
 url: jdbc:mariadb://localhost:3306/nevisadmin4
 username: na4_user
 password: user_password
 migration:
 username: na4_owner
 password: owner_password
 auto-migration:
 enabled: true

Register nevisAdmin 4 as a systemd Service

Run the following command to ensure that nevisAdmin 4 is managed by systemd and started automatically on server boot:

nevisadmin4 enable

DB and Admin User and Secrets Initialization

Run the following commands to set up the DB and the admin user, and to initialize the storage of secrets:

NEVISADMIN_ADMIN_USER_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w30 | head -n1)
NEVISADMIN_ADMIN_USER_PASSWORD=$NEVISADMIN_ADMIN_USER_PASSWORD nevisadmin4 bootstrap
echo "nevisAdmin 4 set up. Password of 'admin' user: $NEVISADMIN_ADMIN_USER_PASSWORD"

The DB is initialized and the admin user is created. The randomly generated password for the admin user is shown on the console.

*It is critical that you retain the password of the local admin* user. Copy it to a safe place immediately.**Theadminuser's password also protects the encryption key (backup master key). This key allows you to recover access to secrets, such as passwords, managed by nevisAdmin 4. Therefore, store theadmin password in a safe, protected place, to make recovery via the backup master key possible.

For background information, see Encryption and Storage of Secrets.

Start nevisAdmin 4

Run the following command to start nevisAdmin 4:

nevisadmin4 startService
  • Point your browser at the following URL: http://<hostname>:9080/nevisadmin/
  • You should see the login screen. You can test the login with the admin account.

See nevisAdmin 4 Log Files for further debugging instructions, for example in case you need to analyze the activities of the nevisAdmin 4 server process.

Stop nevisAdmin 4

Run the following command to stop nevisAdmin 4:

nevisadmin4 stopService

Securing nevisAdmin 4

See Securing nevisAdmin 4 on how to switch to HTTPS and create additional user accounts beyond the default admin account.