Versions Compared

Version Old Version 16 New Version 17
Changes made by

Harish Agrawal

Harish Agrawal

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Steps - Generate Self SSL Certs

  1. It is possible to use a self generated certificate (not recommended though)

  2. You can generate a self-signed certificate using command given below

  3. The “root.cer” will have to be installed to the certificate authority on all Roost user systems as a trusted certificate. Article with steps for all OS is mentioned here Install the Certificate Authority

  4. Instructions for generating the self-signed certs is given below.

    Code Block
    cd /var/tmp/Roost/certs

# Follow the instructions displayed after executing this script
./get-cert.sh

  5. Update the root.cnf and server.cnf to reflect your organisation name and the DNS entries

  6. Run the open_ssl commands displayed in the output of get-certs.sh

SSL Certs

5.4 Configure Roost JSON

Code Block
breakoutModewide
cd /var/tmp/Roost
vi config.json

...

Code Block
{
  "enterprise_name": "MyCompany",
  "enterprise_logo": "https://roost.ai/hubfs/logos/LOGO-roost.png",
  "enterprise_email_domain": "mycompany.io",
  "enterprise_dns": "mycompany.io",
  "remote_console_proxy": "mycompany.io",
  "admin_email": "admin@mycompany.io",
  "email_sender": "noreply@mycompany.io",
  "email_sender_pass": "",
  "email_smtp_host": "",
  "email_smtp_port" : 465,

  "load_balancer": "false",

  "enterprise_ssl_certificate_path": "/var/tmp/Roost/certs/server.cer",
  "enterprise_ssl_certificate_key_path": "/var/tmp/Roost/certs/server.key",

  "ENV_SERVER": {
    "DEFAULT_PORT": 3000,
    "JWT_SECRET": "32-character-secure-long-secret",

    "GOOGLE_CLIENT_ID": "",
    "GOOGLE_CLIENT_SECRET": "",
    "AZURE_CLIENT_ID": "",
    "AZURE_CLIENT_SECRET": "",
    "GITHUB_CLIENT_ID": "",
    "GITHUB_CLIENT_SECRET": "",
    "LINKEDIN_CLIENT_ID": "",
    "LINKEDIN_CLIENT_SECRET": "",
    "OKTA_CLIENT_ISSUER": "",
    "OKTA_CLIENT_ID": "",
    "OKTA_CLIENT_SECRET": ""
  },

  "is_own_sql": "false",
  "ENV_DATABASE": {
    "MYSQL_HOST": "mysqldb_host_url",
    "MYSQL_PORT": 3306,

    "MYSQL_USERNAME": "Roost",
    "MYSQL_PASSWORD": "Roost#123",
    "MYSQL_ROOT_PASSWORD": "Admin#123"
  }
}

Start Roost Control Plane Server

Code Block
cd /var/tmp/Roost
./roost-enterprise.sh -i all -c config.json

...

Verifying the Roost.ai components

  1. Connect to the <dns-name>/login using a browser

  2. Use the 3rd party auth to connect to the control-plane

Next Steps:

Go to Admin Settings and

...

Enable cloud vendor of choice and provide default settings

...

Add the Roost EAAS Server EC2 details in the “Configure EAAS Server”

...

Enable JumpHost and refresh the page

...


<< Previous Next>>