ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Testing SnipeIT on Fedora

    Scheduled Pinned Locked Moved IT Discussion
    snipe-itfedora
    62 Posts 12 Posters 10.7k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • ObsolesceO
      Obsolesce @Obsolesce
      last edited by

      @obsolesce said in Testing SnipeIT on Fedora:

      To install Snipe-IT on a fresh Fedora 28 minimal install:

      1. Install Fedora Server 28 minimal from NetISO.
      2. Okay to install the typical packages:
        dnf install -y wget cockpit cockpit-storaged net-tools dnf-automatic
      3. Download and run the Snipe-IT install script:
        wget https://raw.githubusercontent.com/snipe/snipe-it/master/install.sh
        chmod 744 install.sh
        ./install.sh
      4. By default, the laravel log has bad permissions and needs to be fixed for Pre-Flight to work:
        chmod 0755 /var/www/html/snipeit/storage/logs/laravel.log
        chown apache:apache /var/www/html/snipeit/storage/logs/Laravel.log
      5. By default, you won't be able to send mail with SELinux, allow it to:
        setsebool -P httpd_can_network_connect 1
        setsebool -P httpd_can_sendmail 1
      6. Pre-flight will now show and pass. Click the next button, it will fail. Then run this command to fix the DB issue:
        reference: https://github.com/snipe/snipe-it/issues/5242#issue-307531010
        mysql -u root -p
        ALTER TABLE snipeit.assets CHANGE `_snipeit_mac_address` `_snipeit_mac_address_1` varchar(191) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci DEFAULT NULL NULL ;

      Now go back to the Pre-flight page, and it should continue on as normal.

      Backups via the SnipeIT Admin web interface won't work unless php-zip is installed:
      dnf install php-zip

      1 Reply Last reply Reply Quote 2
      • hobbit666H
        hobbit666
        last edited by

        New SnipeIT server all working with http://<Serverip>

        But when i try and access through my proxy
        https://nginx.domain.com i'm still getting:-

        0_1532008512184_876d3105-e7c2-48ce-a855-dca6a1a31bd3-image.png

        Do i need to configure the snipe server to be on https ??

        black3dynamiteB 1 Reply Last reply Reply Quote 0
        • black3dynamiteB
          black3dynamite @hobbit666
          last edited by

          @hobbit666 said in Testing SnipeIT on Fedora:

          New SnipeIT server all working with http://<Serverip>

          But when i try and access through my proxy
          https://nginx.domain.com i'm still getting:-

          0_1532008512184_876d3105-e7c2-48ce-a855-dca6a1a31bd3-image.png

          Do i need to configure the snipe server to be on https ??

          What do you have set for APP_URL= and APP_TRUSTED_PROXIES= in the .env file

          1 Reply Last reply Reply Quote 0
          • hobbit666H
            hobbit666
            last edited by hobbit666

            
            #Created By Snipe-it Installer
            # --------------------------------------------
            # REQUIRED: BASIC APP SETTINGS
            # --------------------------------------------
            APP_ENV=production
            APP_DEBUG=false
            APP_KEY=base64:7En+7lHJRZb8/u0+dZrLcavOtWApCMoqisLwPZViKeQ=
            APP_URL=https://host.DOMAIN.COM
            APP_TIMEZONE=
            APP_LOCALE=en
            BACKUP_ENV=false
            
            # --------------------------------------------
            # REQUIRED: DATABASE SETTINGS
            # --------------------------------------------
            DB_CONNECTION=mysql
            DB_HOST=localhost
            DB_DATABASE=snipeit
            DB_USERNAME=snipeit
            DB_PASSWORD=Passw0rd
            DB_PREFIX=null
            DB_DUMP_PATH='/usr/bin'
            DB_CHARSET=utf8mb4
            DB_COLLATION=utf8mb4_unicode_ci
            
            # --------------------------------------------
            # OPTIONAL: SSL DATABASE SETTINGS
            # --------------------------------------------
            DB_SSL=false
            DB_SSL_KEY_PATH=null
            DB_SSL_CERT_PATH=null
            DB_SSL_CA_PATH=null
            DB_SSL_CIPHER=null
            
            # --------------------------------------------
            # REQUIRED: OUTGOING MAIL SERVER SETTINGS
            # --------------------------------------------
            MAIL_DRIVER=smtp
            MAIL_HOST=email-smtp.us-west-2.amazonaws.com
            MAIL_PORT=587
            MAIL_USERNAME=YOURUSERNAME
            MAIL_PASSWORD=YOURPASSWORD
            MAIL_ENCRYPTION=null
            [email protected]
            MAIL_FROM_NAME='Snipe-IT'
            [email protected]
            MAIL_REPLYTO_NAME='Snipe-IT'
            
            # --------------------------------------------
            # REQUIRED: IMAGE LIBRARY
            # This should be gd or imagick
            # --------------------------------------------
            IMAGE_LIB=gd
            
            # --------------------------------------------
            # OPTIONAL: SESSION SETTINGS
            # --------------------------------------------
            SESSION_LIFETIME=12000
            EXPIRE_ON_CLOSE=false
            ENCRYPT=false
            COOKIE_NAME=snipeit_session
            COOKIE_DOMAIN=null
            SECURE_COOKIES=false
            
            # --------------------------------------------
            # OPTIONAL: SECURITY HEADER SETTINGS
            # --------------------------------------------
            REFERRER_POLICY=same-origin
            ENABLE_CSP=false
            
            # --------------------------------------------
            # OPTIONAL: CACHE SETTINGS
            # --------------------------------------------
            CACHE_DRIVER=file
            SESSION_DRIVER=file
            QUEUE_DRIVER=sync
            
            # --------------------------------------------
            # OPTIONAL: REDIS SETTINGS
            # --------------------------------------------
            REDIS_HOST=null
            REDIS_PASSWORD=null
            REDIS_PORT-null
            
            # --------------------------------------------
            # OPTIONAL: AWS S3 SETTINGS
            # --------------------------------------------
            AWS_SECRET=null
            AWS_KEY=null
            AWS_REGION=null
            AWS_BUCKET=null
            
            # --------------------------------------------
            # OPTIONAL: LOGIN THROTTLING
            # --------------------------------------------
            LOGIN_MAX_ATTEMPTS=5
            LOGIN_LOCKOUT_DURATION=60
            
            # --------------------------------------------
            # OPTIONAL: MISC
            # --------------------------------------------
            APP_LOG=single
            APP_LOG_MAX_FILES=10
            APP_LOCKED=false
            FILESYSTEM_DISK=local
            APP_TRUSTED_PROXIES=172.20.0.130
            ALLOW_IFRAMING=false
            APP_CIPHER=AES-256-CBC
            GOOGLE_MAPS_API=
            BACKUP_ENV=true
            

            172.20.0.130 is the IP of my NGINX server

            *Also tried the APP_URL with both http and https

            JaredBuschJ 1 Reply Last reply Reply Quote 0
            • JaredBuschJ
              JaredBusch @hobbit666
              last edited by JaredBusch

              @hobbit666 This is my .env

              [jbusch@assets ~]$ sudo cat /var/www/html/snipeit/.env
              [sudo] password for jbusch: 
              #Created By Snipe-it Installer
              # --------------------------------------------
              # REQUIRED: BASIC APP SETTINGS
              # --------------------------------------------
              APP_ENV=production
              APP_DEBUG=false
              APP_KEY=base64:c21lZyBvZmYNCg==
              APP_URL=https://assets.domain.com
              APP_TIMEZONE=America/Chicago
              APP_LOCALE=en
              
              # --------------------------------------------
              # REQUIRED: DATABASE SETTINGS
              # --------------------------------------------
              DB_CONNECTION=mysql
              DB_HOST=localhost
              DB_DATABASE=snipeit
              DB_USERNAME=snipeit
              DB_PASSWORD=smeg_off
              DB_PREFIX=null
              DB_DUMP_PATH='/usr/bin'
              DB_CHARSET=utf8mb4
              DB_COLLATION=utf8mb4_unicode_ci
              
              # --------------------------------------------
              # OPTIONAL: SSL DATABASE SETTINGS
              # --------------------------------------------
              DB_SSL=false
              DB_SSL_KEY_PATH=null
              DB_SSL_CERT_PATH=null
              DB_SSL_CA_PATH=null
              DB_SSL_CIPHER=null
              
              # --------------------------------------------
              # REQUIRED: OUTGOING MAIL SERVER SETTINGS
              # --------------------------------------------
              MAIL_DRIVER=smtp
              MAIL_HOST=10.202.1.14
              MAIL_PORT=25
              MAIL_USERNAME=
              MAIL_PASSWORD=
              MAIL_ENCRYPTION=
              [email protected]
              MAIL_FROM_NAME='Administrator'
              [email protected]
              MAIL_REPLYTO_NAME='Administrator'
              
              # --------------------------------------------
              # REQUIRED: IMAGE LIBRARY
              # This should be gd or imagick
              # --------------------------------------------
              IMAGE_LIB=gd
              
              # --------------------------------------------
              # OPTIONAL: SESSION SETTINGS
              # --------------------------------------------
              SESSION_LIFETIME=12000
              EXPIRE_ON_CLOSE=false
              ENCRYPT=false
              COOKIE_NAME=snipeit_session
              COOKIE_DOMAIN=null
              SECURE_COOKIES=false
              
              # --------------------------------------------
              # OPTIONAL: SECURITY HEADER SETTINGS
              # --------------------------------------------
              REFERRER_POLICY=same-origin
              ENABLE_CSP=false
              
              # --------------------------------------------
              # OPTIONAL: CACHE SETTINGS
              # --------------------------------------------
              CACHE_DRIVER=filec21lZyBvZmYNCg==
              SESSION_DRIVER=file
              QUEUE_DRIVER=sync
              
              # --------------------------------------------
              # OPTIONAL: REDIS SETTINGS
              # --------------------------------------------
              REDIS_HOST=null
              REDIS_PASSWORD=null
              REDIS_PORT-null
              
              # --------------------------------------------
              # OPTIONAL: AWS S3 SETTINGS
              # --------------------------------------------
              AWS_SECRET=null
              AWS_KEY=null
              AWS_REGION=null
              AWS_BUCKET=null
              
              # --------------------------------------------
              # OPTIONAL: LOGIN THROTTLING
              # --------------------------------------------
              LOGIN_MAX_ATTEMPTS=5
              LOGIN_LOCKOUT_DURATION=60
              
              # --------------------------------------------
              # OPTIONAL: MISC
              # --------------------------------------------
              APP_LOG=single
              APP_LOG_MAX_FILES=10
              APP_LOCKED=false
              FILESYSTEM_DISK=local
              APP_TRUSTED_PROXIES=10.202.1.16
              ALLOW_IFRAMING=false
              APP_CIPHER=AES-256-CBC
              
              1 Reply Last reply Reply Quote 0
              • JaredBuschJ
                JaredBusch
                last edited by

                Here is my Nginx reverse proxy conf file.

                [jbusch@proxy ~]$ sudo cat /etc/nginx/conf.d/assets.domain.com.conf 
                [sudo] password for jbusch: 
                server {
                    client_max_body_size 40M;
                    listen 443;
                    server_name assets.domain.com;
                    ssl          on;
                    ssl_certificate /etc/letsencrypt/live/assets.domain.com-0001/fullchain.pem;
                    ssl_certificate_key /etc/letsencrypt/live/assets.domain.com-0001/privkey.pem;
                    ssl_stapling on;
                    ssl_stapling_verify on;
                    ssl_protocols TLSv1.2 TLSv1.1 TLSv1;
                    ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
                    ssl_prefer_server_ciphers on;
                    ssl_session_cache shared:SSL:10m;
                #    ssl_dhparam /etc/ssl/certs/dhparam.pem;
                    add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";
                
                    location / {
                        proxy_set_header X-Real-IP $remote_addr;
                        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                        proxy_set_header Host $http_host;
                        proxy_set_header X-NginX-Proxy true;
                        proxy_set_header X-Forwarded-Proto $scheme;
                        proxy_pass https://10.202.0.43;
                        proxy_redirect off;
                
                        # Socket.IO Support
                        proxy_http_version 1.1;
                        proxy_set_header Upgrade $http_upgrade;
                        proxy_set_header Connection "upgrade";
                
                    }
                }
                
                server {
                    client_max_body_size 40M;
                    listen 80;
                    server_name assets.domain.com;
                    rewrite        ^ https://$server_name$request_uri? permanent;
                }
                [jbusch@proxy ~]$ 
                
                hobbit666H 1 Reply Last reply Reply Quote 0
                • hobbit666H
                  hobbit666
                  last edited by

                  Something still not right but home time and day off tomorrow 😄
                  So will pick up Monday.

                  Quick question apart from changing the APP_URL and APP_TRUSTED_PROXIES, have you done anything else on the Snipe server to make it "work" under https? Like .htaccess or Virtual Host files?

                  1 Reply Last reply Reply Quote 1
                  • G
                    gtech
                    last edited by

                    Hi Guys

                    Great info. I Installed SnipeIT on Centos 7 min, get it up however I can't add new users. Please advise.

                    Thanks

                    black3dynamiteB ObsolesceO 2 Replies Last reply Reply Quote 0
                    • black3dynamiteB
                      black3dynamite @gtech
                      last edited by black3dynamite

                      @gtech said in Testing SnipeIT on Fedora:

                      Hi Guys

                      Great info. I Installed SnipeIT on Centos 7 min, get it up however I can't add new users. Please advise.

                      Thanks
                      Click on Create New and then user.
                      0_1532028020424_ce0b3c5f-c9c1-4a9b-a700-998d42ae8a93-image.png

                      1 Reply Last reply Reply Quote 0
                      • ObsolesceO
                        Obsolesce @gtech
                        last edited by

                        @gtech said in Testing SnipeIT on Fedora:

                        Hi Guys

                        Great info. I Installed SnipeIT on Centos 7 min, get it up however I can't add new users. Please advise.

                        Thanks

                        I sync'd it to AD.

                        1 Reply Last reply Reply Quote 0
                        • G
                          gtech
                          last edited by

                          My bad, left out some details. when I full out the create user info form, submit it I get "Whoops, looks like something went wrong."

                          ObsolesceO black3dynamiteB 2 Replies Last reply Reply Quote 0
                          • ObsolesceO
                            Obsolesce @gtech
                            last edited by

                            @gtech said in Testing SnipeIT on Fedora:

                            My bad, left out some details. when I full out the create user info form, submit it I get "Whoops, looks like something went wrong."

                            That's not very informative. What's the log say?

                            1 Reply Last reply Reply Quote 0
                            • black3dynamiteB
                              black3dynamite @gtech
                              last edited by

                              @gtech said in Testing SnipeIT on Fedora:

                              My bad, left out some details. when I full out the create user info form, submit it I get "Whoops, looks like something went wrong."

                              Open .env and change APP_DEBUG=false to true. So you can see more information than "Whoops, looks like something went wrong."

                              1 Reply Last reply Reply Quote 2
                              • G
                                gtech
                                last edited by

                                SQLSTATE[23000]: Integrity constraint violation: 1048 Column 'activated' cannot be null (SQL: insert into users....

                                DustinB3403D 1 Reply Last reply Reply Quote 0
                                • DustinB3403D
                                  DustinB3403 @gtech
                                  last edited by DustinB3403

                                  @gtech said in Testing SnipeIT on Fedora:

                                  SQLSTATE[23000]: Integrity constraint violation: 1048 Column 'activated' cannot be null (SQL: insert into users....

                                  Create an issue on snipe-it's GitHub. You can also pop in to their gutter.im/snipe-it and see if they can assist you

                                  1 Reply Last reply Reply Quote 2
                                  • hobbit666H
                                    hobbit666 @JaredBusch
                                    last edited by

                                    @jaredbusch Thanks
                                    Must of been a setting i was missing in my NGINX conf file. Made it too look more like yours and i'm working 🙂

                                    1 Reply Last reply Reply Quote 2
                                    • 1
                                    • 2
                                    • 3
                                    • 4
                                    • 2 / 4
                                    • First post
                                      Last post