Install MeshCentral2 on Fedora 29 with MongoDB



  • As always, this assumes that you are starting from the Fedora 29 Minimal install.

    Also, as always, prepend everything with sudo or switch to root sudo su -

    You must have your FQDN properly setup prior to doing this or Let's Encrypt will shit on you.
    If you do not need/want Let's Encrypt, you can ignore that step.

    Make sure your install is fully updated.

    dnf upgrade -y --refresh
    

    If the upgrade put in a new kernel, reboot.

    reboot
    

    Install required packages for MeshCentral

    dnf install -y mongodb mongodb-server nano nodejs npm
    

    Start MongoDB, and enable it to start on boot.

    systemctl enable --now mongod
    

    Open the firewall. If you use the Intel stuff, you need more ports.

    firewall-cmd --add-port=http/tcp --permanent
    firewall-cmd --add-port=https/tcp --permanent
    firewall-cmd --reload
    

    Create the directory to install MeshCentral into.

    mkdir -p /opt/meshcentral
    

    Change into that directory and install MEshCentral via npm

    cd /opt/meshcentral
    npm install meshcentral
    

    Now launch MeshCentral for the first time. Obviously replace the FQDN in the examples with your real FQDN

    node ./node_modules/meshcentral --cert mc.domain.com
    

    Once it is done setting up the initial certificates, shut it back down with ctrl+C

    Edit the config file now to enable MongoDB and Let's Encrypt

    nano /opt/meshcentral/meshcentral-data/config.json
    

    Uncomment the Mongo DB lines by removing the _ from the front.

        "MongoDb": "mongodb://127.0.0.1:27017/meshcentral",
        "MongoDbCol": "meshcentral",
        "WANonly": true,
    

    Uncomment the Let's Encrypt section and update the values.

    Set production to true and update the email and names field (domain name)

      "letsencrypt": {
        "email": "[email protected]",
        "names": "mc.domain.com",
        "rsaKeySize": 3072,
        "production": true
      },
    

    Make a start/stop file for MeshCentral

    This is optional, but when troubleshooting, it can be useful.

    touch /opt/meshcentral/mcstart
    cat > /opt/meshcentral/mcstart << EOF
    node ./node_modules/meshcentral > stdout.txt 2> stderr.txt &
    EOF
    touch /opt/meshcentral/mcstop
    cat > /opt/meshcentral/mcstop << EOF
    pkill -f node_modules/meshcentral
    EOF
    

    Make them executable

    sudo chmod 755 mcstart
    sudo chmod 755 mcstop
    

    Now start it up again

    /opt/meshcentral/mcstart
    

    You can check for errors or status by looking at
    Status: tail /opt/meshcentral/stdout.txt
    Errors: tail /opt/meshcentral/stderr.txt

    While it is running, go create your first account (it becomes admin).

    http://fqdn

    Once you are logged in, log out and shut it down.

    /opt/meshcentral/mcstop
    

    Now let's create some systemd service files to run it properly.

    sudo nano /etc/systemd/system/meshcentral.service
    

    Put this in it.

    Special Note: MeshCentral is perfectly capable of being run by an unprivilieged user. But that breaks the current update process. As this is in heavy development, I highly recommend just running this service as root right now.

    [Unit]
    Description=MeshCentral Server
    [Service]
    Type=simple
    ExecStart=/usr/bin/node /opt/meshcentral/node_modules/meshcentral
    WorkingDirectory=/opt/meshcentral
    User=root   
    Group=root
    Restart=always
    # Restart service after 10 seconds if node service crashes
    RestartSec=10
    [Install]
    WantedBy=multi-user.target   
    

    Now you should be able to start and stop it with normal systemd commands.

    Let's start it and enable it to start on boot.

    sudo systemctl enable --now meshcentral.service
    

    You should see this if you check the status.

    [[email protected] meshcentral]$ sudo systemctl status meshcentral
    ● meshcentral.service - MeshCentral Server
       Loaded: loaded (/etc/systemd/system/meshcentral.service; enabled; vendor preset: disabled)
       Active: active (running) since Mon 2019-01-21 17:42:17 CST; 4s ago
     Main PID: 2962 (node)
        Tasks: 22 (limit: 1149)
       Memory: 134.6M
       CGroup: /system.slice/meshcentral.service
               ├─2962 /usr/bin/node /opt/meshcentral/node_modules/meshcentral
               └─2973 /usr/bin/node /opt/meshcentral/node_modules/meshcentral --launch
    
    Jan 21 17:42:17 mc.domain.com systemd[1]: Started MeshCentral Server.
    Jan 21 17:42:20 mc.domain.com node[2962]: MeshCentral HTTP redirection server running on port 80.
    Jan 21 17:42:21 mc.domain.com node[2962]: MeshCentral v0.2.6-o, WAN mode.
    


  • Go back to https://fqdn and you should see this.
    af039c00-af0b-4c42-a06b-e4f88ff9a76e-image.png



  • I would also recommend running systemctl daemon-reload to reload the unit file too.



  • @JaredBusch

    Like you, I had issue with updates while using MongoDB (on Ubuntu which I know you dislike). I used NeDB and all was fine. Did you try an install with NeDB and have the same issues?



  • @pmoncho said in Install MeshCentral2 on Fedora 29 with MongoDB:

    @JaredBusch

    Like you, I had issue with updates while using MongoDB (on Ubuntu which I know you dislike). I used NeDB and all was fine. Did you try an install with NeDB and have the same issues?

    I had no issues.

    Assuming this goes live, I will have hundreds of sessions. It does not sound like the NeDB is designed for that.



  • @JaredBusch said in Install MeshCentral2 on Fedora 29 with MongoDB:

    @pmoncho said in Install MeshCentral2 on Fedora 29 with MongoDB:

    @JaredBusch

    Like you, I had issue with updates while using MongoDB (on Ubuntu which I know you dislike). I used NeDB and all was fine. Did you try an install with NeDB and have the same issues?

    I had no issues.

    Assuming this goes live, I will have hundreds of sessions. It does not sound like the NeDB is designed for that.

    Correct, NeDB is really for non-production or very small scale use.



  • NeDB is basically a MongoDB compatible file driver written in JavaScript. It's just JS code, so super slow, that runs in the application threading that reads the file on disk. Perfect for testing and tiny workloads, but would use a lot of CPU and be super slow for production.



  • @pmoncho said in Install MeshCentral2 on Fedora 29 with MongoDB:

    @JaredBusch

    Like you, I had issue with updates while using MongoDB (on Ubuntu which I know you dislike). I used NeDB and all was fine. Did you try an install with NeDB and have the same issues?

    If you run this as a restricted user, it will not be able to update itself. that is normal.



  • @JaredBusch said in Install MeshCentral2 on Fedora 29 with MongoDB:

    @pmoncho said in Install MeshCentral2 on Fedora 29 with MongoDB:

    @JaredBusch

    Like you, I had issue with updates while using MongoDB (on Ubuntu which I know you dislike). I used NeDB and all was fine. Did you try an install with NeDB and have the same issues?

    If you run this as a restricted user, it will not be able to update itself. that is normal.

    Oh ok. I misunderstood. My bad.



  • mkdir -P /opt/meshcentral

    Minor detail, but I'm guessing that this was supposed to be a lower-case -p?

    Awesome guide, as always. Thank you



  • @bnrstnr said in Install MeshCentral2 on Fedora 29 with MongoDB:

    mkdir -P /opt/meshcentral

    Minor detail, but I'm guessing that this was supposed to be a lower-case -p?

    Awesome guide, as always. Thank you

    Yes, fixed.