What is GLPI?:
GLPI is a free and open source information resource-manager that can be used for a multitude of items such as: inventory management, ticket tracking, and centralized documentation. In the right hands GLPI can become a very powerful tool for your business that can help reduced costs and time waste. GLPI also offers tons of plugins to enhance workflows and even automate your inventory needs. Needless to say GLPI is a very handy tool that is becoming more and more popular with IT departments.
Goal of this Article:?
In this article, my goal is to go over how to setup & install GLPI from the beginning to the end. This will also include proper SELinux commands, as so many articles that I read on how to setup GLPI tell you to shut this off. I will explain more later on why shutting off SELinux is a bad thing to do. This will be a very basic configuration as just to give you a proof of concept. To learn more about GLPI and its features please come back later as I plan on making a lot more articles on the ins and outs of GLPI.
Before we begin the setup & installation of GLPI, I would like to go over from a high level the tools and packages that I will be using for this guide. I will be using CentOS 7 minimal 1804 with some extra repositories (epel-release, REMI, and MariaDB). Along with those extra packages there are a lot of smaller packages that you will not need right away but that will prove useful as you build out your own GLPI instance later on.
|Name:||CentOS 7||Web Server||Database||PHP|
|Description:||1804 minimal installation||Apache 2.4.x +||MariaDB 10.0+||7.x +|
- I will do my best to explain what each package and command does so that you have a better understanding of what you are going to be installing.
To start you will need to open an ssh session to your CentOS 7 machine, if you are on windows you can use putty to achieve this. Once you are logged into your system run the following commands:
yum -y install epel-release
yum -y install http://rpms.remirepo.net/enterprise/remi-release-7.rpm
yum -y install yum-utils
yum -y install net-tools vim wget mlocate
After downloading and installing some baseline packages you will need to create and enable a MariaDB repository. Now we need to create a MariaDB repo because the standard and epel-release repositories do not have the required version of mariadb that is needed for GLPI to run properly.
Edit the newly created file with the following information
Remember earlier in this article when we used “yum” to install the REMI repo? Now it’s time to enable the REMI repo and select the PHP package\version to install that is needed for GLPI to run properly.
yum-config-manager --enable remi-php73 [Install PHP 7.3]
Please note, we are going to download GLPI from github in this command but we wont use it right now.
yum -y install http php php-mysql php-pdo php-gd php-mbstring php-imap php-ldap php-domxml php-xmlrpc php-pecl-apcu php-opcache php-pear-CAS mariadb-server mariadb
Now that we have all our preq’s and packages installed lets makes some slight tweaks to the “php.ini” file per GLPI’s official documentation.
php -i | grep "Loaded Configuration File"
Locate the following lines in the “php.ini” file and make the appropriate changes with what is listed below. Please note in the newer version of PHP the limits are usually much greater then what is recommend by GLPI. This is fine, as what is listed below is the recommend minimum that is need for GLPI.
- (PHP7.x) memory_limit = 128M (This is the default right out of the gate for PHP 7.x)
Next we need to allow communications though the CentOS firewall service so that Apache will work correctly.
firewall-cmd --permanent --add-service=http
Next we will enable Apache and the mariadb services so that they will auto start on reboots.
systemctl enable httpd
systemctl enable mariadb
After we have enabled both Apache and the mariadb database service, you will need to start them.
systemctl start httpd
systemctl start mariadb
Database Setup and Configurations:
Now that the MariaDB database is up and running we need to change its default configuration to be more secure.
You can read through the following section or you can check out the condensed commands below of what you will need to fill out
After securing the MariaDB database we can now prep a GLPI database as well as create a service account for GLPI. Login into MariaDB using the username and password you specified earlier during the initial “mysql_secure_installation” process.
mysql -u root -p
create database glpi;
CREATE USER 'SAYOURUSER'@'localhost' IDENTIFIED BY 'YOURPASSWORD';
GRANT ALL PRIVILEGES ON glpi. * TO 'SAYOURUSER'@'localhost' IDENTIFIED BY 'YOURPASSWORD';
Setup and Install GLPI:
Remember the GLPI package that was download earlier? Locate the GLPI package and run the following commands against it.
tar -xvf glpi-9.x.x.tgz
After extracting the tar ball you will have a folder called GLPI, copy that exacted GLPI folder to the Apache web directory. In CentOS, that is located at “/var/www/html”
cp -R glpi /var/www/html
Since we are installing GLPI from its source, the permissions get a little funky so we will need to assign the correct user and permissions for that GLPI folder.
chmod -R 755 /var/www/html/glpi
chown -R apache:apache /var/www/html/glpi
So you may be thinking well that wasn’t so hard and you are right. Those commands are in the GLPI documentation though the following commands are not, which if not applied will stop this install in its tracks! Also on a slight side note if someone tells you to disable SELinux you stop and slap them in the face. SELinux is an amazing security tool that can be the last line of defense if your system was ever to become compromised. Yes SELinux can be hard to learn at first but it is worth it.
chcon -R -t httpd_sys_rw_content_t /var/www/html/glpi/
setsebool -P httpd_can_network_connect 1
setsebool -P httpd_can_network_connect_db 1
setsebool -P httpd_can_sendmail 1
Finish GLPI Installation via Web Interface:
The rest of the installation is very simple and easy to do. Please take a look that the pictures below to finish getting your GLPI installation up and running.
Thank you for taking the time to read this article, I hope that it was helpful in some way to you. If you noticed anything wrong or have a better way of doing this please don’t hesitate to comment below or send me a email. Thank you!
- TecMint —
- Glpi Forum —
- DigitalOceans —
- DigitalOceans —
- StackExchange —