Skip to content
rConfig Documentation

rConfig Vector Offline Installation: Air-Gapped Network Management Setup

rConfig Vector Offline Installation: Air-Gapped Network Management Setup

Section titled “rConfig Vector Offline Installation: Air-Gapped Network Management Setup”

While rConfig supports rapid deployment through automated installation scripts, certain environments require complete offline installation procedures for security compliance. This guide provides comprehensive manual installation procedures for rConfig on CentOS, RHEL, AWS Linux, or Rocky Linux 8.0 and later. Package management and file system locations remain the administrator’s responsibility; this documentation serves as a reference framework for secure and efficient offline installation. Where connectivity is acceptable, compare these steps with the Vector server installation guide.

Operating System Configuration

Section titled “Operating System Configuration”

System Requirements Verification

Section titled “System Requirements Verification”

Technical Specifications

ComponentRequired Version
Operating SystemCentOS/RHEL/AWS/Rocky Linux 8.0 or later
Web ServerApache 2.4 or later
Database Server

MariaDB 11+ • MySQL 5.7+ • PostgreSQL 13+ (Enterprise edition only)

PHP Version8.4 or later (mandatory)
Redis6.0 or later

Manual Configuration Procedures

Section titled “Manual Configuration Procedures”

Note: Package management and file system locations are the administrator’s responsibility. Verify all required packages are available in the offline environment prior to commencing installation procedures.

System Preparation
  • Verify OS version: CentOS, RHEL, AWS Linux, or Rocky Linux 8.0 or later
  • Disable SELinux and reboot system (advanced administrators may configure SELinux policies instead)
  • Update system packages to latest available versions
Package Installation Requirements
  • Core utilities: yum-utils, vim, zip, unzip, wget, curl
  • Security libraries: openssl-devel, openssl, mod_ssl
  • System services: supervisord, redis, apache 2.4+, mariadb 11+/mysql 5.7+/postgresql 13+
  • PHP 8.4+: php, php-cli, php-gd, php-curl, php-mysql, php-ldap, php-zip, php-fileinfo, php-pear, php-mbstring, php-common, php-pdo, php-ldap, php-gmp, php-snmp
Service Configuration
  • Configure file permissions: chown -R apache:apache /var/www/html
  • Initialize services: httpd, mariadb, redis, supervisord
  • Configure firewall rules: ports 80, 443
  • Verify installed versions meet minimum requirements
  • Execute MySQL secure installation procedure

SELinux Configuration

Section titled “SELinux Configuration”

Standard Configuration: Disable SELinux by modifying /etc/selinux/config → set SELINUX=disabled → reboot system
Advanced Configuration: Configure SELinux policies for rConfig and Apache operations

rConfig Installation and Update Procedures

Section titled “rConfig Installation and Update Procedures”

Manual Installation Procedures

Section titled “Manual Installation Procedures”

Execute the following procedures for new installations only. For updates to existing installations, refer to the Manual Update tab.

  1. Download the current rConfig distribution archive from the rConfig portal (substitute your API authentication token)

    Terminal window
     curl -sw '%{http_code}' -o rconfig8-vectorserver.zip -d '{"api_token":"APITOKEN"}' -H "Content-Type: application/json" -X POST https://dl.rconfig.com/api/download-vector-server8?=$(date +%s)

  2. Create the required directory structure:

    Terminal window
    currentReleaseDir=$(date '+%Y%m%d%H%M%S')
    mkdir /var/www/html/rconfig8
    mkdir /var/www/html/rconfig8/releases
    mkdir /var/www/html/rconfig8/releases/$currentReleaseDir
    mkdir /var/www/html/rconfig8/persistentData

  3. If required, transfer the downloaded archive to the offline server. Extract the archive to /var/www/html/rconfig8/releases/$currentReleaseDir

    Terminal window
    unzip rconfig8-vectorserver.zip -d /var/www/html/rconfig8/releases/$currentReleaseDir/
    cd /var/www/html/rconfig8/releases/$currentReleaseDir/
    mv rconfig8/{,.[^.]}* .

  4. Copy configuration files from the release directory:

    Terminal window
    cp /var/www/html/rconfig8/releases/$currentReleaseDir/.env.example  /var/www/html/rconfig8/persistentData/.env
    cp /var/www/html/rconfig8/releases/$currentReleaseDir/horizon_supervisor.ini  /var/www/html/rconfig8/persistentData/horizon_supervisor.ini
    cp /var/www/html/rconfig8/releases/$currentReleaseDir/rconfig-vhost.conf  /var/www/html/rconfig8/persistentData/rconfig-vhost.conf
    cp -r /var/www/html/rconfig8/releases/$currentReleaseDir/storage  /var/www/html/rconfig8/persistentData/storage
    mv /var/www/html/rconfig8/releases/$currentReleaseDir/storage  /var/www/html/rconfig8/releases/$currentReleaseDir/storage_old

  5. Remove the distribution archive

    Terminal window
        cd /var/www/html/
        rm -f rconfig8-vectorserver.zip

  6. Create symbolic link to the current release directory

    Terminal window
      ln -s /var/www/html/rconfig8/releases/$currentReleaseDir /var/www/html/rconfig8/current

  7. Create symbolic link to the persistent data directory. This command establishes a symbolic link named storage within the /var/www/html/rconfig8/current/ directory referencing /var/www/html/rconfig8/persistentData

    Terminal window
        ln -s /var/www/html/rconfig8/persistentData/storage  /var/www/html/rconfig8/current/storage

  8. Create symbolic link for environment configuration file

    Terminal window
        ln -s /var/www/html/rconfig8/persistentData/.env /var/www/html/rconfig8/current/.env

  9. Create database instance in MySQL

    Terminal window
        mysql -u root -p
        create database rconfig;
        exit

    Create a database user account with appropriate credentials. The example below demonstrates the procedure; however, implement organizationally-appropriate username and password policies. The grant statement below creates the user and assigns privileges in a single operation.

    Terminal window
        GRANT ALL PRIVILEGES ON rconfig.* TO 'user1'@localhost IDENTIFIED BY 'password1';
        FLUSH PRIVILEGES;
        quit;

  10. Navigate to current directory

    Terminal window
        cd /var/www/html/rconfig8/current

  11. Configure the .env file, replacing placeholder values with environment-specific configuration:

    Terminal window
        vim .env
        ENVOY_APP_DEBUG=false
        ENVOY_APP_URL=https://YOURHOSTNAME.COM
        ENVOY_DBHOST=localhost (for local database)
        ENVOY_DBPORT=3306
        ENVOY_DBNAME=rconfig
        ENVOY_DBUSER=your_db_user
        ENVOY_DBPASS=your_db_password
        ENVOY_RCONFIG_API_TOKEN=your_api_token
    

        # Enable hard links for duplicate file optimization
        HARD_LINK=true

  12. Configure the supervisor configuration file (persistentData/horizon_supervisor.ini), replacing placeholder values:

    Terminal window
        vi /var/www/html/rconfig8/persistentData/horizon_supervisor.ini
    

        ENVOY_ARTISAN = /var/www/html/rconfig8/current/artisan
        ENVOY_STORAGE = /var/www/html/rconfig8/current/storage

  13. Create symbolic link for supervisor configuration file

    Terminal window
        ln -s /var/www/html/rconfig8/persistentData/horizon_supervisor.ini /etc/supervisord.d/horizon_supervisor.ini

  14. Configure Apache to utilize the rConfig virtual host configuration

    Terminal window
        cp /var/www/html/rconfig8/persistentData/rconfig-vhost.conf /etc/httpd/conf.d/rconfig-vhost.conf

  15. Configure the Apache virtual host file (rconfig-vhost.conf), replacing placeholder values:

    Terminal window
        vim /etc/httpd/conf.d/rconfig-vhost.conf
    

        ENVOY_SERVERNAME=YOURHOSTNAME.COM
        ENVOY_SERVERALIAS=YOURHOSTNAME.COM
        ENVOY_DOCROOT= /var/www/html/rconfig8

  16. Configure Laravel scheduled task execution

    Terminal window
        crontab -e
        * * * * *  php /var/www/html/rconfig8/current/artisan schedule:run >> /dev/null 2>&1
        # Save and exit editor
        # Verify configuration with 'crontab -l'

  17. Configure directory permissions

    Terminal window
        chown -R apache:apache /var/www/html/rconfig8
        chmod -R 775 /var/www/html/rconfig8/current/storage

  18. Execute database migrations. If errors occur, verify database credentials in the .env file

    Terminal window
        cd /var/www/html/rconfig8/current
        php artisan migrate

  19. Execute Laravel Horizon initialization commands

    Terminal window
        php artisan config:clear
        php artisan key:generate
        php artisan passport:install
        php artisan rconfig:sync-tasks
        php artisan rconfig:sync-search
        php artisan rconfig:clear-all
        chown -R apache:apache /var/www/html/rconfig8
        chmod -R 775 /var/www/html/rconfig8/current/storage

  20. Initialize RBAC permission structure

    Terminal window
    cd /var/www/html/rconfig8/current && php artisan rconfig:update-rbac-data

  21. Execute post-installation commands

    Terminal window
        php artisan rconfig:config-summaries-sync
        php artisan rconfig:append-compliance-report-data

  22. Restart required system services:

    • httpd
    • mariadb
    • supervisord

  23. Verify service operational status and version compliance:

    • httpd 2.4 or later
    • mariadb 10.3 or later / MySQL 5.7 or later
    • redis 5.0 or later
    • php 8.4 or later
    • supervisord 4.0 or later

  24. Verify network port accessibility:

    • Port 80 (HTTP)
    • Port 443 (HTTPS)

  25. Verify installation completion by accessing the rConfig web interface and authenticating with default credentials: