How to Install i-doit Asset Management Tool on Debian 10
i-doit is a free, open-source and IT documentation solution based on the configuration management database. It is a web-based tool that can be used to manage the entire IT system according to ITIL best practices. With this tool, you can keep track of software and hardware assets, their relations and visualize the relationships between these components. You can store, maintain and organize all IT documentation information in one place. It can be easily interfaced to other applications like, Nagios and Request Tracker that allows you to enter the data only once in the ITSM environment.
i-doit enables you to create a detailed overview of your entire IT-infrastructure for all kinds of assets including, servers, SAN, graphical rack views, clusters and blade/chassis systems. It comes with a rich set of features including, IT Documentation, Inventory, Infrastructure Planning, Asset Management, Virtual systems, IP Address Management, Storage Area Networks, Cable Management, Ticket System and many more.
In this tutorial, we will show you how to install and configure i-doit Asset Management Tool on Debian 10.
Prerequisites
- A server running Debian 10 with minimu 2GB RAM.
- A valid domain name is pointed with your server IP address. In this tutorial, we will use idoit.linuxbuz.com.
- A root password is configured on each server.
Getting Started
Before starting, it is a good idea to update your system with the latest version. You can update your system with the following command:
apt-get update -y
apt-get upgrade -y
After updating the system, restart it to implement the changes.
Install LAMP Server
First, you will need to install the Apache, MariaDB, PHP and other required PHP extensions to your system. You can install all of them with the following command:
apt-get install apache2 mariadb-server libapache2-mod-php php php-common php-curl php-bcmath php-gd php-json php-ldap php-mbstring php-mysql php-opcache php-pgsql php-soap php-xml php-soap php-zip php-memcached php-imagick unzip memcached moreutils -y
Once all the packages are installed, you will need to create a separate i-doit.ini PHP file with required settings.
You can create it with the following command:
nano /etc/php/7.3/mods-available/i-doit.ini
Add the following lines:
allow_url_fopen = Yes file_uploads = On magic_quotes_gpc = Off max_execution_time = 300 max_file_uploads = 42 max_input_time = 60 max_input_vars = 10000 memory_limit = 256M post_max_size = 128M register_argc_argv = On register_globals = Off short_open_tag = On upload_max_filesize = 128M display_errors = Off display_startup_errors = Off error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT log_errors = On default_charset = "UTF-8" default_socket_timeout = 60 date.timezone = Asia/Kolkata session.gc_maxlifetime = 604800 session.cookie_lifetime = 0 mysqli.default_socket = /var/run/mysqld/mysqld.sock
Save and close the file when you are finished. Then, enable the required PHP modules with the following command:
phpenmod i-doit
phpenmod memcached
Finally, restart the Apache service to implement the changes:
systemctl restart apache2
Configure MariaDB for i-doit
Next, you will need to set a MariaDB root password as it is not set in the Debian 10.
To do so, log in to MariaDB shell with the following command:
mysql
Once login, set a MariaDB root password with the following command:
MariaDB [(none)]> SET PASSWORD FOR 'root'@'localhost' = PASSWORD("yournewpassword");
Next, set the MariaDB authentication plugin to mysql_native_password with the following command:
MariaDB [(none)]> SET GLOBAL innodb_fast_shutdown = 0;
MariaDB [(none)]> UPDATE mysql.user SET plugin = 'mysql_native_password' WHERE User = 'root';
Next, flush the privileges and exit from the MariaDB shell with the following command:
MariaDB [(none)]> FLUSH PRIVILEGES;
MariaDB [(none)]> EXIT;
Next, create a separate MariaDB configuration file for optimal performance:
nano /etc/mysql/mariadb.conf.d/99-i-doit.cnf
Add the following lines:
[mysqld] innodb_buffer_pool_size = 1G innodb_buffer_pool_instances = 1 innodb_log_file_size = 512M innodb_sort_buffer_size = 64M sort_buffer_size = 262144 # default join_buffer_size = 262144 # default max_allowed_packet = 128M max_heap_table_size = 32M query_cache_min_res_unit = 4096 query_cache_type = 1 query_cache_limit = 5M query_cache_size = 80M tmp_table_size = 32M max_connections = 200 innodb_file_per_table = 1 innodb_thread_concurrency = 0 innodb_flush_log_at_trx_commit = 1 innodb_flush_method = O_DIRECT innodb_lru_scan_depth = 2048 table_definition_cache = 1024 table_open_cache = 2048 innodb_stats_on_metadata = 0 sql-mode = ""
Finally, restart the MariaDB service to apply the changes:
systemctl restart mariadb
Download i-doit
At the time of writing this article the latest version of i-doit is 1.14. You can download it with the following command:
wget https://excellmedia.dl.sourceforge.net/project/i-doit/i-doit/1.14/idoit-open-1.14.zip
Once the download is completed, unzip the downloaded file to the Apache root directory:
unzip idoit-open-1.14.zip -d /var/www/html/idoit
Next, give proper permissions to the i-doit direcotry:
chown -R www-data:www-data /var/www/html/idoit/
chmod -R 775 /var/www/html/idoit/
Once you are finished, you can proceed to the next step.
Configure Apache for i-doit
Next, you will need to configure an Apache virtual host configuration file for i-doit. You can create it with the following command:
nano /etc/apache2/sites-available/idoit.conf
Add the following lines:
<VirtualHost *:80> ServerAdmin [email protected] ServerName idoit.linuxbuz.com DirectoryIndex index.php DocumentRoot /var/www/html/idoit <Directory /var/www/html/idoit> AllowOverride All Require all granted </Directory> LogLevel warn ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined </VirtualHost>
Save and close the file when you are finished. Then, enable the i-doit virtual host file and Apache rewrite module with the following command:
a2ensite i-doit
a2enmod rewrite
Finally, restart the Apache service to implement the changes:
systemctl restart apache2
Access i-doit Web Interface
Open your web browser and type the URL http://idoit.linuxbuz.com. You will be redirected to the following page:
Make sure all the required PHP extension are installed, then click on the Next button. You should see the following page:
Check the suggested directory and click on the Next button. You should see the following page:
Provide the MariaDB root username, password, a new database username, password, system database name and click on the Next button. You should see the following page:
Provide your Admin username, password and click on the Next button. You should see the following page:
Next, verify all the configuration and click on the Next button. You should see the following page:
Click on the Next button to start the installation. Once the installation is finished, you should see the following page:
Provide your admin username, password and click on the Login button. You should see the i-doit dashboard in the following page:
Secure i-doit with Let's Encrypt Free SSL
After installing i-doit, it is recommended to secure it with Let's Encrypt free SSL. You can secure it with Certbot client.
By default, the Certbot client package is not available in the Debian 10 default repository. You can add it with the following command:
echo "deb http://ftp.debian.org/debian buster-backports main" >> /etc/apt/sources.list
Next, update the repository and install the Certbot client with the following command:
apt-get update -y
apt-get install python-certbot-apache -t buster-backports
Once installed, run the following command to obtain and install the SSL certificate for your domain:
certbot --apache -d idoit.linuxbuz.com
You will be prompt to accept the term of service and provide your valid email address as shown below:
Saving debug log to /var/log/letsencrypt/letsencrypt.log Plugins selected: Authenticator apache, Installer apache Enter email address (used for urgent renewal and security notices) (Enter 'c' to cancel): [email protected] - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Please read the Terms of Service at https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must agree in order to register with the ACME server at https://acme-v02.api.letsencrypt.org/directory - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - (A)gree/(C)ancel: A - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Would you be willing to share your email address with the Electronic Frontier Foundation, a founding partner of the Let's Encrypt project and the non-profit organization that develops Certbot? We'd like to send you email about our work encrypting the web, EFF news, campaigns, and ways to support digital freedom. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - (Y)es/(N)o: Y Obtaining a new certificate Performing the following challenges: http-01 challenge for idoit.linuxbuz.com Waiting for verification... Cleaning up challenges Created an SSL vhost at /etc/apache2/sites-available/idoit-le-ssl.conf Enabled Apache socache_shmcb module Enabled Apache ssl module Deploying Certificate to VirtualHost /etc/apache2/sites-available/idoit-le-ssl.conf Enabling available site: /etc/apache2/sites-available/idoit-le-ssl.conf Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access.
Next, you will need to choose whether or not to redirect HTTP traffic to HTTPS as shown below:
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 1: No redirect - Make no further changes to the webserver configuration. 2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for new sites, or if you're confident your site works on HTTPS. You can undo this change by editing your web server's configuration. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2
Type 2 and hit Enter to continue. Once the installation has been completed, you should get the following output:
Redirecting vhost in /etc/apache2/sites-enabled/idoit.conf to ssl vhost in /etc/apache2/sites-available/idoit-le-ssl.conf - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Congratulations! You have successfully enabled https://idoit.linuxbuz.com You should test your configuration at: https://www.ssllabs.com/ssltest/analyze.html?d=idoit.linuxbuz.com - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - IMPORTANT NOTES: - Congratulations! Your certificate and chain have been saved at: /etc/letsencrypt/live/idoit.linuxbuz.com/fullchain.pem Your key file has been saved at: /etc/letsencrypt/live/idoit.linuxbuz.com/privkey.pem Your cert will expire on 2020-04-30. To obtain a new or tweaked version of this certificate in the future, simply run certbot again with the "certonly" option. To non-interactively renew *all* of your certificates, run "certbot renew" - Your account credentials have been saved in your Certbot configuration directory at /etc/letsencrypt. You should make a secure backup of this folder now. This configuration directory will also contain certificates and private keys obtained by Certbot so making regular backups of this folder is ideal. - If you like Certbot, please consider supporting our work by: Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate Donating to EFF: https://eff.org/donate-le
Congratulations! your i-doit website is now secured with Let's Encrypt SSL. You can now access it securely using the URL https://idoit.linuxbuz.com.
Conclusion
In the above tutorial, we learned how to install the i-doit asset management tool on Debian 10. we also learned how to secure it with Let's Encrypt free SSL. You can now manage your entire IT documentation using the i-doit web interface.