Initial Installation & Configuration¶
Just looking on how to invoke the installer? When the live environment has been started just login with user installer and password opnids.
See the chapter Hardware Setup for further information on hardware requirements prior to an install.
Depending on you hardware and use case different installation media are provided:
ISO installer image with live system capabilities
running in VGA-only mode
USB installer image with live system capabilities
running in VGA-only mode
USB installer image with live system capabilities
running in serial console (115200) mode with
secondary VGA support (no kernel messages though)
a preinstalled serial image for 4GB USB sticks,
SD or CF cards for use with embedded devices
Flash memory cards will only tolerate a limited number of writes and re-writes.
Media Filename Composition¶
Please be ware that the latest installation media does not always correspond with the latest released version. OPNids installation images are provided on a regular bases together with major versions in January and July. More information on our release schedule is available from our package repository see website
OpenSSL & LibreSSL¶
OPNids images are provided based upon OpenSSL. The LibreSSL flavor can be selected from within the GUI ( System⇒Firmware⇒Settings ). In order to apply your choice an update must be performed after save, which can include a reboot of the system.
Download the installation image from one of the mirrors listed on the OPNids website.
The easiest method of installation is the USB-memstick installer. If your target platform has a serial interface choose the “serial image. 64-bit and 32-bit install images are provided. The following examples apply to both.
Write the image to a USB flash drive (>= 1GB) or an IDE hard disk, either with dd under FreeBSD or under Windows with physdiskwrite
Before writing an (iso) image you need to unpack it first (use bunzip2).
dd if=OPNids-##.#.##-[Type]-[Architecture].img of=/dev/daX bs=16k
Where X = the device number of your USB flash drive (check
dd if=OPNids-##.#.##-[Type]-[Architecture].img of=/dev/sdX bs=16k
where X = the IDE device name of your USB flash drive (check with hdparm -i /dev/sdX) (ignore the warning about trailing garbage - it’s because of the digital signature)
dd if=OPNids-##.#.##-[Type]-[Architecture].img of=/dev/rsd6c bs=16k
The device must be the ENTIRE device (in Windows/DOS language: the ‘C’ partition), and a raw I/O device (the ‘r’ in front of the device “sd6”), not a block mode device.
Mac OS X
sudo dd if=OPNids-##.#.##-[Type]-[Architecture].img of=/dev/rdiskX bs=64k
where r = raw device, and where X = the disk device number of your CF card (check Disk Utility) (ignore the warning about trailing garbage - it’s because of the digital signature)
physdiskwrite -u OPNids-##.#.##-[Type]-[Architecture].img
(use v0.3 or later!)
The boot process gives you the opportunity to run several optional configuration steps. It has been designed to always boot into a live environment in order to be able to access the GUI or even SSH directly. If a timeout was missed simply restart the boot procedure.
All images feature the new “opnids-importer” utility, which is now invoked instead of the early installer. You can stop the automatic timeout by pressing any key. Afterwards you will have the opportunity to select a disk to import from. If the option times out or the importer is exited without a disk selection, the factory defaults will be used for the boot.
The next prompt will be for manual interface selection. This step is well-established since OPNids 15.7 .
The system will then continue into a live environment. If the config importer was used previously on an existing installation, the system will boot up with a fully functional setup, but will not overwrite the previous installation. Use this feature for safely previewing upgrades.
If you have used a CD-ROM, VGA, Serial image without a config import you are by default able to (a) log into the root shell using the user “root” with password “opnids”, or (b) log into the installer using the user “installer” with password “opnids”. The GUI will listen on https://192.168.1.1/ for user “root” with password “opnids”. Using SSH, the “root” and “installer” users are available as well on IP 192.168.1.1. Note that these install medias are read-only, which means your current live configuration will be lost after reboot.
The installation process involves a few simple steps.
To invoke the installer login with user installer and password opnids
- Configure console - The default configuration should be fine for most occasions. .. image:: ./images/install1.png
- Select task - The Default option should be fine for most occasions. Continue with default settings. .. image:: ./images/install2.png
- Are you SURE? - When proceeding OPNids will be installed on the first hard disk in the system. .. image:: ./images/install3.png
- Few more easy to answer questions: .. image:: ./images/install4.png .. image:: ./images/install5.png .. image:: ./images/install6.png .. image:: ./images/install7.png
- Reboot - The system is now installed and needs to be rebooted to continue with configuration. .. image:: ./images/install8.png
You will lose all files on the installation disk. If another disk is to be used then choose a Custom installation instead of the Quick/Easy Install.
After installation the system will prompt you for the interface assignment, if you ignore this then default settings are applied. Installation ends with the login prompt.
By default you have to log in to enter the console.
A user can login to the console menu with his credentials. The default credentials after a fresh install are username “root” and password “opnids”.
- VLANs and assigning interfaces
- If choose to do manual interface assignment or when no config file can be found then you are asked to assign Interfaces and VLANs. VLANs are optional. If you do not need VLAN’s then choose no. You can always configure VLAN’s at a later time.
- LAN, WAN and optional interfaces
- The first interface is the LAN interface. Type the appropriate interface name, for example “em0”. The second interface is the WAN interface. Type the appropriate interface name, eg. “em1” . Possible additional interfaces can be assigned as OPT interfaces. If you assigned all your interfaces you can press [ENTER] and confirm the settings. OPNids will configure your system and present the login prompt when finished.
- Minimum installation actions
- In case of a minimum install setup (i.e. on CF cards), OPNids can be run with all standard features, expect for the ones that require extensive disk writes. Do not create a swap slice, but a RAM Disk instead. In the GUI enable System⇒Settings⇒Miscellaneous⇒RAM Disk Settings and set the size to 100-128 MB or more, depending on your available RAM. Afterwards reboot.
Enable RAM disk manually
Then via console, check your /etc/fstab and make sure your primary partition has rw,noatime instead of just rw.
The console menu shows 13 options.
0) Logout 7) Ping host 1) Assign interfaces 8) Shell 2) Set interface IP address 9) pfTop 3) Reset the root password 10) Firewall log 4) Reset to factory defaults 11) Reload all services 5) Power off system 12) Update from console 6) Reboot system 13) Restore a backup
Table: The console menu
Upgrade from console
The other method to upgrade the system is via console option 12) Upgrade from console
*** OPNids.localdomain: OPNids 18.9.a_1 (amd64/OpenSSL) *** MGT (em0) -> v4/DHCP4: 192.168.86.215/24 TAP (em1) -> v4/DHCP4: 192.168.86.214/24 0) Logout 7) Ping host 1) Assign interfaces 8) Shell 2) Set interface IP address 9) pfTop 3) Reset the root password 10) Firewall log 4) Reset to factory defaults 11) Reload all services 5) Power off system 12) Update from console 6) Reboot system 13) Restore a backup Enter an option: 12 Fetching change log information, please wait... done This will automatically fetch all available updates, apply them, and reboot if necessary. A major firmware upgrade is available for this installation: 18.9.b Make sure you have read the release notes and migration guide before attempting this upgrade. Around 400MB will need to be downloaded and require 800MB of free space. Continue with this major upgrade by typing the major upgrade version number displayed above. Minor updates may be available, answer 'y' to run them instead. Proceed with this action? [18.9.b/y/N]: y
An update can be done through the GUI via System⇒Firmware⇒Updates.