Initial Installation & Configuration

Note

Just looking on how to invoke the installer? When the live environment has been started just login with user installer and password opnids.

Architecture

The software setup and installation of OPNids® is available for x86-32 and x86-64 bit microprocessor architectures.

Install

Installs can run on SD memory cards, solid-state disks (SSD) or hard disk drives (HDD).

Warning

See the chapter Hardware Setup for further information on hardware requirements prior to an install.

Download

The OPNids distribution can be downloaded from one of our mirrors.

Installation Media

Depending on you hardware and use case different installation media are provided:

Type
Description
cdrom
ISO installer image with live system capabilities
running in VGA-only mode
vga
USB installer image with live system capabilities
running in VGA-only mode
serial
USB installer image with live system capabilities
running in serial console (115200) mode with
secondary VGA support (no kernel messages though)
nano
a preinstalled serial image for 4GB USB sticks,
SD or CF cards for use with embedded devices

Warning

Flash memory cards will only tolerate a limited number of writes and re-writes.

Media Filename Composition

Note

Please be ware that the latest installation media does not always correspond with the latest released version. OPNids installation images are provided on a regular bases together with major versions in January and July. More information on our release schedule is available from our package repository see website

OpenSSL & LibreSSL

OPNids images are provided based upon OpenSSL. The LibreSSL flavor can be selected from within the GUI ( System⇒Firmware⇒Settings ). In order to apply your choice an update must be performed after save, which can include a reboot of the system.

../_images/firmware_flavour.png

Installation Method

Download the installation image from one of the mirrors listed on the OPNids website.

The easiest method of installation is the USB-memstick installer. If your target platform has a serial interface choose the “serial image. 64-bit and 32-bit install images are provided. The following examples apply to both.

Write the image to a USB flash drive (>= 1GB) or an IDE hard disk, either with dd under FreeBSD or under Windows with physdiskwrite

Before writing an (iso) image you need to unpack it first (use bunzip2).

FreeBSD

dd if=OPNids-##.#.##-[Type]-[Architecture].img of=/dev/daX bs=16k

Where X = the device number of your USB flash drive (check dmesg)

Linux

dd  if=OPNids-##.#.##-[Type]-[Architecture].img of=/dev/sdX bs=16k

where X = the IDE device name of your USB flash drive (check with hdparm -i /dev/sdX) (ignore the warning about trailing garbage - it’s because of the digital signature)

OpenBSD

dd if=OPNids-##.#.##-[Type]-[Architecture].img of=/dev/rsd6c bs=16k

The device must be the ENTIRE device (in Windows/DOS language: the ‘C’ partition), and a raw I/O device (the ‘r’ in front of the device “sd6”), not a block mode device.

Mac OS X

sudo dd  if=OPNids-##.#.##-[Type]-[Architecture].img of=/dev/rdiskX bs=64k

where r = raw device, and where X = the disk device number of your CF card (check Disk Utility) (ignore the warning about trailing garbage - it’s because of the digital signature)

Windows

physdiskwrite -u OPNids-##.#.##-[Type]-[Architecture].img

(use v0.3 or later!)

Install Instructions

The boot process gives you the opportunity to run several optional configuration steps. It has been designed to always boot into a live environment in order to be able to access the GUI or even SSH directly. If a timeout was missed simply restart the boot procedure.

OPNids Importer

All images feature the new “opnids-importer” utility, which is now invoked instead of the early installer. You can stop the automatic timeout by pressing any key. Afterwards you will have the opportunity to select a disk to import from. If the option times out or the importer is exited without a disk selection, the factory defaults will be used for the boot.

The next prompt will be for manual interface selection. This step is well-established since OPNids 15.7 .

Live environment

The system will then continue into a live environment. If the config importer was used previously on an existing installation, the system will boot up with a fully functional setup, but will not overwrite the previous installation. Use this feature for safely previewing upgrades.

If you have used a CD-ROM, VGA, Serial image without a config import you are by default able to (a) log into the root shell using the user “root” with password “opnids”, or (b) log into the installer using the user “installer” with password “opnids”. The GUI will listen on https://192.168.1.1/ for user “root” with password “opnids”. Using SSH, the “root” and “installer” users are available as well on IP 192.168.1.1. Note that these install medias are read-only, which means your current live configuration will be lost after reboot.

../_images/boot1.png

Installation Steps

The installation process involves a few simple steps.

Note

To invoke the installer login with user installer and password opnids

../_images/boot3.png
  1. Configure console - The default configuration should be fine for most occasions. .. image:: ./images/install1.png
  2. Select task - The Default option should be fine for most occasions. Continue with default settings. .. image:: ./images/install2.png
  3. Are you SURE? - When proceeding OPNids will be installed on the first hard disk in the system. .. image:: ./images/install3.png
  4. Few more easy to answer questions: .. image:: ./images/install4.png .. image:: ./images/install5.png .. image:: ./images/install6.png .. image:: ./images/install7.png
  5. Reboot - The system is now installed and needs to be rebooted to continue with configuration. .. image:: ./images/install8.png

Warning

You will lose all files on the installation disk. If another disk is to be used then choose a Custom installation instead of the Quick/Easy Install.

Initial configuration

After installation the system will prompt you for the interface assignment, if you ignore this then default settings are applied. Installation ends with the login prompt.

By default you have to log in to enter the console.

../_images/setup3.png

Tip

A user can login to the console menu with his credentials. The default credentials after a fresh install are username “root” and password “opnids”.

VLANs and assigning interfaces
If choose to do manual interface assignment or when no config file can be found then you are asked to assign Interfaces and VLANs. VLANs are optional. If you do not need VLAN’s then choose no. You can always configure VLAN’s at a later time.
LAN, WAN and optional interfaces
The first interface is the LAN interface. Type the appropriate interface name, for example “em0”. The second interface is the WAN interface. Type the appropriate interface name, eg. “em1” . Possible additional interfaces can be assigned as OPT interfaces. If you assigned all your interfaces you can press [ENTER] and confirm the settings. OPNids will configure your system and present the login prompt when finished.
Minimum installation actions
In case of a minimum install setup (i.e. on CF cards), OPNids can be run with all standard features, expect for the ones that require extensive disk writes. Do not create a swap slice, but a RAM Disk instead. In the GUI enable System⇒Settings⇒Miscellaneous⇒RAM Disk Settings and set the size to 100-128 MB or more, depending on your available RAM. Afterwards reboot.

Enable RAM disk manually

../_images/Screenshot_Use_RAMdisks.png

Then via console, check your /etc/fstab and make sure your primary partition has rw,noatime instead of just rw.

Console

The console menu shows 13 options.

0) Logout                              7) Ping host
1) Assign interfaces                   8) Shell
2) Set interface IP address            9) pfTop
3) Reset the root password            10) Firewall log
4) Reset to factory defaults          11) Reload all services
5) Power off system                   12) Update from console
6) Reboot system                      13) Restore a backup

Table: The console menu

Upgrade from console

The other method to upgrade the system is via console option 12) Upgrade from console

*** OPNids.localdomain: OPNids 18.9.a_1 (amd64/OpenSSL) ***

 MGT (em0)       -> v4/DHCP4: 192.168.86.215/24
 TAP (em1)       -> v4/DHCP4: 192.168.86.214/24

  0) Logout                              7) Ping host
  1) Assign interfaces                   8) Shell
  2) Set interface IP address            9) pfTop
  3) Reset the root password            10) Firewall log
  4) Reset to factory defaults          11) Reload all services
  5) Power off system                   12) Update from console
  6) Reboot system                      13) Restore a backup

Enter an option: 12

Fetching change log information, please wait... done

This will automatically fetch all available updates, apply them,
and reboot if necessary.

A major firmware upgrade is available for this installation: 18.9.b

Make sure you have read the release notes and migration guide before
attempting this upgrade.  Around 400MB will need to be downloaded and
require 800MB of free space.  Continue with this major upgrade by
typing the major upgrade version number displayed above.

Minor updates may be available, answer 'y' to run them instead.

Proceed with this action? [18.9.b/y/N]: y

GUI

An update can be done through the GUI via System⇒Firmware⇒Updates.

../_images/firmware-update.png