Skip to main content
Skip table of contents

EMX Local 4.0 Installation Guide - RHEL 9

Pre-configuration

RHEL requires you to be logged in with a Red Hat account in order to use their default package repositories. Register an account at redhat.com, then follow the steps here to link the system to your account.

Installation

Note: All listed commands should be run by the root user unless otherwise specified.

System Configuration

Start by setting the system timezone to UTC.

CODE
ln -sf /usr/share/zoneinfo/UTC /etc/localtime

Third-Party Software Repositories

EPEL (Extra Packages for Enterprise Linux)

CODE
ARCH=$(/bin/arch)
subscription-manager repos --enable "codeready-builder-for-rhel-9-${ARCH}-rpms"
yum install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm

REMI (Remi’s RPM Repo 8)

Contains many releases of PHP and its accompanying modules.

CODE
yum install -y https://rpms.remirepo.net/enterprise/remi-release-9.rpm

Third-Party Software Installation

System Utilities

CODE
yum install -y git wget nano

Node.js

CODE
yum install -y --enablerepo=epel gcc-c++ make mosquitto
curl -fsSL https://rpm.nodesource.com/setup_18.x -o nodesource_setup.sh
sudo bash nodesource_setup.sh
sudo yum install -y nodejs

LAMP Stack

CODE
sudo dnf module enable php:remi-8.1
yum install -y --enablerepo=remi httpd php php-snmp php-bcmath php-cli php-common php-devel php-intl php-mbstring php-mysqlnd php-opcache php-pdo php-pecl-apcu php-xml policycoreutils-python-utils python3 python3-policycoreutils

# Use prefork module to run php under apache
echo 'LoadModule mpm_prefork_module modules/mod_mpm_prefork.so' > /etc/httpd/conf.modules.d/00-mpm.conf

Mosquitto

CODE
sudo yum -y install mosquitto

systemctl start mosquitto
systemctl enable mosquitto

Third-Party Software Configuration

PHP

Configure PHP timezone:
CODE
echo 'date.timezone = UTC' > /etc/php.d/00-datetime.ini
Install IonCube Loader
CODE
wget http://downloads3.ioncube.com/loader_downloads/ioncube_loaders_lin_x86-64.tar.gz
tar -xzf ioncube_loaders_lin_x86-64.tar.gz
cp ioncube/ioncube_loader_lin_8.1.so /usr/lib64/php/modules/
echo 'zend_extension=ioncube_loader_lin_8.1.so' > /etc/php.d/05-ioncube.ini

MySQL Database Server

Install MySQL
CODE
yum install -y mysql-server

cat <<EOT >> /etc/my.cnf
innodb-file-per-table = on
event-scheduler = on
explicit_defaults_for_timestamp = off
sql-mode = "NO_ENGINE_SUBSTITUTION"
[mysqld]
log_bin_trust_function_creators = 1
EOT
systemctl restart mysqld.service
Configure User Access
CODE
# Optional: update mysql root password 
mysql_secure_installation
# Login to MySQL
mysql -uroot -p
 
# Change the root password
ALTER USER 'root'@'localhost' IDENTIFIED BY 'MyNewP4ssword$';
 
# Create an EMX user
CREATE USER 'emx'@'localhost' IDENTIFIED BY 'S3cretP4ssword$';
GRANT ALL PRIVILEGES ON `emx`.* TO 'emx'@'localhost';
 
# Create an EMX database
CREATE DATABASE `emx`;
 
exit

Firewall Configuration

Only one firewall, if any, should be running. Which is running depends on the specifics of your installation, but below are example configurations for the three most common: dftables, iptables, or firewalld.

Option 1: Using firewalld
CODE
firewall-cmd --zone=public --permanent --add-service=http
firewall-cmd --zone=public --permanent --add-service=https
firewall-cmd --zone=public --permanent --add-port=8080/tcp
systemctl restart firewalld.service
Option 2: Using nftables
CODE
nft insert rule ip filter INPUT ct state new  tcp dport 80 counter accept
nft insert rule ip filter INPUT ct state new  tcp dport 443 counter accept
nft insert rule ip filter INPUT ct state new  tcp dport 8080 counter accept
nft list ruleset >> /etc/sysconfig/nftables.conf
# Note that the systemd service should be enabled to automatically reload these settings on reboot.
# systemctl enable nftables
Option 3: Using iptables
CODE
iptables -I INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
iptables -I INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT
iptables -I INPUT -m state --state NEW -m tcp -p tcp --dport 8080 -j ACCEPT
iptables-save > /etc/sysconfig/iptables

Apache Web Server

Setup directory access
CODE
rm -rf /var/www
mkdir /var/www
chown apache.apache /var/www
sed -i'' 's#/var/www/html#/var/www#g' /etc/httpd/conf/httpd.conf
Configure SELinux policies
CODE
semanage fcontext -a -t httpd_sys_content_t "/var/www(/.*)?"
semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/config.php"
semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/uploads(/.*)?"
restorecon -R -v /var/www
setsebool -P httpd_can_network_connect 1
setsebool -P httpd_can_network_connect_db 1
setsebool -P httpd_can_sendmail 1
setsebool -P httpd_unified 1
Configure Apache sites
CODE
rm -f /etc/httpd/conf.d/welcome.conf
cat <<EOT > /etc/httpd/conf.d/emx.conf
<VirtualHost *:80>
 ServerName default
 DocumentRoot "/var/www"
 <Directory "/var/www">
 Options Indexes FollowSymLinks
 AllowOverride All
 DirectoryIndex index.php
 </Directory>
 ErrorLog "/var/log/httpd/emx_error.log"
 ServerSignature Off
 CustomLog "/var/log/httpd/emx_access.log" combined
</VirtualHost>
EOT
Restart Apache
CODE
systemctl enable httpd
systemctl restart httpd

PM2

CODE
# Install PM2 process monitor
npm i -g pm2

Packet Power Software Installation

EMX/OPX3

Install OPX3 Package
CODE
# Drop the OPX .rpm on the server first using scp, wget, or some other means; then:
rpm -ivh install packetpower-opx2-*.rpm --ignoreos

# Edit MySQL credentials using `nano`, `vim`, or `cat` as below:
cat <<EOT > /var/pacpow-opx/config/mysql.json
{
  "host": "localhost",
  "user": "emx",
  "password": "S3cretP4ssword$",
  "database": "emx"
}
EOT

cat <<EOT > /var/pacpow-opx/config/mqtt.json
{
  "url": "mqtt://localhost:1883",
  "user": null,
  "password": null
}
EOT
cat <<EOT > /var/pacpow-opx/config/e4-api-mqtt.config.json
{
  "mqtt": {
    "url": "mqtt://localhost:1883",
    "options" : {
      "user": null,
      "password": null
    }
  },
  "emx": {
    "host":"localhost",
    "port":80
  },
  "jdrTopic":"@p2/JDR",
  "panelTopic":"@p2/PANEL"
}
EOT
Install EMX Package
CODE
# Drop the EMX .rpm on the server first using scp, wget, or some other means; then:
rpm -ivh packetpower-emx-*.x86_64.rpm --nodeps

# Create the support_files directory for storing firmware, etc.
mkdir -p /var/www/public/support_files/
chown apache.apache /var/www/public/support_files/
Reset Permissions
CODE
chown apache.apache /var/www/config.php
restorecon -R -v /var/www
Start OPX processes
CODE
# Run OPX processes with PM2 task manager
(cd /var/pacpow-opx && pm2 start config/ecosystem.config.js)
pm2 save
pm2 startup
(Optional) Update Support Files

Note: the support files directory is hard-coded to /public/support_files, though it should be possible to symlink it to another location if necessary.  It contains node firmware files that can be sent remotely to gateways in order to broadcast updates over the mesh network. This is an optional step that's included just for the sake of completeness.

CODE
# (Optional) Copy over desired firmware files
sudo cp ~/uploaded_files/node.*.bin /var/www/public/support_files/ 

# Tell SELinux to recursively restore the security context
# !! NOTE: This must be done after *every* update to the support_files folder!
restorecon -R -v /var/www

EMX Web Installer

Finally, complete the setup by navigating a browser to the IP address of the EMX server.  You will be greeted with a setup screen, which will prompt you for the following information:

  • MySQL credentials

  • Mosquitto configuration (used by OPX3)

    • The following is the default mosquitto configuration:

      • Hostname: 127.0.0.1 (or the IPv4 address of the appropriate server)

      • Username: blank

      • Password: blank

      • Port: 1883

  • (Optional) The SMTP server credentials to be used for alerting capabilities 

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.