Use the following steps to install RIPS On-Premises within a few minutes on your local server with the help of the RIPS installer.
Before starting the installation please make sure that all hardware and software requirements are fulfilled.
Switch to a root shell, for example with sudo -i or su and install Docker CE as described in https://docs.docker.com/engine/installation/. Do not use the Docker version that comes with your distribution, it might not be compatible with the installer.
The following example shows the installation of Docker on Ubuntu 18.04. A more detailed guide to install Docker on Ubuntu can be found in the official documentation.
The following example shows the installation of Docker on CentOS 7. A more detailed guide to install Docker on CentOS can be found in the official documentation.
Create an installation directory with secure permissions.
Download the installer rips3.py from https://files.ripstech.com/installer/rips3.py and make it executable.
To install RIPS on your server run rips3.py rips:install --api-url The parameter --api-url sets the address of the API. Please replace rips.intranet.example.org with the external IP address or domain name of your RIPS server, otherwise the user interface will not be able to contact the API. The parameter is only used to tell the user interface where to find the API, it does not change the port that is opened..
For a full list of all parameters please see RIPS Installer Tool.
The installer will ask for your download credentials. Please refer to your purchase email for your user name and password. At the end of the process, the installer creates a new user account and you can set your private account credentials.
For security reasons LDAP support is disabled by default. If you would like to enable LDAP please use the parameter --ldap=1. You can find more information about the configuration of LDAP in the user guide.
It is highly recommend to place a HTTP reverse proxy in front of RIPS for TLS encryption, access logging, and similar tasks. This section explains how RIPS and the reverse proxy have to be configured to do this.
In the following simplified image you can see the intended architecture: HTTP requests are send to the reverse proxy (e.g., NGINX, Apache, Lighttpd). The reverse proxy forwards them to the UI and API web servers, and sends the responses back to the users.
Direct access to the UI and API should be prevented by binding their addresses to localhost with the parameters --ui-address 127.0.0.1 and --api-address 127.0.0.1. The UI port should be changed from the default value 80 to a different value. In this example we will assume that --ui-port 9090 is used. Make sure to set the address of the reverse proxy as API URL, for example --api-url
To proceed select and install a web server of your choice and add vhosts for both the UI and the API. The following configuration templates can be used. Make sure to increase the timeout settings for the API since certain requests may take longer than the default timeout.
If you are running SELinux make sure that httpd_can_network_connect is set to true. You can enable it by running:
For additional resources please refer to:
The modules mod_proxy and mod_proxy_http have to be enabled.
For additional resources please refer to:
It is possible to install RIPS on a system that is not connected to the Internet. To do this the RIPS images first have to be downloaded on a system that is connected to the Internet with the help of the installer.
The images have to be moved to the RIPS server where they can be used to install RIPS. Simply specify the path to the images through the environment variable RIPS_OFFLINE_IMAGES and continue with the normal installation.
If you have chosen the simple installation you can now access RIPS by visiting http://rips.intranet.example.org. If you have chosen the advanced installation you have to configure a reverse proxy before you can access RIPS at https://ui.rips.intranet.example.org. For setup completion you need a license key. To obtain your license key, please send your (hardware) id to email@example.com