Installing RIPS

Use the following steps to install RIPS On-Premises within a few minutes on your local server with the help of the RIPS installer.

Before starting the installation please make sure that all hardware and software requirements are fulfilled.

Preparation

Switch to a root shell, for example with sudo -i or su and install Docker CE as described in https://docs.docker.com/engine/installation/Do not use the Docker version that comes with your distribution, it might not be compatible with the installer.

The following example shows the installation of Docker on Ubuntu 18.04. A more detailed guide to install Docker on Ubuntu can be found in the official documentation.

Docker CE on Ubuntu
apt-get remove docker docker-engine docker.io containerd runc
apt-get update
apt-get install apt-transport-https ca-certificates curl gnupg-agent software-properties-common
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add -
add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
apt-get update
apt-get install docker-ce docker-ce-cli containerd.io

The following example shows the installation of Docker on CentOS 7. A more detailed guide to install Docker on CentOS can be found in the official documentation.

Docker CE on CentOS
yum remove docker docker-client docker-client-latest docker-common docker-latest docker-latest-logrotate docker-logrotate docker-engine
yum install -y yum-utils device-mapper-persistent-data lvm2
yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
yum install docker-ce docker-ce-cli containerd.io

Download

Create an installation directory with secure permissions.

mkdir -p /opt/rips
chown root:root /opt/rips
chmod 750 /opt/rips

Download the installer rips3.py from https://files.ripstech.com/installer/rips3.py and make it executable.

wget https://files.ripstech.com/installer/rips3.py -O /opt/rips/rips3.py
chown root:root /opt/rips/rips3.py
chmod 755 /opt/rips/rips3.py

Installation

Simple

To install RIPS on your server run rips3.py rips:install --api-url http://rips.intranet.example.org:8080. The parameter --api-url sets the address of the API. Please replace rips.intranet.example.org with the external IP address or domain name of your RIPS server, otherwise the user interface will not be able to contact the API. The parameter is only used to tell the user interface where to find the API, it does not change the port that is opened.

For a full list of all parameters please see RIPS Installer Tool.

/opt/rips/rips3.py rips:install --api-url http://rips.intranet.example.org:8080

The installer will ask for your download credentials. Please refer to your purchase email for your user name and password. At the end of the process, the installer creates a new user account and you can set your private account credentials.

Advanced

It is highly recommend to place a HTTP reverse proxy in front of RIPS for TLS encryption, access logging, and similar tasks. This section explains how RIPS and the reverse proxy have to be configured to do this.

In the following simplified image you can see the intended architecture: HTTP requests are send to the reverse proxy (e.g., NGINX, Apache, Lighttpd). The reverse proxy forwards them to the UI and API web servers, and sends the responses back to the users.

Direct access to the UI and API should be prevented by binding their addresses to localhost with the parameters --ui-address 127.0.0.1 and --api-address 127.0.0.1. The UI port should be changed from the default value 80 to a different value. In this example we will assume that --ui-port 9090 is used. Make sure to set the address of the reverse proxy as API URL, for example --api-url https://api.rips.intranet.example.org. This address is used by the user interface to connect from the clients browsers to the API. An incorrect API URL will result in connection problems when using the user interface.

/opt/rips/rips3.py rips:install --api-url https://api.rips.intranet.example.org --ui-port 9090 --ui-address 127.0.0.1 --api-address 127.0.0.1

If RIPS is already installed you can use rips:config instead of rips:install to change your settings. Make sure to reset your browser cache after changing the API URL.

/opt/rips/rips3.py rips:config --api-url https://api.rips.intranet.example.org --ui-port 9090 --ui-address 127.0.0.1 --api-address 127.0.0.1 --restart

To proceed select and install a web server of your choice and add vhosts for both the UI and the API. The following configuration templates can be used. Make sure to increase the timeout settings for the API since certain requests may take longer than the default timeout.

NGINX

server {
    listen 443 ssl;
    include /etc/nginx/ssl.conf;
    server_name ui.rips.intranet.example.org;

    location / {
        proxy_pass http://127.0.0.1:9090;
    }
}
server {
    listen 443 ssl;
    include /etc/nginx/ssl.conf;
    server_name api.rips.intranet.example.org;

    location / {
        proxy_connect_timeout 60;
        proxy_send_timeout 600;
        proxy_read_timeout 600;
        proxy_pass http://127.0.0.1:8080;
        client_max_body_size 900M;
    }
}

For additional resources please refer to:

Apache

The modules mod_proxy and mod_proxy_http have to be enabled.

<VirtualHost *:443>
  ServerName ui.rips.intranet.example.org
  Include /etc/apache2/ssl.conf

  ProxyPass / http://127.0.0.1:9090/
  ProxyPassReverse / http://127.0.0.1:9090/
</VirtualHost>
<VirtualHost *:443>
  ServerName api.rips.intranet.example.org
  Include /etc/apache2/ssl.conf

  ProxyPass / http://127.0.0.1:8080/ timeout=600
  ProxyPassReverse / http://127.0.0.1:8080/
</VirtualHost>

For additional resources please refer to:

Offline

It is possible to install RIPS on a system that is not connected to the Internet. To do this the RIPS images first have to be downloaded on a system that is connected to the Internet with the help of the installer.

/opt/rips/rips3.py rips:download

The images have to be moved to the RIPS server where they can be used to install RIPS. Simply specify the path to the images through the environment variable RIPS_OFFLINE_IMAGES and continue with the normal installation.

export RIPS_OFFLINE_IMAGES=images.tar

Activation

If you have chosen the simple installation you can now access RIPS by visiting http://rips.intranet.example.org. If you have chosen the advanced installation you have to configure a reverse proxy before you can access RIPS at https://ui.rips.intranet.example.orgFor setup completion you need a license key. To obtain your license key, please send your (hardware) id to licensing@ripstech.com