| 4 |
- |
1 |
################################################################################
|
|
|
2 |
#
|
|
|
3 |
# OCS Inventory NG Communication Server Perl Module Setup
|
|
|
4 |
#
|
|
|
5 |
# Copyleft 2006 Pascal DANEK
|
|
|
6 |
# Web: http://www.ocsinventory-ng.org
|
|
|
7 |
#
|
|
|
8 |
# This code is open source and may be copied and modified as long as the source
|
|
|
9 |
# code is always made freely available.
|
|
|
10 |
# Please refer to the General Public Licence http://www.gnu.org/ or Licence.txt
|
|
|
11 |
################################################################################
|
|
|
12 |
|
|
|
13 |
|
|
|
14 |
# Which version of mod_perl we are using
|
|
|
15 |
# For mod_perl <= 1.999_21, replace 2 by 1
|
|
|
16 |
# For mod_perl > 1.999_21, replace 2 by 2
|
|
|
17 |
PerlSetEnv OCS_MODPERL_VERSION 2
|
|
|
18 |
|
|
|
19 |
# Master Database settings
|
|
|
20 |
# Replace localhost by hostname or ip of MySQL server for WRITE
|
|
|
21 |
PerlSetEnv OCS_DB_HOST localhost
|
|
|
22 |
# Replace 3306 by port where running MySQL server, generally 3306
|
|
|
23 |
PerlSetEnv OCS_DB_PORT 3306
|
|
|
24 |
# Name of database
|
|
|
25 |
PerlSetEnv OCS_DB_NAME ocsweb
|
|
|
26 |
PerlSetEnv OCS_DB_LOCAL ocsweb
|
|
|
27 |
# User allowed to connect to database
|
|
|
28 |
PerlSetEnv OCS_DB_USER ocs
|
|
|
29 |
# Password for user
|
|
|
30 |
PerlSetVar OCS_DB_PWD ocs
|
|
|
31 |
|
|
|
32 |
# Slave Database settings
|
|
|
33 |
# Replace localhost by hostname or ip of MySQL server for READ
|
|
|
34 |
# Useful if you handle mysql slave databases
|
|
|
35 |
# PerlSetEnv OCS_DB_SL_HOST localhost
|
|
|
36 |
# Replace 3306 by port where running MySQL server, generally 3306
|
|
|
37 |
# PerlSetEnv OCS_DB_SL_PORT_SLAVE 3306
|
|
|
38 |
# User allowed to connect to database
|
|
|
39 |
# PerlSetEnv OCS_DB_SL_USER ocs
|
|
|
40 |
# Name of the database
|
|
|
41 |
# PerlSetEnv OCS_DB_SL_NAME ocsweb
|
|
|
42 |
# Password for user
|
|
|
43 |
# PerlSetVar OCS_DB_SL_PWD ocs
|
|
|
44 |
|
|
|
45 |
# Path to log directory (must be writeable)
|
|
|
46 |
PerlSetEnv OCS_OPT_LOGPATH "/var/log/ocsinventory-server"
|
|
|
47 |
|
|
|
48 |
# If you need to specify a mysql socket that the client's built-in
|
|
|
49 |
#PerlSetVar OCS_OPT_DBI_MYSQL_SOCKET "path/to/mysql/unix/socket"
|
|
|
50 |
# DBI verbosity
|
|
|
51 |
PerlSetEnv OCS_OPT_DBI_PRINT_ERROR 0
|
|
|
52 |
|
|
|
53 |
# Unicode support
|
|
|
54 |
PerlSetEnv OCS_OPT_UNICODE_SUPPORT 1
|
|
|
55 |
|
|
|
56 |
# If you are using a multi server architecture,
|
|
|
57 |
# Put the ip addresses of the slaves on the master
|
|
|
58 |
# (This is read as perl regular expressions)
|
|
|
59 |
PerlAddVar OCS_OPT_TRUSTED_IP 127.0.0.1
|
|
|
60 |
#PerlAddVar OCS_OPT_TRUSTED_IP XXX.XXX.XXX.XXX
|
|
|
61 |
|
|
|
62 |
# ===== WEB SERVICE (SOAP) SETTINGS =====
|
|
|
63 |
|
|
|
64 |
PerlSetEnv OCS_OPT_WEB_SERVICE_ENABLED 0
|
|
|
65 |
PerlSetEnv OCS_OPT_WEB_SERVICE_RESULTS_LIMIT 100
|
|
|
66 |
# PerlSetEnv OCS_OPT_WEB_SERVICE_PRIV_MODS_CONF "WEBSERV_PRIV_MOD_CONF_FILE"
|
|
|
67 |
|
|
|
68 |
# Be careful: you must restart apache to make settings taking effects
|
|
|
69 |
|
|
|
70 |
# Configure engine to use the settings from this file
|
|
|
71 |
PerlSetEnv OCS_OPT_OPTIONS_NOT_OVERLOADED 0
|
|
|
72 |
|
|
|
73 |
# Try to use other compress algorythm than raw zlib
|
|
|
74 |
# GUNZIP and clear XML are supported
|
|
|
75 |
PerlSetEnv OCS_OPT_COMPRESS_TRY_OTHERS 1
|
|
|
76 |
|
|
|
77 |
##############################################################
|
|
|
78 |
# ===== OPTIONS BELOW ARE OVERLOADED IF YOU USE OCS GUI =====#
|
|
|
79 |
##############################################################
|
|
|
80 |
|
|
|
81 |
# NOTE: IF YOU WANT TO USE THIS CONFIG FILE INSTEAD, set OCS_OPT_OPTIONS_NOT_OVERLOADED to '1'
|
|
|
82 |
|
|
|
83 |
# ===== MAIN SETTINGS =====
|
|
|
84 |
|
|
|
85 |
# Enable engine logs (see LOGPATH setting)
|
|
|
86 |
PerlSetEnv OCS_OPT_LOGLEVEL 0
|
|
|
87 |
# Specify agent's prolog frequency
|
|
|
88 |
PerlSetEnv OCS_OPT_PROLOG_FREQ 12
|
|
|
89 |
# Configure the duplicates detection system
|
|
|
90 |
PerlSetEnv OCS_OPT_AUTO_DUPLICATE_LVL 15
|
|
|
91 |
# Futur security improvements
|
|
|
92 |
PerlSetEnv OCS_OPT_SECURITY_LEVEL 0
|
|
|
93 |
# Validity of a computer's lock
|
|
|
94 |
PerlSetEnv OCS_OPT_LOCK_REUSE_TIME 600
|
|
|
95 |
# Enable the history tracking system (useful for external data synchronisation
|
|
|
96 |
PerlSetEnv OCS_OPT_TRACE_DELETED 0
|
|
|
97 |
|
|
|
98 |
# ===== INVENTORY SETTINGS =====
|
|
|
99 |
|
|
|
100 |
# Specify the validity of inventory data
|
|
|
101 |
PerlSetEnv OCS_OPT_FREQUENCY 0
|
|
|
102 |
# Configure engine to update inventory regarding to CHECKSUM agent value (lower DB backend load)
|
|
|
103 |
PerlSetEnv OCS_OPT_INVENTORY_DIFF 1
|
|
|
104 |
# Make engine consider an inventory as a transaction (lower concurency, better disk usage)
|
|
|
105 |
PerlSetEnv OCS_OPT_INVENTORY_TRANSACTION 1
|
|
|
106 |
# Configure engine to make a differential update of inventory sections (row level). Lower DB backend load, higher frontend load
|
|
|
107 |
PerlSetEnv OCS_OPT_INVENTORY_WRITE_DIFF 1
|
|
|
108 |
# Enable some stuff to improve DB queries, especially for GUI multicriteria searching system
|
|
|
109 |
PerlSetEnv OCS_OPT_INVENTORY_CACHE_ENABLED 1
|
|
|
110 |
# Specify when the engine will clean the inventory cache structures
|
|
|
111 |
PerlSetEnv OCS_OPT_INVENTORY_CACHE_REVALIDATE 7
|
|
|
112 |
# Enable you to keep trace of every elements encountered in db life
|
|
|
113 |
PerlSetEnv OCS_OPT_INVENTORY_CACHE_KEEP 1
|
|
|
114 |
|
|
|
115 |
# ===== SOFTWARES DEPLOYMENT SETTINGS =====
|
|
|
116 |
|
|
|
117 |
# Enable this feature
|
|
|
118 |
PerlSetEnv OCS_OPT_DOWNLOAD 0
|
|
|
119 |
# Package wich have a priority superior than this value will not be downloaded
|
|
|
120 |
PerlSetEnv OCS_OPT_DOWNLOAD_PERIOD_LENGTH 10
|
|
|
121 |
# Time between two download cycles (bandwidth control)
|
|
|
122 |
PerlSetEnv OCS_OPT_DOWNLOAD_CYCLE_LATENCY 60
|
|
|
123 |
# Time between two fragment downloads (bandwidth control)
|
|
|
124 |
PerlSetEnv OCS_OPT_DOWNLOAD_FRAG_LATENCY 60
|
|
|
125 |
# Specify if you want to track packages affected to a group on computer's level
|
|
|
126 |
PerlSetEnv OCS_OPT_DOWNLOAD_GROUPS_TRACE_EVENTS 1
|
|
|
127 |
# Time between two download periods (bandwidth control)
|
|
|
128 |
PerlSetEnv OCS_OPT_DOWNLOAD_PERIOD_LATENCY 60
|
|
|
129 |
# Agents will send ERR_TIMEOUT event and clean the package it is older than this setting
|
|
|
130 |
PerlSetEnv OCS_OPT_DOWNLOAD_TIMEOUT 7
|
|
|
131 |
# Number of cycle within a period
|
|
|
132 |
|
|
|
133 |
# Enable ocs engine to deliver agent's files (deprecated)
|
|
|
134 |
PerlSetEnv OCS_OPT_DEPLOY 0
|
|
|
135 |
# Enable the softwares deployment capacity (bandwidth control)
|
|
|
136 |
|
|
|
137 |
# ===== GROUPS SETTINGS =====
|
|
|
138 |
|
|
|
139 |
# Enable the computer\s groups feature
|
|
|
140 |
PerlSetEnv OCS_OPT_ENABLE_GROUPS 1
|
|
|
141 |
# Random number computed in the defined range. Designed to avoid computing many groups in the same process
|
|
|
142 |
PerlSetEnv OCS_OPT_GROUPS_CACHE_OFFSET 600
|
|
|
143 |
# Specify the validity of computer's groups (default: 10 minutes - see offset)
|
|
|
144 |
PerlSetEnv OCS_OPT_GROUPS_CACHE_REVALIDATE 600
|
|
|
145 |
|
|
|
146 |
# ===== IPDISCOVER SETTINGS =====
|
|
|
147 |
|
|
|
148 |
# Specify how much agent per LAN will discovered connected peripherals (0 to disable)
|
|
|
149 |
PerlSetEnv OCS_OPT_IPDISCOVER 2
|
|
|
150 |
# Specify the minimal difference to replace an ipdiscover agent
|
|
|
151 |
PerlSetEnv OCS_OPT_IPDISCOVER_BETTER_THRESHOLD 1
|
|
|
152 |
# Time between 2 arp requests (mini: 10 ms)
|
|
|
153 |
PerlSetEnv OCS_OPT_IPDISCOVER_LATENCY 100
|
|
|
154 |
# Specify when to remove a computer when it has not come until this period
|
|
|
155 |
PerlSetEnv OCS_OPT_IPDISCOVER_MAX_ALIVE 14
|
|
|
156 |
# Disable the time before a first election (not recommended)
|
|
|
157 |
PerlSetEnv OCS_OPT_IPDISCOVER_NO_POSTPONE 0
|
|
|
158 |
# Enable groups for ipdiscover (for example, you might want to prevent some groups to be ipdiscover agents)
|
|
|
159 |
PerlSetEnv OCS_OPT_IPDISCOVER_USE_GROUPS 1
|
|
|
160 |
|
|
|
161 |
# ===== INVENTORY FILES MAPPING SETTINGS =====
|
|
|
162 |
|
|
|
163 |
# Use with ocsinventory-injector, enable the multi entities feature
|
|
|
164 |
PerlSetEnv OCS_OPT_GENERATE_OCS_FILES 0
|
|
|
165 |
# Generate either compressed file or clear XML text
|
|
|
166 |
PerlSetEnv OCS_OPT_OCS_FILES_FORMAT OCS
|
|
|
167 |
# Specify if you want to keep trace of all inventory between to synchronisation with the higher level server
|
|
|
168 |
PerlSetEnv OCS_OPT_OCS_FILES_OVERWRITE 0
|
|
|
169 |
# Path to ocs files directory (must be writeable)
|
|
|
170 |
PerlSetEnv OCS_OPT_OCS_FILES_PATH /tmp
|
|
|
171 |
|
|
|
172 |
# ===== FILTER SETTINGS =====
|
|
|
173 |
|
|
|
174 |
# Enable prolog filter stack
|
|
|
175 |
PerlSetEnv OCS_OPT_PROLOG_FILTER_ON 0
|
|
|
176 |
# Enable core filter system to modify some things "on the fly"
|
|
|
177 |
PerlSetEnv OCS_OPT_INVENTORY_FILTER_ENABLED 0
|
|
|
178 |
# Enable inventory flooding filter. A dedicated ipaddress ia allowed to send a new computer only once in this period
|
|
|
179 |
PerlSetEnv OCS_OPT_INVENTORY_FILTER_FLOOD_IP 0
|
|
|
180 |
# Period definition for INVENTORY_FILTER_FLOOD_IP
|
|
|
181 |
PerlSetEnv OCS_OPT_INVENTORY_FILTER_FLOOD_IP_CACHE_TIME 300
|
|
|
182 |
# Enable inventory filter stack
|
|
|
183 |
PerlSetEnv OCS_OPT_INVENTORY_FILTER_ON 0
|
|
|
184 |
|
|
|
185 |
# ===== REGISTRY SETTINGS =====
|
|
|
186 |
|
|
|
187 |
# Enable the registry capacity
|
|
|
188 |
PerlSetEnv OCS_OPT_REGISTRY 1
|
|
|
189 |
|
|
|
190 |
# ===== SESSION SETTINGS =====
|
|
|
191 |
# Not yet in GUI
|
|
|
192 |
|
|
|
193 |
# Validity of a session (prolog=>postinventory)
|
|
|
194 |
PerlSetEnv OCS_OPT_SESSION_VALIDITY_TIME 600
|
|
|
195 |
# Consider a session obsolete if it is older thant this value
|
|
|
196 |
PerlSetEnv OCS_OPT_SESSION_CLEAN_TIME 86400
|
|
|
197 |
# Accept an inventory only if required by server
|
|
|
198 |
#( Refuse "forced" inventory)
|
|
|
199 |
PerlSetEnv OCS_OPT_INVENTORY_SESSION_ONLY 0
|
|
|
200 |
|
|
|
201 |
# ===== TAG =====
|
|
|
202 |
|
|
|
203 |
# The default behavior of the server is to ignore TAG changes from the
|
|
|
204 |
# agent.
|
|
|
205 |
PerlSetEnv OCS_OPT_ACCEPT_TAG_UPDATE_FROM_CLIENT 0
|
|
|
206 |
|
|
|
207 |
|
|
|
208 |
# ===== DEPRECATED =====
|
|
|
209 |
|
|
|
210 |
# Set the proxy cache validity in http headers when sending a file
|
|
|
211 |
PerlSetEnv OCS_OPT_PROXY_REVALIDATE_DELAY 3600
|
|
|
212 |
# Deprecated
|
|
|
213 |
PerlSetEnv OCS_OPT_UPDATE 0
|
|
|
214 |
|
|
|
215 |
############ DO NOT MODIFY BELOW ! #######################
|
|
|
216 |
|
|
|
217 |
# External modules
|
|
|
218 |
PerlModule Apache::DBI
|
|
|
219 |
PerlModule Compress::Zlib
|
|
|
220 |
PerlModule XML::Simple
|
|
|
221 |
|
|
|
222 |
# Ocs
|
|
|
223 |
PerlModule Apache::Ocsinventory
|
|
|
224 |
PerlModule Apache::Ocsinventory::Server::Constants
|
|
|
225 |
PerlModule Apache::Ocsinventory::Server::System
|
|
|
226 |
PerlModule Apache::Ocsinventory::Server::Communication
|
|
|
227 |
PerlModule Apache::Ocsinventory::Server::Inventory
|
|
|
228 |
PerlModule Apache::Ocsinventory::Server::Duplicate
|
|
|
229 |
|
|
|
230 |
# Capacities
|
|
|
231 |
PerlModule Apache::Ocsinventory::Server::Capacities::Registry
|
|
|
232 |
PerlModule Apache::Ocsinventory::Server::Capacities::Update
|
|
|
233 |
PerlModule Apache::Ocsinventory::Server::Capacities::Ipdiscover
|
|
|
234 |
PerlModule Apache::Ocsinventory::Server::Capacities::Download
|
|
|
235 |
PerlModule Apache::Ocsinventory::Server::Capacities::Notify
|
|
|
236 |
# This module guides you through the module creation
|
|
|
237 |
# PerlModule Apache::Ocsinventory::Server::Capacities::Example
|
|
|
238 |
# This module adds some rules to filter some request sent to ocs server in the prolog and inventory stages
|
|
|
239 |
# PerlModule Apache::Ocsinventory::Server::Capacities::Filter
|
|
|
240 |
|
|
|
241 |
# PerlTaintCheck On
|
|
|
242 |
|
|
|
243 |
# SSL apache settings
|
|
|
244 |
#SSLEngine "SSL_ENABLE"
|
|
|
245 |
#SSLCertificateFile "SSL_CERTIFICATE_FILE"
|
|
|
246 |
#SSLCertificateKeyFile "SSL_CERTIFICATE_KEY_FILE"
|
|
|
247 |
#SSLCACertificateFile "SSL_CERTIFICATE_FILE"
|
|
|
248 |
#SSLCACertificatePath "SSL_CERTIFICATE_PATH"
|
|
|
249 |
#SSLVerifyClient "SSL_VALIDATE_CLIENT"
|
|
|
250 |
|
|
|
251 |
# Engine apache settings
|
|
|
252 |
# "Virtual" directory for handling OCS Inventory NG agents communications
|
|
|
253 |
# Be careful, do not create such directory into your web server root document !
|
|
|
254 |
<Location /ocsinventory>
|
|
|
255 |
order deny,allow
|
|
|
256 |
allow from all
|
|
|
257 |
Satisfy Any
|
|
|
258 |
# If you protect this area you have to deal with http_auth_* agent's parameters
|
|
|
259 |
# AuthType Basic
|
|
|
260 |
# AuthName "OCS Inventory agent area"
|
|
|
261 |
# AuthUserFile "APACHE_AUTH_USER_FILE"
|
|
|
262 |
# require valid-user
|
|
|
263 |
SetHandler perl-script
|
|
|
264 |
PerlHandler Apache::Ocsinventory
|
|
|
265 |
</Location>
|
|
|
266 |
|
|
|
267 |
# Web service apache settings
|
|
|
268 |
PerlModule Apache::Ocsinventory::SOAP
|
|
|
269 |
|
|
|
270 |
<location /ocsinterface>
|
|
|
271 |
SetHandler perl-script
|
|
|
272 |
PerlHandler "Apache::Ocsinventory::SOAP"
|
|
|
273 |
|
|
|
274 |
# By default, you can query web service from everywhere with a valid user
|
|
|
275 |
Order deny,allow
|
|
|
276 |
Allow from all
|
|
|
277 |
AuthType Basic
|
|
|
278 |
AuthName "OCS Inventory SOAP Area"
|
|
|
279 |
# Use htpasswd to create/update soap-user (or another granted user)
|
|
|
280 |
AuthUserFile "APACHE_AUTH_USER_FILE"
|
|
|
281 |
require "SOAP_USER"
|
|
|
282 |
</location>
|
|
|
283 |
|