Post installation

To finalize the installation you will need to applys the tasks below.

Disable Web Portal logs

With likpiadm user:

Edit /opt/likpi/webroot/js/config/server.config.json and update section below to disable Likpi Web Portal log browser console:

"log": {
        "enabled" : false,
        "pattern" :"%d{yyyy-MM-dd HH:mm:ss,SSS} %-5p - %m%n"

Secure the files access

With likpiadm user:

$ chmod 600 /opt/likpi/security/rsa_2048_priv.pem
$ chmod 644 /opt/likpi/security/rsa_2048_pub.pem
$ chmod -R 700 /opt/likpi/conf

Copy rsa_2048_pub.pem to webroot/security

With likpiadm user:

$ mkdir /opt/likpi/webroot/security
$ cp /opt/likpi/security/rsa_2048_pub.pem /opt/likpi/webroot/security

Configure Nginx

Basic configuration for testing

With administrator user:

Edit the file /etc/nginx/sites-available/default and add these entries with the support of your Linux administrator:

server {
        listen 40080 default_server;
        listen [::]:40080 default_server;
        root /opt/likpi/webroot;
        server_name _;
        index index.html;
        location / {
                try_files $uri $uri/ =404;
        }
}

SSL connection

Edit the file /etc/nginx/sites-available/default and add these entries with the support of your Linux administrator:

server {
  listen 80 default_server;
  listen [::]:80 default_server;
  server_name intra.logmon.com;
  return 301 https://$server_name$request_uri;  # Redirect HTTP to HTTPS
}

server {
  listen 443 ssl http2 default_server;
  listen [::]:443 ssl http2 default_server;

  root /opt/likpi/webroot;
  index index.html index.htm;

  server_name intra.logmon.com;

  ssl_certificate /opt/likpi/security/fullchain.pem;
  ssl_certificate_key /opt/likpi/security/privkey.pem;

  # Other SSL settings (protocols, ciphers) as in Likpi docs
  ssl_protocols TLSv1.2 TLSv1.3;
  ssl_ciphers HIGH:!aNULL:!MD5;
  ssl_prefer_server_ciphers off;
  ssl_session_cache shared:SSL:10m;

  location / {
      try_files $uri $uri/ =404;
  }
}

Note

The SSL configuration example above can be adapted to your context.

Warning

For secure connection, you must configure and adapt /opt/likpi/conf/likpi-coremanager.json, /opt/likpi/webroot/js/config/server.config.json files and /opt/likpi/bin/likpi-wsgateway files. Pleas review Configuration section.