系統需求

安裝步驟（以 Debian 為例）

安裝 Apache 服務

• 安裝 Apache 服務

sudo apt -y install apache2

• 安裝完之後啟用 Apache 服務

sudo systemctl enable --now apache2

安裝 PHP 服務

• 安裝 php 必要套件

apt install -y apt-transport-https lsb-release ca-certificates wget

• 新增 php 金鑰

wget -O /etc/apt/trusted.gpg.d/php.gpg https://packages.sury.org/php/apt.gpg

• 新增 PHP 來源庫

echo "deb https://packages.sury.org/php/ $(lsb_release -sc) main" > /etc/apt/sources.list.d/sury-php.list && apt update

• 安裝 php 及其他必要套件

sudo apt -y install re2c gcc curl libapache2-mod-php8.3 php8.3 php8.3-{mysqlnd,pdo,xml,mbstring,fpm,mysql,gd,cli,opcache,curl,ldap,odbc,xmlrpc,soap,intl,zip,common,imap,bz2}

• 修改 vim /etc/php/8.3/cli/php.ini 設定檔

修改前
;cgi.fix_pathinfo=1
修改後
cgi.fix_pathinfo=0

修改時區
[Date]
修改前
;date.timezone = 
修改後
date.timezone = Asia/Taipei

; 記憶體用量上限
memory_limit = 512M
; Script執行時間上限(單位：秒)
max_execution_time = 600
; Script處理資料時間上限(單位：秒)
max_input_time = 600
; Socket無回應斷線時間(單位：秒)
default_socket_timeout = 600

# 指令修改
sed -i "s|^;cgi.fix_pathinfo=1.*$|cgi.fix_pathinfo=0|" /etc/php/8.3/cli/php.ini
sed -i "s|^;cgi.fix_pathinfo=1.*$|cgi.fix_pathinfo=0|" /etc/php/8.3/apache2/php.ini

sed -i "s|^;date.timezone =.*$|date.timezone = Asia/Taipei|" /etc/php/8.3/cli/php.ini
sed -i "s|^;date.timezone =.*$|date.timezone = Asia/Taipei|" /etc/php/8.3/apache2/php.ini

sed -i "s|^upload_max_filesize = 2M.*$|upload_max_filesize = 1024M|" /etc/php/8.3/cli/php.ini
sed -i "s|^upload_max_filesize = 2M.*$|upload_max_filesize = 1024M|" /etc/php/8.3/apache2/php.ini

sed -i "s|^post_max_size = 8M.*$|post_max_size = 1024M|" /etc/php/8.3/cli/php.ini
sed -i "s|^post_max_size = 8M.*$|post_max_size = 1024M|" /etc/php/8.3/apache2/php.ini

sed -i "s|^memory_limit = 128M.*$|memory_limit = 512M|" /etc/php/8.3/cli/php.ini
sed -i "s|^memory_limit = 128M.*$|memory_limit = 512M|" /etc/php/8.3/apache2/php.ini

sed -i "s|^max_execution_time = 30.*$|max_execution_time = 600|" /etc/php/8.3/cli/php.ini
sed -i "s|^max_execution_time = 30.*$|max_execution_time = 600|" /etc/php/8.3/apache2/php.ini

sed -i "s|^max_input_time = 60.*$|max_input_time = 600|" /etc/php/8.3/cli/php.ini
sed -i "s|^max_input_time = 60.*$|max_input_time = 600|" /etc/php/8.3/apache2/php.ini

sed -i "s|^default_socket_timeout = 60.*$|default_socket_timeout = 600|" /etc/php/8.3/cli/php.ini
sed -i "s|^default_socket_timeout = 60.*$|default_socket_timeout = 600|" /etc/php/8.3/apache2/php.ini

安裝 MariaDB 套件

• 新增 MariaDB 套件庫金鑰

sudo apt-get install apt-transport-https curl -y
sudo mkdir -p /etc/apt/keyrings
sudo curl -o /etc/apt/keyrings/mariadb-keyring.pgp 'https://mariadb.org/mariadb_release_signing_key.pgp'

• 新增 MariaDB 套件庫 vim /etc/apt/sources.list.d/mariadb.sources

# MariaDB 10.11 repository list - created 2024-07-19 03:27 UTC
# https://mariadb.org/download/
X-Repolib-Name: MariaDB
Types: deb
# deb.mariadb.org is a dynamic mirror if your preferred mirror goes offline. See https://mariadb.org/mirrorbits/ for details.
# URIs: https://deb.mariadb.org/10.11/debian
URIs: https://ftp.ubuntu-tw.org/mirror/mariadb/repo/10.11/debian
Suites: bookworm
Components: main
Signed-By: /etc/apt/keyrings/mariadb-keyring.pgp

• 更新系統並且安裝 MariaDB

sudo apt-get update && sudo apt-get install mariadb-server -y

• 啟動服務

sudo systemctl enable --now mariadb

• 資料庫基本設定，那在 MariaDB 10.5 以上版本官方已經改用 mariadb-secure-installation 那 MariaDB 10.4 以下還是可以用 mysql_secure_installation 來執行， MaridDB 官方說明

mariadb-secure-installation   # 設定資料庫的root密碼

NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
      SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!

In order to log into MariaDB to secure it, we'll need the current
password for the root user. If you've just installed MariaDB, and
haven't set the root password yet, you should just press enter here.

Enter current password for root (enter for none): 
OK, successfully used password, moving on...

Setting the root password or using the unix_socket ensures that nobody
can log into the MariaDB root user without the proper authorisation.

You already have your root account protected, so you can safely answer 'n'.

Switch to unix_socket authentication [Y/n]    <----- 直接按下 enter 鍵
Enabled successfully!
Reloading privilege tables..
 ... Success!


You already have your root account protected, so you can safely answer 'n'.

Change the root password? [Y/n]               <----- 直接按下 enter 鍵
New password:                                 <----- 輸入 root 密碼
Re-enter new password:                        <----- 再次輸入 root 密碼
Password updated successfully!
Reloading privilege tables..
 ... Success!


By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them.  This is intended only for testing, and to make the installation
go a bit smoother.  You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n] 
 ... Success!

Normally, root should only be allowed to connect from 'localhost'.  This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n] 
 ... Success!

By default, MariaDB comes with a database named 'test' that anyone can
access.  This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n] 
 - Dropping test database...
 ... Success!
 - Removing privileges on test database...
 ... Success!

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n] 
 ... Success!

Cleaning up...

All done!  If you've completed all of the above steps, your MariaDB
installation should now be secure.

Thanks for using MariaDB!

補充說明

  MariaDB root 可空白登入問題排除

• 先查看目前狀況

use mysql;

select user, plugin from user;

如果查出來結果是 unix_socket 就要修改模式

修改為 mysql_native_password

ALTER USER root@localhost IDENTIFIED VIA mysql_native_password;

• 再修改 root 密碼，修改完後在測試看看狀況是否有改善，如果還是不行下這一段

SET PASSWORD = PASSWORD("password");

• 這樣子設定就必需要有密碼才可以登入。

設定資料庫

• 設定 OCS 資料庫 mariadb -u root -p

CREATE DATABASE ocsweb CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
GRANT ALL PRIVILEGES ON ocsweb.* TO 'ocs'@'localhost' IDENTIFIED BY 'New-Password';  <----要修改 New-Password 密碼
FLUSH PRIVILEGES;

安裝 Perl 套件

sudo apt -y install perl libxml-simple-perl libcompress-zlib-perl libdbi-perl libdbd-mysql-perl libnet-ip-perl libsoap-lite-perl libio-compress-perl libapache-dbi-perl libapache2-mod-perl2 libapache2-mod-perl2-dev libdbd-mysql-perl libnet-ip-perl libxml-simple-perl libarchive-zip-perl libapache-db-perl

sudo cpan install XML::Entities Apache2::SOAP Net::IP Apache::DBI Mojolicious Switch Plack::Handler Archive::Zip

安裝 OCS Inventory Server 服務

• 匯入 OCS 金鑰

curl -sS http://deb.ocsinventory-ng.org/pubkey.gpg | sudo apt-key add -

• 新增加來源庫

echo "deb http://deb.ocsinventory-ng.org/debian/ $(lsb_release -sc) main" | sudo tee /etc/apt/sources.list.d/ocsinventory.list

• 安裝 OCS 服務

sudo apt update && sudo apt install ocsinventory-server -y

• 首先到 官方的 GitHub 查看是否有新版可以下載使用當下版本是 2.12.3，以照當時所下載新版為主。

wget https://github.com/OCSInventory-NG/OCSInventory-ocsreports/releases/download/2.12.3/OCSNG_UNIX_SERVER-2.12.3.tar.gz

• 解壓剛下載好版本

tar -xvzf OCSNG_UNIX_SERVER-*.tar.gz

• 進到解壓後目錄

cd OCSNG_UNIX_SERVER-2.12.3

• 預先建立相關目錄

mkdir -p /var/www/html

• 安裝 OCS 服務

./setup.sh

• 可以修改路徑如下

# 預設路徑如下，必要修改到其他路徑這是給 web 服務用的，不然無法連線或者修改設定檔
Where to copy Administration Server static files for PHP Web Console
[/usr/share/ocsinventory-reports]?

# 這是修改後給予的路徑
Where to copy Administration Server static files for PHP Web Console
[/usr/share/ocsinventory-reports]?/var/www/html

• 安裝過程都是以預設為主，可以直接按 enter 鍵到跟上面文字一樣時要注意一下，請修改成自己常放用的 WEB 目錄位飛

略過

+----------------------------------------------------------+
|    Checking for Administration Server directories...     |
+----------------------------------------------------------+

略過

Where to copy Administration Server static files for PHP Web Console
[/usr/share/ocsinventory-reports] ?/var/www/html               <------ 修改 PHP 目錄位置
OK, using directory /var/www/html to install static files ;-)

略過

+----------------------------------------------------------------------+
|        OK, Administration server installation finished ;-)           |
|                                                                      |
| Please, review /etc/apache2/conf-available/ocsinventory-reports.conf |
|          to ensure all is good and restart Apache daemon.            |
|                                                                      |
| Then, point your browser to http://server//ocsreports                |
|        to configure database server and create/update schema.        |
+----------------------------------------------------------------------+

Setup has created a log file /root/OCSNG_UNIX_SERVER-2.12.3/ocs_server_setup.log. Please, save this file.
If you encounter error while running OCS Inventory NG Management server,
we can ask you to show us its content !

DON'T FORGET TO RESTART APACHE DAEMON !

Enjoy OCS Inventory NG ;-)

• 只要看到 Enjoy OCS Inventory NG ;-) 表示你已安裝成功了

設定後續的設定值

• 修改有關於 OCS 相關權限

# 注意剛剛如果有修改路徑的話，後面的路徑要指向剛剛你所設定的路徑
chmod -R 766 /var/www/html/ocsreports

# 只給 apache 服務使用，路徑要注意如有修改記得要改
chown -R www-data:www-data /var/www/html/ocsreports
# 此路徑不用改，因為是預設
chown -R www-data:www-data /var/lib/ocsinventory-reports/

# 注意剛剛如果有修改路徑的話，後面的路徑要指向剛剛你所設定的路徑 
chcon -R -t httpd_sys_rw_content_t /var/www/html/ocsreports

WEB 安裝畫面

• 連線之前要重啟 Apache 服務

systemctl restart apache2

• 開啟瀏灠器輸入 http://<IP或主機名稱>/ocsreports (站台位置)

1. 設定資料庫連線位置
   • MySQL login：輸入剛剛建立可以讓 ocs 登入的帳號
   • MySQL password：輸入剛剛建立可以讓 ocs 登入的密碼
   • Name of Database： 輸入剛剛建立的給 ocs 使用的資料庫名稱
   • MySQL HostName：輸入資料庫所在位置

2. 正在安裝的畫面，安裝完之後按下 Click here to enter OCS-NG GUI

3. 因資料庫版本有更新所以手動更新按下 Perform the update

4. 更新完之後按下 Click here to enter OCS-NG GUI

5. 系統將顯示登入畫面。官方預設的帳號與密碼如下：
   • 帳號（Username）： admin
   • 密碼（Password）： admin

6. 首次登入 GLPI 後，系統上方會顯示一則警告訊息，提示您為了安全性，請移除或重新命名安裝檔案 install.php，修改管理者密碼