PoC Installation - Latest
Monofor PoC installation can be done with the steps below.
Before Start Installation
Monofor products are designed to work on container architecture. Therefore, in order to download the images, it is necessary to download them from Monofor's Official Repositories. If you do not have access to the Official Repositories, the installation cannot be performed. To overcome this, you can contact Monofor Sales Engineers or authorized partners to receive support.
These installation steps are performed under the supervision of Monofor Sales Engineers or authorized partners sales engineers.
Downloading the Installation Package
Monofor installation package can be downloaded with below link;
cURL
curl -SL https://download.monofor.com/install/latest/monofor.sh -o /tmp/monofor.sh && chmod +x /tmp/monofor.sh && cd /tmp
wget
wget https://download.monofor.com/install/v2023.04/monofor.sh -O /tmp/monofor.sh && chmod +x /tmp/monofor.sh && cd /tmp
Installation steps
After Monofor package downloads you can follow below steps to install.
Please make sure to get Monofor Repository credentials from your local Sales Engineer. If you didn’t obtain the correct credentials you will not able to install Monofor Products. If you don’t know your local Sales Engineer please contact se@monofor.com
Installation Start
First of all, we need to verify if Monosign package was successfully downloaded.
cd /tmp
./monofor.sh
Example of commands output;
root@monofor:~# cd /tmp
root@monofor:/tmp# ./monofor.sh
__ __ __
/ / __ ___\ \ _ __ ___ ___ _ __ ___ / _| ___ _ __
| | '_ ` _ \| | | '_ ` _ \ / _ \| '_ \ / _ \| |_ / _ \| '__|
< <| | | | | |> > | | | | | | (_) | | | | (_) | _| (_) | |
| |_| |_| |_| | |_| |_| |_|\___/|_| |_|\___/|_| \___/|_|
\_\ /_/
Monofor Identity Access Management
Monofor Privileged Account & Access Management
Copyright 2017-2024, Monofor, Inc.
https://monofor.com
=============================================================
Usage: monofor.sh options (-install|-check|-h,--help)
This script installs Monofor Products.
Only the superuser can run this script.
Usage:
monofor.sh [-install] [-check] [-h|--help]
where:
-install Install Monofor.
-check Check Pre-Requirements.
-h, --help Print out this usage and then exit.
Examples:
monofor.sh -install
monofor.sh -check
monofor.sh -h, --help
If you run the script without argument it will failed. It must be run with -install
for the PoC installation.
Example output of ./monofor.sh -install
or sudo monofor.sh -install
command
__ __ __
/ / __ ___\ \ _ __ ___ ___ _ __ ___ / _| ___ _ __
| | '_ ` _ \| | | '_ ` _ \ / _ \| '_ \ / _ \| |_ / _ \| '__|
< <| | | | | |> > | | | | | | (_) | | | | (_) | _| (_) | |
| |_| |_| |_| | |_| |_| |_|\___/|_| |_|\___/|_| \___/|_|
\_\ /_/
Monofor Identity Access Management
Monofor Privileged Account & Access Management
Copyright 2017-2024, Monofor, Inc.
https://monofor.com
=============================================================
#############################################################
######## docker service installed and running. ##############
#############################################################
#############################################################
######## Monofor Repository is reachable. ###################
#############################################################
#############################################################
######## Monofor External Services is reachable. ############
#############################################################
#############################################################
######## Monofor Installation scripts are ###################
######## ready. #############################################
#############################################################
If you get different messages from the above example you can check this page
Pre-Requirement Installation
Monofor Install scripts need to be run with the root privilege. Before beginning the installation, you need to elevate Linux user to the root privilege. It can be done with below commands;
sudo su -
sudo -i
Or you can run all commands with sudo
We will continue with sudo
prefix.
Monofor products need docker environment on your infrastructure. Monofor pre-requirements script checks missing packages but not install. you need to install them manually.
Type below command to configure pre-requirements on your Linux host;
sudo monofor-build
Please type your domain name;
Please Input Domain Name(Example: monofor.com):
Example: monofor.test
Please type Monosign repository credentials;
Please Enter Repository Username: poc
Please Enter Repository Password: password
Above credentials are examples. Do not use these credentials. You can contact with your local Monofor SE team to get correct credentials for your environment.
Following that Monofor-Pre-Requirement installation will be completed.
Example of the installation output without docker network;
root@monofor:/tmp# monofor-build
##############################################
## Deployment Types:
## 1. PoC
## 2. Production
##############################################
Please select your deployment (1 or 2):1
#############################################################
######## Monofor Pre-Installation Started. ##################
#############################################################
If you want to use default path please leave it blank (Default: /opt)
Please type monofor directory (Example: /data):
[2024-12-11 11:35:41.080] [INFO] - Host Environment file generated.
[2024-12-11 11:35:41.096] [INFO] - Temporary files copied.
Please Input Domain Name(Example: monofor.com): monofor.test
Please Enter Repository Username: abdurrahman.alkan
Repository username entered
Please Enter Repository Password:
Repository password entered
#############################################################
######## Succesfully Logged-In Monofor Repository ###########
#############################################################
[2024-12-11 11:40:37.005] [INFO] - Succesfully Logged-In Monofor Repository
.+...+....+...+..+..................+...+....+...+...+...+............+...+.
.+.........+.+............+..+....+.........+..+...+.+..++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++*...+.........+.+.....+....+...
..+..................+...+....+........+.+..+.......+...+...+..+...+.+...+..
+.........+......+.+...+...........+...+............+....+.........+..+.+...
+.........+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*
..+.....+.+......+........+................+......+...
#############################################################
######## Default Certificate Generation Started. ############
#############################################################
[2024-12-11 11:40:41.509] [INFO] - Monofor Self-Signed Certificate creation finished.
[2024-12-11 11:40:42.397] [INFO] - Certificate detail can be found: /opt/monofor/cert/2024-12-11/monofor.test.info
#############################################################
######## Default Certificate Generation Finished ############
#############################################################
Do you want to configure docker networks (yes/no): no
#############################################################
######## Docker configured to use default ###################
######## networks. ##########################################
#############################################################
Network Interfaces and IP Addresses:
1. lo 127.0.0.1
2. eth0 192.168.53.20
3. docker_gwbridge 192.168.5.65
4. docker0 192.168.5.1
Enter a number to select an IP: 2
[2024-12-11 12:54:21.342] [INFO] - Selected IP: 192.168.53.20
[2024-12-11 12:54:21.350] [INFO] - Selected Interface: eth0
#############################################################
######## Docker Swarm initialized with default ##############
######## network. ###########################################
#############################################################
wv1txzzi48oaj9rb8y1svntmb
#############################################################
######## monofornet docker network created. #################
#############################################################
[2024-12-11 12:54:22.284] [INFO] - monofornet docker network created.
#############################################################
######## Monofor Pre-Installation Finished. #################
#############################################################
[2024-12-11 12:54:22.316] [INFO] - Installation log can be found under /opt/monofor/log/install-2024-12-11.log
root@monofor:/tmp#
Example of the installation output with docker network configuration;
root@monofor:/tmp# monofor-build
##############################################
## Deployment Types:
## 1. PoC
## 2. Production
##############################################
Please select your deployment (1 or 2):1
#############################################################
######## Monofor Pre-Installation Started. ##################
#############################################################
If you want to use default path please leave it blank (Default: /opt)
Please type monofor directory (Example: /data):
[2024-12-11 11:35:41.080] [INFO] - Host Environment file generated.
[2024-12-11 11:35:41.096] [INFO] - Temporary files copied.
Please Input Domain Name(Example: monofor.com): monofor.test
Please Enter Repository Username: abdurrahman.alkan
Repository username entered
Please Enter Repository Password:
Repository password entered
#############################################################
######## Succesfully Logged-In Monofor Repository ###########
#############################################################
[2024-12-11 11:40:37.005] [INFO] - Succesfully Logged-In Monofor Repository
.+...+....+...+..+..................+...+....+...+...+...+............+...+.
.+.........+.+............+..+....+.........+..+...+.+..++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++*...+.........+.+.....+....+...
..+..................+...+....+........+.+..+.......+...+...+..+...+.+...+..
+.........+......+.+...+...........+...+............+....+.........+..+.+...
+.........+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*
..+.....+.+......+........+................+......+...
#############################################################
######## Default Certificate Generation Started. ############
#############################################################
[2024-12-11 11:40:41.509] [INFO] - Monofor Self-Signed Certificate creation finished.
[2024-12-11 11:40:42.397] [INFO] - Certificate detail can be found: /opt/monofor/cert/2024-12-11/monofor.test.info
#############################################################
######## Default Certificate Generation Finished ############
#############################################################
Do you want to configure docker networks (yes/no): yes
Please Enter Docker network IP Address (Example : 192.168.1.0/24):192.168.5.2/24
Docker network ip address entered.
Please Enter Docker Swarm network IP Address (Example : 192.168.1.0/24): 192.168.6.0/24
Docker swarm network ip address entered.
Network Interfaces and IP Addresses:
1. lo 127.0.0.1
2. eth0 192.168.53.20
3. docker_gwbridge 192.168.5.65
4. docker0 192.168.5.1
Enter a number to select an IP: 2
[2024-12-11 12:46:30.361] [INFO] - Selected IP: 192.168.53.20
[2024-12-11 12:46:30.368] [INFO] - Selected Interface: eth0
#############################################################
######## Docker Swarm initialized with default ##############
######## network. ###########################################
#############################################################
#############################################################
######## monofornet docker network created. #################
#############################################################
[2024-12-11 12:54:22.284] [INFO] - monofornet docker network created.
#############################################################
######## Monofor Pre-Installation Finished. #################
#############################################################
[2024-12-11 12:54:22.316] [INFO] - Installation log can be found under /opt/monofor/log/install-2024-12-11.log
root@monofor:/tmp#
DNS records are very important for Monofor services. Therefore, if there are missing DNS records, they need to be completed before proceeding to the next steps. You can check this page.
Monosign Installation
Please make sure to complete the Monofor Pre-Requirement installation first.
If Pre-Requirement installation is not completed correctly, please do not continue to next steps.
Now you can continue with Monosign services installation.
Type below command to install Monosign on your Linux host;
sudo monosign
OR
monosign
First Monosign installation require hostname of the monosign products. İf you want to continue default please leave it blank.
Example of the command output;
root@monofor:/tmp# monosign
#############################################################
######## Monosign Installation Started. #####################
#############################################################
If you want to use default hostnames please leave it blank
Type Monosign Account Hostname (Default: monosign-account):
Type Monosign API Hostname (Example: monosign-api):
Type Monosign Management Hostname (Example: monosign-mng):
| DNS Name | DNS Query Result | FQDN |
| ---------------- | ---------------- | ----------------------------- |
| monosign-account | Resolvable | monosign-account.monofor.test |
| monosign-api | Resolvable | monosign-api.monofor.test |
| monosign-mng | Resolvable | monosign-mng.monofor.test |
#############################################################
######## All required DNS Names are resolved ################
######## by your DNS server. ################################
#############################################################
Monosign Installation is always install latest version. If you want to install specific verison please type it.
Please Set Monosign Version(Latest Stable Version: v2024.11hf-02 ):
[2024-12-11 13:30:23.067] [INFO] - Version defined. Monosign: v2024.11hf-02
##############################################################
DNS Name : monofor.test
Account Hostname : monosign-account
API Hostname : monosign-api
Management Hostname : monosign-mng
Account URL : monosign-account.monofor.test
API URL : monosign-api.monofor.test
Management URL : monosign-mng.monofor.test
Monosign Version : v2024.11hf-02
Certificate Thumbprint : 3F2AD7697C7F3D7EA2BC1687117F679C69D0C84B
Database Type : PostgreSql
Database Server/Port : monofor-db:5432
Database Name : monosign
Database User : monofor
Database Password : *****************************
##############################################################
Are these information correct? Do you want to continue? (yes/no): yes
#############################################################
######## Monosign installation continue... ##################
#############################################################
[2024-12-11 13:30:44.519] [INFO] - Variables change started.
[2024-12-11 13:30:50.173] [INFO] - Variables change finished.
#############################################################
######## Monosign Images Download Started. ##################
#############################################################
latest: Pulling from monosign/db
Status: Downloaded newer image for cr.monofor.com/monosign/db:latest
latest: Pulling from monosign/cache
Status: Downloaded newer image for cr.monofor.com/monosign/cache:latest
latest: Pulling from monosign/mq
Status: Downloaded newer image for cr.monofor.com/monosign/mq:latest
latest: Pulling from monosign/loadbalancer
Status: Downloaded newer image for cr.monofor.com/monosign/loadbalancer:latest
v2024.11hf-02: Pulling from monosign/seed
Status: Downloaded newer image for cr.monofor.com/monosign/seed:v2024.11hf-02
v2024.11hf-02: Pulling from monosign/api
Status: Downloaded newer image for cr.monofor.com/monosign/api:v2024.11hf-02
v2024.11hf-02: Pulling from monosign/management
Status: Downloaded newer image for cr.monofor.com/monosign/management:v2024.11hf-02
v2024.11hf-02: Pulling from monosign/account
Status: Downloaded newer image for cr.monofor.com/monosign/account:v2024.11hf-02
v2024.11hf-02: Pulling from monosign/service
Status: Downloaded newer image for cr.monofor.com/monosign/service:v2024.11hf-02
v2024.11hf-02: Pulling from monosign/radius-server
Status: Downloaded newer image for cr.monofor.com/monosign/radius-server:v2024.11hf-02
v2024.11hf-02: Pulling from monosign/access-gateway
Status: Downloaded newer image for cr.monofor.com/monosign/access-gateway:v2024.11hf-02
v2024.11hf-02: Pulling from monosign/ldap-gateway
Status: Downloaded newer image for cr.monofor.com/monosign/ldap-gateway:v2024.11hf-02
latest: Pulling from monosign/loadbalancer
Status: Image is up to date for cr.monofor.com/monosign/loadbalancer:latest
#############################################################
######## Monosign Images Download Finished ##################
#############################################################
Do you want to deploy monofor projects? (yes/no): yes
Do you want to deploy monofor projects? (yes/no): yes
[2024-12-11 13:37:03.903] [INFO] - monofor project deploy starting...
Creating service monofor_loadbalancer
Creating service monofor_db
Progress : [mmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm] 100.00%
[2024-12-11 13:37:21.418] [INFO] - monosign project deploy starting...
Creating service monosign_seed
Creating service monosign_cache
Creating service monosign_access-gateway
Creating service monosign_ldap-gateway
Creating service monosign_management
Creating service monosign_api
Creating service monosign_service
Creating service monosign_mq
Creating service monosign_account
Progress : [mmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm] 100.00%
[2024-12-11 13:37:39.768] [INFO] - monosign-radius-server project deploy starting...
[+] Running 1/1
✔ Container monosign-radius-server Started1.3s
Progress : [mmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm] 100.00%
[2024-12-11 13:39:47.005] [INFO] - monosign stack deployed.
[2024-12-11 13:39:47.063] [INFO] - monofor stack deployed.
Progress : [mmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm] 100.00%
[2024-12-11 13:40:34.185] [INFO] - Monosign service check started
[2024-12-11 13:40:34.331] [INFO] - Monosign HealthCheck Status: true
[2024-12-11 13:40:35.680] [INFO] - UserName: root
[2024-12-11 13:40:35.687] [INFO] - Password: bbc410a3-4f9e-45f7-9367-f57e016b3c50
[2024-12-11 13:40:35.698] [INFO] - root password updated. Please check this file: /opt/monofor/log/rootPassword-2024-12-11.info
#############################################################
######## Monosign Installation Finished. ####################
######## Please open your browser and type ##################
#############################################################
########## https://monosign-account.monofor.test
#############################################################
[2024-12-11 13:40:35.969] [INFO] - monosign-radius deployed.
[2024-12-11 13:40:36.135] [INFO] - License information created. Please check this file: /opt/monofor/log/license-2024-12-11.info
Now Monosign has been successfully installed on your Linux host. You can open browser on your client machine and type the below address;
https://monosign-account.domainname
Replace domainname
in your URL with the domain name that you provided in the Pre-Requirement installation. In our example we used monofor.test
After typing monosign-account.monofor.test
on your browser, you will get the Privacy Error because Monosign being installed with Self-Signed SSL certificate.
You can click Advanced → Continue to monosign-account.monofor.test
Monosign Account login page will appear after skipping the certificate error.
Please click “Login with Password” and type your username
and password
.
After successful first login, Monosign will redirect you to “My Apps“
Now you will able see “Monosign Management“ application.
You can click it and “Monosign Management“ console will be open.
Monosync Installation
Please make sure to complete Monosign Installation first. For Monosync Installation, Monosign product must be installed on your Linux host.
If Monosign installation has not finished correctly, please do not continue to the next steps.
You can continue with the Monosync installation on your Linux host. Type below command to install Monosync;
sudo monosync
OR
monosync
Example of the command output;
root@monofor:/tmp# monosync
#############################################################
######## Monosync Installation Started. #####################
#############################################################
If you want to use default hostnames please leave it blank
Type Monosync Hostname (Default: monosync):
DNS Name | DNS Query Result | FQDN
-------------------|--------------------|-------------------
monosync | Resolvable | monosync.monofor.test
#############################################################
######## All required DNS Names are resolved ################
######## by your DNS server. ################################
#############################################################
Please Set Monosync Version(Latest Stable Version: v2024.11 ):
[2024-12-11 14:14:01.699] [INFO] - Version defined. Monosync: v2024.11
##############################################################
DNS Name : monofor.test
Monosync Hostname : monosync
Monosync URL : monosync.monofor.test
Monosync Version : v2024.11
Database Type : PostgreSql
Database Server/Port : monofor-db:5432
Database Name : monosync
Database User : monofor
Database Password : *****************************
##############################################################
Are these information correct? Do you want to continue? (yes/no): yes
#############################################################
######## Monosync installation continue... ##################
#############################################################
#############################################################
######## Monosync Images Download Started. ##################
#############################################################
v2024.11: Pulling from monosync/app
Status: Downloaded newer image for cr.monofor.com/monosync/app:v2024.11
#############################################################
######## Monosync Images Download Finished ##################
#############################################################
#############################################################
######## Monosync Application URL updated ###################
######## in Monosign! #######################################
#############################################################
[2024-12-11 14:14:28.234] [INFO] - Variables change started.
[2024-12-11 14:14:29.528] [INFO] - Variables change finished.
Do you want to deploy monosync projects? (yes/no): yes
[2024-12-11 14:14:38.801] [INFO] - monosync project deploy started
Creating service monosync_cache
Creating service monosync_ui
Creating service monosync_service
monofor_loadbalancer
overall progress: 1 out of 1 tasks
iu06r0w62yaw: running
verify: Service monofor_loadbalancer converged
Progress : [mmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm] 100.00%
[2024-12-11 14:16:05.339] [INFO] - monosync stack deployed and monofor_loadbalancer updated.
[2024-12-11 14:16:05.868] [INFO] - Monosync HealthCheck Status: true
#############################################################
######## Monosync Installation Finished. ####################
######## Please open your browser and type ##################
#############################################################
########## https://monosync.monofor.test
#############################################################
Direct Access
Monosync has been successfully installed on your Linux host. You can open a web browser on your client machine and type the below address;
https://monosync.domainname
Replace domainname
in your url with domain name when you provided in the Pre-Requirement installation. In our example we used monofor.test
.
When typing monosync.monofor.test
on your browser you will get the Privacy Error because Monosync being installed with Self-Signed SSL certificate.
You can click Advanced → Continue to monosync.monofor.test
The page will be redirected to monosign-account.monofor.test
. Because all Monofor products use Monosign for authentication, authorization and access. So Monosync has no login page. Monosync is integrated with Monosign with the SSO architecture.
Please click “Login with Password” and type username and password.
Now you have successfully logged in to Monosync;
Monopam Installation
Please make sure to complete Monosign Installation first. For Monopam Installation, Monosign product must be installed on your Linux host.
If Monosign installation is not finished correctly, please do not continue with the next steps.
Now you can continue with the Monopam installation on your Linux host. Type below command to install Monopam.
sudo monopam
Example of the command output :
root@monofor:/tmp# monopam
#############################################################
######## Monopam Installation Started. ######################
#############################################################
If you want to use default hostnames please leave it blank
Type Monopam Hostname (Default: monopam):
| DNS Name | DNS Query Result | FQDN |
| --------------- | ---------------- | ---------------------------- |
| monopam | Resolvable | monopam.monofor.test |
| monopam-cdn | Resolvable | monopam-cdn.monofor.test |
| monopam-cdn-con | Resolvable | monopam-cdn-con.monofor.test |
#############################################################
######## All required DNS Names are resolved ################
######## by your DNS server. ################################
#############################################################
Please Set Monopam Version(Latest Stable Version: v2024.10 ):
[2024-12-11 14:24:38.648] [INFO] - Version defined. Monopam: v2024.10
##############################################################
DNS Name : monofor.test
Monopam Hostname : monopam
Monopam URL : monopam.monofor.test
Monopam Cdn Hostname : monopam-cdn
Monopam Cdn URL : monopam-cdn.monofor.test
Monopam CdnCon Hostname : monopam-cdn-con
Monopam CdnCon URL : monopam-cdn-con.monofor.test
Monopam Version : v2024.10
Database Type : PostgreSql
Database Server/Port : monofor-db:5432
Database Name : monopam
Database User : monofor
Database Password : *****************************
##############################################################
Are these information correct? Do you want to continue? (yes/no): yes
#############################################################
######## Monopam installation continue... ###################
#############################################################
#############################################################
######## Monopam Images Download Started. ###################
#############################################################
v2024.10: Pulling from monopam/app
Status: Downloaded newer image for cr.monofor.com/monopam/app:v2024.10
latest: Pulling from monopam/cdn
Status: Downloaded newer image for cr.monofor.com/monopam/cdn:latest
cr.monofor.com/monopam/cdn:latest
#############################################################
######## Monopam Images Download Finished ###################
#############################################################
#############################################################
######## Monopam Application URL updated ####################
######## in Monosign! #######################################
#############################################################
[2024-12-11 14:24:58.564] [INFO] - Variables change started.
[2024-12-11 14:25:01.457] [INFO] - Variables change finished.
Do you want to deploy Monopam projects? (yes/no): yes
[2024-12-11 14:25:16.390] [INFO] - Monopam project deploy started
Creating service monopam_cdn
Creating service monopam_cache
Creating service monopam_app
monofor_loadbalancer
overall progress: 1 out of 1 tasks
iu06r0w62yaw: running
verify: Service monofor_loadbalancer converged
Progress : [mmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm] 100.00%
[2024-12-11 14:26:42.772] [INFO] - monopam stack deployed and monofor_loadbalancer updated.
#############################################################
######## Monopam Tenant settings successfuly ################
######## updated. Message: null #############################
#############################################################
monopam_app
overall progress: 1 out of 1 tasks
1/1: running
verify: Service monopam_app converged
monofor_loadbalancer
overall progress: 1 out of 1 tasks
iu06r0w62yaw: running
verify: Service monofor_loadbalancer converged
[2024-12-11 14:27:17.109] [INFO] - Monopam service check started
[2024-12-11 14:27:20.282] [INFO] - Monopam HealthCheck Status: true
#############################################################
######## Monopam Installation Finished. Please ##############
######## open your browser and type #########################
#############################################################
########## https://monopam.monofor.test
#############################################################
root@monofor:/tmp#
Monopam has been successfully installed on your Linux host. You can open browser on your client machine and type the below address;
https://monopam.domainname
Replace domainname
in your url with domain name when you provided in the Pre-Requirement installation. In our example we used monofor.test
.
When typing monopam.monofor.test
on your browser you will get the Privacy Error because of Monopam being installed with Self-Signed SSL certificate.
You can click Advanced → Continue to monopam.monofor.test
The page will be redirected to monosign-account.monofor.test
. Because all Monofor products has using Monosign for authentication, authorization and access. So Monopam has no login page. Monopam is integrated with Monosign via SSO architecture.
Please click “Login with Password” and type username and password.
Now, you have successfully logged in to Monopam;