strongSwan Manager » History » Version 1
Martin Willi, 13.09.2007 09:40
| 1 | 1 | Martin Willi | = strongSwan management application = |
|---|---|---|---|
| 2 | 1 | Martin Willi | |
| 3 | 1 | Martin Willi | The IKEv2 daemon charon has a XML interface to query information and to control the daemon (see [wiki:SMP]). A web application allows to interact with the daemon using this protocol. |
| 4 | 1 | Martin Willi | |
| 5 | 1 | Martin Willi | ---- |
| 6 | 1 | Martin Willi | '''''The manager is under heavy development and not for production use! ''''' |
| 7 | 1 | Martin Willi | ---- |
| 8 | 1 | Martin Willi | |
| 9 | 1 | Martin Willi | == Building management application == |
| 10 | 1 | Martin Willi | |
| 11 | 1 | Martin Willi | The manager is based on a fastcgi application and uses the !ClearSilver templating engine to build the web sites. So you'll need |
| 12 | 1 | Martin Willi | * !ClearSilver including headers (Debian: clearsilver-dev) |
| 13 | 1 | Martin Willi | * FastCGI headers and library (Debian: libfcgi-dev) |
| 14 | 1 | Martin Willi | * SQLite3 with headers (Debian: libsqlite3-dev) |
| 15 | 1 | Martin Willi | |
| 16 | 1 | Martin Willi | To build the manager, add the following options to ./configure |
| 17 | 1 | Martin Willi | {{{ |
| 18 | 1 | Martin Willi | --enable-xml --enable-manager |
| 19 | 1 | Martin Willi | }}} |
| 20 | 1 | Martin Willi | |
| 21 | 1 | Martin Willi | == Setting up Apache 2 == |
| 22 | 1 | Martin Willi | As the manager uses FastCGI, different web server may be used to host the application. Here we look at configuration of apache using mod-fastcgi. |
| 23 | 1 | Martin Willi | |
| 24 | 1 | Martin Willi | Additionally to Apache2, you'll need |
| 25 | 1 | Martin Willi | * mod-fastcgi (Debian: libapach2-mod-fastcgi) |
| 26 | 1 | Martin Willi | |
| 27 | 1 | Martin Willi | Make sure to enable the new module and that the following fastcgi option is set (e.g. in mods-enabled/fastcgi.conf): |
| 28 | 1 | Martin Willi | {{{ |
| 29 | 1 | Martin Willi | AddHandler fastcgi-script .fcgi |
| 30 | 1 | Martin Willi | }}} |
| 31 | 1 | Martin Willi | Add a script alias to a website: |
| 32 | 1 | Martin Willi | {{{ |
| 33 | 1 | Martin Willi | ScriptAlias /manager /usr/local/libexec/ipsec/manager.fcgi |
| 34 | 1 | Martin Willi | }}} |
| 35 | 1 | Martin Willi | |
| 36 | 1 | Martin Willi | == Logging in == |
| 37 | 1 | Martin Willi | |
| 38 | 1 | Martin Willi | Now you can surf to |
| 39 | 1 | Martin Willi | {{{ |
| 40 | 1 | Martin Willi | http://host/manager/status/ikesalist |
| 41 | 1 | Martin Willi | }}} |
| 42 | 1 | Martin Willi | The shipped configuration allows you to log in using ''strongSwan'' with the password ''strongi''. Charon currently listens on TCP port 4502, so |
| 43 | 1 | Martin Willi | choose that configuration for now. |