strongSwan Manager » History » Version 1
Martin Willi, 13.09.2007 09:40
1 | 1 | Martin Willi | = strongSwan management application = |
---|---|---|---|
2 | 1 | Martin Willi | |
3 | 1 | Martin Willi | The IKEv2 daemon charon has a XML interface to query information and to control the daemon (see [wiki:SMP]). A web application allows to interact with the daemon using this protocol. |
4 | 1 | Martin Willi | |
5 | 1 | Martin Willi | ---- |
6 | 1 | Martin Willi | '''''The manager is under heavy development and not for production use! ''''' |
7 | 1 | Martin Willi | ---- |
8 | 1 | Martin Willi | |
9 | 1 | Martin Willi | == Building management application == |
10 | 1 | Martin Willi | |
11 | 1 | Martin Willi | The manager is based on a fastcgi application and uses the !ClearSilver templating engine to build the web sites. So you'll need |
12 | 1 | Martin Willi | * !ClearSilver including headers (Debian: clearsilver-dev) |
13 | 1 | Martin Willi | * FastCGI headers and library (Debian: libfcgi-dev) |
14 | 1 | Martin Willi | * SQLite3 with headers (Debian: libsqlite3-dev) |
15 | 1 | Martin Willi | |
16 | 1 | Martin Willi | To build the manager, add the following options to ./configure |
17 | 1 | Martin Willi | {{{ |
18 | 1 | Martin Willi | --enable-xml --enable-manager |
19 | 1 | Martin Willi | }}} |
20 | 1 | Martin Willi | |
21 | 1 | Martin Willi | == Setting up Apache 2 == |
22 | 1 | Martin Willi | As the manager uses FastCGI, different web server may be used to host the application. Here we look at configuration of apache using mod-fastcgi. |
23 | 1 | Martin Willi | |
24 | 1 | Martin Willi | Additionally to Apache2, you'll need |
25 | 1 | Martin Willi | * mod-fastcgi (Debian: libapach2-mod-fastcgi) |
26 | 1 | Martin Willi | |
27 | 1 | Martin Willi | Make sure to enable the new module and that the following fastcgi option is set (e.g. in mods-enabled/fastcgi.conf): |
28 | 1 | Martin Willi | {{{ |
29 | 1 | Martin Willi | AddHandler fastcgi-script .fcgi |
30 | 1 | Martin Willi | }}} |
31 | 1 | Martin Willi | Add a script alias to a website: |
32 | 1 | Martin Willi | {{{ |
33 | 1 | Martin Willi | ScriptAlias /manager /usr/local/libexec/ipsec/manager.fcgi |
34 | 1 | Martin Willi | }}} |
35 | 1 | Martin Willi | |
36 | 1 | Martin Willi | == Logging in == |
37 | 1 | Martin Willi | |
38 | 1 | Martin Willi | Now you can surf to |
39 | 1 | Martin Willi | {{{ |
40 | 1 | Martin Willi | http://host/manager/status/ikesalist |
41 | 1 | Martin Willi | }}} |
42 | 1 | Martin Willi | The shipped configuration allows you to log in using ''strongSwan'' with the password ''strongi''. Charon currently listens on TCP port 4502, so |
43 | 1 | Martin Willi | choose that configuration for now. |