Overview
This guide provides instructions for deploying NMIS 9 using either Quick Start or Docker Compose methods, with optional Apache reverse proxy configuration. The solution can be deployed either with a containerized MongoDB instance or configured to use an external MongoDB server.
Prerequisites
Docker Engine (20.10.0 or newer)
Docker Compose (v2.0.0 or newer) if using compose method
Apache2 with required modules (if using reverse proxy):
mod_ssl
mod_proxy
mod_proxy_http
mod_headers
SSL certificates (if using HTTPS)
Method 1: Quick Start (Single Container)
Pull the NMIS image:
docker pull nmis9:latest
Create required directories and files:
mkdir -p app_conf touch app_conf/Config.nmis touch app_conf/opCommon.json touch app_conf/opLicense.json
Start the container:
docker run -d \ --name nmis9 \ -e NMIS_DB_USERNAME=root \ -e NMIS_DB_PASSWORD=example \ -e NMIS_DB_SERVER=mongodb.example.com \ -e NMIS_SERVER_NAME=example-host-1 \ -e NMIS_CLUSTER_ID=660f29ae-f150-4119-bf04-cd9296852449 \ -v $(pwd)/app_conf/Config.nmis:/usr/local/nmis9/conf/Config.nmis \ -v $(pwd)/app_conf/opCommon.json:/usr/local/omk/conf/opCommon.json \ -v $(pwd)/app_conf/opLicense.json:/usr/local/omk/conf/opLicense.json \ -p 8080:8080 \ -p 8042:8042 \ nmis9:latest
Verify deployment:
docker ps | grep nmis9 docker logs nmis9
Method 2: Docker Compose (Full Stack)
Pull the NMIS image:
docker pull nmis9:latest
Create required directories and files:
mkdir -p app_conf touch app_conf/Config.nmis touch app_conf/opCommon.json touch app_conf/opLicense.json
Create docker-compose.yaml:
version: '3.4'
services:
mongo:
image: mongo:4.4
restart: always
healthcheck:
test: echo 'db.runCommand("ping").ok' | mongo mongo:27017/test --quiet
interval: 60s
timeout: 60s
retries: 5
start_period: 60s
environment:
MONGO_INITDB_ROOT_USERNAME: root
MONGO_INITDB_ROOT_PASSWORD: ${MONGO_PASSWORD:-example}
volumes:
- mongo_data:/var/lib/mongodb
networks:
- backend
nmis:
image: nmis9:latest
restart: always
environment:
NMIS_DB_USERNAME: root
NMIS_DB_PASSWORD: ${MONGO_PASSWORD:-example}
NMIS_DB_SERVER: mongo
NMIS_SERVER_NAME: ${NMIS_SERVER_NAME:-example-host-1}
NMIS_CLUSTER_ID: ${NMIS_CLUSTER_ID:-660f29ae-f150-4119-bf04-cd9296852449}
depends_on:
mongo:
condition: service_healthy
volumes:
- log_data:/usr/local/nmis9/logs
- var_data:/usr/local/nmis9/var
- conf_data:/usr/local/nmis9/conf
- database_data:/usr/local/nmis9/database
- ./app_conf/Config.nmis:/usr/local/nmis9/conf/Config.nmis
- ./app_conf/opCommon.json:/usr/local/omk/conf/opCommon.json
- ./app_conf/opLicense.json:/usr/local/omk/conf/opLicense.json
ports:
- "8080:8080"
- "8042:8042"
networks:
- backend
networks:
backend:
volumes:
log_data:
var_data:
conf_data:
database_data:
mongo_data:
Start the services:
docker compose up -d
Monitor deployment:
docker compose ps docker compose logs -f
Apache Reverse Proxy Configuration (Optional)
Enable required Apache modules:
sudo a2enmod ssl proxy proxy_http headers sudo systemctl restart apache2
Create virtual host configuration:
# /etc/apache2/sites-available/nmis.conf
<VirtualHost *:80>
ServerName nmis.example.com
Redirect permanent / <https://nmis.example.com/>
</VirtualHost>
<VirtualHost *:443>
ServerName nmis.example.com
SSLEngine on
SSLCertificateFile /etc/ssl/certs/nmis.crt
SSLCertificateKeyFile /etc/ssl/private/nmis.key
# Security headers
Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains"
Header always set X-Frame-Options "SAMEORIGIN"
Header always set X-XSS-Protection "1; mode=block"
Header always set X-Content-Type-Options "nosniff"
# Logging configuration
ErrorLog ${APACHE_LOG_DIR}/nmis_error.log
CustomLog ${APACHE_LOG_DIR}/nmis_access.log combined
ProxyPreserveHost On
# NMIS Web Interface
ProxyPass / <http://localhost:8080/>
ProxyPassReverse / <http://localhost:8080/>
# OMK Interface
ProxyPass /omk/ <http://localhost:8042/>
ProxyPassReverse /omk/ <http://localhost:8042/>
</VirtualHost>
Enable virtual host:
sudo a2ensite nmis.conf sudo systemctl reload apache2
Common Issues and Troubleshooting
MongoDB Connection Issues:
Verify MongoDB container:
docker compose psCheck MongoDB logs:
docker compose logs mongoVerify credentials in environment variables
Apache Proxy Issues:
Check Apache error logs:
tail -f /var/log/apache2/error.logVerify SSL certificate paths and permissions
Check SELinux policies if applicable
Security Considerations
Change default passwords:
MongoDB root password
NMIS admin credentials
SSL/TLS Configuration:
Use strong SSL protocols (TLSv1.2+)
Regularly update SSL certificates
Implement proper cipher suites
Network Security:
Implement proper firewall rules
Regular security updates
Maintenance
Backup Strategy:
# Backup MongoDB data docker compose exec mongo mongodump --out /backup # Backup configuration files tar -czf nmis_config_backup.tar.gz app_conf/
Updates:
# Pull latest images docker compose pull # Restart services docker compose down docker compose up -d
Advanced Configuration
External MongoDB
To use an external MongoDB instance:
Remove the
mongoservice from docker-compose.yamlUpdate NMIS environment variables with external MongoDB details
Ensure proper network connectivity and authentication
Custom Networking
For enhanced security:
Use custom network ranges
Implement network segmentation
Add additional security layers (WAF, IDS)
Support and Resources
NMIS Documentation: Introduction & Setup
Docker Documentation: https://docs.docker.com
MongoDB Documentation: https://docs.mongodb.com
Apache Documentation: https://httpd.apache.org/docs/