opFlow 2.3.1 upgrade instructions

This documentation assumes you are upgrading from 2.2.X and currently have opFlow reports running.

Upgrade files

  1. Backup your existing installation 

    cd /usr/local
    cp -r opmantek opmantek_backup_<insert_date> 
  2. Obtain a copy of the tarball, from now on it will be assumed the file is in /tmp
  3. Untar 

    cd /usr/local
    tar -zxvf /tmp/opFlow-release.tar.gz   
  4. Update config files 

    cd /usr/local/opmantek
    ./bin/opupdateconfig.pl install/opFlow.nmis conf/opFlow.nmis
    ./bin/opupdateconfig.pl install/opCommon.nmis conf/opCommon.nmis    
  5. Copy new configuration files into conf/ 

    cd /usr/local/opmantek
    cp install/EmailReports* conf/ 
  6. Fix permissions 

    cd /usr/local/opmantek/bin
    ./opfixperms.pl  
  7. Restart Daemons 

    service flowd restart
    service opflowd restart 

Reports (optional)

  1. [OPTIONAL] If you want hourly reports to be available immediately after the hour, add their generation to cron 

    crontab -e
    0 * * * * /usr/local/opmantek/bin/opFlowReports-hourly.sh 
  2. Daily reports should already be in the cron, if you have added hourly reports above they are not needed but running the script will do no harm

    crontab -e
     0 1 * * * /usr/local/opmantek/bin/opFlowReports-daily.sh

Email Reports (optional, requires reports to be configured)

NOTE: Emailing reports DOES NOT work with auth mode "apache".  Authentication must run through opmantek code, all other auth methods work, eg: htpasswd, ldap, etc.

  1. Install phantomjs

    1. Download it from http://phantomjs.org/
    2. Untar it, move it to /usr/local
    3. create a sym link to /usr/local/phantomjs, eg. ln -s phantomjs-1.9.2-linux-x86_64/ phantomjs
    4. Open /usr/local/opmantek/conf/opFlow.nmis, make sure this line 'phantomjs_executable' => '/usr/local/phantomjs/bin/phantomjs' is valid and points to the executable
  2. Ensure auth mode is not set to apache in nmis8/conf/Config.nmis, 'auth_method_1' => , also make sure auth is removed from apache config file 01opmantek.conf, and restart apache if necessary.
  3. Configure the email section of conf/opFlow.nmis 

    #the email section needs to be made valid
    'email' => {
     'mail_from' => 'open-audit_enterprise@yourdomain.com',
     'mail_password' => 'your_password',
     'mail_server' => 'smtp.yourdomain.com',
     'mail_server_port' => 25,
     'mail_subject_prefix' => '[mymagictag]',
     'mail_use_tls' => 'true',
     'mail_user' => 'your_user_account@your_domain.com'
     },
    
    # example Gmail configuration:
    'email' => {
     'mail_from' => 'user@gmail.com',
     'mail_password' => 'gmailPassword',
     'mail_server' => 'smtp.gmail.com',
     'mail_server_port' => 587,
     'mail_subject_prefix' => '[Report]',
     'mail_use_tls' => 'true',
     'mail_user' => 'user@gmail.com'
     },   
  4. [OPTIONAL] If you would like hourly reports to be emailed, configure the EmailReportsHourly.sh file, then enable it to be run from opFlowReports-hourly.sh

    vi /usr/local/opmantek/conf/EmailReportsHourly.sh
    
    # set email addresses
    # set sites
    # copy/paste code blocks for each site if that is how you want them sent out
    # create code block for specific reports if you don't want them all sent every time
    
    
    # then uncomment the line to run the EmailReportsHourly.sh script
    
    vi /usr/local/opmantek/bin/opFlowReports-hourly.sh 
    
    ## Uncomment the line below to enable emailing hourly reports
    ## Run Emails
    $OMK/conf/EmailReportsHourly.sh     # <- this line
  5. [OPTIONAL] If you would like daily reports to be emailed, follow the same steps as #2 BUT edit EmailReportsDaily.sh and opFlowReports-daily.sh

Troubleshooting

  1. Reminder, you can always test your settings by running the shell script manually (make sure you don't have email addresses listed that should not receive test emails) 

    # test
    /usr/local/opmantek/conf/EmailReportsHourly.sh
    
    # if you are not getting any emails, check /usr/local/opmantek/logs/opFlowReports.log
  2. Turn on DEBUG if you are having problems and check the logs again:

    # opFlowReports-daily.sh, opFlowReports-hourly.sh, EmailReportsDaily.sh, EmailReportsHourly.sh all have this setting
    DEBUG=false # change this line to:
    
    DEBUG=true
    
    # now run script again and check /usr/local/opmantek/logs/opFlowReports.log