While there are a range of solutions out there to deal with portions of the client's needs, I could only one solution that met them all together in one low cost, easy to manage package.
RackTables is essentially a PHP/MySQL solution to documenting data centre assets that is developed to run with Linux distributions and packages. My client however runs a Microsoft Windows shop. While I managed to get a Linux box into their environment for an initial evaluation, the ongoing question is "will it run on Windows?".
Much to my pleasure, the short answer is "yes". The HowTo documented below shows how I set it up with Windows 7 and what I suspect the limitations are. It's worth noting that using this setup in a production environment comes with the usual caveats; security is your own risk and the instructions below come with no warranties whatsoever. The process may work equally as well on Windows Sever 2008 and later.
Features Not Available on Windows
Out of the box, there are certain features of RackTables that are tied to *nix environments through packages not built into Windows. Some features may be available with the use of additional windows applications. Effected features may include:
- Gateways
- Plug-ins
- Scripts
WAMP
By far the cheapest and easiest solution to get PHP, MySQL and a web server onto Windows is to grab and install a pre-built stack that includes Apache, MySQL and PHP. There exists two such stacks that I know of. The SourceForge WAMP and the Bitnami WAMP. Notably Bitnami also hosts a WAMP Docker container; though that is beyond the scope of this write-up.
Installing WAMP is dead simple. I grabbed a copy from here and installed to the default directory c:\wamp
Interacting with WAMP is done by left-clicking the system tray icon and running through the pop-up menu to access configuration files, logs and management tools.
RackTables
Download the latest stable RackTables zip files and extract the wwwroot folder to c:\racktables
From the WAMP system tray icon menu, add an Apache alias (WAMP > Apache > Alias directories > Add an alias
Enter 'racktables' and 'C:\RackTables\wwwroot' as the alias and destination, then Enter to exit.
Edit the alias file,'C:\wamp\alias\racktables.conf' so it looks like:
From the WAMP system tray icon menu, open a MySQL console (WAMP > MySQL > MySQL Console) and run the following SQL commands to create the database and a user:
Alias /racktables/ "c:/RackTables/wwwroot/"
# to give access to racktables from outside
# replace the lines
#
# Require local
#
# by
#
# Require all granted
#
Options Indexes FollowSymLinks MultiViews
AllowOverride all
Require local
Order Deny,Allow
Deny from all
Allow from localhost ::1 127.0.0.1
CREATE DATABASE racktables_db CHARACTER SET utf8 COLLATE utf8_general_ci;Point your browser to RackTables on your Apache webserver. (e.g. http://localhost/racktables ) In my case, I already had a web server installed, so I setup apache on port 81. If everything goes well, you will get an error message. At the end of the error message is a link (labelled "here") to the RackTables installer; click it!
GRANT ALL PRIVILEGES ON racktables_db.* to racktables_user@localhost IDENTIFIED BY "MY_SECRET_PASSWORD";
exit
This should take you to the first of the seven installation steps.
Click 'proceed'.
At this point you'll need to create an empty text file called c:\wamp\www\racktables\inc\secret.php
Then click the 'retry' button.
Keep the default settings which will have MySQL connections performed over TCP. You should only have to enter your chosen password (used in the SQL command earlier) and click 'retry'.
Click 'proceed'.
At step 4, RackTables will attempt to verify that you've secured the secret.php file that is has now configured. To do this I modified the file security settings as shown below and made the file read-only.
Hit the 'retry' button in the browser window and if it's all good you should get the confirmation shown below.
Click 'proceed'.
RackTables has now initialised its MySQL database. Click 'proceed'.
Set your 'admin' user password.
Click 'retry' and you should get the confirmation shown below.
Click 'proceed'.
Installation complete!
You should now be able to point your browser back to your RackTables installation (e.g. http://localhost/racktables ), login as you admin user and get the main screen as shown below.
Enabling Features
OK, so in step 2 of the RackTables installation you would have noticed a couple of PHP extenstions that were marked 'not present'. There are three we can 'enable' as follows
System PATH Variable
Some of the extensions fail to be found because the DLL files can't be found. Evidence of this will show in your PHP error log. I added the following paths to my system PATH variable and restarted Apache to resolve this:
SNMP
C:\wamp\bin\php\php5.5.12
C:\wamp\bin\php\php5.5.12\ext
Simply go through the WAMP menu; WAMP > PHP > PHP Extensions > php_snmp. Make sure its enabled (ticked).
PCNTL
PCNTL is a PHP extension that provides process control functions. Apparently it relies on *nix functions and so it won't work on Windows.
HTTPS
This is really a security feature, so I've covered it below.
Security
OK, so Pierre Baron has listed his experience and the process noted below is based in part on that. The HTTPS setup is based on a WAMP forum article.
HTTPS
This is optional, however if you're exposing your Apache interface to a public network, its pretty much mandatory for security. Without HTTPS, passwords are transmitted in plain text and provide an easy way to bust into your WAMP environment, particularly if you allow administrative (write access) via a public interface/IP. The procedure below assumes you're just going to use a self-signed certificate. I'd recommend buying one if you have "public" users who don't know enough to sense a MITM attack. Ok, so here goes;
Open a command prompt to your Apache bin directory, such as
c:\wamp\bin\apache\apache2.4.9\binCreate a self-signed private RSA key by running the command:
openssl genrsa -des3 -out server.key 1024Make sure you use a strong password and keep it securely. In many cases the key you are creating is your first line of security. Create a copy of the key file:
copy server.key server.key.orgCreate a public key by removing the pass phrase from the private key:
openssl rsa -in server.key.org -out server.keyUse this key to create a self-signed X509 certificate:
openssl req -new -x509 -nodes -sha1 -days 365 -key server.key -out server.crt -config C:\wamp\bin\apache\apache2.4.9\conf\openssl.cnfEnter data into the certificate fields when prompted. Then create the folders:
copy server.crt to the ssl.cert folder and server.key to the ssl.key
C:\wamp\bin\apache\apache2.4.9\conf\ssl.crt
C:\wamp\bin\apache\apache2.4.9\conf\ssl.key
Through the WAMP menu;
- enable the ssl module: WAMP > Apache > Apache modules > ssl_module
- enable the socache module: WAMP > Apache > Apache modules > socache_shmcb_module
- enable the php extension: WAMP > PHP > PHP extensions > php_openssl
Edit the file C:\wamp\bin\apache\apache2.4.9\conf\httpd.conf and remove the # (comment) character from the line:
Include conf/extra/httpd-ssl.confAnd add the # (comment) character to the lines:
#Listen 0.0.0.0:80#Listen [::0]:80
Open the file C:\wamp\bin\apache\apache2.4.9\conf\extra\httpd-ssl.conf
Firstly, do a search and replace all from 'c:/Apache24' to 'c:/wamp/bin/apache/apache2.4.9' or your equivalent. Find the line which says:
Then edit the following lines to match you certificate and key:
# General setup for the virtual host
DocumentRoot "c:/wamp/www/"
ServerName severname.example.com:443
ServerAdmin admin@example.com
ErrorLog "C:/wamp/bin/apache/apache2.4.9/logs/ssl_error.log"
TransferLog "C:/wamp/bin/apache/apache2.4.9/logs/ssl_access.log"
Change the line which says
SSLCertificateFile "C:/wamp/bin/apache/apache2.4.9/conf/ssl.crt/server.crt"
SSLCertificateKeyFile "C:/wamp/bin/apache/apache2.4.9/conf/ssl.key/server.key"
Options Indexes FollowSymLinks MultiViewsAllowOverride AllOrder allow,denyallow from allTo test your changes, run the following at your command prompt you opened previously (at the apache bin dir).
httpd -tYou should get a 'Syntax OK' message. If not, follow up the error message before restarting your Apache service.
Firewall
First and foremost only allow your Apache service (TCP port 443 if using HTTPS or TCP port 80 for plain HTTP) through your Windows (or equivalent) firewall and only to your public facing IP address (local connections shouldn't touch the firewall).
MySQL & phpMyAdmin
Go to the phpMyAdmin URL (e.g. http://localhost/phpmyadmin ) and select the 'Users' tab at the top of the main screen. Set a password for each of the three 'root' users that have GRANT = Yes. Set the password through the 'Edit Privileges' link and resulting screen. If you reload your web browser at this point, you will get an error message as the phpMyAdmin configuration doesn't have the root password any more.
Edit the file C:\wamp\apps\phpmyadmin4.1.14\config.inc.php (or the equivalent folder for your phpMyAdmin version). Enter your new root password in the line that looks like this:
$cfg['Servers'][$i]['password'] = 'my_root_password';Save the file and reload phpMyAdmin in your browser. Your user list should now look like this;
Other Web Services
By default WAMP installs such that the phpMyAdmin, webgrind, SQL Buddy and phpSysInfo tools are only accessible from 'local' addresses. If you want to be ultra-secure, I'd edit the alias configurations under C:\wamp\alias and change the line 'Require local' to 'Require all denied' to disable them until they are needed.
Don't forget to restart the Apache service if you make changes.
https:/localhost/racktablesEnjoy!
