Author: internet elephant

Posted on

Creating a New Wi-Fi Network on a Mac

Creating a New Wi-Fi Network on a Mac

A friend of mine needed to update their iPhone but did not have, or otherwise need, Wi-Fi. Fortunately they have an Ethernet connection into their MacBook, so let’s take a look on how we can create a temporary Wi-Fi network, connect their phone to it, and then update it over Wi-Fi.

Note: The following instructions were created on a MacBook Pro running macOS Monterey (12.6)

Prerequisites: You will need a Mac of any type, plugged into the network with an internet / Ethernet cable, and not currently connected to another Wi-Fi source.

Caution: This should not be done in an office environment, and is intended for personal / home use only.

First, we’ll open up System Preferences, as this is where we will do all of our configuration. To do so, click the Apple logo in the upper left hand corner of the screen, and select System Preferences.

Next, let’s ensure we have the Wi-Fi icon showing on our menu bar. To do so, click Network in System Preferences, and then ensure a check mark is selecting Show Wi-Fi status in Menu Bar.

Note: The above image shows Wi-Fi: Off. If you see the same, click the Turn Wi-Fi On button on this screen before continuing.

Click the back button to return to the main System Preferences window. Then select Sharing.

On the Sharing page, we may first need to unlock this window to make our changes. Click the lock, and then enter your user name and password for this computer. This user will need to have administrator rights to the computer, and if you only have one account, this will work.

Now unlocked, let’s select Internet Sharing to get started. On this page, ensure the Share your connection from: selection contains something about Ethernet.

Next, click the box next to Wi-Fi to select it, and then click the Wi-Fi Options… button.

On the Wi-Fi Options window that pops up, create a Network Name you will recognize later, select a Channel, ensure Security is set to WPA2/WPA3 Personal, and then type a password. A short phrase to get you to around 15 characters in your password is a great practice to follow in order to make it tougher for bad guys to figure it out.

Click the OK button when complete.

We can see were are not done yet, but close! Notice the WiFi symbol in the menu bar is still greyed out at the very top of your screen. Also notice the Sharing window says Internet Sharing: Off.

To finally turn our Wi-Fi hot spot on, let’s click in the box named Internet Sharing, and then when the pop-up warning appears, click the Start button.

You should now see a few signs your Wi-Fi is available. The Service list shows Internet Sharing is enabled with a check mark (1), we see a green light and it says Internet Sharing: On (2), and a rare site on a Mac, your Wi-Fi indicator in the menu bar at the top of your screen has a little arrow inside it indicating this mac is sending Wi-Fi out into the air (3).

We can now open up the Settings app on our iPhone, iPad, or other device to join the network we just created.

One final step when done, be sure to disable this hot spot we created today to best protect your Mac. Don’t worry about loosing any work we did, your network name, password, and settings will be saved for next time, as it can be simply turned on/off when needed by checking / unchecking the Internet Sharing box. Here I’ve turned it off until next time:

I hope that helps anyone that may have a use case for this, and please contact me if you have any issues, comments, or improvements we can share.

– Internet Elephant

Posted on

Installing LabKey on CentOS 7

Installing LabKey on CentOS 7

Introduction

Installing LabKey for your lab can be done a number of ways.  This approach manually installs virtually all aspects of the LabKey software stack, allowing for easy long term maintenance and the upgrades.

Section 1: Setting up CentOS 7

Let’s begin with installing RHEL or CentOS 7 on your hardware or VM.  For these instructions and their illustrative purpose, the CentOS 7 Minimal ISO was selected and installed in a VM with 8GB memory, 2 cores, and a 64GB drive.  Please see here for Labkey’s recommened hardware requirements

After the install’s reboot, let’s disable the NetworkManager service, and then setup a static IP via the networking scripts:

[root@localhost]# systemctl disable NetworkManager
Removed symlink /etc/systemd/system/multi-user.target.wants/NetworkManager.service.
Removed symlink /etc/systemd/system/dbus-org.freedesktop.NetworkManager.service.
Removed symlink /etc/systemd/system/dbus-org.freedesktop.nm-dispatcher.service.

Configure the script with the appropriate values for your environment, making sure that the script is set to “ON”.

[root@localhost]# vi /etc/sysconfig/network-scripts/ifcfg-eth
TYPE=Ethernet
NAME=eth0
IPADDR=10.17.0.101
NETMASK=255.255.255.0
GATEWAY=10.17.0.1
DNS1=8.8.8.8
DNS2=8.8.4.4
NM_CONTROLLED=no
BOOTPROTO=static
ONBOOT=yes 
USERCTL=no
DEFROUT=yes
PEERDNS=yes
PEERROUTES=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=no
IPV6_AUTOCONF=no
IPV6_PEERDNS=no
IPV6_PEERROUTES=no
IPV6_FAILURE_FATAL=no
UUID=(unique ID already present)
[root@localhost]# systemctl restart network

We now have a static IP for our web server on the local network.  We’ll now set up a hostname if not yet set at installation.

[root@localhost]# hostnamectl set-hostname lims-1
[root@lims_1 ~]# hostname
lims-1
[root@lims_1 ~]#

If you haven’t yet, let’s update the system and reboot.

[root@lims_1 ~]# yum -y update; reboot

Section 2: Preparing for LabKey’s Installation Prerequisites

We will now need to download the Server Java JRE from Oracle, and the LabKey software form LabKey, Postgres, and the Tomcat software from the Apache project.  Move to the src directory to download the needed software with wget, and then unpack the software.

Note: On the list of Java JRE, be sure to select the “Server JRE” in order to better secure your machine.  Performance will also be better.

[root@lims_1 ~]# yum install wget gcc
[root@lims_1 ~]# cd /usr/local/src

After you are done, it should look similar to this, but with newer version numbers:

[root@lims-1 src]# ll -h
total 242M
drwxr-xr-x. 9 root root 4.0K Aug  6 17:11 apache-tomcat-8.5.4
-rw-r--r--. 1 root root 8.9M Jul  6 02:26 apache-tomcat-8.5.4.tar.gz
drwxr-xr-x. 8   10  143 4.0K Jun 22 03:09 jdk1.8.0_101
drwxr-xr-x. 6 root root 4.0K Aug  6 17:11 LabKey16.2-45209.14-community-bin
-rw-r--r--. 1 root root 153M Jul 15 17:22 LabKey16.2-45209.14-community-bin.tar.gz
drwxrwxrwx. 6 1107 1107 4.0K May  9 14:08 postgresql-9.5.3
-rw-r--r--. 1 root root  24M May  9 14:08 postgresql-9.5.3.tar.gz
-rw-r--r--. 1 root root  58M Aug  6 17:16 server-jre-8u101-linux-x64.tar.gz

When creating your folders as I did below, name each one with the appropriate version number.  LabKey updates frequently, so we’ll be creating generic name soft links for each component, and can simply change the directory to the new version as we upgrade all of this later in the year and beyond.

[root@lims_1 ~]# cd /usr/local
[root@lims_1 local]# mkdir labkey-16.2
[root@lims-1 local]# mkdir jre-8u101
[root@lims-1 local]# mkdir tomcat-8.5.4
[root@lims-1 local]# mkdir postgres-9.5.3
[root@lims-1 local]# ln -s labkey-16.2 labkey
[root@lims-1 local]# ln -s postgres-9.5.3 pgsql
[root@lims-1 local]# ln -s jre-8u101 java
[root@lims-1 local]# ln -s tomcat-8.5.4 tomcat

You should see something like this now:

[root@lims-1 local]# ll
total 4
drwxr-xr-x. 2 root root   6    Aug 12  2015 bin
drwxr-xr-x. 2 root root   6    Aug 12  2015 etc
drwxr-xr-x. 2 root root   6    Aug 12  2015 games
drwxr-xr-x. 2 root root   6    Aug 12  2015 include
lrwxrwxrwx. 1 root root   9    Aug  6 17:21 java -> jre-8u101
drwxr-xr-x. 2 root root   6    Aug  6 16:57 jre-8u101
lrwxrwxrwx. 1 root root   11   Aug  6 17:20 labkey -> labkey-16.2
drwxr-xr-x. 2 root root   6    Aug  6 16:43 labkey-16.2
drwxr-xr-x. 2 root root   6    Aug 12  2015 lib
drwxr-xr-x. 2 root root   6    Aug 12  2015 lib64
drwxr-xr-x. 2 root root   6    Aug 12  2015 libexec
lrwxrwxrwx. 1 root root   14   Aug  6 17:20 pgsql -> postgres-9.5.3
drwxr-xr-x. 2 root root   6    Aug  6 17:17 postgres-9.5.3
drwxr-xr-x. 2 root root   6    Aug 12  2015 sbin
drwxr-xr-x. 5 root root   46   Aug  5 22:04 share
drwxr-xr-x. 6 root root 4096   Aug  6 17:17 src
lrwxrwxrwx. 1 root root   12   Aug  6 17:21 tomcat -> tomcat-8.5.4
drwxr-xr-x. 2 root root   6    Aug  6 16:55 tomcat-8.5.4

Installing the JRE is easy, as it is simply a move into our /usr/local/java folder:

[root@lims_1 local]# cd /usr/local/src
[root@lims-1 src]# mv jdk1.8.0_101/* ../java/

Next, we’ll install and turn on apache, to confirm it is working.

[root@lims-1 local]# yum install httpd
[root@lims-1 local]# systemctl start httpd

Verify it is working by loading it up your browser, using the IP (or DNS if you set it up).  In this instance, typing in http://10.17.0.101 worked for me.  Since it’s working, let’s make httpd startup permanent:

[root@lims-1 local]# systemctl enable httpd

Note: If you have any issues accessing the success page for Apache, check the firewall to make sure it has the port open.

Section 3: Installing Tomcat 8

Now that Apache is running, we will now install and verify Tomcat is working. First, let’s set our Java environment so we are using the right Java for our project, regardless of whether the CentOS java default installation ever occurs.

First, open a new file…

[root@lims-1 local]# vi > /etc/profile.d/java_env.sh

Then enter the following before saving and closing..

export JAVA_HOME=/usr/local/java
export PATH=$JAVA_HOME/bin:$PATH

Now add this to your current environment and verify:

[root@lims-1 local]# source /etc/profile.d/java_env.sh
[root@lims-1 local]# java -version
java version "1.8.0_101"
Java(TM) SE Runtime Environment (build 1.8.0_101-b13)
Java HotSpot(TM) 64-Bit Server VM (build 25.101-b13, mixed mode)

We’ll now move files, create our tomcat user, and set the permissions for directory:

[root@lims-1 local]# cp -R apache-tomcat-8.5.4/* /usr/local/tomcat-8.5.4/
[root@lims-1 local]# cd /usr/local/tomcat
[root@lims-1 tomcat]# groupadd tomcat
[root@lims-1 tomcat]# useradd -s /bin/nologin -g tomcat -d /usr/local/tomcat tomcat
useradd: warning: the home directory already exists.
Not copying any file from skel directory into it.
[root@lims-1 tomcat]# chown -R tomcat.tomcat /usr/local/tomcat-8.5.4
[root@lims-1 tomcat]# chmod g+rwx conf
[root@lims-1 tomcat]# chmod g+r conf/*

Now that we have the tomcat files and user in place, let’s have them run the service and have it start automatically on reboot:

[root@lims-1 tomcat]# vi /etc/systemd/system/tomcat.service

In this new tomcat.service file, enter the following, slightly tuned for LabKey:

# Systemd unit file for tomcat

[Unit]
Description=Apache Tomcat Web Application Container
After=network.target

[Service]
Type=forking
PIDFile=/usr/local/tomcat/temp/tomcat.pid
Environment=JAVA_HOME=/usr/local/java
Environment=CATALINA_PID=/usr/local/tomcat/temp/tomcat.pid
Environment=CATALINA_HOME=/usr/local/tomcat
Environment=CATALINA_BASE=/usr/local/tomcat
Environment='CATALINA_OPTS=-Xms512M -Xmx2048M -server -XX:-HeapDumpOnOutOfMemoryError'
Environment='JAVA_OPTS=-Djava.awt.headless=true -Djava.security.egd=file:/dev/./urandom'

ExecStart=/usr/local/tomcat/bin/startup.sh
ExecStop=/usr/local/tomcat/bin/shutdown.sh

User=tomcat
Group=tomcat

[Install]
WantedBy=multi-user.target

Save and quit, then integrate it with the system:

[root@lims-1 tomcat]# systemctl daemon-reload
[root@lims-1 tomcat]# systemctl start tomcat

Check in a browser that this works correctly.  For these instructions, we’ll load http://10.17.0.101:8080 in our browser.  Note: If you checked before this step by starting it manually, you might now have log files owned by root in the tomcat directory that won’t be written to.  These should be fixed before continuing.

Section 4: Installing PostgreSQL

First install the openssl development files and a couple other things so we can build PostgreSQL, and with SSL support:

[root@lims-1 tomcat]# yum install openssl*64 bison* readline*

Move to the src directory, make a build directory, and run configure from within the config directory:

[root@lims-1 tomcat]# cd ../src/postgresql-9.5.3
[root@lims-1 postgresql-9.5.3]# ./configure --with-openssl --prefix=/usr/local/pgsql
[root@lims-1 postgresql-9.5.3]# make

You should see a “All of PostgreSQL successfully made. Ready to install.” at the end of the build.  If so, proceed with:

[root@lims-1 postgresql-9.5.3]# make install

Let’s make the user and group to run the service with, as we don’t want to run this as root:

[root@lims-1 postgresql-9.5.3]# cd /usr/local/pgsql
[root@lims-1 pgsql]# groupadd postgres
[root@lims-1 pgsql]# adduser postgres -g postgres -d /usr/local/pgsql
adduser: warning: the home directory already exists.
Not copying any file from skel directory into it.
[root@lims-1 pgsql]# passwd postgres (let's go with: d8@b@53b@by)
[root@lims-1 pgsql]# chown -R postgres /usr/local/postgres-9.5.3

Now switch to the postgres user, and initialize the database cluster.  There will be a bunch of output that I won’t copy below, but you should see a “Success” near the end of the output after initialization.

[root@lims-1 pgsql]# su postgres
bash-4.2$ bin/initdb -D /usr/local/pgsql/data
bash-4.2$ exit
[root@lims-1 pgsql]# mkdir -p /var/log/pgsql
[root@lims-1 pgsql]# chown -R postgres:postgres /var/log/pgsql/
[root@lims-1 pgsql]# vi data/postgresql.conf

In the postgresql.conf file, uncomment and change the following in order to use our logging directory:

logging_collector = on
log_directory = '/var/log/pgsql/'

Setup psql to accessible in your path permanently:

[root@lims-1 pgsql]# vi /etc/profile.d/postgresql.sh

And enter one line:

export PATH=/usr/local/pgsql/bin:$PATH

Save and source:

[root@lims-1 pgsql]# source /etc/profile.d/postgresql.sh

Now we’ll create the startup script for systemd, much like we did for tomcat.  To start, create the file:

[root@lims-1 pgsql]# vi /etc/systemd/system/postgres.service

And then enter the following:

# Systemd unit file for PostgreSQL

[Unit]
Description=PostgreSQL database server
After=network.target
 
[Service]
Type=forking
 
User=postgres
Group=postgres
 
# Where to send early-startup messages from the server (before the logging
# options of postgresql.conf take effect)
# This is normally controlled by the global default set by systemd
# StandardOutput=syslog
 
# Disable OOM kill on the postmaster
OOMScoreAdjust=-1000
# ... but allow it still to be effective for child processes
# (note that these settings are ignored by Postgres releases before 9.5)
Environment=PG_OOM_ADJUST_FILE=/proc/self/oom_score_adj
Environment=PG_OOM_ADJUST_VALUE=0
 
# Maximum number of seconds pg_ctl will wait for postgres to start.  Note that
# PGSTARTTIMEOUT should be less than TimeoutSec value.
Environment=PGSTARTTIMEOUT=270
Environment=PGDATA=/usr/local/pgsql/data
 
ExecStart=/usr/local/pgsql/bin/pg_ctl start -D ${PGDATA} -s -w -t ${PGSTARTTIMEOUT}
ExecStop=/usr/local/pgsql/bin/pg_ctl stop -D ${PGDATA} -s -m fast
ExecReload=/usr/local/pgsql/bin/pg_ctl reload -D ${PGDATA} -s
 
# Give a reasonable amount of time for the server to start up/shut down.
# Ideally, the timeout for starting PostgreSQL server should be handled more
# nicely by pg_ctl in ExecStart, so keep its timeout smaller than this value.
TimeoutSec=300
 
[Install]
WantedBy=multi-user.target

And now make integrate into systemd, make it persistent between reboots, and start it up:

[root@lims-1 pgsql]# systemctl daemon-reload
[root@lims-1 pgsql]# systemctl enable postgres
[root@lims-1 pgsql]# systemctl start postgres

We can now log into postgres and set our password for the superuser:

[root@lims-1 pgsql]# su postgres
bash-4.2$ psql
psql (9.5.3)
Type "help" for help.

postgres=# alter user "postgres" with password 'l@bk3yR!ng';
postgres=# \q
[root@lims-1 pgsql]#

Setup better security for the system, let’s require that password for postgres in /usr/local/pgsql/data/pg_hba.conf:

[root@lims-1 pgsql]# vi data/pg_hba.conf

And then near the bottom, make it match this (changes in bold):

# "local" is for Unix domain socket connections only
local   all         postgres                           md5
# IPv4 local connections:
host all            all            127.0.0.1/32        md5
# IPv6 local connections:
host all            all            ::1/128             md5
# Allow replication connections from localhost, by a user with the
# replication privilege.
#local   replication    postgres                           trust
#host    replication    postgres       127.0.0.1/32        trust

Save the file, exit, and now restart postgres to integrate the changes:

[root@lims-1 pgsql]# systemctl restart postgres

Now our prerequisites are installed and ready for LabKey.

Section 5: Installing LabKey

To begin, let’s move to the src folder we have for labkey:

[root@lims-1 pgsql]# cd /usr/local/src/LabKey16.2-45209.14-community-bin

Copy the tomcat JAR files to our /usr/local/tomcat/lib directory:

[root@lims-1 LabKey16.2-45209.14-community-bin]# cp tomcat-lib/* /usr/local/tomcat/lib/

Then copy the following three directories to the /usr/local/labkey directory:

[root@lims-1 LabKey16.2-45209.14-community-bin]# cp -R labkeywebapp /usr/local/labkey/

[root@lims-1 LabKey16.2-45209.14-community-bin]# cp -R modules /usr/local/labkey/

[root@lims-1 LabKey16.2-45209.14-community-bin]# cp -R pipeline-lib /usr/local/labkey/

The user who is executing the Tomcat process must have write permissions for the /labkeywebapp and /modules directories.  Set the owner and group on the labkey directory to tomcat:tomcat:

[root@lims-1 LabKey16.2-45209.14-community-bin]# chown -R tomcat.tomcat /usr/local/labkey-16.2

Note: This Labkey/CentOS document does not include a bin/ files component nor SSL setup.    You can click here for more information on the LabKey website, or skip for now and continue…

Move the labkey.xml file to the tomcat service:

[root@lims-1 LabKey16.2-45209.14-community-bin]# cp labkey.xml /usr/local/tomcat/conf/Catalina/localhost/ROOT.xml

Now edit the /usr/local/tomcat/conf/Catalina/localhost/labkey.xml file, replacing the following:

  • Replace @@appDocBase@@ with /usr/local/labkey/labkeywebapp
  • Replace @@jdbcUser@@ & @@jdbcPassword@@ with administrator credentials for the database, for this example, postgres and l@bk3yR!ng
  • Replace @@masterEncryptionKey@@ with your own randomly generated 32 ascii character password, or 64 bit hex characters.
  • Change the url line from url=”jdbc:postgresql://localhost:8080/labkey” to url=”jdbc:postgresql://localhost:5432/labkey”.

To now make tomcat load our xml file and labkey, restart the service:

[root@lims-1 LabKey16.2-45209.14-community-bin]# systemctl restart tomcat

You can now try loading LabKey in your browser, in this example, typing in http://10.17.0.101:8080 (or if you didn’t rename labkey.xml to ROOT.xml above, http://10.17.0.101:8080/labkey

A wizard should appear (in the browser), and they will help you with the rest.

Appendix

Related links/sources: