Install Moonshot Libraries on an Alpine Linux Server
- Alex Perez Mendez
On this page you will find instructions on how to install the Moonshot libraries on an Alpine Linux system, in order to enable applications/services on that system to perform Moonshot-based authentication.
Contents
Assumptions and Prerequisites
This guide assumes you have an Alpine Linux system (a minimal install will do) and that you have a Moonshot RP Proxy available to connect to.
1. System Preparation
1.1. Network configuration
For production deployments, it is recommended that the machine be assigned a static IP address.
1.2. Firewall configuration
The following ports are required to be accessible to the outside world in the local firewall:
- 2083/tcp (for RadSec connections to other Moonshot entities, including the RP proxy).
Add the Required Repositories
Supported versions
At the moment, Alpine 3.11 and Alpine 3.13 (x86_64 and armhf) are supported.
Add the Moonshot Alpine repository to your system. To do this, run the following command (as root, or using sudo):
Install the Moonshot repository RSA key.
curl "https://repository.project-moonshot.org/alpine/moonshot@jisc.ac.uk-5be46530.rsa.pub" > /etc/apk/keys/moonshot@jisc.ac.uk-5be46530.rsa.pub
2. Install Moonshot
We are now ready to install the Moonshot software and its required dependencies. Install the software by running the following command:
apk add moonshot
3. Next Steps
3.1. Configure your Moonshot Libraries to connect to an RP Proxy
The Moonshot GSS-EAP mechanism needs to connect to a local Moonshot RP Proxy (RADIUS server) via RADIUS or RadSec in order to create the first hop between the service and the user's home IdP to allow authentication to happen. See the Configure a Linux Server to Connect to an RP Proxy page for instructions on how to do this.
3.2. Configure your Application/Service to use Moonshot
Finally, you may have to install/configure that application/service as necessary.