Installation


Requirements

Role Operating System Database
Primary Node Debian 9/10/11+, or CentOS/RHEL 7/8+, x86_64, with systemd and nftables (Debian 10 is prefered) PostgreSQL 10/11/12+
Replica Node Debian 9/10/11+, or CentOS/RHEL 7/8+, x86_64, with systemd and nftables (Debian 10 is prefered) Not required

Prepare nftables


nftables used for CC defense.

nftables for Debian 10:

apt install nftables

nftables is not installed for CentOS 7 by default, installation is required:

#yum -y install nftables
#systemctl enable nftables
#systemctl start nftables

nftables has been installed for CentOS 8, and as backend of firewalld, just enable firewalld:

#systemctl enable firewalld
#systemctl start firewalld

Now, you can view the ruleset through:

#nft list ruleset

If the rule is not empty, it may affect the effectiveness of the firewall policy. Assuming that the nftables rule is empty now, then continue.

Step 1: Download

Download links of Open Source Editions:

Download links of the Professional Plus Edition:

  • Above release with suffix -pro.tar.gz

The Professional Plus Edition is a further enhancement based on the open source version. The enhanced features are not open source and are only used for testing or experience (JANUSEC reserves the right to make changes to the enhanced features in future versions, including continued enhancements, deletions, etc.).

Professional features:

  • Cookie Compliance Management, include Cookie Banner, Consent Management and Cookie Discovery etc., provided from v1.4.2
  • GSLB (Global Server Load Balance, with DNS Server) , provided from v1.4.2

Please download to the home directory of current user /home/xxx/ or other directories except the installation directory, and then extract it:

$tar zxf ./janusec-1.5.x-amd64.tar.gz

Step 2: Install

Switch to root and run install.sh , janusec application gateway will be installed to /usr/local/janusec/

$su
#cd janusec-1.5.x-amd64
#./install.sh

Select 1. Primary Node, then it will:

  • copy files to /usr/local/janusec/
  • copy service file to system service directory
  • Enable Janusec Application Gateway as a system service, but not start it for the first time.

Step 3: Config

PostgreSQL is not included in release package, you should prepare database name and account.
Now we assume you have PostgreSQL installed already, and database name and account is ready, then edit /usr/local/janusec/config.json :

Primary Node (The First Node)

{
    “node_role”: “primary”,
    “primary_node”: {
        “database”: {
            “host”: “127.0.0.1”,
            “port”: “5432”,
            “user”: “your_postgresql_user”,
            “password”: “your_postgresql_password”,
            “dbname”: “janusec
        }
    },
    “replica_node”: {
        “node_key”: “”,
        “sync_addr”: ""
    }
}

  • “node_role”: “primary” ( fixed primary )
Replica Node (Optional)

Usually only one Primary Node is required for small scale web applications.
Replica Nodes is for large scale web applications, and need GSLB (Global Server Load Balance) of yourselves.
You must copy the node_key in web administration portal if you need replica nodes, and paste into the config.json of replica nodes.

{
    “node_role”: “replica”,
    “primary_node”: {
        “admin_http_listen”: “”,
        “admin_https_listen”: “”,
        “database”: {
            “host”: “”,
            “port”: “”,
            “user”: “”,
            “password”: “”,
            “dbname”: ""
        }
    },
    “replica_node”: {
        “node_key”: “produced_by_web_admin_in_primary_node”,
        “sync_addr”: “http://primary_ip/janusec-admin/api
    }
}

  • “node_role”: “replica” (fixed replica)
  • “node_key”: “produced_by_web_admin_in_primary_node” (produced by web admin)
  • “sync_addr”: “http://primary_ip/janusec-admin/api” (replace with the primary IP address)

Step 4: Start

#systemctl start janusec

Step 5: Test Installation

Open web browser such as Chrome, navigate with address:

http://your_primary_ip_address/janusec-admin/

This is the first administration address for Janusec Application Gateway.
Login with default username admin and password J@nusec123 .
You should change the password for security reasons.

©JANUSEC All Rights Reserved.      Contact: support#janusec.com    QQ Group: 776900157