Pre-install checklist
Before you begin the installation process, we recommend that you work through this checklist to verify that your infrastructure meets our minimum requirements and is configured correctly. It is possible to host multiple services on the same machine (For security reasons we recommend to host each service on a separate machine). For example, if Relution and the reverse proxy (nginx) are installed on the same machine, the server used to run Relution and the server used to run nginx refer to the same physical machine. In this case the server has to fulfill the requirements of both services.
Hardware
The server used to run Relution meets or exceeds the following minimum specifications.
| Requirement | Fulfilled |
|---|---|
2 GiB of RAM or more |
|
At least 10 GiB of free disk space |
|
1 network interface |
|
2 CPU cores or more |
Operating system
The server used to run Relution uses a recommended operating systems and the operating system’s version meets or exceeds the minimum supported version.
| Requirement | Fulfilled |
|---|---|
CentOS 7.4 or newer |
|
RedHat Enterprise Linux (RHEL) 7.4 or newer |
|
SUSE Linux Enterprise Server (SLES) 12 or newer |
|
Windows Server 2008 R2 or newer |
|
Latest (security) updates are installed |
Database
The server used to run Relution has network access to a supported database server. This guide contains instructions on how to install MariaDB, if no database server is available at this time.
| Requirement | Fulfilled |
|---|---|
MariaDB 10.3 or newer |
|
MySQL 8.0 or newer |
|
Latest (security) updates are installed |
|
The Relution server can connect to the database server |
|
Your user account can create a new database |
|
Your user account can create new users |
|
Automatic backups are configured |
Network infrastructure
The server used to run the reverse proxy (nginx) is set up to host an Internet facing service. It has a public IP address and a public DNS name (e.g. “mdm.example.com”). If services are hosted on multiple internal servers, they can resolve each others host names.
The public IP address must be static. Dynamic IP addresses (aka dial-up) are not supported. Exception: The server is hosted by a cloud provider like Amazon Web Services (AWS) or Microsoft Azure which provide the necessary DNS infrastructure.
| Requirement | Fulfilled |
|---|---|
Server has direct access to the internet |
|
Server has a static public IP address |
|
Server has a public DNS name |
|
Internal DNS is working |
Firewall configuration
Your firewall is set up to receive incoming HTTP(S) requests from mobile devices and web browsers.
| Requirement | Fulfilled |
|---|---|
The reverse proxy is accessible via HTTP (80) from the Internet |
|
The reverse proxy is accessible via HTTPS (443) from the Internet |
|
Relution can connect to the Internet (80, 443, 2195, 2196, 5223) |
|
Relution can connect to the SMTP server |
|
Relution can connect to the database server |
|
Optional: |
|
Relution can connect to LDAP on port 389 or 636 |
Certificates
For HTTPS a valid SSL certificate from a well-known Certificate Authority (CA) is needed. Self signed certificates will not work, because mobile devices generally do not trust them. Certificates from Let’s Encrypt have been known to work. Be aware that older devices may not trust these certificates, as they were established as a CA fairly recently.
You can check W3Techs for a list of well-known certificate authorities based on market share and usage.
| Requirement | Fulfilled |
|---|---|
You have a valid SSL certificate and key |
|
You have a signed APNS certificate (only needed for iOS MDM) |