Cobbler web interface

With the web user interface (WebUI),you can:

·        View all of the cobblerobjects and the settings

·        Add and delete a system, distro,profile, or system

·        Run the equivalent of a"cobbler sync"

·        Edit kickstart files (whichmust be in /etc/cobbler and /var/lib/cobbler/kickstarts)

You cannnot (yet):

·        Auto-Import media

·        Auto-Import a rsync mirrorof install trees

·        Do a "cobblerreposync" to mirror or update yum content

·        Do a "cobblervalidateks"

The WebUI can be very good forday-to-day configuring activities, but the CLI is still required for basicbootstrapping and certain other activities.

The WebUI is intended to beself-explanatory and contains tips and explanations for nearly every field youcan edit. It also contains links to additional documentation, including theCobbler manpage documentation in HTML format.

Who logs in and what they can access is controlled by WebAuthentication and WebAuthorization. The default options aremostly good for getting started, but for safety reasons the defaultauthentication is "denyall" so you will at least need to addressthat.

Basic Setup

1.   You must have installed thecobbler-web package

2.    Your /etc/cobbler/modules.conf should look something like this:

[authentication]
module = authn_configfile

[authorization]
module = authz_allowall

3.   Change the password for the'cobbler' username:

htdigest /etc/cobbler/users.digest"Cobbler" cobbler

4.   If this is not a newinstall, your Apache configuration for Cobbler might not be current.

cp /etc/httpd/conf.d/cobbler.conf.rpmnew/etc/httpd/conf.d/cobbler.conf

5.   Now restart Apache andCobblerd

/sbin/service cobblerd restart
/sbin/service httpd restart

6.    If you use SELinux, you may also need to set the following, sothat the WebUI can connect with the XMLRPC:

setsebool -P httpd_can_network_connecttrue

Basic setup (2.2.x and higher)

In addition to the steps above, cobbler 2.2.x has a requirementfor mod_wsgi which, when installed viaEPEL, will be disabled by default. Attempting to start httpd will result in:

Invalid command 'WSGIScriptAliasMatch', perhaps misspelled \

  or defined by a module not included in the server configuration

You can enable this module by editing /etc/httpd/conf.d/wsgi.conf and un-commenting the "LoadModule wsgi_modulemodules/mod_wsgi.so" line.

Next steps

It should be ready to go. From your webbrowser visit the URL on your bootserver that resembles:

https://bootserver.example.com/cobbler_web

and log in with the username (usuallycobbler) and password that you set earlier.

Should you ever need to debug things,see the following log files:

/var/log/httpd/error_log  

/var/log/cobbler/cobbler.log

Further setup

Cobbler authenticates all WebUI logins through cobblerd, which uses a configurable authentication mechanism. You maywish to adjust that for your environment. For instance, if in modules.conf above you choose to stay with the authn_configfile module, youmay want to add your system administrator usernames to the digest file:

htdigest /etc/cobbler/users.digest "Cobbler" <username>

You may also want to refine forauthorization settings.

Rewrite Rule for secure-http

To redirect access to the WebUI via https on an Apachewebserver, you can use the following rewrite rule, probably at the end ofApache'sssl.conf:

### Force SSL only on the WebUI

<VirtualHost *:80>

    <LocationMatch "^/cobbler/web/*">

       RewriteEngine on

       RewriteRule ^(.*) https://%{SERVER_NAME}/%{REQUEST_URI} [R,L]

   </LocationMatch>

</VirtualHost>