INSTALL

1 Install RScheme or ChickenScheme?

See RSchemeInstall.

The Chicken systems needs the "high load scheduler" for reasonable performance. (How to install that one is not yet covered here.)

2 Compile and Install the Askemos Binary

The askemos-version.tar.gz contains a directory askemos-version. Unpack and within the resulting directory askemos-version:

make askemos

Do a

# make install

as super user or use the package manager of you system to install the binary runtime files.

3 Create Local Repository

To set up using default protection (simple acl) do:

$ make repository HOSTNAME=host.domain.tld

(If the HOSTNAME= assignment is omitted, it defaults to the output of hostname, which is not always what you want.)

Otherwise for general protection do:

$ make repository WAKEUP=/home/jerry/doc/zettel/wakeup.scm CONFIGURATION=secured.scm

Network Setup

Optional before you start: create three host name aliases for "localhost" in your DNS setup. We will use "a1", "a2" and "a3" here. If you don't do so, you will have to accept some SSL warnings and occationally substitute "localhost" in command lines as given below.

1. make (as decribed in detail above)
2. make repository HOSTNAME=a1 PORTBASE=9000
3. make start HOSTNAME=a1
4. wwwbrowser http://localhost:9081
5. log in using "gonzo" password "oznog"
6. Follow Link "System" and "certs"
7. Find the password field left of the "Create New Key" button, enter the hostmaster password ("exit" by default) and push the button to create a new certificate request for this repesentative.
8. Find the password field left of the "Create New CA" button, enter the hostmaster password ("exit" by default) and push the button to create a new certificate authority for your whole network.
9. Find the password field at the bottom of the "X509 Certificate Management" section, enter the hostmaster password ("exit" by default) and push the button labled "sign" to sign the certificate request for this representative.
10. Find the password field left of the button labled "set host cert", enter the hostmaster password ("exit" by default) and push the button to store the newly signed certificate as this representatives SSL certificate.
11. Copy the text block of the "Certificate Authority Certificate" (right column besides the clear text of the cert; from ---BEGIN CERFITICATE to END CERTIFICATE-----) to the Clipboard.
12. Stop the representative, e.g., press ^C in the terminal, where the "make start..." command runs.
13. make repository HOSTNAME=a2 PORTBASE=10000
14. make start HOSTNAME=a2
15. wwwbrowser http://localhost:10081 log in as user "gonzo" with password "oznog". Note that this user "gonzo" is different from "gonzo@a1": they have different OID's. You may want to modify one or both of your gonzo's to make the difference apparent. Each of them runs on either a1 or a2.
16. Follow Link "System" and "certs"
17. Paste the certificate authority from the clipboard into the text area of the "manage" form (right under the file upload box labeld "CA Cert File", enter the hostmaster password ("exit" by default) and push the button to accept the certificate authority created at host "a1"
18. Find the password field left of the "Create New Key" button, enter the hostmaster password ("exit" by default) and push the button to create a new certificate request for this repesentative (a2).
19. Copy the text block (right column) of certificate request from the "X509 Certificate Management" section to the clipboard.
20. open a new terminal and do make start HOSTNAME=a1
21. If you have aliase names for your host point your wwwbrowser to https://a1:9443 wwwbrowser otherwise use https://localhost:9443
22. The browser will complain, that it doesn't know the Certificate Authority. No surprise: you just created it yourself. Accept your Certificate (forever).
23. If you don't have alias names, accept you browser complaining once more that "a1" is not the same als "localhost" but the certificate is for "a1", which is actually correct.
24. Follow Link "System" and "certs"
25. Paste the certificate request from the clipboard to the X509 certificate management area and push the "store" button.
26. Enter the hostmaster password ("exit" by default) and push the button labled "sign" to sign the certificate request for host "a2".
27. Copy the text block (right column) of certificate request from the "X509 Certificate Management" section to the clipboard.
28. wwwbrowser http://localhost:10081, follow Link "System" and "certs"
29. Paste the host certificate from the clipboard in the text area in the "Local X509 Certificate" section (right under the file upload box labled "Certificate File" and the "Submit Host Cert" button, enter the hostmaster password ("exit" by default) and push the button to store the certificate as this (a2) representatives SSL certificate.
30. If you have aliase names for your host point your wwwbrowser to https://a2:10443 wwwbrowser otherwise use https://localhost:10443
31. Accept the browsers complaints about your cerfificates.
32. Follow the Link "System" and "network".
33. Enter https://a1:9443 (or https://localhost:9443) in the "connect" field and press enter.

    Now Both your systems should know about each other. Especially the host with local id "a2" should have "a1" as "certified location" in the host map, while "a1" has seen the certification for "a2.

34. At "a1" follow the link "Einstellungen" and "support" and enter "a2" in the "Toggle support" field.
35. At "a2" follow "System" and "entries".
36. Fill in the "create channel" form. Enter a new user id of you choice (we'll use "Fred") in the filed labled "here", "a1" in the field labled "from host" and "gonzo" in the field labled "user". Enter the administrative password ("sesam" by default) and push the "create" button.
37. You should now be able to log into "a2" using user id "Fred" and password "oznog" and control the same user (according to the OID), which now runs on the majority of {a1, a2} - that is only on both representatives at the same time.
38. Repeat the process from "make repository HOSTNAME=a2" for a3.