Manual Installation Guide — Full Stack (RHEL/Rocky Linux)
Deployment Method: Manual (RPM/Package-based)
Platform: RHEL/Rocky Linux 8-10
Diskover Version: 2.5.x+
Overview
This guide walks you through a complete, fully manual installation of the Diskover platform on RHEL or Rocky Linux (versions 8-10). By the end, you'll have every Diskover component installed, configured, and running — including Elasticsearch, Diskover Web, Diskover Admin, a worker node with Diskoverd and Celery, and RabbitMQ.
Use this guide when Ansible automation is not available or not permitted in your environment. If Ansible is an option, we strongly recommend using the automated playbook instead — it handles all of these steps for you and reduces the chance of configuration errors.
What you'll have when finished:
Elasticsearch cluster accepting search queries and index data
Diskover Web UI accessible via your browser
Diskover Admin management interface for configuration and licensing
One or more Diskoverd worker nodes ready to scan
Celery task workers for file actions
RabbitMQ message broker connecting workers and the web tier
Architecture & Topology
Diskover consists of four component groups that can run on a single host or be distributed across dedicated machines:
Host Group | Components | Description |
|---|---|---|
elasticsearch | Elasticsearch 8.x | Search backend and index storage |
web | Nginx, PHP 8.4, Diskover Web, Diskover Admin | Web UI, admin interface, reverse proxy |
worker | Python 3, Diskoverd, Celery | Scanner daemon and task queue |
rabbitmq | RabbitMQ, Erlang | Message broker for Celery |
For small or demo deployments, all components can run on a single host. For production environments, we recommend separating at least Elasticsearch and the worker(s) onto dedicated machines.
Network Port Requirements
Ensure the following ports are open between hosts before you begin:
Port | Service | Direction | Notes |
|---|---|---|---|
9200 | Elasticsearch HTTP | Web + Workers → ES host | Search queries and indexing |
9300 | Elasticsearch transport | ES node → ES node | Multi-node clusters only |
8000 | Diskover Web (Nginx) | Users → Web host | Web UI and Admin access |
443 | Diskover Web (Nginx) | Users → Web host | HTTPS — only when SSL is enabled |
5672 | RabbitMQ (AMQP) | Web + Workers → RabbitMQ host | Celery task messaging |
15672 | RabbitMQ Management | Admins → RabbitMQ host | Optional management UI |
Prerequisites
Hardware Requirements
Component | CPU | Memory | Disk | Notes |
|---|---|---|---|---|
Elasticsearch | 4+ cores | 16 GB+ | SSD recommended, size depends on index volume | JVM heap should be set to half of available RAM (max 31 GB) |
Web (Nginx + Admin) | 2+ cores | 4 GB+ | 20 GB | Serves UI and Admin API |
Worker (Diskoverd) | 4+ cores | 8 GB+ | 20 GB | More cores = faster scanning |
RabbitMQ | 2+ cores | 2 GB+ | 10 GB | Lightweight message broker |
Software Requirements
Requirement | Detail |
|---|---|
OS | RHEL or Rocky Linux 8 or 9 |
Python | 3.11+ (installed during worker and admin setup) |
Internet access | Required to download packages from Elastic, Remi, and PackageCloud repositories |
Sudo access | All installation commands require sudo privileges |
Credentials & Licenses
Credential | Purpose | How to Obtain |
|---|---|---|
JFrog Artifactory | Download Diskover RPM packages | Provided by Diskover Data |
Diskover License | Activate the platform — required before workers can start | Provided by Diskover Data |
Pre-Installation Checklist
Before starting, verify the following:
- Target host OS is RHEL or Rocky Linux 8 or 9, fully updated (
dnf update -y) - Sudo access confirmed on all target hosts
- Network ports open between hosts (see port table above)
- Internet access available for package downloads
- JFrog Artifactory credentials obtained from Diskover Data
- Diskover license file available
- SELinux and firewalld disabled or configured appropriately
Step 1 — Install Elasticsearch
This section covers a single-node Elasticsearch 8.x installation. For multi-node cluster setup, see: Multi-Node Elasticsearch Setup.
1.1 Configure the Elasticsearch Repository
Create the Elasticsearch repository file:
vi /etc/yum.repos.d/elasticsearch.repo
Add the following content:
[elasticsearch] name=Elasticsearch repository for 8.x packages baseurl=https://artifacts.elastic.co/packages/8.x/yum gpgcheck=1 gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch enabled=0 autorefresh=1 type=rpm-md
Save and close the file.
1.2 Install Elasticsearch
dnf -y install --enablerepo=elasticsearch elasticsearch
1.3 Configure Elasticsearch
Edit the main Elasticsearch configuration file:
vi /etc/elasticsearch/elasticsearch.yml
Set the following properties (ensure each is uncommented):
cluster.name: diskover-cluster # Choose a distinctive name for your cluster node.name: node-1 # Unique name for this node path.data: /var/lib/elasticsearch # Data storage directory path.logs: /var/log/elasticsearch # Log directory bootstrap.memory_lock: true # Lock memory on startup to prevent swapping network.host: 0.0.0.0 # Bind to all available IP addresses discovery.seed_hosts: ["your-es-ip"] # Replace with this host's IP address cluster.initial_master_nodes: ["node-1"] # Must match node.name above xpack.security.enabled: false # Disable security for initial setup xpack.security.enrollment.enabled: false # Disable enrollment on first boot xpack.ml.enabled: false # Disable machine learning (not needed)
Important: Make sure there is only one
cluster.initial_master_nodesline in the file. Elasticsearch 8.x may have added a default one during installation.
1.4 Configure JVM Heap Size
Set the JVM heap to half of your available RAM (do not exceed 31 GB):
vi /etc/elasticsearch/jvm.options.d/jvm.options
Add (or uncomment and adjust):
-Xms8g -Xmx8g
Replace 8g with half of your host's total RAM. For example, on a 32 GB machine, use 16g.
1.5 Configure systemd Memory Limits
Create the systemd override directory and configuration:
mkdir -p /etc/systemd/system/elasticsearch.service.d vi /etc/systemd/system/elasticsearch.service.d/elasticsearch.conf
Add the following:
[Service] LimitMEMLOCK=infinity LimitNPROC=4096 LimitNOFILE=65536
Save and close the file.
1.6 Start and Enable Elasticsearch
systemctl daemon-reload systemctl enable elasticsearch systemctl start elasticsearch systemctl status elasticsearch
You should see active (running) in the status output.
Troubleshooting — Memory Lock Failure: If Elasticsearch fails to start because it cannot lock memory, add the following lines to
/etc/security/limits.conf:elasticsearch soft memlock unlimited elasticsearch hard memlock unlimitedThen restart the Elasticsearch service.
1.7 Verify Elasticsearch
Run a health check:
curl http://localhost:9200/_cluster/health?pretty
Expected output (single-node cluster):
{
"cluster_name" : "diskover-cluster",
"status" : "green",
"timed_out" : false,
"number_of_nodes" : 1,
"number_of_data_nodes" : 1,
"active_primary_shards" : 0,
"active_shards" : 0,
"relocating_shards" : 0,
"initializing_shards" : 0,
"unassigned_shards" : 0,
"delayed_unassigned_shards" : 0,
"number_of_pending_tasks" : 0,
"number_of_in_flight_fetch" : 0,
"task_max_waiting_in_queue_millis" : 0,
"active_shards_percent_as_number" : 100.0
}
A "status": "green" means the cluster is healthy. A fresh single-node cluster with no indices will report green. Once Diskover creates indices, a single-node cluster will typically show "yellow" because replicas cannot be allocated — this is normal and expected.
If you have SSL enabled on Elasticsearch, use this command instead:
curl -XGET -u elastic:your-password https://your-es-host:9200/_cluster/health?pretty \ --cacert /etc/elasticsearch/certs/http_ca.crt
Step 2 — Install Diskover Web (Nginx + PHP 8.4)
This section installs Nginx and PHP 8.4 on the web host, then deploys the Diskover Web UI.
2.1 Install and Start Nginx
dnf -y install nginx systemctl enable nginx systemctl start nginx systemctl status nginx
Verify that Nginx is active (running).
2.2 Install PHP 8.4
Enable the EPEL and Remi repositories. Adjust the version number in the URLs if you're on RHEL/Rocky 9 (change 8 to 9):
RHEL/Rocky 8:
dnf -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm dnf -y install https://rpms.remirepo.net/enterprise/remi-release-8.rpm
RHEL/Rocky 9:
dnf -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm dnf -y install https://rpms.remirepo.net/enterprise/remi-release-9.rpm
Install the PHP 8.4 packages:
dnf -y install php84 php84-php-common php84-php-fpm php84-php-opcache \ php84-php-cli php84-php-gd php84-php-mysqlnd php84-php-ldap php84-php-pecl-zip \ php84-php-xml php84-php-mbstring php84-php-json php84-php-sqlite3
2.3 Configure PHP
Copy the production PHP configuration:
# Find the php.ini-production file find / -mount -name php.ini-production # Typically: /opt/remi/php84/root/usr/share/doc/php84-php-common/php.ini-production # Find the active php.ini location find / -mount -name php.ini # Typically: /etc/opt/remi/php84/php.ini # Copy the production config into place cp /opt/remi/php84/root/usr/share/doc/php84-php-common/php.ini-production /etc/opt/remi/php84/php.ini
Tip: If you're unsure of your PHP installation directory, run:
php84 -i | grep 'Configuration File'
2.4 Configure PHP-FPM
Edit the PHP-FPM pool configuration:
vi /etc/opt/remi/php84/php-fpm.d/www.conf
Set the following properties (ensure they are uncommented):
user = nginx group = nginx listen = /var/opt/remi/php84/run/php-fpm/www.sock listen.owner = nginx listen.group = nginx
Also make sure the following line is commented out (prefixed with ;):
;listen.acl_users = apache
Note: Take note of the
listensocket path — you'll need it when configuring the Nginx virtual host.
2.5 Set PHP Directory Permissions
chown -R root:nginx /var/opt/remi/php84/lib/php mkdir -p /var/run/php-fpm chown -R nginx:nginx /var/run/php-fpm
2.6 Create the PHP-FPM systemd Service
vi /etc/systemd/system/php-fpm.service
Add the following (adjust the ExecStart path if your PHP installation directory differs):
[Unit] Description=PHP FastCGI process manager After=local-fs.target network.target nginx.service [Service] PIDFile=/opt/php/php-fpm.pid ExecStart=/opt/remi/php84/root/usr/sbin/php-fpm --fpm-config /etc/opt/remi/php84/php-fpm.conf --nodaemonize Type=simple [Install] WantedBy=multi-user.target
Enable and start the service:
chmod 644 /etc/systemd/system/php-fpm.service systemctl daemon-reload systemctl enable php-fpm systemctl start php-fpm systemctl status php-fpm
Troubleshooting — Socket Conflict: If PHP-FPM fails to start with an error about the socket already being in use, remove the stale socket file and try again:
rm -f /var/opt/remi/php84/run/php-fpm/www.sock systemctl start php-fpm systemctl status php-fpm
2.7 Configure the Nginx Virtual Host
Create the Diskover Web Nginx configuration:
vi /etc/nginx/conf.d/diskover-web.conf
Add the following. Replace the fastcgi_pass socket path if yours differs from the PHP-FPM configuration above:
server {
listen 8000;
server_name diskover-web;
root /var/www/diskover-web/public;
index index.php index.html index.htm;
error_log /var/log/nginx/error.log;
access_log /var/log/nginx/access.log;
location / {
try_files $uri $uri/ /index.php?$args =404;
}
location ~ \.php(/|$) {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
set $path_info $fastcgi_path_info;
fastcgi_param PATH_INFO $path_info;
try_files $fastcgi_script_name =404;
fastcgi_pass unix:/var/opt/remi/php84/run/php-fpm/www.sock;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
fastcgi_read_timeout 900;
fastcgi_buffers 16 16k;
fastcgi_buffer_size 32k;
}
location /diskover_admin {
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://unix:/var/www/diskover-admin/run/diskover-admin.sock;
}
}
2.8 Deploy Diskover Web
Configure the JFrog Artifactory repository for Diskover packages:
vi /etc/yum.repos.d/diskover.repo
Add the following (replace credentials with your JFrog username and password):
[diskover] name=Diskover Repository baseurl=https://your-jfrog-username:your-jfrog-password@jfrog.io/artifactory/diskover-repo/ gpgcheck=0 enabled=1
Install Diskover Web:
dnf -y install diskover-web
Step 3 — Install Diskover Admin
Diskover Admin is the configuration management interface. It must be installed on the same host as Diskover Web.
3.1 Install Python 3.11 and Create Virtual Environment
If Python 3.11 is not already installed (it may be if this host also serves as a worker):
dnf -y install python3.11 python3.11-devel gcc
Create a dedicated Python virtual environment for Diskover:
python3.11 -m venv /opt/python-venv-diskover
Add the virtual environment to the system PATH so Python commands are available from any shell session without needing to source the virtual environment:
cat > /etc/profile.d/diskover-venv.sh << 'EOF' # Add Diskover venv to PATH for CLI usage export PATH="/opt/python-venv-diskover/bin:$PATH" EOF
Load the new PATH into your current session:
source /etc/profile.d/diskover-venv.sh
Verify Python is running from the virtual environment:
which python3 # Expected: /opt/python-venv-diskover/bin/python3 python3 -V # Expected: Python 3.11.x
3.2 Deploy Diskover Admin
Install the Diskover Admin package (the JFrog repository should already be configured from Step 2.8):
dnf -y install diskover-admin
Install Python dependencies using the virtual environment's pip:
cd /var/www/diskover-admin/etc/ pip3 install -r requirements.txt
3.3 Configure Nginx for Diskover Admin
The Diskover Admin package includes an Nginx location block that needs to be added to your existing Diskover Web configuration:
# View the location block to add cat /var/www/diskover-admin/etc/diskover-web.conf
Copy the output of this command, then edit your Nginx configuration:
vi /etc/nginx/conf.d/diskover-web.conf
Paste the Diskover Admin location block inside the existing server block (alongside the existing Diskover Web location blocks).
Copy the proxy parameters file:
cp /var/www/diskover-admin/etc/proxy_params /etc/nginx/
Restart services:
systemctl restart nginx systemctl status nginx
3.4 Check the Diskover Admin Service
When the Diskover Admin RPM is installed, it will start the service for you. Checking the status of the service should yield a healthy status:
uvicorn.error - INFO - Application startup complete.
You should be able to reach the Diskover Admin UI with the service online:
Step 4 — Install the Diskover Worker (Diskoverd)
Repeat this section for each machine designated as a Diskover Worker.
4.1 Install Python 3.11 and Create Virtual Environment
dnf -y install python3.11 python3.11-devel gcc
Create a dedicated Python virtual environment for Diskover:
python3.11 -m venv /opt/python-venv-diskover
Add the virtual environment to the system PATH so Python commands are available from any shell session without needing to source the virtual environment:
cat > /etc/profile.d/diskover-venv.sh << 'EOF' # Add Diskover venv to PATH for CLI usage export PATH="/opt/python-venv-diskover/bin:$PATH" EOF
Load the new PATH into your current session:
source /etc/profile.d/diskover-venv.sh
Verify Python is running from the virtual environment:
which python3 # Expected: /opt/python-venv-diskover/bin/python3 python3 -V # Expected: Python 3.11.x
4.2 Deploy Diskoverd (Task Worker)
Install the Diskoverd package (configure the JFrog repository on this host if not already done — see Step 2.8):
dnf -y install diskoverd
Install Python dependencies using the virtual environment's pip:
cd /opt/diskover pip3 install -r requirements.txt
4.3 Create the Diskoverd Log Directory
mkdir -p /var/log/diskover
4.4 Configure Diskoverd
Create the configuration directory and file:
mkdir -p /root/.config/diskoverd vi /root/.config/diskoverd/config.yaml
Place the default config.yaml content into this file (provided with your Diskover distribution). Then set the API URL to point at your Diskover Web host:
apiurl: http://your-web-host-ip:8000/api.php
If SSL is enabled, use
httpsand your SSL domain instead:apiurl: https://your-ssl-domain/api.php
Replace your-web-host-ip with the IP address or hostname of your Diskover Web host.
4.5 Verify the Diskoverd Service
The diskoverd RPM package installs the systemd service file and enables it automatically. Verify it's ready:
systemctl status diskoverd
The service should show as enabled but not yet running — that's expected.
Do not start diskoverd yet. The worker cannot start until Diskover Admin has been configured and a valid license has been installed. We'll start it after completing the Admin Wizard in the post-installation steps.
Step 5 — Install Celery
Celery handles file actions and asynchronous task processing. Install it on every worker node (the same hosts where Diskoverd is installed).
5.1 Install Celery
pip3 install celery which celery # Expected: /opt/python-venv-diskover/bin/celery
5.2 Configure Celery
cp /opt/diskover/diskover_celery/etc/celery.conf /etc/
5.3 Create the Celery systemd Service
cp /opt/diskover/diskover_celery/etc/celery.service /etc/systemd/system/
Create the log and run directories:
mkdir -p /var/log/celery; chmod 777 /var/log/celery mkdir -p /var/run/celery; chmod 777 /var/run/celery
Enable the service:
chmod 644 /etc/systemd/system/celery.service systemctl daemon-reload systemctl enable celery
Do not start Celery yet. Celery pulls its RabbitMQ connection settings from Diskover Admin. You must first install RabbitMQ (Step 6), then configure its connection in Diskover Admin before starting the Celery service.
5.4 Verify Celery (After RabbitMQ Is Configured)
Once RabbitMQ is installed and configured in Diskover Admin, you can test Celery manually before starting the daemon:
cd /opt/diskover/ celery -A diskover_celery.worker worker
When you see output similar to the following, Celery is successfully connected:
Connected to amqp://diskover:**@your-rabbitmq-ip:5672// celery@worker-hostname ready.
Press Ctrl+C to stop the manual process, then start the systemd service:
systemctl start celery systemctl status celery
Step 6 — Install RabbitMQ
RabbitMQ is the message broker that connects Celery workers across all worker nodes. We recommend installing it on a dedicated host, though it can share a host with other components in smaller deployments.
6.1 Import RabbitMQ Signing Keys
# Primary RabbitMQ signing key rpm --import 'https://github.com/rabbitmq/signing-keys/releases/download/3.0/rabbitmq-release-signing-key.asc' # Modern Erlang repository key rpm --import 'https://github.com/rabbitmq/signing-keys/releases/download/3.0/cloudsmith.rabbitmq-erlang.E495BB49CC4BBE5B.key' # RabbitMQ server repository key rpm --import 'https://github.com/rabbitmq/signing-keys/releases/download/3.0/cloudsmith.rabbitmq-server.9F4587F226208342.key'
6.2 Configure Repositories
Create the RabbitMQ repository file:
vi /etc/yum.repos.d/rabbitmq.repo
RHEL/Rocky 8 — add the following:
##
## Zero dependency Erlang RPM
##
[modern-erlang]
name=modern-erlang-el8
baseurl=https://yum1.rabbitmq.com/erlang/el/8/$basearch
https://yum2.rabbitmq.com/erlang/el/8/$basearch
repo_gpgcheck=1
enabled=1
gpgkey=https://github.com/rabbitmq/signing-keys/releases/download/3.0/cloudsmith.rabbitmq-erlang.E495BB49CC4BBE5B.key
gpgcheck=1
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
metadata_expire=300
pkg_gpgcheck=1
autorefresh=1
type=rpm-md
[modern-erlang-noarch]
name=modern-erlang-el8-noarch
baseurl=https://yum1.rabbitmq.com/erlang/el/8/noarch
https://yum2.rabbitmq.com/erlang/el/8/noarch
repo_gpgcheck=1
enabled=1
gpgkey=https://github.com/rabbitmq/signing-keys/releases/download/3.0/cloudsmith.rabbitmq-erlang.E495BB49CC4BBE5B.key
https://github.com/rabbitmq/signing-keys/releases/download/3.0/rabbitmq-release-signing-key.asc
gpgcheck=1
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
metadata_expire=300
pkg_gpgcheck=1
autorefresh=1
type=rpm-md
##
## RabbitMQ Server
##
[rabbitmq-el8]
name=rabbitmq-el8
baseurl=https://yum2.rabbitmq.com/rabbitmq/el/8/$basearch
https://yum1.rabbitmq.com/rabbitmq/el/8/$basearch
repo_gpgcheck=1
enabled=1
gpgkey=https://github.com/rabbitmq/signing-keys/releases/download/3.0/cloudsmith.rabbitmq-server.9F4587F226208342.key
https://github.com/rabbitmq/signing-keys/releases/download/3.0/rabbitmq-release-signing-key.asc
gpgcheck=1
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
metadata_expire=300
pkg_gpgcheck=1
autorefresh=1
type=rpm-md
[rabbitmq-el8-noarch]
name=rabbitmq-el8-noarch
baseurl=https://yum2.rabbitmq.com/rabbitmq/el/8/noarch
https://yum1.rabbitmq.com/rabbitmq/el/8/noarch
repo_gpgcheck=1
enabled=1
gpgkey=https://github.com/rabbitmq/signing-keys/releases/download/3.0/cloudsmith.rabbitmq-server.9F4587F226208342.key
https://github.com/rabbitmq/signing-keys/releases/download/3.0/rabbitmq-release-signing-key.asc
gpgcheck=1
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
metadata_expire=300
pkg_gpgcheck=1
autorefresh=1
type=rpm-md
RHEL/Rocky 9 (and 10) — add the following instead:
##
## Zero dependency Erlang RPM
##
[modern-erlang]
name=modern-erlang-el9
baseurl=https://yum1.rabbitmq.com/erlang/el/9/$basearch
https://yum2.rabbitmq.com/erlang/el/9/$basearch
repo_gpgcheck=1
enabled=1
gpgkey=https://github.com/rabbitmq/signing-keys/releases/download/3.0/cloudsmith.rabbitmq-erlang.E495BB49CC4BBE5B.key
gpgcheck=1
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
metadata_expire=300
pkg_gpgcheck=1
autorefresh=1
type=rpm-md
[modern-erlang-noarch]
name=modern-erlang-el9-noarch
baseurl=https://yum1.rabbitmq.com/erlang/el/9/noarch
https://yum2.rabbitmq.com/erlang/el/9/noarch
repo_gpgcheck=1
enabled=1
gpgkey=https://github.com/rabbitmq/signing-keys/releases/download/3.0/cloudsmith.rabbitmq-erlang.E495BB49CC4BBE5B.key
https://github.com/rabbitmq/signing-keys/releases/download/3.0/rabbitmq-release-signing-key.asc
gpgcheck=1
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
metadata_expire=300
pkg_gpgcheck=1
autorefresh=1
type=rpm-md
##
## RabbitMQ Server
##
[rabbitmq-el9]
name=rabbitmq-el9
baseurl=https://yum2.rabbitmq.com/rabbitmq/el/9/$basearch
https://yum1.rabbitmq.com/rabbitmq/el/9/$basearch
repo_gpgcheck=1
enabled=1
gpgkey=https://github.com/rabbitmq/signing-keys/releases/download/3.0/cloudsmith.rabbitmq-server.9F4587F226208342.key
https://github.com/rabbitmq/signing-keys/releases/download/3.0/rabbitmq-release-signing-key.asc
gpgcheck=1
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
metadata_expire=300
pkg_gpgcheck=1
autorefresh=1
type=rpm-md
[rabbitmq-el9-noarch]
name=rabbitmq-el9-noarch
baseurl=https://yum2.rabbitmq.com/rabbitmq/el/9/noarch
https://yum1.rabbitmq.com/rabbitmq/el/9/noarch
repo_gpgcheck=1
enabled=1
gpgkey=https://github.com/rabbitmq/signing-keys/releases/download/3.0/cloudsmith.rabbitmq-server.9F4587F226208342.key
https://github.com/rabbitmq/signing-keys/releases/download/3.0/rabbitmq-release-signing-key.asc
gpgcheck=1
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
metadata_expire=300
pkg_gpgcheck=1
autorefresh=1
type=rpm-md
6.3 Install RabbitMQ and Erlang
dnf -y install rabbitmq-server erlang
6.4 Start and Enable the Service
systemctl start rabbitmq-server systemctl status rabbitmq-server systemctl enable rabbitmq-server
6.5 Configure RabbitMQ for Diskover
Enable the management plugin (provides a web-based management UI) and set up a dedicated user for Diskover:
# Enable the management UI plugin rabbitmq-plugins enable rabbitmq_management # Secure the default guest account (this password is not used by Diskover) rabbitmqctl change_password guest your-guest-password # Create a dedicated Diskover user (choose your own username and password) rabbitmqctl add_user diskover your-rabbitmq-password # Grant administrator privileges rabbitmqctl set_user_tags diskover administrator # Set permissions rabbitmqctl set_permissions -p / diskover ".*" ".*" ".*" # Restart to apply changes systemctl restart rabbitmq-server systemctl status rabbitmq-server
6.6 Verify RabbitMQ
The RabbitMQ Management UI should now be accessible at:
http://your-rabbitmq-host:15672/
Log in with the diskover user and password you created above.
Post-Installation Configuration
With all components installed, it's time to configure the Diskover platform through the Admin Wizard.
1. Complete the Diskover Admin Wizard
Navigate to the Diskover Admin interface:
http://your-web-host-ip:8000/diskover_admin/
If SSL is enabled:
https://your-ssl-domain/diskover_admin/
Follow the Admin Wizard to configure:
Elasticsearch connection — Enter your Elasticsearch host IP and port (default: 9200)
RabbitMQ connection — Enter the RabbitMQ host IP, port (default: 5672), and the
diskoveruser credentials you createdSystem settings — Review and adjust as needed
For detailed wizard instructions, see: Diskover Admin Wizard
2. Install the Diskover License
Navigate to the license section in Diskover Admin and upload your license file. A valid license must be installed before Diskoverd workers can start.
3. Start Diskoverd
Now that the Admin is configured and licensed, start the worker daemon:
systemctl start diskoverd journalctl -fu diskoverd
Watch the journal output to confirm the worker connects successfully. Then verify:
systemctl status diskoverd
4. Start Celery
With RabbitMQ connection details now configured in Diskover Admin, start Celery:
systemctl start celery systemctl status celery
5. Access the Web UI
Open your browser and navigate to:
http://your-web-host-ip:8000
If SSL is enabled:
https://your-ssl-domain
Log in and verify that:
The dashboard loads
Your worker appears in Task Panel > Workers as online
You can create and run a test scan
Service Management
All Diskover services are managed via systemd. Here's a quick reference:
Service | systemd Unit | Host | Start | Status | Logs |
|---|---|---|---|---|---|
Elasticsearch |
| ES host |
|
|
|
Nginx |
| Web host |
|
|
|
PHP-FPM |
| Web host |
|
|
|
Diskover Admin |
| Web host |
|
|
|
Diskoverd |
| Worker host |
|
|
|
Celery |
| Worker host |
|
|
|
RabbitMQ |
| RabbitMQ host |
|
|
|
Verification & Health Checks
After installation, use these checks to confirm everything is working:
Check | Command / URL | Expected Result |
|---|---|---|
Elasticsearch health |
|
|
RabbitMQ status |
| Running, listeners on port 5672 |
RabbitMQ Management UI |
| Login page loads |
Nginx status |
|
|
PHP-FPM status |
|
|
Diskover Admin |
| Admin dashboard loads |
Diskover Web UI |
| Login page loads |
Diskoverd |
|
|
Celery |
|
|
Worker registration | Task Panel > Workers tab in Web UI | Worker(s) listed as online |
Troubleshooting
Issue | Cause | Solution |
|---|---|---|
Elasticsearch fails to start — memory lock error | OS limits not configured | Add |
Elasticsearch cluster status is | Missing or corrupted shards | Check |
PHP-FPM fails to start — socket already in use | Stale socket file from previous process | Run |
Diskover Web returns 502 Bad Gateway | PHP-FPM is not running or socket path mismatch | Verify PHP-FPM is running and that the |
Diskoverd won't start | No license installed or Admin API not configured | Install a valid license via Diskover Admin and ensure the |
Celery won't connect to RabbitMQ | RabbitMQ connection not configured in Admin | Configure the RabbitMQ host, port, user, and password in Diskover Admin > System > Message Queue |
Web UI login loops or fails | SQLite database permissions incorrect | Run |
Log File Locations
Component | Log Location |
|---|---|
Elasticsearch |
|
Diskoverd |
|
Celery |
|
Nginx |
|
PHP-FPM |
|
Diskover Admin |
|
RabbitMQ |
|
Support
Documentation: https://docs.diskoverdata.com
Support Portal: https://support.diskoverdata.com
Knowledge Base: https://support.diskoverdata.com/hc/en-us
When submitting a support ticket, please include:
Diskover version installed
Target OS and version (
cat /etc/os-release)Which component is failing
Relevant log output from the log locations table above
Any error messages displayed in the Web UI or Admin interface
Comments
0 comments
Please sign in to leave a comment.