Installing Bacularis¶

Overview
Requirements
Install using RPM packages
Install using DEB packages
Install using Docker
Install using Composer
Install manually
Bacularis and Baculum
Enable SSL
PGP verification key

Overview¶

Installation process can be performed using binary packages, Docker image, PHP Composer or manually using source archives.

Requirements¶

Bacularis uses the following components to work:

Web server that supports URL rewriting,

PHP >= 7.4.0 with modules:

php-bcmath

php-curl

php-xml

php-json

php-ldap

php-mysqlnd

php-pdo

php-pgsql

php-intl

Access to local or remote Bacula Catalog database,

Bacula bconsole access,

If you are going to configure Bacula via Bacularis, read/write access to Bacula configuration files for the web server user.

Note

In case installing Bacularis by binary DEB or RPM packages all requirements (web server, PHP modules) are installed automatically as the package dependencies. In case installation by Docker, everything is already installed and ready to use.

Install using RPM packages¶

Package repositories¶

The binary package repositories with the latest Bacularis are available for the following operating systems:

AlmaLinux 8

AlmaLinux 9

CentOS 8

CentOS Stream 8

CentOS Stream 9

Debian 11 Bullseye

Debian 12 Bookworm

Fedora 38

Fedora 39

Fedora 40

Oracle Linux 8

Oracle Linux 9

Rocky Linux 8

Rocky Linux 9

Ubuntu 20.04 Focal

Ubuntu 22.04 Jammy

Ubuntu 23.04 Lunar

Ubuntu 23.10 Mantic

Ubuntu 24.04 Noble

Ubuntu 24.10 Oracular

To get the binary packages you need to register in the user panel at https://users.bacularis.com After registering you will be able to use the Bacularis package repositories.

Installation¶

Bacularis can be installed with one of the following web servers:

Apache

Nginx

Lighttpd

Below you can find a list of all rpm packages with a brief description:

bacularis - main the Bacularis package with application files,

bacularis-httpd - Apache web server configuration files for the Bacularis,

bacularis-nginx - Nginx web server configuration files for the Bacularis,

bacularis-lighttpd - Lighttpd web server configuration files for the Bacularis.

bacularis-selinux - SELinux policy module for the Bacularis.

Note

On some operating systems (CentOS 8, CentOS Stream 8, AlmaLinux 8, Oracle Linux 8, Rocky Linux 8 default PHP version is 7.2. The minimal PHP version required by Bacularis is 7.4. So please switch PHP to 7.4 as described here: HTTP error 500 and no interface page is loading.

Apache web server¶

dnf install bacularis bacularis-httpd bacularis-selinux

At the end please restart (or reload) the new Apache web server configuration:

systemctl restart httpd

Nginx web server¶

dnf install bacularis bacularis-nginx bacularis-selinux

At the end please restart (or reload) the new Nginx web server configuration:

systemctl restart nginx

Lighttpd web server¶

dnf install bacularis bacularis-lighttpd bacularis-selinux

Start PHP-FPM service:

systemctl start php-fpm

At the end please restart (or reload) the new Lighttpd web server configuration:

systemctl restart bacularis-lighttpd

Access in web browser¶

The Bacularis web interface is available at http://localhost:9097 with default user admin and password admin.

Install using DEB packages¶

Package repositories¶

The binary package repositories with the latest Bacularis are available for the following operating systems:

AlmaLinux 8

AlmaLinux 9

CentOS 8

CentOS Stream 8

CentOS Stream 9

Debian 11 Bullseye

Debian 12 Bookworm

Fedora 38

Fedora 39

Fedora 40

Oracle Linux 8

Oracle Linux 9

Rocky Linux 8

Rocky Linux 9

Ubuntu 20.04 Focal

Ubuntu 22.04 Jammy

Ubuntu 23.04 Lunar

Ubuntu 23.10 Mantic

Ubuntu 24.04 Noble

Ubuntu 24.10 Oracular

To get the binary packages you need to register in the user panel at https://users.bacularis.com After registering you will be able to use the Bacularis package repositories.

Installation¶

Bacularis can be installed with one of the following web servers:

Apache

Nginx

Lighttpd

Below you can find a list of all deb packages with a brief description:

bacularis - main the Bacularis package with application files,

bacularis-apache2 - Apache web server configuration files for the Bacularis,

bacularis-nginx - Nginx web server configuration files for the Bacularis,

bacularis-lighttpd - Lighttpd web server configuration files for the Bacularis.

Apache web server¶

apt install bacularis bacularis-apache2

After installation you must enable the rewrite and the proxy FastCGI Apache modules:

a2enmod rewrite

a2enmod proxy_fcgi

You must enable the Apache PHP-FPM configuration. Please select one of the a2enconf commands that match your PHP version installed in the system. The PHP version you can check for example by running PHP cli command: php -v:

For PHP 7.4 it is command:

a2enconf php7.4-fpm

For PHP 8.1 it is command:

a2enconf php8.1-fpm

For PHP 8.2 it is command:

a2enconf php8.2-fpm

For PHP 8.3 it is command:

a2enconf php8.3-fpm

There is also required to enable the bacularis virtual host site:

a2ensite bacularis

At the end please restart (or reload) the new Apache web server configuration:

systemctl restart apache2

Nginx web server¶

apt install bacularis bacularis-nginx

After installation you must enable the bacularis site:

ln -s /etc/nginx/sites-available/bacularis.conf /etc/nginx/sites-enabled/

At the end please restart (or reload) the new Nginx web server configuration:

systemctl restart nginx

Lighttpd web server¶

apt install bacularis bacularis-lighttpd

Restart the new Lighttpd web server configuration:

systemctl restart bacularis-lighttpd

Access in web browser¶

The Bacularis web interface is available at http://localhost:9097 with default user admin and password admin.

Install using Docker¶

Installation¶

On the Docker Hub service are available Bacularis container images. They are in few variants to use:

bacularis-standalone [https://hub.docker.com/r/bacularis/bacularis-standalone]

It contains fully configured Bacularis webGUI and API with Bacula Director, Storage Daemon and File Daemon and also PostgreSQL database server. The image can be used for example for trying Bacularis in own environment.

The command to run container:

docker run -d -p 9097:9097 bacularis/bacularis-standalone

bacularis-web [https://hub.docker.com/r/bacularis/bacularis-web]

It contains a pure the Bacularis web interface without API layer. It can be used to connect external Bacularis API server(s) in containers or outside them.

The command to run container:

docker run -d -p 9097:9097 bacularis/bacularis-web

bacularis-api-dir [https://hub.docker.com/r/bacularis/bacularis-api-dir]

It contains installed and configured the Bacularis API with ready to use Bacula Director and PostgreSQL database server. The image can be used to connect to existing Bacularis Web instances running in containers or outside them.

The command to run container:

docker run -d -p 9097:9097 bacularis/bacularis-api-dir

bacularis-api-sd [https://hub.docker.com/r/bacularis/bacularis-api-sd]

It contains installed and configured the Bacularis API with ready to use Bacula Storage Daemon. The image can be used to connect to existing Bacularis Web instances running in containers or outside them.

The command to run container:

docker run -d -p 9097:9097 bacularis/bacularis-api-sd

bacularis-api-fd [https://hub.docker.com/r/bacularis/bacularis-api-fd]

It contains installed and configured the Bacularis API with ready to use Bacula File Daemon. The image can be used to connect to existing Bacularis Web instances running in containers or outside them.

The command to run container:

docker run -d -p 9097:9097 bacularis/bacularis-api-fd

Access in web browser¶

The Bacularis web interface is available at http://localhost:9097 with default user admin and password admin.

Install using Composer¶

The PHP requirements together with other requirements can be installed by the commands below.

For rpm-based systems

dnf install curl patch php-cli php-bcmath php-curl php-xml php-json php-ldap php-mysqlnd php-pdo php-pgsql php-intl

For deb-based systems

apt install curl patch php-cli php-bcmath php-curl php-xml php-json php-ldap php-mysql php-pdo php-pgsql php-intl

To install Bacularis you need to download the Composer phar archive and install it in system. After that, you can install Bacularis.

The Composer installation:

curl -s http://getcomposer.org/installer | php
mv composer.phar /usr/local/bin/composer

Bacularis installation:

composer create-project bacularis/bacularis-app

Once it is done, you need to set proper permissions for specific Bacularis directories. You can do it by executing the install script as the root user:

bacularis-app/protected/tools/install.sh

Note

This is note for using Nginx or Lighttpd web server. On some operating systems (like DEB-based) where default PHP-FPM socket is different than /run/php-fpm/www.sock you have to provide the PHP-FPM socket path to the install.sh script. It can be done by using an additional -p parameter like below (example for PHP 7.4):

bacularis-app/protected/tools/install.sh -p /var/run/php/php7.4-fpm.sock

If you don’t know the PHP-FPM socket path in your operating system, you can find it using the following command:

find /run/php* -name '*.sock'

This install.sh script also will prepare web server configuration for popular web servers. The result file will be named bacularis-apache.conf, bacularis-nginx.conf or bacularis-lighttpd.conf (depending on used web server) and it will be available in the main Bacularis directory. You need to provide it to location on the filesystem where it can be used by the web server.

Installation using Composer on RPM-based system

Installation using Composer on DEB-based system

Access in web browser¶

The Bacularis web interface is available at http://localhost:9097 with default user admin and password admin.

Install manually¶

Prepare files¶

To install Bacularis manually, you need to download five source archives: four archives that correspond the Bacularis layers and one archive with the external dependencies. They are:

bacularis-api-x.y.z.tar.gz

bacularis-common-x.y.z.tar.gz

bacularis-web-x.y.z.tar.gz

bacularis-app-x.y.z.tar.gz

bacularis-external-x.y.z.tar.gz

You can download all of them to the same directory in the following way (example for version 3.2.1):

BACULARIS_VER=3.2.1
mkdir -p /var/www/bacularis
cd /var/www/bacularis
wget -O bacularis-api-$BACULARIS_VER.tar.gz https://github.com/bacularis/bacularis-api/archive/refs/tags/$BACULARIS_VER.tar.gz
wget -O bacularis-common-$BACULARIS_VER.tar.gz https://github.com/bacularis/bacularis-common/archive/refs/tags/$BACULARIS_VER.tar.gz
wget -O bacularis-web-$BACULARIS_VER.tar.gz https://github.com/bacularis/bacularis-web/archive/refs/tags/$BACULARIS_VER.tar.gz
wget -O bacularis-app-$BACULARIS_VER.tar.gz https://github.com/bacularis/bacularis-app/archive/refs/tags/$BACULARIS_VER.tar.gz
wget https://bacularis.app/downloads/bacularis-external-$BACULARIS_VER.tar.gz

Once the source archives are downloaded you can extract them and prepare Bacularis files as below:

tar --strip-components 1 -zxvf bacularis-app-$BACULARIS_VER.tar.gz
tar --strip-components 1 -C protected -zxvf bacularis-external-$BACULARIS_VER.tar.gz
mkdir -p protected/vendor/bacularis/bacularis-common
mkdir -p protected/vendor/bacularis/bacularis-api
mkdir -p protected/vendor/bacularis/bacularis-web
tar --strip-components 1 -C protected/vendor/bacularis/bacularis-common -zxvf bacularis-common-$BACULARIS_VER.tar.gz
tar --strip-components 1 -C protected/vendor/bacularis/bacularis-api -zxvf bacularis-api-$BACULARIS_VER.tar.gz
tar --strip-components 1 -C protected/vendor/bacularis/bacularis-web -zxvf bacularis-web-$BACULARIS_VER.tar.gz
# NOTE: this backslash in cp is intentional
\cp -rf protected/vendor/bacularis/bacularis-common/project/* ./
cp protected/vendor/bacularis/bacularis-common/project/protected/samples/webserver/bacularis.users.sample protected/vendor/bacularis/bacularis-api/API/Config/bacularis.users
cp protected/vendor/bacularis/bacularis-common/project/protected/samples/webserver/bacularis.users.sample protected/vendor/bacularis/bacularis-web/Web/Config/bacularis.users
ln -s vendor/bacularis/bacularis-common/Common protected/Common
ln -s vendor/bacularis/bacularis-api/API protected/API
ln -s vendor/bacularis/bacularis-web/Web protected/Web
cp protected/vendor/bower-asset/fontawesome/css/all.min.css htdocs/themes/Baculum-v2/fonts/css/fontawesome-all.min.css
cp -r protected/vendor/bower-asset/fontawesome/webfonts/* htdocs/themes/Baculum-v2/fonts/webfonts/

Now you can remove the source archives:

rm -f bacularis-common-$BACULARIS_VER.tar.gz \
     bacularis-api-$BACULARIS_VER.tar.gz \
     bacularis-web-$BACULARIS_VER.tar.gz \
     bacularis-app-$BACULARIS_VER.tar.gz \
     bacularis-external-$BACULARIS_VER.tar.gz

After this part there is needed to install Bacularis dependencies.

In this case we used Nginx web server but it can be any other web server as well.

RPM-based Linux distributions¶

Installing dependencies on RPM-based Linux distributions looks like below:

dnf install nginx \
              php-fpm \
              php-bcmath \
              php-curl \
              php-xml \
              php-json \
              php-ldap \
              php-mysqlnd \
              php-pdo \
              php-pgsql \
              php-intl \
              expect

DEB-based Linux distributions¶

Installing dependencies on DEB-based Linux distributions looks like below:

apt install nginx \
              php-fpm \
              php-bcmath \
              php-curl \
              php-xml \
              php-json \
              php-ldap \
              php-mysql \
              php-pdo \
              php-pgsql \
              php-intl \
              expect

SELinux settings¶

If you use SELinux in your operating system, you need to prepare the additional steps below to build and install the Bacularis SELinux module. Also we need to set new labels for some Bacularis paths.

First you need to install SELinux dependecies:

dnf install selinux-policy \
            selinux-policy-devel \
            checkpolicy \
            make

Next please run the following commands:

make -C protected/samples/selinux/ -f /usr/share/selinux/devel/Makefile bacularis.pp
install -D -m 644 protected/samples/selinux/bacularis.pp /usr/share/selinux/packages/bacularis/bacularis.pp
semanage fcontext -a -t httpd_sys_content_t '/var/www/bacularis(/.*)?'
semanage fcontext -a -t httpd_sys_rw_content_t '/var/www/bacularis/protected/vendor/bacularis/bacularis-api/API/Config(/.*)?'
semanage fcontext -a -t httpd_sys_rw_content_t '/var/www/bacularis/protected/vendor/bacularis/bacularis-api/API/Logs(/.*)?'
semanage fcontext -a -t httpd_sys_rw_content_t '/var/www/bacularis/protected/vendor/bacularis/bacularis-web/Web/Config(/.*)?'
semanage fcontext -a -t httpd_sys_rw_content_t '/var/www/bacularis/protected/vendor/bacularis/bacularis-web/Web/Logs(/.*)?'
semanage fcontext -a -t httpd_cache_t '/var/www/bacularis/htdocs/assets(/.*)?'
semanage fcontext -a -t httpd_cache_t '/var/www/bacularis/protected/runtime(/.*)?'
restorecon -i -R '/var/www/bacularis'
semodule -i /usr/share/selinux/packages/bacularis/bacularis.pp

Optional commands¶

If you don’t have Bacula yet and you are going to install Bacula though the Bacularis install wizard, you also need to execute the following commands below. If you are going to use this Bacularis with existing Bacula installation, these commands are not needed.

mkdir /etc/bacularis
ln -s /var/www/bacularis/protected/API/Config /etc/bacularis/API
ln -s /var/www/bacularis/protected/Web/Config /etc/bacularis/Web
ln -s /var/www/bacularis /usr/share/bacularis

Prepare to run¶

Now you ned to run install script to set Bacularis files permissions and to prepare the web server configuration file.

Example for RPM-based systems

protected/tools/install.sh -p /run/php-fpm/www.sock

Example for DEB-based systems

protected/tools/install.sh -p /run/php/php-fpm.sock

Note

The -p parameter is for providing PHP-FPM socket to preparing the web server configuration. You need to make sure what is name of the default PHP-FPM socket in your operating system. You can do it using for example this command: find /run/php* -name '*.sock'

After starting the install.sh script we should see the following output where we can answer on two questions:

+===================================================+
|      Welcome in the Bacularis install script      |
+---------------------------------------------------+
|  This script will help you to adjust privileges   |
|  for Bacularis files and it will prepare          |
|  configuration files for popular web servers.     |
+---------------------------------------------------+



What is your web server type?
1 Apache (default)
2 Nginx
3 Lighttpd
4 Other
Please type number between 1-4 [1]: 2

What is your web server user? [www-data]: apache
[INFO] Web server config file you can find in /var/www/bacularis/bacularis-nginx.conf
[INFO] Please move it to appropriate location.
[INFO] End.

Now you need to provide the prepared web server config to the web server configuration files directory:

mv /var/www/bacularis/bacularis-nginx.conf /etc/nginx/conf.d/

Note

If you use SELinux, you have to now run restorecon -i -R '/etc/nginx/conf.d'

At the end we restart the web server.

systemctl restart nginx

Access in web browser¶

The Bacularis web interface is available at http://localhost:9097 with default user admin and password admin.

Bacularis and Baculum¶

Bacularis installation on host with Baculum¶

Bacause Bacularis uses its own paths in the system, different from the Baculum’s paths, it means that these two web interfaces can coexist independently on the same host. From the web interface side they use different ports.

If Baculum and Bacularis installed on the same host work with the same Bacula instance, please make sure that you do not configure Bacula resources in Baculum and Bacularis at the same time because it could lead to overwritting Bacula configuration once by Baculum and once by Bacularis. For the administration tasks like running backup, restore, monitoring statuses and others there is not any additional limitation for that.

Enable SSL¶

In this section you can find descriptions about how to enable in Bacularis the encrypted HTTPS connection with using SSL certificate. The instructions are divided into smaller sections depending on the web server and operating system you are using.

Create self-signed certificate¶

1. Create private key and self-signed certificate

openssl req -new -x509 -keyout /etc/bacularis/bacularis_key.pem -out /etc/bacularis/bacularis_cert.pem -days 365 -nodes

2. Set secure permissions for the key file

chmod 400 /etc/bacularis/bacularis_key.pem

Apache web server¶

1. Enable Apache SSL module

RPM-based operating systems:

dnf install mod_ssl

DEB-based operating systems:

a2enmod ssl

2. Find the Bacularis Apache configuration file

The Bacularis Apache configuration file can be located in various paths depending on the operating system you are using.

RPM-based systems:

/etc/httpd/conf.d/bacularis.conf

DEB-based systems:

/etc/apache2/sites-available/bacularis.conf

3. Add the following lines to the Bacularis Apache config in the VirtualHost section

SSLEngine on
SSLCertificateFile "/etc/bacularis/bacularis_cert.pem"
SSLCertificateKeyFile "/etc/bacularis/bacularis_key.pem"

4. Restart the web server

RPM-based systems:

systemctl restart httpd

DEB-based systems:

systemctl restart apache2

5. Enable HTTPS in Bacularis

To set HTTPS connection between Web -> API you have to change the Bacularis configuration as described here:

Error 100 after switching connection from HTTP to HTTPS

Nginx web server¶

1. Find the Bacularis Nginx configuration file

The Bacularis Nginx configuration file can be located in various paths depending on the operating system you are using.

RPM-based systems:

/etc/nginx/conf.d/bacularis.conf

DEB-based systems:

/etc/nginx/sites-available/bacularis.conf

2. Modify line in the Bacularis Nginx configuration file

From:

listen 9097;

To:

listen 9097 ssl;

3. Add the following lines to the Bacularis Nginx config in the server section

ssl_certificate /etc/bacularis/bacularis_cert.pem;
ssl_certificate_key /etc/bacularis/bacularis_key.pem;

4. Restart the web server

systemctl restart nginx

5. Enable HTTPS in Bacularis

To set HTTPS connection between Web -> API you have to change the Bacularis configuration as described here:

Error 100 after switching connection from HTTP to HTTPS

Lighttpd web server¶

1. Add the following lines to /etc/bacularis/bacularis-lighttpd.conf file

server.modules += ( "mod_openssl" )
ssl.engine = "enable"
ssl.pemfile = "/etc/bacularis/bacularis_cert.pem"
ssl.privkey = "/etc/bacularis/bacularis_key.pem"

2. Restart the web server

systemctl restart bacularis-lighttpd

3. Enable HTTPS in Bacularis

To set HTTPS connection between Web -> API you have to change the Bacularis configuration as described here:

Error 100 after switching connection from HTTP to HTTPS

PGP verification key¶

All DEB and RPM packages are signed.

The PGP key parameters:

Userid     : "Marcin Haba <marcin.haba@bacula.pl>"
Fingerprint: 546E 19BB E5BD D219 644C 0851 E72D 44EC 5C3D BD51
From       : https://packages.bacularis.app/bacularis.pub
Algorithm  : RSA
Size:      : 2048 bit

The key block: