SnipeIT
I was in a position of needing to move a company's inventory management from an Excel spreadsheet to....well anything. Everyone points to SnipeIT being the gold standard for inventory management but I had never been in a situation where SnipeIT was being utilized. I usually had to deal with inventory management in ConnectWise or Salesforce, even the dreaded Excel spreadsheet.
I never ended up migrating that company away from their spreadsheet but I still wanted to set up and play with SnipeIT so I figured I would give it a try at home. I've been meaning to have a record of our household possessions in one place for insurance purposes, maybe SnipeIT could do that for me.
Verify System Requirements
SnipeIT does not list any system requirements other than software dependencies. So I am going to plan on 1vCPU to start, 4GB of memory and I'll run Ubuntu 22.04 on my virtual machine. The dependencies they list are:
- PHP
- JSON
- OpenSSL
- PDO
- Mbstring
- Tokenizer
- cURL
- MySQLi
- LDAP
- PHPZIP
- Fileinfo
- PHP BCMath
- PHP XML
- PHP Sodium
- MariaDB
- Mod Rewrite
Create Virtual Machine
I open Windows Admin Center and connect to HV-03. I navigate to Virtual Machines and create a new virtual machine named SNIPE-01. I set the Secure Boot settings to Microsoft UEFI Certificate Authority and mount my Ubuntu ISO.
Install Operating System
I power on SNIPE-01 and go through the Ubuntu installation wizard. While the installation is progressing I jump back into Windows Admin Center and connect to DC-02. I navigate to DNS and create the A record snipe.domain.local > 10.10.10.XXX. On my domain registrar I create an A record for snipe.domain.com.
Configure Operating System
Configure SSH Key
Steps performed on desktop via Windows Terminal
ssh-keygen -t ed25519Move-Item -Path c:\Users\david\filename* -Destination c:\Users\david\.ssh -Force- I open Windows Terminal
Settings - I open the
JSONfile and add the following:
{
"colorScheme": "Ubuntu-ColorScheme",
"commandline": "ssh -i \"~/.ssh/snipe-01\" [email protected]",
"experimental.retroTerminalEffect": false,
"font":
{
"face": "Cascadia Code"
},
"guid": "{0caa0dad-35be-5f56-a8ff-XXXXXXXXXXXXX}",
"hidden": false,
"name": "SNIPE-01",
"tabTitle": "SNIPE-01"
},
- I make sure the
GUIDis unique and then save the file
Configure SSH
Steps performed on SNIPE-01
mkdir /home/david/.sshnano /home/david/.ssh/authorized_keys- I paste in the public key and save
chmod 600 /home/david/.ssh/authorized_keyssudo nano /etc/ssh/sshd_configPermitRootLogin noPubkeyAuthentication yesPubkeyAcceptedKeyTypes ssh-ed25519PasswordAuthentication noAuthorizedKeysFile /home/david/.ssh/authorized_keys
- I save the file
sudo sshd -tsudo systemctl restart ssh
Configure Firewall
Steps performed on SNIPE-01
sudo apt install ufwufw is already the newest version (0.36.1-4build)
sudo ufw allow 22sudo ufw allow 80sudo ufw allow 443sudo ufw enableFirewall is active and enabled on system startup
Configure Fail2Ban
Steps performed on SNIPE-01
sudo apt install fail2bansudo nano /etc/fail2ban/jail.local
[DEFAULT]
bantime = 100m
findtime = 10m
maxretry = 5
ignoreip = 10.10.10.XXX
[sshd]
enabled = true
port = ssh
logpath = %(sshd_log)s
backend = %(sshd_backend)s
sudo systemctl enable fail2bansudo systemctl start fail2ban
Install SnipeIT
Steps performed on SNIPE-01
mkdir /home/david/snipe-itgit clone https://github.com/snipe/snipe-it /home/david/snipe-itcd /home/david/snipe-itcp .env.example .envsudo apt install php libapache2-mod-php php-cli php-mbstring php-curl apache2 php-mysqli php-xml php-ldap php-zip php-bcmath php-json openssl php-token-stream php-libsodium mariadb-server mariadb-clienta2enmod rewritesudo system restart apache2mysql -urootALTER USER 'root'@'localhost' IDENTIFIED BY 'Password';FLUSH PRIVILEGES;EXIT;
That's as far as I have time to go today. Excited to come back and work on this some more!