Provider appliance

From regify WIKI
Jump to navigation Jump to search

Key features

The regify Provider Software Appliance can get described with the following key attributes:

  1. Software appliance, based on a special Linux version (comes as an ISO image).
  2. Hardened for 24/7 internet availability and security
    1. Built-in firewall blocking all unused ports.
    2. Application based intrusion detection system (IDS) to be a second firewall against various attacks (XSS, SQL injection, header injection, Directory traversal, Remote File Execution, Local File Inclusion, DoS).
    3. All unused services, users and groups are removed or stopped.
    4. Continuously updated by "check for updates" function including all operating system and application components (Kernel, Apache, MySQL, OpenSSL etc).
    5. Appliance management is only available by SSH from internal IP address range or (optional) from dedicated external IP addresses.
  3. Supports database replication (Master-Slave, Cross-Master) for full redundancy and high availability.
  4. Offers easy SSL certificate generation and usage (menu guided).
  5. Fully supports all Subprovider features (handles multiple IP addresses, customizations etc).
  6. Included database (MySQL, with MariaDB as an alternative).
  7. Included Apache Webserver with PHP environment.
  8. Included MTA (Mail Tranfer Agent) which is also usable as relay with a company SmartHost.
  9. Automatic time-synchronisation using NTP.
  10. Fully supporting NAGIOS monitoring (more information below on this page).
  11. Supports external loadbalancers and SSL offloading.
  12. Use any network SMB shares for regibox storage (optional).
  13. Installs in less than 10 minutes.
  14. Allows easy and automatic updates.
  15. Does not need any advanced Linux knowledge.

Hardware requirements

You can find the hardware requirements at the Hardware page.

Performance considerations

You can find information about performance and speed at the Hardware page.

Monitoring support

The regify provider software appliance offers you two kind of monitoring:

Nagios support

The regify provider software appliance gives you access to the standard NAGIOS client plugins. Here is a list of the plugins that are contained (regify provider V4 - 02/2015):

  • nagios-plugins-cluster
  • nagios-plugins-dig
  • nagios-plugins-disk
  • nagios-plugins-dns
  • nagios-plugins-dummy
  • nagios-plugins-file_age
  • nagios-plugins-http
  • nagios-plugins-icmp
  • nagios-plugins-ide_smart
  • nagios-plugins-ifoperstatus
  • nagios-plugins-ifstatus
  • nagios-plugins-linux_raid
  • nagios-plugins-load
  • nagios-plugins-log
  • nagios-plugins-mailq
  • nagios-plugins-memcheck
  • nagios-plugins-mysql
  • nagios-plugins-nrpe-2.14-5.rf.i386
  • nagios-plugins-ntp
  • nagios-plugins-perl
  • nagios-plugins-ping
  • nagios-plugins-procs
  • nagios-plugins-smtp
  • nagios-plugins-ssh
  • nagios-plugins-swap
  • nagios-plugins-tcp
  • nagios-plugins-time
  • nagios-plugins-users

The supported protocol is NRPE.

By default, NAGIOS is disabled but the plugins are available.

There is no GUI support for Nagios, so the usage is for experts only.

Built-in monitoring script

The regify provider software appliance offers a dedicated HTTPS call to get information about the health of the regify provider. By calling this prepared URL, it returns either

  • "OK" -> Everything is fine
  • "WARNING: description" -> System still running, but there are problems
  • "ERROR: description" -> System is in maintenance mode and not running

The description contains detailed information about the reason of the current state.


This monitoring call allows you to generate basic monitoring with no big efforts. This call is testing the following things:

  • Clearing connection health?
  • Is the provider in maintenance mode?
  • Is free disk space bigger than 300MB?
  • Is regibox space available and working (if enabled)?
  • Do we have working cryptography?
  • How is internal database connectivity?