Rulex Platform Server#

As mentioned in the introductory pages, Rulex Platform has a server installation, too.

This page is divided into two subsections:

  • the Installation section, where the steps to perform on the PowerShell are listed, along with the possible arguments.

  • the First Access Configuration section, where the steps to perform on Azure and how to configure the First User Access page for an Azure account are listed.

Warning

This installation is supported on Windows only.

Note

These items will be provided by the Rulex Sales team before installation.

The following prerequisites must be met by the machine which is being used (all the values listed below should be considered as recommended):

Prerequisites

  • Rulex Platform Installer: the installer is the executable that will guide you through the installation phase, providing all the files required to run Rulex Platform.

  • Product Key: the Product Key is a code, which is provided along with the installer, identifying all the features of the purchased license. It is a combination of alphanumerical characters that contains,

    • The services purchased and the limitations you have on their use (e.g. the tasks included in your package);

    • The number of users that can use the services simultaneously;

    • The maximum number of sessions that can be run at the same time.

Requirement Area

Details

Runtime prerequisite

Microsoft Windows 10 (64 bit) - 1909 or higher.
Windows Server 2016 or higher.

CPU

CPU with x86_64 architecture. 4 core minimum, 8 core recommended.

RAM

4 GB (minimum), 16 GB (recommended), 32 GB (best performance) - single user application.
8 GB (minimum), 32 GB (recommended), 64 GB (best performance) - multiple users application, server-like.

Hard Disk Space

50 GB (minimum), 100 GB (recommended), 200 GB (best performance) - single user application.
100 GB (minimum), 250 GB (recommended). 1 TB (best performance) - multiple users application, server-like.

IOPS

1000 minimum, 2000 recommended.

Network

https://licensemanager.rulex.cloud/license must always be accessible.

Additional tools

Microsoft C++ Redistributable, which can be downloaded from here. The link is also provided during the installation process in the standard installation.

Installation#

To successfully install Rulex Platform server and perform the First Access Configuration, follow the steps listed below.

Warning

The operations listed below must be performed through PowerShell as Administrator.

Procedure

  1. Locate the installer on your machine and open the PowerShell, by choosing Run as Administrator.

  2. To see the installation features, browse to the folder where the installer is located and type the following command: .\rulex_platformserver_installer_version.exe --help. Use the table below to understand the arguments listed after having typed this command.

  3. Browse to the folder where the installer is located and type the command to install Rulex Platform Server. Depending on the installation type, the following commands are available:

    • .\rulex_platformserver_installer_version.exe, if it is not the first configuration.

    • .\rulex_platformserver_installer_version.exe --settings path_of_the_settings_file, if a settings file in .yaml format is present on the machine.

    • .\rulex_platformserver_installer_version.exe --pfxFilePath pfx_path --pfxPassword pfx_password, if an HTTPS protocol has been chosen and if the certificate is already present.

    • .\rulex_platformserver_installer_version.exe --certSubject cert_subject --pfxPassword, if the certificate is stored on Windows Certificate Manager Tool.

    • .\rulex_platformserver_installer_version.exe --disableSsl, if the installation will be performed in a closed environment.

  4. Save the First configuration password, as it is required for the First Access Configuration, and it will no longer be available once the PowerShell is closed.

  5. Activate Rulex Platform Service in the Services window by right-clicking on it and clicking Start. By right-clicking on the service and selecting Properties, the service’s Startup type can be modified.

Parameter

Description

Type

Default

--help

Shows all details on the installer.

--debug

Enables extra logs for troubleshooting.

Bool

False

--installationDir

Specifies the directory where Rulex Platform Server will be installed during the setup. It allows users to customize the installation location.

String

C:\ProgramFiles\RulexPlatformServer

--settings

Settings file which will be used during the installation.

String

--authServerUrl

The AuthServer url, if it is not provided, the default is the local machine.

String

--privateKeyPassphrase

Passphrase used to generate a privateKey, if not present.

String

``

--privateKeySize

The size of the private key to be generated, if not present.

Int

4096

--overrideExistingPrivateKey

Force the override of the privateKey, if it has already been created in a previous installation

Bool

False

--disableSsl

Turns off the HTTPS encryption on a reverse proxy, removing the need for SSL/TLS certificates.

Bool

False

--pfxFilePath

The path of the pfx file. It is mandatory if there is no certificate saved in the Windows Certificate manager. If it is provided, the argument pfxPassword is mandatory, too. This argument conflicts with the argument certSubject.

String

--pfxPassword

The pfx file password. It is mandatory if it is not present in the settings, and if the argument pfxFilepath has been provided.

String

--certSubject

The certificate’s subject. It is mandatory if it is not present in the settings. This argument conflicts with the argument pfxFilePath.

String

--certStore

Certificate store in the Windows Certificate Manager tool.

String

My

--service

Enables or disables the installation of the Windows service.

Bool

True

--serviceUsername

The username of the service.

String

--servicePassword

The password for the service username.

String

--serviceStartup

The service’s startup mode.

String

Manual

After having launched the installation, the following exit codes indicate different errors:

Exit Code

Description

1000

Admin permissions are required to run the installer.

1001

Both the pfxFilePath and the certSubject have been provided. These arguments conflict one to the other.

1002

The argument pfxFilePath has been provided without the pfxPassword argument.

1003

The settings file passed through the CLI does not exist.

1004

The password of the pfx certificate has not been provided through the CLI or through the settings file.

1005

The subject of the pfx certificate has not been provided through the CLI or through the settings file.

1006

A pfx file is passed via the installer, but a certificate with the same subject is already present.

1007

No certificate has been found.

1008

Impossible to open the pfx file.

1009

Error during the installation of RabbitMQ.

1999

Generic error.

First Access Configuration - Azure#

This section explains how to configure the First Access Configuration page, which opens upon the first Rulex Platform Server run after having configured it.

Tip

It is strongly recommended running Rulex Platform Server on Google Chrome browser.

The following providers are supported in Rulex Platform Server:

  • Google

  • Facebook

  • Microsoft Azure

  • AWS Cognito

  • Generic

Warning

This section explains how to connect Rulex Platform Server to Microsoft Graph APIs.

Check out the other providers’ documentation to know how to create an OpenID connection.

To call Microsoft Graph, an Azure application must be present and registered within the Microsoft identity platform. Follow the procedure below to create an app on Azure Admin Center.

Procedure

  1. In Azure Admin Center, select the Azure Active Directory section and choose the App registrations option.

  2. In the App registrations tab, click on New registration to register a new app. Provide a name for the new application and click Register.

  3. After the app has been registered, go to the API permissions tab. Click on Add a permission to add a permission. The following Microsoft Graph API permissions can be set:

    • offline_access (mandatory): must be set to Granted.

    • openid (mandatory): must be set to Granted.

    • User.Read (mandatory): must be set to Granted.

    • email (optional): if present, should be set to Granted.

    • profile (optional): if present, should be set to Granted.

  4. In the Authentication tab, click on Add URI in the Single-page application panel to add the URIs through which it is possible to connect to the Server version. The possible values are: the hostname (if a certificate which is not signed is used), the machine’s IP address, and the localhost.

  5. In the Token configuration tab, click Add groups claim and configure the Edit groups claim as follows:

    • Select group types to include in Access, ID, and SAML tokens: Security groups.

    • ID: Group ID

    • Access: Group ID

    • SAML: Group ID

  6. Type the chosen redirect URI on a new tab on Google Chrome (recommended) to open the First Access Configuration tab. Choose the Microsoft Azure tab and configure the First Access Configuration page as follows:

    • OpenID well-known endpoint: see how to create the OpenID endpoint in Microsoft Docs, linked here.

    • Client Id: the ID located in the application’s Overview page, associated with the Application (client) ID key.

    • Authorization password: the password retrieved by the PowerShell, as explained in the Installation paragraph.

    • Product Key Claim (optional): the Product Key. If it is left empty, the product key will be required when first accessing Rulex Platform Server.

    • Groups claim (optional): where the groups will be claimed. If not specified, the default is groups, that are the machine’s groups.

    • Roles claim (optional): where the roles will be claimed. If not specified, the default is roles, but in this configuration we have specified groups as it will take into account the groups in Azure.

    • Groups mapping (optional): this table can be filled to configure the groups. In the IDP Group column, the ID of the Azure Group must be inserted. In the Platform Group, type the name for the group in the current installation.

    • Roles mapping (optional): this table can be filled to configure roles within Rulex Platform Server. In the IDP Role column, the ID of the Azure Group must be inserted In the Platform Role, type the assigned role in Rulex Platform, according to the list available here .

  7. Click FINISH.

  8. Log into Rulex Platform Server using your Microsoft account.

  9. Insert the Product Key and click CONFIRM.

Removing Rulex Platform Server Installation#

This section explains how to successfully uninstall Rulex Platform Server.

Procedure

  1. Close Rulex Platform Server.

  2. Stop RulexPlatformServer Service in the Services of the machine.

  3. Open a PowerShell as Administrator.

  4. Locate the RPServer folder on the machine and browse in the PowerShell to it.

  5. Type the following command .\uninstall.exe -h then press Enter to visualize the possible arguments, listed at the end of this procedure.

  6. Type .\uninstall.exe followed by one of the arguments listed below.

Argument

Description

Default

--debug

Enables debug mode.

--removeAll

Removes everything related with Rulex Platform Server.

False

--removeService

Removes Rulex Platform Server Windows service.

True

--removeNginxCert

Removes the certificate from Microsoft Management Console.

True

--removeDatabase

Removes all data produced by Rulex Platform Server, like flows and users.

False

--uninstallRabbit

Uninstalls RabbitMQ and Erlang

False