Installation on RHEL/AlmaLinux/Rocky Linux

This chapter focuses on the package-based installation process of an opsi server on Red Hat Enterprise Linux (RHEL), AlmaLinux, and Rocky Linux.

Proxy Settings

For the installation process, it’s important to ensure that you have Internet access via HTTP/HTTPS.

If you need to access through an HTTP proxy, it’s recommended to set the proxy settings at a system-wide level using environment variables. These should be entered into the /etc/environment file.

Keep in mind that the names of these environment variables consist only of lowercase letters.
  • http_proxy: Configures the proxy for HTTP connections. It requires the full URL, including if authentication is needed:

  • https_proxy: Similar to http_proxy but for HTTPS connections:

  • no_proxy: Lists addresses that should bypass the proxy. Use commas to separate multiple addresses:
    Remember these rules for addresses:

    • Only use lowercase letters.

    • Include IP addresses only for direct access via IPs, as no name resolution occurs for exceptions.

    • CIDR notation for IP address ranges (like is not supported.

    • Always include exceptions for localhost and

    • Wildcards and regular expressions are not supported.

    • Treat each name as a suffix, so applies to all hostnames ending in

    • Optionally, add a specific port after a colon for each address to confine the exception to that port.

Here’s an example for setting up the /etc/environment file:


To apply the changes to the currently running shell, execute the following commands:

set -a; source /etc/environment; set +a
For Suse distributions, the NO_PROXY parameter in the /etc/sysconfig/proxy file needs to be adjusted. Set NO_PROXY=,localhost,company.tld as appropriate.

If the access to opsiconfd is channeled through a proxy, the service requests will appear to originate from the IP address of the proxy. As a result, all functionalities that rely on the client’s IP address, such as networks, admin-networks, update-ip, or max-session-per-ip, might not operate correctly. To address this, you can define trusted proxy addresses using the trusted-proxies parameter. When a connection comes from a trusted proxy, the server will look at the X-Forwarded-For header to ascertain the real IP address of the client.




If you are using Red Hat Enterprise Linux, it’s necessary to register with the Red Hat Network to access all the required packages:

sudo subscription-manager register
sudo subscription-manager attach --auto

Install Samba and MariaDB:

sudo yum install mariadb-server samba samba-client

Start and configure Samba and MariaDB:

sudo systemctl start smb.service
sudo systemctl start nmb.service
sudo systemctl start mariadb.service
sudo systemctl enable smb.service
sudo systemctl enable nmb.service
sudo systemctl enable mariadb.service
sudo mysql_secure_installation
If the machine is also to be used as a DHCP server, the dhcpd daemon must be installed and configured.

Configuring Repositories

Add the Grafana repository:

sudo cat <<EOF | sudo tee /etc/yum.repos.d/grafana.repo

Add the opsi repository that matches your distribution:


sudo cd /etc/yum.repos.d/
sudo wget
sudo yum makecache


sudo cd /etc/yum.repos.d/
sudo wget
sudo yum makecache

AlmaLinux 9:

sudo cd /etc/yum.repos.d/
sudo wget}.repo
sudo yum makecache

AlmaLinux 8:

sudo cd /etc/yum.repos.d/
sudo wget}/AlmaLinux_8/home:uibmz:opsi:4.3:stable.repo
sudo yum makecache

Rocky Linux 9:

sudo cd /etc/yum.repos.d/
sudo wget
sudo yum makecache

Rocky Linux 8:

sudo cd /etc/yum.repos.d/
sudo wget
sudo yum makecache

Oracle Linux 8:

sudo cd /etc/yum.repos.d/
sudo wget
sudo yum makecache

Oracle Linux 9:

sudo cd /etc/yum.repos.d/
sudo wget
sudo yum makecache

Installing the Packages

Install the package opsi-server-full:

sudo yum install opsi-server-full

If you encounter a message prompting for confirmation when importing the GnuPG key of the repository, simply type y and press [Enter] to confirm the addition of the key:

Importing GPG key 0xD8361F81 "home:uibmz OBS Project " from
Is this ok [y/N]: y
As an alternative to the opsi-server-full package, you can install either opsi-server or opsi-server-expert. These packages differ in their dependencies and are tailored for scenarios where you prefer to run MySQL, Redis, or Grafana on separate servers. While opsi-server and opsi-server-expert provide more flexibility, they are best suited for experienced Linux administrators.
Make sure that your firewall and SELinux configurations permit connections on ports 69/UDP (TFTP) and both 4447/TCP and 4441/TCP (opsi). Further information on SELinux can be found at SELinux.

The opsi server is now set up and ready for the next steps.