# Installing Medulla

Installation documentation for a single-site Medulla server using Ansible.

# Debian OS installation for Medulla server

##### Technical Specifications

<div id="bkmrk-pr%C3%A9-requis-%E2%80%93-dimensi" style="text-align:center;"><table class="MsoNormalTable" style="width:643px;border-collapse:collapse;"><tbody><tr><td colspan="3" style="width:417.3pt;border:solid #999999 1pt;background:#99CC66;padding:2.75pt 2.75pt 2.75pt 2.75pt;">**<span style="font-size:11pt;font-family:FreeSans;color:#ffffff;">Prerequisites – Server Sizing</span>**

</td></tr><tr><td rowspan="6" style="width:81.95pt;border-top:none;border-left:solid #999999 1pt;border-bottom:solid #999999 1pt;border-right:none;background:#99CC66;padding:2.75pt 2.75pt 2.75pt 2.75pt;">**<span style="font-size:11pt;font-family:FreeSans;color:#ffffff;">Main Server </span>**

</td><td style="width:155.4pt;border:solid #999999 1pt;border-top:none;padding:2.75pt 2.75pt 2.75pt 2.75pt;"><span style="font-family:'Liberation Serif', serif;">OS</span>

</td><td style="width:179.95pt;border-top:none;border-left:none;border-bottom:solid #999999 1pt;border-right:solid #999999 1pt;padding:0cm 0.5pt 0cm 0.5pt;"><span style="font-family:'Liberation Serif', serif;">Debian 12.x</span>

</td></tr><tr><td style="width:155.4pt;border:solid #999999 1pt;border-top:none;padding:2.75pt 2.75pt 2.75pt 2.75pt;"><span style="font-family:'Liberation Serif', serif;">Architecture</span>

</td><td style="width:179.95pt;border-top:none;border-left:none;border-bottom:solid #999999 1pt;border-right:solid #999999 1pt;padding:0cm 0.5pt 0cm 0.5pt;"><span style="font-family:'Liberation Serif', serif;">x86-64</span>

</td></tr><tr><td style="width:155.4pt;border:solid #999999 1pt;border-top:none;padding:2.75pt 2.75pt 2.75pt 2.75pt;"><span style="font-family:'Liberation Serif', serif;">CPU</span>

</td><td style="width:179.95pt;border-top:none;border-left:none;border-bottom:solid #999999 1pt;border-right:solid #999999 1pt;padding:0cm 0.5pt 0cm 0.5pt;"><span style="font-family:'Liberation Serif', serif;">8 cores</span>

</td></tr><tr><td style="width:155.4pt;border:solid #999999 1pt;border-top:none;padding:2.75pt 2.75pt 2.75pt 2.75pt;"><span style="font-family:'Liberation Serif', serif;">RAM</span>

</td><td style="width:179.95pt;border-top:none;border-left:none;border-bottom:solid #999999 1pt;border-right:solid #999999 1pt;padding:0cm 0.5pt 0cm 0.5pt;"><span style="font-family:'Liberation Serif', serif;">8 GB</span>

</td></tr><tr><td style="width:155.4pt;border:solid #999999 1pt;border-top:none;padding:2.75pt 2.75pt 2.75pt 2.75pt;"><span style="font-family:'Liberation Serif', serif;">Partition /</span>

</td><td style="width:179.95pt;border-top:none;border-left:none;border-bottom:solid #999999 1pt;border-right:solid #999999 1pt;padding:0cm 0.5pt 0cm 0.5pt;"><span style="font-family:'Liberation Serif', serif;">20 GB in EXT4</span>

</td></tr><tr><td style="width:155.4pt;border:solid #999999 1pt;border-top:none;padding:2.75pt 2.75pt 2.75pt 2.75pt;"><span style="font-family:'Liberation Serif', serif;">/var partition</span>

</td><td style="width:179.95pt;border-top:none;border-left:none;border-bottom:solid #999999 1pt;border-right:solid #999999 1pt;padding:0cm 0.5pt 0cm 0.5pt;"><span style="font-family:'Liberation Serif', serif;">400 GB minimum in XFS or mount point on a storage array</span>

</td></tr><tr><td rowspan="6" style="width:81.95pt;border-top:none;border-left:solid #999999 1pt;border-bottom:solid #999999 1pt;border-right:none;background:#99CC66;padding:2.75pt 2.75pt 2.75pt 2.75pt;">**<span style="font-size:11pt;font-family:FreeSans;color:#ffffff;">Multi-site relay servers</span>**

**<span style="font-size:11pt;font-family:FreeSans;color:#808080;">(if applicable)</span>**

</td><td style="width:155.4pt;border:solid #999999 1pt;border-top:none;padding:2.75pt 2.75pt 2.75pt 2.75pt;"><span style="font-family:'Liberation Serif', serif;">OS</span>

</td><td style="width:179.95pt;border-top:none;border-left:none;border-bottom:solid #999999 1pt;border-right:solid #999999 1pt;padding:0cm 0.5pt 0cm 0.5pt;"><span style="font-family:'Liberation Serif', serif;">Debian 12.x</span>

</td></tr><tr><td style="width:155.4pt;border:solid #999999 1pt;border-top:none;padding:2.75pt 2.75pt 2.75pt 2.75pt;"><span style="font-family:'Liberation Serif', serif;">Architecture</span>

</td><td style="width:179.95pt;border-top:none;border-left:none;border-bottom:solid #999999 1pt;border-right:solid #999999 1pt;padding:0cm 0.5pt 0cm 0.5pt;"><span style="font-family:'Liberation Serif', serif;">x86-64</span>

</td></tr><tr><td style="width:155.4pt;border:solid #999999 1pt;border-top:none;padding:2.75pt 2.75pt 2.75pt 2.75pt;"><span style="font-family:'Liberation Serif', serif;">CPU</span>

</td><td style="width:179.95pt;border-top:none;border-left:none;border-bottom:solid #999999 1pt;border-right:solid #999999 1pt;padding:0cm 0.5pt 0cm 0.5pt;"><span style="font-family:'Liberation Serif', serif;">4 cores</span>

</td></tr><tr><td style="width:155.4pt;border:solid #999999 1pt;border-top:none;padding:2.75pt 2.75pt 2.75pt 2.75pt;"><span style="font-family:'Liberation Serif', serif;">RAM</span>

</td><td style="width:179.95pt;border-top:none;border-left:none;border-bottom:solid #999999 1pt;border-right:solid #999999 1pt;padding:0cm 0.5pt 0cm 0.5pt;"><span style="font-family:'Liberation Serif', serif;">8 GB</span>

</td></tr><tr><td style="width:155.4pt;border:solid #999999 1pt;border-top:none;padding:2.75pt 2.75pt 2.75pt 2.75pt;"><span style="font-family:'Liberation Serif', serif;">Partition /</span>

</td><td style="width:179.95pt;border-top:none;border-left:none;border-bottom:solid #999999 1pt;border-right:solid #999999 1pt;padding:0cm 0.5pt 0cm 0.5pt;"><span style="font-family:'Liberation Serif', serif;">20 GB in EXT4</span>

</td></tr><tr><td style="width:155.4pt;border:solid #999999 1pt;border-top:none;padding:2.75pt 2.75pt 2.75pt 2.75pt;"><span style="font-family:'Liberation Serif', serif;">/var partition</span>

</td><td style="width:179.95pt;border-top:none;border-left:none;border-bottom:solid #999999 1pt;border-right:solid #999999 1pt;padding:0cm 0.5pt 0cm 0.5pt;"><span style="font-family:'Liberation Serif', serif;">At least 400 GB in XFS or mount point on a storage array</span>

</td></tr></tbody></table>

</div>##### Debian Server Installation

Summary:

\- <span style="font:7pt 'Times New Roman';"> Separate </span>only /var from / and place them in LVM

\- <span style="font:7pt 'Times New Roman';"> Install </span>the SSH server and standard system utilities

\- <span style="font:7pt 'Times New Roman';"> Do not </span>install antivirus software or a firewall

\- <span style="font:7pt 'Times New Roman';"> Set </span>up an account that

<span style="font-family:'Courier New';">o <span style="font:7pt 'Times New Roman';"> can </span></span>switch to sudo without a password

<span style="font-family:'Courier New';">o <span style="font:7pt 'Times New Roman';"> can </span></span>log in from the IP address **94.130.207.190**

<span style="font-family:'Courier New';">o <span style="font:7pt 'Times New Roman';"> can </span></span>log in with the following key:

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCScgwfwJKM5BtgzAYu6FEeJ5jW3onkzFp8D8piLR22kWbRcT/AJ1z0jhS5ZDtn6mumfidVPFbLkDf382u54pOU6JGwy9GhvEIXOSlzgxZMH5kcfeBE/8Ovr9zLtbRKsWQN9YUSt5y6lmcSxuQNVhkRy49/593oamVJACSitSVJ68716hj0gp4N8gUMVkvNgEBDZVSPe0DXz2h7JEzOKx2ejjRaw22ve+qARTw+60gMP0aCLGt/m0cyv+90AZigQwWIPcUk+bBRJn3Ku+Bkw+JuLYURlVc4xoTvT1JTWKXAzMln4nrlisIc9Ex5eEHSkvs/fgJCgU28Fza5n5mBj/pbQRY+/AWLjvBVuLiVReO7hq60fhrX9+j7MWMCYCZQiHbk/r7OprLyl2yGFX1DbgRGF1Sk2R9DtqRhwPzPxtQ7ZtKSjIhLjrZxJ/YJLHSoUsw+4CHprjzU0gXBt1RCQoyhYqEGcnuFyfd9dIBXCINkmp4jfz7CQjrC8uPqAtS1zQU= support@support

##### Disk Partitioning Configuration

Partition the disks according to the instructions below:

Perform manual partitioning

![RXi6qfZ9PswkCuWM-embedded-image-k3kebzpb.png](https://docs.medulla-tech.io/uploads/images/gallery/2026-01/RXi6qfZ9PswkCuWM-embedded-image-k3kebzpb.png)

![8te0UWcUdspzZBMb-embedded-image-ympc4spb.png](https://docs.medulla-tech.io/uploads/images/gallery/2026-01/8te0UWcUdspzZBMb-embedded-image-ympc4spb.png)

![VmC09oQIVFslMAOG-embedded-image-qvsjgdgq.png](https://docs.medulla-tech.io/uploads/images/gallery/2026-01/VmC09oQIVFslMAOG-embedded-image-qvsjgdgq.png)

Creating the /boot partition

![IwEnXmeZzAnsDTC7-embedded-image-w4xke79q.png](https://docs.medulla-tech.io/uploads/images/gallery/2026-01/IwEnXmeZzAnsDTC7-embedded-image-w4xke79q.png)

![TV5wT18WD9OYAcqi-embedded-image-dwbr5kuq.png](https://docs.medulla-tech.io/uploads/images/gallery/2026-01/TV5wT18WD9OYAcqi-embedded-image-dwbr5kuq.png)

![0qRqYiNJCdllwSJ9-embedded-image-qgdzniyl.png](https://docs.medulla-tech.io/uploads/images/gallery/2026-01/0qRqYiNJCdllwSJ9-embedded-image-qgdzniyl.png)

![KINj9qRDPfRiYZqh-embedded-image-lxe8vm2c.png](https://docs.medulla-tech.io/uploads/images/gallery/2026-01/KINj9qRDPfRiYZqh-embedded-image-lxe8vm2c.png)

![QTGvfLswyCwFcQx5-embedded-image-ogg9lntv.png](https://docs.medulla-tech.io/uploads/images/gallery/2026-01/QTGvfLswyCwFcQx5-embedded-image-ogg9lntv.png)

**![gTD9G2rs5dtUG0r5-embedded-image-kwrl6wtl.png](https://docs.medulla-tech.io/uploads/images/gallery/2026-01/gTD9G2rs5dtUG0r5-embedded-image-kwrl6wtl.png)**

Creating the LVM

![Hdz8G7I7yGDXCNMs-embedded-image-rmqzlrgh.png](https://docs.medulla-tech.io/uploads/images/gallery/2026-01/Hdz8G7I7yGDXCNMs-embedded-image-rmqzlrgh.png)

![yMZHBmMiH2vXFpfy-embedded-image-5sakjhab.png](https://docs.medulla-tech.io/uploads/images/gallery/2026-01/yMZHBmMiH2vXFpfy-embedded-image-5sakjhab.png)

![ZLmjvxT9xxd4XlQB-embedded-image-ah2je5fw.png](https://docs.medulla-tech.io/uploads/images/gallery/2026-01/ZLmjvxT9xxd4XlQB-embedded-image-ah2je5fw.png)

![efACs6NK7Gbp3yNK-embedded-image-iksbohcj.png](https://docs.medulla-tech.io/uploads/images/gallery/2026-01/efACs6NK7Gbp3yNK-embedded-image-iksbohcj.png)

![navXOvvK11MzaJFx-embedded-image-dt6vkkmg.png](https://docs.medulla-tech.io/uploads/images/gallery/2026-01/navXOvvK11MzaJFx-embedded-image-dt6vkkmg.png)

![xujPjspeZkZypAVT-embedded-image-fzhrvved.png](https://docs.medulla-tech.io/uploads/images/gallery/2026-01/xujPjspeZkZypAVT-embedded-image-fzhrvved.png)

![UAzAjpCcJyNLYOmb-embedded-image-sbnedsji.png](https://docs.medulla-tech.io/uploads/images/gallery/2026-01/UAzAjpCcJyNLYOmb-embedded-image-sbnedsji.png)

Creating the vg volume group

![DYQK1prhJbIJVCL2-embedded-image-dpriouo9.png](https://docs.medulla-tech.io/uploads/images/gallery/2026-01/DYQK1prhJbIJVCL2-embedded-image-dpriouo9.png)

![FrJtSW6vic2PpAbj-embedded-image-ratkesnt.png](https://docs.medulla-tech.io/uploads/images/gallery/2026-01/FrJtSW6vic2PpAbj-embedded-image-ratkesnt.png)

![qeCGGIlWZ2t77JeH-embedded-image-guaasj24.png](https://docs.medulla-tech.io/uploads/images/gallery/2026-01/qeCGGIlWZ2t77JeH-embedded-image-guaasj24.png)

Create the logical volume lvroot

![oNaJ3t4UQqkEJ7Ez-embedded-image-hu8ybn2n.png](https://docs.medulla-tech.io/uploads/images/gallery/2026-01/oNaJ3t4UQqkEJ7Ez-embedded-image-hu8ybn2n.png)

![cYmQl6BuhZPZp7fF-embedded-image-wo63hn3s.png](https://docs.medulla-tech.io/uploads/images/gallery/2026-01/cYmQl6BuhZPZp7fF-embedded-image-wo63hn3s.png)

![peBSVAHNJOnmb1II-embedded-image-cchq1b6n.png](https://docs.medulla-tech.io/uploads/images/gallery/2026-01/peBSVAHNJOnmb1II-embedded-image-cchq1b6n.png)

![vROib7ewmIUJYcuA-embedded-image-glmzrnrc.png](https://docs.medulla-tech.io/uploads/images/gallery/2026-01/vROib7ewmIUJYcuA-embedded-image-glmzrnrc.png)

Repeat for the lvswap and lvvar volumes

![DquKSa2Mtlq0gG5R-embedded-image-snhvcaj6.png](https://docs.medulla-tech.io/uploads/images/gallery/2026-01/DquKSa2Mtlq0gG5R-embedded-image-snhvcaj6.png)

![KZcKrmFHAJpUMTLP-embedded-image-ntgqhdgq.png](https://docs.medulla-tech.io/uploads/images/gallery/2026-01/KZcKrmFHAJpUMTLP-embedded-image-ntgqhdgq.png)

![uYVhoMDThRZGqQR6-embedded-image-jkza0twt.png](https://docs.medulla-tech.io/uploads/images/gallery/2026-01/uYVhoMDThRZGqQR6-embedded-image-jkza0twt.png)

![AEJKbB4FLVGOYwZK-embedded-image-93rhaz1w.png](https://docs.medulla-tech.io/uploads/images/gallery/2026-01/AEJKbB4FLVGOYwZK-embedded-image-93rhaz1w.png)

To obtain the following LVM layout:

![wiN6RiAoqlWTTpO7-embedded-image-tjy0unp9.png](https://docs.medulla-tech.io/uploads/images/gallery/2026-01/wiN6RiAoqlWTTpO7-embedded-image-tjy0unp9.png)

![IyN684C1YqNlTixG-embedded-image-tlhdjfw0.png](https://docs.medulla-tech.io/uploads/images/gallery/2026-01/IyN684C1YqNlTixG-embedded-image-tlhdjfw0.png)

Configure the / partition

![5KxhfcV0spUh97la-embedded-image-rjjlj3ry.png](https://docs.medulla-tech.io/uploads/images/gallery/2026-01/5KxhfcV0spUh97la-embedded-image-rjjlj3ry.png)

![z4trMBsNo0krFnQQ-embedded-image-zmal04r3.png](https://docs.medulla-tech.io/uploads/images/gallery/2026-01/z4trMBsNo0krFnQQ-embedded-image-zmal04r3.png)

Repeat for each of the swap and /var partitions:

![X6XNDXKhchm0A1Nx-embedded-image-ubsfnaop.png](https://docs.medulla-tech.io/uploads/images/gallery/2026-01/X6XNDXKhchm0A1Nx-embedded-image-ubsfnaop.png)

![BkApQxifsvygZxQL-embedded-image-3hqodqtd.png](https://docs.medulla-tech.io/uploads/images/gallery/2026-01/BkApQxifsvygZxQL-embedded-image-3hqodqtd.png)

To obtain the following partitioning scheme:

![E0KfH5OcMAkGBumZ-embedded-image-ugnmmpfl.png](https://docs.medulla-tech.io/uploads/images/gallery/2026-01/E0KfH5OcMAkGBumZ-embedded-image-ugnmmpfl.png)

##### Installing packages

![ZdgL7U9FlIpckFMo-embedded-image-4c0bkbzl.png](https://docs.medulla-tech.io/uploads/images/gallery/2026-01/ZdgL7U9FlIpckFMo-embedded-image-4c0bkbzl.png)

<span lang="en-us"> </span>

<span lang="en-us"> </span>

##### <span lang="en-us">Server verification</span>

1\. <span style="font:7pt 'Times New Roman';"> Download </span>the verification script from [https://dl.medulla-tech.io/nc/check\_server\_before\_install.sh](https://dl.medulla-tech.io/nc/check_server_before_install.sh)

```
wget https://dl.medulla-tech.io/nc/check_server_before_install.sh
```

2\. <span style="font:7pt 'Times New Roman';"> Run </span>the following commands:

```
chmod +x check_server_before_install.sh

./check_server_before_install.sh
```

3.<span style="font:7pt 'Times New Roman';"> </span>

All script tests must pass. Once completed, you can request the installation script via the contact form:

[https://github.com/medulla-tech/medulla/blob/master/README.fr.md](https://github.com/medulla-tech/medulla/blob/master/README.fr.md)

If you have a support contract, please send the results to delivery@medulla-tech.io. If not, please contact the "Sales" department via our website[medulla-tech.io](https://docs.medulla-tech.io/medulla-tech.io).

Here are the most common errors:

##### 1. Core Dump Limits

**Context:** The file `/etc/security/limits.d/10-coredump-debian.conf` defines the maximum size of "core dump" files. Our script expects specific values that do not match the current configuration.

**How to fix:** Edit the file mentioned to match the requirements.

1. Open the file: `sudo nano /etc/security/limits.d/10-coredump-debian.conf`
2. Adjust the lines so they look like this:
    
    
    - `* hard core infinity`
    - `root hard core infinity`
    - `* soft core 0`
    - `root soft core 0`

**Suggested sources:** Debian documentation on `limits.conf` and `core dump`.

---

##### 2. Number of open files (lsof)

**Context:** The `lsof` lines for users <span style="text-decoration:underline;">xxx</span> and `messagebus` indicate that the number of currently open files deviates from the value expected by the verification script (often because services are already running or are misconfigured).

**How to fix:** This is often informative, but if you need to reduce these numbers:

- Identify what these users are doing: `ps -u user_id_in_error`.
- Restart the associated services (e.g., `sudo systemctl restart dbus` for messagebus).
- If the expected values are too strict for your use case, you may need to adjust the validation script itself or the global `ulimit` settings.

**Suggested sources:** `lsof` manual and file descriptor management in Linux.

---

##### 3. systemd settings (NPROC and SIGPENDING)

**Context:** The `DefaultLimitNPROC` (maximum number of processes) and `DefaultLimitSIGPENDING` (pending signals) values must be**31541**.

**How to fix:** You must force these values in the global systemd configuration so that they match the expected values exactly.

1. Edit the configuration file: `sudo nano /etc/systemd/system.conf`
2. Uncomment or add the following lines:
    
    
    - `DefaultLimitNPROC=31541`
    - `DefaultLimitSIGPENDING=31541`
3. Reload the configuration and reboot (or use `systemctl daemon-reexec`).

**Suggested sources:** `systemd-system.conf` documentation on freedesktop.org.

# Installing Medulla on Linux

#### Prerequisites: 

The Medulla installation script supports the Debian (Bookworm) distribution.

You must have a machine with:

- **at least 8 GB of available RAM**,
- **at least 40 GB of free disk space for / and 200 GB for /var**.

Verify that your **/etc/hosts** file is properly configured with the full FQDN.

For example, if the machine is named medulla and the domain is named domain.lan, the /etc/hosts file must contain a line like this:

```
127.0.1.1    medulla.domain.lan    medulla
```

Verify that the **/etc/resolv.conf** file  **is** properly configured and that the machine is connected to the internet.

#### Installing the Medulla server:

To install the Medulla server: Use a user with sudo privileges to run the installation script and playbook.

##### 1- Transfer the script to the server. 

##### 2- Set execute permissions on the file: 

```
type: chmod +x install_from_ansible.py
```

##### 3- Start the server installation: 

```
./install_from_ansible.py
```

Wait for the installation process to finish; a summary will display all the necessary passwords (copy them to a safe place).

# Installing the Medulla Agent

The Medulla agent can be downloaded from

http://medulla.domaine.lan/downloads/win/Medulla-Agent-windows-FULL-latest.exe

The Medulla agent can be installed manually or in silent mode:

 "Medulla-Agent-windows-FULL-latest.exe /S"

The installation process will continue after the installation is complete; it will install all dependencies.

It is complete when the computer appears in Medulla in blue (online).

[![computer-up.webp](https://docs.medulla-tech.io/uploads/images/gallery/2025-06/scaled-1680-/computer-up.webp)](https://docs.medulla-tech.io/uploads/images/gallery/2025-06/computer-up.webp)

## Medulla Agent

**By default, we provide a global agent for Medulla (** as explained in this post). **Entity management per workstation is handled via GLPI.**

However, if you wish **to benefit <span class="followup-block followup-block-hidden cursor-pointer outline-none static inline group-hover/message:[--hover-opacity:1]" tabindex="0">from automatic assignment of machines to entities directly via the agent</span>**, it is also possible to **<span class="followup-block followup-block-hidden cursor-pointer outline-none static inline group-hover/message:[--hover-opacity:1]" tabindex="0">generate entity-specific agents</span>**. This option <span class="followup-block followup-block-hidden cursor-pointer outline-none static inline group-hover/message:[--hover-opacity:1]" tabindex="0">is not enabled by default</span>, but <span class="followup-block followup-block-hidden cursor-pointer outline-none static inline group-hover/message:[--hover-opacity:1]" tabindex="0">we can assist you in setting it up</span> if it meets your needs. To view agents by Entity: [Entity Management](https://docs.medulla-tech.io/books/medulla-guide-dutilisation-pas-a-pas/page/gestion-des-entites-dans-medulla)

# Agent Deployment via WinRM SSH

<section class="push_double--top" id="bkmrk-1.-pr%C3%A9paration-des-m"><div class="formatted_content formatted_content--large"><div>**Preparing the Machines**   
</div><div>**Debian Machines (Medulla Main and Medulla Relay)**</div>- Ensure that netcat is installed on the Debian machines:
- ```
    sudo apt update && sudo apt install netcat-openbsd
    ```

<div>**Windows Machine (Client Workstation)**</div>- Make sure PowerShell is configured to run scripts:
- ```
    Set-ExecutionPolicy RemoteSigned -Scope CurrentUser
    ```
- Answer \[A\] "Yes to all"

<div> **Listening Scripts**   
</div><div>**On Debian Machines (Medulla Main and Medulla Relay)**</div><div>Use the listen_ports_debian.sh script to listen on the necessary ports.</div><div>  
**Steps:**</div>1. **Download the**listen\_ports\_debian.sh**script**to the machine.
2. **Make it executable (**and convert to Unix if necessary):

</div>```
chmod +x listen_ports_debian.sh
dos2unix listen_ports_debian.sh
```

<div class="formatted_content formatted_content--large">1. **Run the script**: 
    - For**Medulla Main**:
    - ```
        ./listen_ports_debian.sh --medulla
        ```
    - For**Medulla Relay**:
    - ```
        ./listen_ports_debian.sh --relay
        ```

<div> **On the Windows Machine (Client)**</div><div>Use the listen_ports_windows.ps1 script to listen on the necessary ports.  
  
</div><div>**Steps:**</div>1. **Download the**listen\_ports\_windows.ps1**script**to the machine.
2. **Run the script**:

</div>```
.\listen_ports_windows.ps1
```

<div class="formatted_content formatted_content--large"><div> **Connection Test Scripts**</div><div> **On Debian Machines (Medulla Main, Medulla Relay, and Client Station)**</div><div>  
Use the medulla_connection_check.sh, medulla_relay_connection_check.sh, and windows_connection_check.ps1 scripts to test connections to the machines.  
  
</div><div>**Steps:**</div>1. **Download the scripts**to the three machines (Medulla Main, Relay, and Client Workstation).
2. **Make them executable**:
3. ```
    chmod +x medulla_connection_check.sh
    chmod +x medulla_relay_connection_check.sh
    chmod +x listen_ports_debian.sh
    ```
4. If necessary (error when running the Debian scripts), convert them to Unix:
5. ```
    dos2unix medulla_connection_check.sh
    dos2unix medulla_relay_connection_check.sh
    dos2unix listen_ports_debian.sh
    ```
6. **Run the script**: 
    - To test connections from**Medulla Main**to the Medulla Relay:
    - ```
        ./medulla_connection_check.sh --relay <Medulla_Relay_IP>
        ```
    - To test connections from**Medulla Main**to a Client Workstation:
    - ```
        ./medulla_connection_check.sh --client <Client_Workstation_IP>
        ```
    - To test connections from**Medulla Relay**to Medulla Main:
    - ```
        ./medulla_relay_connection_check.sh --medulla <Medulla_Main_IP>
        ```
    - To test connections from**Medulla Relay**to a Client Workstation:
    - ```
        ./medulla_relay_connection_check.sh --client <Client_Workstation_IP>
        ```
    - To test connections from**a Client Station to**Medulla Main and Medulla Relay:
    - ```
        .\windows_connection_check.ps1 -Target <Medulla_Main_IP> -Mode pulse
        .\windows_connection_check.ps1 -Target <Medulla_Relay_IP> -Mode relay
        ```

<div> **Complete Procedure**</div><div> **Port Listening**</div></div> **On Medulla Main (Debian)**:

```
./listen_port_debian.sh --medulla
```

 **On Medulla Relay (Debian)**:

```
./listen_port_debian.sh --relay
```

 **On Client Workstation (Windows)**:

```
.\listen_ports_windows.ps1
```

<div class="formatted_content formatted_content--large"><div> **Connection Test From Medulla Main (Debian)**:</div></div>```
./medulla_connection_check.sh --relay <Medulla_Relay_IP>
./medulla_connection_check.sh --client <Client_Workstation_IP>
```

<div class="formatted_content formatted_content--large"><div>  
**From Medulla Relay (Debian)**:</div></div>```
./medulla_relay_connection_check.sh --medulla <Medulla_Main_IP>
./medulla_relay_connection_check.sh --client <Client_Workstation_IP>
```

<div class="formatted_content formatted_content--large"><div>  
**From the Client Workstation (Windows):**</div></div>```
.\windows_connection_check.ps1 -Target <Medulla_Main_IP> -Mode pulse
.\windows_connection_check.ps1 -Target <Medulla_Relay_IP> -Mode relay
```

<div class="formatted_content formatted_content--large"><div> **Troubleshooting**</div><div> **Connection Issues**</div>- **Check IP addresses**: Make sure the IP addresses used are correct.
- **Check firewalls**: Make sure that the firewalls on the machines allow connections on the necessary ports.
- **Check services**: Make sure the necessary services are running.

<div>**Listening Issues**</div>- **Check listening ports**: Use `netstat -ano` on Windows or `ss -tulnp` on Debian to verify that the ports are listening.
- **Check for errors**: Review the error messages in the scripts to identify any issues.

</div></section><div class="push--top" id="bkmrk-"><div class="boosts boosts--small metadata push--bottom boosts--empty"><div class="boost-form__link-container">  
</div></div></div>

# Medulla interface

To access the Medulla console, open a web browser and enter the following address:

[http://medulla.domaine.lan/mmc](http://medulla.domaine.lan/mmc)

or

[http://ip-serveur/mmc/](http://ip-serveur/mmc/)

To learn about Medulla and how to get started with the solution:

#### <sup>[Medulla Documentation](https://docs.medulla-tech.io/books/medulla-guide-dutilisation-pas-a-pas "Documentation Medulla")</sup>

# DHCP / PXE Configuration

#### Enable UEFI boot with PXE

##### <span style="text-decoration:underline;">DHCP server:</span>

The DHCP server requires a special option to enable PXE boot,

The DHCP options are:

- Option 66
- Option 67

#### Windows DHCP server configuration

First of all, the DHCP server needs to determine which type of computer is requesting the PXE server and the correct boot file.

To sort computers, vendor classes must be defined.

##### <span style="text-decoration:underline;">Vendor Classes</span>

Vendor Classes as a Detection Method are used to determine how devices request a boot image from the DHCP server.

- Open the DHCP Console and expand the IPv4 Node
- Right-click on ‘IPv4 Node’ and select ‘Define Vendor Classes’
- Click ‘Add’
- First, create the UEFI 64-Bit Vendor class by entering the following information
- Enter the following information in the respective fields:
    
    
    - **DisplayName:**PXEClient (UEFI x64)
    - **Description:**PXEClient:Arch:00007
    - **ASCII:**PXEClient:Arch:00007
- Click ‘OK’
- Click ‘Add’
    
    
    - **DisplayName:**PXEClient (BIOS x86 &amp; x64)
    - **Description:**PXEClient:Arch:00000
    - **ASCII:**PXEClient:Arch:00000
- Click ‘OK’

#### Creating Custom DHCP Policies

##### <span style="text-decoration:underline;">32-Bit &amp; 64-Bit BIOS DHCP Policy</span>

- Right-click ‘Policies’ and click ‘New Policy’
- Give the policy a descriptive name that matches your vendor’s class naming scheme:
    
    
    - **PolicyName**: PXEClient (BIOS x86 &amp; x64)
    - **Description**: Delivers the correct boot file for BIOS machines
- Click ‘Next’
- On the ‘Configure Conditions for the policy’ page, click ‘Add’
- Select the ‘Value’ drop-down box and select the**PXEClient (BIOS x86 &amp; x64)**vendor class that you created in the previous steps
- Make sure to check the**‘Append wildcard(\*)’** box
- Select ‘Add’
- Select ‘OK’
- Click “Next”
- If you want the policy to apply only to a specific range within your scope, configure it; otherwise, select “No” and click “Next”
- On the Configure settings for the policy page, ensure that ‘DHCP Standard Options’ is selected from the drop-down box
- Configure the following scope options:
    
    
    - <span style="color:#c9211e;">**066**:*IP Address of Medulla*</span>
    - <span style="color:#c9211e;">***067**: bootloader/undionly*.kpxe</span>
- Click ‘Next’
- **On the Summary page, click “Finish”**

#####  

##### <span style="text-decoration:underline;">UEFI DHCP Policy</span>

- Right-click ‘Policies’ and click ‘New Policy’
- Give the policy a descriptive name that matches your vendor’s class naming scheme:
    
    
    - **PolicyName**: PXEClient (UEFI)
    - **Description**: Delivers the correct boot file for (UEFI)
- Click ‘Next’
- On the ‘Configure Conditions for the policy’ page, click ‘Add’
- Select the ‘Value’ drop-down box and select the**PXEClient (UEFI)**vendor class that you created in the previous steps
- Make sure to check the**‘Append wildcard(\*)’** box
- Select ‘Add’
- Select ‘OK’
- Click “Next”
- If you want the policy to apply only to a specific range within your scope, configure it; otherwise, select “No” and click “Next”
- On the Configure settings for the policy page, ensure that ‘DHCP Standard Options’ is selected from the drop-down box
- Configure the following scope options:
    
    
    - <span style="color:#c9211e;">**066**:*IP Address of Medulla*</span>
    - <span style="color:#c9211e;">***067**: bootloader-uefi64/ipxe*.efi</span>
    - Click ‘Next’
- On the**Summary**page, click “Finish”

##### <span style="text-decoration:underline;">Remove Default PXE Options</span>

Ensure that you have removed the 067, 066, and 060 options from the default scope options to ensure that the policies take precedence; otherwise, you will end up with a conflict. As long as you have configured everything correctly, you should now be able to boot machines from BIOS or UEFI.

##### <span style="text-decoration:underline;">Linux DHCP Server</span>

```bash
# PXE definitions
option space PXE;
option PXE.mtftp-ip code 1 = ip-address;
option PXE.mtftp-cport code 2 = unsigned integer 16;
option PXE.mtftp-sport code 3 = unsigned integer 16;
option PXE.mtftp-tmout code 4 = unsigned integer 8;
option PXE.mtftp-delay code 5 = unsigned integer 8;
option PXE.discovery-control code 6 = unsigned integer 8;
option PXE.discovery-mcast-addr code 7 = ip-address;
option arch code 93 = unsigned integer 16;
# In the initial DHCP DISCOVER packet, the PXE client sets option 93 to its architecture.
# 0000 == IA x86 PC (BIOS boot)
# 0006 == x86 EFI boot
# 0007 == x64 EFI boot

# PXE boot following the PXE specifications
class "PXE" {
match if substring(option vendor-class-identifier, 0, 9) = "PXEClient";
vendor-option-space PXE;
option PXE.mtftp-ip 0.0.0.0;
if option arch = 00:07 {
filename "bootloader-uefi64/ipxe.efi";
} else {
filename "/bootloader/undionly.kpxe";
}
}

# Etherboot boot
class "Etherboot" {
match if substring (option vendor-class-identifier, 0, 11) = "Etherboot-5";
option vendor-encapsulated-options 3c:09:45:74:68:65:72:62:6f:6f:74:ff;
option vendor-class-identifier "Etherboot-5.0";
vendor-option-space PXE;
option PXE.mtftp-ip 0.0.0.0;
}

subnet ##MEDULLA_NETWORK## netmask ##MEDULLA_NETMASK## {
option broadcast-address ##MEDULLA_BCAST##; # broadcast address
option domain-name ##MEDULLA_DOMAIN##; # domain name
option domain-name-servers ##MEDULLA_DNS##; # DNS servers
option routers ##MEDULLA_GW##; # default gateway

pool { # Only defined pool

# uncomment the following two lines for PXE-only boot
#allow members of "PXE"; # PXE-only
#allow members of "Etherboot"; # PXE-only
range ##MEDULLA_START## ##MEDULLA_END##;
next-server ##MEDULLA_IP##;
}
}
```