# Procedure for adding relays to Medulla Dedicated SaaS

#### 1. Setting up the server

---

Required settings:

- OS: Debian 12.x
- Architecture: x86-64
- CPU: 4 vCPUs
- RAM: 8 GB
- Storage
- /: 20 GB – EXT4
- /var: ≥ 400 GB – XFS (Or a dedicated mount point on an external array/volume)

#### 2. Creating a user

---

Create the user "medulla" and grant them sudo privileges.

#### 3. Installing the SSH key

---

The SSH public key provided as an attachment must be added to:

```
/home/medulla/.ssh/authorized_keys

```

#### 4. Opening network ports

---

Traffic must be allowed in both directions between:

- Medulla Server
- Relay (your server)

##### 4.1. Medulla Server → Relay Traffic

**Port | Description**

- 5269 | TCP / XMXPP
- 22 | TCP / SSH
- 22000 | TCP / Syncthing
- 8081 | TCP / HTTP(S)
- 9990 | TCP / XML RPC HTTPS

##### 4.2. Relay Stream → Medulla Server

**Port | Description**

- 5269 | TCP / XMXPP
- 22 | TCP / SSH
- 22000 | TCP / Syncthing
- 8443 | TCP / HTTPS
- 22067 | TCP / BEP-Relay/TLS
- 9999 | TCP / XML RPC/HTTPS
- 7080 | TCP / XML RPC/HTTPS

#### 5. Information to Provide

---

<span style="color:rgb(224,62,45);">**The team must provide us with:**</span>

- <span style="color:rgb(224,62,45);">Create the entity you wish to dedicate to the relay in ITSM (only if you want an entity different from the parent entity).</span>
- <span style="color:rgb(224,62,45);">Confirmation that the above network ports have been opened.</span>
- <span style="color:rgb(224,62,45);">Confirmation that the SSH key has been added to the relay server.</span>
- <span style="color:rgb(224,62,45);">The password for the "medulla" user with passwordless sudo privileges.</span>
- <span style="color:rgb(224,62,45);">The FQDN of your relay server</span>

#### 6. Continuation of the installation

---

Once the machine is ready, we will perform the full software installation via Ansible.

A Medulla agent will be automatically generated to connect the workstations to this relay.