Existing Virtual Machine

Manually install the Nomadesk Installer on an existing machine

Installing the Nomadesk Installer

If for some reason the Nomadesk Private Cloud Appliance import or kickstart is not available or allowed it’s possible to manually install the installer.

warning

Nomadesk is shipped and tested with AlmaLinux 9 but should support any RHEL 9.x operating system,

Use any other RHEL based distribution at your own risk.

info

When deploying a production environment using this method it is recommended to first contact Nomadesk support.

Adding the RPM repository

Add the following nomadesk.repo file in /etc/yum.repos.d/:

sudo tee /etc/yum.repos.d/nomadesk.repo << EOF
[Nomadesk]
name=Nomadesk
enabled=1
baseurl=https://repo.nomadesk.com/repository/docker/production
gpgcheck=1
gpgkey=https://repo.nomadesk.com/repository/RPM-GPG-KEY
EOF

Adding `EPEL`

Extra Packages for Enterprise Linux (EPEL) is required to install Nomadesk.
There are two ways to install the repository, from the official source, or a mirror on repo.nomadesk.com.

It's recommended to use the Nomadesk mirror if you have limited outgoing connectivity (firewall rules).

To install from the original source:

sudo dnf install epel-release

To use the Nomadesk mirror hosted on repo.nomadesk.com:

sudo tee /etc/yum.repos.d/nomadesk-epel.repo << EOF
[Nomadesk-Epel]
name=Nomadesk Epel
enabled=1
baseurl=https://repo.nomadesk.com/mirror/almalinux/9/epel
gpgcheck=0
EOF

Using the Nomadesk AlmaLinux Mirrors

This step is optional and only needed if your organization has firewall rules in place to limit the outgoing traffic.
Nomadesk hosts mirrors for AlmaLinux that can be used in the appliance for such a cases.

The mirrors are as follows:

BaseOS: https://repo.nomadesk.com/mirror/almalinux/9/baseos
AppStream: https://repo.nomadesk.com/mirror/almalinux/9/appstream
Epel: https://repo.nomadesk.com/mirror/almalinux/9/epel

To update them, use the following sed commands or open the files in /etc/yum.repos.d manually and update the repositories in question.

sudo sed -i 's/.*baseurl=.*BaseOS\/$basearch\/os\//baseurl=https:\/\/repo.nomadesk.com\/mirror\/almalinux\/9\/BaseOS\//g' /etc/yum.repos.d/almalinux-baseos.repo
sudo sed -i '/mirrorlist=.*baseos$/s/^/#/' /etc/yum.repos.d/almalinux-baseos.repo

sudo sed -i 's/.*baseurl=.*AppStream\/$basearch\/os\//baseurl=https:\/\/repo.nomadesk.com\/mirror\/almalinux\/9\/AppStream\//g' /etc/yum.repos.d/almalinux-appstream.repo
sudo sed -i '/mirrorlist=.*appstream$/s/^/#/' /etc/yum.repos.d/almalinux-appstream.repo

sudo sed -i 's/.*baseurl=.*extras\/$basearch\/os\//baseurl=https:\/\/repo.nomadesk.com\/mirror\/almalinux\/9\/extras\//g' /etc/yum.repos.d/almalinux-extras.repo
sudo sed -i '/mirrorlist=.*extras$/s/^/#/' /etc/yum.repos.d/almalinux-extras.repo

If epel-release was installed and want to switch it over to the Nomadesk mirror:

sudo sed -i 's/.*baseurl=.*Everything\/$basearch\//baseurl=https:\/\/repo.nomadesk.com\/mirror\/almalinux\/9\/epel\//g' /etc/yum.repos.d/epel.repo
sudo sed -i '/metalink=.*epel-$releasever.*/s/^/#/' /etc/yum.repos.d/epel.repo

Firewall

Make sure the following ports are open after installing the nomadesk-installer RPM.

Allow access to the installer:

sudo firewall-cmd --permanent --zone=public --add-port=8181/tcp

Allow web traffic:

firewall-cmd --permanent --zone=public --add-service http --add-service https --add-service cockpit

Allow internal traffic to work:

firewall-cmd --permanent --zone=trusted --add-source=10.42.0.0/16
firewall-cmd --permanent --zone=trusted --add-source=10.43.0.0/16
firewall-cmd --permanent --zone=trusted --add-port=6443/tcp

Optionally, if access to the internal kubernetes API is needed:

sudo firewall-cmd --permanent --zone=public --add-port=6443/tcp

Apply the configuration:

sudo firewall-cmd --reload

Installing The Nomadesk Installer

Now install the installer:

sudo dnf install --refresh nomadesk-installer

Once finished the installer will be available on https://<hostname>:8181, follow the instructions in the installation step.

SELinux Support

Nomadesk is fully compatible with Security-Enhanced Linux (SELinux), ensuring robust security policies and access controls.
By supporting SELinux, Nomadesk provides an additional layer of security, helping to protect your data and system integrity.

NetworkManager Cloud Setup

Nomadesk cannot work together with NetworkManager Cloud Setup.
The setup will ask you if it may disable this service when it encounters it running.

The NetworkManager Cloud Setup (nm-cloud-setup) is a tool designed to automatically configure network settings for virtual machines running in public cloud environments.

Here’s a brief overview of what it does:

Automatic Configuration: It aims to be configuration-less and works automatically by fetching network configurations from the cloud provider’s meta-data server
Supported Cloud Providers: It supports multiple cloud providers, and you can opt-in to the desired providers
Systemd Integration: Typically, you enable the nm-cloud-setup.service systemd service, which runs periodically to update the network configuration
Initial Setup: The tool requires an initial network configuration to reach the meta-data server, often achieved using DHCP

When in doubt contact your provider to know if it is safe to disable this service.

Additional Information

The Nomadesk installer runs as root to deploy Nomadesk.

By default, the installer will use local storage and will store its data in /mnt/data, the default location where the data disk is mounted in our other distribution methods.

Installing the Nomadesk Installer​

Adding the RPM repository​

Adding EPEL​

Using the Nomadesk AlmaLinux Mirrors​

Firewall​

Installing The Nomadesk Installer​

SELinux Support​

NetworkManager Cloud Setup​

Additional Information​