Software & Installation Requirements
Ensure your system meets these prerequisites for a seamless Nomadesk installation and optimal performance.
Nomadesk License
You will need a license key to get your appliance working.
More information on the license key options is available on the Nomadesk Private Cloud Software Appliance Pricing page.
Initially you start with a Base (10 end-users included) or Extended (50 end-users) version of our appliance. You can extend the number of supported end-users by simply adding user packs.
Optionally the appliances can be rebranded, which is usefull for partners wishing to deploy the appliance in a multi-tenant setup, supporting hundreds to thousands of different customers.
Contact sales to obtain a quote for your appliance, indicate the number of users, a trial period is possible.
You may also purchase professional services support packs for consultancy and assistance prior and during the installation and exploitation of your appliance.
DNS
For the successful installation and optimal functioning of the Nomadesk Private Cloud Appliance, it is crucial to have the Domain Name System (DNS) correctly configured.
The DNS plays a pivotal role in network communication and hence, its proper setup is a prerequisite.
The DNS configuration should be such that it correctly resolves to the IP address of the Nomadesk Private Cloud Appliance being set up.
This means that when a network request is made to the domain associated with the Nomadesk Private Cloud Appliance, the DNS should correctly translate this domain name to the corresponding IP address of the appliance.
In addition, although not a requirement it is advised having the reverse lookup zones configured.
The forward lookup zone is responsible for the translation of domain names to IP addresses, while the reverse lookup zone does the opposite, translating IP addresses to domain names.
The Nomadesk Private Cloud Software Appliance will not install if it cannot detect valid DNS configuration.
SMTP
The Nomadesk Private Cloud Appliance has the capability to send emails as part of its functionality.
To enable this, it requires access to a Simple Mail Transfer Protocol (SMTP) server.
The SMTP server is responsible for the delivery of email messages from the Nomadesk Private Cloud Appliance to the intended recipients.
For the appliance to send emails, you must provide the necessary details of a valid SMTP server.
This includes the server address, port number, and authentication credentials (username and password).
Please ensure that the provided SMTP server allows relay requests from the appliance.
In addition to the SMTP server details, the Nomadesk Private Cloud Appliance will also request a sender email address.
This is typically a "no-reply" email address that will appear in the "From" field of the emails sent by the appliance.
Please ensure that you have a valid "no-reply" email address for this purpose.
It’s important to note that the SMTP server must be configured to allow sending emails for the domain associated with the provided "no-reply" email address.
This is to prevent any issues related to email spoofing and to ensure that the emails sent by the appliance are not marked as spam.
Furthermore, the DNS settings for the domain associated with the "no-reply" email address should be correctly configured.
This includes the Mail Exchanger (MX) records and the Sender Policy Framework (SPF) records.
The MX records are used to specify the mail servers responsible for accepting emails on behalf of your domain.
The SPF records are used to identify which mail servers are authorized to send email for your domain.
These DNS records play a crucial role in the delivery and receipt of emails, and incorrect configuration can lead to delivery failures or emails being marked as spam.
Therefore, it’s essential to ensure that these records are correctly set up for your domain.
For testing purposes, you can use an SMTP server associated with a personal email account, such as a Google email account. However, please note that using a personal email account for this purpose should only be for testing or development environments. For production environments, it is recommended to use a dedicated SMTP server to ensure reliability, security, and compliance with email sending policies.
Use tools such as mxtoolbox to verify your DNS configuration
Certificate
For the secure operation of the Nomadesk Private Cloud Appliance, a valid Secure Sockets Layer (SSL) certificate is required.
SSL certificates are used to establish an encrypted connection between the appliance and the clients connecting to it.
This ensures that all data transmitted between the appliance and the clients remains private and integral.
The SSL certificate can be obtained from various Certificate Authorities (CAs).
One such CA is Let’s Encrypt, which provides free SSL certificates.
These certificates are trusted by most modern browsers and can be a cost-effective solution for securing your appliance.
Please note that self-signed certificates are not supported.
While self-signed certificates can provide encryption, they lack the trust factor that certificates from established CAs provide.
Browsers and clients may not trust self-signed certificates, leading to warning messages or connection failures.
When providing the SSL certificate, ensure that you have both the certificate file (commonly with a .crt or .pem extension) and the corresponding private key file.
Nomadesk also expects the full chain to be provided, if not the installation can not proceed.
The private key must be kept secure and should not be shared or exposed.
Lastly, remember to renew your SSL certificate before it expires.
Expired certificates can lead to connection warnings or failures.
Let’s Encrypt certificates, for example, have a validity period of 90 days and need to be renewed regularly.
Find our documentation on how to create a Let's Encrypt certificate using certbot with docker here.
Firewall Rules
The commands to configure firewalld can be found in our documentation here
Incoming Traffic Firewall Rules
To ensure the successful operation of the Nomadesk Private Cloud Appliance, specific firewall rules need to be configured.
These rules are necessary to allow the appliance to communicate with external services and for clients to access the appliance.
For both incoming and outgoing traffic:
-
Port 443 is required for
HTTPStraffic.
This port is used for secure web communication using theSSL/TLSprotocol.
All web-based interfaces of the Nomadesk Private Cloud Appliance will be accessible via this port. -
Port 8181 (
HTTPS) is required to access the Nomadesk installer.
This port should be open during the installation process.
It is not required to have this reachable from the outside. -
Port 80 (
HTTP): This port should be open during the installation process.
It is not required to have this reachable from the outside.
If configured, any HTTP traffic coming to this port will be redirected to port 443 for secure communication. -
Port 9090 is currently used for Cockpit access.
Cockpit is a web-based interface for system administration.
For outgoing traffic only
The Nomadesk Private Cloud Appliance requires communication with multiple external services to function optimally. To ensure seamless operation, please configure your firewall to permit outgoing connections to the following URLs:
- License Server Communication: The appliance interacts with https://secure.nomadesk.com for the purpose of license validation and receiving updates.
- Nomadesk Registry: The appliance utilizes https://registry.nomadesk.com as a registry.
- Nomadesk Package Repository: The appliance retrieves software packages from https://repo.nomadesk.com.
- FAQ: The appliance currently refers to https://help.nomadesk.com for FAQ information. Please be aware that this will be transitioned to myNomadesk in the future.
By ensuring these connections, you can optimize the performance and functionality of your Nomadesk Private Cloud Appliance.
Optional Features
The Nomadesk Private Cloud Appliance also supports several optional features that enhance its functionality.
If you wish to enable these features, please ensure your firewall allows outgoing connections to the following URLs:
- MaxMind (Google Maps Integration): The appliance integrates with
geoip.maxmind.comto provide geolocation services. - Zoho Integration: The appliance can connect with various Zoho services for enhanced productivity:
- sheet.zoho.eu for spreadsheet functionality.
- show.zoho.eu for presentation capabilities.
- writer.zoho.eu for word processing services.
- Office Online Integration: The appliance integrates with
onenote.officeapps.live.comfor access to OneNote services.
By enabling these optional features, you can further extend the capabilities of your Nomadesk Private Cloud Appliance.