Domino on Linux/Unix, Troubleshooting, Best Practices, Tips and more ...

 
alt

Daniel Nashed

 

Daniel Nashed's Blog

Nomad Server 12.0.2 on Linux just works

Daniel Nashed  20 July 2022 16:42:39

The Nomad Server is a small component, you install on your Domino server.
And it is bundled with the Nomad Web files. So it is a all-in one server add-on solution.

The installation sounds more complicated then it is.
It's really simple to install. And I am thinking about making it an install option for the Domino community container image.

Here is the official documentation: https://help.hcltechsw.com/nomad/beta/nomadweb/index.html

But let me summarize the main points:

  • Just expand the tar into your Domino server binary directory
  • You need to have a proper cert! A self-signed will not work
  • But the Nomad Server team added support to CertStore TLS Credentials
    When you specify a lookup hostname like NOMAD_WEB_HOST=myhost.mydomain.com, the Nomad Server will find the TLS Credentials document
  • After that, you can just "load nomad" to get the server started
  • By default, it will listen on port 9443
  • There is a yml file where you could specify a different port and a couple of other settings


You can use Let's Encrypt certificates or the manual flow to create a CSR and get a certificate.
If you are behind a reverse proxy, you could also use a MicroCA cert.

Your certificate must be trusted in your browser.

Exporting the root certificate of your Domino MicroCA would be a valid approach for a local test server.
But usually, you should get a proper cert.

The lookup of the cert is based on the hostname. A wildcard certificate would work. You just need to specify the wildcard name.

Current limitation: The hostname can only exist once. So if you have the same name for two certificates, the lookup will fail in the first beta build.

Once the server is running, you can access it via:

https://myhost.mydomain.com:9443.

One requirement is ID Vault. But that's not new to the Nomad Server.

Of course, you could have a NGINX in front of it using SNI on port 443 for the same IP address.
I posted a sample configuration recently for the SafeLinx community container. You will need some specific config for web sockets.

Example reference: https://github.com/HCL-TECH-SOFTWARE/domino-container/blob/main/examples/safelinx/nginx.conf

But this is an extra option, which you will not need. It works well also with the separate port.

-- Daniel
Comments

1Scott Vrusho  20.07.2022 17:52:17  Nomad Server 12.0.2 on Linux just works

Thanks for testing so quickly and writing a blog post!

2Mirco  21.07.2022 15:39:07  Nomad Server 12.0.2 on Linux just works

hi Daniel,

can you publish one nomad-config.yml file sample?

thank you.

3@Daniel Nashed  21.07.2022 16:42:16  Nomad Server 12.0.2 on Linux just works

@Mirco, you usually don't need a YML file unless you want to change the config.

The host name is a notes.ini parameter.

But there is a sample file published in the HCL EAP forum.

That's also the right place to ask questions.

It's brand new and your questions are best answered there.

And HCL is also looking for feedback!

-- Daniel

4Mirco  21.07.2022 17:20:07  Nomad Server 12.0.2 on Linux just works

@Daniel, I was trying to change nomad port from 9443 to 8443.

In the last attempt I've found the correct syntax of nomad-config.yml.

thank you.

5Darren Duke  22.07.2022 16:37:06  Nomad Server 12.0.2 on Linux just works

The removal of the SafeLinx (nee IMC, nee LMC) requirement is a marked improvement and should significantly improved customer uptake on this.

HCL really do keep knocking the ball out of the park.

6Andrei Olarescu  25.07.2022 12:30:50  Nomad Server 12.0.2 on Linux just works

Hi Daniel,

Thank you for bringing this up in your blog, we have been testing this and it works OK most of the times, except it gives error "You have a different password on another copy of your ID and you must change the password on this copy to match". We had this issue before when the same user had different versions of Notes on multiple devices and we solved that by deleting digest in user profile and then bringing all Notes on devices to version Notes 12. But now, what might be the solution, since the test user has Notes 12.0.1 Fp1 and also tried Nomad 12.0.2. Is this a common issue you as well encountered, or should we report it to support?

Thank you

7Daniel Nashed  28.07.2022 5:01:53  Nomad Server 12.0.2 on Linux just works

Hi Andrei,

I never ran into this issue and unless someone else has an idea hear, you should open a support case.

-- Daniel

8László Takács  17.08.2022 11:37:09  Nomad Server 12.0.2 on Linux just works

Hy!

Is there a way to start nomad within a domino docker?

I have a working Nomad in this docker image, but I want to autostart it when the domino docker starts.

Maybe a setting in the notes.ini?

9Daniel Nashed  20.08.2022 4:36:10  Nomad Server 12.0.2 on Linux just works

@László,

you just need to add "nomad" to the servertask notes.ini or create a startup program document

10László Takács  22.08.2022 8:41:16  Nomad Server 12.0.2 on Linux just works

Thanks, Daniel.

I will try it.

Recent Entries

Feeds

Links

    Archives

    • [HCL Domino]
    • [Domino on Linux]
    • [Nash!Com]
    • [Daniel Nashed]