Skip to main content

Quickstart with Manual Installation

Follow these instructions to manually install the enforza Agent on an existing or new linux instance in your environment. This will install all of the pre-requesites and dependencies, then register the gateway with the enforza Controller and turn the linux instance into a firewall/gateway.

This method is for users that have SSH access to their linux instance and may have services already running on it, or want more control about timing and level of automation of deploying the enforza Gateways.

note

Currently (Q4/2024), supported linux distributions are:

  • Ubuntu Server 22.04LTS and above
  • Debian 11 and above

This quickstart guide assumes that you:

  • have your VPC, subnets and route-tables in place
  • want to deploy an enforza Gateway in your public subnet
  • are comfortable with configuring your route-tables in order to forward traffic to the enforza gateway
  • know what you are doing

Step 1: Login to your instance

Login to your Linux instance via SSH.

  • Using SSH certificate (AWS default)
ssh -i ./my-key.pem ubuntu@myserver.example.com
  • Using SSH username & password (Azure)
ssh ubuntu@myserver.example.com

Step 2: Run the bootstrap script

Run the Enforza agent install script:

curl -s -L https://efz.io/install | sudo bash

The output should be (something) like this:

ubuntu@ip-10-8-1-17:~$ curl -s -L https://efz.io/install | sudo bash

Starting enforza-agent installation...
Bootstrap Version: 24.04 LTS (Noble Numbat)

Scanning processes...                                                                                                                                                                                                                                
Scanning candidates...                                                                                                                                                                                                                               
Scanning linux images...                                                                                                                                                                                                                             
Creating /opt/enforza directory structure...
Creating efzadmin user...
useradd: warning: the home directory /opt/enforza already exists.
useradd: Not copying any file from skel directory into it.
Sudoers configuration is valid.
efzadmin added to adm group for log file access.
Downloading AWS IoT Root CA certificate from AWS...
Downloading enforza Provisioning bootstrap...
Downloading files for x86 architecture...
Downloading efz-generateInfo script...
Downloading efz-provision-core script...
Downloading efz-provision-telemetry script...
Downloading efzw-connect daemon...
Downloading efz-telemetry daemon...
Downloading efz claim certificate...
Downloading efz claim private key...
Downloading logrotate.d configs
Downloading efz-agent-remove script
Enabling IPv4 forwarding...
IPv4 forwarding setting is already configured to persist across reboots.
IPv4 forwarding configuration completed.
Running efz-generateInfo...
Running efz-provision-core...
Running efz-provision-telemetry...
Starting daemons...
Created symlink /etc/systemd/system/multi-user.target.wants/efz-connect.service → /etc/systemd/system/efz-connect.service.
Created symlink /etc/systemd/system/multi-user.target.wants/efz-telemetry.service → /etc/systemd/system/efz-telemetry.service.

Take note of the following - you will need this to claim & activate your device...

    "efzClaimKey0": "dac3fec6-29b9-4e50-b17a-83c923711872"

Done...
ubuntu@ip-10-8-1-17:~$

Step 3: Get your claim key

Then copy the claim key once the install script has finished.

"efzClaimKey0": "dac3fec6-29b9-4e50-b17a-83c923711872"
tip

You will need this code to claim your gateway in the portal and associate with your account

Check out the Tutorials on how to do this.