Installation and Update of Oplon Secure Access

If you are installing Secure Access for the first time, check the minimum requirements.

Before any update, make sure you have a complete system backup.

Online Installation/Update (Recommended)

This method automatically downloads and installs the latest available version. It is the simplest and fastest method for systems with Internet access.

The procedure is identical for both installation and update.

Procedure

Log in as root or use sudo for all following commands.
Create the /share directory (if it doesn’t exist) and assign correct permissions:
```
mkdir -p /share && chmod 777 /share
```
Move to the /share directory:
```
cd /share
```

Download the installation script:


wget -N "https://www.oplon.net/OPLON_INSTALL_LASTUPDATE.sh"

Run the script and follow the on-screen instructions:
```
bash OPLON_INSTALL_LASTUPDATE.sh
```

Offline Installation/Update or Specific Version

Use this method if:

The system doesn’t have Internet access
You need to install a specific version (not the latest)
You need to comply with corporate software distribution policies

Phase 1: Download necessary files

Perform these steps from a machine with Internet access:

Access the download page and download the .zip package of the desired version.

For first installation only: Also download the instscratch bootstrap files:


# Replace VERSION with the downloaded version (e.g., OPLON_011_003_000)
VERSION="OPLON_011_003_000"
 
wget -N "https://download.oplon.net/private_members/${VERSION}/distributions/instscratch.sh"
wget -N "https://download.oplon.net/private_members/${VERSION}/distributions/instscratchDocker.sh"

The instscratch files are required only for the first installation on a new system. For updates of existing systems, you can skip this step.

Transfer all downloaded files to the destination server (use scp, USB, or other available method).

Phase 2: Installation on the server

Log in as root or use sudo for all following commands.
Create the /share directory (if it doesn’t exist) and assign correct permissions:
```
mkdir -p /share && chmod 777 /share
```
Transfer all downloaded files to the /share directory.
Move to the /share directory:
```
cd /share
```

Extract the package (replace ${VERSION} with the downloaded version):


# Example: unzip OPLON_011_003_000_OPLON_NETWORKS_SUITE.zip
unzip ${VERSION}_OPLON_NETWORKS_SUITE.zip

For first installation only: Run the bootstrap files:
```
bash instscratch.sh && bash instscratchDocker.sh
```
This step initializes the Docker environment and necessary dependencies. It is required only for new installations.
Run the installation/update script and follow the on-screen instructions:
```
bash OPLON_INSTALL_UPDATE.sh
```

Advanced container configuration

There are cases where you want to customize the configuration of Docker containers used by Oplon Secure Access. For example, to modify allocated resources, networks used, or recording paths.

Download OPLON_INSTALL_CONTAINERS.sh


# Replace VERSION with the downloaded version (e.g., OPLON_011_003_000)
VERSION="OPLON_011_003_000"
 
wget -N "https://download.oplon.net/private_members/${VERSION}/distributions/OPLON_INSTALL_CONTAINERS.sh"

Available parameters

The OPLON_INSTALL_CONTAINERS.sh script accepts the following optional parameters:

Parameter	Description	Default value
`-n`	Changes the Docker bridge network used by containers	`192.168.252.0/24` or `172.18.0.0/16`
`-bi`	Sets the listening IP address for Browser Isolation	`127.0.0.1`
`-bim`	Sets the memory limit (in MB) for Browser Isolation. Use `0` for no limit	Percentage calculation on residual RAM
`-rdlogpath`	Changes the host path for RDP recordings	`/opl-recording`
`-sshlogpath`	Changes the host path for SSH recordings	`/opl-recording-ssh`

Usage examples

Change Docker network


bash OPLON_INSTALL_CONTAINERS.sh --changenet 172.18.0.0/16

Configure Browser Isolation listening address


# Listen on localhost (default case for single-node installation)
bash OPLON_INSTALL_CONTAINERS.sh --bilistner 127.0.0.1
 
# Listen on specific IP (case for dedicated multi-node browser isolation installation)
bash OPLON_INSTALL_CONTAINERS.sh --bilistner 192.168.1.100

Set memory limit for Browser Isolation


# 4GB limit (4096 MB)
bash OPLON_INSTALL_CONTAINERS.sh --bimemory 4096
 
# No memory limit
bash OPLON_INSTALL_CONTAINERS.sh --bimemory 0

Modify recording paths


# Change only RDP path
bash OPLON_INSTALL_CONTAINERS.sh --changerdlogpath /mnt/recordings/rdp
 
# Change only SSH path
bash OPLON_INSTALL_CONTAINERS.sh --changesshlogpath /mnt/recordings/ssh
 
# Change both paths
bash OPLON_INSTALL_CONTAINERS.sh \
  --changerdlogpath /mnt/recordings/rdp \
  --changesshlogpath /mnt/recordings/ssh

The specified recording paths must exist on the host system and have correct permissions. Docker containers must be able to write to these directories.