1. Install BindPlane OP Server

Welcome to BindPlane OP

This quickstart guide is broken into four steps to help you get up and running with BindPlane OP.

BindPlane OP will run on Linux or as a container using Docker.

This guide will walk you through installing BindPlane OP on a Linux system, installing an agent, and collecting and routing your telemetry.

Step 1: Installing and Configuring BindPlane OP

Installation

Install the BindPlane OP server using the installation script below. Check out our Installation page if you want additional installation options.

Enterprise requires an enterprise license. If you don't have one, start with Open Source.

1curl -fsSlL https://storage.googleapis.com/bindplane-op-releases/bindplane/latest/install-linux.sh | bash -s --

Configuration

Initialize Server

Once installed, you need to initialize the server with some configuration parameters. The default command for this is below. However, following installation, you should use the command displayed in the Server Initialization section.

1sudo BINDPLANE_CONFIG_HOME=/var/lib/bindplane /usr/local/bin/bindplane init server --config /etc/bindplane/config.yaml

You'll be prompted to configure BindPlane OP with the following parameters. This updates the parameters in the config.yaml located by default at /etc/bindplane/config.yaml.

• License Key: Provide your license key. If you do not have one, leave this field empty to enable Free Edition.
• Server Host: Set to the instance's IP address, or 0.0.0.0 to bind to all IP addresses.
• Server Port: Set to 3001 (the default value) unless you have a reason to change it.
• Remote URL: Set to the URL that should be used to communicate with BindPlane. Generally this is your server's hostname or IP address. If BindPlane is behind a load balancer or web proxy, use the load balancers hostname and port.
• Sessions Secret: Set to a random UUID. One will be generated for you if you leave this field blank.
• Enable Multi Account (Enterprise): Enable or disable multi account. Enabling multi account allows you to create multiple tenants within BindPlane.
• Authentication Method: Choose the authentication type you would like to configure. (Free Edition users will not be prompted, instead, basic auth is configured automatically)
  • LDAP and Active Directory
    • Enable TLS: If enabled, TLS will be used when communicating with the directory server.
      • Enable Mutual TLS: If enabled, mutual TLS authentication will be used when communicating with the directory server.
        • TLS Certificate: Path to the X509 PEM TLS certificate to use when mutual TLS is enabled.
        • Private Key: Path to the X509 PEM TLS private key to use when mutual TLS is enabled.
      • Certificate Authority: Optional path to a X509 PEM TLS certificate authority that should be used to validate the directory server's certificate.
      • Insecure Skip Verify: Choose "n" here. It is not recommended to skip certificate verification outside of a development environment.
    • Server Address: Set to the IP address or hostname of the directory server.
    • Server Port: Set to the port of the directory server.
    • Base DN: Set to the distinguished name that should be used to search for users.
    • Search Filter: Set to the search filter that should be used to search for users.
    • Bind Username: Set to the username that should be used when authenticating with the directory server.
    • Bind Password: Set to the password that should be used when authenticating with the directory server.
  • Basic Auth
    • Username: Set to your desired basic auth username
    • Password: Set to your desired basic auth password
• Secret Key: Set to a random UUID. One will be generated for you if you leave this field blank.
• EULA: Choose "y" to accept the user agreement

Restart Server

Finally, use the following command to restart the BindPlane server.

1sudo systemctl restart bindplane

That's it; you've successfully installed BindPlane OP. Next, we'll show you how to access the BindPlane OP UI in your browser.