Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

How to install Landscape Server with quickstart mode

The quickstart mode of deploying Landscape consists of installing all the necessary software on a single machine. Quickstart mode has limited scalability, so it may not be ideal for large production deployments.

Note: If you have an Ubuntu Pro subscription, we recommend you attach your Pro token for easy access to your Pro services. For more information, see how to attach your Ubuntu Pro subscription and how to enable Landscape in the Ubuntu Pro Client.

Contents:

  1. Check minimum requirements
  2. Install Landscape Server
  3. Install an SSL certificate
  4. Create a global administrator account
  5. Configure Postfix for email

Check minimum requirements

The following minimum requirements are needed to install Landscape Server:

  • Operating system: Ubuntu 22.04 LTS (Jammy Jellyfish) or Ubuntu 24.04 LTS (Noble Numbat)
  • Hardware: A dual-core 2 GHz processor, 4 GB of RAM, and 20 GB of disk space
  • Networking: An IP address and FQDN with TCP communication allowed for SSH (typically port 22), HTTP (port 80), and HTTPS (port 443)
  • If you wish to use LetsEncrypt to obtain an SSL certificate, DNS administration access for the hostname you’ll use to access Landscape

Install Landscape Server

Install prerequisites

To install prerequisites, run:

sudo apt update && sudo apt install -y ca-certificates software-properties-common

The add-apt-packages command line utility is necessary to add the PPA which contains the Landscape Server software. The software-properties-common package must be added to access add-apt-packages.

Set environment variables

To set the necessary environment variables, run:

HOST_NAME={HOST_NAME}
DOMAIN={DOMAIN_NAME}
FQDN=$HOST_NAME.$DOMAIN

This code block includes the following values that must be changed:

{HOST_NAME}: The host name you’re using for the Landscape installation

{DOMAIN_NAME}: The domain name you’re using for the Landscape installation

It’s important to set HOST_NAME, DOMAIN and FQDN correctly prior to installing Landscape Server. These variables are used by other commands later.

Set the machine’s host name

To set the machine’s host name, run:

sudo hostnamectl set-hostname "$FQDN"

When Landscape Server is installed, it will read the machine’s host name and use it in the Apache configuration.

Install landscape-server-quickstart

To install landscape-server-quickstart:

  1. Add the PPA for Landscape Server, replacing {LANDSCAPE_PPA} with the appropriate repository:

    sudo add-apt-repository {LANDSCAPE_PPA} -y
    • {LANDSCAPE_PPA}: The PPA for the specific Landscape installation you’re using. The PPA for Landscape Beta is: ppa:landscape/self-hosted-beta. The PPA for the most recent stable Landscape LTS is: ppa:landscape/self-hosted-24.04.

  2. Update packages and dependencies in your local system:

    sudo apt-get update

  3. Install landscape-server-quickstart:

    sudo DEBIAN_FRONTEND=noninteractive apt-get install -y landscape-server-quickstart
    • This installation takes approximately five minutes.

Install an SSL certificate

If you have the fullchain.pem and privkey.pem files for your SSL certificate, skip these steps and configure Apache manually.

Install Certbot

Certbot is a command line utility which makes acquiring and renewing SSL certificates from LetsEncrypt an easy, free and automated process.

To install Certbot, run:

sudo snap install certbot --classic

Get an SSL certificate from LetsEncrypt

If your Landscape instance has a public IP, and your FQDN resolves to that public IP, run the following code to get a valid SSL certificate from LetsEncrypt:

sudo certbot --non-interactive --apache --no-redirect --agree-tos --email {[email protected]} --domains $FQDN

But, replace {[email protected]} with an email address where certificate renewal reminders can be sent.

Create a global administrator account

At this point, visiting https://HOST_NAME.DOMAIN prompts you to create Landscape’s first Global Administrator account. To add administrators:

  1. Click Settings
  2. Set a valid outgoing email address in the System email address field
  3. Click Save

By default, the email address will be pre-filled with noreply@HOST_NAME.DOMAIN. You may want to change this to noreply@DOMAIN, or another valid email address.

Configure Postfix for email

These steps use SendGrid as an example email service provider that can be configured to work with Postfix. They may still generally apply to other email service providers, such as Mailjet, Amazon SES or Google.

Detailed information is available for Postfix in the Ubuntu Server documentation.

Set environment variables

To set the necessary environment variables, run the following code. Replace {API_KEY} with an API key from https://app.sendgrid.com/settings/api_keys:

SMTP_HOST='smtp.sendgrid.net'
SMTP_PORT='587'
SMTP_USERNAME='apikey'
SMTP_PASSWORD='{API_KEY}'

Install Postfix

To install Postfix, run:

sudo DEBIAN_FRONTEND=noninteractive apt-get install -y postfix

Use Postconf to configure the /etc/postfix/main.cf file

  1. Configure the /etc/postfix/main.cf file with Postconf:

    sudo postconf -e myhostname="$FQDN"
sudo postconf -e mydomain="$DOMAIN"
sudo postconf -e myorigin="$DOMAIN"
sudo postconf -e masquerade_domains="$DOMAIN"
sudo postconf -e mydestination=localhost
sudo postconf -e default_transport=smtp
sudo postconf -e relay_transport=smtp
sudo postconf -e relayhost="[${SMTP_HOST}]:${SMTP_PORT}"
sudo postconf -e smtp_sasl_auth_enable=yes
sudo postconf -e smtp_sasl_password_maps=hash:/etc/postfix/sasl_passwd
sudo postconf -e smtp_sasl_security_options=noanonymous
sudo postconf -e header_size_limit=4096000

    This code block includes the following values that must be changed:

    {SMTP_HOST}: The hostname or IP address of the SMTP server to which Postfix will relay outgoing emails

    {SMTP_PORT}: The port number on which the SMTP server is listening for incoming connections

  2. SendGrid requires TLS encryption when connecting on Port 587, so you must make the following additional configurations:

    sudo postconf -e smtp_use_tls=yes
sudo postconf -e smtp_tls_security_level=encrypt
sudo postconf -e smtp_sasl_tls_security_options=noanonymous

Finish configuration

  1. Write /etc/postfix/sasl_passwd with the authentication credentials:

    sudo sh -c "echo \"[$SMTP_HOST]:$SMTP_PORT $SMTP_USERNAME:$SMTP_PASSWORD\" > /etc/postfix/sasl_passwd"

  2. Generate a hashed version of that file:

    sudo postmap /etc/postfix/sasl_passwd

  3. Secure /etc/postfix/sasl_passwd.db:

    sudo chmod 600 /etc/postfix/sasl_passwd.db

  4. Remove /etc/postfix/sasl_passwd for security:

    sudo rm /etc/postfix/sasl_passwd

  5. Restart Postfix for these settings to take effect:

    sudo /etc/init.d/postfix restart
Previous How-to guides Next Manual installation

This page was last modified 2 months ago. Help improve this document in the forum.