Product documentation

Unicon documentation migration is in progress. You might find some broken links or experience minor issues in the documentation. We are working on resolving these issues.

X

Installation Scout Enterprise Management Suite 15.x

Installing ELIAS 18 / Linux

March 26, 2025
Contributed by: 
S C

– The following instructions refer to ELIAS 18 2209 or later versions –

ELIAS 18 can also be used in a Linux environment. A Debian package (.deb) tested with Ubuntu 20.04 is available for this purpose.

Requires
A MongoDB database must be available either locally or remotely. The database requires sufficient hard disk space for container management, see also System requirements
  1. From our myelux.com portal, under Downloads > Scout> ELIAS, download the provided Debian package of ELIAS 18 < version> for Linux.

  2. Install the Debian package by using appropriate package management tools (Debian/Ubuntu).

    Example: sudo apt install ./elias-package.deb

    The files are installed to /opt/unicon/elias.

  3. To configure the connection to MongoDB and the web service (back-end configuration), edit the file /opt/unicon/elias/server.json:[(1) This file remains local.]

    Option Description Default
    “server” MongoDB server name (as FQDN or IP address) For a local installation, use “localhost”. Append the port number to the server name after a colon. “localhost:27017”
    “mongoUser” MongoDB username If you do not use logon data, set an empty string. ””
    “mongoPassword” MongoDB password If you do not use logon data, set an empty string. ””
    “mongoPasswordEncrypted” Encrypted MongoDB password false
    “mongoOptions” optional: Additional MongoDB options  
    “adminPassword” Encrypted password for the local admin account To encrypt passwords, use the bcrypt method with 13 passes. “elias”
    “adGroup” AD group users need to belong to for logon For further information on available logon types, see Access management and logon in the ELIAS 18 guide. “ELIAS”
    “logLevel” Log level (debug, info, warn, and error) “debug”
    “port” Port used by the ELIAS API “22130”
    “iisWebsite” IIS redirection website name, not used on Linux

    Note:

    To configure ELIAS for access via Keycloak, see Access management via Keycloak in the ELIAS 18 guide.

  4. For the front-end configuration, edit the file /opt/unicon/elias/config.json:

    Option Description Default/Example
    “pollingInterval” Interval in milliseconds for polling the API by the user interface 3000
    “api” Host name of the device ELIAS is running on (FQDN or IP address) <Host name>
    “domain” AD domain for user authentication Domain users need to be registered in a specific AD group. To enable only the local admin account, set an empty string. ””
    “redirectPath” Any path that redirects to the API (for example, if Apache is used) Must end in api “api”

    This path must also be specified in the Scout Console, on the Firmware tab of the client device configuration.

    “protocol” Either “http” or “https” “http”
    apiVersions Must be set to [“1.0”] [“1.0”]
    base.database Name of your ELIAS database If you create multiple containers, all of them will be stored in this database.2 from ELIAS 18 2104 ELIAS-Database
    “port” Port on which the ELIAS website is reachable externally “8080”
    allowedOrigins List of URLs on which the ELIAS website is reachable externally (separated by comma) Example: “http://<Hostname or IP address>:8080”  

  5. Restart the ELIAS service.

    Example: sudo systemctl restart scout-enterprise-elias

Reverse proxy for the web server

For performance or security reasons, you can configure a simple reverse proxy to handle SSL encryption and decryption. A configuration for Apache might look like the following:

Copy

<IfModule mod_ssl.c>
<VirtualHost *:443>
    ServerName elias.dev.sampletec-01.com
    ProxyPreserveHost Off
    ProxyRequests off
    SSLProxyEngine On
    <Proxy *>
        Require all granted
    </Proxy>
    ProxyPass / http://localhost:22130/
    ProxyPassReverse / http://localhost:22130/

# Insert your certificate file names:
SSLCertificateFile /etc/ssl/private/ca-certificate.crt.pem
SSLCertificateKeyFile /etc/ssl/private/ca-certificate.key.pem

SSLEngine on

# Intermediate configuration, tweak to your needs:
SSLProtocol             all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
SSLCipherSuite          ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
SSLHonorCipherOrder     off
SSLSessionTickets       off

SSLOptions +StrictRequire

# Add vhost name to log entries:
LogFormat "%h %l %u %t "%r" %>s %b "%{Referer}i" "%{User-agent}i"" vhost_combined
LogFormat "%v %h %l %u %t "%r" %>s %b" vhost_common

</VirtualHost>
</IfModule>

Customize the data such as server name and certificate files to your configuration.

We also recommend creating a second configuration file to redirect communication arriving unencrypted via port 80 to port 443. Example:

Copy

<VirtualHost *:80>
RewriteEngine on
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>

Again, customize the data to fit your configuration.

For the configuration files to be executed, proceed as follows:

  1. Copy your .conf files to /etc/apache2/sites-available
  2. Provide them to /etc/apache2/sites-enabled for example with a2ensite <filename>.conf or via symlink, for example ln -s sites-available/<filename>.conf sites-enabled/<filename>.conf
  3. Restart the web server: systemctl reload apache2
Installing ELIAS 18 / Linux
March 26, 2025
Contributed by: 
S C

In this article

Site feedback | Your privacy choices footer linkYour Privacy Choices | Privacy and legal terms | Cookie preferences | Consent settings | docs.cloud.com
© 1999-2025 Cloud Software Group, Inc. All rights reserved.