Install Omada Software Controller 5.0.30 on Enterprise Linux 8

These instructions are expected to apply to for all Red Hat Enterprise Linux 8 variants like AlmaLinux, Rocky Linux or Oracle Linux.

cd /tmp
curl${VERSION}_linux_x64.tar.gz -o Omada_SDN_Controller_v${VERSION}_Linux_x64.tar.gz
tar xf Omada_SDN_Controller_v${VERSION}_Linux_x64.tar.gz

# Install Omada prerequisites with Java 11
dnf -y install
dnf -y install curl  java-11

# Patch Java 11 for faulty jsvc. REPEAT for every Java update. Maybe create a cron/monitoring job.
ln -s /usr/lib/jvm/java-11-openjdk- /usr/lib/jvm/java-11-openjdk-

## Mongodb 4.X
# Add Mongo Repo
dnf -y config-manager --add-repo
rpm --import
dnf -y install mongodb-org-server

# Don't run as root:
adduser $OMADA_USER
cd Omada_SDN_Controller_v${VERSION}_linux_x64
./ -y
/usr/bin/tpeap stop
chown $OMADA_USER:$OMADA_USER  -R /opt/tplink/
#Change default user by adding this line near the top of /usr/bin/tpeap
sed -i '0,/^OMADA_HOME.*/s/^OMADA_HOME.*/OMADA_USER=omada\n&/' /usr/bin/tpeap
sed -i '0,/^OMADA_HOME.*/s/^OMADA_HOME.*/OMADA_USER=omada\n&/' /opt/tplink/EAPController/bin/
systemctl daemon-reload

# Now open your firewall ports
firewall-cmd --zone=public --add-port=8088/tcp --permanent # http connection
firewall-cmd --zone=public --add-port=8043/tcp --permanent # https connection
firewall-cmd --zone=public --add-port=29810/udp --permanent # EAP Discovery
firewall-cmd --zone=public --add-port=29811/tcp --permanent # EAP Management
firewall-cmd --zone=public --add-port=29812/tcp --permanent # EAP Adoption
firewall-cmd --zone=public --add-port=29813/tcp --permanent # EAP Upgrades and initialisation check
firewall-cmd --reload

# Setting up an Apache webserver virtual host as proxy (optional)
# This part will not go into the full details of configuring an Apache webserver. Only the virtual host config is listed here. Replace <servername> with your domain and <omada server> with your omada server (IP or name):
<VirtualHost *:443>
    ServerName <servername>
    SSLEngine on
    SSLCertificateFile /etc/letsencrypt/live/<servername>/fullchain.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/<servername>/privkey.pem
    SSLCertificateChainFile /etc/letsencrypt/live/<servername>/chain.pem
    SSLProxyEngine On
    SSLProxyCheckPeerCN off
    SSLProxyCheckPeerExpire off
    SSLProxyCheckPeerName off
    ProxyPreserveHost on
    ProxyPass / https://<omada server>:8043/
    ProxyPassReverse / https://<omada server>:8043/
    RequestHeader set Host "<omada server>:8043"
    CustomLog logs/<servername>-access_log combined env=!client_is_me