顯示頁面舊版反向連結Fold/unfold all回到頁頂 本頁是唯讀的,您可以看到原始碼,但不能更動它。您如果覺得它不應被鎖上,請詢問管理員。 ===== CentOS7 安裝程序 ===== - 安裝需要的套件 <cli> yum install epel-release rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm yum install composer cronie fping git ImageMagick jwhois mariadb mariadb-server mtr python36 MySQL-python net-snmp net-snmp-utils nginx nmap php72w php72w-cli php72w-common php72w-curl php72w-fpm php72w-gd php72w-mbstring php72w-mysqlnd php72w-process php72w-snmp php72w-xml php72w-zip python-memcached rrdtool </cli> - 建立 librenms 用戶<cli> useradd librenms -d /opt/librenms -M -r usermod -a -G librenms nginx sync;sync;sync;reboot </cli> - 下載 LibreNMS <cli> cd /opt composer create-project --no-dev --keep-vcs librenms/librenms librenms dev-master </cli> - 出現異常與警告訊息, 重新開機後再執行<cli> cd /opt/librenms ./scripts/composer_wrapper.php install --no-dev </cli> - 建立 DB Server<cli> systemctl start mariadb mysql -u root </cli>**password** 要依照自己需要設定<code sql> CREATE DATABASE librenms CHARACTER SET utf8 COLLATE utf8_unicode_ci; CREATE USER 'librenms'@'localhost' IDENTIFIED BY '**password**'; GRANT ALL PRIVILEGES ON librenms.* TO 'librenms'@'localhost'; FLUSH PRIVILEGES; exit </code><cli> vi /etc/my.cnf </cli><file> [mysqld] datadir=/var/lib/mysql : : # instructions in http://fedoraproject.org/wiki/Systemd innodb_file_per_table=1 sql-mode="" lower_case_table_names=0 : </file><cli> systemctl enable mariadb systemctl restart mariadb </cli> - 建立 Web Server <cli> vi /etc/php-fpm.d/www.conf </cli><file> : ;user = apache user = nginx ; RPM: Keep a group allowed to write in log dir. group = apache ; The address on which to accept FastCGI requests. ; Valid syntaxes are: ; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific IPv4 address on ; a specific port; ; '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on ; a specific port; ; 'port' - to listen on a TCP socket to all addresses ; (IPv6 and IPv4-mapped) on a specific port; ; '/path/to/unix/socket' - to listen on a unix socket. ; Note: This value is mandatory. ;listen = 127.0.0.1:9000 listen = /var/run/php-fpm/php7.2-fpm.sock ; Set listen(2) backlog. ; Default Value: 511 (-1 on FreeBSD and OpenBSD) ;listen.backlog = 511 ; Set permissions for unix socket, if one is used. In Linux, read/write ; permissions must be set in order to allow connections from a web server. Many ; BSD-derived systems allow connections regardless of permissions. ; Default Values: user and group are set as the running user ; mode is set to 0660 ;listen.owner = nobody ;listen.group = nobody ;listen.mode = 0660 listen.owner = nginx listen.group = nginx listen.mode = 0660 ; When POSIX Access Control Lists are supported you can set them using ; these options, value is a comma separated list of user/group names. : </file><cli> systemctl enable php-fpm systemctl restart php-fpm </cli> - 設定 nginx <cli> vi /etc/nginx/conf.d/librenms.conf </cli><file> server { listen 80; server_name librenms.example.com; root /opt/librenms/html; index index.php; charset utf-8; gzip on; gzip_types text/css application/javascript text/javascript application/x-javascript image/svg+xml text/plain text/xsd text/xsl text/xml image/x-icon; location / { try_files $uri $uri/ /index.php?$query_string; } location /api/v0 { try_files $uri $uri/ /api_v0.php?$query_string; } location ~ \.php { include fastcgi.conf; fastcgi_split_path_info ^(.+\.php)(/.+)$; fastcgi_pass unix:/var/run/php-fpm/php7.2-fpm.sock; } location ~ /\.ht { deny all; } } </file><cli> systemctl enable nginx systemctl restart nginx </cli> - 建立 SELinux 與 Allow fping<cli> yum install policycoreutils-python semanage fcontext -a -t httpd_sys_content_t '/opt/librenms/logs(/.*)?' semanage fcontext -a -t httpd_sys_rw_content_t '/opt/librenms/logs(/.*)?' restorecon -RFvv /opt/librenms/logs/ semanage fcontext -a -t httpd_sys_content_t '/opt/librenms/rrd(/.*)?' semanage fcontext -a -t httpd_sys_rw_content_t '/opt/librenms/rrd(/.*)?' restorecon -RFvv /opt/librenms/rrd/ semanage fcontext -a -t httpd_sys_content_t '/opt/librenms/storage(/.*)?' semanage fcontext -a -t httpd_sys_rw_content_t '/opt/librenms/storage(/.*)?' restorecon -RFvv /opt/librenms/storage/ semanage fcontext -a -t httpd_sys_content_t '/opt/librenms/bootstrap/cache(/.*)?' semanage fcontext -a -t httpd_sys_rw_content_t '/opt/librenms/bootstrap/cache(/.*)?' restorecon -RFvv /opt/librenms/bootstrap/cache/ setsebool -P httpd_can_sendmail=1 setsebool -P httpd_execmem 1 vi /tmp/http_fping.tt </cli><file> module http_fping 1.0; require { type httpd_t; class capability net_raw; class rawip_socket { getopt create setopt write read }; } #============= httpd_t ============== allow httpd_t self:capability net_raw; allow httpd_t self:rawip_socket { getopt create setopt write read }; </file><cli> checkmodule -M -m -o http_fping.mod /tmp/http_fping.tt semodule_package -o /tmp/http_fping.pp -m http_fping.mod semodule -i /tmp/http_fping.pp </cli> - 設定 firewall<cli> firewall-cmd --zone public --add-service http firewall-cmd --permanent --zone public --add-service http firewall-cmd --zone public --add-service https firewall-cmd --permanent --zone public --add-service https </cli> - 設定 snmpd <cli> cp /opt/librenms/snmpd.conf.example /etc/snmp/snmpd.conf vi /etc/snmp/snmpd.conf </cli>將 RANDOMSTRINGGOESHERE 改成你要的 community 字串<file> # Change RANDOMSTRINGGOESHERE to your preferred SNMP community string #com2sec readonly default RANDOMSTRINGGOESHERE com2sec readonly default **community_string** : #syslocation Rack, Room, Building, City, Country [GPSX,Y] syslocation Taipei, Taiwan #syscontact Your Name <your@email.address> syscontact Jonathan Tsai <infotech@ichiayi.com> : </file><cli> curl -o /usr/bin/distro https://raw.githubusercontent.com/librenms/librenms-agent/master/snmp/distro chmod +x /usr/bin/distro systemctl enable snmpd systemctl restart snmpd </cli> - 定義 cron table <cli> cp /opt/librenms/librenms.nonroot.cron /etc/cron.d/librenms </cli> - 設定定時清 log <cli> cp /opt/librenms/misc/librenms.logrotate /etc/logrotate.d/librenms </cli> - 設定權限 <cli> chown -R librenms:librenms /opt/librenms setfacl -d -m g::rwx /opt/librenms/rrd /opt/librenms/logs /opt/librenms/bootstrap/cache/ /opt/librenms/storage/ setfacl -R -m g::rwx /opt/librenms/rrd /opt/librenms/logs /opt/librenms/bootstrap/cache/ /opt/librenms/storage/ </cli> - 至網頁介面進行安裝 網址 Exp. http://192.168.11.200/install.php - 如果這時候無法出現安裝畫面, 表示 nginx default 設定沒有移除 <cli> vi /etc/nginx/nginx.conf </cli><file> : include /etc/nginx/mime.types; default_type application/octet-stream; # Load modular configuration files from the /etc/nginx/conf.d directory. # See http://nginx.org/en/docs/ngx_core_module.html#include # for more information. include /etc/nginx/conf.d/*.conf; # server { # listen 80 default_server; # listen [::]:80 default_server; # server_name _; # root /usr/share/nginx/html; # # # Load configuration files for the default server block. # include /etc/nginx/default.d/*.conf; # # location / { # } # # error_page 404 /404.html; # location = /40x.html { # } # # error_page 500 502 503 504 /50x.html; # location = /50x.html { # } # } # Settings for a TLS enabled server. # # server { : </file><cli> systemctl restart nginx </cli> - 依照網頁出現的 6 個 Stage 執行 - Stage 5 將產生的設定參數資料手動寫入 /opt/librenms/config.php <cli> vi /opt/librenms/config.php </cli> - 調整參數檔案權限<cli> chown librenms:librenms /opt/librenms/config.php </cli> - 再來應該就可以透過網頁依照上一步驟建立的帳號登入 tech/librenms/centos7.txt 上一次變更: 2021/06/14 16:01由 jonathan