From c09d81d26276ba7d88d23e306eadd4546255b574 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C5=82awomir=20Paszkiewicz?= Date: Fri, 2 Oct 2015 13:29:13 +0200 Subject: [PATCH 1/8] - updated RHEL/CentOS installation docs --- .../Installation-(RHEL-CentOS).md | 44 ++++++++++++------- 1 file changed, 28 insertions(+), 16 deletions(-) diff --git a/doc/Installation/Installation-(RHEL-CentOS).md b/doc/Installation/Installation-(RHEL-CentOS).md index 101a0d7669..208494e1be 100644 --- a/doc/Installation/Installation-(RHEL-CentOS).md +++ b/doc/Installation/Installation-(RHEL-CentOS).md @@ -1,4 +1,4 @@ -NOTE: What follows is a very rough list of commands. This works on a fresh install of CentOS 6.4. +NOTE: What follows is a very rough list of commands. This works on a fresh install of CentOS 6.4 and CentOS 7. NOTE: These instructions assume you are the root user. If you are not, prepend `sudo` to all shell commands (the ones that aren't at `mysql>` prompts) or temporarily become a user with root privileges with `sudo -s`. @@ -10,7 +10,7 @@ This host is where the MySQL database runs. It could be the same machine as you You are free to choose between using MySQL or MariaDB: -**MySQL** +**MySQL** (NOTE: In CentOS 7 there is only mariadb in official repo) ```bash yum install net-snmp mysql-server mysql-client chkconfig mysqld on @@ -20,15 +20,15 @@ service mysqld start **MariaDB** ```bash yum install net-snmp mariadb-server mariadb-client -chkconfig mariadb on -service mariadb start +systemctl enable mariadb +systemctl start mariadb ``` Now continue with the installation: ```bash -service snmpd start -chkconfig snmpd on +chkconfig snmpd on (systemctl enable snmpd on CentOS 7) +service snmpd start (systemctl start snmpd on CentOS 7) mysql_secure_installation mysql -uroot -p ``` @@ -70,20 +70,28 @@ Install necessary software. The packages listed below are an all-inclusive list Note if not using HTTPd (Apache): RHEL requires `httpd` to be installed regardless of of `nginx`'s (or any other web-server's) presence. yum install epel-release - yum install php php-cli php-gd php-mysql php-snmp php-pear php-curl httpd net-snmp graphviz graphviz-php mysql ImageMagick jwhois nmap mtr rrdtool MySQL-python net-snmp-utils vixie-cron php-mcrypt fping git +(CentOS 6) yum install php php-cli php-gd php-mysql php-snmp php-pear php-curl httpd net-snmp graphviz graphviz-php mysql ImageMagick jwhois nmap mtr rrdtool MySQL-python net-snmp-utils vixie-cron php-mcrypt fping git +(CentOS 7) yum install php php-cli php-gd php-mysql php-snmp php-pear php-curl httpd net-snmp graphviz graphviz-php mariadb ImageMagick jwhois nmap mtr rrdtool MySQL-python net-snmp-utils vixie-cron php-mcrypt fping git pear install Net_IPv4-1.3.4 pear install Net_IPv6-1.2.2b2 -### Adding the librenms-user ### - +### Adding the librenms-user for Apache ### +```bash useradd librenms -d /opt/librenms -M -r usermod -a -G librenms apache +``` + +### Adding the librenms-user for Nginx ### +```bash + useradd librenms -d /opt/librenms -M -r + usermod -a -G librenms nginx +``` ### Using HTTPd (Apache2) ### Set `httpd` to start on system boot. - chkconfig --levels 235 httpd on + chkconfig --levels 235 httpd on (systemctl enable httpd on CentOS 7) Next, add the following to `/etc/httpd/conf.d/librenms.conf` @@ -110,8 +118,8 @@ If the file `/etc/httpd/conf.d/welcome.conf` exists, you might want to remove th Install necessary extra software and let it start on system boot. yum install nginx php-fpm - chkconfig nginx on - chkconfig php-fpm on + chkconfig nginx on (systemctl enable nginx on CentOS 7) + chkconfig php-fpm on (systemctl enable php-fpm on CentOS 7) Modify permissions and configuration for `php-fpm` to use nginx credentials. @@ -193,23 +201,27 @@ To prepare the web interface (and adding devices shortly), you'll need to create First, create and chown the `rrd` directory and create the `logs` directory +```bash mkdir rrd logs chown -R librenms:librenms /opt/librenms + chmod 775 rrd + # For HTTPd (Apache): chown apache:apache logs + # For Nginx: chown nginx:nginx logs - - chmod 775 rrd +``` > If you're planing on running rrdcached, make sure that the path is also chmod'ed to 775 and chown'ed to librenms:librenms. Start the web-server: # For HTTPd (Apache): - service httpd restart + service httpd restart (systemctl restart httpd on CentOS 7) + # For Nginx: - service nginx restart + service nginx restart (systemctl restart nginx on CentOS 7) ### Add localhost ### From a947f3829cc8af8bb2e05fc237be499ba1135acf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C5=82awomir=20Paszkiewicz?= Date: Fri, 2 Oct 2015 13:41:43 +0200 Subject: [PATCH 2/8] - added configuration for SELinux --- doc/Installation/Installation-(RHEL-CentOS).md | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/doc/Installation/Installation-(RHEL-CentOS).md b/doc/Installation/Installation-(RHEL-CentOS).md index 208494e1be..70e85799f5 100644 --- a/doc/Installation/Installation-(RHEL-CentOS).md +++ b/doc/Installation/Installation-(RHEL-CentOS).md @@ -215,6 +215,20 @@ First, create and chown the `rrd` directory and create the `logs` directory > If you're planing on running rrdcached, make sure that the path is also chmod'ed to 775 and chown'ed to librenms:librenms. +**SELinux** +> if you're using SELinux you need to allow nginx to write into logs directory. +> semanage tool is a part of policycoreutils-python, so if don't have it, you can install it + +```bash + yum install policycoreutils-python +``` + +```bash + semanage fcontext -a -t httpd_sys_content_t '/opt/librenms/logs(/.*)?' + semanage fcontext -a -t httpd_sys_rw_content_t '/opt/librenms/logs(/.*)?' + restorecon -RFvv /opt/librenms/logs/ +``` + Start the web-server: # For HTTPd (Apache): From 970d83da0b135e8220d204f1a4f22dc8d3215ada Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C5=82awomir=20Paszkiewicz?= Date: Fri, 2 Oct 2015 14:46:15 +0200 Subject: [PATCH 3/8] - create session dir for php-fpm --- doc/Installation/Installation-(RHEL-CentOS).md | 1 + 1 file changed, 1 insertion(+) diff --git a/doc/Installation/Installation-(RHEL-CentOS).md b/doc/Installation/Installation-(RHEL-CentOS).md index 70e85799f5..09be1dbaab 100644 --- a/doc/Installation/Installation-(RHEL-CentOS).md +++ b/doc/Installation/Installation-(RHEL-CentOS).md @@ -123,6 +123,7 @@ Install necessary extra software and let it start on system boot. Modify permissions and configuration for `php-fpm` to use nginx credentials. + mkdir /var/lib/php/session chown root:nginx /var/lib/php -R vi /etc/php-fpm.d/www.conf # At line #12: Change `listen` to `/var/run/php5-fpm.sock` # At line #39-41: Change the `user` and `group` to `nginx` From 8490ec0bfbc8f6a9386e28975923f969922387fb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C5=82awomir=20Paszkiewicz?= Date: Sat, 3 Oct 2015 14:27:26 +0200 Subject: [PATCH 4/8] - fixes for compability with CentOS 6 --- doc/Installation/Installation-(RHEL-CentOS).md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/doc/Installation/Installation-(RHEL-CentOS).md b/doc/Installation/Installation-(RHEL-CentOS).md index 09be1dbaab..d3de23deb7 100644 --- a/doc/Installation/Installation-(RHEL-CentOS).md +++ b/doc/Installation/Installation-(RHEL-CentOS).md @@ -20,8 +20,8 @@ service mysqld start **MariaDB** ```bash yum install net-snmp mariadb-server mariadb-client -systemctl enable mariadb -systemctl start mariadb +chkconfig mariadb on (systemctl enable mariadb on CentOS 7) +service mariadb start (systemctl start mariadb on CentOS 7) ``` Now continue with the installation: From 4e747249faf4d7e4b39ba189360236a78e138f80 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C5=82awomir=20Paszkiewicz?= Date: Sun, 4 Oct 2015 14:06:52 +0200 Subject: [PATCH 5/8] - LibreNMS and SELinux is still experimental --- doc/Installation/Installation-(RHEL-CentOS).md | 1 + 1 file changed, 1 insertion(+) diff --git a/doc/Installation/Installation-(RHEL-CentOS).md b/doc/Installation/Installation-(RHEL-CentOS).md index d3de23deb7..eaeff7c44c 100644 --- a/doc/Installation/Installation-(RHEL-CentOS).md +++ b/doc/Installation/Installation-(RHEL-CentOS).md @@ -219,6 +219,7 @@ First, create and chown the `rrd` directory and create the `logs` directory **SELinux** > if you're using SELinux you need to allow nginx to write into logs directory. > semanage tool is a part of policycoreutils-python, so if don't have it, you can install it +> Please note that running LibreNMS with SELinux is still experimental and we cannot guarantee that everything will be working fine for now. ```bash yum install policycoreutils-python From 1c51ddd46b6e5ac124d27d35d839e6c452308000 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C5=82awomir=20Paszkiewicz?= Date: Mon, 5 Oct 2015 10:56:22 +0200 Subject: [PATCH 6/8] - separated commands for CentOS 6 and CentOS 7 --- .../Installation-(RHEL-CentOS).md | 81 ++++++++++++++++--- 1 file changed, 69 insertions(+), 12 deletions(-) diff --git a/doc/Installation/Installation-(RHEL-CentOS).md b/doc/Installation/Installation-(RHEL-CentOS).md index eaeff7c44c..d4dde6f9a1 100644 --- a/doc/Installation/Installation-(RHEL-CentOS).md +++ b/doc/Installation/Installation-(RHEL-CentOS).md @@ -8,9 +8,10 @@ This host is where the MySQL database runs. It could be the same machine as you > ** Whilst we are working on ensuring LibreNMS is compatible with MySQL strict mode, for now, please disable this after mysql is installed. +**CentOS 6**: You are free to choose between using MySQL or MariaDB: -**MySQL** (NOTE: In CentOS 7 there is only mariadb in official repo) +**MySQL** ```bash yum install net-snmp mysql-server mysql-client chkconfig mysqld on @@ -24,11 +25,30 @@ chkconfig mariadb on (systemctl enable mariadb on CentOS 7) service mariadb start (systemctl start mariadb on CentOS 7) ``` +**CentOS 7** + +(NOTE: In CentOS 7 there is only mariadb in official repo) +**MariaDB** +```bash +yum install net-snmp mariadb-server mariadb-client +systemctl enable mariadb +systemctl start mariadb +``` + Now continue with the installation: +**CentOS 6** ```bash -chkconfig snmpd on (systemctl enable snmpd on CentOS 7) -service snmpd start (systemctl start snmpd on CentOS 7) +chkconfig snmpd on +service snmpd start +mysql_secure_installation +mysql -uroot -p +``` + +**CentOS 7** +```bash +systemctl enable snmpd +systemctl start snmpd mysql_secure_installation mysql -uroot -p ``` @@ -69,11 +89,20 @@ Install necessary software. The packages listed below are an all-inclusive list Note if not using HTTPd (Apache): RHEL requires `httpd` to be installed regardless of of `nginx`'s (or any other web-server's) presence. +**CentOS 6** +```bash yum install epel-release -(CentOS 6) yum install php php-cli php-gd php-mysql php-snmp php-pear php-curl httpd net-snmp graphviz graphviz-php mysql ImageMagick jwhois nmap mtr rrdtool MySQL-python net-snmp-utils vixie-cron php-mcrypt fping git -(CentOS 7) yum install php php-cli php-gd php-mysql php-snmp php-pear php-curl httpd net-snmp graphviz graphviz-php mariadb ImageMagick jwhois nmap mtr rrdtool MySQL-python net-snmp-utils vixie-cron php-mcrypt fping git +yum install php php-cli php-gd php-mysql php-snmp php-pear php-curl httpd net-snmp graphviz graphviz-php mysql ImageMagick jwhois nmap mtr rrdtool MySQL-python net-snmp-utils vixie-cron php-mcrypt fping git pear install Net_IPv4-1.3.4 pear install Net_IPv6-1.2.2b2 +``` + +**CentOS 7** +```bash + yum install php php-cli php-gd php-mysql php-snmp php-pear php-curl httpd net-snmp graphviz graphviz-php mariadb ImageMagick jwhois nmap mtr rrdtool MySQL-python net-snmp-utils vixie-cron php-mcrypt fping git + pear install Net_IPv4-1.3.4 + pear install Net_IPv6-1.2.2b2 +``` ### Adding the librenms-user for Apache ### ```bash @@ -91,7 +120,11 @@ Note if not using HTTPd (Apache): RHEL requires `httpd` to be installed regardle Set `httpd` to start on system boot. - chkconfig --levels 235 httpd on (systemctl enable httpd on CentOS 7) +**CentOS 6** + chkconfig --levels 235 httpd on + +**CentOS 7** + systemctl enable httpd Next, add the following to `/etc/httpd/conf.d/librenms.conf` @@ -117,9 +150,19 @@ If the file `/etc/httpd/conf.d/welcome.conf` exists, you might want to remove th Install necessary extra software and let it start on system boot. +**CentOS 6** +```bash yum install nginx php-fpm - chkconfig nginx on (systemctl enable nginx on CentOS 7) - chkconfig php-fpm on (systemctl enable php-fpm on CentOS 7) + chkconfig nginx on + chkconfig php-fpm on +``` + +**CentOS 7** +```bash + yum install nginx php-fpm + systemctl enable nginx + systemctl enable php-fpm +``` Modify permissions and configuration for `php-fpm` to use nginx credentials. @@ -160,15 +203,19 @@ server { You can clone the repository via HTTPS or SSH. In either case, you need to ensure the appropriate port (443 for HTTPS, 22 for SSH) is open in the outbound direction for your server. +```bash cd /opt git clone https://github.com/librenms/librenms.git librenms cd /opt/librenms +``` At this stage you can either launch the web installer by going to http://IP/install.php, follow the on-screen instructions then skip to the 'Web Interface' section further down. Alternatively if you want to continue the setup manually then just keep following these instructions. +```bash cp config.php.default config.php - vim config.php + vim config. +``` NOTE: The recommended method of cloning a git repository is HTTPS. If you would like to clone via SSH instead, use the command `git clone git@github.com:librenms/librenms.git librenms` instead. @@ -233,11 +280,21 @@ First, create and chown the `rrd` directory and create the `logs` directory Start the web-server: +**CentOS 6** + # For HTTPd (Apache): - service httpd restart (systemctl restart httpd on CentOS 7) + service httpd restart # For Nginx: - service nginx restart (systemctl restart nginx on CentOS 7) + service nginx restart + +**CentOS 7** + + # For HTTPd (Apache): + systemctl restart httpd + + # For Nginx: + systemctl restart nginx ### Add localhost ### @@ -283,4 +340,4 @@ If you don't see data after this, please refer to the [FAQ](http://docs.librenms That's it! You now should be able to log in to http://librenms.example.com/. Please note that we have not covered HTTPS setup in this example, so your LibreNMS install is not secure by default. Please do not expose it to the public Internet unless you have configured HTTPS and taken appropriate web server hardening steps. -It would be great if you would consider opting into the stats system we have, please see [this page](http://docs.librenms.org/General/Callback-Stats-and-Privacy/) on what it is and how to enable it. +It would be great if you would consider opting into the stats system we have, please see [this page](http://docs.librenms.org/General/Callback-Stats-and-Privacy/) on what it is and how to enable it. \ No newline at end of file From f879fdc23fde5b40cdf4a35b9558e1e11adc4a57 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C5=82awomir=20Paszkiewicz?= Date: Tue, 6 Oct 2015 10:44:41 +0200 Subject: [PATCH 7/8] - fixes after last changes --- doc/Installation/Installation-(RHEL-CentOS).md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/doc/Installation/Installation-(RHEL-CentOS).md b/doc/Installation/Installation-(RHEL-CentOS).md index d4dde6f9a1..76b9550fb0 100644 --- a/doc/Installation/Installation-(RHEL-CentOS).md +++ b/doc/Installation/Installation-(RHEL-CentOS).md @@ -21,8 +21,8 @@ service mysqld start **MariaDB** ```bash yum install net-snmp mariadb-server mariadb-client -chkconfig mariadb on (systemctl enable mariadb on CentOS 7) -service mariadb start (systemctl start mariadb on CentOS 7) +chkconfig mariadb on +service mariadb start ``` **CentOS 7** @@ -92,7 +92,7 @@ Note if not using HTTPd (Apache): RHEL requires `httpd` to be installed regardle **CentOS 6** ```bash yum install epel-release -yum install php php-cli php-gd php-mysql php-snmp php-pear php-curl httpd net-snmp graphviz graphviz-php mysql ImageMagick jwhois nmap mtr rrdtool MySQL-python net-snmp-utils vixie-cron php-mcrypt fping git + yum install php php-cli php-gd php-mysql php-snmp php-pear php-curl httpd net-snmp graphviz graphviz-php mysql ImageMagick jwhois nmap mtr rrdtool MySQL-python net-snmp-utils vixie-cron php-mcrypt fping git pear install Net_IPv4-1.3.4 pear install Net_IPv6-1.2.2b2 ``` @@ -340,4 +340,4 @@ If you don't see data after this, please refer to the [FAQ](http://docs.librenms That's it! You now should be able to log in to http://librenms.example.com/. Please note that we have not covered HTTPS setup in this example, so your LibreNMS install is not secure by default. Please do not expose it to the public Internet unless you have configured HTTPS and taken appropriate web server hardening steps. -It would be great if you would consider opting into the stats system we have, please see [this page](http://docs.librenms.org/General/Callback-Stats-and-Privacy/) on what it is and how to enable it. \ No newline at end of file +It would be great if you would consider opting into the stats system we have, please see [this page](http://docs.librenms.org/General/Callback-Stats-and-Privacy/) on what it is and how to enable it. From 58e8e19efe1a81fefeb93694899b2e961a5eb8e8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C5=82awomir=20Paszkiewicz?= Date: Tue, 6 Oct 2015 10:58:51 +0200 Subject: [PATCH 8/8] - another part of fixes --- doc/Installation/Installation-(RHEL-CentOS).md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/doc/Installation/Installation-(RHEL-CentOS).md b/doc/Installation/Installation-(RHEL-CentOS).md index 76b9550fb0..994dcc85c0 100644 --- a/doc/Installation/Installation-(RHEL-CentOS).md +++ b/doc/Installation/Installation-(RHEL-CentOS).md @@ -168,7 +168,7 @@ Modify permissions and configuration for `php-fpm` to use nginx credentials. mkdir /var/lib/php/session chown root:nginx /var/lib/php -R - vi /etc/php-fpm.d/www.conf # At line #12: Change `listen` to `/var/run/php5-fpm.sock` + vim /etc/php-fpm.d/www.conf # At line #12: Change `listen` to `/var/run/php5-fpm.sock` # At line #39-41: Change the `user` and `group` to `nginx` Add configuration for `nginx` at `/etc/nginx/conf.d/librenms.conf` with the following content: @@ -214,7 +214,7 @@ to continue the setup manually then just keep following these instructions. ```bash cp config.php.default config.php - vim config. + vim config.php ``` NOTE: The recommended method of cloning a git repository is HTTPS. If you would like to clone via SSH instead, use the command `git clone git@github.com:librenms/librenms.git librenms` instead. @@ -264,9 +264,9 @@ First, create and chown the `rrd` directory and create the `logs` directory > If you're planing on running rrdcached, make sure that the path is also chmod'ed to 775 and chown'ed to librenms:librenms. **SELinux** -> if you're using SELinux you need to allow nginx to write into logs directory. +> if you're using SELinux you need to allow web server user to write into logs directory. > semanage tool is a part of policycoreutils-python, so if don't have it, you can install it -> Please note that running LibreNMS with SELinux is still experimental and we cannot guarantee that everything will be working fine for now. +> **Please note that running LibreNMS with SELinux is still experimental and we cannot guarantee that everything will be working fine for now.** ```bash yum install policycoreutils-python