From bbf394362efafccda1ae154bed6bf1cbe8a34670 Mon Sep 17 00:00:00 2001 From: Jellyfrog Date: Fri, 9 Oct 2020 14:52:02 +0200 Subject: [PATCH] Add table of content to installation guide (#12202) --- doc/Installation/Install-LibreNMS.md | 142 ++++++++++++++------------- 1 file changed, 73 insertions(+), 69 deletions(-) diff --git a/doc/Installation/Install-LibreNMS.md b/doc/Installation/Install-LibreNMS.md index 8f4b3be531..afd367fba8 100644 --- a/doc/Installation/Install-LibreNMS.md +++ b/doc/Installation/Install-LibreNMS.md @@ -16,7 +16,7 @@ Connect to the server command line and follow the instructions below. **Please note the minimum supported PHP version is 7.3** -# Install Required Packages +## Install Required Packages === "Ubuntu 20.04" === "NGINX" @@ -26,7 +26,7 @@ Connect to the server command line and follow the instructions below. apt update apt install acl curl composer fping git graphviz imagemagick mariadb-client mariadb-server mtr-tiny nginx-full nmap php7.4-cli php7.4-curl php7.4-fpm php7.4-gd php7.4-json php7.4-mbstring php7.4-mysql php7.4-snmp php7.4-xml php7.4-zip rrdtool snmp snmpd whois unzip python3-pymysql python3-dotenv python3-redis python3-setuptools ``` - + === "Apache" ``` apt install software-properties-common @@ -43,7 +43,7 @@ Connect to the server command line and follow the instructions below. dnf module enable php:7.3 dnf install bash-completion cronie fping git ImageMagick mariadb-server mtr net-snmp net-snmp-utils nginx nmap php-fpm php-cli php-common php-curl php-gd php-json php-mbstring php-process php-snmp php-xml php-zip php-mysqlnd python3 python3-PyMySQL python3-redis python3-memcached python3-pip rrdtool unzip ``` - + === "Apache" ``` dnf -y install epel-release @@ -51,27 +51,27 @@ Connect to the server command line and follow the instructions below. dnf module enable php:7.3 dnf install bash-completion cronie fping git httpd ImageMagick mariadb-server mtr net-snmp net-snmp-utils nmap php-fpm php-cli php-common php-curl php-gd php-json php-mbstring php-process php-snmp php-xml php-zip php-mysqlnd python3 python3-PyMySQL python3-redis python3-memcached python3-pip rrdtool unzip ``` - + === "Debian 10" === "NGINX" ``` apt install acl curl composer fping git graphviz imagemagick mariadb-client mariadb-server mtr-tiny nginx-full nmap php7.3-cli php7.3-curl php7.3-fpm php7.3-gd php7.3-json php7.3-mbstring php7.3-mysql php7.3-snmp php7.3-xml php7.3-zip python3-dotenv python3-pymysql python3-redis python3-setuptools rrdtool snmp snmpd whois ``` - -# Add librenms user + +## Add librenms user ``` useradd librenms -d /opt/librenms -M -r -s /usr/bin/bash ``` -# Download LibreNMS +## Download LibreNMS ``` cd /opt git clone https://github.com/librenms/librenms.git ``` -# Set permissions +## Set permissions ``` chown -R librenms:librenms /opt/librenms @@ -80,7 +80,7 @@ setfacl -d -m g::rwx /opt/librenms/rrd /opt/librenms/logs /opt/librenms/bootstra setfacl -R -m g::rwx /opt/librenms/rrd /opt/librenms/logs /opt/librenms/bootstrap/cache/ /opt/librenms/storage/ ``` -# Install PHP dependencies +## Install PHP dependencies ``` su - librenms @@ -94,7 +94,7 @@ mv composer-stable.phar /usr/bin/composer chmod +x /usr/bin/composer ``` -# Set timezone +## Set timezone See for a list of supported timezones. Valid examples are: "America/New_York", "Australia/Brisbane", "Etc/UTC". @@ -105,7 +105,7 @@ Ensure date.timezone is set in php.ini to your preferred time zone. vi /etc/php/7.4/fpm/php.ini vi /etc/php/7.4/cli/php.ini ``` - + === "CentOS 8" ``` vi /etc/php.ini @@ -124,7 +124,7 @@ timedatectl set-timezone Etc/UTC ``` -# Configure MariaDB +## Configure MariaDB === "Ubuntu 20.04" ``` @@ -140,10 +140,10 @@ timedatectl set-timezone Etc/UTC ``` vi /etc/mysql/mariadb.conf.d/50-server.cnf ``` - + Within the `[mysqld]` section add: -```bash +``` innodb_file_per_table=1 lower_case_table_names=0 ``` @@ -167,7 +167,7 @@ FLUSH PRIVILEGES; exit ``` -# Configure PHP-FPM +## Configure PHP-FPM === "Ubuntu 20.04" ```bash @@ -187,38 +187,42 @@ exit vi /etc/php/7.3/fpm/pool.d/librenms.conf ``` +Change `[www]` to `[librenms]`: ``` -;Change "www" to "librenms" [librenms] +``` -;Change user and group to "librenms" +Change `user` and `group` to "librenms": +``` user = librenms group = librenms +``` -;Change listen to a unique name +Change `listen` to a unique name: +``` listen = /run/php-fpm-librenms.sock ``` If there are no other PHP web applications on this server, you may remove www.conf to save some resources. Feel free to tune the performance settings in librenms.conf to meet your needs. -# Configure Web Server - +## Configure Web Server + === "Ubuntu 20.04" - === "NGINX" + === "NGINX" ```bash vi /etc/nginx/conf.d/librenms.conf ``` - + Add the following config, edit `server_name` as required: - + ```nginx server { listen 80; server_name librenms.example.com; root /opt/librenms/html; index index.php; - + charset utf-8; gzip on; gzip_types text/css application/javascript text/javascript application/x-javascript image/svg+xml text/plain text/xsd text/xsl text/xml image/x-icon; @@ -246,14 +250,14 @@ Feel free to tune the performance settings in librenms.conf to meet your needs. ```bash vi /etc/apache2/sites-available/librenms.conf ``` - + Add the following config, edit `ServerName` as required: - + ```apache DocumentRoot /opt/librenms/html/ ServerName librenms.example.com - + AllowEncodedSlashes NoDecode Require all granted @@ -265,7 +269,7 @@ Feel free to tune the performance settings in librenms.conf to meet your needs. SetEnvIfNoCase ^Authorization$ "(.+)" HTTP_AUTHORIZATION=$1 - + SetHandler "proxy:unix:/run/php-fpm-librenms.sock|fcgi://localhost" @@ -285,16 +289,16 @@ Feel free to tune the performance settings in librenms.conf to meet your needs. ``` vi /etc/nginx/conf.d/librenms.conf ``` - + Add the following config, edit `server_name` as required: - + ```nginx server { listen 80; server_name librenms.example.com; root /opt/librenms/html; index index.php; - + charset utf-8; gzip on; gzip_types text/css application/javascript text/javascript application/x-javascript image/svg+xml text/plain text/xsd text/xsl text/xml image/x-icon; @@ -311,12 +315,12 @@ Feel free to tune the performance settings in librenms.conf to meet your needs. } } ``` - + > NOTE: If this is the only site you are hosting on this server (it > should be :)) then you will need to disable the default site. - + Delete the `server` section from `/etc/nginx/nginx.conf` - + ``` systemctl enable --now nginx systemctl enable --now php-fpm @@ -324,18 +328,18 @@ Feel free to tune the performance settings in librenms.conf to meet your needs. === "Apache" Create the librenms.conf: - + ``` vi /etc/httpd/conf.d/librenms.conf ``` - + Add the following config, edit `ServerName` as required: - + ```apache DocumentRoot /opt/librenms/html/ ServerName librenms.example.com - + AllowEncodedSlashes NoDecode Require all granted @@ -347,16 +351,16 @@ Feel free to tune the performance settings in librenms.conf to meet your needs. SetEnvIfNoCase ^Authorization$ "(.+)" HTTP_AUTHORIZATION=$1 - + SetHandler "proxy:unix:/run/php-fpm-librenms.sock|fcgi://localhost" ``` - + > NOTE: If this is the only site you are hosting on this server (it > should be :)) then you will need to disable the default site. `rm -f /etc/httpd/conf.d/welcome.conf` - + ``` systemctl enable --now httpd systemctl enable --now php-fpm @@ -367,16 +371,16 @@ Feel free to tune the performance settings in librenms.conf to meet your needs. ```bash vi /etc/nginx/sites-enabled/librenms.vhost ``` - + Add the following config, edit `server_name` as required: - + ```nginx server { listen 80; server_name librenms.example.com; root /opt/librenms/html; index index.php; - + charset utf-8; gzip on; gzip_types text/css application/javascript text/javascript application/x-javascript image/svg+xml text/plain text/xsd text/xsl text/xml image/x-icon; @@ -393,14 +397,14 @@ Feel free to tune the performance settings in librenms.conf to meet your needs. } } ``` - + ```bash rm /etc/nginx/sites-enabled/default systemctl reload nginx systemctl restart php7.3-fpm ``` -# SELinux +## SELinux === "Ubuntu 20.04" SELinux not enabled by default @@ -412,8 +416,8 @@ Feel free to tune the performance settings in librenms.conf to meet your needs. dnf install policycoreutils-python-utils ``` - ## Configure the contexts needed by LibreNMS: - + ### Configure the contexts needed by LibreNMS + ``` semanage fcontext -a -t httpd_sys_content_t '/opt/librenms/html(/.*)?' semanage fcontext -a -t httpd_sys_rw_content_t '/opt/librenms/(logs|rrd|storage)(/.*)?' @@ -422,38 +426,38 @@ Feel free to tune the performance settings in librenms.conf to meet your needs. setsebool -P httpd_execmem 1 chcon -t httpd_sys_rw_content_t /opt/librenms/.env ``` - - # Allow fping - + + ### Allow fping + Create the file http_fping.tt with the following contents. You can create this file anywhere, as it is a throw-away file. The last step in this install procedure will install the module in the proper location. - + ``` module http_fping 1.0; - + require { type httpd_t; class capability net_raw; class rawip_socket { getopt create setopt write read }; } - + #============= httpd_t ============== allow httpd_t self:capability net_raw; allow httpd_t self:rawip_socket { getopt create setopt write read }; ``` - + Then run these commands - + ``` checkmodule -M -m -o http_fping.mod http_fping.tt semodule_package -o http_fping.pp -m http_fping.mod semodule -i http_fping.pp ``` - + Additional SELinux problems may be found by executing the following command - + ``` audit2why < /var/log/audit/audit.log ``` @@ -461,7 +465,7 @@ Feel free to tune the performance settings in librenms.conf to meet your needs. === "Debian 10" SELinux not enabled by default -# Allow access through firewall +## Allow access through firewall === "Ubuntu 20.04" Firewall not enabled by default @@ -477,7 +481,7 @@ Feel free to tune the performance settings in librenms.conf to meet your needs. Firewall not enabled by default -# Enable lnms command completion +## Enable lnms command completion This feature grants you the opportunity to use tab for completion on lnms commands as you would for normal linux commands. @@ -487,7 +491,7 @@ ln -s /opt/librenms/lnms /usr/local/bin/lnms cp /opt/librenms/misc/lnms-completion.bash /etc/bash_completion.d/ ``` -# Configure snmpd +## Configure snmpd ``` cp /opt/librenms/snmpd.conf.example /etc/snmp/snmpd.conf @@ -506,7 +510,7 @@ systemctl enable snmpd systemctl restart snmpd ``` -# Cron job +## Cron job ``` cp /opt/librenms/librenms.nonroot.cron /etc/cron.d/librenms @@ -520,7 +524,7 @@ cp /opt/librenms/librenms.nonroot.cron /etc/cron.d/librenms > finished librenms install steps: > -# Copy logrotate config +## Copy logrotate config LibreNMS keeps logs in `/opt/librenms/logs`. Over time these can become large and be rotated out. To rotate out the old logs you can @@ -530,7 +534,7 @@ use the provided logrotate config file: cp /opt/librenms/misc/librenms.logrotate /etc/logrotate.d/librenms ``` -# Web installer +## Web installer Now head to the web installer and follow the on-screen instructions. @@ -546,7 +550,7 @@ to the file. Run: chown librenms:librenms /opt/librenms/config.php ``` -# Final steps +## Final steps That's it! You now should be able to log in to . Please note that we have not covered @@ -555,11 +559,11 @@ That's it! You now should be able to log in to you have configured HTTPS and taken appropriate web server hardening steps. -# Add the first device +## Add the first device We now suggest that you add localhost as your first device from within the WebUI. -# Troubleshooting +## Troubleshooting If you ever have issues with your install, run validate.php: @@ -571,7 +575,7 @@ sudo su - librenms There are various options for getting help listed on the LibreNMS web site: -# What next? +## What next? Now that you've installed LibreNMS, we'd suggest that you have a read of a few other docs to get you going: @@ -581,7 +585,7 @@ of a few other docs to get you going: - [Device Groups](http://docs.librenms.org/Extensions/Device-Groups/) - [Auto discovery](http://docs.librenms.org/Extensions/Auto-Discovery/) -# Closing +## Closing We hope you enjoy using LibreNMS. If you do, it would be great if you would consider opting into the stats system we have, please see [this