Install LibreNMS on Rocky Linux

Follow through this tutorial to learn how to install LibreNMS on Rocky Linux. LibreNMS is a fully featured MySQL/PHP and SNMP based network monitoring system.

Install LibreNMS on Rocky Linux

Create LibreNMS system User Account

To begin with, create non privileged system user account for LibreNMS by executing the command below;

sudo useradd -d /opt/librenms -M -r -s /bin/bash librenms

Install EPEL repository

sudo dnf install epel-release

Install Required Packages

LibreNMS is requires L[E/A]MP stack. Hence, run the command below to install the Webserver, Nginx, PHP, MariaDB and other required packages. Nginx is the recommended web server to use.

The minimum supported PHP version is 7.3. We will use PHP 7.4 in this tutorial.

To be able to install PHP 7.4 on Rocky Linux, enable repo modules for PHP 7.4 as follows;

sudo dnf module reset php

sudo dnf module enable php:7.4

sudo dnf install bash-completion cronie fping git httpd ImageMagick \
mariadb-server mtr net-snmp net-snmp-utils nmap php-fpm php-cli \
php-common php-curl php-gd php-json php-mbstring php-process \
php-snmp php-xml php-zip php-mysqlnd python3 python3-PyMySQL \
python3-devel python3-redis python3-memcached python3-pip \
python3-systemd rrdtool unzip policycoreutils-python-utils

Create Database and Database User for LibreNMS

Start and enable MariaDB server to run on system boot;

systemctl enable --now mariadb

Check status;

systemctl status mariadb

● mariadb.service - MariaDB 10.3 database server
   Loaded: loaded (/usr/lib/systemd/system/mariadb.service; enabled; vendor preset: disabled)
   Active: active (running) since Tue 2022-05-31 13:23:16 EDT; 9s ago
     Docs: man:mysqld(8)
           https://mariadb.com/kb/en/library/systemd/
  Process: 38942 ExecStartPost=/usr/libexec/mysql-check-upgrade (code=exited, status=0/SUCCESS)
  Process: 38872 ExecStartPre=/usr/libexec/mysql-prepare-db-dir mariadb.service (code=exited, status=0/SUCCESS)
  Process: 38848 ExecStartPre=/usr/libexec/mysql-check-socket (code=exited, status=0/SUCCESS)
 Main PID: 38911 (mysqld)
   Status: "Taking your SQL requests now..."
    Tasks: 30 (limit: 11256)
   Memory: 64.3M
   CGroup: /system.slice/mariadb.service
           └─38911 /usr/libexec/mysqld --basedir=/usr

May 31 13:23:15 librenms.kifarunix-demo.com systemd[1]: mariadb.service: Succeeded.
May 31 13:23:15 librenms.kifarunix-demo.com systemd[1]: Stopped MariaDB 10.3 database server.
May 31 13:23:15 librenms.kifarunix-demo.com systemd[1]: Starting MariaDB 10.3 database server...
May 31 13:23:15 librenms.kifarunix-demo.com mysql-prepare-db-dir[38872]: Database MariaDB is probably initialized in /var/lib/mysql already, nothing is done.
May 31 13:23:15 librenms.kifarunix-demo.com mysql-prepare-db-dir[38872]: If this is not the case, make sure the /var/lib/mysql is empty before running mysql-prepare-db-dir.
May 31 13:23:15 librenms.kifarunix-demo.com mysqld[38911]: 2022-05-31 13:23:15 0 [Note] /usr/libexec/mysqld (mysqld 10.3.32-MariaDB) starting as process 38911 ...
May 31 13:23:16 librenms.kifarunix-demo.com systemd[1]: Started MariaDB 10.3 database server.

Run the initial security script to remove the test tables, disable remote root login, remove test tables/databases/anonymous users.

mysql_secure_installation

Next, login to MariaDB database and create a database and database user for LibreNMS. The names used here are not standard. Feel free to use any suitable name.

mysql -u root -p -e "create database librenmsdb character set utf8mb4 collate utf8mb4_unicode_ci"

mysql -u root -p -e "create user librenmsuser@localhost identified by 'StronGP@ssw0RD'"

mysql -u root -p -e "grant all on librenmsdb.* to librenmsuser@localhost"

mysql -u root -p -e "flush privileges"

Configure InnoDB to use one tablespace file per InnoDB table and enable the preservation of the lettercase of database and table names;

sed -i.bak -e '/\[mysqld\]/a innodb_file_per_table=1\nlower_case_table_names=0' /etc/my.cnf.d/mariadb-server.cnf

Restart MariaDB Service;

sudo systemctl restart mariadb

Install LibreNMS

Next, install LibreNMS by cloning its Github repository to home directory, /opt/librenms, defined above for the librenms user;

git clone https://github.com/librenms/librenms.git /opt/librenms

Set ownership, permission and access control lists for the LibreNMS directories and files;

chown -R librenms:librenms /opt/librenms
chmod 771 /opt/librenms

setfacl -d -m g::rwx /opt/librenms/rrd /opt/librenms/logs /opt/librenms/bootstrap/cache/ /opt/librenms/storage/

setfacl -R -m g::rwx /opt/librenms/rrd /opt/librenms/logs /opt/librenms/bootstrap/cache/ /opt/librenms/storage/

Install LibreNMS PHP dependencies

As user librenms, install required PHP dependencies;

sudo -Hiu librenms /opt/librenms/scripts/composer_wrapper.php install --no-dev

Set the Database Connection credentials

sudo -Hiu librenms vim /opt/librenms/.env

DB_HOST=localhost
DB_DATABASE=librenmsdb
DB_USERNAME=librenmsuser
DB_PASSWORD=StronGP@ssw0RD

Update System and PHP timezone;

Ensure that you update your system and PHP timezone accordingly.

timedatectl set-timezone America/Santiago

sed -i.bak 's/;date.timezone =/date.timezone = America\/Santiago/' /etc/php.ini

Configure LibreNMS SNMPD

Copy the default SNMP configuration file;

\cp /opt/librenms/snmpd.conf.example /etc/snmp/snmpd.conf

Edit the SNMPD and update the community string.

vim /etc/snmp/snmpd.conf

Replace the RANDOMSTRINGGOESHERE with your string.

Save and exit the file

Next, download and install system distribution detection script;

curl -o /usr/bin/distro https://raw.githubusercontent.com/librenms/librenms-agent/master/snmp/distro

Make the script executable;

chmod +x /usr/bin/distro

Start and enable SNMPD services;

systemctl enable --now snmpd

Install LibreNMS Cron Job

Copy the default cron job in place;

cp /opt/librenms/librenms.nonroot.cron /etc/cron.d/librenms

Enable Cron jobs log rotation;

cp /opt/librenms/misc/librenms.logrotate /etc/logrotate.d/librenms

Create global LibreNMS shortcuts;

ln -s /opt/librenms/lnms /usr/local/bin/lnms

Enable LibreNMS bash completion;

cp /opt/librenms/misc/lnms-completion.bash /etc/bash_completion.d/

Import LibreNMS database schema into the database.

su - librenms

./lnms migrate

Update LibreNMS SELinux Policies;

exit

semanage fcontext -a -t httpd_sys_content_t '/opt/librenms/html(/.*)?'

semanage fcontext -a -t httpd_sys_rw_content_t '/opt/librenms/(logs|rrd|storage)(/.*)?'

restorecon -RFvv /opt/librenms

setsebool -P httpd_can_sendmail=1

setsebool -P httpd_execmem 1

chcon -t httpd_sys_rw_content_t /opt/librenms/.env

setsebool -P httpd_graceful_shutdown 1

setsebool -P httpd_can_network_connect 1

setsebool -P httpd_can_network_relay 1

setsebool -P nis_enabled 1

Be sure to always check the logs for any denied requests.

tail -f /var/log/audit/audit.log | grep denied

Create LibreNMS Nginx Site configuration file

Next, run the commands below to install LibreNMS Nginx site configuration. Be sure to replace the PHP-FPM socket path accordingly.

cat > /etc/nginx/conf.d/librenms.conf << 'EOL'
server {
 listen      80;
 server_name librenms.kifarunix-demo.com;
 root        /opt/librenms/html;
 index       index.php;

 charset utf-8;
 gzip on;
 gzip_types text/css application/javascript text/javascript application/x-javascript image/svg+xml text/plain text/xsd text/xsl text/xml image/x-icon;
 location / {
  try_files $uri $uri/ /index.php?$query_string;
 }
 location ~ [^/]\.php(/|$) {
  fastcgi_pass unix:/run/php-fpm/www.sock;
  fastcgi_split_path_info ^(.+\.php)(/.+)$;
  include fastcgi.conf;
  fastcgi_read_timeout 240;
 }
 location ~ /\.(?!well-known).* {
  deny all;
 }
}
EOL

Change Nginx web user from nginx to librenms user;

sed -i.bak 's/nginx;/librenms;/' /etc/nginx/nginx.conf

Change the PHP FPM user from www-data to librenms user created above.

sed -i.bak 's/= apache/= librenms/g' /etc/php-fpm.d/www.conf

Restart Nginx and PHP-FPM services

Verify Nginx for any syntax;

nginx -t

Sample output if no errors;

nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

Restart the services;

systemctl restart nginx php-fpm

Enable to run on boot;

systemctl enable nginx php-fpm

Check the status;

systemctl status nginx php-fpm

● nginx.service - The nginx HTTP and reverse proxy server
   Loaded: loaded (/usr/lib/systemd/system/nginx.service; disabled; vendor preset: disabled)
  Drop-In: /usr/lib/systemd/system/nginx.service.d
           └─php-fpm.conf
   Active: active (running) since Tue 2022-05-31 14:20:29 -04; 6s ago
  Process: 49866 ExecStart=/usr/sbin/nginx (code=exited, status=0/SUCCESS)
  Process: 49860 ExecStartPre=/usr/sbin/nginx -t (code=exited, status=0/SUCCESS)
  Process: 49857 ExecStartPre=/usr/bin/rm -f /run/nginx.pid (code=exited, status=0/SUCCESS)
 Main PID: 49867 (nginx)
    Tasks: 3 (limit: 11256)
   Memory: 5.1M
   CGroup: /system.slice/nginx.service
           ├─49867 nginx: master process /usr/sbin/nginx
           ├─49868 nginx: worker process
           └─49869 nginx: worker process

May 31 14:20:29 librenms.kifarunix-demo.com systemd[1]: Starting The nginx HTTP and reverse proxy server...
May 31 14:20:29 librenms.kifarunix-demo.com nginx[49860]: nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
May 31 14:20:29 librenms.kifarunix-demo.com nginx[49860]: nginx: configuration file /etc/nginx/nginx.conf test is successful
May 31 14:20:29 librenms.kifarunix-demo.com systemd[1]: Started The nginx HTTP and reverse proxy server.

● php-fpm.service - The PHP FastCGI Process Manager
   Loaded: loaded (/usr/lib/systemd/system/php-fpm.service; disabled; vendor preset: disabled)
   Active: active (running) since Tue 2022-05-31 14:20:29 -04; 5s ago
 Main PID: 49863 (php-fpm)
   Status: "Ready to handle connections"
    Tasks: 6 (limit: 11256)
   Memory: 17.2M
   CGroup: /system.slice/php-fpm.service
           ├─49863 php-fpm: master process (/etc/php-fpm.conf)
           ├─49870 php-fpm: pool www
           ├─49871 php-fpm: pool www
           ├─49872 php-fpm: pool www
           ├─49873 php-fpm: pool www
           └─49874 php-fpm: pool www

May 31 14:20:29 librenms.kifarunix-demo.com systemd[1]: php-fpm.service: Succeeded.
May 31 14:20:29 librenms.kifarunix-demo.com systemd[1]: Stopped The PHP FastCGI Process Manager.
May 31 14:20:29 librenms.kifarunix-demo.com systemd[1]: Starting The PHP FastCGI Process Manager...
May 31 14:20:29 librenms.kifarunix-demo.com systemd[1]: Started The PHP FastCGI Process Manager.

Finalize LibreNMS installation on Web Browser

Open Nginx web server on firewall if any is running.

firewall-cmd --add-port={80,443}/tcp --permanent
firewall-cmd --reload

Next, access LibreNMS using the url http://server-name.

LibreNMS Pre-install Checks;

LibreNMS Database Connection Settings. We already supplied the credentials before, hence everything should be ok.

Create LibreNMS Administrative User

Click Finish install to finalize the LibreNMS setup.

Validate LibreNMS installation by clicking the validate your install link.

You should be redirected to the login page.

Validation will then proceed and results are displayed on the dashboard.

If you experience SELnux issues with fping, you can sort as follows;

cat > fping.pp << 'EOL'
module fping 1.0;

require {
type httpd_t;
class capability net_raw;
class rawip_socket { getopt create setopt write read };
}

#============= httpd_t ==============
allow httpd_t self:capability net_raw;
allow httpd_t self:rawip_socket { getopt create setopt write read };
EOL

Next, install the fping SELinux policy modules;

checkmodule -M -m -o fping.mod fping.tt

semodule_package -o fping.pp -m fping.mod

semodule -i fping.pp

You may see that there is a warning about hosts having not been added to LibreNMS yet.

Add Hosts to LibreNMS Server for Monitoring

That marks the end of our tutorial on how to install LibreNMS.

In the meantime, read more in the documentation page.

Other Tutorials

Install LibreNMS on Ubuntu 22.04/Ubuntu 20.04

Easily Install and Setup Cacti on Ubuntu 20.04