Install LibreNMS on Rocky Linux

0
170

Follow through this tutorial to learn how to install LibreNMS on Rocky Linux. LibreNMS is a fully featured MySQL/PHP and SNMP based network monitoring system.

Install LibreNMS on Rocky Linux

To install LibreNMS on Rocky Linux proceed as follows;

  • Create LibreNMS system User Account

To begin with, create non privileged system user account for LibreNMS by executing the command below;

sudo useradd -d /opt/librenms -M -r -s /bin/bash librenms
  • Install EPEL repository
sudo dnf install epel-release
  • Install Required Packages

LibreNMS is requires L[E/A]MP stack. Hence, run the command below to install the Webserver, Nginx, PHP, MariaDB and other required packages. Nginx is the recommended web server to use.

The minimum supported PHP version is 7.3. We will use PHP 7.4 in this tutorial.

To be able to install PHP 7.4 on Rocky Linux, enable repo modules for PHP 7.4 as follows;

sudo dnf module reset php
sudo dnf module enable php:7.4
sudo dnf install bash-completion cronie fping git httpd ImageMagick \
mariadb-server mtr net-snmp net-snmp-utils nmap php-fpm php-cli \
php-common php-curl php-gd php-json php-mbstring php-process \
php-snmp php-xml php-zip php-mysqlnd python3 python3-PyMySQL \
python3-devel python3-redis python3-memcached python3-pip \
python3-systemd rrdtool unzip policycoreutils-python-utils
  • Create Database and Database User for LibreNMS

Start and enable MariaDB server to run on system boot;

systemctl enable --now mariadb

Check status;

systemctl status mariadb
● mariadb.service - MariaDB 10.3 database server
   Loaded: loaded (/usr/lib/systemd/system/mariadb.service; enabled; vendor preset: disabled)
   Active: active (running) since Tue 2022-05-31 13:23:16 EDT; 9s ago
     Docs: man:mysqld(8)
           https://mariadb.com/kb/en/library/systemd/
  Process: 38942 ExecStartPost=/usr/libexec/mysql-check-upgrade (code=exited, status=0/SUCCESS)
  Process: 38872 ExecStartPre=/usr/libexec/mysql-prepare-db-dir mariadb.service (code=exited, status=0/SUCCESS)
  Process: 38848 ExecStartPre=/usr/libexec/mysql-check-socket (code=exited, status=0/SUCCESS)
 Main PID: 38911 (mysqld)
   Status: "Taking your SQL requests now..."
    Tasks: 30 (limit: 11256)
   Memory: 64.3M
   CGroup: /system.slice/mariadb.service
           └─38911 /usr/libexec/mysqld --basedir=/usr

May 31 13:23:15 librenms.kifarunix-demo.com systemd[1]: mariadb.service: Succeeded.
May 31 13:23:15 librenms.kifarunix-demo.com systemd[1]: Stopped MariaDB 10.3 database server.
May 31 13:23:15 librenms.kifarunix-demo.com systemd[1]: Starting MariaDB 10.3 database server...
May 31 13:23:15 librenms.kifarunix-demo.com mysql-prepare-db-dir[38872]: Database MariaDB is probably initialized in /var/lib/mysql already, nothing is done.
May 31 13:23:15 librenms.kifarunix-demo.com mysql-prepare-db-dir[38872]: If this is not the case, make sure the /var/lib/mysql is empty before running mysql-prepare-db-dir.
May 31 13:23:15 librenms.kifarunix-demo.com mysqld[38911]: 2022-05-31 13:23:15 0 [Note] /usr/libexec/mysqld (mysqld 10.3.32-MariaDB) starting as process 38911 ...
May 31 13:23:16 librenms.kifarunix-demo.com systemd[1]: Started MariaDB 10.3 database server.

Run the initial security script to remove the test tables, disable remote root login, remove test tables/databases/anonymous users.

mysql_secure_installation

Next, login to MariaDB database and create a database and database user for LibreNMS. The names used here are not standard. Feel free to use any suitable name.

mysql -u root -p -e "create database librenmsdb character set utf8mb4 collate utf8mb4_unicode_ci"
mysql -u root -p -e "create user [email protected] identified by '[email protected]'"
mysql -u root -p -e "grant all on librenmsdb.* to [email protected]"
mysql -u root -p -e "flush privileges"

Configure InnoDB to use one tablespace file per InnoDB table and enable the preservation of the lettercase of database and table names;

sed -i.bak -e '/\[mysqld\]/a innodb_file_per_table=1\nlower_case_table_names=0' /etc/my.cnf.d/mariadb-server.cnf

Restart MariaDB Service;

sudo systemctl restart mariadb
  • Install LibreNMS on Rocky Linux

Next, install LibreNMS by cloning its Github repository to home directory, /opt/librenms, defined above for the librenms user;

git clone https://github.com/librenms/librenms.git /opt/librenms
  • Set ownership, permission and access control lists for the LibreNMS directories and files;
chown -R librenms:librenms /opt/librenms
chmod 771 /opt/librenms
setfacl -d -m g::rwx /opt/librenms/rrd /opt/librenms/logs /opt/librenms/bootstrap/cache/ /opt/librenms/storage/
setfacl -R -m g::rwx /opt/librenms/rrd /opt/librenms/logs /opt/librenms/bootstrap/cache/ /opt/librenms/storage/
  • Install LibreNMS PHP dependencies

As user librenms, install required PHP dependencies;

sudo -Hiu librenms /opt/librenms/scripts/composer_wrapper.php install --no-dev
  • Set the Database Connection credentials
sudo -Hiu librenms vim /opt/librenms/.env
DB_HOST=localhost
DB_DATABASE=librenmsdb
DB_USERNAME=librenmsuser
[email protected]
  • Update System and PHP timezone;

Ensure that you update your system and PHP timezone accordingly.

timedatectl set-timezone America/Santiago
sed -i.bak 's/;date.timezone =/date.timezone = America\/Santiago/' /etc/php.ini
  • Configure LibreNMS SNMPD

Copy the default SNMP configuration file;

\cp /opt/librenms/snmpd.conf.example /etc/snmp/snmpd.conf

Edit the SNMPD and update the community string.

vim /etc/snmp/snmpd.conf

Replace the RANDOMSTRINGGOESHERE with your string.

Save and exit the file

Next, download and install system distribution detection script;

curl -o /usr/bin/distro https://raw.githubusercontent.com/librenms/librenms-agent/master/snmp/distro

Make the script executable;

chmod +x /usr/bin/distro

Start and enable SNMPD services;

systemctl enable --now snmpd
  • Install LibreNMS Cron Job

Copy the default cron job in place;

cp /opt/librenms/librenms.nonroot.cron /etc/cron.d/librenms

Enable Cron jobs log rotation;

cp /opt/librenms/misc/librenms.logrotate /etc/logrotate.d/librenms

Create global LibreNMS shortcuts;

ln -s /opt/librenms/lnms /usr/local/bin/lnms

Enable LibreNMS bash completion;

cp /opt/librenms/misc/lnms-completion.bash /etc/bash_completion.d/

Import LibreNMS database schema into the database.

su - librenms
./lnms migrate
  • Update LibreNMS SELinux Policies;
exit
semanage fcontext -a -t httpd_sys_content_t '/opt/librenms/html(/.*)?'
semanage fcontext -a -t httpd_sys_rw_content_t '/opt/librenms/(logs|rrd|storage)(/.*)?'
restorecon -RFvv /opt/librenms
setsebool -P httpd_can_sendmail=1
setsebool -P httpd_execmem 1
chcon -t httpd_sys_rw_content_t /opt/librenms/.env
setsebool -P httpd_graceful_shutdown 1
setsebool -P httpd_can_network_connect 1
setsebool -P httpd_can_network_relay 1
setsebool -P nis_enabled 1

Be sure to always check the logs for any denied requests.

tail -f /var/log/audit/audit.log | grep denied
  • Create LibreNMS Nginx Site configuration file

Next, run the commands below to install LibreNMS Nginx site configuration. Be sure to replace the PHP-FPM socket path accordingly.

cat > /etc/nginx/conf.d/librenms.conf << 'EOL'
server {
 listen      80;
 server_name librenms.kifarunix-demo.com;
 root        /opt/librenms/html;
 index       index.php;

 charset utf-8;
 gzip on;
 gzip_types text/css application/javascript text/javascript application/x-javascript image/svg+xml text/plain text/xsd text/xsl text/xml image/x-icon;
 location / {
  try_files $uri $uri/ /index.php?$query_string;
 }
 location ~ [^/]\.php(/|$) {
  fastcgi_pass unix:/run/php-fpm/www.sock;
  fastcgi_split_path_info ^(.+\.php)(/.+)$;
  include fastcgi.conf;
  fastcgi_read_timeout 240;
 }
 location ~ /\.(?!well-known).* {
  deny all;
 }
}
EOL

Change Nginx web user from nginx to librenms user;

sed -i.bak 's/nginx;/librenms;/' /etc/nginx/nginx.conf

Change the PHP FPM user from www-data to librenms user created above.

sed -i.bak 's/= apache/= librenms/g' /etc/php-fpm.d/www.conf
  • Restart Nginx and PHP-FPM services

Verify Nginx for any syntax;

nginx -t

Sample output if no errors;

nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

Restart the services;

systemctl restart nginx php-fpm

Enable to run on boot;

systemctl enable nginx php-fpm

Check the status;

systemctl status nginx php-fpm
● nginx.service - The nginx HTTP and reverse proxy server
   Loaded: loaded (/usr/lib/systemd/system/nginx.service; disabled; vendor preset: disabled)
  Drop-In: /usr/lib/systemd/system/nginx.service.d
           └─php-fpm.conf
   Active: active (running) since Tue 2022-05-31 14:20:29 -04; 6s ago
  Process: 49866 ExecStart=/usr/sbin/nginx (code=exited, status=0/SUCCESS)
  Process: 49860 ExecStartPre=/usr/sbin/nginx -t (code=exited, status=0/SUCCESS)
  Process: 49857 ExecStartPre=/usr/bin/rm -f /run/nginx.pid (code=exited, status=0/SUCCESS)
 Main PID: 49867 (nginx)
    Tasks: 3 (limit: 11256)
   Memory: 5.1M
   CGroup: /system.slice/nginx.service
           ├─49867 nginx: master process /usr/sbin/nginx
           ├─49868 nginx: worker process
           └─49869 nginx: worker process

May 31 14:20:29 librenms.kifarunix-demo.com systemd[1]: Starting The nginx HTTP and reverse proxy server...
May 31 14:20:29 librenms.kifarunix-demo.com nginx[49860]: nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
May 31 14:20:29 librenms.kifarunix-demo.com nginx[49860]: nginx: configuration file /etc/nginx/nginx.conf test is successful
May 31 14:20:29 librenms.kifarunix-demo.com systemd[1]: Started The nginx HTTP and reverse proxy server.

● php-fpm.service - The PHP FastCGI Process Manager
   Loaded: loaded (/usr/lib/systemd/system/php-fpm.service; disabled; vendor preset: disabled)
   Active: active (running) since Tue 2022-05-31 14:20:29 -04; 5s ago
 Main PID: 49863 (php-fpm)
   Status: "Ready to handle connections"
    Tasks: 6 (limit: 11256)
   Memory: 17.2M
   CGroup: /system.slice/php-fpm.service
           ├─49863 php-fpm: master process (/etc/php-fpm.conf)
           ├─49870 php-fpm: pool www
           ├─49871 php-fpm: pool www
           ├─49872 php-fpm: pool www
           ├─49873 php-fpm: pool www
           └─49874 php-fpm: pool www

May 31 14:20:29 librenms.kifarunix-demo.com systemd[1]: php-fpm.service: Succeeded.
May 31 14:20:29 librenms.kifarunix-demo.com systemd[1]: Stopped The PHP FastCGI Process Manager.
May 31 14:20:29 librenms.kifarunix-demo.com systemd[1]: Starting The PHP FastCGI Process Manager...
May 31 14:20:29 librenms.kifarunix-demo.com systemd[1]: Started The PHP FastCGI Process Manager.
  • Finalize LibreNMS installation on Web Browser

Open Nginx web server on firewall if any is running.

firewall-cmd --add-port={80,443}/tcp --permanent
firewall-cmd --reload

Next, access LibreNMS using the url http://server-name.

LibreNMS Pre-install Checks;

librenms checks

LibreNMS Database Connection Settings. We already supplied the credentials before, hence everything should be ok.

Install LibreNMS on Rocky Linux

Create LibreNMS Administrative User

Install LibreNMS on Rocky Linux

Click Finish install to finalize the LibreNMS setup.

Install LibreNMS on Rocky Linux

Validate LibreNMS installation by clicking the validate your install link.

validate librenms install

You should be redirected to the login page.

librenms login page

Validation will then proceed and results are displayed on the dashboard.

librenms validations

If you experience SELnux issues with fping, you can sort as follows;

cat > fping.pp << 'EOL'
module fping 1.0;

require {
type httpd_t;
class capability net_raw;
class rawip_socket { getopt create setopt write read };
}

#============= httpd_t ==============
allow httpd_t self:capability net_raw;
allow httpd_t self:rawip_socket { getopt create setopt write read };
EOL

Next, install the fping SELinux policy modules;

checkmodule -M -m -o fping.mod fping.tt
semodule_package -o fping.pp -m fping.mod
semodule -i fping.pp

You may see that there is a warning about hosts having not been added to LibreNMS yet.

Add Hosts to LibreNMS Server for Monitoring

That marks the end of our tutorial on how to install LibreNMS on Rocky Linux.

In the meantime, read more in the documentation page.

Other Tutorials

Install LibreNMS on Ubuntu 22.04/Ubuntu 20.04

Easily Install and Setup Cacti on Ubuntu 20.04

LEAVE A REPLY

Please enter your comment!
Please enter your name here