===== CentOS7 安裝程序 =====
  - 安裝需要的套件 <cli>
yum install epel-release
rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm
yum install composer cronie fping git ImageMagick jwhois mariadb mariadb-server mtr python36 MySQL-python net-snmp net-snmp-utils nginx nmap php72w php72w-cli php72w-common php72w-curl php72w-fpm php72w-gd php72w-mbstring php72w-mysqlnd php72w-process php72w-snmp php72w-xml php72w-zip python-memcached rrdtool
</cli>
  - 建立 librenms 用戶<cli>
useradd librenms -d /opt/librenms -M -r
usermod -a -G librenms nginx
sync;sync;sync;reboot
</cli>
  - 下載 LibreNMS <cli>
cd /opt
composer create-project --no-dev --keep-vcs librenms/librenms librenms dev-master
</cli>
  - 出現異常與警告訊息, 重新開機後再執行<cli>
cd /opt/librenms
./scripts/composer_wrapper.php install --no-dev
</cli>
  - 建立 DB Server<cli>
systemctl start mariadb
mysql -u root
</cli>**password** 要依照自己需要設定<code sql>
CREATE DATABASE librenms CHARACTER SET utf8 COLLATE utf8_unicode_ci;
CREATE USER 'librenms'@'localhost' IDENTIFIED BY '**password**';
GRANT ALL PRIVILEGES ON librenms.* TO 'librenms'@'localhost';
FLUSH PRIVILEGES;
exit
</code><cli>
vi /etc/my.cnf
</cli><file>
[mysqld]
datadir=/var/lib/mysql
:
:
# instructions in http://fedoraproject.org/wiki/Systemd
innodb_file_per_table=1
sql-mode=""
lower_case_table_names=0
:
</file><cli>
systemctl enable mariadb
systemctl restart mariadb
</cli>
  - 建立 Web Server <cli>
vi /etc/php-fpm.d/www.conf
</cli><file>
:
;user = apache
user = nginx
; RPM: Keep a group allowed to write in log dir.
group = apache

; The address on which to accept FastCGI requests.
; Valid syntaxes are:
;   'ip.add.re.ss:port'    - to listen on a TCP socket to a specific IPv4 address on
;                            a specific port;
;   '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on
;                            a specific port;
;   'port'                 - to listen on a TCP socket to all addresses
;                            (IPv6 and IPv4-mapped) on a specific port;
;   '/path/to/unix/socket' - to listen on a unix socket.
; Note: This value is mandatory.
;listen = 127.0.0.1:9000
listen = /var/run/php-fpm/php7.2-fpm.sock

; Set listen(2) backlog.
; Default Value: 511 (-1 on FreeBSD and OpenBSD)
;listen.backlog = 511

; Set permissions for unix socket, if one is used. In Linux, read/write
; permissions must be set in order to allow connections from a web server. Many
; BSD-derived systems allow connections regardless of permissions.
; Default Values: user and group are set as the running user
;                 mode is set to 0660
;listen.owner = nobody
;listen.group = nobody
;listen.mode = 0660
listen.owner = nginx
listen.group = nginx
listen.mode = 0660

; When POSIX Access Control Lists are supported you can set them using
; these options, value is a comma separated list of user/group names.
:
</file><cli>
systemctl enable php-fpm
systemctl restart php-fpm
</cli>
  - 設定 nginx <cli>
vi /etc/nginx/conf.d/librenms.conf
</cli><file>
server {
 listen      80;
 server_name librenms.example.com;
 root        /opt/librenms/html;
 index       index.php;

 charset utf-8;
 gzip on;
 gzip_types text/css application/javascript text/javascript application/x-javascript image/svg+xml text/plain text/xsd text/xsl text/xml image/x-icon;
 location / {
  try_files $uri $uri/ /index.php?$query_string;
 }
 location /api/v0 {
  try_files $uri $uri/ /api_v0.php?$query_string;
 }
 location ~ \.php {
  include fastcgi.conf;
  fastcgi_split_path_info ^(.+\.php)(/.+)$;
  fastcgi_pass unix:/var/run/php-fpm/php7.2-fpm.sock;
 }
 location ~ /\.ht {
  deny all;
 }
}
</file><cli>
systemctl enable nginx
systemctl restart nginx
</cli>
  - 建立 SELinux 與 Allow fping<cli>
yum install policycoreutils-python

semanage fcontext -a -t httpd_sys_content_t '/opt/librenms/logs(/.*)?'
semanage fcontext -a -t httpd_sys_rw_content_t '/opt/librenms/logs(/.*)?'
restorecon -RFvv /opt/librenms/logs/
semanage fcontext -a -t httpd_sys_content_t '/opt/librenms/rrd(/.*)?'
semanage fcontext -a -t httpd_sys_rw_content_t '/opt/librenms/rrd(/.*)?'
restorecon -RFvv /opt/librenms/rrd/
semanage fcontext -a -t httpd_sys_content_t '/opt/librenms/storage(/.*)?'
semanage fcontext -a -t httpd_sys_rw_content_t '/opt/librenms/storage(/.*)?'
restorecon -RFvv /opt/librenms/storage/
semanage fcontext -a -t httpd_sys_content_t '/opt/librenms/bootstrap/cache(/.*)?'
semanage fcontext -a -t httpd_sys_rw_content_t '/opt/librenms/bootstrap/cache(/.*)?'
restorecon -RFvv /opt/librenms/bootstrap/cache/
setsebool -P httpd_can_sendmail=1
setsebool -P httpd_execmem 1

vi /tmp/http_fping.tt
</cli><file>
module http_fping 1.0;

require {
type httpd_t;
class capability net_raw;
class rawip_socket { getopt create setopt write read };
}

#============= httpd_t ==============
allow httpd_t self:capability net_raw;
allow httpd_t self:rawip_socket { getopt create setopt write read };
</file><cli>
checkmodule -M -m -o http_fping.mod /tmp/http_fping.tt
semodule_package -o /tmp/http_fping.pp -m http_fping.mod
semodule -i /tmp/http_fping.pp
</cli>
  - 設定 firewall<cli>
firewall-cmd --zone public --add-service http
firewall-cmd --permanent --zone public --add-service http
firewall-cmd --zone public --add-service https
firewall-cmd --permanent --zone public --add-service https
</cli>
  - 設定 snmpd <cli>
cp /opt/librenms/snmpd.conf.example /etc/snmp/snmpd.conf

vi /etc/snmp/snmpd.conf
</cli>將 RANDOMSTRINGGOESHERE 改成你要的 community 字串<file>
# Change RANDOMSTRINGGOESHERE to your preferred SNMP community string
#com2sec readonly  default         RANDOMSTRINGGOESHERE
com2sec readonly  default         **community_string**
:
#syslocation Rack, Room, Building, City, Country [GPSX,Y]
syslocation Taipei, Taiwan
#syscontact Your Name <your@email.address>
syscontact Jonathan Tsai <infotech@ichiayi.com>
:
</file><cli>
curl -o /usr/bin/distro https://raw.githubusercontent.com/librenms/librenms-agent/master/snmp/distro
chmod +x /usr/bin/distro
systemctl enable snmpd
systemctl restart snmpd
</cli>
  - 定義 cron table <cli>
cp /opt/librenms/librenms.nonroot.cron /etc/cron.d/librenms
</cli>
  - 設定定時清 log <cli>
cp /opt/librenms/misc/librenms.logrotate /etc/logrotate.d/librenms
</cli>
  - 設定權限 <cli>
chown -R librenms:librenms /opt/librenms
setfacl -d -m g::rwx /opt/librenms/rrd /opt/librenms/logs /opt/librenms/bootstrap/cache/ /opt/librenms/storage/
setfacl -R -m g::rwx /opt/librenms/rrd /opt/librenms/logs /opt/librenms/bootstrap/cache/ /opt/librenms/storage/
</cli>
  - 至網頁介面進行安裝 網址 Exp. http://192.168.11.200/install.php 
    - 如果這時候無法出現安裝畫面, 表示 nginx default 設定沒有移除 <cli>
vi /etc/nginx/nginx.conf
</cli><file>
:
    include             /etc/nginx/mime.types;
    default_type        application/octet-stream;

    # Load modular configuration files from the /etc/nginx/conf.d directory.
    # See http://nginx.org/en/docs/ngx_core_module.html#include
    # for more information.
    include /etc/nginx/conf.d/*.conf;

#    server {
#        listen       80 default_server;
#        listen       [::]:80 default_server;
#        server_name  _;
#        root         /usr/share/nginx/html;
#
#        # Load configuration files for the default server block.
#        include /etc/nginx/default.d/*.conf;
#
#        location / {
#        }
#
#        error_page 404 /404.html;
#            location = /40x.html {
#        }
#
#        error_page 500 502 503 504 /50x.html;
#            location = /50x.html {
#        }
#    }

# Settings for a TLS enabled server.
#
#    server {
:
</file><cli>
systemctl restart nginx
</cli>
    - 依照網頁出現的 6 個 Stage 執行
    - Stage 5 將產生的設定參數資料手動寫入 /opt/librenms/config.php <cli>
vi /opt/librenms/config.php
</cli>
    - 調整參數檔案權限<cli>
chown librenms:librenms /opt/librenms/config.php
</cli> 
  - 再來應該就可以透過網頁依照上一步驟建立的帳號登入