差異處

no way to compare when less than two revisions

這裏顯示兩個版本的差異處。

@@ 行 1: / 行 1: @@
+===== CentOS7 安裝程序 =====
+  - 安裝需要的套件 <cli>
+yum install epel-release
+rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm
+yum install composer cronie fping git ImageMagick jwhois mariadb mariadb-server mtr python36 MySQL-python net-snmp net-snmp-utils nginx nmap php72w php72w-cli php72w-common php72w-curl php72w-fpm php72w-gd php72w-mbstring php72w-mysqlnd php72w-process php72w-snmp php72w-xml php72w-zip python-memcached rrdtool
+</cli>
+  - 建立 librenms 用戶<cli>
+useradd librenms -d /opt/librenms -M -r
+usermod -a -G librenms nginx
+sync;sync;sync;reboot
+</cli>
+  - 下載 LibreNMS <cli>
+cd /opt
+composer create-project --no-dev --keep-vcs librenms/librenms librenms dev-master
+</cli>
+  - 出現異常與警告訊息, 重新開機後再執行<cli>
+cd /opt/librenms
+./scripts/composer_wrapper.php install --no-dev
+</cli>
+  - 建立 DB Server<cli>
+systemctl start mariadb
+mysql -u root
+</cli>**password** 要依照自己需要設定<code sql>
+CREATE DATABASE librenms CHARACTER SET utf8 COLLATE utf8_unicode_ci;
+CREATE USER 'librenms'@'localhost' IDENTIFIED BY '**password**';
+GRANT ALL PRIVILEGES ON librenms.* TO 'librenms'@'localhost';
+FLUSH PRIVILEGES;
+exit
+</code><cli>
+vi /etc/my.cnf
+</cli><file>
+[mysqld]
+datadir=/var/lib/mysql
+:
+:
+# instructions in http://fedoraproject.org/wiki/Systemd
+innodb_file_per_table=1
+sql-mode=""
+lower_case_table_names=0
+:
+</file><cli>
+systemctl enable mariadb
+systemctl restart mariadb
+</cli>
+  - 建立 Web Server <cli>
+vi /etc/php-fpm.d/www.conf
+</cli><file>
+:
+;user = apache
+user = nginx
+; RPM: Keep a group allowed to write in log dir.
+group = apache
+; The address on which to accept FastCGI requests.
+; Valid syntaxes are:
+;   'ip.add.re.ss:port'    - to listen on a TCP socket to a specific IPv4 address on
+;                            a specific port;
+;   '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on
+;                            a specific port;
+;   'port'                 - to listen on a TCP socket to all addresses
+;                            (IPv6 and IPv4-mapped) on a specific port;
+;   '/path/to/unix/socket' - to listen on a unix socket.
+; Note: This value is mandatory.
+;listen = 127.0.0.1:9000
+listen = /var/run/php-fpm/php7.2-fpm.sock
+; Set listen(2) backlog.
+; Default Value: 511 (-1 on FreeBSD and OpenBSD)
+;listen.backlog = 511
+; Set permissions for unix socket, if one is used. In Linux, read/write
+; permissions must be set in order to allow connections from a web server. Many
+; BSD-derived systems allow connections regardless of permissions.
+; Default Values: user and group are set as the running user
+;                 mode is set to 0660
+;listen.owner = nobody
+;listen.group = nobody
+;listen.mode = 0660
+listen.owner = nginx
+listen.group = nginx
+listen.mode = 0660
+; When POSIX Access Control Lists are supported you can set them using
+; these options, value is a comma separated list of user/group names.
+:
+</file><cli>
+systemctl enable php-fpm
+systemctl restart php-fpm
+</cli>
+  - 設定 nginx <cli>
+vi /etc/nginx/conf.d/librenms.conf
+</cli><file>
+server {
+ listen      80;
+ server_name librenms.example.com;
+ root        /opt/librenms/html;
+ index       index.php;
+ charset utf-8;
+ gzip on;
+ gzip_types text/css application/javascript text/javascript application/x-javascript image/svg+xml text/plain text/xsd text/xsl text/xml image/x-icon;
+ location / {
+  try_files $uri $uri/ /index.php?$query_string;
+ }
+ location /api/v0 {
+  try_files $uri $uri/ /api_v0.php?$query_string;
+ }
+ location ~ \.php {
+  include fastcgi.conf;
+  fastcgi_split_path_info ^(.+\.php)(/.+)$;
+  fastcgi_pass unix:/var/run/php-fpm/php7.2-fpm.sock;
+ }
+ location ~ /\.ht {
+  deny all;
+ }
+}
+</file><cli>
+systemctl enable nginx
+systemctl restart nginx
+</cli>
+  - 建立 SELinux 與 Allow fping<cli>
+yum install policycoreutils-python
+semanage fcontext -a -t httpd_sys_content_t '/opt/librenms/logs(/.*)?'
+semanage fcontext -a -t httpd_sys_rw_content_t '/opt/librenms/logs(/.*)?'
+restorecon -RFvv /opt/librenms/logs/
+semanage fcontext -a -t httpd_sys_content_t '/opt/librenms/rrd(/.*)?'
+semanage fcontext -a -t httpd_sys_rw_content_t '/opt/librenms/rrd(/.*)?'
+restorecon -RFvv /opt/librenms/rrd/
+semanage fcontext -a -t httpd_sys_content_t '/opt/librenms/storage(/.*)?'
+semanage fcontext -a -t httpd_sys_rw_content_t '/opt/librenms/storage(/.*)?'
+restorecon -RFvv /opt/librenms/storage/
+semanage fcontext -a -t httpd_sys_content_t '/opt/librenms/bootstrap/cache(/.*)?'
+semanage fcontext -a -t httpd_sys_rw_content_t '/opt/librenms/bootstrap/cache(/.*)?'
+restorecon -RFvv /opt/librenms/bootstrap/cache/
+setsebool -P httpd_can_sendmail=1
+setsebool -P httpd_execmem 1
+vi /tmp/http_fping.tt
+</cli><file>
+module http_fping 1.0;
+require {
+type httpd_t;
+class capability net_raw;
+class rawip_socket { getopt create setopt write read };
+}
+#============= httpd_t ==============
+allow httpd_t self:capability net_raw;
+allow httpd_t self:rawip_socket { getopt create setopt write read };
+</file><cli>
+checkmodule -M -m -o http_fping.mod /tmp/http_fping.tt
+semodule_package -o /tmp/http_fping.pp -m http_fping.mod
+semodule -i /tmp/http_fping.pp
+</cli>
+  - 設定 firewall<cli>
+firewall-cmd --zone public --add-service http
+firewall-cmd --permanent --zone public --add-service http
+firewall-cmd --zone public --add-service https
+firewall-cmd --permanent --zone public --add-service https
+</cli>
+  - 設定 snmpd <cli>
+cp /opt/librenms/snmpd.conf.example /etc/snmp/snmpd.conf
+vi /etc/snmp/snmpd.conf
+</cli>將 RANDOMSTRINGGOESHERE 改成你要的 community 字串<file>
+# Change RANDOMSTRINGGOESHERE to your preferred SNMP community string
+#com2sec readonly  default         RANDOMSTRINGGOESHERE
+com2sec readonly  default         **community_string**
+:
+#syslocation Rack, Room, Building, City, Country [GPSX,Y]
+syslocation Taipei, Taiwan
+#syscontact Your Name <[email protected]>
+syscontact Jonathan Tsai <[email protected]>
+:
+</file><cli>
+curl -o /usr/bin/distro https://raw.githubusercontent.com/librenms/librenms-agent/master/snmp/distro
+chmod +x /usr/bin/distro
+systemctl enable snmpd
+systemctl restart snmpd
+</cli>
+  - 定義 cron table <cli>
+cp /opt/librenms/librenms.nonroot.cron /etc/cron.d/librenms
+</cli>
+  - 設定定時清 log <cli>
+cp /opt/librenms/misc/librenms.logrotate /etc/logrotate.d/librenms
+</cli>
+  - 設定權限 <cli>
+chown -R librenms:librenms /opt/librenms
+setfacl -d -m g::rwx /opt/librenms/rrd /opt/librenms/logs /opt/librenms/bootstrap/cache/ /opt/librenms/storage/
+setfacl -R -m g::rwx /opt/librenms/rrd /opt/librenms/logs /opt/librenms/bootstrap/cache/ /opt/librenms/storage/
+</cli>
+  - 至網頁介面進行安裝 網址 Exp. http://192.168.11.200/install.php
+    - 如果這時候無法出現安裝畫面, 表示 nginx default 設定沒有移除 <cli>
+vi /etc/nginx/nginx.conf
+</cli><file>
+:
+    include             /etc/nginx/mime.types;
+    default_type        application/octet-stream;
+    # Load modular configuration files from the /etc/nginx/conf.d directory.
+    # See http://nginx.org/en/docs/ngx_core_module.html#include
+    # for more information.
+    include /etc/nginx/conf.d/*.conf;
+#    server {
+#        listen       80 default_server;
+#        listen       [::]:80 default_server;
+#        server_name  _;
+#        root         /usr/share/nginx/html;
+#
+#        # Load configuration files for the default server block.
+#        include /etc/nginx/default.d/*.conf;
+#
+#        location / {
+#        }
+#
+#        error_page 404 /404.html;
+#            location = /40x.html {
+#        }
+#
+#        error_page 500 502 503 504 /50x.html;
+#            location = /50x.html {
+#        }
+#    }
+# Settings for a TLS enabled server.
+#
+#    server {
+:
+</file><cli>
+systemctl restart nginx
+</cli>
+    - 依照網頁出現的 6 個 Stage 執行
+    - Stage 5 將產生的設定參數資料手動寫入 /opt/librenms/config.php <cli>
+vi /opt/librenms/config.php
+</cli>
+    - 調整參數檔案權限<cli>
+chown librenms:librenms /opt/librenms/config.php
+</cli>
+  - 再來應該就可以透過網頁依照上一步驟建立的帳號登入