no way to compare when less than two revisions
差異處
這裏顯示兩個版本的差異處。
— | tech:librenms:centos7 [2021/06/14 16:01] (目前版本) – 建立 jonathan | ||
---|---|---|---|
行 1: | 行 1: | ||
+ | ===== CentOS7 安裝程序 ===== | ||
+ | - 安裝需要的套件 <cli> | ||
+ | yum install epel-release | ||
+ | rpm -Uvh https:// | ||
+ | yum install composer cronie fping git ImageMagick jwhois mariadb mariadb-server mtr python36 MySQL-python net-snmp net-snmp-utils nginx nmap php72w php72w-cli php72w-common php72w-curl php72w-fpm php72w-gd php72w-mbstring php72w-mysqlnd php72w-process php72w-snmp php72w-xml php72w-zip python-memcached rrdtool | ||
+ | </ | ||
+ | - 建立 librenms 用戶< | ||
+ | useradd librenms -d / | ||
+ | usermod -a -G librenms nginx | ||
+ | sync; | ||
+ | </ | ||
+ | - 下載 LibreNMS <cli> | ||
+ | cd /opt | ||
+ | composer create-project --no-dev --keep-vcs librenms/ | ||
+ | </ | ||
+ | - 出現異常與警告訊息, | ||
+ | cd / | ||
+ | ./ | ||
+ | </ | ||
+ | - 建立 DB Server< | ||
+ | systemctl start mariadb | ||
+ | mysql -u root | ||
+ | </ | ||
+ | CREATE DATABASE librenms CHARACTER SET utf8 COLLATE utf8_unicode_ci; | ||
+ | CREATE USER ' | ||
+ | GRANT ALL PRIVILEGES ON librenms.* TO ' | ||
+ | FLUSH PRIVILEGES; | ||
+ | exit | ||
+ | </ | ||
+ | vi /etc/my.cnf | ||
+ | </ | ||
+ | [mysqld] | ||
+ | datadir=/ | ||
+ | : | ||
+ | : | ||
+ | # instructions in http:// | ||
+ | innodb_file_per_table=1 | ||
+ | sql-mode="" | ||
+ | lower_case_table_names=0 | ||
+ | : | ||
+ | </ | ||
+ | systemctl enable mariadb | ||
+ | systemctl restart mariadb | ||
+ | </ | ||
+ | - 建立 Web Server <cli> | ||
+ | vi / | ||
+ | </ | ||
+ | : | ||
+ | ;user = apache | ||
+ | user = nginx | ||
+ | ; RPM: Keep a group allowed to write in log dir. | ||
+ | group = apache | ||
+ | |||
+ | ; The address on which to accept FastCGI requests. | ||
+ | ; Valid syntaxes are: | ||
+ | ; ' | ||
+ | ; a specific port; | ||
+ | ; ' | ||
+ | ; a specific port; | ||
+ | ; ' | ||
+ | ; (IPv6 and IPv4-mapped) on a specific port; | ||
+ | ; '/ | ||
+ | ; Note: This value is mandatory. | ||
+ | ;listen = 127.0.0.1: | ||
+ | listen = / | ||
+ | |||
+ | ; Set listen(2) backlog. | ||
+ | ; Default Value: 511 (-1 on FreeBSD and OpenBSD) | ||
+ | ; | ||
+ | |||
+ | ; Set permissions for unix socket, if one is used. In Linux, read/write | ||
+ | ; permissions must be set in order to allow connections from a web server. Many | ||
+ | ; BSD-derived systems allow connections regardless of permissions. | ||
+ | ; Default Values: user and group are set as the running user | ||
+ | ; mode is set to 0660 | ||
+ | ; | ||
+ | ; | ||
+ | ; | ||
+ | listen.owner = nginx | ||
+ | listen.group = nginx | ||
+ | listen.mode = 0660 | ||
+ | |||
+ | ; When POSIX Access Control Lists are supported you can set them using | ||
+ | ; these options, value is a comma separated list of user/group names. | ||
+ | : | ||
+ | </ | ||
+ | systemctl enable php-fpm | ||
+ | systemctl restart php-fpm | ||
+ | </ | ||
+ | - 設定 nginx <cli> | ||
+ | vi / | ||
+ | </ | ||
+ | server { | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | |||
+ | | ||
+ | gzip on; | ||
+ | | ||
+ | | ||
+ | try_files $uri $uri/ / | ||
+ | } | ||
+ | | ||
+ | try_files $uri $uri/ / | ||
+ | } | ||
+ | | ||
+ | include fastcgi.conf; | ||
+ | fastcgi_split_path_info ^(.+\.php)(/ | ||
+ | fastcgi_pass unix:/ | ||
+ | } | ||
+ | | ||
+ | deny all; | ||
+ | } | ||
+ | } | ||
+ | </ | ||
+ | systemctl enable nginx | ||
+ | systemctl restart nginx | ||
+ | </ | ||
+ | - 建立 SELinux 與 Allow fping< | ||
+ | yum install policycoreutils-python | ||
+ | |||
+ | semanage fcontext -a -t httpd_sys_content_t '/ | ||
+ | semanage fcontext -a -t httpd_sys_rw_content_t '/ | ||
+ | restorecon -RFvv / | ||
+ | semanage fcontext -a -t httpd_sys_content_t '/ | ||
+ | semanage fcontext -a -t httpd_sys_rw_content_t '/ | ||
+ | restorecon -RFvv / | ||
+ | semanage fcontext -a -t httpd_sys_content_t '/ | ||
+ | semanage fcontext -a -t httpd_sys_rw_content_t '/ | ||
+ | restorecon -RFvv / | ||
+ | semanage fcontext -a -t httpd_sys_content_t '/ | ||
+ | semanage fcontext -a -t httpd_sys_rw_content_t '/ | ||
+ | restorecon -RFvv / | ||
+ | setsebool -P httpd_can_sendmail=1 | ||
+ | setsebool -P httpd_execmem 1 | ||
+ | |||
+ | vi / | ||
+ | </ | ||
+ | module http_fping 1.0; | ||
+ | |||
+ | require { | ||
+ | type httpd_t; | ||
+ | class capability net_raw; | ||
+ | class rawip_socket { getopt create setopt write read }; | ||
+ | } | ||
+ | |||
+ | # | ||
+ | allow httpd_t self: | ||
+ | allow httpd_t self: | ||
+ | </ | ||
+ | checkmodule -M -m -o http_fping.mod / | ||
+ | semodule_package -o / | ||
+ | semodule -i / | ||
+ | </ | ||
+ | - 設定 firewall< | ||
+ | firewall-cmd --zone public --add-service http | ||
+ | firewall-cmd --permanent --zone public --add-service http | ||
+ | firewall-cmd --zone public --add-service https | ||
+ | firewall-cmd --permanent --zone public --add-service https | ||
+ | </ | ||
+ | - 設定 snmpd <cli> | ||
+ | cp / | ||
+ | |||
+ | vi / | ||
+ | </ | ||
+ | # Change RANDOMSTRINGGOESHERE to your preferred SNMP community string | ||
+ | #com2sec readonly | ||
+ | com2sec readonly | ||
+ | : | ||
+ | # | ||
+ | syslocation Taipei, Taiwan | ||
+ | #syscontact Your Name < | ||
+ | syscontact Jonathan Tsai < | ||
+ | : | ||
+ | </ | ||
+ | curl -o / | ||
+ | chmod +x / | ||
+ | systemctl enable snmpd | ||
+ | systemctl restart snmpd | ||
+ | </ | ||
+ | - 定義 cron table <cli> | ||
+ | cp / | ||
+ | </ | ||
+ | - 設定定時清 log <cli> | ||
+ | cp / | ||
+ | </ | ||
+ | - 設定權限 <cli> | ||
+ | chown -R librenms: | ||
+ | setfacl -d -m g::rwx / | ||
+ | setfacl -R -m g::rwx / | ||
+ | </ | ||
+ | - 至網頁介面進行安裝 網址 Exp. http:// | ||
+ | - 如果這時候無法出現安裝畫面, | ||
+ | vi / | ||
+ | </ | ||
+ | : | ||
+ | include | ||
+ | default_type | ||
+ | |||
+ | # Load modular configuration files from the / | ||
+ | # See http:// | ||
+ | # for more information. | ||
+ | include / | ||
+ | |||
+ | # server { | ||
+ | # listen | ||
+ | # listen | ||
+ | # server_name | ||
+ | # root / | ||
+ | # | ||
+ | # # Load configuration files for the default server block. | ||
+ | # include / | ||
+ | # | ||
+ | # location / { | ||
+ | # } | ||
+ | # | ||
+ | # error_page 404 /404.html; | ||
+ | # location = /40x.html { | ||
+ | # } | ||
+ | # | ||
+ | # error_page 500 502 503 504 /50x.html; | ||
+ | # location = /50x.html { | ||
+ | # } | ||
+ | # } | ||
+ | |||
+ | # Settings for a TLS enabled server. | ||
+ | # | ||
+ | # server { | ||
+ | : | ||
+ | </ | ||
+ | systemctl restart nginx | ||
+ | </ | ||
+ | - 依照網頁出現的 6 個 Stage 執行 | ||
+ | - Stage 5 將產生的設定參數資料手動寫入 / | ||
+ | vi / | ||
+ | </ | ||
+ | - 調整參數檔案權限< | ||
+ | chown librenms: | ||
+ | </ | ||
+ | - 再來應該就可以透過網頁依照上一步驟建立的帳號登入 | ||
+ | |||