參考原文:
官方文件(CentOS7)
techsupportpk.com
dnf更新 Nginx+MariaDB安裝
代碼: 選擇全部
yum install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
dnf install -y 'dnf-command(config-manager)'
dnf config-manager --set-enabled PowerTools
dnf update -y
dnf install -y git cronie fping ImageMagick mtr rrdtool net-snmp net-snmp-utils nmap python36 unzip
dnf install -y nginx mariadb mariadb-server
sol1:manual installation 手動安裝 (略)
sol2:module installation 套件安裝 原文
代碼: 選擇全部
yum install -y https://rpms.remirepo.net/enterprise/remi-release-8.rpm
dnf module install php:remi-7.4代碼: 選擇全部
dnf install -y php-gd php-pdo代碼: 選擇全部
useradd librenms -d /opt/librenms -M -r
usermod -a -G librenms nginx代碼: 選擇全部
cd /opt
git clone https://github.com/librenms/librenms.git代碼: 選擇全部
chown -R librenms:librenms /opt/librenms
chmod 770 /opt/librenms
setfacl -d -m g::rwx /opt/librenms/rrd /opt/librenms/logs /opt/librenms/bootstrap/cache/ /opt/librenms/storage/
setfacl -R -m g::rwx /opt/librenms/rrd /opt/librenms/logs /opt/librenms/bootstrap/cache/ /opt/librenms/storage/此處用到unzip php-gd php-pdo
代碼: 選擇全部
su - librenms
./scripts/composer_wrapper.php install --no-dev
logout初始化與安全性設定
代碼: 選擇全部
systemctl start mariadb
mysql_secure_installation資料庫設定
代碼: 選擇全部
mysql -u root -p代碼: 選擇全部
CREATE DATABASE librenms CHARACTER SET utf8 COLLATE utf8_unicode_ci;
CREATE USER 'librenms'@'localhost' IDENTIFIED BY '此處輸入密碼';
GRANT ALL PRIVILEGES ON librenms.* TO 'librenms'@'localhost';
FLUSH PRIVILEGES;
exit代碼: 選擇全部
vi /etc/my.cnf代碼: 選擇全部
[mysqld]
innodb_file_per_table=1
lower_case_table_names=0代碼: 選擇全部
systemctl enable mariadb
systemctl restart mariadb代碼: 選擇全部
vi /etc/php.ini
date.timezone = Asia/Taipei代碼: 選擇全部
vi /etc/php-fpm.d/www.conf
;user = apache
user = nginx
group = apache ; keep group as apache
;listen = 127.0.0.1:9000
listen = /run/php-fpm/php-fpm.sock
listen.owner = nginx
listen.group = nginx
listen.mode = 0660代碼: 選擇全部
systemctl enable php-fpm
systemctl restart php-fpm建立librenms.conf
代碼: 選擇全部
vi /etc/nginx/conf.d/librenms.conf代碼: 選擇全部
server {
listen 80;
server_name librenms.techsupportpk.com;
root /opt/librenms/html;
index index.php;
charset utf-8;
gzip on;
gzip_types text/css application/javascript text/javascript application/x-javascript image/svg+xml text/plain text/xsd text/xsl text/xml image/x-icon;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location /api/v0 {
try_files $uri $uri/ /api_v0.php?$query_string;
}
location ~ \.php {
include fastcgi.conf;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/run/php-fpm/php-fpm.sock;
}
location ~ /\.ht {
deny all;
}
}
) then you will need to disable the default site.Delete the server section from /etc/nginx/nginx.conf
開啟nginx
代碼: 選擇全部
systemctl start nginx
systemctl enable nginxPVE CT centos8 範本中的SELINUX未安裝
Allow fping
建立http_fping.tt(這是一次性檔案,隨便在一個地方建立即可)
代碼: 選擇全部
vi ~/http_fping.tt代碼: 選擇全部
module http_fping 1.0;
require {
type httpd_t;
class capability net_raw;
class rawip_socket { getopt create setopt write read };
}
#============= httpd_t ==============
allow httpd_t self:capability net_raw;
allow httpd_t self:rawip_socket { getopt create setopt write read };代碼: 選擇全部
dnf install -y checkpolicy
checkmodule -M -m -o http_fping.mod http_fping.tt
semodule_package -o http_fping.pp -m http_fping.mod
semodule -i http_fping.pp設定防火牆規則
PVE CT centos8 範本中的firewalld未安裝
設定SNMP
代碼: 選擇全部
systemctl start snmpd
systemctl enable snmpd
curl -o /usr/bin/distro https://raw.githubusercontent.com/librenms/librenms-agent/master/snmp/distro
chmod +x /usr/bin/distro
Adding Cron Job
代碼: 選擇全部
cp /opt/librenms/librenms.nonroot.cron /etc/cron.d/librenmsLibreNMS keeps logs in /opt/librenms/logs.
Over time these can become large and be rotated out.
To rotate out the old logs you can use the provided logrotate config file:
代碼: 選擇全部
cp /opt/librenms/misc/librenms.logrotate /etc/logrotate.d/librenms