How to Install LibreNMS Monitoring Solution on Rocky Linux

LibreNMS is a monitoring tool that supports auto-discovery with multiple protocols, including SNMP, ARP, OSPF, and BGP. To monitor operating systems, you can use the SNMP protocol, which is available on most OS, including Linux, Windows, and BSDs.

There are three versions of SNMP Protocol, v1 and v2 which are secured with only a community password, and protocol v3 which supports passwords for authentication and encryption. For the production environment, it's recommended to use the SNMP protocol v3, which is more secure than v2 and v1.

In this guide, you will learn how to install the LibreNMS monitoring tool on the Rocky Linux server. This guide includes the installation of the LEMP Stack (Nginx, MariaDB, and PHP-FPM) and the basic configuration of the SNMP service.

Through the end, you will have the production-ready monitoring solution LibreNMS and you can just add a new host or server, or device to monitor LibreNMS.

Prerequisites

To complete this guide, you will need the following requirements:

  • A Rocky Linux server - This example uses the Rocky Linux 8.
  • A non-root user with sudo root/administrator privileges.
  • A local domain name for the local deployment.

Setting up Repositories

Before you start installing packages, you will now set up repositories on your Rocky Linux system. You will need to add the EPEL repository (Extra Packages for Enterprise Linux) and the PHP Remi repository.

Run the following dnf command to add the EPEL repository to your system.

sudo dnf install epel-release

Input Y when prompted for the confirmation and press ENTER to proceed.

install epel

Next, run the following dnf command to add the PHP Remi repository. This repository provides multiple versions of PHP, which includes the latest PHP 8.1 that is required for the LibreNMS installation.

sudo dnf install dnf-utils http://rpms.remirepo.net/enterprise/remi-release-8.rpm

Now input Y and press ENTER to proceed.

add remi repo

After EPEL and Remi repository is added, verify using the dnf command below.

sudo dnf repolist

You should see the EPEL and Remi repository is added and available on your Rocky Linux system.

check repos

Installing Package Dependencies

After adding EPEL and Remi repositories, you will now start installing package dependencies for the LibreNMS. This includes the LEMP Stack, SNMP packages, and some basic Python dependencies.

Before starting the installation, run the following command to enable the PHP repository module 'remi-8.1'. The latest version of LibreNMS required at least PHP 8.

sudo dnf reset php
sudo dnf module enable php:remi-8.1

Input y to confirm and enable the PHP Remi 8.1 repository.

reset php modules

Next, run the following dnf command to install package dependencies for the LibreNMS. When prompted to confirm the installation, input y and press ENTER to proceed, and the installation will begin.

sudo dnf install bash-completion cronie fping git ImageMagick mariadb-server mtr net-snmp net-snmp-utils nginx nmap php-fpm php-cli php-common php-curl php-gd php-gmp php-json php-mbstring php-process php-snmp php-xml php-zip php-mysqlnd python3 python3-PyMySQL python3-devel python3-redis python3-memcached python3-pip python3-systemd rrdtool unzip

install dependencies

After dependencies are installed, run the following command to start and enable some services such as Nginx, MariaDB, PHP-FPM, and snmpd.

sudo systemctl enable nginx php-fpm mariadb snmpd
sudo systemctl start nginx php-fpm mariadb snmpd

At this point, some basic services Nginx, MariaDB, PHP-FPM, and the snmpd will be started automatically at system boot. And all of those services are running.

start enable services

Setting up Firewalld

For this example, we're using the Rocky Linux with firewalld enabled. Now you will add both HTTP and HTTPS protocol to the firewalld.

Run the following firewall-cmd command to add the HTTP and HTTPS services to the firewalld. You should get the output message 'success' which means the new rule is added.

sudo firewall-cmd --permanent --zone public --add-service http
sudo firewall-cmd --permanent --zone public --add-service https

Next, reload the firewalld to apply new changes. Then, verify the firewalld status using the following command.

sudo firewall-cmd --reload
sudo firewall-cmd --list-all

You will receive the output of both HTTP and HTTPS protocols is added to the firewalld.

setup firewalld

Downloading LibreNMS Source Code

In this step, you will download the LibreNMS source code from GitHub. But before that, you will also create a new dedicated user 'librenms' that will be used to run LibreNMS application.

Run the following command to create a new system user 'librenms'. This user will be used to run the LibreNMS application.

sudo useradd librenms -d /opt/librenms -M -r -s "$(which bash)"

Now move your working directory to the '/opt' and download the LibreNMS source code via the git command below. You should now get a new directory '/opt/librenms', which will be used as the LibreNMS installation directory.

cd /opt
git clone https://github.com/librenms/librenms.git

download librenms

Change the ownership and permission of the LibreNMS installation directory '/opt/librenms'. The ownership of the installation should be the 'librenms' user, and also permission 771 will allows the user to read write and execute on the directory.

sudo chown -R librenms:librenms /opt/librenms
sudo chmod 771 /opt/librenms

Lastly, run the following command to set the access control lists for some of the LibreNMS directories. This will grant the group 'librenms' to read, write, and execute on some specific LibreNMS directories.

sudo setfacl -d -m g::rwx /opt/librenms/rrd /opt/librenms/logs /opt/librenms/bootstrap/cache/ /opt/librenms/storage/
sudo setfacl -R -m g::rwx /opt/librenms/rrd /opt/librenms/logs /opt/librenms/bootstrap/cache/ /opt/librenms/storage/

setup ownership acls

Installing PHP Dependencies for LibreNMS

After downloading the LibreNMS source code and configuring the correct permission, you will now be installing PHP dependencies for LibreNMS.

Log in as the 'librenms' user using the following command.

su - librenms

Now, install PHP dependencies via the installer script as below.

./scripts/composer_wrapper.php install --no-dev

You will now see the installation of PHP dependencies that are required for the LibreNMS. You will also see the installation of Python packages for LibreNMS.

install dependencies

After the PHP dependencies installation is finished, you can now exit from the user 'librenms' by pressing 'Ctrl+d' or you can type the 'exit' command.

Configuring PHP-FPM

In this step, you will configure your PHP-FPM installation for LibreNMS. You will modify the default configuration '/etc/php.ini' and setting up a specific PHP-FPM pool for LibreNMS.

Run the following command to set up the correct timezone for your Rocky Linux system.

sudo timedatectl set-timezone Europe/Stockholm

Now edit the PHP configuration '/etc/php.ini' using the following nano editor.

sudo nano /etc/php.ini

Uncomment the 'date.timezone' option and change the value with your current server timezone.

date.timezone = Europe/Stockholm

Save the file and close the editor when you are done.

Next, copy the default PHP-FPM pool configuration 'www.conf' to 'librenms'.conf'. In this example, you will set up the specific PHP-FPM pool for the LibreNMS monitoring tool.

cp /etc/php-fpm.d/www.conf /etc/php-fpm.d/librenms.conf

Now edit the PHP-FPM pool configuration '/etc/php-fpm.d/librenms.conf' using the following nano editor.

sudo nano /etc/php-fpm.d/librenms.conf

Change the default pool name from '[www]' to '[librenms]'.

[librenms]

Change the default user and group to 'librenms'. This will run the PHP-FPM process as the user and group 'librenms'.

user = librenms
group = librenms

Lastly, change the listen option to '/run/php-fpm-librenms.sock'. This will specify the sock file for the PHP-FPM librenms pool.

listen = /run/php-fpm-librenms.sock

Save the file and exit the editor when you are done.

Now run the following systemctl command to restart the PHP-FPM service and apply new changes.

sudo systemctl restart php-fpm

setup php-fpm

Configuring MariaDB Server

After you have configured the PHP-FPM, you will now be setting up the MariaDB database server and creating a new database and user for LibreNMS.

The LibreNMS required the MariaDB database server with InnoDB enabled. So now you will need to enable it. Then, you will be creating a new database and user for LibreNMS.

Edit the MariaDB server configuration '/etc/my.cnf.d/mariadb-server.cnf' using the following nano editor.

sudo nano /etc/my.cnf.d/mariadb-server.cnf

Put the following configuration under the '[mysqld]' section.

[mysqld]
....
innodb_file_per_table=1
lower_case_table_names=0

Save the file and exit the editor when you are done.

Now run the following systemctl command below to restart the MariaDB service and apply new changes. The MariaDB server is now running with the InnoDB database engine enabled.

sudo systemctl restart mariadb

Next, log in to the MariaDB shell via the mysql command below. When prompted for the password, you can just press ENTER or type the MariaDB root password.

sudo mysql -u root -p

Run the following queries to create a new database and user for LibreNMS. In this example, you will create a new database and user 'librenms', and be sure to change the database password with your password.

CREATE DATABASE librenms CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
CREATE USER 'librenms'@'localhost' IDENTIFIED BY 'password';
GRANT ALL PRIVILEGES ON librenms.* TO 'librenms'@'localhost';
FLUSH PRIVILEGES;

create database and user

Next, run the following query to verify the privileges for the database user '[email protected]'.

SHOW GRANTS FOR [email protected];

You should see the user 'librenms'@localhost' has privileges to the database 'librenms'.

check privileges

Now type 'exit' to log out from the MariaDB shell.

Setting up Nginx Server Blocks

After you have configured the MariaDB server and created the database and user, you will now be creating a new Nginx server block configuration for LibreNMS.

Before you start, ensure you have decided on the local domain that will be used for the LibreNMS. In this example, the LibreNMS should be running with the domain 'librenms.hwdomain.io'.

Create a new Nginx server blocks configuration '/etc/nginx/conf.d/librenms.conf' using the following nano editor.

sudo nano /etc/nginx/conf.d/librenms.conf

Add the following configuration to the file and be sure to change the domain name with your domain.

server {
    listen      80;
    server_name librenms.hwdomain.io;
    root        /opt/librenms/html;
    index       index.php;

    charset utf-8;
    gzip on;
    gzip_types text/css application/javascript text/javascript application/x-javascript image/svg+xml text/plain text/xsd text/xsl text/xml image/x-icon;

    location / {
        try_files $uri $uri/ /index.php?$query_string;
    }

    location ~ [^/]\.php(/|$) {
        fastcgi_pass unix:/run/php-fpm-librenms.sock;
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        include fastcgi.conf;
    }

    location ~ /\.(?!well-known).* {
        deny all;
    }
}

Save the file and exit the editor when you are done.

Next, run the following command to verify the Nginx configuration and ensure the configuration is correct.

sudo nginx -t

If your Nginx configuration is correct, you will see the output message such as 'test successful - Syntax OK'.

Now restart the Nginx service to apply the new server block configuration.

sudo systemctl restart nginx

setup nginx

At this point, you have completed the configuration LEMP Stack (Nginx, MariaDB database, and PHP-FPM) for the LibreNMS. Also, the LibreNMS should now be running on your Rocky Linux system.

Configuring SELinux

For this guide, you will be run the LibreNMS with SELinux enabled on the enforcing mode. So you now will be setting up SELinux rules for the LibreNMS.

To start with, run the following dnf command below to install the package 'policycoreutils-python-utils' to your Rocky Linux system. This package provides multiple command lines for managing SELinux.

sudo dnf install policycoreutils-python-utils

When prompted, input y to confirm and press ENTER to proceed.

install SELinux management tool

Next, run the following command to set up labels for the LibreNMS source code.

semanage fcontext -a -t httpd_sys_content_t '/opt/librenms/html(/.*)?'
semanage fcontext -a -t httpd_sys_rw_content_t '/opt/librenms/(rrd|storage)(/.*)?'
semanage fcontext -a -t httpd_log_t "/opt/librenms/logs(/.*)?"
semanage fcontext -a -t bin_t '/opt/librenms/librenms-service.py'
restorecon -RFvv /opt/librenms
chcon -t httpd_sys_rw_content_t /opt/librenms/.env

setup selinux labelling

Run the following command to allow access to some services for the Nginx web server.

setsebool -P httpd_can_sendmail=1
setsebool -P httpd_execmem 1

Now, create a new file 'http_fping.tt' using the following nano editor.

nano http_fping.tt

Add the following configuration to the file.

module http_fping 1.0;

require {
type httpd_t;
class capability net_raw;
class rawip_socket { getopt create setopt write read };
}

#============= httpd_t ==============
allow httpd_t self:capability net_raw;
allow httpd_t self:rawip_socket { getopt create setopt write read };

Save the file and exit the editor when you are finished.

Next, run the following command to convert the 'http_fping.tt' to the format for the SELinux. Then, add the new compiled rule to the SELinux.

checkmodule -M -m -o http_fping.mod http_fping.tt
semodule_package -o http_fping.pp -m http_fping.mod
semodule -i http_fping.pp

setup selinux

Now that you have finished the SELinux configuration for LibreNMS. Next, you will set up some additional configurations for LibreNMS.

Finishing up the LibreNMS Configurations

To finish up the LibreNMS configuration, you will now be setting up the 'lnms' command-line, copy some default configuration LibreNMS including configurations for cron and logrotate. Also, you will be setting up the SNMP service for LibreNMS.

Run the following command to enable the 'lnms' command line and copy the bash completion of the 'lnms' command.

ln -s /opt/librenms/lnms /usr/bin/lnms
cp /opt/librenms/misc/lnms-completion.bash /etc/bash_completion.d/

Copy the example configuration of thje LibreNMS cron to the '/etc/cron.d/librenms'.

sudo cp /opt/librenms/librenms.nonroot.cron /etc/cron.d/librenms

Copy the default logrotate configuration for LibreNMS to '/etc/logrotate.d/librenms'.

sudo cp /opt/librenms/misc/librenms.logrotate /etc/logrotate.d/librenms

finishing librenms

Now copy the default snmpd service configuration to '/etc/snmp/snmpd.conf'. Then, edit the new file '/etc/snmp/snmpd.conf' using the nano editor.

sudo cp /opt/librenms/snmpd.conf.example /etc/snmp/snmpd.conf
sudo nano /etc/snmp/snmpd.conf

Change the default community password for the snmpd service 'RANDOMSTRINGGOESHERE' with your password.

# Change RANDOMSTRINGGOESHERE to your preferred SNMP community string
com2sec readonly  default         RANDOMSTRINGGOESHERE

Save the file and exit the editor when you are done.

Next, download the binary file that will be used by LibreNMS for automatically detecting the operating system of every target host. Then, make it executable by changing the default permission.

curl -o /usr/bin/distro https://raw.githubusercontent.com/librenms/librenms-agent/master/snmp/distro
chmod +x /usr/bin/distro

download distrocheck

Lastly, restart the snmpd service to apply new changes and new configurations.

systemctl restart snmpd

Now that all basic configurations are completed. Next, you will start the LibreNMS installation via the web browser.

Accessing LibreNMS Web Installation

On your local machine, edit the '/etc/hosts' file and define the local domain name of your LibreNMS installation. Also, be sure to change the IP address with your server IP address.

192.168.5.100   librenms.hwdomain.io

Now open up the web browser and visit the domain name of your LibreNMS installation (i.e: http://librenms.hwdomain.io/).

At first, the LibreNMS installer will check the environments for the installation. Ensure all requirements are marked as green, which means the system is ready for the LibreNMS installation.

Click the database icon to continue.

pre install setup database

Now input the details database and user for your LibreNMS and click 'Check Credentials'. If your database credentials are correct, the section will be marked as green.

check database

Now click 'Build Database' to start the database migration for LibreNMS.

build database

After database migration is completed, you will see the 'Build Database' section marked as green.

Click the key icon to start configuring the admin user for LibreNMS.

build database

Now input the new admin user, password, and email address for your LibreNMS installation and click 'Add User'.

setup user

Now the installation is finished and you will see the following page. You can see the installation is finished and configurations are written to the '.env' file.

installation completes

Now click the link 'validate your install' to verify the LibreNMS installation.

You should now be redirected to the LibreNMS login page. Input your admin user and password, then click 'Login'.

login librenms

Now ensure all of the configurations are marked as 'OK', which means the configuration has no error.

You can also fix all of the errors or warnings by following the instructions recommended by LibreNMS.

validate instakllation librenms

You can now add a new target host, virtual machine, or network device to monitor the LibreNMS Monitoring Solution.

Conclusion

Congratulations! You have installed the LibreNMS Monitoring Solution on the Rocky Linux server. You have also learned the basic configuration of the LEMP Stack (Nginx, MariaDB, and PHP-FPM) on Rocky Linux.

From here, you can continue to add a host or target machine to monitor, set up LibreNMS Agent, set up alerting or notifications, set up third-party integration with Graylog, and do other tasks.

Share this page:

Suggested articles

0 Comment(s)

Add comment