Skip to content

Instantly share code, notes, and snippets.

@acl

acl/gist:b3adad17e25cce9fdc7eb7c1c73eebdc

Created April 8, 2019 22:03
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save acl/b3adad17e25cce9fdc7eb7c1c73eebdc to your computer and use it in GitHub Desktop.
Save acl/b3adad17e25cce9fdc7eb7c1c73eebdc to your computer and use it in GitHub Desktop.
Download ZIP
Librenms ova build commands.
Raw
gistfile1.txt
#!/bin/bash
sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
/usr/sbin/setenforce 0
yum --enablerepo=extras install epel-release
yum-config-manager --enable remi-php71
yum-config-manager --enable mysql57-community
yum install -y open-vm-tools
ln /usr/bin/vmware-rpctool /usr/sbin/vmware-rpctool
yum install -y mysql-community-client mysql-community-server
mv /etc/my.cnf /etc/my.cnf.orig
cat <<EOF | tee /etc/my.cnf
[mysqld]
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
user=mysql
# Disabling symbolic-links is recommended to prevent assorted security risks
symbolic-links=0
sql-mode=""
lower_case_table_names=0
innodb_file_per_table=1
innodb_flush_log_at_trx_commit = 0
[mysqld_safe]
log-error=/var/log/mysqld.log
pid-file=/var/run/mysqld/mysqld.pid
EOF
mysqld --initialize-insecure
service mysqld start
chkconfig --levels 235 mysqld on
mysqladmin -u root password 'root.ABC123@'
yum install -y php php-cli php-gd php-mysql php-snmp php-pear php-curl php-mbstring
yum install -y httpd net-snmp graphviz mysql php-mcrypt
yum install -y ImageMagick jwhois nmap mtr rrdtool MySQL-python
yum install -y net-snmp-utils vixie-cron fping
yum install -y nagios-plugins-all nagios-plugins-nrpe
yum install -y ntpdate unzip mod_ssl ipmitool rsync python-memcached
yum install -y git
service snmpd start
chkconfig --levels 235 snmpd on
sed -i.orig 's@^;\(date.timezone\).*@\1 = "America/New_York"@' /etc/php.ini
ln -sf /usr/share/zoneinfo/America/New_York /etc/localtime
useradd librenms -d /opt/librenms -M -r
usermod -a -G librenms apache
chkconfig --levels 235 httpd on
chkconfig --levels 235 ntpd on
mysql -u root -proot.ABC123@ -e 'CREATE DATABASE librenms CHARACTER SET utf8 COLLATE utf8_unicode_ci;'
mysql -u root -proot.ABC123@ -e "CREATE USER 'librenms'@'localhost' IDENTIFIED BY 'l1bre.3NMS';"
mysql -u root -proot.ABC123@ -e "GRANT ALL PRIVILEGES ON librenms.* TO 'librenms'@'localhost';"
mysql -u root -proot.ABC123@ -e "FLUSH PRIVILEGES;"
touch /etc/httpd/conf.d/librenms.conf
echo '<VirtualHost *:80>' >> /etc/httpd/conf.d/librenms.conf
echo " DocumentRoot /opt/librenms/html/">> /etc/httpd/conf.d/librenms.conf
echo " ServerName librenms.example.com">> /etc/httpd/conf.d/librenms.conf
echo " CustomLog /opt/librenms/logs/access_log combined" >> /etc/httpd/conf.d/librenms.conf
echo " ErrorLog /opt/librenms/logs/error_log" >> /etc/httpd/conf.d/librenms.conf
echo " AllowEncodedSlashes On" >> /etc/httpd/conf.d/librenms.conf
echo ' <Directory "/opt/librenms/html/">'>> /etc/httpd/conf.d/librenms.conf
echo " AllowOverride All">> /etc/httpd/conf.d/librenms.conf
echo " Options FollowSymLinks MultiViews" >> /etc/httpd/conf.d/librenms.conf
echo " </Directory>">> /etc/httpd/conf.d/librenms.conf
echo "RewriteEngine On" >> /etc/httpd/conf.d/librenms.conf
echo "RewriteCond %{HTTPS} off " >> /etc/httpd/conf.d/librenms.conf
echo "RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} " >> /etc/httpd/conf.d/librenms.conf
echo "</VirtualHost>">> /etc/httpd/conf.d/librenms.conf
echo "<VirtualHost *:443>" >> /etc/httpd/conf.d/librenms.conf
echo " SSLEngine on" >> /etc/httpd/conf.d/librenms.conf
echo " SSLCertificateFile /etc/pki/tls/certs/localhost.crt" >> /etc/httpd/conf.d/librenms.conf
echo " SSLCertificateKeyFile /etc/pki/tls/private/localhost.key" >> /etc/httpd/conf.d/librenms.conf
echo " DocumentRoot /opt/librenms/html/" >> /etc/httpd/conf.d/librenms.conf
echo " ServerName librenms.example.com" >> /etc/httpd/conf.d/librenms.conf
echo " CustomLog /opt/librenms/logs/access_log combined" >> /etc/httpd/conf.d/librenms.conf
echo " ErrorLog /opt/librenms/logs/error_log" >> /etc/httpd/conf.d/librenms.conf
echo " AllowEncodedSlashes On" >> /etc/httpd/conf.d/librenms.conf
echo ' <Directory "/opt/librenms/html/"> ' >> /etc/httpd/conf.d/librenms.conf
echo " AllowOverride All" >> /etc/httpd/conf.d/librenms.conf
echo " Options FollowSymLinks MultiViews" >> /etc/httpd/conf.d/librenms.conf
echo " </Directory>" >> /etc/httpd/conf.d/librenms.conf
echo "</VirtualHost>" >> /etc/httpd/conf.d/librenms.conf
cd /opt
git clone https://github.com/librenms/librenms.git librenms
cd /opt/librenms
mkdir rrd logs
mkdir html/images/custom/
chown apache:apache logs/
chown librenms:librenms rrd/
chown -R librenms:librenms /opt/librenms
chmod 775 rrd
chmod ug+rw /opt/librenms/logs
cp librenms.nonroot.cron /etc/cron.d/librenms
cp config.php.default config.php
sed -i 's/USERNAME/librenms/g' config.php
sed -i 's/PASSWORD/l1bre.3NMS/g' config.php
echo "\$config['update'] = 0;" >> config.php
echo "\$config['fping'] = '/usr/sbin/fping';" >> config.php
echo "\$config['nagios_plugins'] = '/usr/lib64/nagios/plugins';" >> config.php
echo "\$config['enable_syslog'] = 1;" >> config.php
echo "\$config['web_mouseover'] = false; " >> config.php
cp librenms.nonroot.cron /etc/cron.d/librenms
cp misc/librenms.logrotate /etc/logrotate.d/librenms
chown -R librenms:librenms /opt/librenms
COMPOSER_HOME="/opt/librenms" php /opt/librenms/scripts/composer_wrapper.php install --no-dev
php /opt/librenms/build-base.php
php /opt/librenms/adduser.php admin abc123 10 "alerts@test.com"
echo "\$ModLoad imudp " > /etc/rsyslog.d/10-listner.conf
echo "\$UDPServerRun 514" >> /etc/rsyslog.d/10-listner.conf
echo "\$ModLoad imtcp" >> /etc/rsyslog.d/10-listner.conf
echo "\$InputTCPServerRun 514" >> /etc/rsyslog.d/10-listner.conf
echo '$ModLoad omprog' > /etc/rsyslog.d/30-librenms.conf
echo '$template librenms,"%FROMHOST%||%syslogfacility-text%||%syslogpriority-text%||%syslogseverity%||%syslogtag%||%$YEAR%-%$MONTH%-%$DAY% %timegenerated:8:25%||%msg%||%programname%\n" ' >> /etc/rsyslog.d/30-librenms.conf
echo '$ActionOMProgBinary /opt/librenms/syslog.php ' >> /etc/rsyslog.d/30-librenms.conf
echo '*.* :omprog:;librenms ' >> /etc/rsyslog.d/30-librenms.conf
echo ':fromhost-ip, !isequal,"127.0.0.1" ~' > /etc/rsyslog.d/50-default.conf
curl -o /usr/bin/distro https://raw.githubusercontent.com/librenms/librenms-agent/master/snmp/distro
chmod +x /usr/bin/distro
setcap cap_net_raw+ep /usr/sbin/fping
setcap cap_net_raw+ep /usr/sbin/fping6
mv /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf.orig
#fixes
mysql -u root -proot.ABC123@ -e "USE librenms;ALTER TABLE notifications CHANGE datetime datetime timestamp NOT NULL DEFAULT '1970-01-02 00:00:00';"
mysql -u root -proot.ABC123@ -e "USE librenms;ALTER TABLE users CHANGE created_at created_at timestamp NOT NULL DEFAULT '1970-01-02 00:00:01';"
echo "mysql -u root -proot.ABC123@ -e \"USE librenms;ALTER TABLE notifications CHANGE datetime datetime timestamp NOT NULL DEFAULT '1970-01-02 00:00:00';\" " >> /root/tablefix.sh
echo "mysql -u root -proot.ABC123@ -e \"USE librenms;ALTER TABLE users CHANGE created_at created_at timestamp NOT NULL DEFAULT '1970-01-02 00:00:01';\" " >> /root/tablefix.sh
chmod +x /root/tablefix.sh
cat <<EOF | tee /etc/snmp/snmpd.conf
com2sec readonly default public
group MyROGroup v2c readonly
view all included .1 80
access MyROGroup "" any noauth exact all none none
syslocation '<syslocation>'
syscontact '<contact person>'
dontLogTCPWrappersConnects yes
#Distro Detection
extend .1.3.6.1.4.1.2021.7890.1 distro /usr/bin/distro
#Hardware Detection (uncomment to enable on physical servers)
#extend .1.3.6.1.4.1.2021.7890.2 hardware '/bin/cat /sys/devices/virtual/dmi/id/product_name'
#extend .1.3.6.1.4.1.2021.7890.3 manufacturer '/bin/cat /sys/devices/virtual/dmi/id/sys_vendor'
#extend .1.3.6.1.4.1.2021.7890.4 serial '/bin/cat /sys/devices/virtual/dmi/id/product_serial'
EOF
chown -R librenms:librenms /opt/librenms
yum-config-manager --disable updates
service mysqld stop
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment