====== Ubuntu サーバへの Pandora FMS インストールガイド ======
{{indexmenu_n>30}}
[[:ja:documentation:start|Pandora FMS ドキュメント一覧に戻る]]
We are working on the translation of the Pandora FMS documentation. Sorry for any inconvenience.
===== 前提条件 =====
* Ubuntu server 22.04 with **root.** user rights
* Internet connection.
* Ubuntu server 22.04 および **root** 権限
* インターネット接続
===== 基本ツール =====
In a terminal window with user **root**:
ターミナル画面で **root** ユーザで実行します。
apt install -y gawk sed grep
----
rm -rf /opt/pandora/deploy
mkdir -p /opt/pandora/deploy
cd /opt/pandora/deploy
----
apt update
apt install -y net-tools vim curl wget \
software-properties-common apt-transport-https\
ca-certificates gnupg lsb-release
==== Apache2 および PHP 8 ====
add-apt-repository ppa:ondrej/php
apt update
apt upgrade
apt install -y php8.0-fpm php8.0-common libapache2-mod-fcgid php8.0-cli apache2
a2enmod proxy_fcgi setenvif
systemctl reload apache2
a2enconf php8.0-fpm
systemctl restart php8.0-fpm
===== Pandora FMS Web コンソール依存ファイル =====
apt install -y \
ldap-utils postfix \
wget graphviz \
xfonts-75dpi xfonts-100dpi \
xfonts-ayu xfonts-intl-arabic \
xfonts-intl-asian xfonts-intl-phonetic \
xfonts-intl-japanese-big xfonts-intl-european \
xfonts-intl-chinese xfonts-intl-japanese \
xfonts-intl-chinese-big libzstd1 \
gir1.2-atk-1.0 libavahi-common-data\
cairo-perf-utils libfribidi-bin \
php8.0-mcrypt php8.0-gd \
php8.0-curl php8.0-mysql \
php8.0-ldap php8.0-fileinfo \
php8.0-gettext php8.0-snmp\
php8.0-mbstring php8.0-zip \
php8.0-xml rpc php8.0-xml \
php8.0-yaml libnet-telnet-perl\
whois cron
===== Pandora FMS サーバ依存ファイル =====
apt install -y \
perl nmap\
fping sudo \
net-tools nfdump \
expect openssh-client \
postfix unzip \
xprobe coreutils \
libmoosex-role-timer-perl libmoosex-perl \
libdbd-mysql-perl libcrypt-mysql-perl \
libhttp-request-ascgi-perl liblwp-useragent-chicaching-perl \
liblwp-protocol-https-perl snmp\
libnetaddr-ip-perl libio-socket-ssl-perl\
libio-socket-socks-perl libio-socket-ip-perl \
libio-socket-inet6-perl libnet-telnet-perl \
libjson-perl libencode-perl \
cron libgeo-ip-perl\
arping snmp-mibs-downloader \
openjdk-8-jdk
----
mkdir -m 0755 -p /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | \
sudo gpg --yes --dearmor -o /etc/apt/keyrings/docker.gpg
threw out \
"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | \
sudo tee /etc/apt/sources.list.d/docker.list
apt update -y
apt-get install -y \
docker-ce docker-ce-cli containerd.io\
docker-buildx-plugin docker-compose-plugin
systemctl disable docker --now
systemctl disable docker.socket --now
===== WMI 監視を行うための依存ファイル =====
curl -O https://firefly.pandorafms.com/pandorafms/utils/bin/wmic
curl -O https://firefly.pandorafms.com/pandorafms/utils/bin/pandorawmic
chmod +x pandorawmic wmic
cp -a wmic /usr/bin/
cp -a pandorawmic /usr/bin/
==== Fping ====
rm -f /usr/sbin/fping
ln -s /usr/bin/fping /usr/sbin/fping
===== Google Chrome Tool =====
wget https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb
dpkg -i google-chrome-stable_current_amd64.deb
ln -s /usr/bin/google-chrome /usr/bin/chromium-browser
===== VMware Tool =====
apt install -y \
lib32z1 lib32z1 \
build-essential uuid uuid-dev \
libssl-dev perl-doc\
libxml-libxml-perl libcrypt-ssleay-perl \
libsoap-lite-perl libmodule-build-perl
wget https://firefly.pandorafms.com/pandorafms/utils/VMware-vSphere-Perl-SDK-7.0.0-16453907.x86_64.tar.gz
tar -xzvf VMware-vSphere-Perl-SDK-7.0.0-16453907.x86_64.tar.gz
cd vmware-vsphere-cli-distrib/
sed --follow-symlinks -i -e "s/[^#].*show_EULA().*/ #show_EULA();/g" vmware-install.pl
./vmware-install.pl -default
cd ..
===== Oracle client tool =====
mkdir -p /opt/oracle
wget https://download.oracle.com/otn_software/linux/instantclient/19800/instantclient-basic-linux.x64-19.8.0.0.0dbru.zip
wget https://download.oracle.com/otn_software/linux/instantclient/19800/instantclient-sqlplus-linux.x64-19.8.0.0.0dbru.zip
rm -fr /opt/oracle/*
unzip instantclient-basic-linux.x64-19.8.0.0.0dbru.zip -d /opt/oracle/
unzip instantclient-sqlplus-linux.x64-19.8.0.0.0dbru.zip -d /opt/oracle/
----
cat>> /root/.profile <<'EOF_ENV'
#!/bin/bash
VERSION=19.8
export PATH=$PATH:/opt/oracle/instantclient_19_8
export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/opt/oracle/instantclient_19_8
export ORACLE_HOME=/opt/oracle/instantclient_19_8
EOF_ENV
source '/root/.profile'
===== IPAM 依存ファイル =====
apt install -y \
xprobe libnetaddr-ip-perl \
coreutils libdbd-mysql-perl \
libxml-simple-perl libgeo-ip-perl \
libio-socket-inet6-perl libxml-twig-perl \
libnetaddr-ip-perl
===== MS SQL のための ODBC 依存ファイル =====
curl -sSL https://packages.microsoft.com/keys/microsoft.asc | \
tee /etc/apt/trusted.gpg.d/microsoft.asc
curl -sSL https://packages.microsoft.com/config/ubuntu/20.04/prod.list | \
tee /etc/apt/sources.list.d/microsoft-prod.list
apt update
env ACCEPT_EULA=Y apt install -y msodbcsql17
===== AppArmor および UFW 設定 =====
systemctl stop ufw.service
systemctl disable ufw
systemctl stop apparmor
systemctl disable apparmor
===== MySQL インストール =====
curl -O https://repo.percona.com/apt/percona-release_latest.generic_all.deb
apt install -y gnupg2 lsb-release ./percona-release_latest.generic_all.deb
percona-release setup ps80
apt install -y percona-server-server percona-xtrabackup-80
----
systemctl start mysql
mysql -uroot -p
ALTER USER 'root'@'localhost' IDENTIFIED WITH caching_sha2_password BY 'Pandor4!';
CREATE DATABASE 'pandora';
CREATE USER 'pandora'@'%' IDENTIFIED WITH 'caching_sha2_password' BY 'Pandor4!';
GRANT ALL PRIVILEGES ON 'pandora'.'*' TO 'pandora'@'%';
EXIT;
----
cat> /etc/mysql/my.cnf <
----
systemctl restart mysql
===== Pandora FMS のインストール =====
\\
Download links for the **PFMS server** and Web Console installers can be requested [[https://pandorafms.com/en/free-trial/|through this link]] and get a free trial (if you already have a license you can access through the [[:en:documentation:pandorafms:installation:02_anexo_upgrade#ks1_1|Warp Update On Line]]).
\\
\\
**PFMS サーバ** および Web コンソールインストーラーのダウンロードリンクは [[https://pandorafms.com/en/free-trial/|このリンクから]] リクエストできます。無料トライアルを入手できます (ライセンスを既にお持ちの場合は、[[:ja:documentation:pandorafms:installation:02_anexo_upgrade#ks1_1|オンラインワープアップデート]] からアクセスできます)。
\\
wget https://firefly.pandorafms.com/pandorafms/LTS/pandorafms_one_agent_linux-lts.tar.gz
==== Pandora FMS Web コンソールのインストール ====
tar xvzf pandorafms_console-lts.src.tar.gz
cp -Ra pandora_console /var/www/html/
rm -f /var/www/html/pandora_console/*.spec
==== Pandora FMS サーバのインストール ====
In this case the latest LTS version (the file name may be different):
以下の例は、最新の LTS バージョン (ファイル名は異なる場合があります) です。
useradd pandora
mv pandorafms_server-7.0NG.tar.gz /opt/pandora/deploy/
cd /opt/pandora/deploy
tar xvfz pandorafms_server-lts.tar.gz
cd pandora_server
./pandora_server_installer --install
==== Pandora FMS エージェントのインストール ====
apt install -y libyaml-tiny-perl perl coreutils wget curl unzip procps python3 python3-pip
mv pandorafms_agent_linux-7.0NG.tar.gz /opt/pandora/deploy/
cd /opt/pandora/deploy
tar xvzf pandorafms_one_agent_linux-lts.tar.gz
unix cd
./pandora_agent_installer --install
cp -a tentacle_client /usr/local/bin/
==== GoTTY インストール ====
cd /opt/pandora/deploy
wget https://firefly.pandorafms.com/pandorafms/utils/gotty_linux_amd64.tar.gz
tar xvzf gotty_linux_amd64.tar.gz
mv gotty /usr/bin/
==== SSL 設定 ====
cat > /etc/apache2/conf-available/ssl-params.conf << EOF_PARAM
SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH
SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
SSLHonorCipherOrder On
Header unset X-Frame-Options
Header always set X-Frame-Options SAMEORIGIN
SSLCompression off
SSLUseStapling on
SSLStaplingCache "shmcb:logs/stapling-cache(150000)"
SSLSessionTickets Off
EOF_PARAM
----
a2enmod ssl
a2enmod headers
a2enmod rewrite
a2enconf ssl-params
a2ensite default-ssl
a2enconf ssl-params
apache2ctl configtest
systemctl restart apache2
systemctl enable mysql --now
systemctl enable apache2 --now
systemctl enable php8.0-fpm --now
==== MySQL の構造とデータ ====
mysql -uroot -ppandora
wear pandora;
source /var/www/html/pandora_console/pandoradb.sql
source /var/www/html/pandora_console/pandoradb_data.sql
exit;
==== PHP および Apache2 の設定 ====
cat> /var/www/html/pandora_console/include/config.php <
----
cat > /etc/apache2/conf-enabled/pandora_security.conf << EO_CONFIG_F
ServerTokens Prod
Options FollowSymLinks
AllowOverride All
Require all granted
EO_CONFIG_F
----
chmod 600 /var/www/html/pandora_console/include/config.php
chown -R www-data:www-data /var/www/html/pandora_console
mv /var/www/html/pandora_console/install.php /var/www/html/pandora_console/install.done
----
ln -s /etc/php/8.0/fpm/php.ini /etc/
sed --follow-symlinks -i -e "s/^max_input_time.*/max_input_time = -1/g" /etc/php.ini
sed --follow-symlinks -i -e "s/^max_execution_time.*/max_execution_time = 0/g" /etc/php.ini
sed --follow-symlinks -i -e "s/^upload_max_filesize.*/upload_max_filesize = 800M/g" /etc/php.ini
sed --follow-symlinks -i -e "s/^memory_limit.*/memory_limit = 800M/g" /etc/php.ini
sed --follow-symlinks -i -e "s/.*post_max_size =.*/post_max_size = 800M/" /etc/php.ini
sed --follow-symlinks -i -e "s/^disable_functions/;disable_functions/" /etc/php.ini
----
cat> /var/www/html/index.html <
EOF_INDEX
systemctl restart apache2
systemctl restart php8.0-fpm
==== Pandora FMS エージェントとサーバ設定 ====
cat> /etc/snmp/snmptrapd.conf <
----
sed -i -e "s/^dbhost.*/dbhost 127.0.0.1/g" /etc/pandora/pandora_server.conf
sed -i -e "s/^dbname.*/dbname pandora/g" /etc/pandora/pandora_server.conf
sed -i -e "s/^dbuser.*/dbuser pandora/g" /etc/pandora/pandora_server.conf
sed -i -e "s/^dbpass.*/dbpass Pandor4\!/g" /etc/pandora/pandora_server.conf
sed -i -e "s/^dbport.*/dbport 3306/g" /etc/pandora/pandora_server.conf
sed -i -e "s/^#.mssql_driver.*/mssql_driver 17/g" /etc/pandora/pandora_server.conf
----
grep -q "group www-data" /etc/pandora/pandora_server.conf || \
cat>> /etc/pandora/pandora_server.conf<
----
sed -i "s/^remote_config.*$/remote_config 1/g" /etc/pandora/pandora_agent.conf
----
cat> /etc/pandora/pandora_server.env <<'EOF_ENV'
#!/bin/bash
VERSION=19.8
export PATH=$PATH:/opt/oracle/instantclient_19_8
export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/opt/oracle/instantclient_19_8
export ORACLE_HOME=/opt/oracle/instantclient_19_8
export OPENSSL_CONF=/etc/ssl
EOF_ENV
----
cat>> /etc/sysctl.conf <
----
chown pandora: www-data /var/log/pandora
chmod g+s /var/log/pandora
cat> /etc/logrotate.d/pandora_server <
----
cat> /etc/logrotate.d/pandora_agent <
==== Tentacle および cron ====
systemctl start pandora_server
systemctl enablepandora_server
service tentacle_server start
systemctl enable tentacle_server
----
echo "* * * * * root wget -q -O - --no-check-certificate --load-cookies /tmp/cron-session-cookies --save-cookies /tmp/cron-session-cookies --keep -session-cookies http://127.0.0.1/pandora_console/enterprise/cron.php >> $PANDORA_CONSOLE/log/cron.log" >> /etc/crontab
echo "@hourly root bash -c /etc/cron.hourly/pandora_db" >> /etc/crontab
----
Agent remote configuration:
エージェントリモート設定:
sed -i "s/^remote_config.*$/remote_config 1/g" /etc/pandora/pandora_agent.conf
systemctl start pandora_agent_daemon
systemctl enable pandora_agent_daemon
If there was a problem with PhantomJS:
PhantomJS で問題があった場合:
sed --follow-symlinks -i -e "s/^openssl_conf = openssl_init/#openssl_conf = openssl_init/g" /etc/ssl/openssl.cnf
===== Pandora FMS へのログイン =====
To access the Web Console, type the IP address (or URL) of the device followed by ''/pandora_console/'' .
Web コンソールにアクセスするには、デバイスの IP アドレス (または URL) に続けて ''/pandora_console/'' を入力します。
The default login credentials are:
デフォルトのログイン情報は次の通りです。
* user: ''admin''
* password: ''pandora''
* ユーザ: ''admin''
* パスワード: ''pandora''
[[:ja:documentation:start|Pandora FMS ドキュメント一覧に戻る]]
===== (OBSOLETE) =====
==== Websocket エンジン ====
mv /var/www/html/pandora_console/pandora_websocket_engine /etc/init.d/
chmod +x /etc/init.d/pandora_websocket_engine
/etc/init.d/pandora_websocket_engine start
systemctl enable pandora_websocket_engine