Recently I spent some time tried different solution to monitor home network and systems. Initially, I tried Cacti on Raspberry Pi but not working really well together with Pi-Hole. So I moved Cacti into a docker container on Synology NAS. But Cacti eats up lot of NAS resources and itself is not that user-friendly. So many issues with poller, and the performance is not good.
Then finally, I found LibreNMS which surprised me with easy deployment and very nice look and feel. So go straight to the deployment guide of LibreNMS to monitor home network via SNMP.
I decided to deploy LibreNMS on Synology Docker. LibreNMS needs database support. So need to create a database docker container.
SSH to Synology NAS then create MariaDB folder
mkdir /volume1/docker/mariadb
Install MariaDB container
docker run --name mariadb \ -v /volume1/docker/mariadb:/var/lib/mysql \ -e MYSQL_ROOT_PASSWORD=your-mariadb-root-password \ -e MYSQL_DATABASE=librenms \ -e MYSQL_USER=librenms \ -e MYSQL_PASSWORD=your-mariadb-librenmsuser-password \ -e TZ=Australia/Sydney -d mariadb:latest --sql-mode='' --innodb_file_per_table=1 \ --lower_case_table_names=0
Now Database is ready to connect.
Then install LibreNMS container, create folders first
mkdir /volume1/docker/librenms mkdir /volume1/docker/librenms/logs mkdir /volume1/docker/librenms/rrd
Generate API Key
docker run --rm jarischaefer/docker-librenms generate_key
Output Example
base64:Q0+ZV56/5Uwz79vsvS4ZfwQFOty3e9DJEouEy+IXvz8=
The key (including base64:) must be passed via the APP_KEY environment variable in the docker run command.
Run librenms container
docker run \ -d \ -p 8080:80 \ -e APP_KEY=the_secret_key_you_have_generated \ -e DB_HOST=database \ -e DB_NAME=librenms \ -e DB_USER=librenms \ -e DB_PASS=your-mariadb-librenmsuser-password \ -e BASE_URL=http://localhost \ -e TZ=Australia/Sydney \ --link mariadb:database \ -v /volume1/docker/librenms/logs:/opt/librenms/logs \ -v /volume1/docker/librenms/rrd:/opt/librenms/rrd \ --name librenms \ jarischaefer/docker-librenms:latest
Create DB Table
docker exec librenms setup_database
Creating an initial admin user
docker exec librenms create_admin
It’s almost done. Before login into the LibreNMS web portal. We need to enable HTTPS for the site.
The easiest way is to use Synology Application portal reverse proxy setting.
Create a rule under reverse proxy setting.
Source: https://your-librenms-url
Destination: http://localhost:8080
So Synology web service will proxy the https traffic to local http traffic. The traffic between client to Synology NAS is encrypted even using a self-issued certificate, but the traffic within Synology web server to LibreNMS docker container is not encrypted. That does not matter too much as internal traffic on NAS. You can also use Letsencrypted public trusted certificate for LibreNMS web portal.
Before you login LibreNMS, just make sure there’s a DNS record for your-librenms-url to Synology NAS IP address. If you use Pi-Hole as your internal DNS server, just add an entry to its dnsmasq config file.
So open a browser and access https://your-librenms-url
The next step is to enable SNMP for all your home devices that want to be monitored. Recommend to use SNMP v3 for security reasons. But if you think home network risk exposure is low, then SNMP v2 is also a good choice for best compatibility and easy configuration.
Add device on LibreNMS by matching the SNMP setting and credentials on devices. Wait for 5 minutes, you will see the graphs of collecting data.
Back to the Terminal, we can set up custom settings to LibreNMS to exclude some unwanted features like Billing and Services etc
vi /volume1/docker/librenms/config.custom.php
Paste in the following example (1 is enable, 0 is disable)
<?php $config['show_locations'] = 1; # Enable Locations on menu $config['show_locations_dropdown'] = 1; # Enable Locations dropdown on menu $config['show_services'] = 1; # Enable Services on menu $config['int_customers'] = 0; # Enable Customer Port Parsing $config['summary_errors'] = 1; # Show Errored ports in summary boxes on the dashboard $config['int_transit'] = 0; # Enable Transit Types $config['int_peering'] = 0; # Enable Peering Types $config['int_core'] = 0; # Enable Core Port Types $config['int_l2tp'] = 0; # Enable L2TP Port Types $config['force_ip_to_sysname'] = true; $config['enable_bgp'] = 0; # Enable BGP session collection and display $config['enable_syslog'] = 0; # Enable Syslog $config['enable_inventory'] = 0; # Enable Inventory $config['enable_pseudowires'] = 0; # Enable Pseudowires $config['enable_vrfs'] = 0; # Enable VRFs $config['enable_sla'] = 0; # Enable Cisco SLA collection and display $config['bad_if_regexp'][] = '/^lo.*/'; // ignore loopback interface $config['bad_if_regexp'][] = '/^docker[\w]+$/'; // ignore docker interfaces $config['ignore_mount_regexp'][] = "/^\/volume1\/@docker\/.*/"; // Syno-NAS ignore docker mounts $config['ignore_mount'][] = "/dev/shm"; // Syno-NAS $config['ignore_mount_regexp'][] = "/\/run.*/"; // Syno-NAS $config['ignore_mount'][] = "/sys/fs/cgroup"; // Syno-NAS $config['ignore_mount'][] = "/tmp"; // Syno-NAS
After you have edited the config.custom.php to your liking, remember to perform a restart on your docker container to reflect the new settings
docker restart librenms
You can also config extended SNMP of Pi-Hole application by using its API. Then LibreNMS will automatically discovered Pi-Hole application and grab the blocking / query data from Pi-Hole directly.
——————————
July 23 2020 Updated
Leave a Reply