[SCRIPT] Automatic deployment of cacti on Centos 6.X

If you figure out how to do something interesting/cool in Cacti and want to share it with the community, please post your experience here.

Moderators: Developers, Moderators

Post Reply
starkers
Posts: 8
Joined: Thu Feb 07, 2013 3:48 am

[SCRIPT] Automatic deployment of cacti on Centos 6.X

Post by starkers »

Hi guys,

Just thought I'd share a script I assembled to automate deployment of a new cacti instance.

It drops it into an apache VH running in *:80 in the docroot as I'm not keen on the "Alias /cacti/" thing.

It doesn't address stuff like selinux/spine, https or plugin installation (yet) but I will be probably be adding that also.

I have posted the script on my blog but will drop it here for you all.

I've not tested it on other RedHat variants.

Although there are some basic checks please don't run this if you already have live stuff on a server!!


Code: Select all

#!/usr/bin/env bash

#===============================================================================
#
#          FILE:  install-cacti.sh
# 
#         USAGE:  ./install-cact.sh   #<- as root!
# 
#   DESCRIPTION:  install a fresh cacti+httpd+mysql on a clean centos 6.x
#
#                 This will setup cacti to run on the docroot (http://hostname/ ) rather than the default http://hostname/cacti/
#
#									^    in otherwords:  DO NOT RUN THIS ON A SERVER THATS ALREADY A WEBSERVER!!!
#                 ^^   YOU'VE BEEN WARNED..THIS IS FOR A DEDICATED CLEAN MACHINE!! OK!?
#                 ^^^  It will also open :80 and :443 and set selinux permissive
#                 ^^^^ Have a working mysqld installed or it will install and setup that itself
#
# 
#       OPTIONS:  ---
#  REQUIREMENTS: lazyness
#          BUGS:  ---
#         NOTES:  
#!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
#
#                 !!! THIS SCRIPT DOES NO CHECKS, OK!?
#
#               run it on a clean non-production box!  GOT IT!?
#
#!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
#
#        AUTHOR: David Stark (stark), david@starkers.org
#       CREATED: 130924
#
#       LICENSE:  WTFPL  (http://www.wtfpl.net/about/)
#
#===============================================================================
#            DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE
#                    Version 2, December 2004
#
#  Copyright (C) 2004 Sam Hocevar <sam@hocevar.net>
#
#  Everyone is permitted to copy and distribute verbatim or modified
#  copies of this license document, and changing it is allowed as long
#  as the name is changed.
#
#             DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE
#    TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
#
#  0. You just DO WHAT THE FUCK YOU WANT TO.
#===============================================================================

#     CHANGELOG:
# 130925-DS various fixes, automated the mysqld install/setup (this may be useful in itself for future mysqld deployment)
#


#I created this function to generate passwords (I would wager this is > lastpass's ^g  .... dunno? )
random_hash(){
#.. this function exports the variable "NEWHASH" from the md5sum of a (randomish) file
TMPF=`mktemp`
dd if=/dev/urandom of=$TMPF bs=1M count=5 1>/dev/null  2>/dev/null
export NEWHASH="$(md5sum $TMPF | awk '{print $1}')"
echo NEWHASH=$NEWHASH
rm -f $TMPF
}



#Check if mysqld is already running, if so I won't run mysql_secure_installation later
#
killall -0  mysqld_safe 2>/dev/null && MYSQLD=1
if [ "X$MYSQLD" == "X1" ]; then
    echo "# Mysqld was already running before I got here, so I'm assuming you've already run mysql_secure_installation"
  else
    echo "# Looks like no mysqld is running"
		yum install mysql mysql-server -y

		echo "# start + enable mysqld"
    service mysqld start ; chkconfig mysqld on

		echo "# generate a new hash"
		random_hash

		echo "# securing the install and setting root pass"
		TMPF=`mktemp`
		cat >"$TMPF"<<-EOF
		
		Y
		$NEWHASH
		$NEWHASH
		Y
		Y
		Y
		Y


		EOF
		/usr/bin/mysql_secure_installation < $TMPF
		if [ ! -f /root/.my.cnf ]; then
			echo "# Prepping /root/.my.cnf"
			cat >/root/.my.cnf<<-EOF
			[client]
			user = root
			password = $NEWHASH
			EOF

			chown root:root /root/.my.cnf
			chmod 600 /root/.my.cnf
		fi
		wget -q https://raw.github.com/major/MySQLTuner-perl/master/mysqltuner.pl -O /root/mysqltuner.pl ;  chmod +x /root/mysqltuner.pl
		echo "# your mysql root pass: $NEWHASH"
		echo "# Pro tip: run /root/mysqltuner.pl , See: https://startpage.com/do/search?q=mysqltuner"
fi

if [ ! -f /root/.my.cnf ]; then
	echo "I'm sorry but this script relies on being able to automatically log into mysql based on /root/my.cnf, will not continue"
	exit 1
fi

# install epel (cause its awesome, period)
#see http://dl.fedoraproject.org/pub/epel/6/i386/repoview/epel-release.html
rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm  #<works on i686.. nb: ".noarch"

echo "# get stuff is installed"
yum install -y cacti httpd httpd-devel php-mysql php-pear php-common php-gd php-devel php php-mbstring php-cli php-mysql php-snmp net-snmp-utils net-snmp-libs php-pear-Net-SMTP rrdtool unzip

echo "# Create the 'cacti' DB"
random_hash
TMPF=`mktemp`
printf "CREATE DATABASE cacti; GRANT ALL ON cacti.* TO cacti@localhost IDENTIFIED BY '$NEWHASH'; FLUSH privileges;\n" > $TMPF
mysql <$TMPF ; rm -f $TMPF

# import cacti.sql into the DB
mysql -u cacti -p$NEWHASH cacti < `rpm -ql cacti | grep \/cacti.sql$` || exit 1

# Set database_username in /etc/cacti/db.php:"
sed -i "s+e\ \=\ \"cactiuser+e\ \=\ \"cacti+1" /etc/cacti/db.php

# Set database_password in /etc/cacti/db.php:"
sed -i "s+d\ \=\ \"cactiuser+d\ \=\ \"$NEWHASH+1" /etc/cacti/db.php

# set url_path = "/"   (this sed cheats and just modifies the last line cause I'm lazy)
sed -i 's+?>+$url_path = "/";\n?>+g' /etc/cacti/db.php


## I want this as a VH so we could create more VHs later or whatnot..
# For now it'll just be the global *:80 as this is for a dedicated cacti VM in my case.

# Preparing /etc/httpd/conf.d/cacti.conf as a *:80 virtualhost (TODO: automatic SSL setup)
CONF=/etc/httpd/conf.d/cacti.conf

## prepend: VirtualHost stuff
sed -i "1s+^+NameVirtualHost *:80\n<VirtualHost *:80>\n  DocumentRoot /usr/share/cacti\n+" $CONF
#comment out Alias
sed -i "s+^Alias+#Alias+g" $CONF
#Close the VH
printf "\n</VirtualHost>\n" >> $CONF
#Allow other ppl to actually use it ( <3 paranoid defaults )
sed -i "s+Allow from localhost+Allow from all+g" $CONF

#restart apache
service httpd restart

sed -i "s+^#++g" /etc/cron.d/cacti 
service crond reload

## Do we have iptables enabled?
service iptables status  1>/dev/null 2>/dev/null && FIREWALL=1
if [ X"$FIREWALL" == X1 ]; then
	iptables -I INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT 
	service iptables save
fi
## go login.. default user and password = admin
Post Reply

Who is online

Users browsing this forum: No registered users and 1 guest