Homer install on Centos 8

4 min read

Full detailed guide how to install Homer on Centos 8.

Homer is very versatile system and can be installed in different configurations.

This guide will show how to install such configuration:

System update

dnf update

If there are any updates – reboot your system:
reboot

Disable Selinux

setenforce 0
echo -e "SELINUX=disabled\nSELINUXTYPE=targeted" > /etc/selinux/config

Time Sync

dnf -y install chrony ntpstat
systemctl enable chronyd
systemctl start chronyd

Setting Time-Zone to GTM-0 – skip this step, or adjust based on your needs
timedatectl set-timezone Europe/London

Install packages

dnf -y install wireshark-cli net-tools wget firewalld tar sqlite

Firewall up

systemctl start firewalld
systemctl enable firewalld

Install/Configure Prometheus

cd /usr/src/
wget https://github.com/prometheus/prometheus/releases/download/v2.22.0/prometheus-2.22.0.linux-amd64.tar.gz
tar -xzvf prometheus-2.22.0.linux-amd64.tar.gz
mv prometheus-2.22.0.linux-amd64/ prometheus/

mkdir /home/prometheus
mv /usr/src/prometheus /home/prometheus/prometheus

cd /etc/systemd/system/
touch prometheus.service

Execute all these lines at once till EOF:

cat << 'EOF' > /etc/systemd/system/prometheus.service

[Unit]
Description=Prometheus Server
Documentation=https://prometheus.io/docs/introduction/overview/
After=network-online.target

[Service]
User=root
Restart=on-failure

ExecStart=/home/prometheus/prometheus/prometheus \
--config.file=/home/prometheus/prometheus/prometheus.yml \
--storage.tsdb.path=/home/prometheus/prometheus/data

[Install]
WantedBy=multi-user.target

EOF

/bin/systemctl enable prometheus
mkdir -p /etc/prometheus
ln -s /home/prometheus/prometheus/prometheus.yml /etc/prometheus/prometheus.yml

echo "  - job_name: 'heplify-server'" >> /etc/prometheus/prometheus.yml
echo "    scrape_interval: 5s" >> /etc/prometheus/prometheus.yml
echo "    static_configs:" >> /etc/prometheus/prometheus.yml
echo "    - targets: [':::9096']" >> /etc/prometheus/prometheus.yml
service prometheus restart

Check if it’s running:
systemctl is-active prometheus.service
or:
netstat -plntu | grep prometheus

Install/Configure Grafana

yum -y install initscripts urw-fonts fontconfig freetype*
cd /usr/src/
wget https://dl.grafana.com/oss/release/grafana-7.2.2-1.x86_64.rpm
yum -y localinstall grafana-7.2.2-1.x86_64.rpm

/bin/systemctl daemon-reload
/bin/systemctl enable grafana-server.service
/bin/systemctl start grafana-server.service

Execute all these lines at once till EOF:

cat << EOF | sqlite3 /var/lib/grafana/grafana.db || echo "Failed to add data source."
INSERT INTO data_source VALUES (2,1,0,'prometheus','Prometheus','proxy','http://localhost:9090',NULL,NULL,NULL,0,NULL,NULL,1,'{"httpMethod":"GET","keepCookies":[]}','2017-01-15 20:00:00','2017-01-15 20:00:00',0,'{}',NULL,1);
EOF

Open access from outside:
firewall-cmd --add-port=3000/tcp --permanent
firewall-cmd --reload

Check if active:
systemctl is-active grafana-server.service

Install preconfigured Grafana Dashboards from https://github.com/sipcapture/homer-docker/tree/master/heplify-server/hom7-hep-prom-graf/grafana/provisioning/dashboards

Put all files to /etc/grafana/provisioning/dashboards/ and
service grafana-server restart

Install/Configure PostgreSQL

dnf -y module enable postgresql:12
dnf -y install postgresql-server
postgresql-setup --initdb

systemctl start postgresql
systemctl enable postgresql

Check if ok:
postgres -V

sudo -u postgres psql -U postgres -d postgres -c "alter user postgres with password 'postgres';"
mkdir -p /etc/postgresql
ln -s /var/lib/pgsql/data/pg_hba.conf /etc/postgresql/pg_hba.conf
ln -s /var/lib/pgsql/data/postgresql.conf /etc/postgresql/postgresql.conf

sed -i "s|ident\+|password|g" /var/lib/pgsql/data/pg_hba.conf
systemctl restart postgresql

Install/Configure Heplify-server

curl -s https://packagecloud.io/install/repositories/qxip/sipcapture/script.rpm.sh | sudo bash
dnf -y install heplify-server
mkdir -p /etc/heplify-server
ln -s /etc/heplify-server.toml /etc/heplify-server/heplify-server.tom

Execute whole text till EOF at the end:

cat << 'EOF' > /etc/heplify-server.toml
HEPAddr = "0.0.0.0:9060"
HEPTCPAddr = ""
HEPTLSAddr = "0.0.0.0:9060"
ESAddr = ""
ESDiscovery = false
LokiURL = ""
LokiBulk = 200
LokiTimer = 4
LokiBuffer = 100000
LokiHEPFilter = [1,5,100]
ForceHEPPayload = []
PromAddr = "0.0.0.0:9096"
PromTargetIP = ""
PromTargetName = ""
DBShema = "homer7"
DBDriver = "postgres"
DBAddr = "127.0.0.1:5432"
DBUser = "postgres"
DBPass = "postgres"
DBDataTable = "homer_data"
DBConfTable = "homer_config"
DBBulk = 200
DBTimer = 4
DBBuffer = 400000
DBWorker = 8
DBRotate = true
DBPartLog = "2h"
DBPartSip = "1h"
DBPartQos = "6h"
DBDropDays = 14
DBDropDaysCall = 0
DBDropDaysRegister = 0
DBDropDaysDefault = 0
DBDropOnStart = false
Dedup = false
DiscardMethod = ["OPTIONS","NOTIFY"]
AlegIDs = []
CustomHeader = []
SIPHeader = []
LogDbg = "hep,sql"
LogLvl = "warning"
LogStd = false
LogSys = false
Config = "./heplify-server.toml"
ConfigHTTPAddr = ""
EOF

Change 111.111.111.111 in the following code to your external server IP:
sed -i "s|HEPAddr = \"0.0.0.0:9060\"\+|HEPAddr = \"111.111.111.111:9060\"|g" /etc/heplify-server.toml
sed -i "s|HEPTLSAddr = \"0.0.0.0:9060\"\+|HEPTLSAddr = \"111.111.111.111:9060\"|g" /etc/heplify-server.toml

mkdir -p /var/log/homer

Execute whole text till EOF at the end:

cat << 'EOF' > /usr/lib/systemd/system/heplify-server.service
[Unit]
Description=HEP Server & Switch in Go
After=network.target

[Service]
WorkingDirectory=/var/log/homer
Environment="HEPLIFY_CONFIG=-config=/etc/heplify-server.toml"
ExecStart=/usr/local/bin/heplify-server $HEPLIFY_CONFIG
ExecStop=/bin/kill ${MAINPID}
Restart=on-failure
RestartSec=10s
Type=simple

[Install]
WantedBy=multi-user.target
EOF

systemctl daemon-reload
systemctl restart heplify-server

Check if ok:
systemctl status heplify-server
or
netstat -vatupn | grep heplify-serv

and
cat /var/log/homer/heplify-server.log | grep "postgres connection established"
Should see: 2020-11-08T08:02:52Z INFO postgres connection established

firewall-cmd --add-port=9060/udp --permanent
firewall-cmd --reload

Install/Configure Homer-app

dnf -y install homer-app
ln -s /usr/local/homer/etc/ /etc/homer-app

Execute whole text till EOF at the end:

cat << 'EOF' > /usr/local/homer/etc/webapp_config.json
{
"database_data": {
"LocalNode": {
"help": "Settings for PGSQL Database (data)",
"node": "LocalNode",
"user": "homer_user",
"pass": "homer_password",
"name": "homer_data",
"keepalive": true,
"host": "127.0.0.1"
}
},
"hep_relay": {
"help": "UDP socket to send HEP data on",
"host": "127.0.0.1",
"port": 9060
},
"database_config": {
"help": "Settings for PGSQL Database (settings)",
"node": "LocalConfig",
"user": "homer_user",
"pass": "homer_password",
"name": "homer_config",
"keepalive": true,
"host": "127.0.0.1"
},
"influxdb_config": {
"help": "Settings for InfluxDB Database (optional)",
"user": "influx_user",
"pass": "influx_password",
"name": "homer_config",
"host": "http://127.0.0.1:8086",
"database": "homer",
"policy": "autogen"
},
"prometheus_config": {
"help": "Settings for Prometheus Database (optional)",
"user": "admin",
"pass": "admin",
"host": "http://0.0.0.0:9090",
"api": "api/v1"
},
"loki_config": {
"help": "Settings for LOKI Database (optional)",
"user": "admin",
"pass": "admin",
"host": "http://127.0.0.1:3100",
"api": "loki/api/v1",
"param_query": "query_range"
},
"http_settings": {
"help": "Settings for the HOMER Webapp Server. If you have gzip_static = false, please be sure that your dist directory has uncompressed .js files",
"host": "1.1.1.1",
"port": 9080,
"root": "/usr/local/homer/dist",
"gzip": true,
"gzip_static": true,
"debug": false
},
"https_settings": {
"help": "SSL settings for homer-app",
"enable": false,
"host": "0.0.0.0",
"port": 443,
"cert": "/usr/local/homer/tls/cert.pem",
"key": "/usr/local/homer/tls/key.pem"
},
"system_settings": {
"help": "Settings for HOMER logs",
"logpath": "/var/log/homer",
"logname": "homer-app.log",
"_loglevels": "can be: fatal, error, warn, info, debug, trace",
"loglevel": "warn",
"logstdout": false
},
"auth_settings": {
"_comment": "The type param can be internal, ldap, http_auth",
"type": "internal",
"token_expire": 1200
},
"ldap_config": {
"base": "dc=example,dc=com",
"host": "ldap.example.com",
"port": 389,
"usessl": false,
"skiptls": true,
"binddn": "uid=readonlysuer,ou=People,dc=example,dc=com",
"bindpassword": "readonlypassword",
"userfilter": "(uid=%s)",
"groupfilter": "(memberUid=%s)",
"groupattribute": "cn",
"admingroup": "admin",
"adminmode": true,
"usergroup": "HOMER_user",
"usermode": true,
"attributes": ["dn", "givenName", "sn", "mail", "uid"],
"skipverify": true,
"anonymous": false,
"userdn": "uid=%s,ou=People,dc=example,dc=com"
},
"http_auth": {
"url": "http://localhost:1323",
"skipverify": true
},
"decoder_shark": {
"_comment": "Here you can do packet decoding to using tshark application. Please define uid, gid if you run the app under root",
"active": true,
"bin": "/usr/bin/tshark",
"protocols": ["1_call", "1_registration", "1_default"]
}
}
EOF

Change 111.111.111.111 in the following code to your external server IP:
sed -i "s|1.1.1.1\+|111.111.111.111|g" /usr/local/homer/etc/webapp_config.json

homer-app -create-config-db -database-root-user=postgres -database-host="127.0.0.1" -database-root-password=postgres -database-homer-user=homer_user
homer-app -create-data-db -database-root-user=postgres -database-host="127.0.0.1" -database-root-password=postgres -database-homer-user=homer_user
homer-app -create-table-db-config
homer-app -populate-table-db-config
homer-app -upgrade-table-db-config

service homer-app restart

Check if ok:
netstat -vatupn | grep homer

firewall-cmd --add-port=9080/tcp --permanent
firewall-cmd --reload

 

Web access

  • Grafana: http://YOUR_SERVER_IP:3000 (admin / admin)
  • Homer-app: http://YOUR_SERVER_IP:9080 (admin / sipcapture)

Login and change passwords right after install.

 

Configuration files

Install procedure made symlinks to the sane location of the configuration files, you can find them there:

  • /etc/prometheus
  • /etc/grafana
  • /etc/postgresql
  • /etc/heplify-server
  • /etc/homer-app

 

Capture agent

On your server which you want to monitor install some capture agent for example Heplify and point to your Homer server.

 

 

Leave a Reply

Your email address will not be published. Required fields are marked *

    Never miss a story from us. Get monthly updates in your inbox.