Full detailed guide how to install Homer on Centos 8.
Homer is very versatile system and can be installed in different configurations.
This guide will show how to install such configuration:
System update
dnf update
If there are any updates – reboot your system:
reboot
Disable Selinux
setenforce 0
echo -e "SELINUX=disabled\nSELINUXTYPE=targeted" > /etc/selinux/config
Time Sync
dnf -y install chrony ntpstat
systemctl enable chronyd
systemctl start chronyd
Setting Time-Zone to GTM-0 – skip this step, or adjust based on your needs
timedatectl set-timezone Europe/London
Install packages
dnf -y install wireshark-cli net-tools wget firewalld tar sqlite
Firewall up
systemctl start firewalld
systemctl enable firewalld
Install/Configure Prometheus
cd /usr/src/
wget https://github.com/prometheus/prometheus/releases/download/v2.22.0/prometheus-2.22.0.linux-amd64.tar.gz
tar -xzvf prometheus-2.22.0.linux-amd64.tar.gz
mv prometheus-2.22.0.linux-amd64/ prometheus/
mkdir /home/prometheus
mv /usr/src/prometheus /home/prometheus/prometheus
cd /etc/systemd/system/
touch prometheus.service
Execute all these lines at once till EOF:
cat << 'EOF' > /etc/systemd/system/prometheus.service
[Unit]
Description=Prometheus Server
Documentation=https://prometheus.io/docs/introduction/overview/
After=network-online.target
[Service]
User=root
Restart=on-failure
ExecStart=/home/prometheus/prometheus/prometheus \
--config.file=/home/prometheus/prometheus/prometheus.yml \
--storage.tsdb.path=/home/prometheus/prometheus/data
[Install]
WantedBy=multi-user.target
EOF
—
/bin/systemctl enable prometheus
mkdir -p /etc/prometheus
ln -s /home/prometheus/prometheus/prometheus.yml /etc/prometheus/prometheus.yml
echo " - job_name: 'heplify-server'" >> /etc/prometheus/prometheus.yml
echo " scrape_interval: 5s" >> /etc/prometheus/prometheus.yml
echo " static_configs:" >> /etc/prometheus/prometheus.yml
echo " - targets: [':::9096']" >> /etc/prometheus/prometheus.yml
service prometheus restart
Check if it’s running:
systemctl is-active prometheus.service
or:
netstat -plntu | grep prometheus
Install/Configure Grafana
yum -y install initscripts urw-fonts fontconfig freetype*
cd /usr/src/
wget https://dl.grafana.com/oss/release/grafana-7.2.2-1.x86_64.rpm
yum -y localinstall grafana-7.2.2-1.x86_64.rpm
/bin/systemctl daemon-reload
/bin/systemctl enable grafana-server.service
/bin/systemctl start grafana-server.service
Execute all these lines at once till EOF:
cat << EOF | sqlite3 /var/lib/grafana/grafana.db || echo "Failed to add data source."
INSERT INTO data_source VALUES (2,1,0,'prometheus','Prometheus','proxy','http://localhost:9090',NULL,NULL,NULL,0,NULL,NULL,1,'{"httpMethod":"GET","keepCookies":[]}','2017-01-15 20:00:00','2017-01-15 20:00:00',0,'{}',NULL,1);
EOF
—
Open access from outside:
firewall-cmd --add-port=3000/tcp --permanent
firewall-cmd --reload
Check if active:
systemctl is-active grafana-server.service
Install preconfigured Grafana Dashboards from https://github.com/sipcapture/homer-docker/tree/master/heplify-server/hom7-hep-prom-graf/grafana/provisioning/dashboards
Put all files to /etc/grafana/provisioning/dashboards/ and
service grafana-server restart
Install/Configure PostgreSQL
dnf -y module enable postgresql:12
dnf -y install postgresql-server
postgresql-setup --initdb
systemctl start postgresql
systemctl enable postgresql
Check if ok:
postgres -V
sudo -u postgres psql -U postgres -d postgres -c "alter user postgres with password 'postgres';"
mkdir -p /etc/postgresql
ln -s /var/lib/pgsql/data/pg_hba.conf /etc/postgresql/pg_hba.conf
ln -s /var/lib/pgsql/data/postgresql.conf /etc/postgresql/postgresql.conf
sed -i "s|ident\+|password|g" /var/lib/pgsql/data/pg_hba.conf
systemctl restart postgresql
Install/Configure Heplify-server
curl -s https://packagecloud.io/install/repositories/qxip/sipcapture/script.rpm.sh | sudo bash
dnf -y install heplify-server
mkdir -p /etc/heplify-server
ln -s /etc/heplify-server.toml /etc/heplify-server/heplify-server.tom
Execute whole text till EOF at the end:
cat << 'EOF' > /etc/heplify-server.toml
HEPAddr = "0.0.0.0:9060"
HEPTCPAddr = ""
HEPTLSAddr = "0.0.0.0:9060"
ESAddr = ""
ESDiscovery = false
LokiURL = ""
LokiBulk = 200
LokiTimer = 4
LokiBuffer = 100000
LokiHEPFilter = [1,5,100]
ForceHEPPayload = []
PromAddr = "0.0.0.0:9096"
PromTargetIP = ""
PromTargetName = ""
DBShema = "homer7"
DBDriver = "postgres"
DBAddr = "127.0.0.1:5432"
DBUser = "postgres"
DBPass = "postgres"
DBDataTable = "homer_data"
DBConfTable = "homer_config"
DBBulk = 200
DBTimer = 4
DBBuffer = 400000
DBWorker = 8
DBRotate = true
DBPartLog = "2h"
DBPartSip = "1h"
DBPartQos = "6h"
DBDropDays = 14
DBDropDaysCall = 0
DBDropDaysRegister = 0
DBDropDaysDefault = 0
DBDropOnStart = false
Dedup = false
DiscardMethod = ["OPTIONS","NOTIFY"]
AlegIDs = []
CustomHeader = []
SIPHeader = []
LogDbg = "hep,sql"
LogLvl = "warning"
LogStd = false
LogSys = false
Config = "./heplify-server.toml"
ConfigHTTPAddr = ""
EOF
—
Change 111.111.111.111 in the following code to your external server IP:
sed -i "s|HEPAddr = \"0.0.0.0:9060\"\+|HEPAddr = \"111.111.111.111:9060\"|g" /etc/heplify-server.toml
sed -i "s|HEPTLSAddr = \"0.0.0.0:9060\"\+|HEPTLSAddr = \"111.111.111.111:9060\"|g" /etc/heplify-server.toml
mkdir -p /var/log/homer
Execute whole text till EOF at the end:
cat << 'EOF' > /usr/lib/systemd/system/heplify-server.service
[Unit]
Description=HEP Server & Switch in Go
After=network.target
[Service]
WorkingDirectory=/var/log/homer
Environment="HEPLIFY_CONFIG=-config=/etc/heplify-server.toml"
ExecStart=/usr/local/bin/heplify-server $HEPLIFY_CONFIG
ExecStop=/bin/kill ${MAINPID}
Restart=on-failure
RestartSec=10s
Type=simple
[Install]
WantedBy=multi-user.target
EOF
—
systemctl daemon-reload
systemctl restart heplify-server
Check if ok:
systemctl status heplify-serveror
netstat -vatupn | grep heplify-serv
and
cat /var/log/homer/heplify-server.log | grep "postgres connection established"
Should see: 2020-11-08T08:02:52Z INFO postgres connection established
firewall-cmd --add-port=9060/udp --permanent
firewall-cmd --reload
Install/Configure Homer-app
dnf -y install homer-app
ln -s /usr/local/homer/etc/ /etc/homer-app
Execute whole text till EOF at the end:
cat << 'EOF' > /usr/local/homer/etc/webapp_config.json
{
"database_data": {
"LocalNode": {
"help": "Settings for PGSQL Database (data)",
"node": "LocalNode",
"user": "homer_user",
"pass": "homer_password",
"name": "homer_data",
"keepalive": true,
"host": "127.0.0.1"
}
},
"hep_relay": {
"help": "UDP socket to send HEP data on",
"host": "127.0.0.1",
"port": 9060
},
"database_config": {
"help": "Settings for PGSQL Database (settings)",
"node": "LocalConfig",
"user": "homer_user",
"pass": "homer_password",
"name": "homer_config",
"keepalive": true,
"host": "127.0.0.1"
},
"influxdb_config": {
"help": "Settings for InfluxDB Database (optional)",
"user": "influx_user",
"pass": "influx_password",
"name": "homer_config",
"host": "http://127.0.0.1:8086",
"database": "homer",
"policy": "autogen"
},
"prometheus_config": {
"help": "Settings for Prometheus Database (optional)",
"user": "admin",
"pass": "admin",
"host": "http://0.0.0.0:9090",
"api": "api/v1"
},
"loki_config": {
"help": "Settings for LOKI Database (optional)",
"user": "admin",
"pass": "admin",
"host": "http://127.0.0.1:3100",
"api": "loki/api/v1",
"param_query": "query_range"
},
"http_settings": {
"help": "Settings for the HOMER Webapp Server. If you have gzip_static = false, please be sure that your dist directory has uncompressed .js files",
"host": "1.1.1.1",
"port": 9080,
"root": "/usr/local/homer/dist",
"gzip": true,
"gzip_static": true,
"debug": false
},
"https_settings": {
"help": "SSL settings for homer-app",
"enable": false,
"host": "0.0.0.0",
"port": 443,
"cert": "/usr/local/homer/tls/cert.pem",
"key": "/usr/local/homer/tls/key.pem"
},
"system_settings": {
"help": "Settings for HOMER logs",
"logpath": "/var/log/homer",
"logname": "homer-app.log",
"_loglevels": "can be: fatal, error, warn, info, debug, trace",
"loglevel": "warn",
"logstdout": false
},
"auth_settings": {
"_comment": "The type param can be internal, ldap, http_auth",
"type": "internal",
"token_expire": 1200
},
"ldap_config": {
"base": "dc=example,dc=com",
"host": "ldap.example.com",
"port": 389,
"usessl": false,
"skiptls": true,
"binddn": "uid=readonlysuer,ou=People,dc=example,dc=com",
"bindpassword": "readonlypassword",
"userfilter": "(uid=%s)",
"groupfilter": "(memberUid=%s)",
"groupattribute": "cn",
"admingroup": "admin",
"adminmode": true,
"usergroup": "HOMER_user",
"usermode": true,
"attributes": ["dn", "givenName", "sn", "mail", "uid"],
"skipverify": true,
"anonymous": false,
"userdn": "uid=%s,ou=People,dc=example,dc=com"
},
"http_auth": {
"url": "http://localhost:1323",
"skipverify": true
},
"decoder_shark": {
"_comment": "Here you can do packet decoding to using tshark application. Please define uid, gid if you run the app under root",
"active": true,
"bin": "/usr/bin/tshark",
"protocols": ["1_call", "1_registration", "1_default"]
}
}
EOF
—
Change 111.111.111.111 in the following code to your external server IP:
sed -i "s|1.1.1.1\+|111.111.111.111|g" /usr/local/homer/etc/webapp_config.json
homer-app -create-config-db -database-root-user=postgres -database-host="127.0.0.1" -database-root-password=postgres -database-homer-user=homer_user
homer-app -create-data-db -database-root-user=postgres -database-host="127.0.0.1" -database-root-password=postgres -database-homer-user=homer_user
homer-app -create-table-db-config
homer-app -populate-table-db-config
homer-app -upgrade-table-db-config
service homer-app restart
Check if ok:
netstat -vatupn | grep homer
firewall-cmd --add-port=9080/tcp --permanent
firewall-cmd --reload
Web access
- Grafana: http://YOUR_SERVER_IP:3000 (admin / admin)
- Homer-app: http://YOUR_SERVER_IP:9080 (admin / sipcapture)
Login and change passwords right after install.
Configuration files
Install procedure made symlinks to the sane location of the configuration files, you can find them there:
- /etc/prometheus
- /etc/grafana
- /etc/postgresql
- /etc/heplify-server
- /etc/homer-app
Capture agent
On your server which you want to monitor install some capture agent for example Heplify and point to your Homer server.