Docker image for LibreNMS

This document refers to the master branch and does not necessarily correspond to the version that you are running. It is recommended to extract the readme from your preferred release's source code archive. Releases are listed on the Releases page.

This is a generic docker container for LibreNMS.

The container runs nginx 1.15+ with HTTP/2 support and PHP 7.3 FPM with OPCache and rrdcached for maximum performance.

If you don't have a MySQL server setup either in Docker or elsewhere then you can create a docker container here.

You should read the LibreNMS installation docs for the latest instructions regarding database setup.

As of November 2016, the following is still a requirement:

NOTE: Whilst we are working on ensuring LibreNMS is compatible with MySQL strict mode, for now, please disable this after mysql is installed.

You must first generate a unique encryption key.

Generating the key

docker run --rm jarischaefer/docker-librenms generate_key

Output example

base64:Q0+ZV56/5Uwz79vsvS4ZfwQFOty3e9DJEouEy+IXvz8=

Make sure you keep the key secret, because anyone in possession of it can decrypt sensitive data.

The key (including base64:) must be passed via the APP_KEY environment variable in the docker run command.

You should have a MySQL server running at this point. Make sure the database, user and permissions exist before running the commands.

Next, follow the instructions for running the container. Once the container is up and running, you may use the following commands to populate the database and create an admin user.

Creating the tables

docker exec librenms setup_database

Creating an initial admin user

docker exec librenms create_admin

• User: admin
• Password: admin

The examples below do not cover all of the available configuration options, check the appropriate section in the docs for a complete list.

In the example below the linked container is named my-database-container and its alias inside the container is db. Make sure my-database-container matches the MySQL container's name and DB_HOST matches its alias inside the container if you intend to modify it.

docker run \
	-d \
	-h librenms \
	-p 80:80 \
	-e APP_KEY=the_secret_key_you_have_generated \
	-e DB_HOST=db \
	-e DB_NAME=librenms \
	-e DB_USER=librenms \
	-e DB_PASS=secret \
	-e BASE_URL=http://localhost \
	--link my-database-container:db \
	-v /data/logs:/opt/librenms/logs \
	-v /data/rrd:/opt/librenms/rrd \
	--name librenms \
	jarischaefer/docker-librenms

docker run \
	-d \
	-h librenms \
	-p 80:80 \
	-e APP_KEY=the_secret_key_you_have_generated \
	-e DB_HOST=x.x.x.x \
	-e DB_NAME=librenms \
	-e DB_USER=librenms \
	-e DB_PASS=secret \
	-e BASE_URL=http://localhost \
	-v /data/logs:/opt/librenms/logs \
	-v /data/rrd:/opt/librenms/rrd \
	--name librenms \
	jarischaefer/docker-librenms

1. Pick a release from the Releases page
2. Run docker pull jarischaefer/docker-librenms:{release}
3. Restart your container using the new version
4. Follow the steps for database updates

Run docker exec librenms setup_database.

If you would like to update the database automatically on startup, you may pass DAILY_ON_STARTUP=true. Keep in mind that restarting more than one container simultaneously could result in concurrency issues and damage your database.

The LibreNMS implementation (as of October 2018) uses a distributed lock via memcache to avoid this scenario. Therefore, if all containers share the same memcache instance, concurrent restarts would be safe.

Mount another directory containing ssl.key, ssl.crt and optionally ssl.ocsp.crt to enable HTTPS. You'll also have to change BASE_URL.

docker run \
	-d \
	-h librenms \
	-p 80:80 \
	-p 443:443 \
	-e APP_KEY=the_secret_key_you_have_generated \
	-e DB_HOST=db \
	-e DB_NAME=librenms \
	-e DB_USER=librenms \
	-e DB_PASS=secret \
	-e BASE_URL=https://localhost \
	--link my-database-container:db \
	-v /data/logs:/opt/librenms/logs \
	-v /data/rrd:/opt/librenms/rrd \
	-v /data/ssl:/etc/nginx/ssl:ro \
	--name librenms \
	jarischaefer/docker-librenms

The container must be stopped, removed and subsequently restarted in order for configuration changes to take effect.

The following keys can be passed directly via the -e switch:

These are instructions for the LibreNMS syslog extension.

• Add -e ENABLE_SYSLOG=true to your docker run command
• Add -p 514:514 and -p 514:514/udp to your docker run command
• Configure the remote host whose logs should be gathered (rsyslog example)
  • Create /etc/rsyslog.d/60-librenms.conf
  • Add *.* @example.com:514

These are instructions for the LibreNMS weathermap plugin.

The weathermap plugin requires additional mounts to persist its data.

• /opt/librenms/html/plugins/Weathermap/configs for the configs
• /opt/librenms/html/plugins/Weathermap/output for the generated data

Make sure you set Output Image Filename to output/example.png and Output HTML Filename to output/example.html in the Map Properties configuration section so the files are persisted in the output directory.

You may apply custom configuration by mounting files matching *.php in /opt/librenms/conf.d.

In the example below /data/config.interfaces.php on the host is mounted inside the container at /opt/librenms/conf.d/config.interfaces.php.

docker run \
	-d \
	-h librenms \
	-p 80:80 \
	-p 443:443 \
	-e APP_KEY=the_secret_key_you_have_generated \
	-e DB_HOST=db \
	-e DB_NAME=librenms \
	-e DB_USER=librenms \
	-e DB_PASS=secret \
	-e BASE_URL=https://localhost \
	--link my-database-container:db \
	-v /data/logs:/opt/librenms/logs \
	-v /data/rrd:/opt/librenms/rrd \
	-v /data/ssl:/etc/nginx/ssl:ro \
	-v /data/config.interfaces.php:/opt/librenms/conf.d/config.interfaces.php \
	--name librenms \
	jarischaefer/docker-librenms

config.interfaces.php

<?php

$config['bad_if_regexp'][] = '/^docker[-\w].*$/';
$config['bad_if_regexp'][] = '/^lxcbr[0-9]+$/';
$config['bad_if_regexp'][] = '/^veth.*$/';
$config['bad_if_regexp'][] = '/^virbr.*$/';
$config['bad_if_regexp'][] = '/^lo$/';
$config['bad_if_regexp'][] = '/^macvtap.*$/';
$config['bad_if_regexp'][] = '/gre.*$/';
$config['bad_if_regexp'][] = '/tun[0-9]+$/';

If you plan to use this container for a distributed LibreNMS installation, you may want to disable some of the default cron jobs, or the local rrdcached, nginx and php-fpm services. You could also increase the number of discovery-wrapper.py threads.

docker run \
	-d \
	-h librenms \
	-p 80:80 \
	-e APP_KEY=the_secret_key_you_have_generated \
	-e DB_HOST=db \
	-e DB_NAME=librenms \
	-e DB_USER=librenms \
	-e DB_PASS=secret \
	-e BASE_URL=http://localhost \
	-e POLLERS=16 \
	-e TZ=UTC \
	-e DISCOVERY_THREADS=2 \
	-e DAILY_ENABLE=false \
	-e ALERTS_ENABLE=false \
	-e CHECK_SERVICES_ENABLE=false \
	-e RRDCACHED_ENABLE=false \
	-e NGINX_ENABLE=false \
	-e PHPFPM_ENABLE=false \
	--link my-database-container:db \
	-v /data/logs:/opt/librenms/logs \
	-v /data/rrd:/opt/librenms/rrd \
	--name librenms \
	jarischaefer/docker-librenms

Make sure you source the environment variables from /etc/librenms_environment prior to executing commands inside the container.

This is an example demonstrating how to run the validation script.

su - librenms
source /etc/librenms_environment
cd /opt/librenms
php validate.php

The commands above are purely for illustrative purposes. You should customize them to fit your environment.

Also, please note that...

• Alerting via email is supported via SMTP only.
• Publicly accessible installations should be put behind jwilder/nginx-proxy or similar proxies for better access control and security hardening.

This project is open-sourced software licensed under the MIT license.

LibreNMS has its own license, this license only covers the Docker part.