Rocky 9: Difference between revisions

Revision as of 06:37, 6 January 2026

This guide describes the installation of VoIPmonitor on Rocky Linux 9 with PHP 8.2 and MySQL 8.0. The installation consists of three main components: MySQL database, Web GUI, and the Sensor (sniffer).

Prerequisites

Fresh Rocky Linux 9 installation
Root access
Internet connectivity

MySQL Installation

1. Install MySQL server:

dnf install mysql-server

2. Configure MySQL:

Edit /etc/my.cnf.d/mysql-server.cnf and add:

innodb_flush_log_at_trx_commit = 2
innodb_buffer_pool_size = 8GB
skip-log-bin

Note on MySQL Authentication Methods:

Rocky 9 uses MySQL 8.0 which defaults to caching_sha2_password. Since this guide installs PHP 8.2 (which is newer than PHP 7.4.4), the mysql_native_password line is NOT required. PHP 8.2 with the mysqlnd driver automatically supports caching_sha2_password.

If you see MySQL deprecation warnings about mysql_native_password, you can safely use the standard MySQL 8 authentication without any additional configuration. See the FAQ - MySQL Authentication section for more details.

If you must configure mysql_native_password for compatibility reasons (not recommended):

echo 'default-authentication-plugin=mysql_native_password' >> /etc/my.cnf.d/mysql-server.cnf

ℹ️ Note: Set innodb_buffer_pool_size to approximately half of your available RAM. See the Scaling guide for more details.

3. Start MySQL and configure authentication:

systemctl start mysqld
systemctl enable mysqld

Set root password for MySQL (can be empty):

mysql
mysql> ALTER USER root@localhost IDENTIFIED BY  OR REPLACE;
mysql> FLUSH PRIVILEGES;
mysql> exit

4. Run security configuration:

mysql_secure_installation

Web GUI Installation

1. Enable PHP 8.2 from Remi repository:

Rocky 9 ships with PHP 8.0, but IonCube requires PHP 8.2:

dnf install epel-release
dnf install http://rpms.remirepo.net/enterprise/remi-release-9.rpm
dnf module reset php
dnf module install php:remi-8.2

2. Install required packages:

dnf install wget httpd wireshark php php-gd php-mysqlnd php-mbstring php-zip mtr php-process librsvg2 librsvg2-tools urw-fonts

3. Install IonCube loader:

wget http://voipmonitor.org/ioncube/x86_64/ioncube_loader_lin_8.2.so -O /usr/lib64/php/modules/ioncube_loader_lin_8.2.so
echo "zend_extension = /usr/lib64/php/modules/ioncube_loader_lin_8.2.so" > /etc/php.d/01_ioncube.ini

4. Disable SELinux:

SELinux must be disabled for VoIPmonitor to function properly:

sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config
setenforce 0

5. Download and install GUI:

cd /var/www/html
wget "http://www.voipmonitor.org/download-gui?version=latest&major=5&allowed&phpver=82" -O w.tar.gz
tar xzf w.tar.gz
mv voipmonitor-gui*/* ./

6. Configure permissions and start Apache:

chown -R apache /var/www/html
mkdir -p /var/spool/voipmonitor
chown apache /var/spool/voipmonitor
systemctl start httpd
systemctl enable httpd

7. Configure cron for alerts and reports:

echo "* * * * * root php /var/www/html/php/run.php cron" >> /etc/crontab
kill -HUP $(pgrep crond)

ℹ️ Note: Install Postfix for email alert functionality (see "Post-Installation Tasks" below).

System Timezone Configuration

VoIPmonitor uses the system timezone for MySQL timestamps. Configure the correct timezone before starting the sensor:

# Set system timezone (replace with your timezone)
timedatectl set-timezone Europe/Prague

# Verify the change
timedatectl

ℹ️ Note: This sets the OS timezone used by MySQL. The GUI timezone is configured separately in GUI > Settings > System Configuration > National > Timezone.

Install Mail Transfer Agent (MTA)

Email alerts and reports require a functioning MTA. Postfix is recommended for Rocky Linux 9:

# Install Postfix
dnf install postfix

# Enable and start Postfix
systemctl enable --now postfix

# Verify Postfix is running
systemctl status postfix

For detailed Postfix/SMTP configuration (relay hosts, authentication), see the Alerts & Reports guide.

Post-Installation Task: Moving MySQL Data Directory

If your root partition is too small, move MySQL data to a larger partition (e.g., /home/mysql):

# 1. Stop MySQL
systemctl stop mysqld

# 2. Create new directory on larger partition
mkdir -p /home/mysql

# 3. Copy existing data (preserving permissions)
cp -rp /var/lib/mysql/* /home/mysql/

# 4. Update MySQL configuration
# Edit /etc/my.cnf.d/mysql-server.cnf and change:
# datadir = /home/mysql

# 5. Update SELinux context (if SELinux was not disabled)
semanage fcontext -a -t mysqld_db_t "/home/mysql(/.*)?"
restorecon -Rv /home/mysql

# 6. Start MySQL
systemctl start mysqld

# 7. Verify MySQL is using new directory
mysql -e "SELECT @@datadir;"

⚠️ Warning: Ensure sufficient disk space for the new location before moving MySQL data.

Sensor Installation

1. Create systemd service file:

Create /etc/systemd/system/voipmonitor.service - see systemd for voipmonitor service management for the template.

2. Download and install sensor:

cd /usr/local/src
wget --content-disposition http://www.voipmonitor.org/current-stable-sniffer-static-64bit.tar.gz -O current-stable-sniffer-static-64bit.tar.gz
tar xzf current-stable-sniffer-static-64bit.tar.gz
cd voipmonitor-*
mkdir -p /etc/init.d
./install-script.sh --no-user-input

3. Configure sensor:

Edit /etc/voipmonitor.conf and set at minimum:

interface = eth0
spooldir = /var/spool/voipmonitor
cleandatabase = 31
sipport = 5060
maxpoolsize = 102400

ℹ️ Note: Replace eth0 with your actual network interface name.

4. Start and enable sensor:

systemctl daemon-reload
systemctl start voipmonitor
systemctl enable voipmonitor

Firewall Configuration

Option 1: Allow specific IP access:

firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address="YOUR_IP" accept'
firewall-cmd --reload

Option 2: Open HTTP port:

firewall-cmd --permanent --add-service=http
firewall-cmd --reload

Option 3: Disable firewall (not recommended for production):

systemctl stop firewalld
systemctl disable firewalld

Finish Installation

Open your browser and navigate to http://your-server-ip/ to complete the web-based setup wizard.