First, update the repository index.
sudo apt update
Install MariaDB Database
Install MariaDB from Official MariaDB Mirror
Update the repository index and install the required packages.
sudo apt update
sudo apt install -y software-properties-common dirmngr apt-transport-https wget curl
Add signing key to your system.
curl -fsSL https://mariadb.org/mariadb_release_signing_key.asc | sudo gpg --dearmor -o /usr/share/keyrings/mariadb-keyring.gpg
MariaDB foundation offers a repository for Debian to install MariaDB easily. You can choose any one of the download mirrors from the MariaDB download page to set up the repository on your system.
Add MariaDB repository using the below command.
echo 'deb [arch=amd64 signed-by=/usr/share/keyrings/mariadb-keyring.gpg] http://nyc2.mirrors.digitalocean.com/mariadb/repo/10.6/debian bullseye main' | sudo tee /etc/apt/sources.list.d/mariadb.list
Install MariaDB server and client using the following command.
sudo apt update
sudo apt install -y mariadb-server mariadb-client
Secure MariaDB Installation
The mysql_secure_installation command will secure the installation of MariaDB with the help of provided questions, such as DB root password, manage root remote login, remove anonymous users, and remove test database and access to it.
This command was introduced in version 5.0.3-beta and is helpful when configuring a new server or making changes to an existing MariaDB database server.
NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY! In order to log into MariaDB to secure it, we'll need the current password for the root user. If you've just installed MariaDB, and haven't set the root password yet, you should just press enter here. Enter current password for root (enter for none): << No Password - Press Enter OK, successfully used password, moving on... Setting the root password or using the unix_socket ensures that nobody can log into the MariaDB root user without the proper authorisation. You already have your root account protected, so you can safely answer 'n'. Switch to unix_socket authentication [Y/n] N << Disabling Unix Socket login and enabling password Login ... skipping. You already have your root account protected, so you can safely answer 'n'. Change the root password? [Y/n] Y << Change MariaDB root password New password: << Enter Password Re-enter new password: << Re-Enter Password Password updated successfully! Reloading privilege tables.. ... Success! By default, a MariaDB installation has an anonymous user, allowing anyone to log into MariaDB without having to have a user account created for them. This is intended only for testing, and to make the installation go a bit smoother. You should remove them before moving into a production environment. Remove anonymous users? [Y/n] Y << Remove Anonymous users ... Success! Normally, root should only be allowed to connect from 'localhost'. This ensures that someone cannot guess at the root password from the network. Disallow root login remotely? [Y/n] Y << Disallow root login remotely ... Success! By default, MariaDB comes with a database named 'test' that anyone can access. This is also intended only for testing, and should be removed before moving into a production environment. Remove test database and access to it? [Y/n] Y << Remove test database - Dropping test database... ... Success! - Removing privileges on test database... ... Success! Reloading the privilege tables will ensure that all changes made so far will take effect immediately. Reload privilege tables now? [Y/n] Y << Reload privilege ... Success! Cleaning up... All done! If you've completed all of the above steps, your MariaDB installation should now be secure. Thanks for using MariaDB!
Log in to the MariaDB server.
mysql -u root -p
Welcome to the MariaDB monitor. Commands end with ; or \g. Your MariaDB connection id is 53 Server version: 10.6.4-MariaDB-1:10.6.4+maria~bullseye mariadb.org binary distribution Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. MariaDB [(none)]>
You will need to change few MariaDB settings for Cacti installation. So, edit the configuration file.
sudo nano /etc/mysql/mariadb.conf.d/50-server.cnf
And then, add/update the below settings in the [mysqld] section.
collation-server = utf8mb4_unicode_ci character-set-server = utf8mb4 max_heap_table_size = 128M tmp_table_size = 32M join_buffer_size = 64M innodb_file_format = Barracuda innodb_large_prefix = 1 innodb_buffer_pool_size = 512MB innodb_flush_log_at_timeout = 3 innodb_read_io_threads = 32 innodb_write_io_threads = 16 innodb_io_capacity = 5000 innodb_io_capacity_max = 10000
Install Apache & PHP Extensions
sudo apt install -y apache2 libapache2-mod-php php-xml php-ldap php-mbstring php-gd php-gmp php-mysql
As a mandatory requirement, Cacti require below values in /etc/php/7.4/apache2/php.ini and /etc/php/7.4/cli/php.ini files, assuming that your system has PHP v7.4.
date.timezone = Asia/Dhaka memory_limit = 512M max_execution_time = 60
sudo apt install -y snmp php-snmp rrdtool librrds-perl
Restart MariaDB and Apache service.
sudo systemctl restart mariadb sudo systemctl restart apache2
Install Cacti on Debian 11
First, log in to the MariaDB server.
sudo mysql -u root -p
Then, create a database for the Cacti installation.
create database cacti;
Grant permission to the newly created database.
GRANT ALL ON cacti.* TO cactiuser@localhost IDENTIFIED BY 'cactipassword'; flush privileges; exit
You will need to allow the created database user (cactiuser) to have access to the mysql.time_zone_name table. To do that, first, import the mysql_test_data_timezone.sql to mysql database.
sudo mysql -u root -p mysql < /usr/share/mysql/mysql_test_data_timezone.sql
Then, log in to MySQL.
sudo mysql -u root -p
Grant the permission to database user (cactiuser).
GRANT SELECT ON mysql.time_zone_name TO cactiuser@localhost; flush privileges; exit
Download the latest version of the Cacti package using the wget command.
Extract the Cacti archive using the tar command and move the extracted files to /opt directory.
tar -zxvf cacti-latest.tar.gz sudo mv cacti-1* /opt/cacti
Import the default Cacti database data to the newly created database.
sudo mysql -u root -p cacti < /opt/cacti/cacti.sql
Edit the Cacti config file to specify the database type, name, hostname, user, and password information.
sudo nano /opt/cacti/include/config.php
Make the changes according to your requirement.
/* make sure these values reflect your actual database/host/user/password */ $database_type = "mysql"; $database_default = "cacti"; $database_hostname = "localhost"; $database_username = "cactiuser"; $database_password = "cactipassword"; $database_port = "3306"; $database_ssl = false;
Edit the Apache configuration file to add a virtual host for Cacti.
sudo nano /etc/apache2/sites-available/cacti.conf
Use the following information in the above virtual host file.
Alias /cacti /opt/cacti <Directory /opt/cacti> Options +FollowSymLinks AllowOverride None <IfVersion >= 2.3> Require all granted </IfVersion> <IfVersion < 2.3> Order Allow,Deny Allow from all </IfVersion> AddType application/x-httpd-php .php <IfModule mod_php.c> php_flag magic_quotes_gpc Off php_flag short_open_tag On php_flag register_globals Off php_flag register_argc_argv On php_flag track_vars On # this setting is necessary for some locales php_value mbstring.func_overload 0 php_value include_path . </IfModule> DirectoryIndex index.php </Directory>
Enable the created virtual host.
sudo a2ensite cacti
Restart Apache services.
sudo systemctl restart apache2
Change the ownership of the Cacti directory to Apache user (www-data).
sudo chown -R www-data:www-data /opt/cacti/
Data Collection Frequency. Edit the crontab file.
sudo nano /etc/cron.d/cacti
Add the following entry in the cron to allow Cacti poller to poll every five minutes.
*/5 * * * * www-data php /opt/cacti/poller.php > /dev/null 2>&1
Visit the following URL to begin the installation of Cacti.
Login to Cacti to initiate the setup. The default username and password are admin.
Follow the Cacti web installer to set up Cacti on your system.
- First, you must change the password of the admin user before you begin the setup. Ensure your password meets the minimum requirement.
- Accept the Cacti license agreement and then click Begin to continue.
- On the next page, Cacti will perform pre-installation checks. Since we have already configured the system for Cacti, the pre-check should be clean. If Cacti reports any issues, fix them and click the Refresh icon to get the latest pre-check report. Finally, click Next.
- Select New Primary Server as an installation type and then click Next.
- Cacti perform Directory Permission Checks on this page to report permission issues you may have in Cacti installation directories. If the report is clean, click Next.
- Cacti now check for Critical binary locations and versions required for installation. Ensure the report is green and then click Next.
- Click the checkbox of I have read this statement on the Input Validation Whitelist Protection page and then click Next.
- Update the Network Range if you want to enable network scanning. Also, Cron Interval is Every 5 Minutes as we already configured cron to poll every five minutes.
- Click Next on the Template Setup page.
- Then, click Next again on the Database Compliant page.
- Ensure you click Confirm Installation and then click Install.
- In a minute or two, the Cacti installation will be complete. Click on the Get Started to take you directly to the Cacti dashboard.
Cacti Installation Complete
Open up a browser and visit the below URL.
Login to Cacti using the admin with the password you entered during the Cacti setup.
The Cacti Dashboard will look like below after your successful login.
You can go to Graphs >> Default Tree >> Local Linux Machine to see the graph of your Cacti server.