MonNet is a hybrid of a homepage accessible from your web browser and a preview/summary of your network, featuring additional options.
MonNet is currently in an early version. It is possible that issues may arise between versions. The compatibility is not guaranteed.
The English language (EN/US) is AI generated.
I started implementing Ansible as a replacement for phpseclib as a method to connect to and retrieve data from hosts.
- Track Host In your network and have and inventory
- Alarms/Events (Agent)
- A simple bookmarks dashboard
- Basic IPAM
- Basic Hosts Stats (Agent)
- Linux Support (Ansible/Agent)
- Host Notes
- Get Host Logs (Ansible)
- Email Alerts
Partially working Features
- Execute Playbooks (Ansible)
- Respond to events in hosts with playbooks ((Agent/Ansible)
Future Features:
- Windows hosts support
v0.0.0 Mayor.Minor.Revision
Mayor/Minor implies database changes or other code mayor changes.
Revision version implied only code changes, never database changes.
CC BY-NC-ND 4.0
Resume:
Non-Commercial Use = Allowed
Commercial Use = License
The fast method is using the docker-compose.yml
Here the manual process
LAMP Linux, Apache, Mysql, PHP Tested: Debian 12, Apache2, PHP8.2, Mariadb 10
That mean in Debian:
apt install apache2 php-fpm php-mysqli php-curl php-mbstring
Python Tested with >3
Mysql/MariaDB: You can install or use a remote machine with mysql
arp Optional for get mac's address, only work same network (other method will added in the future)
apt install net-tools
mysql -u root -p
mysql> CREATE DATABASE monnet;
mysql> CREATE USER 'monnet'@'localhost' IDENTIFIED BY 'password';
mysql> GRANT ALL PRIVILEGES ON monnet.* TO 'monnet'@'localhost'
/var/www/html# git clone https://github.com/diegargon/monnet .
/var/www/html# chown -R www-data:www-data *
/var/www/html# chmod 755 cache logs
Ansible support with the agent
git clone https://github.com/diegargon/monnet-ansible /opt/monnet-ansible
Check config/config.defaults.php and add the keywords you want to change to /etc/monnet/config.inc.php.
it’s better not copy the files just add the keywords you want change
Do not rename or modify config.defaults.php directly, as it will be overwritten.
These are the main config keywords you must check/change and copy to the /etc file.
Warning: path config must included even if the default is valid
Mandatory
$cfg_db['dbhost']
$cfg_db['dbname']
$cfg_db['dbuser']
$cfg_db['dbpassword']
$cfg['path'] = '/var/www/html';
Optional
$cfg['rel_path'] = '/';
$cfg['lang'] = 'es';
/var/www/html# mysql monnet < config/monnet.sql -p
monnet : monnetadmin
Times depends of the size of your network. Paths depends of your system
Here the config for run every 5 and 15 minutes each task
$ nano /etc/crontab
*/5 * * * * root /usr/bin/php /var/www/html/monnet-cli.php
*/15 * * * * root /usr/bin/php /var/www/html/monnet-discovery.php
In the future we will migrating that cli tools to python.
Necessary if you want support for send mails
apt install composer
/path/to/monnet# composer require phpmailer/phpmailer
I am testing a basic linux agent (python based) for reports. The agent is the monnet-ansbile repo/sources and has his own playbook to automatically install if you want.
You can install it manually check the install-agent-linux playbook for steps
Python: Automatic process will install on the hosts: psutils
Ansible support its a testing feature, it will help to install the agent and in the future, crate and doing other common "ansible tasks"
apt install ansible
git clone https://github.com/diegargon/monnet-ansible.git
Ansible server listen in localhost only, it is a testing feature without security. You must install ansible in the same system.
Ansible must output in json format.
nano /etc/ansible/ansible.cfg
[defaults]
stdout_callback=json
By default the ansible ssh user will be 'ansible'
Must be/have:
* sudo member without need type password
* have the public ssh key installed
Example
apt install sudo
adduser --disabled-password ansible
usermod -aG sudo ansible
Start 'visudo' and add:
ansible ALL=(ALL) NOPASSWD: ALL
sudo adduser ansible
sudo usermod -aG wheel ansible
You must have checking the "Ansible Support" in General configuration tab and "Ansible Support" in the host configuration section (Web UI)
For Ansible server to connect to the hosts, you need to generate an SSH key and install it on each host you want to access via Monnet/Ansible.
$ ssh-keygen -m PEM -t rsa -b 4096
$ ssh-copy-id -i ~/.ssh/id_rsa.pub [email protected]
The user must exists and must be allowed log with standard credentials to install de key (you can disable it after)
Or do it manually
On the client host:
runuser -u ansible mkdir /home/ansible/.ssh
runuser -u ansible nano /home/ansible/.ssh/authorized_keys
and paste the ssh pub key
If you don't use ssh-copy-id you must add manually the known_host (Monnet server side)
ssh-keyscan -t ecdsa,ed25519 -H server.example.com >> ~/.ssh/known_hosts 2>&1
If the host fingerprint change you must remove first the old one
ssh-keygen -R
You can force ansible to ignore the host fingerprint check
[defaults]
host_key_checking = False
https://regauth.standards.ieee.org/standards-ra-web/pub/view.html
https://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.csv