Install Nagios Core on Ubuntu from Source

From Bonus Bits
Jump to: navigation, search

Purpose

This article gives the steps to install the free open source version of Nagios "Core" on Ubuntu 17.10 x64 from source files.


Environment

  • Ubuntu 17.10 x64
  • Apache 2.
  • Nagios 4.3.4
  • Nagios Plugins 2.2.1
  • NRPE 2.


Prerequisites

  • Set FQDN on Ubuntu system (qmail)


Install Dependencies

sudo apt update && sudo apt upgrade
sudo apt install -y apache2 apache2-utils autoconf bc build-essential cifs-utils curl dc fping gawk gcc gettext gzip htop libapache2-mod-php7.1 libc6 libdbi-dev libgd-dev libldap2-dev libmcrypt-dev libmysqlclient-dev libnet-snmp-perl libpqxx3-dev libssl-dev make mlocate net-tools nfs-common nmap openssl perl php7.1 qmail-tools samba smbclient snmp ssh telnet tree unzip vim wget wireshark zip


Add User and Group

sudo useradd nagios
sudo usermod -a -G nagios www-data

Install Nagios Core

Configure Installation

  1. Download Nagios Core
  2. Uncompress tar
    tar xzf nagios-4.3.4.tar.gz
    
  3. Change directory
    cd nagios-4.3.4.tar.gz
    
  4. Configure Installation
    sudo ./configure --with-httpd-conf=/etc/apache2/sites-enabled
    
  5. Compile
    sudo make all
    
  6. Install
    sudo make install
    sudo make install-init
    sudo make install-commandmode
    sudo systemctl enable nagios.service
    sudo make install-config
    sudo make install-webconf
    
    OR
    sudo make install && sudo make install-init && sudo make install-commandmode && sudo systemctl enable nagios.service && sudo make install-config && sudo make install-webconf
    

Apache Setup

  1. Set webconsole user nagiosadmin
    sudo htpasswd -c /usr/local/nagios/etc/htpasswd.users nagiosadmin
    
  2. Enable modules
    sudo a2enmod cgi
    
  3. Restart Apache
    sudo systemctl restart apache2
    
  4. Start Nagios
    sudo systemctl start nagios
    
  5. Enable Nagios
    sudo systemctl enable nagios.service
    

Test Initial Config

sudo /usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg

http://<ipaddress>/nagios

Add Symlink for Nagios Binary (Optional)

ln -s /usr/local/nagios/bin/nagios /usr/bin/nagios


Install Nagios Plugins

This adds the regular check command binaries used to pull information. Example: /usr/local/nagios/libexec/check_nt

  1. Download Nagios Plugins
  2. Uncompress tar and change into it's directory
    tar -xzvf nagios-plugins-2.2.1.tar.gz
    
  3. Change Directory
    cd nagios-plugins-2.2.1
    
  4. Run Setup
    sudo ./tools/setup
    
  5. Configure Installation
    sudo ./configure --with-nagios-user=nagios --with-nagios-group=nagios --with-openssl
    
  6. Compile
    sudo make
    
  7. Install
    sudo make install
    
  8. Restart Nagios
    sudo systemctl restart nagios.service
    


Check Services

  1. Browse to the web console
    1. http://<ipaddress>/nagios
  2. Login
  3. Check that local services are showing status


Setup SSL

  1. Enable Module
    sudo a2enmod ssl
    
  2. Enable SSL Config
    sudo a2ensite default-ssl.conf
    
  3. Restart Apache
    sudo systemctl restart apache2
    
  4. Edit Apache Config
    sudo vim /etc/apache2/sites-enabled/000-default.conf
    
  5. NOT WORKING
RewriteEngine on
RewriteCond %{HTTPS} off
RewriteRule ^(.*) https://%{HTTP_HOST}/$1
  1. Restart Apache
    sudo systemctl restart apache2.service
    


Install Nagios Plugins NRPE (Optional)

  • NRPE allows you to remotely execute Nagios plugins on other Linux/Unix machines. This allows you to monitor remote machine metrics (disk usage, CPU load, etc.). NRPE can also communicate with Windows agent addons like NSClient++, so you can check metrics on remote Windows machines as well.
  • The Nagios server will need nagios-plugins-nrpe installed if planning to monitoring Linux systems other than the localhost.
  • It installed the check_nrpe command.
  1. Download NRPE Tarball
  2. Install openssl
    yum install openssl
    
  3. Uncompress tar and change into it's directory
    tar -xzvf nrpe-2.15.tar.gz
    
    cd nrpe-2.15
    
  4. Configure Installation
    ./configure --enable-ssl --with-nrpe-user=nagios --with-nrpe-group=nagios --with-nagios-user=nagios --with-nagios-group=nagios --libexecdir=/usr/local/nagios/libexec/ --bindir=/usr/local/nagios/bin/ --prefix=/usr/local/nagios
    
  5. Compile
    make
    
  6. Install
    make install
    


Start Services

Apache

sudo systemctl start apache2.service

Nagios

sudo systemctl start nagios.service


Set Services to Start on Boot

Apache

sudo systemctl enable apache2.service

Nagios

sudo systemctl enable nagios.service


Configure Firewall if Needed

Apache on Nagios Server

TCP Port 80

Nagios Windows Client

TCP Port 5667

Nagios Linux NRPE Client

TCP Port 5666


Create Web Console Accounts

The password file location should already be set in the Apache nagios.conf file. /etc/apache2/sites-enabled/nagios.conf

Example

ScriptAlias /nagios/cgi-bin "/usr/local/nagios/sbin"

<Directory "/usr/local/nagios/sbin">
#  SSLRequireSSL
   Options ExecCGI
   AllowOverride None
   <IfVersion >= 2.3>
      <RequireAll>
         Require all granted
#        Require host 127.0.0.1

         AuthName "Nagios Access"
         AuthType Basic
         AuthUserFile /usr/local/nagios/etc/htpasswd.users
         Require valid-user
      </RequireAll>
   </IfVersion>
   <IfVersion < 2.3>
      Order allow,deny
      Allow from all
#     Order deny,allow
#     Deny from all
#     Allow from 127.0.0.1

      AuthName "Nagios Access"
      AuthType Basic
      AuthUserFile /usr/local/nagios/etc/htpasswd.users
      Require valid-user
   </IfVersion>
</Directory>

Alias /nagios "/usr/local/nagios/share"

<Directory "/usr/local/nagios/share">
#  SSLRequireSSL
   Options None
   AllowOverride None
   <IfVersion >= 2.3>
      <RequireAll>
         Require all granted
#        Require host 127.0.0.1

         AuthName "Nagios Access"
         AuthType Basic
         AuthUserFile /usr/local/nagios/etc/htpasswd.users
         Require valid-user
      </RequireAll>
   </IfVersion>
   <IfVersion < 2.3>
      Order allow,deny
      Allow from all
#     Order deny,allow
#     Deny from all
#     Allow from 127.0.0.1

      AuthName "Nagios Access"
      AuthType Basic
      AuthUserFile /usr/local/nagios/etc/htpasswd.users
      Require valid-user
   </IfVersion>
</Directory>

Admin Account

htpasswd -c /usr/local/nagios/etc/htpasswd.users nagiosadmin

Tip: The -c parameter is used to create the file. So only use for the first user and file creation. Then exclude the parameter for subsequently added users.

Guest Account

htpasswd /usr/local/nagios/etc/htpasswd.users guest

NOC Account'

htpasswd /usr/local/nagios/etc/htpasswd.users noc

Configure User Permissions

vim /usr/local/nagios/etc/cgi.cfg

Test Nagios Web Console Access

http://<hostname>/nagios


Change Apache Site Access to Virtual Host Based (Optional)

Create Symbolic Link in Apache Root Directory to Nagios Web Site

ln -s /usr/share/nagios/ /var/www/html/nagios

Configure CGI

  1. Change URL HTML Path to root
    vim /usr/local/nagios/etc/cgi.cfg
    
    From url_html_path=/nagios To url_html_path=/

Uncomment the Following Line

NameVirtualHost *:80

Add Virtual Host Info to Nagios Apache Configuration File

sudo vim /etc/apache2/sites-enabled/nagios.conf


Examples

<VirtualHost *:80>
DocumentRoot /var/www/html/nagios
ServerName nagios.yourdomain.com
Errorlog /var/log/httpd/nagios.log
</VirtualHost>

<VirtualHost *:80>
DocumentRoot /var/www/html/nagios
ServerName nagios
Errorlog /var/log/httpd/nagios.log
</VirtualHost>

<VirtualHost *:80>
DocumentRoot /var/www/html/nagios
ServerName hostname
Errorlog /var/log/httpd/nagios.log
</VirtualHost>

<VirtualHost *:80>
DocumentRoot /var/www/html/nagios
ServerName hostip
Errorlog /var/log/httpd/nagios.log
</VirtualHost>

Test Virtual Host URLs

http://nagios.yourdomain.com


Custom Icons (Optional)

  1. Copy any custom icon logos to /usr/local/nagios/share/images/logos
  2. When making your own icons you'll probably need gd-progs which include the binary pngtogd2 converter.
    yum install gd-progs
    
    pngtogd2 filename.png filename.gd2 0 1
    

Qmail Setup

Setup Sendmail (Optional)

I recommend setting up sendmail so you can masquerade and setup mail relays as needed.

  1. Install Dependancies
    yum install sendmail sendmail-cf
    
  2. Edit the sendmail config
    vim /etc/mail/sendmail.mc
    
define(`SMART_HOST', `relay.domain.com')dnl
MASQUERADE_AS(`mydomain.com')dnl
MASQUERADE_DOMAIN(localhost)dnl
MASQUERADE_DOMAIN(localhost.localdomain)dnl
  1. Build Config
    /etc/mail/make
    


Related Articles


Sources