os-init/debian-11/apps/nagios/nagios.sh

72 lines
2.1 KiB
Bash
Raw Permalink Normal View History

2023-11-19 22:04:42 +00:00
#!/bin/bash
sed -i 's/main/main non-free/' /etc/apt/sources.list
apt update
apt -y install nagios4 snmp-mibs-downloader
chmod u+s /bin/ping
a2dissite 000-default.conf
a2disconf nagios4-cgi
a2enmod rewrite cgi ssl
echo ""
echo "Set nagiosadmin password :"
while :
do
htdigest -c /etc/nagios4/htdigest.users Nagios4 nagiosadmin
if [ ${?} == 0 ]; then break; fi
done
cat > /etc/apache2/sites-available/nagios.conf << "EOF"
<IfModule mod_ssl.c>
<VirtualHost _default_:443>
ServerAdmin webmaster@localhost
DocumentRoot /usr/share/nagios4/htdocs
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLEngine on
SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
ScriptAlias /cgi-bin/nagios4 /usr/lib/cgi-bin/nagios4
ScriptAlias /nagios4/cgi-bin /usr/lib/cgi-bin/nagios4
ScriptAlias /cgi-bin /usr/lib/cgi-bin/nagios4
Alias /stylesheets /etc/nagios4/stylesheets
Alias /nagios4/stylesheets /etc/nagios4/stylesheets
Alias /nagios4 /usr/share/nagios4/htdocs
<DirectoryMatch (/usr/share/nagios4/htdocs|/usr/lib/cgi-bin/nagios4|/etc/nagios4/stylesheets)>
Options FollowSymLinks
DirectoryIndex index.php index.html
# AllowOverride AuthConfig
# Require ip ::1/128 fc00::/7 fe80::/10 10.0.0.0/8 127.0.0.0/8 169.254.0.0/16 172.16.0.0/12 192.168.0.0/16
AuthDigestDomain "Nagios4"
AuthDigestProvider file
AuthUserFile "/etc/nagios4/htdigest.users"
AuthGroupFile "/etc/group"
AuthName "Nagios4"
AuthType Digest
Require valid-user
</DirectoryMatch>
<Directory /usr/share/nagios4/htdocs>
Options +ExecCGI
</Directory>
</VirtualHost>
</IfModule>
EOF
systemctl reload apache2
a2ensite nagios
systemctl restart apache2
sed -i s/use_authentication=0/use_authentication=1/ /etc/nagios4/cgi.cfg
systemctl enable nagios4
systemctl start nagios4
if [ -f "/etc/iptables/rules.v4" ]; then
sed -i '/^-A INPUT -i lo -j ACCEPT.*/a -A INPUT -p tcp -m tcp --dport 443 -m state --state NEW -j ACCEPT' /etc/iptables/rules.v4
sed -i '/^-A INPUT -i lo -j ACCEPT.*/a # Apache' /etc/iptables/rules.v4
iptables-restore /etc/iptables/rules.v4
fi