#!/bin/bash apt install -y sudo lsb-release chmod u+s /usr/bin/ping curl -s -o /etc/apt/trusted.gpg.d/naemon.asc "https://build.opensuse.org/projects/home:naemon/signing_keys/download?kind=gpg" echo "deb [signed-by=/etc/apt/trusted.gpg.d/naemon.asc] http://download.opensuse.org/repositories/home:/naemon/Debian_$(lsb_release -rs)/ ./" >> /etc/apt/sources.list.d/naemon-stable.list apt update apt install -y naemon nagios-nrpe-plugin echo "" > /var/www/html/index.html a2ensite default-ssl.conf a2enmod ssl systemctl reload apache2 chown www-data:www-data /etc/thruk/cgi.cfg chown www-data:www-data /etc/thruk/htpasswd systemctl enable naemon.service cat << 'EOF' > /etc/naemon/conf.d/commands-custom.cfg define command { command_name check_https command_line $USER1$/check_http -S -H $HOSTADDRESS$ $ARG1$ } define command { command_name check-dns command_line $USER1$/check_dns -H netm.ch -s $HOSTADDRESS$ } define command { command_name check-ntp command_line $USER1$/check_ntp -H $HOSTADDRESS$ } EOF chown naemon:naemon /etc/naemon/conf.d/commands-custom.cfg chmod 664 /etc/naemon/conf.d/commands-custom.cfg cat << 'EOF' > /etc/naemon/conf.d/commands-snmp.cfg define command { command_name check-snmp-users command_line $USER1$/check_snmp -H $HOSTADDRESS$ -o 1.3.6.1.2.1.25.1.5.0 -C $ARG1$ -w 0 -c 1 } define command { command_name check-snmp-uptime command_line $USER1$/check_snmp -H $HOSTADDRESS$ -o 1.3.6.1.2.1.1.3.0 -C opsview -w 360000: } EOF chown naemon:naemon /etc/naemon/conf.d/commands-snmp.cfg chmod 664 /etc/naemon/conf.d/commands-snmp.cfg cat << 'EOF' > /etc/naemon/conf.d/commands-nrpe.cfg define command { command_name nrpe_check_ping command_line $USER1$/check_nrpe -H $ARG1$ -c check_ping -a $HOSTADDRESS$ } define command { command_name nrpe_check_tcp command_line $USER1$/check_nrpe -H $ARG1$ -c check_tcp -a $HOSTADDRESS$ $ARG2$ } define command { command_name nrpe_check_ssh command_line $USER1$/check_nrpe -H $ARG1$ -c check_ssh -a $HOSTADDRESS$ } define command { command_name nrpe_check_http command_line $USER1$/check_nrpe -H $ARG1$ -c check_http -a $HOSTADDRESS$ $ARG2$ } define command { command_name nrpe_check_https command_line $USER1$/check_nrpe -H $ARG1$ -c check_https -a $HOSTADDRESS$ $ARG2$ } define command { command_name nrpe-check-host-alive command_line $USER1$/check_nrpe -H $ARG1$ -c check_ping -a $HOSTADDRESS$ } define command { command_name nrpe_snmp_win_uptime command_line $USER1$/check_nrpe_snmp_win_uptime $ARG1$ $HOSTADDRESS$ $ARG3$ $ARG4$ } define command { command_name nrpe_snmp_win_part command_line $USER1$/check_nrpe_snmp_win_part $ARG1$ $HOSTADDRESS$ $ARG2$ $ARG3$ $ARG4$ } EOF chown naemon:naemon /etc/naemon/conf.d/commands-nrpe.cfg chmod 664 /etc/naemon/conf.d/commands-nrpe.cfg if [ -f "/etc/iptables/rules.v4" ]; then sed -i '/^-A INPUT -i lo -j ACCEPT.*/a -A INPUT -p tcp -m tcp --dport 443 -m state --state NEW -j ACCEPT' /etc/iptables/rules.v4 sed -i '/^-A INPUT -i lo -j ACCEPT.*/a # HTTPS' /etc/iptables/rules.v4 iptables-restore /etc/iptables/rules.v4 fi