- ref: https://assets.nagios.com/downloads/nagioscore/docs/nagioscore/4/en/quickstart.html
- ref: https://edsonkimuli.medium.com/install-nagios-4-on-nginx-ubuntu-20-04-93a112208232
- Using nginx as the webserver instead of apache in this example with default config fixes.
- This guide starts with the Debian packages versions of
nagios4
instead of building from source, thus requires a few tweaks to enable nginx as the webserver.
apt install nginx nagios4 php-fpm fcgiwrap -y
usermod -a -G nagios www-data
# Make a folder and symlink the native apache cgi into nginx
mkdir -p /usr/local/nagios
ln -s /usr/share/nagios4/htdocs /usr/local/nagios/share
ln -s /usr/lib/cgi-bin/nagios4 /usr/local/nagios/sbin
ln -s /etc/nagios4 /usr/local/nagios/etc
# Create a default nagiosadmin account/pass
htpasswd -c /usr/local/nagios/etc/htpasswd.users nagiosadmin
# Make the symlinks match nginx group and the cgi+nagios folders
chown -h nagios:www-data /usr/local/nagios/*
chown --recursive -L nagios:www-data /usr/local/nagios
# Enable autostart and start Nagios4 now
systemctl enable nagios4 nginx
service nagios4 start
- Edit new nagios nginx site:
vi /etc/nginx/sites-available/nagios
- Add the following contents:
server { server_name nagios nagios.mydomain.com; root /usr/local/nagios/share; listen 80; listen [::]:80; listen 443 ssl; listen [::]:443 ssl; ssl_certificate /etc/nginx/certs/nagios.crt ssl_certificate_key /etc/nginx/certs/nagios.key index index.php index.html index.htm; access_log /var/log/nginx/nagios.access.log; error_log /var/log/nginx/nagios.error.log; auth_basic "Nagios Access"; auth_basic_user_file /usr/local/nagios/etc/htpasswd.users; # Fixes frames not working add_header X-Frame-Options "ALLOW"; location ~ \.php$ { try_files $uri = /404; fastcgi_index index.php; fastcgi_pass unix:/run/php/php-fpm.sock; include fastcgi.conf; } location ~ \.cgi$ { root /usr/local/nagios/sbin; rewrite ^/nagios/cgi-bin/(.*)\.cgi /$1.cgi break; rewrite ^/cgi-bin/nagios4/(.*)\.cgi /$1.cgi break; fastcgi_param AUTH_USER $remote_user; fastcgi_param REMOTE_USER $remote_user; include fastcgi.conf; fastcgi_pass unix:/run/fcgiwrap.socket; } # Fixes the fact some links are expected to resolve to /nagios, see here. location /nagios { alias /usr/local/nagios/share; } # Fixes uri path for the css elements location /stylesheets { alias /usr/local/nagios/etc/stylesheets; } }
- Enable the new site and start nginx:
ln -s /etc/nginx/sites-available/nagios /etc/nginx/sites-enabled/nagios service nginx restart
- Edit
cgi.cfg
vi /usr/local/nagios/etc/cgi.cfg
- Change from
url_html_path=/nagios
tourl_html_path=/
- Change from
- Restart Nagios4
service nagios4 restart
- Restart services
service nagios4 restart service nginx restart
- Nagios Core
nagios.cfg
Config Verification:nagios4 -v /usr/local/nagios/etc/nagios.cfg && service nagios4 restart
-
Create a servers group of objects in
/etc/nagios4/objects/servers
# REMOTE HOST DEFINITION define host { use servers host_name esxi alias vmware_esxi address 192.168.0.16 } define host { use servers host_name pfsense alias pfsense_router address 192.168.0.1 } define host { use servers host_name unifi-ac-pro address 192.168.0.3 } define host { use servers host_name unifi-ac-pro-2 address 192.168.0.4 } define host { use servers host_name unifi-USW-8-POE address 192.168.0.10 } define host { use servers host_name unifi address 192.168.0.110 } define host { use servers host_name kasm address 192.168.0.184 } define host { use servers host_name vcenter address 192.168.0.17 } define host { use servers host_name homeassistant.iot address 10.0.20.6 } define host { use servers host_name vps address 10.191.0.42 } define host { use servers host_name debian address 10.190.0.41 } # REMOTE HOST GROUP DEFINITION define hostgroup { hostgroup_name common_services_hostgroup alias core_infrastructure members * } define hostgroup { hostgroup_name https_services_hostgroup members pfsense,esxi,unifi,kasm,vcenter,homeassistant.iot } define hostgroup { hostgroup_name common_services_ipv6 members debian,vps } # SERVICE DEFINITION define service { use generic-service ; Inherit default values from a template hostgroup_name https_services_hostgroup service_description HTTPS_SNI check_command check_https_hostname!'--sni' } define service { use generic-service hostgroup_name common_services_hostgroup service_description SSH check_command check_ssh } define service { use generic-service hostgroup_name common_services_hostgroup service_description PING check_command check-host-alive } define service { use generic-service hostgroup_name common_services_ipv6 service_description DNS_PING_6 check_command check_ping_hostname_6 }
- Edit
/etc/nagios-plugins/config/http.cfg
(check_http)# 'check_https_hostname' command definition define command { command_name check_https_hostname command_line /usr/lib/nagios/plugins/check_http --ssl -H '$HOSTNAME$' -I '$HOSTADDRESS$' '$ARG1$' }
- Edit
/etc/nagios-plugins/config/ping.cfg
(check_ping)# 'check_ping_hostname_6' command definition define command { command_name check_ping_hostname_6 command_line /usr/lib/nagios/plugins/check_ping -6 -H '$HOSTNAME$' -w 5000,100% -c 5000,100% }
- Edit
/etc/nagios-plugins/confg/ssh.cfg
(check_ssh)# 'check_ssh_6' command definition define command{ command_name check_ssh_hostname_6 command_line /usr/lib/nagios/plugins/check_ssh -6 '$HOSTNAME$' }