root
88551536e6
Amp-Thread-ID: https://ampcode.com/threads/T-019cc404-c628-759e-a50b-f5eeea35b91f Co-authored-by: Amp <amp@ampcode.com>
287 lines
10 KiB
Bash
287 lines
10 KiB
Bash
#!/bin/bash
|
|
|
|
######################################################################################
|
|
#### Version 2.2 ####
|
|
#### For questions or comments contact@mylinux.work ####
|
|
#### Author : Phil Connor ####
|
|
#### ####
|
|
#### Notes : ####
|
|
#### This script is a simple "helper" to install and configure Maria, ####
|
|
#### PowerDNS and PowerAdmin on RedHat Based servers. ####
|
|
#### There is no silver bullet. Don't expect the perfect setup, ####
|
|
#### review comments and adapt the parameters to your application usage. ####
|
|
#### ####
|
|
#### Use this script at your OWN risk. There is no guarantee whatsoever. ####
|
|
#### ####
|
|
#### Usage chmod 755 then ./PdnsInstall.sh or bash PdnsInstall.sh ####
|
|
######################################################################################
|
|
|
|
############################
|
|
#### User Configurables ####
|
|
############################
|
|
# HTTP=apache
|
|
NAGAD=nagiosadmin
|
|
NAGADPASS=MyPaSsWoRd
|
|
|
|
|
|
##########################
|
|
#### System Variables ####
|
|
##########################
|
|
# IPADD=$(ifconfig | grep -Eo 'inet (addr:)?([0-9]*\.){3}[0-9]*' | grep -Eo '([0-9]*\.){3}[0-9]*' | grep -v '127.0.0.1')
|
|
OS=$(grep PRETTY_NAME /etc/os-release | sed 's/PRETTY_NAME=//g' | tr -d '="' | awk '{print $1}' | tr '[:upper:]' '[:lower:]')
|
|
OSVER=$(grep VERSION_ID /etc/os-release | sed 's/VERSION_ID=//g' | tr -d '="' | awk -F. '{print $1}')
|
|
# SAEMAIL=
|
|
|
|
###########################################################
|
|
#### Detect Package Manger from OS and OSVer Variables ####
|
|
###########################################################
|
|
if [ "${OS}" = ubuntu ]; then
|
|
PAKMGR="apt -y"
|
|
elif [[ ${OS} = centos || ${OS} = red || ${OS} = oracle || ${OS} = rocky || ${OS} = alma ]]; then
|
|
if [ "${OSVER}" = 8 ] || [ "${OSVER}" = 9 ]; then
|
|
PAKMGR="dnf -y"
|
|
fi
|
|
fi
|
|
|
|
###########################
|
|
#### Install Net-Utils ####
|
|
###########################
|
|
if [ ! "$(command -v ifconfig)" ]; then
|
|
if [ "${OS}" = ubuntu ]; then
|
|
${PAKMGR} update
|
|
${PAKMGR} install net-utils
|
|
else
|
|
${PAKMGR} install net-tools
|
|
fi
|
|
fi
|
|
|
|
########################
|
|
#### Nagios Install ####
|
|
########################
|
|
function nagios_install() {
|
|
{
|
|
if [ "${OS}" = ubuntu ]; then
|
|
htpath=/etc/apache2/conf-enabled/nagios4-cgi.conf
|
|
else
|
|
htpath=/etc/apache2/conf.d/nagios.conf
|
|
fi
|
|
#if [ "${OS}" = ubuntu ]; then
|
|
${PAKMGR} update
|
|
DEBIAN_FRONTEND=noninteractive ${PAKMGR} install nagios4 nagios-nrpe-server nagios-plugins nagios-plugins-contrib expect
|
|
a2enmod authz_groupfile auth_digest
|
|
# ${PAKMGR} install autoconf gcc libc6 make wget unzip apache2 php libapache2-mod-php libgd-dev libssl-dev expect
|
|
sed -i 's/Require ip ::1\/128 fc00::\/7 fe80::\/10 10\.0\.0\.0\/8 127\.0\.0\.0\/8 169\.254\.0\.0\/16 172\.16\.0\.0\/12 192\.168\.0\.0\/16/# Require ip ::1\/128 fc00::\/7 fe80::\/10 10\.0\.0\.0\/8 127\.0\.0\.0\/8 169\.254\.0\.0\/16 172\.16\.0\.0\/12 192\.168\.0\.0\/16/g' $htpath
|
|
#sed -i 's/<Files "cmd.cgi">/#<Files "cmd.cgi">/g' $htpath
|
|
sed -i 's/Require all/#Require all/g' $htpath
|
|
#sed -i 's/<//Files>/#<//Files>/g' $htpath
|
|
sed -i 's/#Require /Require /g' $htpath
|
|
expect -f - <<-EOF
|
|
set timeout 5
|
|
spawn htdigest -c /etc/nagios4/htdigest.users Nagios4 $NAGAD
|
|
expect "New password:"
|
|
send -- "$NAGADPASS\r"
|
|
expect "Re-type new password:"
|
|
send -- "$NAGADPASS\r"
|
|
expect eof
|
|
EOF
|
|
systemctl enable --now nagios
|
|
systemctl status nagios
|
|
if [ "${OS}" = ubuntu ]; then
|
|
systemctl enable apache2
|
|
systemctl restart apache2
|
|
else
|
|
systemctl enable httpd
|
|
systemctl restart httpd
|
|
fi
|
|
|
|
}
|
|
}
|
|
|
|
nagios_install
|
|
|
|
|
|
|
|
|
|
# OUTFILE1="$nagdir/nrpe_rule.te"
|
|
# # TITLE="nrpe_rule"
|
|
# define NRPE_RULE << 'EOF'
|
|
# module nrpe_rule 1.0;
|
|
|
|
# require {
|
|
# type nrpe_t;
|
|
# type proc_net_t;
|
|
# class file { open read };
|
|
# class file { ioctl open read getattr };
|
|
# }
|
|
|
|
# #=================== nrpe_t =========================
|
|
# allow nrpe_t proc_net_t:file open;
|
|
# allow nrpe_t proc_net_t:file read;
|
|
# allow nrpe_t proc_net_t:file { getattr ioctl };
|
|
# EOF
|
|
# {
|
|
# printf "%s\n" "$NRPE_RULE" | cut -c 3-
|
|
# } > "$OUTFILE1"
|
|
# checkmodule -M -m -o $nagdir/nrpe_rule.mod $nagdir/nrpe_rule.te
|
|
# semodule_package -o $nagdir/nrpe_rule.pp -m $nagdir/nrpe_rule.mod
|
|
# semodule -i $nagdir/nrpe_rule.pp
|
|
# semanage permissive -a nrpe_t
|
|
# ${PAKMGR} install nrpe nrpe-selinux nagios-plugins nagios-plugins-all nagios-plugins-uptime nagios-plugins-oracle nagios-plugins-check-updates
|
|
|
|
|
|
# sed -i "/^allowed_hosts/c\allowed_hosts=127.0.0.1,::1,$IPADD" $nrpecfg
|
|
# sed -i "/^#command\[check_load\]/c\command[check_uptime]=$nagdir/check_uptime" $nrpecfg
|
|
# sed -i "/^command\[check_load\]/c\command\[check_load\]=$nagdir/check_load -r -w 6,4,2 -c 12,10,7" $nrpecfg
|
|
# sed -i "/^command\[check_hda1\]/c\command[check_hda1]=$nagdir/check_disk -w 15% -c 10% -p /dev/sda3" $nrpecfg
|
|
# sed -i "/^command\[check_zombie_procs\]/c\# command[check_zombie_procs]=$nagdir/check_procs -w 5 -c 10 -s Z" $nrpecfg
|
|
# sed -i "/^command\[check_total_procs\]/c\command[check_total_procs]=$nagdir/check_procs -w 250 -c 300 -s RSZDT" $nrpecfg
|
|
# sed -i "/^#command\[check_users\]/c\command[check_net]=$nagdir/check_net" $nrpecfg
|
|
# sed -i "/^#command\[check_swap\]/c\command[check_swap]=$nagdir/check_swap -w 20% -c 10%" $nrpecfg
|
|
# sed -i "/^#command\[check_mem\]/c\command[check_mem]=$nagdir/check_mem" $nrpecfg
|
|
# if [ "${OS}" = ubuntu ]; then
|
|
# sed -i "/^#command\[check_apt\]/c\command[check_apt]=$nagdir/check_apt/" $nrpecfg
|
|
# else
|
|
# sed -i "/^#command\[check_yum\]/c\command[check_yum]=$nagdir/check_updates" $nrpecfg
|
|
# fi
|
|
# sed -i "/^#command\[check_all_procs\]/c\command[check_logic]=$nagdir/check_http -p 7011" $nrpecfg
|
|
# sed -i "/^#command\[check_procs\]/c\command[check_oracle]=$nagdir/check_http -p 8010" $nrpecfg
|
|
# sed -i "/^#command\[check_disk\]/c\command[check_ping]=$nagdir/check_ping 127.0.0.1 -w 100.0,20% -c 500.0,60%" $nrpecfg
|
|
# sed -i "/^#command\[check_cpu_stats\]/c\command[check_ssh]=$nagdir/check_ssh" $nrpecfg
|
|
|
|
# }
|
|
# }
|
|
|
|
######################
|
|
#### HTTP Install ####
|
|
######################
|
|
# function install_http() {
|
|
# {
|
|
# if [ "${OS}" = ubuntu ]; then
|
|
# if [ $HTTP = apache ]; then
|
|
# echo "Apache"
|
|
# else
|
|
# echo "Nginx"
|
|
# fi
|
|
# echo "something"
|
|
# else
|
|
# if [ $HTTP = apache ]; then
|
|
# echo "Apache"
|
|
# else
|
|
# echo "Nginx"
|
|
# fi
|
|
# fi
|
|
# }
|
|
# }
|
|
|
|
nagios_install
|
|
# install_http
|
|
|
|
|
|
# # SAMPLE CONFIG SNIPPETS FOR APACHE WEB SERVER
|
|
# #
|
|
# # This file contains examples of entries that need
|
|
# # to be incorporated into your Apache web server
|
|
# # configuration file. Customize the paths, etc. as
|
|
# # needed to fit your system.
|
|
|
|
# ScriptAlias /nagios/cgi-bin "/usr/local/nagios/sbin"
|
|
|
|
# <Directory "/usr/local/nagios/sbin">
|
|
# # SSLRequireSSL
|
|
# Options ExecCGI
|
|
# AllowOverride None
|
|
# <IfVersion >= 2.3>
|
|
# <RequireAll>
|
|
# Require all granted
|
|
# # Require host 127.0.0.1
|
|
|
|
# AuthName "Nagios Access"
|
|
# AuthType Basic
|
|
# AuthUserFile /usr/local/nagios/etc/htpasswd.users
|
|
# Require valid-user
|
|
# </RequireAll>
|
|
# </IfVersion>
|
|
# <IfVersion < 2.3>
|
|
# Order allow,deny
|
|
# Allow from all
|
|
# # Order deny,allow
|
|
# # Deny from all
|
|
# # Allow from 127.0.0.1
|
|
|
|
# AuthName "Nagios Access"
|
|
# AuthType Basic
|
|
# AuthUserFile /usr/local/nagios/etc/htpasswd.users
|
|
# Require valid-user
|
|
# </IfVersion>
|
|
# </Directory>
|
|
|
|
# Alias /nagios "/usr/local/nagios/share"
|
|
|
|
# <Directory "/usr/local/nagios/share">
|
|
# # SSLRequireSSL
|
|
# Options None
|
|
# AllowOverride None
|
|
# <IfVersion >= 2.3>
|
|
# <RequireAll>
|
|
# Require all granted
|
|
# # Require host 127.0.0.1
|
|
|
|
# AuthName "Nagios Access"
|
|
# AuthType Basic
|
|
# AuthUserFile /usr/local/nagios/etc/htpasswd.users
|
|
# Require valid-user
|
|
# </RequireAll>
|
|
# </IfVersion>
|
|
# <IfVersion < 2.3>
|
|
# Order allow,deny
|
|
# Allow from all
|
|
# # Order deny,allow
|
|
# # Deny from all
|
|
# # Allow from 127.0.0.1
|
|
|
|
# AuthName "Nagios Access"
|
|
# AuthType Basic
|
|
# AuthUserFile /usr/local/nagios/etc/htpasswd.users
|
|
# Require valid-user
|
|
# </IfVersion>
|
|
# </Directory>
|
|
# wget https://assets.nagios.com/downloads/nagioscore/releases/nagios-4.4.7.tar.gz
|
|
# tar xzf nagios-4.4.7.tar.gz
|
|
# cd nagios-4.4.7 || exit
|
|
# if [ "${OS}" = ubuntu ]; then
|
|
# ./configure --with-httpd-conf=/etc/apache2/sites-enabled
|
|
# else
|
|
# ./configure --with-httpd-conf=/etc/httpd/conf.d
|
|
# fi
|
|
# make all
|
|
# make install-groups-users
|
|
# if [ "${OS}" = ubuntu ]; then
|
|
# usermod -aG nagios www-data
|
|
# else
|
|
# usermod -aG nagios apache
|
|
# fi
|
|
# make install
|
|
# make install-init
|
|
# make install-daemoninit
|
|
# make install-commandmode
|
|
# make install-config
|
|
# make install-webconf
|
|
# if [ "${OS}" = ubuntu ]; then
|
|
# a2enmod rewrite cgi
|
|
# fi
|
|
|
|
# fi
|
|
# if [ ! "$(command -v wget)" ]; then
|
|
# ${PAKMGR} install wget
|
|
# fi
|
|
# ndir1=/usr/lib/nagios/plugins
|
|
# ndir2=/usr/lib64/nagios/plugins
|
|
# #nrpecfg=/etc/nagios/nrpe.cfg
|
|
# if [ -d $ndir1 ]; then
|
|
# nagdir=$ndir1
|
|
# elif [ -d $ndir2 ]; then
|
|
# nagdir=$ndir2
|
|
# fi
|
|
# define () {
|
|
# IFS=$'\n' read -r -d '' "$1"
|
|
# } |