Version 16 - History - Install Icinga2 and Icingaweb2 - Megaphone Commons - Megaphone Technology Consulting

Install Icinga2 and Icingaweb2 » History » Version 16

Jon Goldberg, 03/28/2019 08:04 PM

-Jon Goldberg
+{{last_updated_at}} by {{last_updated_by}}
 # Install Icinga2 and Icingaweb2
 {{>toc}}
 ### Installation (Master Node)
-Jon Goldberg
+Steps are adapted from [this guide](http://linoxide.com/ubuntu-how-to/install-icinga2-ubuntu-16-04/).
 Jon Goldberg
-Jon Goldberg
+#### Install Icinga2
-Jon Goldberg
+```bash
-Jon Goldberg
+# Install MySQL if you haven't yet
-Jon Goldberg
+# These lines for Ubuntu 18.04 only:
 curl https://packages.icinga.com/icinga.key | apt-key add -
 echo "deb http://packages.icinga.com/ubuntu icinga-bionic main" >  /etc/apt/sources.list.d/bionic-icinga.list
-Jon Goldberg
+apt update
 apt-get install icinga2
-Jon Goldberg
+apt-get install icinga2-ido-mysql
 Jon Goldberg
 # These 3 lines for Debian 8 only:
 echo 'deb http://ftp.debian.org/debian jessie-backports main' > /etc/apt/sources.list.d/jessie-backports.list
 apt-get update
-Jon Goldberg
+apt-get -t jessie-backports install icinga2
-Jon Goldberg
+apt-get -t jessie-backports install icinga2-ido-mysql
 Jon Goldberg
 systemctl enable icinga2.service
-Jon Goldberg
+systemctl start icinga2.service
-Jon Goldberg
+apt install nagios-plugins
 # nagios-plugins has Samba as a dependency, but you should remove it.
 apt remove samba-common samba-libs
 icinga2 feature enable ido-mysql
 systemctl restart icinga2.service
-Jon Goldberg
+```
 Jon Goldberg
-Jon Goldberg
+#### Install Icingaweb2
 ```bash
 apt install icingaweb2
-Jon Goldberg
+```
-Jon Goldberg
+* Go to http://<your IP>/icingaweb2/setup.
 * Finish from here: https://linoxide.com/ubuntu-how-to/install-icinga2-ubuntu-16-04, starting with "Configuring Icinga Web2 plugin"
 Jon Goldberg
 ### Configuration
 -   Run `icinga2 node wizard. `Select "N" to create a master node.
-Jon Goldberg
+-   Enable the api and command module to allow issuing commands from Icingaweb2 and to allow API:
     `icinga2 feature enable api command; service icinga2 restart`
-Jon Goldberg
+-   Add an API user for remote checks.  For instance, a user that can
-Jon Goldberg
+    receive backupninja checks.  Add this to `/etc/icinga2/conf.d/api-users.conf`:
 Jon Goldberg
-Jon Goldberg
+    ```
-Jon Goldberg
+    object ApiUser "backupninja" {
       password = "<redacted>"
       permissions = [
+        {
           permission = "actions/process-check-result"
           filter = {{ match("backupninja", service.display_name) }}
-Jon Goldberg
+        },
+        {
           permission = "actions/reschedule-check"
           filter = {{ match("backupninja", service.display_name) }}
 Jon Goldberg
 Jon Goldberg
+    }
     ```
-Jon Goldberg
+### Open the firewall
 Open port 5665 on the master node's firewall.  Edit the files in `/etc/iptables` and restart `netfilter-persistent`.
-Jon Goldberg
+### Install additional checks
 #### Install Plugins
 Place the following two scripts in your plugins directory
 (`/usr/lib/nagios/plugins`) and ensure they're executable:
-Jon Goldberg
+-   **check_drupal** - installs with the Drupal "nagios" plugin, also
-Jon Goldberg
+    available
-Jon Goldberg
+    [here](http://cgit.drupalcode.org/nagios/plain/nagios-plugin/check_drupal?id=7da732e2d4943ec5368243f4cd2e33eb02769f23).
-Jon Goldberg
+-   **check_civicrm** - There are two scripts - one for Civi 4.6 and
-Jon Goldberg
+    below, another for 4.7 and up.  4.7 version is available
-Jon Goldberg
+    [here](https://raw.githubusercontent.com/PalanteJon/check_civicrm/master/check_civicrm.php),
 .6 version is [here](https://raw.githubusercontent.com/aghstrategies/com.aghstrategies.civimonitor/master/check_civicrm.php).
-Jon Goldberg
+-   **check_domain** - This does a WHOIS lookup to ensure domain names aren't about to expire.  Install from
-Jon Goldberg
+    [here](https://raw.githubusercontent.com/glensc/monitoring-plugin-check_domain/master/check_domain.sh).
-Jon Goldberg
+-   **check_rbl** - Check spam blacklists.  File is [here](https://raw.githubusercontent.com/matteocorti/check_rbl/master/check_rbl), also install dependencies:
-Jon Goldberg
+    `apt install libreadonly-xs-perl libnagios-plugin-perl libdata-validate-ip-perl libdata-validate-domain-perl libnet-dns-perl`
 Jon Goldberg
-Jon Goldberg
+#### Define CheckCommand and Service objects for the new plugins
 Jon Goldberg
-Jon Goldberg
+Copy the CheckCommand and Service files from
-Jon Goldberg
+`icinga.jmaconsulting.biz:/etc/icinga2/zones.d/global-templates/CheckCommands`
-Jon Goldberg
+and `icinga.jmaconsulting.biz:/etc/icinga2/conf.d/services`. See [[Add New Checks to Icinga2]] for details.
 Jon Goldberg
-Jon Goldberg
+### Harden the TLS connection
 Add this line to the bottom of the "api" object in `/etc/icinga2/features-available/api.conf`:
 ```
 tls_protocolmin = "TLSv1.2"
 ```
 Jon Goldberg
-Jon Goldberg
+### Set up vim syntax highlighting on the Icinga2 server
-Jon Goldberg
+```bash
-Jon Goldberg
+mkdir -p ~/.vim/{syntax,ftdetect}
 cd ~/.vim/syntax
 wget https://raw.githubusercontent.com/Icinga/icinga2/master/tools/syntax/vim/syntax/icinga2.vim
 cd ~/.vim/ftdetect
 wget https://raw.githubusercontent.com/Icinga/icinga2/master/tools/syntax/vim/ftdetect/icinga2.vim
 ```

Project

General

Profile

Megaphone Commons

Install Icinga2 and Icingaweb2 » History » Version 16