Installing NConf on Ubuntu 14.04 LTS NConf system requirements Apache webserver PHP 5.x or higher, php-mysql, php-ldap (only if using LDAP auth) MySQL 5.0.2 or higher (with InnoDB!) Perl 5.6 or higher, perl-DBI, perl-DBD-MySQL Nagios 3.x or higher Prerequisites #apt-get install php5-mysql mysql-server libdbi-perl libdbd-mysql-perl Remember to input the root password for mysql when prompted. root password:bmo15 php.ini settings: Ensure the following is in the php.ini file. * short_open_tag = On * register_globals = Off * magic_quotes_gpc = Off 1. Download and Unpack Nconf archive to your webserver's document root folder. cd /home/sysadm #wget http://sourceforge.net/projects/nconf/files/nconf/1.3.0-0/nconf-1.3.0-0.tgz/download #wget http://sourceforge.net/projects/nconf/files/nconf/1.3.0-0/nconf-1.3.0-0.tgz.md5/download # wget http://sourceforge.net/projects/nconf/files/nconf/1.3.0-0/nconf-1.3.0-0.tgz/download # ls -lh total 488K -rw-r--r-- 1 root root 481K Dec 11 2011 nconf-1.3.0-0.tgz # mv -vf download nconf-1.3.0-0.tgz `download' -> `nconf-1.3.0-0.tgz' # ls nconf-1.3.0-0.tgz #tar -xvzf nconf-1.3.0-0.tgz # ls -lh total 2.3M drwxr-xr-x 14 root root 4.0K Dec 11 2011 nconf -rw-r--r-- 1 root root 481K Dec 11 2011 nconf-1.3.0-0.tgz #cd nconf root@host24:~/nconf# ls # cp -rv /root/nconf /var/www/html. # ls -lh /var/www/html ls -lh /var/www/html total 16K -rw-r--r-- 1 root root 12K Jul 28 11:51 index.html drwxr-xr-x 14 root root 4.0K Jul 29 06:14 nconf 2. Set permissions Make sure the following directories are writable to your webserver user. ? 1./config 2./output 3./static_cfg 4./temp #cd /var/www/html/nconf/ # cat /etc/passwd | grep www www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin ### Check permissions. # ls -lh /var/www/html/nconf/ | grep config drwxr-xr-x 2 root root 4.0K Jul 29 06:14 config drwxr-xr-x 2 root root 4.0K Jul 29 06:14 config.orig -rw-r--r-- 1 root root 5.3K Jul 29 06:14 generate_config.php # ls -lh /var/www/html/nconf/ | grep output drwxr-xr-x 2 root root 4.0K Jul 29 06:14 output # ls -lh /var/www/html/nconf/ | grep static_cfg drwxr-xr-x 2 root root 4.0K Jul 29 06:14 static_cfg # ls -lh /var/www/html/nconf/ | grep temp drwxr-xr-x 3 root root 4.0K Jul 29 06:14 design_templates drwxr-xr-x 2 root root 4.0K Jul 29 06:14 temp ### Change Permissions root@host24:/var/www/html/nconf# chown -R www-data:www-data /var/www/html/nconf/config root@host24:/var/www/html/nconf# chown -R www-data:www-data /var/www/html/nconf/output root@host24:/var/www/html/nconf# chown -R www-data:www-data /var/www/html/nconf/static_cfg root@host24:/var/www/html/nconf# chown -R www-data:www-data /var/www/html/nconf/temp #ls -lh ### Run mysql_secure_installation to remove some default settings. # /usr/bin/mysql_secure_installation ....................... NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MySQL SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY! In order to log into MySQL to secure it, we'll need the current password for the root user. If you've just installed MySQL, and you haven't set the root password yet, the password will be blank, so you should just press enter here. Enter current password for root (enter for none): OK, successfully used password, moving on... Setting the root password ensures that nobody can log into the MySQL root user without the proper authorisation. You already have a root password set, so you can safely answer 'n'. Change the root password? [Y/n] n ... skipping. By default, a MySQL installation has an anonymous user, allowing anyone to log into MySQL without having to have a user account created for them. This is intended only for testing, and to make the installation go a bit smoother. You should remove them before moving into a production environment. Remove anonymous users? [Y/n] y ... Success! Normally, root should only be allowed to connect from 'localhost'. This ensures that someone cannot guess at the root password from the network. Disallow root login remotely? [Y/n] y ... Success! By default, MySQL comes with a database named 'test' that anyone can access. This is also intended only for testing, and should be removed before moving into a production environment. Remove test database and access to it? [Y/n] y - Dropping test database... ERROR 1008 (HY000) at line 1: Can't drop database 'test'; database doesn't exist ... Failed! Not critical, keep moving... - Removing privileges on test database... ... Success! Reloading the privilege tables will ensure that all changes made so far will take effect immediately. Reload privilege tables now? [Y/n] y ... Success! Cleaning up... All done! If you've completed all of the above steps, your MySQL installation should now be secure. Thanks for using MySQL! ............................ 3. Create the database Create a new MySQL database for NConf, create a user to access the database, grant the apropriate privileges. InnoDB Make sure InnoDB for MySQL is set up properly prior to creating the database! (InnoDB is a high-reliability and high-performance storage engine for MySQL) See http://dev.mysql.com/doc/refman/5.0/en/innodb-storage-engine.html # mysql -u root -p Enter password: Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 48 Server version: 5.5.44-0ubuntu0.14.04.1 (Ubuntu) Copyright (c) 2000, 2015, Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. mysql> show engines; +--------------------+---------+----------------------------------------------------------------+--------------+------+------------+ | Engine | Support | Comment | Transactions | XA | Savepoints | +--------------------+---------+----------------------------------------------------------------+--------------+------+------------+ | FEDERATED | NO | Federated MySQL storage engine | NULL | NULL | NULL | | CSV | YES | CSV storage engine | NO | NO | NO | | MEMORY | YES | Hash based, stored in memory, useful for temporary tables | NO | NO | NO | | BLACKHOLE | YES | /dev/null storage engine (anything you write to it disappears) | NO | NO | NO | | MyISAM | YES | MyISAM storage engine | NO | NO | NO | | MRG_MYISAM | YES | Collection of identical MyISAM tables | NO | NO | NO | | ARCHIVE | YES | Archive storage engine | NO | NO | NO | | InnoDB | DEFAULT | Supports transactions, row-level locking, and foreign keys | YES | YES | YES | | PERFORMANCE_SCHEMA | YES | Performance Schema | NO | NO | NO | +--------------------+---------+----------------------------------------------------------------+--------------+------+------------+ 9 rows in set (0.00 sec) mysql> show databases; +--------------------+ | Database | +--------------------+ | information_schema | | mysql | | performance_schema | +--------------------+ 3 rows in set (0.00 sec) mysql> CREATE DATABASE nconf; Query OK, 1 row affected (0.00 sec) mysql> show databases; +--------------------+ | Database | +--------------------+ | information_schema | | mysql | | nconf | | performance_schema | +--------------------+ 4 rows in set (0.00 sec) Your user will need the following privileges: SELECT, INSERT, UPDATE, DELETE, CREATE, ALTER, DROP mysql> CREATE USER 'nconfadmin'@'localhost' IDENTIFIED BY 'nc0nfP@55W0rD'; Query OK, 0 rows affected (0.01 sec) mysql> GRANT ALL ON nconf.* TO 'nconfadmin'@'localhost' IDENTIFIED BY 'nc0nfP@55W0rD'; Query OK, 0 rows affected (0.00 sec) mysql> flush privileges; Query OK, 0 rows affected (0.00 sec) mysql> exit; Bye 4.Create the database structure mysql -u DBUSER -p DBNAME < INSTALL/create_database.sql #mysql -u nconfadmin -p nconf < /var/www/html/nconf/INSTALL/create_database.sql Enter password: # mysql -u nconfadmin -p Enter password: Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 50 Server version: 5.5.44-0ubuntu0.14.04.1 (Ubuntu) Copyright (c) 2000, 2015, Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. mysql> use nconf; Reading table information for completion of table and column names You can turn off this feature to get a quicker startup with -A Database changed mysql> show tables; +-----------------+ | Tables_in_nconf | +-----------------+ | ConfigAttrs | | ConfigClasses | | ConfigItems | | ConfigValues | | History | | ItemLinks | +-----------------+ 6 rows in set (0.00 sec) mysql> exit Bye 5. Configure Nconf; Copy the contents of ./config.orig to ./config. Make sure you also copy the hidden files. # cp -arv /var/www/html/nconf/config.orig/.file_accounts.php /var/www/html/nconf/config/. /var/www/html/nconf/config/. ‘/var/www/html/nconf/config.orig/.file_accounts.php’ -> ‘/var/www/html/nconf/config/./.file_accounts.php’ # cp -arv /var/www/html/nconf/config.orig/* /var/www/html/nconf/config/.‘/var/www/html/nconf/config.orig/authentication.php’ -> ‘/var/www/html/nconf/config/./authentication.php’ ‘/var/www/html/nconf/config.orig/deployment.ini’ -> ‘/var/www/html/nconf/config/./deployment.ini’ ‘/var/www/html/nconf/config.orig/mysql.php’ -> ‘/var/www/html/nconf/config/./mysql.php’ ‘/var/www/html/nconf/config.orig/nconf.php’ -> ‘/var/www/html/nconf/config/./nconf.php’ # vi /var/www/html/nconf/config/mysql.php ### Edit ./config/mysql.php, set at least the following values: DBHOST DBNAME DBUSER DBPASS Main MySQL connection parameters # define('DBHOST', "localhost"); define('DBNAME', "nconf"); define('DBUSER', "nconfadmin"); define('DBPASS', "nc0nfP@55W0rD"); ?> ### Edit ./config/nconf.php, set at least the following values: define('NCONFDIR', "/var/www/html/nconf"); define('NAGIOS_BIN', "/var/www/html/nconf/bin/nagios"); ###Copy the nagios binary file from /usr/sbin/ to /var/www/html/nconf/bin/ NOTE: Restart Apache 6. Begin interactive installation Using your browser, start the installation process by navigating to http://hostx.ws.nsrc.org/nconf/INSTALL.php ### Clean up: Remove the INSTALL and UPDATE folders, as well as the INSTALL.php and UPDATE.php scripts. root@host24:/var/www/html/nconf# rm -rf /var/www/html/nconf/INSTALL root@host24:/var/www/html/nconf# rm -rf /var/www/html/nconf/INSTALL* root@host24:/var/www/html/nconf# rm -rf /var/www/html/nconf/UPDATE root@host24:/var/www/html/nconf# rm -rf /var/www/html/nconf/UPDATE* root@host24:/var/www/html/nconf# ### Get OS logo icons (optional, but nice) ### If you like, download the OS logo icons and unpack them to ./img/logos/base/ and do some homekeeping as shown below. root@host24:/var/www/html/nconf# cd /var/www/html/nconf/img/logos/base/ root@host24:/var/www/html/nconf/img/logos/base# wget https://www.monitoringexchange.org/attachment/download/ root@host24:/var/www/html/nconf/img/logos/base# wget https://www.monitoringexchange.org/attachment/download/Artwork/Image-Packs/Base-Images/imagepak-base.tar.tar --2013-08-14 13:34:14-- https://www.monitoringexchange.org/attachment/download/Artwork/Image-Packs/Base- root@host24:/var/www/html/nconf/img/logos/base# tar -xvf imagepak-base.tar.tar root@host24:/var/www/html/nconf/img/logos/base# ls base hp-printer40.gif imagepak-base.tar.tar preview-base.jpg sunlogo.gif win40.gif freebsd40.gif hpux.gif linux40.gif router40.gif switch40.gif root@host24:/var/www/html/nconf/img/logos/base# rm -rf imagepak-base.tar.tar root@host24:/# mv -vf /var/www/html/nconf/img/logos/base/base/* /var/www/html/nconf/img/logos/base/. root@host24:/# rm -rf /var/www/html/nconf/img/logos/base/base ### Check permissions once again and ensure that they are correct. root@host24:/var/www/html/nconf# ls -lh /var/www/html/nconf/ | grep config drwxr-xr-x 2 root root 4.0K Aug 14 13:41 config drwxr-xr-x 2 root root 4.0K Aug 14 11:02 config.orig -rw-r--r-- 1 root root 5.3K Aug 14 11:02 generate_config.php root@host24:/var/www/html/nconf# chown -R www-data:www-data /var/www/html/nconf/config root@host24:/var/www/html/nconf# ls -lh /var/www/html/nconf/ | grep config drwxr-xr-x 2 www-data www-data 4.0K Aug 14 13:41 config drwxr-xr-x 2 root root 4.0K Aug 14 11:02 config.orig -rw-r--r-- 1 root root 5.3K Aug 14 11:02 generate_config.php root@host24:/var/www/html/nconf# ### Authentication: If you need authentication, configure ./config/authentication.php and /config/.file_accounts.php appropriately. root@host24:/var/www/html/nconf# vi /var/www/html/nconf/config/authentication.php define('AUTH_ENABLED', "1"); root@host24:/var/www/html/nconf# vi /var/www/html/nconf/config/.file_accounts.php ###username::password::authorization(user|admin)::[user's full name (optional)]:: #admin::nconf::admin::Administrator:: (default) admin::p@55w0rd!::admin::Administrator:: ### Access nconf on the web browser http://ip-address/nconf ### Remember to input the username admin or any other user configured above together with the correct password to be granted access. ### Disable all hosts on NConf & Edit to your requirements. ### The instructor will guide you through the system. ### Copy logos from the nagios installation into NConf's installation. root@host24:/# cp -rv /usr/share/nagios/htdocs/images/logos/base/* /var/www/html/nconf/img/logos/base/. ### Look at the location of the Nagios config as generated by NConf. root@host24:/# ls -lh /var/www/html/nconf/output/ total 4.0K -rw-r--r-- 1 www-data www-data 3.1K Aug 15 02:52 NagiosConfig.tgz ### Configure Deployment on NConf. root@host24:/# cat /var/www/html/nconf/config/deployment.ini ;; NConf deployment configuration ;; LOCAL deployment ;; [extract config] type = local source_file = "/var/www/html/nconf/output/NagiosConfig.tgz" target_file = "/tmp/" action = extract [copy collector config] type = local source_file = "/tmp/Default_collector/" target_file = "/usr/local/nagios/etc/Default_collector/" action = copy [copy global config] type = local source_file = "/tmp/global/" target_file = "/usr/local/nagios/etc/global/" action = copy reload_command = "/usr/bin/sudo -u nagios /etc/init.d/nagios reload" ### Create the directories to put the NConf config and ensure they have the proper permissions. root@host24:/# mkdir /usr/local/nagios/etc/Default_collector root@host24:/# mkdir /usr/local/nagios/etc/global root@host24:/# chown -R www-data:www-data /usr/local/nagios/etc/Default_collector root@host24:/# chown -R www-data:www-data /usr/local/nagios/etc/global ### Create a backup copy of the nagios config file. root@host24:/# cp -rv /usr/local/nagios/etc/nagios.cfg /usr/local/nagios/etc/nagios.cfg.orig ### Configure Nagios to read the configs generated by NConf. root@host24:/# vi /usr/local/nagios/etc/nagios.cfg cfg_dir=/usr/local/nagios/etc/Default_collector cfg_dir=/usr/local/nagios/etc/global ### Give the apache user credentials to reload nagios as the user nagios. root@host24:/# visudo # Allow apache to reload the nagios config www-data ALL = (nagios) NOPASSWD: /etc/init.d/nagios3 reload