Icinga objects

Host
http://www.panticz.de/icinga-cbjects-debian_xen_host.cfg

VoIP phone
http://www.panticz.de/icinga-cbjects-sipphone1.cfg

# disable service
register 0

Examples
define serviceescalation {
host_name localhost
service_description HTTP
first_notification 5
contact_groups admins, managers
escalation_condition host linux=d | service linux.SSH=w,c
}

Snippets
# certificate check
define service {
use generic-service
host_name www.example.com

Install Icinga / Nagios NRPE plugin

# on Icinga / Nagios client
apt-get install -y nagios-nrpe-server
sed -i 's|allowed_hosts=127.0.0.1|allowed_hosts=192.168.1.197|g' /etc/nagios/nrpe.cfg
/etc/init.d/nagios-nrpe-server restart
 
cat <<EOF> /etc/nagios/nrpe.d/my.cfg
command[check_root]=/usr/lib/nagios/plugins/check_disk -w 20% -c 10% -p /
command[check_http]=/usr/lib/nagios/plugins/check_http -H localhost
command[check_ssh]=/usr/lib/nagios/plugins/check_ssh localhost
EOF
 
/etc/init.d/nagios-nrpe-server restart
 
# test access
/usr/lib/nagios/plugins/check_nrpe -H <NRPE_CLIENT_IP>
 
# on Icinga / Nagios server
apt-ge

Install icinga srver

wget https://raw.githubusercontent.com/panticz/installit/master/install.icinga.sh -O - | bash -

#!/bin/bash

# ensure that this script is run by root
if [ $(id -u) -ne 0 ]; then
  sudo $0
  exit
fi

debconf-set-selections <<\EOF
postfix postfix/mailname string $(hostname)
postfix postfix/main_mailer_type select Internet Site
icinga-common icinga/check_external_commands select false
icinga-cgi icinga/adminpassword-repeat string icingaadmin
icinga-cgi icinga/adminpassword string icingaadmin
icinga-cgi icinga/httpd select apache2
EOF

# install the latest version 
. /etc/os-release
if [ "${ID}" == "debian" ]; then
  # add debmon.org Icinga repository
  DIST=$(grep PRETTY_NAME /etc/os-release | cut -d "(" -f2 | cut -d ")" -f1)
  echo "deb http://debmon.org/debmon debmon-${DIST} main" > /etc/apt/sources.list.d/debmon.list
  wget -q http://debmon.org/debmon/repo.key -O - | apt-key add -
  apt-get update
fi

# install icinga
apt-get install -y icinga

# disable double log output to syslog
sed -i 's|use_syslog=1|use_syslog=0|g' /etc/icinga/icinga.cfg

# show 1000 results by default
sed -i 's|result_limit=50|result_limit=1000|g' /etc/icinga/cgi.cfg

# restart icinga
/etc/init.d/icinga restart

# redirect by default to /icinga/
echo 'RedirectMatch "^/$" "/icinga/"' >> /etc/apache2/conf-available/icinga.conf

# allow "Re-schedule Next Host Check" from Icinga webgui
sed -i 's|check_external_commands=0|check_external_commands=1|g' /etc/icinga/icinga.cfg
chmod 2710 /var/lib/icinga/rw

# restart werbserver
service apache2 restart

Admin login
http://YOUR_IP/icinga/
user: icingaadmin
pass: icingaadmin

Icinga Apache configuration
/etc/apache2/conf-available/icinga.conf

Icinga repository
http://packages.icinga.org/

Enable automatic updates
# http://www.panticz.de/debian-ubuntu-automatic-upgrades
wget -q --no-check-certificate https://raw.githubusercontent.com/panticz/scripts/master/enable_auto_update.sh -O - | bash -

configure contact
sed -i 's|root@localhost|YOUR@EMAIL-ADDRESS.com|g' /etc/icinga/objects/contacts_icinga.cfg

change password
htpasswd -c /etc/icinga/htpasswd.users icingaadmin

plugins
http://www.panticz.de/Icinga-plugins

LDAP
a2enmod authnz_ldap

echo "pass1234" > /etc/apache2/ldap_password.inc
chmod 600 /etc/apache2/ldap_password.inc

sed -i 's|=icingaadmin|=*|g' /etc/icinga/cgi.cfg

/etc/icinga/apache2.conf
- AuthUserFile /etc/icinga/htpasswd.users
+ AuthBasicProvider ldap
+ AuthLDAPBindDN "ldap@example.com"
+ AuthLDAPBindPassword "exec:/bin/cat /etc/apache2/ldap_password.inc"
+ AuthLDAPURL "ldap://ldap.example.com:3268/dc=example,dc=com?sAMAccountName?sub?(objectClass=*)" NONE
+ AuthLDAPRemoteUserIsDN off
+ Require ldap-group CN=IPG.DevOps,OU=_IntranetPermissionGroups,DC=example,DC=com

service apache2 restart

# config
https://wiki.icinga.org/display/Dev/Icinga+Core+Debug+Config

# cgi
http://docs.icinga.org/latest/de/cgiparams.html#cgiparams-ahas
http://icinga.example.com/cgi-bin/icinga/status.cgi?servicestatustypes=20&noheader=1

Links
http://www.debmon.org/ - Debian Monitoring Project
http://packages.debian.org/wheezy/icinga
http://packages.icinga.org/debian/ - Icinga repository
https://www.icinga.org/icinga2/ - Icinga 2 preview
http://www.sysadminslife.com/monitoring-2/icinga-1-9-installation-unter-debian-squeeze-wheezy-aktuellste-version/

Icinga

Install Icinga master (server)
http://www.panticz.de/Install-icinga

Configure by ssh (minimalistic setup on clients)
http://www.panticz.de/Install-icinga-SSH-on-client

Templates
/etc/icinga/objects/generic-service_icinga.cfg

Check syntax
sudo /etc/init.d/icinga check

Check return codes
0 - OK
1 - warning
2 - critical
3 - unknown

Icons
wget http://cdn1.iconfinder.com/data/icons/fatcow/16x16/mail_yellow.png -O /usr/share/nagios/htdocs/images/logos/base/mail.png

IpFire

http://wiki.ipfire.org/de/addons/net-snmp/start - SNMP Daemon for IpFire

Edit Cron jobs on IpFire
fcrontab -e
/etc/init.d/fcron restart

# force update dyndns every day
#9 2 * * 0 [ -f "/var/ipfire/red/active" ] && /usr/local/bin/setddns.pl -f
0 19 * * * [ -f "/var/ipfire/red/active" ] && /usr/local/bin/setddns.pl -f

Upgrade
pakfire update
pakfire upgrade

Install Addons
pakfire install -y iftop

Update XEN VM
mount /dev/vg1/fw-boot /mnt/

# add XEN boot entry in GRUB configuration

Read SNMP informations from a device from Ubuntu / Linux

sudo apt-get install snmp
snmpwalk -v1 -c public 192.168.1.2

Install Spotify under Linux / Ubuntu

wget https://raw.githubusercontent.com/panticz/installit/master/install.spotify.sh -O - | bash -

#!/bin/bash

# add repository
sudo add-apt-repository "deb http://repository.spotify.com stable non-free"

sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 94558F59 D2C19886

# update
sudo apt-get update -qq

# install spotify
sudo apt-get install -y spotify-client

# install from snap
snap install spotify

Fix "GLIBC_2.14 not found"on Debian Wheezy
http://www.random-dev.de/fix-version-glibc_2-14-found-error/

Raspberry Pi

Images
https://www.raspberrypi.org/downloads/

# Raspbian (Debian Jessie)
sudo umount /dev/mmcblk0*
wget -q http://director.downloads.raspberrypi.org/raspbian/images/raspbian-2016-02-29/2016-02-26-raspbian-jessie.zip -P /tmp
unzip -p /home/pako/Downloads/2016-02-26-raspbian-jessie.zip | sudo dd of=/dev/mmcblk0
sync

wget -q http://director.downloads.raspberrypi.org/raspbian_lite/images/raspbian_lite-2016-02-29/2016-02-26-raspbian-jessie-lite.zip -P /tmp

View used codecs
for codec in H264 MPG2 WVC1 MPG4 MJPG WMV9 ; do \

Debian Squeeze: Update nfs-kernel-server to squeeze-backports

# Debian Squeeze backports
cat <<EOF> /etc/apt/sources.list.d/squeeze-backports.list
deb http://ftp.de.debian.org/debian-backports squeeze-backports main
deb-src http://ftp.de.debian.org/debian-backports squeeze-backports main
EOF
 
apt-get update
apt-get -t squeeze-backports install -y nfs-kernel-server
apt-get autoremove -y
reboot
 
# Links
http://backports.debian.org/Instructions/

OpenWrt on TP-Link TL-WR941ND / TL-WR1043ND / TL-WDR3600 / TL-WDR4300

# 15.05
https://downloads.openwrt.org/chaos_calmer/15.05.1/ar71xx/generic/

# flash tl-wr1043nd
URL=http://downloads.openwrt.org/chaos_calmer/15.05.1/ar71xx/generic/openwrt-15.05.1-ar71xx-generic-tl-wr1043nd-v1-squashfs-factory.bin
wget ${URL} -P /tmp
scp /tmp/openwrt-15.05-ar71xx-generic-tl-wr1043nd-v1-squashfs-factory.bin root@192.168.1.111:/tmp/
ssh root@192.168.1.111
echo 3 > /proc/sys/vm/drop_caches
mtd -r write /tmp/openwrt-15.05.1-ar71xx-generic-tl-wr1043nd-v1-squashfs-factory.bin firmware

# flash tl-wdr4300

Syndicate content