Created
June 5, 2009 16:24
-
-
Save fapestniegd/124365 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
yum install -y nagios nagios-plugins httpd mod_ssl mod_authz_ldap git \ | |
perl-MD5 perl-YAML perl-NetAddr-IP nagiostat net-snmp-utils | |
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT | |
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT | |
scp root@newton:/opt/local/openssl/certificate_authority/eftdomain.net//mid_ca/mid-openssl.cnf /root/openssl.cnf | |
HOST=$(hostname -f) | |
openssl genrsa -out /etc/pki/tls/private/${HOST}.key 1024 | |
openssl req -new -key /etc/pki/tls/private/${HOST}.key \ | |
-out /root/${HOST}.csr -config /root/openssl.cnf | |
scp /root/${HOST}.csr root@newton:/opt/local/openssl/certificate_authority/eftdomain.net/mid_ca/ | |
##ship the csr to newton: | |
# cd /opt/local/openssl/certificate_authority/eftdomain.net/mid_ca | |
# openssl ca -config mid-openssl.cnf \ | |
# -policy policy_anything \ | |
# -out ../copernicus.eftdomain.net/copernicus.eftdomain.net.crt \ | |
# -infiles ../copernicus.eftdomain.net/copernicus.eftdomain.net.csr | |
# | |
scp root@newton:/opt/local/openssl/certificate_authority/eftdomain.net/${HOST}/${HOST}.crt /etc/pki/tls/certs/${HOST}.crt | |
mv /etc/pki/tls/certs/localhost.crt /etc/pki/tls/certs/localhost.crt-dist | |
(cd /etc/pki/tls/certs/; ln -s ${HOST}.crt localhost.crt) | |
mv /etc/pki/tls/private/localhost.key /etc/pki/tls/private/localhost.key-dist | |
(cd /etc/pki/tls/private/; ln -s ${HOST}.key localhost.key) | |
chmod 600 /etc/pki/tls/certs/* | |
cp /etc/httpd/conf.d/adauth.cf into place | |
edit /etc/httpd/conf.d/nagios.cf to Include conf.d/adauth.cf (in 2 places) | |
edit /etc/nagios/cgi.cfg and add jameswhite to nagiosadmin stuff | |
comment-in said lines... | |
mkfifo -m 0660 /var/log/nagios/rw/nagios.cmd | |
chown -R nagios:apache /var/log/nagios/rw | |
/etc/nagios/nagios.cfg | |
check_external_commands=1 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment