Extremely Serious

Month: October 2020

Requesting for Certificate with certbot-auto

Requesting for certificate

certbot-auto certonly -m <EMAIL_NAME> --webroot -w <WEBROOT_PATH> -d <DOMAIN_NAMES>

Example

certbot-auto certonly -m admin@example.com --webroot -w /usr/share/nginx/www -d www.example.com

Expanding your certificates

certbot-auto certonly --webroot --agree-tos -w <WEBROOT_PATH> --expand -d <DOMAIN_NAMES>

Example

certbot-auto certonly --webroot --agree-tos -w /usr/share/nginx/blog --expand -d blog.example.com

Display information about certificates you have from Certbot

certbot-auto certificates

Installing Jenkins in Ubuntu

Requirement

  • Java 8 +

Installing Jenkins

  1. Install the jenkins key:
    wget -q -O - https://pkg.jenkins.io/debian/jenkins.io.key | sudo apt-key add -
  2. Register the jenkins source:
    sudo sh -c 'echo deb http://pkg.jenkins.io/debian-stable binary/ > /etc/apt/sources.list.d/jenkins.list'
  3. Add the universe repository:
    sudo add-apt-repository universe
  4. Update the repository:
    sudo apt-get update
  5. Install jenkins:
    sudo apt-get install jenkins -y

Preparing Jenkins

  1. Access jenkins:
    http://localhost:8080/
  2. Use the password found from the following file for Administrator Password:
    sudo less /var/lib/jenkins/secrets/initialAdminPassword
  3. In Getting Started page select:
    Install suggested plugins
  4. Create the first admin user.
  5. Provide the Jenkins URL in the Instance Configuration.
  6. Click the Start using Jenkins button.

Monitoring Artifactory Service with Nagios

Requirement

  • check_jmx plugin

Enable JMX on Artifactory

  1. Update the /var/opt/jfrog/artifactory/etc/default file to add the following:
    export JAVA_OPTIONS="$JAVA_OPTIONS -Dcom.sun.management.jmxremote -Dcom.sun.management.jmxremote.port=5000 -Dcom.sun.management.jmxremote.local.only=false -Dcom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.jmxremote.ssl=false"

    If you wanted to connect remotely (e.g. jconsole) add the following argument:

    -Djava.rmi.server.hostname=<IP_ADDRESS>
  2. Restart the artifactory service:
    sudo systemctl restart artifactory.service

Testing with check_jmx plugin

/usr/local/nagios/libexec/check_jmx/nagios/plugin/check_jmx -U service:jmx:rmi:///jndi/rmi://localhost:5000/jmxrmi -O "org.jfrog.artifactory:instance=Artifactory, type=Storage,prop=Binary Storage" -A Size

Expect to see something similar to the following output:

JMX OK Size=377653571

Related Post
Downloading the Nagios check_jmx Plugin in Ubuntu

Downloading the Nagios check_url.pl Plugin in Ubuntu

Downloading the check_url.pl plugin

  1. Change to the nagios plugin directory:
    cd /usr/local/nagios/libexec/
  2. Download the check_url.pl plugin:
    sudo wget -O check_url.pl "https://exchange.nagios.org/components/com_mtree/attachment.php?link_id=1395&cf_id=24"
  3. Make the plugin executable:
    sudo chmod 755 check_url.pl
  4. Update the file check_url.pl to replace all tmp_ with /tmp/tmp_ text (i.e. if you are using vi for editing using the following:)
    %s#tmp_#/tmp/tmp_#g

Testing The Plugin

/usr/local/nagios/libexec/check_url.pl https://www.google.com

Expect to see the following output:

OK: 200  OK

Displaying the Help

/usr/local/nagios/libexec/check_url.pl -h

Downloading the Nagios check_jmx Plugin in Ubuntu

Downloading the check_jmx plugin

  1. Change the directory to your home directory:
    cd ~
  2. Download the check_jmx plugin:
    wget -O check_jmx.tgz "https://exchange.nagios.org/components/com_mtree/attachment.php?link_id=1274&cf_id=24"
  3. Extract the downloaded plugin:
    tar xvf check_jmx.tgz
  4. Move the plugin to /usr/local/nagios/libexec/ directory:
    sudo mv check_jmx /usr/local/nagios/libexec/
  5. Update the file /usr/local/nagios/libexec/check_jmx/nagios/plugin/check_jmx to enclose the $@ with double quotation marks:
    "$@"

    Thus the whole java line will become:

    java -cp $RDIR/jmxquery.jar org.nagios.JMXQuery "$@"

    The use of the double quote is to handle space character properly

Displaying the Help

/usr/local/nagios/libexec/check_jmx/nagios/plugin/check_jmx -help

Compiling Nagios Plugin 2.3.3 to Ubuntu 20.04

Installing the Nagios Plugins

  1. Refresh the repository:
    sudo apt-get update
  2. Install the dependencies:
    sudo apt-get install -y autoconf gcc libc6 libmcrypt-dev make libssl-dev wget bc gawk dc build-essential snmp libnet-snmp-perl gettext
  3. Change the directory to your home directory:
    cd ~
  4. Download the nagios plugins source codes:
    wget --no-check-certificate -O nagios-plugins.tar.gz https://github.com/nagios-plugins/nagios-plugins/archive/release-2.3.3.tar.gz
  5. Extract the downloaded source codes:
    tar zxf nagios-plugins.tar.gz
  6. Change to the directory of the newly extracted source codes:
    cd nagios-plugins-release-2.3.3
  7. Setup and configure:
    sudo ./tools/setup
    sudo ./configure
  8. Compile the source codes:
    sudo make
  9. Install the plugins to /usr/local/nagios/libexec directory:
    sudo make install

Configuring NRPE 4 Daemon and Plugin to Ubuntu 20.04

Installing NRPE

    1. Refresh the repository:
      sudo apt-get update
    2. Install the dependencies:
      sudo apt-get install autoconf automake gcc libc6 libmcrypt-dev make libssl-dev wget openssl -y
    3. Change the directory to your home directory:
      cd ~
    4. Download the nrpe 4 source codes:
      wget https://github.com/NagiosEnterprises/nrpe/releases/download/nrpe-4.0.3/nrpe-4.0.3.tar.gz
    5. Extract the downloaded source codes:
      tar xvf nrpe-4.0.3.tar.gz
    6. Change to the directory of the newly extracted source codes:
      cd nrpe-4.0.3
    7. Run the configure script that enables the command arguments for clients and uses ssl library:
      sudo ./configure --enable-command-args --with-ssl-lib=/usr/lib/x86_64-linux-gnu/
    8. Compile the source codes:
      sudo make all
    9. Install the nagios user and group:
      sudo make install-groups-users
    10. Install both NRPE daemon and check_nrpe plugin:
      sudo make install
    11. Install the nrpe config file (i.e. /usr/local/nagios/etc/nrpe.cfg):
      sudo make install-config
    12. Install the init script:
      sudo make install-init
    13. Enable the nrpe daemon:
      sudo systemctl enable nrpe.service
    14. Update allowed_hosts field in the /usr/local/nagios/etc/nrpe.cfg file: to include your nagios server address (e.g. your nagios server address is 10.0.0.174 the allowed hosts is as follows):
      allowed_hosts=127.0.0.1,::1,10.0.0.174
    15. Update the dont_blame_nrpe field: to 1 on the same configuration file to allow your clients to specify arguments:
      dont_blame_nrpe=1
    16. Start the nrpe daemon:
      sudo systemctl start nrpe.service

      The NRPE service is listening with the port 5666 by default.

Testing The NRPE Plugin

/usr/local/nagios/libexec/check_nrpe -H localhost

Expect to see the version of NRPE daemon

Related Post
Compiling NRPE 4 Plugin to Tinkerboard
Compiling Nagios Plugin 2.3.3 to Ubuntu 20.04

Compiling NRPE 4 Plugin to Tinkerboard

Installing NRPE

  1. Refresh the repository:
    sudo apt-get update
  2. Install the dependencies:
    sudo apt-get install libssl-dev -y
  3. Change the directory to your home directory:
    cd ~
  4. Download the nrpe 4 source codes:
    wget https://github.com/NagiosEnterprises/nrpe/releases/download/nrpe-4.0.3/nrpe-4.0.3.tar.gz
  5. Extract the downloaded source codes:
    tar xvf nrpe-4.0.3.tar.gz
  6. Change to the directory of the newly extracted source codes:
    cd nrpe-4.0.3
  7. Run the configure script:
    ./configure
  8. Compile the check_nrpe plugin only:
    sudo make check_nrpe
  9. Install the newly compiled plugin:
    sudo make install-plugin
  10. Update the file /usr/local/nagios/etc/objects/commands.cfg to add the following entry:
    define command {
    	command_name    check_nrpe
    	command_line    /usr/local/nagios/libexec/check_nrpe -H $HOSTADDRESS$ -t 30 -c $ARG1$ $ARG2$
    }

Testing The Plugin

Using the command check_nrpe we can check the load on the host 10.0.0.202 (i.e. NRPE daemon must be configured and listening on port 5666) using the following command:

/usr/local/nagios/libexec/check_nrpe -H 10.0.0.202 -c check_load

Expect to see the output of the check_load plugin executed on the host 10.0.0.202

Configuring Nagios 4 to Tinkerboard

Installing Nagios

  1. Update the system:
    sudo apt-get update && sudo apt-get upgrade
  2. Install the dependencies:
    sudo apt-get install autoconf gcc libc6 make wget unzip apache2 php libapache2-mod-php libgd-dev libsasl2-modules mailutils -y
  3. Change the directory to your home directory:
    cd ~
  4. Download the nagios 4 source codes:
    wget https://assets.nagios.com/downloads/nagioscore/releases/nagios-4.4.6.tar.gz
  5. Extract the downloaded source codes:
    tar xzf nagios-4.4.6.tar.gz
  6. Change to the directory of the newly extracted source codes:
    cd nagios-4.4.6
  7. Run the configure script with integration to apache2:
    ./configure --with-httpd-conf=/etc/apache2/sites-enabled
  8. Compile the source:
    sudo make all
  9. Install the nagios user and group:
    sudo make install-groups-users
  10. Make nagios user a member of the www-data group:
    sudo usermod -aG nagios www-data
  11. Install nagios.
    sudo make install
  12. Install the init script:
    sudo make install-init
  13. Initialize the init script:
    sudo make install-daemoninit
  14. Install and configures permissions on the directory for holding the external command:
    sudo make install-commandmode
  15. Install the sample config files on the /usr/local/nagios/etc directory:
    sudo make install-config
  16. Install the nagios config file to apache2:
    sudo make install-webconf
  17. Update the SUID of the ping command:
    sudo chmod 4755 /bin/ping

Installing the Nagios Plugins

  1. Run the following command:
    sudo apt install nagios-plugins
  2. Update the $USER1$ property in the /usr/local/nagios/etc/resource.cfg file to have /usr/lib/nagios/plugins like as follows:
    $USER1$=/usr/lib/nagios/plugins

Configuring Apache2 Web Server

  1. Enable the rewrite module:
    sudo a2enmod rewrite
  2. Enable the CGI module:
    sudo a2enmod cgi
  3. Create nagiosadmin as a nagios web user:
    sudo htpasswd -c /usr/local/nagios/etc/htpasswd.users nagiosadmin

    Assign a strong password

  4. Restart the apache2 service:
    sudo systemctl restart apache2

Related Post
Configuring NRPE 4 Daemon and Plugin to Ubuntu 20.04
Compiling NRPE 4 Plugin to Tinkerboard