Bonsoir,
Comme je vois que le sujet passionne les foules, voici le script que j’utilise pour installer shinken (oui il est mal écrit mais là n’est pas le problème, je fais ce que je peux avec bash ) :
## détection adresse réseau et masque
echo "
IFS=. read -r i1 i2 i3 i4 <<< \"$(hostname -i)\"
IFS=. read -r m1 m2 m3 m4 <<< \"$(ifconfig |grep Masque|grep Bcast|awk '{ print $4 }'|cut -d: -f2)\"
printf \"%d.%d.%d.%d\n\" \"\$((i1 & m1))\" \"\$((i2 & m2))\" \"\$((i3 & m3))\" \"\$((i4 & m4))\"" > /tmp/Net
NetWork=$(bash /tmp/Net)
Masque=$(ifconfig|grep Masque|grep Bcast|cut -d: -f4)
if [ ${Masque} = "255.0.0.0" ]
then SubNet=/8
fi
if [ ${Masque} = "255.128.0.0" ]
then SubNet=/9
fi
if [ ${Masque} = "255.192.0.0" ]
then SubNet=/10
fi
if [ ${Masque} = "255.224.0.0" ]
then SubNet=/11
fi
if [ ${Masque} = "255.240.0.0" ]
then SubNet=/12
fi
if [ ${Masque} = "255.248.0.0" ]
then SubNet=/13
fi
if [ ${Masque} = "255.252.0.0" ]
then SubNet=/14
fi
if [ ${Masque} = "255.254.0.0" ]
then SubNet=/15
fi
if [ ${Masque} = "255.255.0.0" ]
then SubNet=/16
fi
if [ ${Masque} = "255.255.128.0" ]
then SubNet=/17
fi
if [ ${Masque} = "255.255.192.0" ]
then SubNet=/18
fi
if [ ${Masque} = "255.255.224.0" ]
then SubNet=/19
fi
if [ ${Masque} = "255.255.240.0" ]
then SubNet=/20
fi
if [ ${Masque} = "255.255.248.0" ]
then SubNet=/21
fi
if [ ${Masque} = "255.255.252.0" ]
then SubNet=/22
fi
if [ ${Masque} = "255.255.254.0" ]
then SubNet=/23
fi
if [ ${Masque} = "255.255.255.0" ]
then SubNet=/24
fi
if [ ${Masque} = "255.255.255.128" ]
then SubNet=/25
fi
if [ ${Masque} = "255.255.255.192" ]
then SubNet=/26
fi
if [ ${Masque} = "255.255.255.224" ]
then SubNet=/27
fi
if [ ${Masque} = "255.255.255.240" ]
then SubNet=/28
fi
if [ ${Masque} = "255.255.255.248" ]
then SubNet=/29
fi
if [ ${Masque} = "255.255.255.252" ]
then SubNet=/30
fi
if [ ${Masque} = "255.255.255.254" ]
then SubNet=/31
fi
#echo $SubNet
## Questionnaire pré-install
function Quest1 () {
function testip_netw () {
prefix=$(whiptail --inputbox "Tapez le préfixe réseau du masque de sous réseau à scanner avec Shinken ${Masque} :" 20 80 "${SubNet}" 3>&1 1>&2 2>&3)
if [ "$?" = 1 ]
then
exit 0
fi
}
testip_netw
function Quest2 () {
function testip_netw2 () {
Net=$(whiptail --inputbox "Tapez l'adresse réseau à scanner avec Shinken : " 20 80 ${NetWork} 3>&1 1>&2 2>&3)
if [ "$?" = 1 ]
then
Quest1
fi
}
testip_netw2
Netw=${Net}${prefix}
until [[ "${Netw}" =~ ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(/[1-2]{1}[0-9]{1})|(/3[0-2]{1})|(/[0-9])$ ]]
do
testip_netw
done
function Quest3 () {
function pass_confirm () {
admin_pass=$(whiptail --passwordbox "Tapez le mot de passe de l'administrateur de Shinken (utilisateur admin dans webui):" --nocancel 20 80 3>&1 1>&2 2>&3)
admin_pass2=$(whiptail --passwordbox "Confirmez le mot de passe de l'administrateur de shinken :" 20 80 3>&1 1>&2 2>&3)
if [ "$?" = 1 ]
then
Quest2
fi
}
pass_confirm
while [ "${admin_pass}" != "${admin_pass2}" ]
do
whiptail --msgbox "Les mots de passe ne correspondent pas..." 20 80
pass_confirm
done
function Quest4 () {
function domaine_addr () {
domain=$(whiptail --inputbox "Tapez votre nom de domaine :" 20 80 $(grep domain /etc/resolv.conf|awk '{print $2}') 3>&1 1>&2 2>&3)
if [ "$?" = "1" ]
then
Quest3
fi
}
domaine_addr
until [[ "$domain" =~ [A-Za-z0-9.-]+\.[A-Za-z]{2,6}$ ]]
do
domaine_addr
done
function Quest5 () {
function NETBIOS () {
Netbios=$(whiptail --inputbox "Tapez le nom de Netbios du domaine à superviser :" 20 80 $(echo $domain|cut -d. -f1|tr '[:lower:]' '[:upper:]') 3>&1 1>&2 2>&3)
if [ "$?" = "1" ]
then
Quest4
fi
}
NETBIOS
until [[ "$Netbios" =~ [A-Z0-9.-]$ ]]
do
NETBIOS
done
function Quest6 () {
function pass_confirm () {
domain_pass=$(whiptail --passwordbox "Tapez le mot de passe de l'administrateur du domaine :" --nocancel 20 80 3>&1 1>&2 2>&3)
domain_pass2=$(whiptail --passwordbox "Confirmez le mot de passe de l'administrateur du domaine :" 20 80 3>&1 1>&2 2>&3)
if [ "$?" = 1 ]
then
Quest5
fi
}
pass_confirm
while [ "${domain_pass}" != "${domain_pass2}" ]
do
whiptail --msgbox "Les mots de passe ne correspondent pas..." 20 80
pass_confirm
done
function Quest7 () {
function IDuser_addr () {
DomainUser=$(whiptail --inputbox "Indiquez le nom de l'utilisateur (identifiant de session Windows) qui aura les droits effectuer les check WMI (ex : henri.olet)" 20 80 administrateur 3>&1 1>&2 2>&3)
if [ "$?" = "1" ]
then
Quest6
fi
}
IDuser_addr
until [[ "${DomainUser}" =~ ^[a-z0-9._%+-]{2,15}$ ]]
do
IDuser_addr
done
}
}
}
}
}
}
}
Quest1
Quest2
Quest3
Quest4
Quest5
Quest6
Quest7
whiptail --title "Installation" --msgbox "Le script d'install va vous demander si vous souhaitez créer un utilisateur admin pour Django, ce n'est pas la peine, ensuite il vous sera demandé si vous souhaitez procéder au paramétrage automatique répondez que oui." 20 80
## dépendances shinken (à trier)
apt-get update && apt-get upgrade -y
apt-get install -y python-pip python-cherrypy3 python-crypto m2crypto python-setuptools monitoring-plugins-standard nagios-plugins-contrib nagios-snmp-plugins libpq-dev python-dev \
libxml2-dev libxslt1-dev libldap2-dev libsasl2-dev libcurl4-openssl-dev python-dev snmp python-influxdb nmap php5 php5-sasl php5-gd snmpd sudo nagios-plugins unzip git python-cairo \
snmpd ntp libsnmp-mib-compiler-perl tkmib python-pysnmp4-mibs smistrip snmptrapd snmp libsnmp-base libsnmp30 libsnmp30-dbg libsnmp-dev libperl-dev python-django python-django-tagging \
python-twisted python-zope.interface fontconfig apache2 libapache2-mod-wsgi python-pysqlite2 python-simplejson git-core python-rrdtool libapache2-mod-php5 rrdtool librrds-perl \
ntp nagios-nrpe-plugin python-sqlite python-simplejson libsnmp-mib-compiler-perl tkmib python-pysnmp4-mibs libsnmp-mib-compiler-perl tkmib python-pysnmp4-mibs smistrip snmptrapd \
snmp libsnmp-base libsnmp30 libsnmp30-dbg libsnmp-dev libperl-dev libapache2-mod-fcgid php5-fpm
## User & group shinken
adduser --home /home/shinken --shell /bin/bash --gecos "First Last,RoomNumber,WorkPhone,HomePhone" --disabled-password --disabled-login shinken
chown shinken:shinken -R /home/shinken
## Client snmp
wget http://ftp.fi.debian.org/debian/pool/non-free/s/snmp-mibs-downloader/snmp-mibs-downloader_1.1_all.deb
dpkg -i snmp-mibs-downloader_1.1_all.deb
download-mibs
/etc/init.d/snmpd stop
cp /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf.bak
sed -i "s|sysLocation|#sysLocation|" /etc/snmp/snmpd.conf
sed -i "s|sysContact|#sysContact|" /etc/snmp/snmpd.conf
echo "sysLocation Somewhere Over The Rainbow
sysContact support@$(hostname -d)
trap2sink localhost public
informsink localhost public" >> /etc/snmp/snmpd.conf
sed -i "s|#agentAddress udp:161,udp6|agentAddress udp:0.0.0.0:161,udp6|" /etc/snmp/snmpd.conf
sed -i "s|agentAddress udp:127.0.0.1:161|#agentAddress udp:127.0.0.1:161|" /etc/snmp/snmpd.conf
sed -i "s|rocommunity public default -V systemonly|rocommunity public|" /etc/snmp/snmpd.conf
#sed -i "s|rocommunity public localhost|#rocommunity public localhost|" /etc/snmp/snmpd.conf
sed -i "s|view systemonly included|# view systemonly included|" /etc/snmp/snmpd.conf
sed -i "s|view systemonly included .1.3.6.1.2.1.25.1|# view systemonly included .1.3.6.1.2.1.25.1|" /etc/snmp/snmpd.conf
echo "view all included .1 80" >> /etc/snmp/snmpd.conf
echo "access notConfigGroup “” any noauth exact all one none" >> /etc/snmp/snmpd.conf
echo "# Cumulus specific
view all included .1.3.6.1.4.1.40310.1
view all included .1.3.6.1.4.1.40310.2
# Memory utilization
view all included .1.3.6.1.4.1.2021.4 " >> /etc/snmp/snmpd.conf
sed -i "s|mibs :|#mibs :|" /etc/snmp/snmp.conf
echo "export MIBS=UCD-SNMP-MIB" >> /etc/default/snmpd
echo "export MIBDIRS=/usr/share/snmp/mibs" >> /etc/default/snmpd
echo "createUser snmpv3user SHA \"snmpv3authPass\" AES snmpv3encPass" >> /etc/snmp/snmpd.conf
sed -i "s|rouser internalUser|rouser snmpv3user|" /etc/snmp/snmpd.conf
sed -i "s|rouser authOnlyUser|rouser snmpv3user|" /etc/snmp/snmpd.conf
/etc/init.d/snmpd start
## Install Shinken
pip install pycurl
pip install shinken
# wget --no-check-certificate https://github.com/naparuba/shinken/archive/2.4.3.tar.gz
# tar -xvzf 2.4.3.tar.gz
# cd shinken-2.4.3
# python setup.py install
update-rc.d shinken defaults
adduser shinken sudo
sed -i "21ishinken ALL=(ALL:ALL) ALL" /etc/sudoers
cd /root && wget --no-check-certificate https://www.monitoring-plugins.org/download/monitoring-plugins-2.1.2.tar.gz
tar -xzvf monitoring-plugins-2.1.2.tar.gz
cd monitoring-plugins-2.1.2/
./configure --with-nagios-user=shinken --with-nagios-group=shinken --enable-libtap --enable-extra-opts --enable-perl-modules --libexecdir=/var/lib/shinken/libexec
make install
## modules shinken
/etc/init.d/shinken start
sudo -E shinken shinken --init
sudo -E shinken install webui
sudo -E shinken install statsd
sudo -E shinken install nsca
sudo -E shinken install mod-influxdb
sudo -E shinken install booster-nrpe
sudo -E shinken install kiosks-counters
sudo -E shinken install graphite
sudo -E shinken install ui-graphite
sudo -E shinken install ui-pnp
sudo -E shinken install npcdmod
sudo -E shinken install ip_tag
sudo -E shinken install auth-cfg-password
sudo -E shinken install sqlitedb
sudo -E shinken install glpidb
sudo -E shinken install auth-htpasswd
sudo -E shinken install livestatus
sudo -E shinken install aix
sudo -E shinken install apcupsd
sudo -E shinken install cisco
sudo -E shinken install ceph
sudo -E shinken install cert
sudo -E shinken install collectd
sudo -E shinken install cups
sudo -E shinken install dc
sudo -E shinken install dhcp
sudo -E shinken install dns
sudo -E shinken install exchange
sudo -E shinken install glpi-helpdesk
sudo -E shinken install hp
sudo -E shinken install hp-asm
sudo -E shinken install hp-blades-chassis
sudo -E shinken install hp-printers
sudo -E shinken install hpux
sudo -E shinken install http
sudo -E shinken install ibm-xseries
sudo -E shinken install iis
sudo -E shinken install ldap
sudo -E shinken install linux-snmp
sudo -E shinken install linux-ssh
sudo -E shinken install ntp
sudo -E shinken install postgresql
sudo -E shinken install server-ipmi
sudo -E shinken install router
sudo -E shinken install switch
sudo -E shinken install windows
sudo -E shinken install logstore-null
sudo -E shinken install sqlitelog
sudo -E shinken install logstore-sqlite
sudo -E shinken install sqlitedb
sudo -E shinken install npcdmod
sudo -E shinken install mongodb
sudo -E shinken install mysql
# If var or run dir is missing, create them and chown them ==> Bug de droits lors de la création du PID !!
# sed -i "48i[ ! -d \$VAR ] && mkdir -p \$VAR && chown \$SHINKENUSER:\$SHINKENGROUP \$VAR" /etc/init.d/shinken
# sed -i "49i[ ! -d \$RUN ] && mkdir -p \$RUN && chown \$SHINKENUSER:\$SHINKENGROUP \$RUN" /etc/init.d/shinken
# sed -i "30iSHINKENUSER=shinken" /etc/default/shinken
# sed -i "31iSHINKENGROUP=shinken" /etc/default/shinken
## conf générale shinken
sed -i "s|password admin|password ${admin_pass}|" /etc/shinken/contacts/admin.cfg
sed -i "s|\$NMAPTARGETS|#\$NMAPTARGETS|" /etc/shinken/resource.d/nmap.cfg
sed -i "2i\$NMAPTARGETS\$=localhost ${Netw}" /etc/shinken/resource.d/nmap.cfg
sed -i "s| modules| modules webui,statsd,nsca,booster-nrpe,graphite,npcdmod,glpidb,livestatus,glpidb|" /etc/shinken/brokers/broker-master.cfg
sed -i "s| modules| modules auth-cfg-password,SQLitedb,nsca,ui-pnp,ui-graphite,auth-htpasswd,glpi-helpdesk,mongodb|" /etc/shinken/modules/webui.cfg
sed -i "s|CHANGE_ME|${admin_pass2}|" /etc/shinken/modules/webui.cfg
sed -i "s|YOURSERVERNAME|$(hostname -i)|" /etc/shinken/modules/ui-graphite.cfg
sed -i "s|$(hostname -i)/|$(hostname -i)|" /etc/shinken/modules/ui-graphite.cfg
sed -i "s|/var/lib/shinken/share/templates/graphite/|/opt/graphite/webapp/graphite/templates/|" /etc/shinken/modules/ui-graphite.cfg
sed -i "s|YOURSERVERNAME|$(hostname -i)|" /etc/shinken/modules/ui-pnp.cfg
sed -i "s| #socket| socket|" /usr/local/shinken/var/rw/live
sed -i "s|from helper import hst_srv_sort|from shinken.misc.sorter import hst_srv_sort|" /var/lib/shinken/modules/webui/plugins/wall/wall.py
sed -i "s|#socket|socket|" /etc/shinken/modules/livestatus.cfg
## Module statsd à débugguer !!!!!!!
#sed -i "s|statsd_enabled=0|statsd_enabled=1|" /etc/shinken/shinken.cfg
#sed -i "s|#api_key=|api_key=029e59569a884edc9884a4372dc6a3d7|" /etc/shinken/shinken.cfg
#sed -i "s|#secret=|secret=5f065be01bac4e8f|" /etc/shinken/shinken.cfg
## fix commands checks
# linux
sed -i "s|/check_ntp_time|/check_ntp_peer|" /etc/shinken/packs/linux-snmp/commands.cfg
sed -i "26icommand_line /var/lib/shinken/libexec/check_netint.pl -H \$HOSTADDRESS\$ -C public -v" /etc/shinken/packs/linux-snmp/commands.cfg
sed -i "s|command_line \$PLUGINSDIR$/check_netint.pl|#command_line \$PLUGINSDIR$/check_netint.pl|" /etc/shinken/packs/linux-snmp/commands.cfg
sed '26s/^/ /' /etc/shinken/packs/linux-snmp/commands.cfg > /etc/shinken/packs/linux-snmp/commands.cfg.tmp
mv /etc/shinken/packs/linux-snmp/commands.cfg.tmp /etc/shinken/packs/linux-snmp/commands.cfg
## Ldap
Domaine_LDIF=dc=$(echo ${domain}|cut -d. -f1),dc=$(echo ${domain}|cut -d. -f2)
To_replace="\"\$_HOSTLDAPBASE$\""
sed -i "s|$To_replace|$Domaine_LDIF|" /etc/shinken/packs/ldap/commands.cfg
To_replace2=$(echo "\$_HOSTDOMAINUSER\\$")
sed -i "s|$To_replace2|${DomainUser}@${domain}|" /etc/shinken/packs/ldap/commands.cfg
To_replace3=$(echo "\$_HOSTDOMAINPASSWORD\\$")
sed -i "s|$To_replace3|$domain_pass|" /etc/shinken/packs/ldap/commands.cfg
sed -i "s|/var/lib/shinken/libexec/check_wmi_plus.d/W|\$W|" /etc/shinken/packs/ldap/commands.cfg
# windows
sed -i "s|inidir\=\\$PLUGINSDIR\$|inidir=/var/lib/shinken/libexec/check_wmi_plus.d/|" /etc/shinken/packs/windows/commands.cfg
sed -i "s|/PLUGINSDIR\$|/|" /etc/shinken/packs/windows/commands.cfg
sed -i "s|/PLUGINSDIR|/|" /etc/shinken/packs/windows/commands.cfg
sed -i "s|/\\$|/|" /etc/shinken/packs/windows/commands.cfg
sed -i "s|\"\$_HOSTDOMAINUSER\\$|\"$Netbios/$DomainUser|" /etc/shinken/packs/*/commands.cfg
sed -i "s|\"\$_HOSTDOMAINPASSWORD\\$|\"$domain_pass|" /etc/shinken/packs/*/commands.cfg
sed -i "s|/var/lib/shinken/libexec/check_wmi_plus.d/W|\$W|" /etc/shinken/packs/*/commands.cfg
## droits et répertoire manquant
# chown -R shinken:shinken /etc/shinken
# chown -R shinken:shinken /usr/share/nagios-snmp-plugins/
# chown -R shinken:shinken /usr/lib/nagios/
mkdir -p /etc/shinken/objects/discovery/
mkdir -p /var/log/rhosts/
mkdir -p /usr/local/shinken/var/rw
touch /usr/local/shinken/var/rw/live
chown shinken:shinken /usr/local/shinken/var/rw
touch /var/log/rhosts/remote-hosts.log
chown shinken:shinken /var/log/rhosts/remote-hosts.log
#sed - i "s|/usr/lib/nagios/plugins|/usr/lib/nagios/plugins,/usr/share/nagios-snmp-plugins|" /etc/shinken/resource.d/paths.cfg
chown -R shinken:shinken /etc/shinken/
# chmod u+s /usr/lib/nagios/plugins/*
# cd /usr/share/perl5
# ln -s /usr/lib/nagios/plugins/utils.pm
ln -s /usr/local/nagios/libexec /usr/lib/nagios/plugins
adduser www-data shinken
cp /usr/lib/nagios/plugins/check_snmp_process.pl /var/lib/shinken/libexec/check_snmp_process.pl
sed -i "s|/usr/local/nagios/libexec|/usr/lib/nagios/plugins/libexec|" /var/lib/shinken/libexec/check_snmp_process.pl
chown -R shinken:shinken /var/lib/shinken/libexec/
## plugins additionnels pour shinken
mkdir /var/lib/shinken/var
mv /var/lib/shinken/libexec/utils.pm /var/lib/shinken/libexec/utils.pm.old
#ln -s /usr/lib/nagios/plugins/utils.pm /var/lib/shinken/libexec/utils.pm
cd /tmp
wget --no-check-certificate https://github.com/Sysnove/shinken-plugins/archive/master.zip
unzip master
cp ./shinken-plugins-master/* /var/lib/shinken/libexec
ln -s /usr/local/nagios/libexec/ /var/lib/shinken/libexec/
chown -R shinken:shinken /var/lib/shinken/libexec
cp /root/monitoring-plugins-2.1.2/plugins-scripts/utils.pm /var/lib/shinken/libexec/utils.pm
## perl settings
cd /tmp
#perl -MCPAN -e 'upgrade'
# wget http://downloads.activestate.com/ActivePerl/releases/5.22.1.2201/ActivePerl-5.22.1.2201-x86_64-linux-glibc-2.15-299574.tar.gz
# wget http://downloads.activestate.com/ActivePerl/releases/5.8.9.829/ActivePerl-5.8.9.829-i686-linux.tar.gz
# tar xvzf ActivePerl-5.22.1.2201-x86_64-linux-glibc-2.15-299574.tar.gz
# bash ActivePerl-5.22.1.2201-x86_64-linux-glibc-2.15-299574/install.sh
perl -MCPAN -e"install DateTime"
perl -MCPAN -e"install Number::Format"
perl -MCPAN -e"install Config::IniFiles"
perl -MCPAN -e"install Number::Format"
# locale perl
locale-gen en_US.UTF-8
localedef -i en_US -f UTF-8 en_US.UTF-8
echo "LC_ALL=fr_FR.UTF-8" >> /etc/environment
## install pnp4nagios
cd /usr/local
wget http://downloads.sourceforge.net/project/pnp4nagios/PNP-0.6/pnp4nagios-0.6.24.tar.gz
tar -xzf pnp4nagios-0.6.24.tar.gz
cd pnp4nagios-0.6.24/
./configure --with-nagios-user=shinken --with-nagios-group=shinken
make all
make fullinstall
cp -a /etc/httpd/conf.d/pnp4nagios.conf /etc/apache2/sites-available/
a2ensite pnp4nagios
sed -i "s|/usr/local/nagios/etc/htpasswd.users|/etc/apache2/graphite.htpasswd|" /etc/httpd/conf.d/pnp4nagios.conf
sed -i "s|Nagios Access|Shinken|" /etc/httpd/conf.d/pnp4nagios.conf
sed -i "s|Nagios Access|Shinken|" /etc/apache2/sites-available/pnp4nagios.conf
sed -i "s|AllowOverride None|AllowOverride AuthConfig|" /etc/apache2/sites-available/pnp4nagios.conf
# sed -i "s|AuthType|# AuthType|" /etc/apache2/conf.d/pnp4nagios.conf
# sed -i "s|AuthUserFile |# AuthUserFile |" /etc/apache2/conf.d/pnp4nagios.conf
# sed -i "s|Require valid-user|# Require valid-user|" /etc/apache2/conf.d/pnp4nagios.conf
cp /usr/local/pnp4nagios/etc/nagios.cfg-sample /usr/local/pnp4nagios/etc/nagios.cfg
echo "accept_passive_service_checks=1" >> /usr/local/pnp4nagios/etc/nagios.cfg
rm /usr/local/pnp4nagios/share/install.php
sed -i "s|log_level = 0|log_level = 1|" /usr/local/pnp4nagios/etc/npcd.cfg
a2enmod rewrite
service apache2 restart
## graphite for shinken
cd /opt
pip install service-identity
pip install https://github.com/graphite-project/ceres/tarball/master
pip install whisper
pip install carbon
pip install graphite-web
pip install pytz
## conf graphite
cp /opt/graphite/webapp/graphite/local_settings.py.example /opt/graphite/webapp/graphite/local_settings.py
sed -i "24iTIME_ZONE = 'Europe/Paris'" /opt/graphite/webapp/graphite/local_settings.py
cp /opt/graphite/conf/carbon.conf.example /opt/graphite/conf/carbon.conf
cp /opt/graphite/conf/storage-schemas.conf.example /opt/graphite/conf/storage-schemas.conf
cp /opt/graphite/conf/graphite.wsgi.example /opt/graphite/conf/graphite.wsgi
sed -i "s|USER =|USER = carbon|" /opt/graphite/conf/carbon.conf
##Apache Setup for graphite
echo "<VirtualHost *:80>
# ServerName graphite
CustomLog /var/log/apache2/access.log combined
ErrorLog /var/log/apache2/error.log
WSGIScriptAlias / /opt/graphite/conf/graphite.wsgi
Alias /media/ \"/usr/lib/pymodules/python2.6/django/contrib/admin/media/\"
<Directory /opt/graphite/conf>
Order allow,deny
Allow from all
</Directory>
<Location />
AuthName \"Shinken\"
AuthType Basic
AuthUserFile /etc/apache2/graphite.htpasswd
<Limit GET>
require valid-user
</Limit>
</Location>
</VirtualHost>" > /etc/apache2/sites-available/carbon.conf
cd /opt/graphite/webapp/graphite
python manage.py syncdb
chown www-data:www-data /opt/graphite/storage/graphite.db
chown www-data /opt/graphite/storage/
chown -R www-data /opt/graphite/storage/log/
chown www-data /opt/graphite/storage/log/webapp
groupadd -g 999 carbon
useradd -c "carbon user" -g 999 -u 999 -s /bin/false carbon
chown -R carbon /opt/graphite/storage/whisper/
/opt/graphite/bin/carbon-cache.py start
chown -R carbon /opt/graphite/storage/log/carbon-cache/
/opt/graphite/bin/carbon-cache.py stop
/opt/graphite/bin/carbon-cache.py start
sed -i "288i/opt/graphite/bin/carbon-cache.py start ; /etc/init.d/npcd restart" /etc/init.d/shinken
sed -i "329i/opt/graphite/bin/carbon-cache.py stop" /etc/init.d/shinken
## autentification basique pour apache
htpasswd -cb /etc/apache2/graphite.htpasswd admin ${admin_pass2}
cp /etc/apache2/graphite.htpasswd /etc/shinken/htpasswd.users
chown shinken:shinken /etc/shinken/htpasswd.users
chown www-data:www-data /etc/apache2/graphite.htpasswd
a2ensite carbon.conf
a2dissite 000-default
/etc/init.d/apache2 reload
## install thruk
wget http://download.thruk.org/pkg/v2.06/debian8/amd64/thruk_2.06_debian8_amd64.deb
wget http://download.thruk.org/pkg/v2.06/debian8/amd64/thruk-plugin-reporting_2.06_debian8_amd64.deb
wget http://download.thruk.org/pkg/v2.06/debian8/amd64/thruk-base_2.06_debian8_amd64.deb
wget http://download.thruk.org/pkg/v2.06/debian8/amd64/libthruk_2.06-1_debian8_amd64.deb
dpkg -i thruk-base_2.06_debian8_amd64.deb
dpkg -i libthruk_2.06-1_debian8_amd64.deb
dpkg -i thruk-plugin-reporting_2.06_debian8_amd64.deb
dpkg -i thruk_2.06_debian8_amd64.deb
apt-get -f install -y
echo "enable_shinken_features = 1
<Component Thruk::Backend>
<peer>
name = External Shinken
type = livestatus
<options>
peer = /usr/local/shinken/var/rw/live
#peer = $(hostname -i):50000
</options>
# Uncomment the following lines if you want to configure shinken through Thruk
<configtool>
core_type = shinken
core_conf = /etc/shinken/shinken.cfg
obj_check_cmd = service shinken check
obj_reload_cmd = service shinken restart
</configtool>
</peer>
</Component>" >> /etc/thruk/thruk_local.conf
sed -i "s|thrukadmin|admin|" /etc/thruk/cgi.cfg
sed -i "s|#graph_word =|graph_word = /pnp4nagios/|" /etc/thruk/thruk.conf
sed -i "351igraph_word = /render/" /etc/thruk/thruk.conf
sed -i "s|#graph_replace|graph_replace|" /etc/thruk/thruk.conf
sed -i "s|= match|= all|" /etc/thruk/thruk.conf
sed -i "s|#default_dashboard = <nr>|default_dashboard = 1|" /etc/thruk/thruk.conf
sed -i "4iinclude /etc/apache2/conf-available/thruk_cookie_auth_vhost.conf" /etc/apache2/conf-available/thruk.conf
sed -i "s|Thruk Monitoring|Shinken|" /etc/apache2/conf-available/thruk.conf
sed -i "s|can_submit_commands = 0|can_submit_commands = 1|" /etc/thruk/thruk.conf
sed -i "s|/etc/thruk/htpasswd|/etc/apache2/graphite.htpasswd|" /etc/apache2/conf-available/thruk.conf
sed -i "s|AllowOverride All|AllowOverride AuthConfig|" /etc/apache2/conf-available/thruk.conf
chown -R www-data:www-data /var/lib/shinken/modules/livestatus/
chown -R www-data:www-data /etc/thruk/
chmod g+w /etc/thruk/cgi.cfg
ln -s /etc/thruk/plugins/plugins-available/* /etc/thruk/plugins/plugins-enabled/
/etc/init.d/thruk restart
/etc/init.d/npcd restart
/opt/graphite/bin/carbon-cache.py start
service apache2 reload
## Shinken Discovery
shinken-discovery -c /etc/shinken/discovery/discovery.cfg -o /etc/shinken/hosts/ -r nmap
/etc/init.d/shinken stop ; /etc/init.d/shinken start
## GLPI interfaçage à débuguer !!
cat > /tmp/glpi << EOF
CREATE USER shinken@localhost IDENTIFIED BY '$glpi';
GRANT select,update ON glpi.glpi_plugin_monitoring_services TO shinken IDENTIFIED BY '$glpi';
GRANT insert ON glpi.glpi_plugin_monitoring_serviceevents TO shinken;
GRANT select,update ON glpi.glpi_plugin_monitoring_servicescatalogs TO shinken;
FLUSH PRIVILEGES;
EOF
mysql -u root --password=$Root_pass < /tmp/glpi
rm -rf /tmp/glpi
echo "define module{
module_name glpidb
module_type glpi
uri http://$(hostname -i)/plugins/webservices/xmlrpc.php
login_name shinken
login_password $glpi
tag
}" >> /etc/shinken/arbiters/arbiter-master.cfg
echo "define arbiter {
modules glpidb
spare 0
address localhost
port 7770
arbiter_name Arbiter-Master
}" >> /etc/shinken/arbiters/arbiter-master.cfg
echo "define module{
module_name glpidb
module_type glpidb
database glpi
user shinken
password $glpi
host localhost
}" >> /etc/shinken/brokers/broker-master.cfg
## Fin install
whiptail --title "Installation terminée" --msgbox "Vous Pouvez vous connecter à l'interface web de shinken depuis l'adresse :
http://$(hostname).$(hostname -d):7767
ou depuis l'adresse :
http://$(hostname -i):7767
Pour vous connecter à l'interface WebUi de Shinken, l'utilisateur sera admin et le mot de passe celui que vous avez renseigné pendant le questionnaire au début de l'installation.
Cependant, il vous sera demandé un mot de passe par le serveur Graphite (moteur de graph) l'utilisateur est demo et son mot de passe : PassWd.
Nous vous recommandons vivement d'enregistrer ces données d'identifications.
Sur les postes clients linux :
installer l'agent snmp
Sur les postes clients windows :
activer le Fournisseur SNMP WMI dans les fonctionalités de windows
ou
installer nsclient++ (pas compris comment ça marche)
Pour interfacer shinken avec GLPI, il faut créer un utilisateur shinken dans glpi et lui attribuer le mot de passe défini pour l'admin de la base de donnée de GLPI. Il faut ensuite paramétrer le web service (plugin à activer) dans GLPI." --scrolltext 20 80
