Skip to content
Permalink
Browse files

Updates for 1.6, Add NagiosTV

  • Loading branch information
NEMS Linux
NEMS Linux committed Dec 12, 2019
1 parent 244266e commit 63aa9e872d6b37ef7a36ed4014abc79cc23f5e46
Showing with 424 additions and 0 deletions.
  1. +23 −0 data/1.6/nagiostv.conf
  2. +160 −0 data/1.6/nconf/authentication.php
  3. +100 −0 data/1.6/nconf/deployment.ini
  4. +14 −0 data/1.6/nconf/mysql.php
  5. +127 −0 data/1.6/nconf/nconf.php
@@ -0,0 +1,23 @@
# NagiosTV
# This is the apache2 conf file for /etc/apache2/conf-available/
#
# #############################################################################

Alias /nagiostv "/var/www/nagiostv"

<Directory "/var/www/nagiostv">
Options FollowSymLinks
AllowOverride All

<IfModule mod_authz_core.c>
# Apache >= 2.4
Require all granted
</IfModule>
<IfModule !mod_authz_core.c>
# Apache < 2.4
Order allow,deny
Allow from all
</IfModule>

</Directory>

@@ -0,0 +1,160 @@
<?php
##
## Authentication
##

#
# Enable or disable user authentication.
# If disabled, no login is prompted to access the GUI and all features will be available (admin privs).
#
define('AUTH_ENABLED', '0');

#
# How to authenticate, if authentication is enabled.
# possible values: [file|sql|ldap|ad_ldap]
#
define('AUTH_TYPE', "file");

#
# Select the login authentication method
# possible values: [login|basic]
# 'login' = authenticate using the ordinary NConf login form
# 'basic' = authenticate using HTTP Basic Authentication (pop-up window for username/password)
#
define('AUTH_METHOD', 'login');

# The HTTP Basic Auth Realm to display when using auth method "basic"
define('BASICAUTH_REALM', "NConf Basic Auth");

#
# Defines the user name in the history table and in the welcome message.
#If set to "0", the username will be used. If set to "1", the real name will be fetched, depending on which AUTH_TYPE you selected.
#
define('AUTH_FEEDBACK_AS_WELCOME_NAME', '1');

# Groups
define('GROUP_USER', "user");
define('GROUP_ADMIN', "admin");
define('GROUP_NOBODY', "0");

###
### Auth by "ldap"
###

### LDAP (the tree design must be pam_ldap and nss_ldap compliant)
define('LDAP_SERVER', "ldaps://ldaphost.mydomain.com");
# The port to connect to. Not used when using URLs. Defaults to 389. (by PHP)
define('LDAP_PORT', "389");

define('BASE_DN', "uid=<username>,ou=People,dc=mydomain,dc=com");
define('USER_REPLACEMENT', "<username>");
define('GROUP_DN', "ou=Group,dc=mydomain,dc=com");
define('ADMIN_GROUP', "cn=nagiosadmin");
define('USER_GROUP', "cn=sysadmin");

###
### Auth by "ad_ldap"
###

### Active Directory
define('AD_LDAP_SERVER', "ldap://ad-ldaphost.mydomain.com");
define('AD_LDAP_PORT', "389");
define('AD_BASE_DN', "CN=<username>,OU=All,OU=Users,DC=my,DC=domain,DC=com");
define('AD_USER_REPLACEMENT', "<username>");
define('AD_GROUP_ATTRIBUTE', "memberof");
define('AD_USERNAME_ATTRIBUTE', "displayname");

# if AD_GROUP_DN ist the same for admin and user group:
define('AD_GROUP_DN', "OU=Group,DC=my,DC=domain,DC=com");
define('AD_ADMIN_GROUP', "CN=nagiosadmin");
define('AD_USER_GROUP', "CN=sysadmin");
# if AD_GROUP_DN differs for admins and users:
# you can define FIX GROUPS: (needs empty GROUP_DN)
//define('AD_GROUP_DN', "");
//define('AD_ADMIN_GROUP', "CN=nagiosadmin,OU=Group,DC=my,DC=domain,DC=com");
//define('AD_USER_GROUP', "CN=sysadmin,OU=Group,DC=my,DC=domain,DC=com");

###
### Auth by "sql"
###

# Use external database (can be any mysql DB)
# if you want to use the NConf DB, leave it commented
//define('AUTH_DBHOST', "localhost");
//define('AUTH_DBNAME', "NConf");
//define('AUTH_DBUSER', "nconf");
//define('AUTH_DBPASS', "link2db");

# Custom SQL query to run in the user database.
# The query should return exactly one (1) record if:
# - the username exists
# - the password is correct
# - any additional attrs are set (optional for permission check etc.)

# INFO:
# The following queries are examples. They allow user authentication to be managed
# within the NConf DB itself. To enable this, you must configure additional attributes in
# the "contact" class (refer to the documentation for more details).
# Feel free to define your own queries, if you want to access any other existing user database.

#
# if query matches, user will get limited access, for "normal users"
# !!!USERNAME!!! and !!!PASSWORD!!! will be replaced with the username and password from login page
#
define('AUTH_SQLQUERY_USER', '
SELECT attr_value AS username, id_item AS user_id
FROM ConfigAttrs,ConfigValues,ConfigItems
WHERE id_attr=fk_id_attr
AND id_item=fk_id_item
AND attr_name="alias"
HAVING id_item =(SELECT id_item FROM ConfigAttrs,ConfigValues,ConfigItems
WHERE id_attr=fk_id_attr
AND id_item=fk_id_item
AND id_item=user_id
AND attr_name="contact_name"
AND attr_value="!!!USERNAME!!!")
AND id_item =(SELECT id_item FROM ConfigAttrs,ConfigValues,ConfigItems
WHERE id_attr=fk_id_attr
AND id_item=fk_id_item
AND id_item=user_id
AND attr_name="user_password"
AND attr_value="!!!PASSWORD!!!")
AND id_item =(SELECT id_item FROM ConfigAttrs,ConfigValues,ConfigItems
WHERE id_attr=fk_id_attr
AND id_item=fk_id_item
AND id_item=user_id
AND attr_name="nc_permission"
AND attr_value="'.GROUP_USER.'");
');

#
# ::OPTIONAL:: Define ADMIN access here :
# if query matches, user will get FULL ADMIN access, for Administrators
#
define('AUTH_SQLQUERY_ADMIN', '
SELECT attr_value AS username, id_item AS user_id
FROM ConfigAttrs,ConfigValues,ConfigItems
WHERE id_attr=fk_id_attr
AND id_item=fk_id_item
AND attr_name="alias"
HAVING id_item =(SELECT id_item FROM ConfigAttrs,ConfigValues,ConfigItems
WHERE id_attr=fk_id_attr
AND id_item=fk_id_item
AND id_item=user_id
AND attr_name="contact_name"
AND attr_value="!!!USERNAME!!!")
AND id_item =(SELECT id_item FROM ConfigAttrs,ConfigValues,ConfigItems
WHERE id_attr=fk_id_attr
AND id_item=fk_id_item
AND id_item=user_id
AND attr_name="user_password"
AND attr_value="!!!PASSWORD!!!")
AND id_item =(SELECT id_item FROM ConfigAttrs,ConfigValues,ConfigItems
WHERE id_attr=fk_id_attr
AND id_item=fk_id_item
AND id_item=user_id
AND attr_name="nc_permission"
AND attr_value="'.GROUP_ADMIN.'");
');

?>
@@ -0,0 +1,100 @@
;; NConf deployment configuration
;; FOR NEMS 1.4(+)

;; LOCAL deployment ;;

[extract config]
type = local
source_file = "/var/www/nconf/output/NagiosConfig.tgz"
target_file = "/tmp/"
action = extract

[copy collector config]
type = local
source_file = "/tmp/Default_collector/"
target_file = "/etc/nems/conf/Default_collector/"
action = copy

[copy global config]
type = local
source_file = "/tmp/global/"
target_file = "/etc/nems/conf/global/"
action = copy

; ** Reload Nagios
; NEMS 1.0-1.3
; reload_command = "sudo /etc/init.d/nagios3 reload"
; NEMS 1.4+
reload_command = "sudo /bin/systemctl restart nagios"

;[copy nagios.cfg]
;type = local
;source_file = "/tmp/static_cfg/nagios.cfg"
;target_file = "/etc/nagios/nagios.cfg"
;action = copy
;reload_command = "sudo /etc/rc.d/init.d/nagios reload"



;; SCP deployment ;;

;[extract config locally]
;type = local
;source_file = "/var/www/nconf/output/NagiosConfig.tgz"
;target_file = "/tmp/"
;action = extract

;[scp upload collector config]
;type = scp
;host = "remote-host.mydomain.com"
;source_file = "/tmp/Default_collector/"
;target_file = "/etc/nagios/Default_collector/"
;user = "remote_user"
;identity_file = "id_dsa"
;ssh_options = " -o 'StrictHostKeyChecking no' -o 'ConnectTimeout 15'"

;[scp upload global config]
;type = scp
;host = "remote-host.mydomain.com"
;source_file = "/tmp/global/"
;target_file = "/etc/nagios/global/"
;user = "remote_user"
;identity_file = "id_dsa"
;ssh_options = " -o 'StrictHostKeyChecking no' -o 'ConnectTimeout 15'"
;reload_command = "sudo /etc/rc.d/init.d/nagios reload"



;; HTTP(S) deployment ;;

;[https upload and extraction on remote host]
;type = http
;source_file = "/var/www/nconf/output/NagiosConfig.tgz"
;host = "https://webserver.mydomain.com/incoming_config.php"
;user = "deployUser"
;password = "deployPass"
;remote_action = "extract"
;remote_execute = TRUE

;[http upload to remote host]
;type = http
;source_file = "/var/www/nconf/output/NagiosConfig.tgz"
;host = "http://webserver.mydomain.com/incoming_config.php"
;user = ""
;password = ""
;remote_action = "copy"



;; RSYNC deployment ;;

;[rsync]
;type = rsync
;host = "remote-host.mydomain.com"
;source_file = "/tmp/Default_collector /tmp/global /tmp/static_cfg/file.cfg"
;target_file = "/etc/nagios/"
;user = "remote_user"
;rsync_options = " -caz -e 'ssh -i include/modules/deployment/rsync/id_dsa -o StrictHostKeyChecking=no -o ConnectTimeout=15'"
;identity_file = "id_dsa"
;ssh_options = " -o 'StrictHostKeyChecking no' -o 'ConnectTimeout 15'"
;reload_command = "sudo /etc/rc.d/init.d/nagios reload"
@@ -0,0 +1,14 @@
<?php
##
## MySQL config
##

#
# Main MySQL connection parameters
#
define('DBHOST', 'localhost');
define('DBNAME', 'nconf');
define('DBUSER', 'nconf');
define('DBPASS', 'nagiosadmin');

?>

0 comments on commit 63aa9e8

Please sign in to comment.
You can’t perform that action at this time.