fichiers de config Nagios

sio2/CYBER/Nagios/nagios4.conf

@@ -0,0 +1,50 @@
+# apache configuration for nagios 4.x
+
+ScriptAlias /cgi-bin/nagios4 /usr/lib/cgi-bin/nagios4
+ScriptAlias /nagios4/cgi-bin /usr/lib/cgi-bin/nagios4
+
+# Where the stylesheets (config files) reside
+Alias /nagios4/stylesheets /etc/nagios4/stylesheets
+
+# Where the HTML pages live
+Alias /nagios4 /usr/share/nagios4/htdocs
+
+<DirectoryMatch (/usr/share/nagios4/htdocs|/usr/lib/cgi-bin/nagios4|/etc/nagios4/stylesheets)>
+    Options FollowSymLinks
+    DirectoryIndex index.php index.html
+    AllowOverride AuthConfig
+    #
+    # The default Debian nagios4 install sets use_authentication=0 in
+    # /etc/nagios4/cgi.cfg, which turns off nagos's internal authentication.
+    # This is insecure.  As a compromise this default apache2 configuration
+    # only allows private IP addresses access.
+    #
+    # The <Files>...</Files> below shows how you can secure the nagios4
+    # web site so anybody can view it, but only authenticated users can issue
+    # commands (such as silence notifications).  To do that replace the
+    # "Require all granted" with "Require valid-user", and use htdigest
+    # program from the apache2-utils package to add users to
+    # /etc/nagios4/htdigest.users.
+    #
+    # A step up is to insist all users validate themselves by moving
+    # the stanza's in the <Files>..<Files> into the <DirectoryMatch>.
+    # Then by setting use_authentication=1 in /etc/nagios4/cgi.cfg you
+    # can configure which people get to see a particular service from
+    # within the nagios configuration.
+    # 
+    Require ip	::1/128 fc00::/7 fe80::/10 10.0.0.0/8 127.0.0.0/8 169.254.0.0/16 172.16.0.0/12 192.168.0.0/16
+    <Files "cmd.cgi">
+	AuthDigestDomain "Nagios4"
+	AuthDigestProvider file
+	AuthUserFile	"/etc/nagios4/htdigest.users"
+	AuthGroupFile	"/etc/group"
+	AuthName	"Nagios4"
+	AuthType	Digest
+	Require all	granted
+	#Require	valid-user
+    </Files>
+</DirectoryMatch>
+
+<Directory /usr/share/nagios4/htdocs>
+    Options	+ExecCGI	
+</Directory>

sio2/CYBER/Nagios/srv.cfg

@@ -0,0 +1,30 @@
+define host {
+    use linux-server            ; Name of host template to use
+    host_name               srv
+    alias                   srv
+    address                 172.20.10.11
+}
+  define service{
+        use                             generic-service
+        host_name                       srv
+        service_description             WWW
+        check_command                   check_http
+}
+  define service{
+        use                             generic-service
+        host_name                       srv
+        service_description            SSH
+        check_command                   check_ssh
+}
+
+
+
+
+
+
+
+
+
+
+
+

sio2/VAGRANT/Vagrantfile

@@ -1,14 +1,32 @@
 # -*- mode: ruby -*-
 # vi: set ft=ruby :
+
 Vagrant.configure("2") do |config|
-  config.vm.provision "shell", inline: "apt-get update -y" # execute pour chacune des machines
- 
-  config.vm.define "IDS" do |ids|#VM No'1
-    ids.vm.box = "debian/bookworm64" #Setting machine type
-    ids.vm.hostname = "IDS" #Setting machine type
-    ids.vm.network "public_network"#Set DHCP
-    ids.vm.provision "shell", inline: <<-SHELL
-     apt-get install -y wget curl vim unzip chkrootkit rkhunter fail2ban
+  # The most common configuration options are documented and commented below.
+  # For a complete reference, please see the online documentation at
+  # https://docs.vagrantup.com.
+
+  # Every Vagrant development environment requires a box. You can search for
+  # boxes at https://vagrantcloud.com/search.
+  config.vm.box = "debian/bookworm64"
+  config.vm.hostname = "nagios4"
+
+  # Disable automatic box update checking. If you disable this, then
+  # boxes will only be checked for updates when the user runs
+  # `vagrant box outdated`. This is not recommended.
+  # config.vm.box_check_update = false
+
+  # Create a public network, which generally matched to bridged network.
+  # Bridged networks make the machine appear as another physical device on
+  # your network.
+  config.vm.network "public_network"
+
+   config.vm.provision "shell", inline: <<-SHELL
+      apt-get update
+      apt-get install -y vim curl wget apache2 php nagios4 nagios-plugins-contrib
+      cp /etc/nagios4/apache2.conf /etc/apache2/sites-available/nagios4.conf
+      a2ensite nagios4.conf
+      a2enmod rewrite cgi
+      systemctl reload apache2
    SHELL
-  end
-end
+end

sio2/VAGRANT/Vagrantfile2

@@ -0,0 +1,14 @@
+# -*- mode: ruby -*-
+# vi: set ft=ruby :
+Vagrant.configure("2") do |config|
+  config.vm.provision "shell", inline: "apt-get update -y" # execute pour chacune des machines
+ 
+  config.vm.define "IDS" do |ids|#VM No'1
+    ids.vm.box = "debian/bookworm64" #Setting machine type
+    ids.vm.hostname = "IDS" #Setting machine type
+    ids.vm.network "public_network"#Set DHCP
+    ids.vm.provision "shell", inline: <<-SHELL
+     apt-get install -y wget curl vim unzip chkrootkit rkhunter fail2ban
+   SHELL
+  end
+end