This is a short guide for installing Icinga-Classic on Debian Wheezy using nginx web server.
Caution : This content is obsolete.
Configuration files are based on example config from Icinga Wiki (dead link - 404)
Installing
# apt-get install nginx fcgiwrap icinga-cgi icinga-common icinga-core icinga-doc
While configuring you should uncheck apache2 as a default server (there is no nginx there we will do configuring manually)
Configuring
Here is a sample nginx config file for icinga:
server {
listen 80;
server_name icinga.example.com
index index.php index.html index.htm;
error_log /var/log/nginx/icinga-classic_error.log;
location = / {
rewrite ^/$ /icinga/index.html permanent;
}
# Icinga Classic - Configuration
location /icinga {
alias /usr/share/icinga/htdocs;
index index.html;
auth_basic "Icinga Access";
auth_basic_user_file /etc/icinga/htpasswd.users;
}
location /icinga/stylesheets {
alias /etc/icinga/stylesheets;
auth_basic "Icinga Access";
auth_basic_user_file /etc/icinga/htpasswd.users;
}
location ~ /icinga/(.*)\.cgi$ {
root /usr/lib/cgi-bin/icinga;
rewrite ^/cgi-bin/icinga/(.*)\.cgi /$1.cgi break;
include /etc/nginx/fastcgi_params;
fastcgi_pass unix:/var/run/fcgiwrap.socket;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
auth_basic "Icinga Access";
auth_basic_user_file /etc/icinga/htpasswd.users;
fastcgi_param AUTH_USER $remote_user;
fastcgi_param REMOTE_USER $remote_user;
}
# Security - Basic configuration
location = /favicon.ico {
log_not_found off;
access_log off;
expires max;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# Deny access to hidden files
location ~ /\. {
deny all;
access_log off;
log_not_found off;
}
}Replace server_name with your hostname, and write this config into file /etc/nginx/sites-available/icinga-classic
Create a symlink to this file from sites-enabled to enable this site:
ln -s /etc/nginx/sites-available/icinga-classic /etc/nginx/sites-enabled/icinga-classic
Create a passwd file for your icinga user:
cd /etc/icinga/; touch htpasswd.users; htpasswd htpasswd.users [userlogin]
Replace [userlogin] with login you would prefer to use
Now you can test your instance in your browser. If you are lucky it will work
What next
Do your other configuring of icinga as you wish, it is web server independent, you can use any tutorial you like
Also think about move you icinga instance from http to https for more security. Use other tutorials to make nginx work properly with https.
Configuring icinga2-classicui
The configuration is quite close to the one above. Heres a sample configuration:
server {
listen 80;
server_name icinga.example.com
index index.php index.html index.htm;
error_log /var/log/nginx/icinga-classic_error.log;
location = / {
rewrite ^/$ /icinga/index.html permanent;
}
auth_basic "Icinga Access";
auth_basic_user_file /etc/icinga/htpasswd.users;
root /usr/share/icinga2/classicui;
location = / {
rewrite ^/$ /icinga2-classicui/index.html permanent;
}
location /icinga2-classicui/stylesheets {
alias /etc/icinga/stylesheets;
}
location /icinga2-classicui {
alias /usr/share/icinga2/classicui;
}
location ~ /cgi-bin/(.*)\.cgi$ {
root /usr/lib/cgi-bin/icinga2-classicui;
rewrite ^/cgi-bin/icinga2-classicui/(.*)\.cgi /$1.cgi break;
include /etc/nginx/fastcgi_params;
fastcgi_pass unix:/var/run/fcgiwrap.socket;
fastcgi_index index.php;
fastcgi_param ICINGA_CGI_CONFIG /etc/icinga2-classicui/cgi.cfg;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param AUTH_USER $remote_user;
fastcgi_param REMOTE_USER $remote_user;
}
# Security - Basic configuration
location = /favicon.ico {
log_not_found off;
access_log off;
expires max;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# Deny access to hidden files
location ~ /\. {
deny all;
access_log off;
log_not_found off;
}
}