#Edit the host file and make sure the hostname reflects what your building:
#Replace {xxx.xxx.xxx.xxx} With your servers IP
[...]
127.0.0.1 localhost
{xxx.xxx.xxx.xxx} server.domain.tld server
[...]
#Check your server hostname, if all is well you should see "server.domain.tld" if you run "hostname -f". #So lets check that.
hostname -f echo $(hostname -f) > /etc/hostname echo $(hostname -f) > /etc/hostname /etc/init.d/hostname.sh start hostname hostname -f
#Install SSH server so we can connect remotely:
apt-get install openssh-server
#Add the damn user at the start!:
useradd zabbix usermod -G adm zabbix
#Lets do a full system update:
aptitude update aptitude full-upgrade
#My Favourites for Build Essentials and troubleshooting
aptitude install rkhunter binutils sudo gamin build-essential autoconf automake1.9 libtool flex bison debhelper sysstat iotop sysfsutils iptraf strace
#Install Mysql + postfix:
aptitude install postfix postfix-doc mysql-client mysql-server openssl rkhunter binutils sudo gamin
#Install Apache and modules(If you want to install less, you may--I just needed these for extra things):
aptitude install apache2 apache2.2-common apache2-doc apache2-mpm-prefork apache2-utils libexpat1 ssl-cert libapache2-mod-php5 php5 php5-common php5-gd php5-mysql php5-imap phpmyadmin php5-cli php5-cgi libapache2-mod-fcgid apache2-suexec php-pear php-auth php5-mcrypt mcrypt php5-imagick imagemagick libapache2-mod-suphp libruby libapache2-mod-ruby php5-curl libcurl4-openssl-dev
#Enable apache modules:
a2enmod suexec ssl actions include a2enmod dav_fs dav auth_digest
#Restart Apache:
/etc/init.d/apache2 restart
#Install our dependencies for zabbix:
aptitude fping libsnmp-base libsnmp-dev libsnmp-perl libsnmp-python libsnmp15 libsnmp15-dbg snmp snmp-mibs-downloader snmpd snmptrapfmt openipmi libopenipmi-dev libopenipmi0
#We are gonna need Java for JXE:
aptitude install sun-java6-jre sun-java6-plugin sun-java6-jdk
#Install Jabber Library for IM notification:
aptitude install libiksemel-dev libiksemel-utils libiksemel3 mkdir -p /downloads/iksemel cd /downloads/iksemel wget http://iksemel.googlecode.com/files/iksemel-1.4.tar.gz tar zxvf iksemel-1.4.tar.gz cd iksemel-1.4/ ./configure --prefix=/usr
#Add the iptable rules:
iptables -I INPUT 1 -p tcp -s xxx.xxx.xxx.xxx --dport 10050 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -I INPUT 1 -p tcp -s xxx.xxx.xxx.xxx --dport 10051 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -I INPUT 1 -p udp -s xxx.xxx.xxx.xxx --dport 10050 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -I INPUT 1 -p udp -s xxx.xxx.xxx.xxx --dport 10051 -m state --state NEW,ESTABLISHED -j ACCEPT
#Register our services in the system service file:
cat <<EOF >> /etc/services ### Zabbix Services ### zabbix-agent 10050/tcp #Zabbix Agent zabbix-agent 10050/udp #Zabbix Agent zabbix-trapper 10051/tcp #Zabbix Trapper zabbix-trapper 10051/udp #Zabbix Trapper EOF
#Create downloads directory for temporary files:
mkdir -p /downloads/zabbix cd /downloads/zabbix wget http://sourceforge.net/projects/zabbix/files/ZABBIX%20Latest%20Stable/2.0.6/zabbix-2.0.6.tar.gz tar zxvf zabbix-2.0.6.tar.gz cd zabbix-2.0.6 ./configure --enable-java --enable-dependency-tracking --enable-server --enable-agent --enable-ipv6 --with-mysql --with-jabber=/usr --with-libcurl --with-net-snmp --with-ssh2 --with-openipmi cp -Rvf /downloads/zabbix/zabbix-2.0.6/misc/init.d/debian/zabbix-* /etc/init.d/ chmod -Rvf 755 /etc/init.d/zabbix-*
#Edit the Zabbix Server Configuration and change the following lines:
nano /usr/local/etc/zabbix_server.conf [...] [...]
#Add the startup scripts for the server
update-rc.d zabbix-server defaults update-rc.d zabbix-agent defaults zabbix_server zabbix_agentd
#Create MySQL database:
mysql -p -e"create database zabbixdb01;"
mysql -p -e"grant all privileges on zabbixdb01.* to {USERNAME}@localhost identified by '{PASSWORD}';"
#Now we import our database in the order below!:
cd /downloads/zabbix/zabbix-2.0.6/database/mysql mysqldump -u root -p -d zabbixdb01 < schema.sql mysqldump -u root -p -d zabbixdb01 < images.sql mysqldump -u root -p -d zabbixdb01 < data.sql
#Setup an SSL for our Server!
mkdir -p /home/zabbix/ssl/ cd /home/zabbix/ssl/ openssl genrsa -des3 -out monserver.key 4096 openssl req -new -key monserver.key -out monserver.csr -ssl.cnf openssl x509 -req -days 3650 -in monserver.csr \ -signkey monserver.key -out monserver.crt openssl rsa -in monserver.key -out monserver.key.insecure mv monserver.key monserver.key.secure mv monserver.key.insecure monserver.key
#Now we add the Vhost:
nano /etc/apache2/sites-enabled/zabbix [...] <VirtualHost *:443> ServerName your.server.tld ServerAlias your.server.tld DocumentRoot /home/zabbix/webui/ <Directory /home/zabbix/webui> AllowOverride FileInfo AuthConfig Limit Indexes Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec <Limit GET POST OPTIONS PROPFIND> Order allow,deny Allow from all </Limit> <LimitExcept GET POST OPTIONS PROPFIND> Order deny,allow Deny from all </LimitExcept> </Directory> SSLEngine On SSLCertificateFile /home/zabbix/ssl/monserver.crt SSLCertificateKeyFile /home/zabbix/ssl/monserver.key </VirtualHost> [...]
#Next up we create the directory for our server documents:
mkdir -p /home/zabbix/webui/ cp -Rvf /downloads/zabbix/zabbix-2.0.6/frontends/* /home/zabbix/webui/ chown -Rvf zabbix:zabbix /home/zabbix/
#Once this is complete you need to edit the zabbix configuration files.
nano /usr/local/etc/zabbix_server.conf
#Set the agent server check to local host.
nano /usr/local/etc/zabbix_agent.conf [...] 127.0.0.1 [...]
#Extra measure is to set the agentd to local host as well.
nano /usr/local/etc/zabbix_agentd.conf [...] 127.0.0.1 [...]
#Copy the startup script to the server location:
cp /downloads/zabbix/zabbix-2.0.6/misc/init.d/debian/zabbix-* /etc/init.d/
#Add the execute permissions:
chmod +x /etc/init.d/zabbix-*
#Then add it to our startup for the server:
update-rc.d zabbix-server defaults update-rc.d zabbix-agent defaults
#If you find that the startup script is not working for you, feel free to add the agent and server daemon to your rc.local, it can be done so:
[...] zabbix_server zabbix_agentd exit 0 [...]
#Last step is to open a browser and navigate to your server:
http://your.server.tld/setup.php
#Follow the steps provided by the setup wizard. its pretty simple but if you need help, drop me a comment and I will add another section :)
######
######
######
######
######
That about covers the installation for Zabbix server on Debian :)
No comments:
Post a Comment