Inhaltsverzeichnis
/etc/apache2/conf.d/thruk.conf
<IfModule mod_fcgid.c> AddHandler fcgid-script .sh IPCCommTimeout 120 SSLEngine on SSLProtocol all -SSLv2 -SSLv3 SSLCipherSuite ALL:!aNULL:!eNULL:!SSLv2:!LOW:!EXP:!MD5:@STRENGTH SSLCertificateFile /etc/apache2/ssl.crt/mon-srv-01.mg-it.net.crt SSLCertificateKeyFile /etc/apache2/ssl.key/mon-srv-01.mg-it.net.key <Files ~ "\.(cgi|shtml|phtml|php3?)$"> SSLOptions +StdEnvVars </Files> <Directory /usr/share/thruk> SSLOptions +StdEnvVars Options FollowSymLinks AllowOverride All order allow,deny allow from all </Directory> <Directory /etc/thruk/themes> SSLOptions +StdEnvVars Options FollowSymLinks allow from all </Directory> <Directory /etc/thruk/plugins> SSLOptions +StdEnvVars Options FollowSymLinks allow from all </Directory> # redirect to a startup page when there is no pidfile yet RewriteEngine On RewriteCond %{REQUEST_METHOD} GET RewriteCond %{REQUEST_URI} !^/thruk/startup.html RewriteCond %{REQUEST_URI} !^/thruk/side.html RewriteCond %{REQUEST_URI} !^/thruk/.*\.(css|png|js) RewriteCond %{REQUEST_URI} ^/thruk RewriteCond /var/cache/thruk/thruk.pid !-f RewriteRule ^(.*)$ /thruk/startup.html?$1 [R=302,L,NE,QSA] Alias /thruk/documentation.html /usr/share/thruk/root/thruk/documentation.html Alias /thruk/startup.html /usr/share/thruk/root/thruk/startup.html AliasMatch ^/thruk/(.*\.cgi|.*\.html) /usr/share/thruk/fcgid_env.sh/thruk/$1 AliasMatch ^/thruk/plugins/(.*?)/(.*)$ /etc/thruk/plugins/plugins-enabled/$1/root/$2 Alias /thruk/themes/ /etc/thruk/themes/themes-enabled/ Alias /thruk /usr/share/thruk/root/thruk <Location /thruk> Options ExecCGI AuthName "Thruk Monitoring" AuthType Basic AuthBasicProvider file ldap AuthUserFile /etc/thruk/htpasswd AuthLDAPURL ldap://172.16.42.11/ou=mg-it,o=chefetage AuthzLDAPAuthoritative off Require valid-user LoadModule authn_alias_module /usr/lib64/apache2-prefork/mod_authn_alias.so LoadModule ldap_module /usr/lib64/apache2-prefork/mod_ldap.so LoadModule authnz_ldap_module /usr/lib64/apache2-prefork/mod_authnz_ldap.so </Location> <Location /thruk/cgi-bin/remote.cgi> Order Deny,Allow Allow from all Satisfy any </Location> </IfModule>
/etc/apache2/conf.d/pnp4nagios.conf
Alias /pnp4nagios "/usr/local/pnp4nagios/share" <Directory "/usr/local/pnp4nagios/share"> SSLOptions +StdEnvVars AllowOverride None Order allow,deny Allow from all # # Use the same value as defined in nagios.conf # AuthName "Thruk Monitoring" AuthType Basic AuthBasicProvider file ldap AuthUserFile /etc/thruk/htpasswd AuthLDAPURL ldap://172.16.42.11/ou=mg-it,o=chefetage AuthzLDAPAuthoritative off Require valid-user <IfModule mod_rewrite.c> # Turn on URL rewriting RewriteEngine On Options symLinksIfOwnerMatch # Installation directory RewriteBase /pnp4nagios/ # Protect application and system files from being viewed RewriteRule "^(?:application|modules|system)/" - [F] # Allow any files or directories that exist to be displayed directly RewriteCond "%{REQUEST_FILENAME}" !-f RewriteCond "%{REQUEST_FILENAME}" !-d # Rewrite all other URLs to index.php/URL RewriteRule "^.*$" "index.php/$0" [PT] </IfModule> </Directory>
/etc/apache2/conf.d/nagvis.conf
Alias /nagvis "/usr/local/nagvis/share" <Directory "/usr/local/"> Options FollowSymLinks </Directory> <Directory "/usr/local/nagvis/share"> Options FollowSymLinks AllowOverride None Order allow,deny Allow from all AuthName "NagVis Access" AuthType Basic AuthBasicProvider file ldap AuthUserFile /etc/thruk/htpasswd AuthLDAPURL ldap://172.16.42.11/ou=mg-it,o=chefetage AuthzLDAPAuthoritative off Require valid-user # With installed and enabled mod_rewrite there are several redirections # available to fix deprecated and/or wrong urls. None of those rules is # mandatory to get NagVis working. <IfModule mod_rewrite.c> RewriteEngine On RewriteBase /nagvis # Use mod_rewrite for old url redirection even if there are php files which # redirect the queries itselfs. In some cases the mod_rewrite redirect # is better than the php redirect. # # Using the php redirect seems to be better in some cases where https/http servers # are mixed. For example in OMD setups where using apache own mode and https in the # frontend and http in the backend apache servers. # # Disabling this redirect by default in the hope that the php direct works better. #RewriteCond %{REQUEST_URI} ^/nagvis(/config\.php|/index\.php|/|)(\?.*|)$ #RewriteRule ^(.*)$ /nagvis/frontend/nagvis-js/%1%2 [R=301,L] # Redirect old regular map links RewriteCond %{REQUEST_URI} ^/nagvis/frontend/(wui|nagvis-js) RewriteCond %{QUERY_STRING} map=(.*) RewriteRule ^(.*)$ /nagvis/frontend/nagvis-js/index.php?mod=Map&act=view&show=%1 [R=301,L] # Without map= param RewriteCond %{REQUEST_URI} ^/nagvis/frontend(/wui)?/?(index.php)?$ RewriteRule ^(.*)$ /nagvis/frontend/nagvis-js/index.php [R=301,L] # Redirect old rotation calls RewriteCond %{REQUEST_URI} ^/nagvis/frontend/nagvis-js RewriteCond %{QUERY_STRING} !mod RewriteCond %{QUERY_STRING} rotation=(.*) RewriteRule ^(.*)$ /nagvis/frontend/nagvis-js/index.php?mod=Rotation&act=view&show=%1 [R=301,L] </IfModule> </Directory>
/etc/apache2/conf.d/mod_fcgid.conf
################################################################################ ## ## Sample config for apache2_mod-fcgid ## ## All lines, that are commented out, reflect the default values. ## <IfModule fcgid_module> ## ## An idle fastcgi application will be terminated after IdleTimeout seconds. ## #IdleTimeout 300 ## ## The scan interval for idle fastcgi applications in seconds. ## #IdleScanInterval 120 ## ## a fastcgi application will be terminated if handing a single request longer ## than busy timeout. Value in seconds. ## #BusyTimeout 300 ## ## The scan interval for busy timeout fastcgi applications. Value in seconds. ## #BusyScanInterval 120 ## ## The scan interval for exit pending fastcgi applications. fastcgi applications ## will be terminated within this scanning. Value in seconds. ## #ErrorScanInterval 3 ## ## The scan interval for zombie process. Value in seconds. ## #ZombieScanInterval 3 ## ## ## A fastcgi application will be terminated if lifetime expired, even no error ## is detected. Value in seconds. ## #ProcessLifeTime 3600 ## ## The directory to put the UNIX domain socket. (UNIX only) ## SocketPath /var/lib/apache2/fcgid/ ## ## The share memory file path. ## SharememPath /var/lib/apache2/fcgid/shm ## ## The spawn-speed control score up water limit. Score increases while a process ## is spawned or terminated, and decreases as time progresses; while the score is ## higher than SpawnScoreUpLimit, the spawning will be held for a while. The ## higher this number is, the higher speed of the spawning can be. ## #SpawnScoreUpLimit n (10) ## ## The weight of spawning. This weight will be plused to the spawn-control ## score on every spawn. The higher this number is, the lower speed of spawning ## can be. ## #SpawnScore n (1) ## ## The weight of termination. This weight will be plused to the score while ## fastcgi process terminates. The higher this number is, the lower speed of ## spawning can be. ## #TerminationScore n (2) ## ## The max count of total fastcgi process count. ## #MaxProcessCount n (1000) ## ## The maximum number of fastcgi application instances allowed to run for any ## one fastcgi application. ## #DefaultMaxClassProcessCount n (100) ## ## The default environment variables before a fastcgi application is spawned. ## You can set this configuration more than once. ## #DefaultInitEnv env_name env_value ## ## The connect timeout to a fastcgi application. Value in seconds. ## ## Default value: 2 ## IPCConnectTimeout 10 ## ## The communication timeout to a fastcgi application. Please increase this ## value if your CGI have a slow initialization or slow respond. Value in ## seconds. ## ## Default value: 5 ## IPCCommTimeout 40 ## ## CGI output cache buffer size. Value in kilobytes. ## #OutputBufferSize 64 ## ## Associate .fcgi files with mod_fcgid ## #AddHandler fcgid-script .fcgi ## ## PHP via FastCGI ## ## uncomment the following line if you want to handle php via mod_fcgid ## #<FilesMatch "\.php$"> # AddHandler fcgid-script .php # FCGIWrapper /srv/www/cgi-bin/php5 .php # Options +ExecCGI #</FilesMatch> ## </IfModule> # End of <IfModule fcgid_module> ## ################################################################################