Tag Archives: FreeBSD

Nagios (Part 1) – Installing Nagios 4 on FreeBSD 10.1

Posted on by .
Leave a reply

Nagios is one of the popular network and systems monitoring tool available. There are two main flavours of Nagios, Nagios XI the enterprise software and Nagios-Core the “Open-Source” version. This post serves as a tutorial on setting it up on FreeBSD 10.1-Release that runs inside a vSphere environment.

Update FreeBSD base system

freebsd-update fetch
freebsd-update install

Get FreeBSD Ports Tree

portsnap fetch extract update

One of the strength of FreeBSD is the FreeBSD ports tree which is a huge repository of make files for installation in FreeBSD. FreeBSD ports tree are maintained by the FreeBSD ports team and they are well maintained and very much up to date. Software can be compiled from source with the use of additional flags made possible by the make system in FreeBSD. If compiling is not your cup of tea, FreeBSD 10 also has the pkg system where binary packages are download from a repository tree much like yum in RHEL/Centos and apt-get in Debian/Ubuntu.

Setting Up OpenSSL

With a handful of SSL related vulnerabilities made public this year, it is advisable to use the Ports version of OpenSSL as it is much more current as compared with the one that came with the base OS. Many applications have a dependency on OpenSSL for SSL connections, so it is advisable to install this first in a new system.

cd /usr/ports/security/openssl
make config-recursive
make install clean

In order to use the ports version of openssl we need to edit /etc/make.conf,

echo "WITH_OPENSSL_PORT=YES" >> /etc/make.conf

Configuring OpenSSL

mv /usr/bin/openssl /usr/bin/openssl.default
ln -s /usr/local/bin/openssl /usr/bin/
cp /usr/local/openssl/openssl.cnf.example /usr/local/openssl/openssl.cnf

Setting Up PortMaster

PortMaster is a tool to manage the ports that are installed on the FreeBSD system which includes easy upgrading of ports.

cd /usr/ports/ports-mgmt/portmaster
make config-recursive
make install clean

Open-VM-Tools

Although VMware freebsd tools works, VMware is always slow in the release of the tools for FreeBSD.

cd /usr/ports/emulators/open-vm-tools-nox11/
make config-recursive
make install clean

Make sure that the Open-VM-Tools works on reboot by editing the /etc/rc.conf

vmware_guest_vmblock_enable="YES"
vmware_guest_vmhgfs_enable="YES"
vmware_guest_vmmemctl_enable="YES"
vmware_guest_vmxnet_enable="YES"
vmware_guestd_enable="YES"

Vim-Lite

We all need our favourite text editor to configure Nagios and other configuration files.

cd /usr/ports/editors/vim-lite
make config-recursive
make install clean

edit ~/.vimrc

syntax on
set background=dark
set shiftwidth=2
set tabstop=2
set nocompatible
set expandtab
set autoindent
set ruler
if has("autocmd")
 filetype plugin indent on
endif
set showcmd " Show (partial) command in status line.
set showmatch " Show matching brackets.
set ignorecase " Do case insensitive matching
set smartcase " Do smart case matching
set incsearch " Incremental search
set hidden " Hide buffers when they are abandoned
set backspace=indent,eol,start
set mouse=

SSMTP

Refer to this article to setup an authenticated system email with Gmail.

Web Server

Nagios has a web based dashboard to provide an overview of the state of the monitored machines.

Install Apache24
cd /usr/ports/www/apache24
make config-recursive
make install clean
vim /etc/rc.conf
apache24_enable=yes

Install PHP 5.6

cd /usr/ports/lang/php56
make config-recursive
make install clean

Install PHP56-extensions

cd /usr/ports/lang/php56-extensions
make config-recursive
make install clean

Install PHP56 Apache module

cd /usr/ports/www/mod_php56
make config-recursive
make install clean

Edit httpd.conf to insert the following to the configuration file

<FilesMatch ".php$">
    SetHandler application/x-httpd-php
</FilesMatch>
<FilesMatch ".phps$">
    SetHandler application/x-httpd-php-source
</FilesMatch>

cp /usr/local/etc/php.ini-production /usr/local/etc/php.ini
cd /usr/ports/net-mgmt/nagios4
make config-recursive
make install clean

Ensure that mod_cgi is enabled in /usr/local/etc/apache24/httpd.conf by uncommenting the following line

LoadModule cgi_module libexec/apache24/mod_cgi.so

Restart the apache service to check if nagios is accessible.

More about the installation and configuration of Nagios to follow. 🙂

My Server Died

Posted on by .
Leave a reply

My trusty home server decided to finally give itself up after losing it’s operating system drive, the root mount about three month ago. Yes. My server was running off RAM for the past three months where I was really really busy with my school work – my Honour Year Project – to be exact. As such, I have lost my last blog post on the labeling of ZFS volumes in FreeNAS. But I’m very grateful, it managed to stay alive until yesterday, one day after I gave my last undergraduate academic presentation for my Honour Year Project.

This time round, I’ve decided to run this wordpress app on my edge hypervisor box with a guest OS of FreeBSD. Setting up a FreeBSD server takes time but it’s quite a rewarding experience, well, this might be due to seeing all the codes compile for the necessary services.

The Hard Drive that died was a 2004 Seagate 80GB SATA-I hard drive that was moved across multiple computers. I’ve already knew about the loss of the mount about 3 months ago, but Linux being Linux, it’s quite awesome where everything is still kept in RAM and able to run my wordpress and torrent box like nothing had went wrong. But it seems like time is up. I’ve received the death alert by my remote monitoring system yesterday afternoon.

The death was timely too, I have a upgrade plan to move my storage server to a complete FreeNAS system, using ZFS and hard disks in mirror mode with ZIL and L2ARC with SLC and MLC SSDs. This change in storage system will give me some storage performance boost that is capable of providing iSCSI for my hypervisors, and CIFS/NFS for my storage client machines over my home network.

Just yesterday, I was caught in a very interesting discussion of scalable storage/database reliability between two experienced techies of SOC. They were discussing about the move of storage towards object storage system such as Ceph, and leveraging on various techniques like load-balancing and distributed-hash-tables (DHT) to really grow and scale in an incredible way. A way that never crossed my mind for my Honour Year Project. Maybe after graduation and moving around my computing resources, I could experiment on that technique too.

In the meantime, I still have to tie some loose ends of my HYP and then my last two papers of my Undergraduate life. Yes. I’m finally graduating. 🙂

Setting up a FreeBSD9.1 Server

Posted on by .
Leave a reply

It’s been a while since I last posted something here.

Recently got interested in the “beastie” aka BSD one flavor of UNIX, not say I’m no longer loving the penguin but then it’s good to know more systems out there and FreeBSD is one of the most well know systems for stability and uptime of like 5 years without restarting. So here is how to get it up with Nginx, PHP and MySQL, running inside a VMware environment.

The first thing to do is to get portsnap to do a update from the port tree.

portsnap fetch extract update

Most of the popular applications will be in the ports tree so most of these installation can be automated without much issues.

Installing VMware Tools

Installing Perl5.16

/usr/ports/lang/perl5.16/
make config-recursive
make install clean

Install compat6x

/usr/ports/misc/compat6x/
make config-recursive
make install clean

Manual installation of 2 VMware modules

“Insert” the vmware tools disc, and mount using type cd9660 as such

mount -t cd9600 /dev/cd0 /mnt

then access the mounted disc and copy the tool file to somewhere locally for extraction.

<DIR>vmware-tools-distrib/lib/modules/source/

Untar the following, make and make install them before installing the main perl script

vmmemctl.tar
vmblock.tar

Installing Bash-completion

Firstly will be the installation of  “bash-completion” as I find “csh” not that friendly, plus tab-ing is the way to go… 🙂

cd /usr/ports/shells/bash-completion
make config-recursive

No additional selections is necessary (defaults are alright)

make install clean

Then you have to change the default shell of the user by using

chpass

and change the Shell to

/usr/local/bin/bash

Installing VIM

And how can we go about a Unix/Linux system without VIM? vi is just quite painful to use. And since I’m using this machine as a server, I don’t need gvim so vim-lite is suffice.

cd /usr/ports/editors/vim-lite
make config-recursive
make install clean

Do remember to configure your own ~/.vimrc

syntax on
set background=dark
set shiftwidth=2
set tabstop=2
set nocompatible
set expandtab
set autoindent
set ruler
if has("autocmd")
 filetype plugin indent on
endif
set showcmd " Show (partial) command in status line.
set showmatch " Show matching brackets.
set ignorecase " Do case insensitive matching
set smartcase " Do smart case matching
set incsearch " Incremental search
set hidden " Hide buffers when they are abandoned
set backspace=indent,eol,start
set mouse=

Installing wget

cd /usr/ports/ftp/wget
make config-recursive
make install clean

Installing PHP

cd /usr/ports/lang/php5
make config-recursive
make install clean

You will also have to install php extenstions for things like session, mbstring, mycrypt, mysql, mysqli and etc.

cd /usr/ports/lang/php5-extensions
make config-recursive
make install clean

Configuring PHP-FPM

vim /usr/local/etc/php-fpm.conf
events.mechanism = kqueue
listen = /var/run/php-fpm.sock

listen.owner = www
listen.group = www
listen.mode = 0666

You will also have to configure the php.ini for your needs, I need to set my local timezone

cp /usr/local/etc/php.ini-production /usr/local/etc/php.ini
vim /usr/local/etc/php.ini
date.timezone = Asia/Singapore

You will have to add the following line into the rc.conf.

vim /etc/rc.conf
php_fpm_enable="YES"

Installing nginx

cd /usr/ports/www/nginx
make config-recursive
make install clean

Configuring nginx

vim /usr/local/etc/nginx/nginx.conf

Some things that needs to be included are the use of kqueue which is used in BSD.

events {
 worker_connections 1024;
 use kqueue;
}
location ~ .php$ {
 #root html;
 #fastcgi_pass 127.0.0.1:9000;
 fastcgi_pass unix:/var/run/php-fpm.sock;
 #fastcgi_index index.php;
 fastcgi_param SCRIPT_FILENAME /usr/local/www$fastcgi_script_name;
 fastcgi_param PATH_INFO $fastcgi_script_name;
 include fastcgi_params;
}

You will have to add the following line into the rc.conf.

vim /etc/rc.conf
nginx_enable="YES"

Installing MySQL

Depending on requirements, the choice of MySQL configuration will be different, pick the most suitable one and copy it.

cp /usr/local/share/mysql/my-small.cnf /usr/local/etc/my.cnf

Manually start MySQL server to install and configure it.

/usr/local/etc/rc.d/mysql-server start

Follow the guide from the secure installation script.

mysql_secure_installation

You will have to add the following line into the rc.conf.

vim /etc/rc.conf
mysql_enable="YES"

Installing Web-apps

After completing the above installation, it should be a breeze to install the rest of the web-apps like phpMyAdmin and WordPress, just place them at the correct place /usr/local/www 🙂