This guide provides a complete Ansible playbook to install Nagios Core from source with proper dependencies, web interface, and initial configuration.
Current Nagios Core version: 4.5.11
Create a file named nagios.yml:
---
- name: Install and Configure Nagios Core
hosts: nagios
become: true
vars:
nagios_version: "4.5.11"
nagios_user: "nagios"
nagios_group: "nagios"
nagios_home: "/home/nagios"
nagios_config_dir: "/usr/local/nagios/etc"
nagios_object_dir: "/usr/local/nagios/etc/objects"
nagios_plugins_dir: "/usr/local/nagios/libexec"
nagiosadmin_password: "nagios_admin_123" # Change this!
nagios_port: 80
tasks:
- name: Install prerequisites (Debian/Ubuntu)
apt:
name:
- autoconf
- gcc
- libc6
- make
- wget
- unzip
- apache2
- php
- libapache2-mod-php
- php-gd
- php-mbstring
- php-xml
- libgd-dev
- libssl-dev
- fping
- git
state: present
update_cache: true
when: ansible_os_family == "Debian"
- name: Install prerequisites (RHEL/CentOS)
yum:
name:
- autoconf
- gcc
- glibc
- make
- wget
- unzip
- httpd
- php
- php-gd
- php-mbstring
- php-xml
- gd-devel
- openssl-devel
- fping
- git
- tar
state: present
when: ansible_os_family == "RedHat"
- name: Create Nagios group
group:
name: "{{ nagios_group }}"
state: present
- name: Create Nagios user
user:
name: "{{ nagios_user }}"
group: "{{ nagios_group }}"
home: "{{ nagios_home }}"
shell: /bin/bash
create_home: true
comment: "Nagios Monitoring User"
- name: Create nagcmd group for external commands
group:
name: nagcmd
state: present
- name: Add Nagios user to nagcmd group
user:
name: "{{ nagios_user }}"
groups: nagcmd
append: true
- name: Add Apache user to nagcmd group
user:
name: "{{ 'www-data' if ansible_os_family == 'Debian' else 'apache' }}"
groups: nagcmd
append: true
- name: Download Nagios Core source
get_url:
url: "https://assets.nagios.com/downloads/nagioscore/releases/nagios-{{ nagios_version }}.tar.gz"
dest: "/tmp/nagios-{{ nagios_version }}.tar.gz"
mode: '0644'
- name: Download Nagios Plugins source
get_url:
url: "https://github.com/nagios-plugins/nagios-plugins/archive/refs/tags/release-2.4.12.tar.gz"
dest: /tmp/nagios-plugins-2.4.12.tar.gz
mode: '0644'
- name: Extract Nagios Core
unarchive:
src: "/tmp/nagios-{{ nagios_version }}.tar.gz"
dest: /tmp
remote_src: true
creates: "/tmp/nagios-{{ nagios_version }}"
- name: Extract Nagios Plugins
unarchive:
src: /tmp/nagios-plugins-2.4.12.tar.gz
dest: /tmp
remote_src: true
creates: /tmp/nagios-plugins-release-2.4.12
- name: Configure and compile Nagios Core
shell: |
./configure --with-nagios-user={{ nagios_user }} --with-nagios-group={{ nagios_group }} --with-command-group=nagcmd --with-httpd-conf=/etc/apache2/sites-available
args:
chdir: "/tmp/nagios-{{ nagios_version }}"
when: ansible_os_family == "Debian"
- name: Configure and compile Nagios Core (RHEL)
shell: |
./configure --with-nagios-user={{ nagios_user }} --with-nagios-group={{ nagios_group }} --with-command-group=nagcmd --with-httpd-conf=/etc/httpd/conf.d
args:
chdir: "/tmp/nagios-{{ nagios_version }}"
when: ansible_os_family == "RedHat"
- name: Compile Nagios Core
make:
chdir: "/tmp/nagios-{{ nagios_version }}"
target: all
- name: Install Nagios Core binaries
make:
chdir: "/tmp/nagios-{{ nagios_version }}"
target: install
become: true
- name: Install Nagios init script
make:
chdir: "/tmp/nagios-{{ nagios_version }}"
target: install-init
become: true
- name: Configure Apache for Nagios
make:
chdir: "/tmp/nagios-{{ nagios_version }}"
target: install-webconf
become: true
- name: Compile and install Nagios Plugins
shell: |
./configure --with-nagios-user={{ nagios_user }} --with-nagios-group={{ nagios_group }} &&
make &&
sudo make install
args:
chdir: /tmp/nagios-plugins-release-2.4.7
become: true
- name: Set permissions on external command file
file:
path: /usr/local/nagios/var/rw/nagios.cmd
owner: "{{ nagios_user }}"
group: nagcmd
mode: '0660'
failed_when: false
- name: Create htpasswd file for Nagios admin
htpasswd:
path: "{{ nagios_config_dir }}/htpasswd.users"
name: nagiosadmin
password: "{{ nagiosadmin_password }}"
owner: root
group: "{{ nagios_group }}"
mode: '0640'
- name: Enable Apache rewrite module (Debian/Ubuntu)
apache2_module:
name: rewrite
state: present
when: ansible_os_family == "Debian"
- name: Enable Apache CGI module (Debian/Ubuntu)
apache2_module:
name: cgi
state: present
when: ansible_os_family == "Debian"
- name: Enable Nagios site (Debian/Ubuntu)
command: a2ensite nagios
args:
creates: /etc/apache2/sites-enabled/nagios.conf
when: ansible_os_family == "Debian"
- name: Restart Apache (Debian/Ubuntu)
systemd:
name: apache2
enabled: true
state: restarted
when: ansible_os_family == "Debian"
- name: Restart httpd (RHEL/CentOS)
systemd:
name: httpd
enabled: true
state: restarted
when: ansible_os_family == "RedHat"
- name: Configure firewall (UFW)
ufw:
rule: allow
port: "{{ nagios_port }}"
proto: tcp
comment: "Nagios web interface"
when: ansible_os_family == "Debian"
failed_when: false
- name: Configure firewall (firewalld)
firewalld:
service: "{{ item }}"
permanent: true
immediate: true
state: enabled
loop:
- http
- https
when: ansible_os_family == "RedHat"
failed_when: false
- name: Verify Nagios configuration
command: /usr/local/nagios/bin/nagios -v {{ nagios_config_dir }}/nagios.cfg
register: nagios_verify
changed_when: false
failed_when: nagios_verify.rc != 0
- name: Start Nagios service
systemd:
name: nagios
enabled: true
state: started
- name: Wait for Nagios to start
wait_for:
port: "{{ nagios_port }}"
delay: 5
timeout: 60
- name: Display Nagios status
debug:
msg: |
Nagios Core {{ nagios_version }} installed successfully!
Web Interface: http://{{ ansible_default_ipv4.address | default(ansible_host) }}/nagios
Username: nagiosadmin
Password: {{ nagiosadmin_password }}
IMPORTANT: Change the default password after first login!
Configuration directory: {{ nagios_config_dir }}
Plugins directory: {{ nagios_plugins_dir }}
---
nagios:
hosts:
nagios-server:
ansible_host: 192.168.1.103
ansible_user: ansible
ansible_become: true
# Test connectivity
ansible all -i inventory.yml -m ping
# Run the Nagios playbook
ansible-playbook -i inventory.yml nagios.yml
# Run with custom admin password
ansible-playbook -i inventory.yml nagios.yml -e "nagiosadmin_password=MySecureP@ss123"
# Check Nagios service status
ssh nagios-server "sudo systemctl status nagios"
# Verify configuration
ssh nagios-server "sudo /usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg"
# Test web interface
curl -I http://nagios-server/nagios
# Access web UI
# http://nagios-server/nagios
- name: Add monitored hosts to Nagios
hosts: nagios
become: true
vars:
nagios_config_dir: "/usr/local/nagios/etc"
nagios_object_dir: "/usr/local/nagios/etc/objects"
tasks:
- name: Create hosts configuration directory
file:
path: "{{ nagios_object_dir }}/hosts"
state: directory
owner: nagios
group: nagios
mode: '0755'
- name: Add host configuration
copy:
dest: "{{ nagios_object_dir }}/hosts/{{ item.name }}.cfg"
owner: nagios
group: nagios
mode: '0644'
content: |
define host {
use linux-server
host_name {{ item.name }}
alias {{ item.alias }}
address {{ item.address }}
}
define service {
use generic-service
host_name {{ item.name }}
service_description Current Load
check_command check_local_load!5.0,4.0,3.0!10.0,6.0,4.0
}
define service {
use generic-service
host_name {{ item.name }}
service_description Root Partition
check_command check_local_disk!20%!10%!/
}
define service {
use generic-service
host_name {{ item.name }}
service_description Current Users
check_command check_local_users!20!50
}
define service {
use generic-service
host_name {{ item.name }}
service_description Total Processes
check_command check_local_procs!250!400!RSZDT
}
define service {
use generic-service
host_name {{ item.name }}
service_description Ping
check_command check_ping!100.0,20%!500.0,60%
}
loop: "{{ hosts_to_monitor }}"
- name: Include hosts directory in nagios.cfg
lineinfile:
path: "{{ nagios_config_dir }}/nagios.cfg"
regexp: "^cfg_dir={{ nagios_object_dir }}/hosts"
line: "cfg_dir={{ nagios_object_dir }}/hosts"
insertafter: "^# Options:"
- name: Verify Nagios configuration
command: /usr/local/nagios/bin/nagios -v {{ nagios_config_dir }}/nagios.cfg
register: nagios_verify
changed_when: false
- name: Restart Nagios service
systemd:
name: nagios
state: restarted
when: nagios_verify.rc == 0
- name: Install NRPE Agent on monitored hosts
hosts: monitored_hosts
become: true
vars:
nrpe_version: "4.1.3"
nagios_server_ip: "192.168.1.103"
tasks:
- name: Install prerequisites
apt:
name:
- autoconf
- gcc
- libc6
- make
- wget
- libssl-dev
- openssl
- xinetd
- unzip
state: present
update_cache: true
when: ansible_os_family == "Debian"
- name: Download NRPE
get_url:
url: "https://github.com/NagiosEnterprises/nrpe/releases/download/nrpe-{{ nrpe_version }}/nrpe-{{ nrpe_version }}.tar.gz"
dest: /tmp/nrpe-{{ nrpe_version }}.tar.gz
- name: Extract NRPE
unarchive:
src: /tmp/nrpe-{{ nrpe_version }}.tar.gz
dest: /tmp
remote_src: true
creates: "/tmp/nrpe-{{ nrpe_version }}"
- name: Configure NRPE
shell: |
./configure --with-ssl=/usr/bin/openssl --with-ssl-lib=/usr/lib/x86_64-linux-gnu
args:
chdir: "/tmp/nrpe-{{ nrpe_version }}"
when: ansible_os_family == "Debian"
- name: Compile NRPE
make:
chdir: "/tmp/nrpe-{{ nrpe_version }}"
target: all
- name: Install NRPE daemon
make:
chdir: "/tmp/nrpe-{{ nrpe_version }}"
target: install-daemon
become: true
- name: Install NRPE plugin
make:
chdir: "/tmp/nrpe-{{ nrpe_version }}"
target: install-plugin
become: true
- name: Configure NRPE
lineinfile:
path: /usr/local/nagios/etc/nrpe.cfg
regexp: "^{{ item.key }}="
line: "{{ item.key }}={{ item.value }}"
loop:
- { key: 'allowed_hosts', value: '{{ nagios_server_ip }}' }
- { key: 'dont_blame_nrpe', value: '0' }
- { key: 'allow_bash_command_execute', value: '0' }
- name: Create xinetd configuration for NRPE
copy:
dest: /etc/xinetd.d/nrpe
content: |
service nrpe
{
socket_type = stream
protocol = tcp
port = 5666
wait = no
only_from = {{ nagios_server_ip }}
user = nagios
group = nagios
server = /usr/local/nagios/bin/nrpe
server_args = -c /usr/local/nagios/etc/nrpe.cfg -i
disable = no
}
when: ansible_os_family == "Debian"
- name: Enable and start xinetd
systemd:
name: xinetd
enabled: true
state: started
when: ansible_os_family == "Debian"
- name: Configure firewall for NRPE
ufw:
rule: allow
port: 5666
proto: tcp
comment: "NRPE agent"
when: ansible_os_family == "Debian"
failed_when: false
- name: Configure email notifications for Nagios
hosts: nagios
become: true
vars:
smtp_server: "smtp.example.com"
smtp_port: 587
smtp_user: "nagios@example.com"
smtp_password: "smtp_password"
admin_email: "admin@example.com"
tasks:
- name: Install mail utilities
apt:
name:
- mailutils
- postfix
state: present
when: ansible_os_family == "Debian"
- name: Configure Postfix
debconf:
name: postfix
question: "Postfix Configuration/mailtype"
value: "Internet Site"
when: ansible_os_family == "Debian"
- name: Update contact definition
lineinfile:
path: "{{ nagios_object_dir }}/contacts.cfg"
regexp: "^{{ item.key }}\s+"
line: "{{ item.key }}\t{{ item.value }}"
loop:
- { key: 'email', value: '{{ admin_email }}' }
- { key: 'service_notification_period', value: '24x7' }
- { key: 'host_notification_period', value: '24x7' }
- { key: 'service_notification_options', value: 'w,u,c,r' }
- { key: 'host_notification_options', value: 'd,u,r' }
- name: Restart Nagios
systemd:
name: nagios
state: restarted
# Check logs
sudo tail -f /usr/local/nagios/var/nagios.log
# Verify configuration
sudo /usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg
# Check permissions
sudo ls -la /usr/local/nagios/var/rw/
# Check Apache logs
sudo tail -f /var/log/apache2/error.log # Debian/Ubuntu
sudo tail -f /var/log/httpd/error_log # RHEL/CentOS
# Verify htpasswd file
sudo cat /usr/local/nagios/etc/htpasswd.users
# Test Apache configuration
sudo apache2ctl configtest # Debian/Ubuntu
sudo httpd -t # RHEL/CentOS
# Test a plugin manually
/usr/local/nagios/libexec/check_ping -H localhost -w 100.0,20% -c 500.0,60%
# List available plugins
ls -la /usr/local/nagios/libexec/
Beyond this playbook, we offer:
Contact our automation team: office@linux-server-admin.com