Configure a Backup of Nagios

Hands-On Lab

 

Photo of Ermin Kreponic

Ermin Kreponic

Training Architect

Length

03:00:00

Difficulty

Advanced

In this lab we cover how to create a backup of Nagios files. You might think that you won't need it, but all systems are vulnerable. As time passes, the chances you will need a backup grow. Why risk it? Let's see how it's done and be safe!

What are Hands-On Labs?

Hands-On Labs are scenario-based learning environments where learners can practice without consequences. Don't compromise a system or waste money on expensive downloads. Practice real-world skills without the real-world risk, no assembly required.

Configure a Backup of Nagios

Introduction

In this lab we cover how to create a backup of Nagios files. You might think that you won't need it, but all systems are vulnerable. As time passes, the chances you will need a backup grow. Why risk it? Let's see how it's done and be safe!

Solution

  1. Begin by logging in to the Nagios server and the Linux client in separate terminals using the credentials provided on the hands-on lab page.

    ssh cloud_user@PUBLIC_NAGIOSSERVER_IP
    ssh cloud_user@PUBLIC_LINUXCLIENT_IP

Configure Key-Based Authentication Between the Server and Client

  1. In the Nagios server terminal, generate an SSH key pair.

    ssh-keygen
  2. Open the key file.

    vim /home/cloud_user/.ssh/id_rsa.pub
  3. Select the entire key and copy it to your buffer.

  4. In the Linux client terminal, edit the authorized_keys file.

    vim /home/cloud_user/.ssh/authorized_keys
  5. Go to the bottom of the file and paste the key copied from the server.

  6. Save your changes and exit the editor.

  7. Back in the server terminal, exit the editor.

Create the Bash Script

  1. Create the file.

    vim /home/cloud_user/nagiosBackup.sh
  2. Add the following text to the file.

    #!/bin/bash
    
    DIR_PATH_1="/usr/local/nagios"
    timeStamp=$(date +%Y-%m-%d-%H-%M-%S-%s)
    serverIP=$(ip addr | grep 'state UP' -A2 | tail -n1 | awk '{print$2}' | cut -fl  -d'/' | tr . -)
    remoteBackupFilePath="/home/cloud_user/"
    
    tar -czvf $timeStamp-Nagios-Core-$serverIP.tar.gz $DIR_PATH_1
    
    HASH=$(md5sum $timeStamp-Nagios-Core-$serverIP.tar.gz | awk -F" " '{print $1}')
    
    fromName="$timeStamp-Nagios-Core-$serverIP.tar.gz"
    toName="$timeStamp-$HASH-Nagios-Core-$serverIP.tar.gz"
    
    mv $fromName $toName
    
    scp $timeStamp-$HASH-Nagios-Core-$serverIP.tar.gz cloud_user@$1:$remoteBackupFilePath
    
    remoteHash=$(ssh cloud_user@$1 "md5sum /home/cloud_user/$timeStamp-$HASH-Nagios-Core-$serverIP.tar.gz")
    
    remoteHash=$(echo "$remoteHash" | awk -F" " '{print $1}')
    
    if [[ $HASH == $remoteHash  ]];
    then
        echo "SUCCESS - FILE: " $timeStamp-$HASH-Nagios-Core-$serverIP.tar.gz "was copied succesfully to:     " $1 >> /home/nagios/customBackupLog.log
        rm -rf $timeStamp-$HASH-Nagios-Core-$serverIP.tar.gz
    else
        echo "FAIL    - FILE: " $timeStamp-$HASH-Nagios-Core-$serverIP.tar.gz "was not copied succesfully to: " $1 >> /home/nagios/customBackupLog.log
    fi
  3. Save your changes and exit the editor.

  4. Update the privileges for your script.

    chmod +x /home/cloud_user/nagiosBackup.sh
  5. Change the ownership of the script.

    sudo chown root:root /home/cloud_user/nagiosBackup.sh

Configure the Script to Automatically Run

  1. Still in the server terminal, log in as root.

    sudo su
  2. Open the scheduling file.

    crontab -e
  3. Add the following text to the file.

    59 23 * * * /home/cloud_user/nagiosBackup.sh
  4. Save your changes and exit the editor.

Run the Backup Script

  1. Create a key pair for the root user.

    1. In the Nagios server terminal, generate an SSH key pair.

       ssh-keygen
    2. Open the key file.

       vim /home/root/.ssh/id_rsa.pub
    3. Select the entire key and copy it to your buffer.

    4. In the Linux client terminal, edit the authorized_keys file.

       vim /home/cloud_user/.ssh/authorized_keys
    5. Go to the bottom of the file and paste the key copied from the server.

    6. Save your changes and exit the editor.

    7. Back in the server terminal, exit the editor.

  2. Run the script.

    /home/cloud_user/nagiosBackup.sh PUBLIC_LINUXCLIENT_IP
  3. In the client, verify the backup worked.

    ll
  4. In the server, update the scheduled task.

    crontab -e
  5. Add the Linux client public IP to the end of the line after nagiosBackup.sh.

  6. Save your changes and exit the editor.

  7. Check the log file to verify the process.

    tail -f /home/nagios/customBackupLog.log

Simulate an Error and Restore from a Backup

  1. In the server terminal, delete localhosts.cfg.

    rm -rf /usr/local/nagios/etc/objects/localhost.cfg
  2. In the client terminal, extract the backup.

    tar -xvzf backup_file_name
  3. Verify the backup files.

    cd usr/local/nagios/etc/objects/
    
    ls
  4. Generate an SSH key pair.

    ssh-keygen
  5. Open the key file.

    vim /home/cloud_user/.ssh/id_rsa.pub
  6. Select the entire key and copy it to your buffer.

  7. In the server terminal, edit the authorized_keys file.

    vim /home/cloud_user/.ssh/authorized_keys
  8. Go to the bottom of the file and paste the key copied from the server.

  9. Save your changes and exit the editor.

  1. Back in the client terminal, exit the editor.

  2. Transfer the missing file from the client to the server.

    scp usr/local/nagios/etc/objects/localhost.cfg cloud_user@PUBLIC_NAGIOSSERVER_IP:/home/cloud_user/
  3. In the server terminal, verify the file has been transferred.

    ll
  4. Move the file to the appropriate location.

    mv localhost.cfg /usr/local/nagios/etc/objects/
  5. Transfer to the destination directory.

    cd /usr/local/nagios/etc/objects/
  6. Change ownership of the file.

    chown nagios:nagios localhost.cfg
  7. Perform a preflight check.

    sudo /usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg
  8. Verify there were no warnings or errors.

  9. Restart the Nagios server.

    sudo systemctl restart nagios

Conclusion

Congratulations — you've completed this hands-on lab!