{"id":178,"date":"2022-03-04T21:23:11","date_gmt":"2022-03-04T20:23:11","guid":{"rendered":"https:\/\/tillnet.se\/?p=178"},"modified":"2022-03-04T21:23:11","modified_gmt":"2022-03-04T20:23:11","slug":"zabbix-on-ubuntu-with-ssl","status":"publish","type":"post","link":"https:\/\/www.tillnet.se\/index.php\/2022\/03\/04\/zabbix-on-ubuntu-with-ssl\/","title":{"rendered":"Zabbix on Ubuntu with SSL"},"content":{"rendered":"\n
Everyone needs a monitor system, right?<\/p>\n\n\n\n
Disclaimer or Scope\/Intention<\/h2>\n\n\n\n
This is how I did it. Short guide, more or less for myself so I won\u2019t forget. If Linux\/Ubuntu\/Apache\/SSL-certs is new territory for you this isn\u2019t the guide you were looking for, sorry. Some steps and detailed explanations are omitted. Also never run cmds you don\u2019t trust and know what they do.<\/p>\n\n\n\n
What I used<\/h2>\n\n\n\n
Machine: VM in Vmware vSphere, 2vCPU, 4GB RAM, 32GB disk. OS: Ubuntu Server 20.04 LTS Free OpenSource (https:\/\/ubuntu.com\/download\/server) WebApp: Zabbix 6.0 Free OpenSource (https:\/\/zabbix.com) SSL cert: I used Let\u2019s Encrypt for my cert and key.<\/p>\n\n\n\n
Preparation<\/h2>\n\n\n\n
I downloaded the software from Ubuntu. Spun up a small VM and installed Ubuntu Server on it. Performed some housekeeping on the machine.<\/p>\n\n\n\nSpun up a vm in vSphere.<\/figcaption><\/figure>\n\n\n\n
Step 2: Follow instructions on Zabbix homepage. <\/h2>\n\n\n\n https:\/\/www.zabbix.com\/download?zabbix=6.0&os_distribution=ubuntu&os_version=20.04_focal&db=mysql&ws=apache <\/figcaption><\/figure>\n\n\n\n
Just a headsup, the step “zcat \/usr\/share\/doc\/zabbix-sql-scripts\/mysql\/server.sql.gz | mysql -uzabbix -p zabbix<\/code>“. Will take a long time with low resource utilization, be patient.<\/p>\n\n\n\n
Step 3: Done, ish.<\/h2>\n\n\n\n
Now it’s installed. Enter the FQDN or ip-adress + \/zabbix in a web-browser. <\/p>\n\n\n\nThis is the Zabbix welcome screen. Enter the user name Admin with password zabbix to log in.<\/figcaption><\/figure>\n\n\n\n
More info, https:\/\/www.zabbix.com\/documentation\/6.0\/en\/manual\/quickstart\/login<\/p>\n\n\n\n
Optional to continue. Next steps will add SSL\/https and force that.<\/p>\n\n\n\n
Step 4: Remove \/zabbix\/ from URL<\/h2>\n\n\n\n
Configure Apache conf for website (this removes “zabbix” from the end of the URL), optional.<\/p>\n\n\n\n
All websites should use https now when there\u2019s free and easy services like Let\u2019s Encrypt (https:\/\/letsencrypt.org) or Cloudflare (https:\/\/cloudflare.com). There are good guides on their webpages and also a lot of specific howtos to find elsewhere. This is out of scope for this guide.<\/p>\n\n\n\n
Get your cert and key from source of your choosing.<\/p>\n\n\n\n
Step 6: Copy Cert and Key to Server<\/h2>\n\n\n\n
Create a new directory where your Cert and Key will reside.<\/p>\n\n\n\n
You need to add a new block underneath for SSL port 443. You can also add a rewrite condition in your port 80 block to redirect all requests to https. Paste example and modify for your domain.<\/p>\n\n\n\n
Save file and exit. (Press CTRL + X, press Y and then press ENTER).<\/p>\n\n\n\n
Enable the RewriteEngine.<\/p>\n\n\n\n
sudo a2enmod rewrite<\/code><\/pre>\n\n\n\n
Test the configuration syntax for errors.<\/p>\n\n\n\n
sudo apachectl configtest<\/code><\/pre>\n\n\n\n
You can ignore any errors that say Could not reliably determine the server\u2019s fully qualified domain name. If you see Syntax OK, restart Apache.<\/p>\n\n\n\n
Done. Now you have your own monitoring system.<\/p>\n","protected":false},"excerpt":{"rendered":"
Everyone needs a monitor system, right? Disclaimer or Scope\/Intention This is how I did it. Short guide, more or less for myself so I won\u2019t …<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[6],"tags":[],"class_list":["post-178","post","type-post","status-publish","format-standard","hentry","category-it"],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/www.tillnet.se\/index.php\/wp-json\/wp\/v2\/posts\/178","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.tillnet.se\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.tillnet.se\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.tillnet.se\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.tillnet.se\/index.php\/wp-json\/wp\/v2\/comments?post=178"}],"version-history":[{"count":2,"href":"https:\/\/www.tillnet.se\/index.php\/wp-json\/wp\/v2\/posts\/178\/revisions"}],"predecessor-version":[{"id":193,"href":"https:\/\/www.tillnet.se\/index.php\/wp-json\/wp\/v2\/posts\/178\/revisions\/193"}],"wp:attachment":[{"href":"https:\/\/www.tillnet.se\/index.php\/wp-json\/wp\/v2\/media?parent=178"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.tillnet.se\/index.php\/wp-json\/wp\/v2\/categories?post=178"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.tillnet.se\/index.php\/wp-json\/wp\/v2\/tags?post=178"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
![\"\"](\"https:\/\/tillnet.se\/wp-content\/uploads\/2022\/03\/vm-config-1024x574.png\")
![\"\"](\"https:\/\/tillnet.se\/wp-content\/uploads\/2022\/03\/1-download-1024x718.png\")
![\"\"](\"https:\/\/tillnet.se\/wp-content\/uploads\/2022\/03\/done.png\")