"monit" package for pfSense part 2

Legion · May 27, 2013, 10:16 AM

Like this:

Or you could probably edit /usr/local/etc/rc.d/monit directly to set monit_enable="YES", but I'm not very good at shell scripting, never was, so I can only read enough to get the gist of what a script does, not write my own.

Legion · May 27, 2013, 10:18 AM

Filer is one of the standard pfSense packages and once you install it it lives under the Diagnostics -> Filer menu.

rajbps · May 27, 2013, 11:04 AM

Thanks again for the reply :-)

Now in the config, you just modify the line:

Monit has an embedded web server which can be used to view status of

services monitored and manage services from a web interface. See the

Monit Wiki if you want to enable SSL for the web server.

set httpd port 2812 and
use address localhost # only accept connection from localhost
allow X.X.X.X # allow localhost to connect to the server and
allow admin:monit # require user 'admin' with password 'monit'
allow @monit # allow users of group 'monit' to connect (rw)
allow @users readonly # allow users of group 'users' to connect readonly

Where the X.X.X.X would be the ip of the pfsense box is that correct?

Cheers,

Raj

rajbps · May 27, 2013, 11:13 AM

Sorry sorted it out you just modify one line:

set httpd port 2812 and
use address localhost # only accept connection from localhost
allow X.X.X.X # allow localhost to connect to the server and
allow admin:monit # require user 'admin' with password 'monit'
allow @monit # allow users of group 'monit' to connect (rw)
allow @users readonly # allow users of group 'users' to connect readonly

where X.X.X.X is the machine from which you are trying to connect.

Do you have a 32 bit or 64 bit pfsense as the package is in both flavours and I am running 64 bit pfsense.

Cheers,

Raj

Legion · May 27, 2013, 11:17 AM

Mine is slightly different. I allow localhost and some of my private subnets. No users, no passwords. There is plenty of information if you search the internet of different configurations.

I am running 32-bit

rajbps · Jul 28, 2013, 12:20 AM

Ok,

I manage to get monit working well on pfsense fingers cross.

Now if I reboot pfsense, I need to start monit via shell to be able to access the gui.

Is there a way to get monit started without any input from me pls.

I made a wee install doc with a lot of help from this forum and google that I am posting here.

The work in there is not mine, I just gathered it in that doc

Hope it can help someone also and thanks to everyone for the help.

Cheers,

raj

[monit pfsense install for forum.txt](/public/imported_attachments/1/monit pfsense install for forum.txt)

rajbps · Jul 28, 2013, 12:23 AM

Sorry forgot to ask another question,

When I do a backup of the firewall via the diag => Backup and restore will it also backup this custom install of monit and the config of it.

Cheers,

Raj

Legion · Jul 28, 2013, 5:59 AM

@rajbps:

Is there a way to get monit started without any input from me pls.

Read my first post again. I use etc/rc.d, but there are other methods.

rajbps · Jul 28, 2013, 8:00 AM

Hi Legion,

I did that as per your post
"/usr/local/etc/rc.d/monit
There duplicate the monit and rename it to monit.sh
So you will have the following in that directory:
/usr/local/etc/rc.d/monit
/usr/local/etc/rc.d/monit.sh

Now we need to modify /etc/rc.conf.local to include the line monit_enable="YES"
So install the filer package from the normal package manager.

Then go to Diagnostics -> Filer menu
There you can modify /etc/rc.conf.local

Now we need to modify :
/usr/local/etc/monitrc.sample
So that we have :
/usr/local/etc/monitrc

So just duplicate it so that folder will have both
/usr/local/etc/monitrc.sample
/usr/local/etc/monitrc"

Now when i reboot pfsense, monit does not start by itself.

:-(

rajbps · Jul 28, 2013, 10:24 AM

Ok rebooted pfsense and on the bootup console, i can see :
Starting /usr/local/etc/rc.d/monit.sh…done

But when I try to connect nothing.

If i log on the console and run the following command :

monit

This returns the following :

Starting monit daemon with http interface at [x.x.x.x:yyyy]

x is the ip
y is the port

So the startup script runs but without typing "monit" on the pfsense shell, it does not start the server.

Any ideas why.

My config file is attached here.

Cheers for any ideas/help.

Raj

[monit pfsense install for forum.txt](/public/imported_attachments/1/monit pfsense install for forum.txt)

rajbps · Jul 28, 2013, 9:43 PM

Hi Legion,

Can you show me a copy of you monit.sh file pls.

I am thinking that the issue might be in there.

Or do you have any other ideas.

Cheers,

Raj

rajbps · Jul 28, 2013, 11:00 PM

OK found my problem, permission.

The permission of /usr/local/etc/rc.d/monit.sh should be 0755

All starting fine now :-)

Cheers