Lundebakkevej 5, 4684 Holmegaard

Install Icinga2, Icingaweb2, director and PNP on ubuntu 20.04

This guide shows how to install Icinga2 monitoring software on Ubuntu 20.04 – this includes backend, frontend, director and pnp4nagios (adding graphs to icinga).

Especially PNP was hard to get working – but if you follow the guide everything is nicely lined up at the end.

Offset: Basic ubuntu 20.04 server with openssh package (used 2 vcpu, 3GB ram and 100GB disk)

My setup:
IP address:

Icinga2 specific decissions:
Icing2 database
DB type mariadb
DB name: icinga2
DB User: icinga2
DB Passwd: icingaPW

icinga2web database:
DB type mariadb
DB name: icinga2_web
DB User: icinga2
DB Passwd: icingaPW

Director database:
DB type mariadb
DB name: icinga2_director
DB User: icinga2
DB Passwd: icingaPW

Let’s start out by disabling the firewall

systemctl stop ufw
systemctl disable ufw

Install and configure mysql

Install mariadb and create user and databases

apt-get install mariadb-server mariadb-client

mysql -u root -p

CREATE USER 'icinga2'@'localhost' IDENTIFIED BY 'icingaPW';
CREATE DATABASE icinga2_director CHARACTER SET 'utf8';

GRANT ALL ON *.* to 'icinga2'@'localhost' IDENTIFIED BY 'icingaPW'


Now your databases are ready for the install

Install icinga2 backend

Install all the packages needed using apt (so they will be updated using package manager)

apt-get update
apt-get -y install apt-transport-https wget gnupg

wget -O - | apt-key add -

. /etc/os-release; if [ ! -z ${UBUNTU_CODENAME+x} ]; then DIST="${UBUNTU_CODENAME}"; else DIST="$(lsb_release -c| awk '{print $2}')"; fi; \
 echo "deb icinga-${DIST} main" > \
 echo "deb-src icinga-${DIST} main" >> \

apt-get update

apt-get install icinga2

apt-get install monitoring-plugins

apt-get install icinga2-ido-mysql
(answer yes to install and no to configure)

Setup db connection in /etc/icinga2/features-available/ido-mysql.conf

vi /etc/icinga2/features-available/ido-mysql.conf

 * The db_ido_mysql library implements IDO functionality
 * for MySQL.

library "db_ido_mysql"

object IdoMysqlConnection "ido-mysql" {
  user = "icinga2",
  password = "icingaPW",
  host = "localhost",
  database = "icinga2"

Enable icinga2 to use database backend and load database schema

icinga2 feature enable ido-mysql
mysql -uicinga2 -picingaPW icinga2 < /usr/share/icinga2-ido-mysql/schema/mysql.sql
systemctl restart icinga2

Install Icinga2-web (frontend)

apt-get install apache2 php-gd php-json

icinga2 api setup

Now add a user to icinga2 backend by adding to /etc/icinga2/conf.d/api-users.conf, create a user object for icingaweb2 beneath the configured root user

vi /etc/icinga2/conf.d/api-users.conf

object ApiUser "icingaweb2" {
  password = "Wijsn8Z9eRs5E25d"
  permissions = [ "status/query", "actions/*", "objects/modify/*", "objects/query/*" ]

Restart incinga2 daemon

systemctl restart icinga2

Install the frontend itself (memorizing the token at the end (which can be displayed using the last command if you forget)

apt-get install icingaweb2 libapache2-mod-php icingacli

icingacli setup token create

icingacli setup token show

Browse to your new installation using IP (

  • insert the token click next
  • enable doc and monitoring and click next
  • accept that PDO-Postgress is missing and click next
  • set authentication to database and click next
  • Name your connection, fill in the new incingadb names and remember to set caracter set to utf8 click next
  • accept backend name of icingaweb2 click next
  • setup first webuser (the master admin) – click next
  • accept application config and click next
  • accept the summary and click next
  • Click next to start config
  • Accept default backend definitions, click next
  • Set the connection details for the icinga2 database (remember to specify utf8 as Char set) – click next
  • Command transport is set to Icinga2 API, use the username password generated earlier in the config file (icingaweb2 / Wijsn8Z9eRs5E25d) – click next
  • Accept the default protected variables – click next
  • Accept the backend config and click finish
  • click the “login to Icinga Web 2” button in the upper left corner
  • Log in with the administrative user created in step 8

Adding addons

Adding Director first – this module gives you the power to configure icinga through the webinterface of icinga2-web.

First lets install all modules from git.

git clone "" "/usr/share/icingaweb2/modules/director" --branch v1.8.0
cd /usr/share/icingaweb2/modules/director
git checkout "v1.8.0"

git clone "" "/usr/share/icingaweb2/modules/ipl" --branch "v0.5.0"
git clone "" "/usr/share/icingaweb2/modules/incubator" --branch "v0.6.0"
git clone "" "/usr/share/icingaweb2/modules/reactbundle" --branch "v0.9.0"

icingacli module enable ipl
icingacli module enable incubator
icingacli module enable reactbundle
icingacli module enable director

Now we need to add another user to /etc/icinga2/conf.d/api-users.conf underneath the icingaweb2 user definition

vi /etc/icinga2/conf.d/api-users.conf

object ApiUser "icingadirector" {
  password = "Wijsn8Z9eRs5E25d"
  permissions = [ "*" ]

Now you need to configure your first zone and first endpoint in zones.conf

vi /etc/icinga2/zones.conf

object Endpoint "" {
  host = ""

object Zone "master" {
 endpoints = [ "" ]

Reboot to ensure all comes up autoatically

shutdown -r now

From the webfrontend create a new database resource pointing to your new director db

goto Configuration -> Application -> Resources
create a new database object pointing to your director db – remember to set charset to utf8
goto module config: modules -> Director -> configuration
Select icinga2_director as database backend
click “create database scheme” This will start the kickstart engine

endpoint name:
icinga host:
icinga API user: icingadirector
icinga API password: Wijsn8Z9eRs5E25d

click store config

Deploy outstanding configurations in the webpage by:
“Icinga Director” -> Deployments -> click on “Render Config”

Now you need to setup the daemon for director to pickup changes

useradd -r -g icingaweb2 -d /var/lib/icingadirector -s /bin/false icingadirector
install -d -o icingadirector -g icingaweb2 -m 0750 /var/lib/icingadirector
cp /usr/share/icingaweb2/modules/director/contrib/systemd/icinga-director.service /etc/systemd/system/
systemctl daemon-reload
systemctl enable icinga-director
systemctl start icinga-director

Setup PNP and pnp4nagios

This part is the hardest to get right – but the follow receipt worked for me.

install the graphing modules

apt-get install icingaweb2-module-pnp 

apt-get install rrdtool librrd-dev librrds-perl librrdp-perl php-xml php-rrd gcc make

mkdir -p /files/pnp
cd /files/pnp
wget -O pnp4nagios.tar.gz
tar xzf pnp4nagios.tar.gz

cd pnp4nagios-0.6.26

./configure --with-nagios-user=nagios --with-nagios-group=nagios --with-rrdtool=/usr/bin/rrdtool --with-perfdata-dir=/var/spool/icinga2/perfdata --with-httpd-conf=/etc/apache2/sites-available

make all
make full-install

Remove login to pnp4nagios (by changing apache conf file (all chages before mod_rewrite section)

vi /etc/apache2/sites-available/pnp4nagios.conf


Alias /pnp4nagios "/usr/local/pnp4nagios/share"

<Directory "/usr/local/pnp4nagios/share">
        AllowOverride None
#       Order allow,deny
#       Allow from all
        require all granted
        # Use the same value as defined in nagios.conf
#       AuthName "Nagios Access"
#       AuthType Basic
#       AuthUserFile /usr/local/nagios/etc/htpasswd.users
#       Require valid-user
        <IfModule mod_rewrite.c>
                # Turn on URL rewriting
                RewriteEngine On
                Options symLinksIfOwnerMatch
                # Installation directory
                RewriteBase /pnp4nagios/
                # Protect application and system files from being viewed
                RewriteRule "^(?:application|modules|system)/" - [F]
                # Allow any files or directories that exist to be displayed directly
                RewriteCond "%{REQUEST_FILENAME}" !-f
                RewriteCond "%{REQUEST_FILENAME}" !-d
                # Rewrite all other URLs to index.php/URL
                RewriteRule "^.*$" "index.php/$0" [PT]

Enable the config and reload apache

a2ensite pnp4nagios.conf
systemctl reload apache2

Add www-data to nagios group so it can read data

vi /etc/group add to the existing nagios line


Hit the pnp4nagios webpage – all should be green :

Enable pnp module and start creating perfdata

icingacli module enable pnp
icinga2 feature enable perfdata
systemctl restart icinga2
mv /usr/local/pnp4nagios/share/install.php /usr/local/pnp4nagios/share/install.php.orig
cd /usr/local/pnp4nagios/etc
mv misccommands.cfg-sample misccommands.cfg
mv nagios.cfg-sample nagios.cfg
systemctl enable npcd
systemctl start npcd

Pnp4nagios is build for PHP5, as we are using PHP7 there is 1 deprecated function in Input.php that needs to be bypassed – I’ve done it by encapsulating it in an if statement like this (remember to close out the if at the end with } (so add the first and last line where it’s applicable):

vi /usr/local/pnp4nagios/lib/kohana/system/libraries/drivers/Image.php

 if (version_compare(PHP_VERSION, '5.3.0', '<')) {
                        // magic_quotes_runtime is enabled
                        if (get_magic_quotes_runtime())
                                Kohana::log('debug', 'Disable magic_quotes_runtime! It is evil and deprecated:');

                        // magic_quotes_gpc is enabled
                        if (get_magic_quotes_gpc())
                                $this->magic_quotes_gpc = TRUE;
                                Kohana::log('debug', 'Disable magic_quotes_gpc! It is evil and deprecated:');

Then you need to change line 979 in the file: /usr/local/pnp4nagios/share/application/models/data.php

(use :979 to jump to that line)

vi /usr/local/pnp4nagios/share/application/models/data.php

if(sizeof($pages) > 0 ){
if(is_array($pages) && sizeof($pages) > 0 ){

Correct perfdata_spool_dir line in npcd config

vi /usr/local/pnp4nagios/etc/npcd.cfg

perfdata_spool_dir = /var/spool/icinga2/perfdata

restart npcd to pickup changes

systemctl restart npcd

Last go in icinga2 webpage and configure pnp to the correct config dir:

Log into icinga2 and goto configuration -> modules -> pnp -> configuration
set pnp4nagios configuration to: /usr/local/pnp4nagios/etc

At this point I like to reboot to ensure everything works after reboot

Shutdown -r now