Nagios, Kanidm and LDAP Authentication

Here’s an example Apache configuration file for using Kanidm’s LDAP server to authenticate access to Nagios.

The below file is also available as a github gist

<IfModule mod_ssl.c>
   <VirtualHost *:443>
      ServerName monitoring.example.com
      ServerAdmin admin@example.com

      SSLEngine on
      SSLCertificateFile   /etc/letsencrypt/live/monitoring.example.com/fullchain.pem
      SSLCertificateKeyFile /etc/letsencrypt/live/monitoring.example.com/privkey.pem

   ScriptAlias /cgi-bin "/usr/local/nagios/sbin/"
   <Directory "/usr/local/nagios/sbin">
      Options ExecCGI
      AllowOverride None
         <RequireAll>
         Require all granted
         AuthName "Nagios Access"
         AuthType Basic
         AuthLDAPURL "ldaps://kanidm.example.com:636/dc=kanidm,dc=example,dc=com?name?sub?(name=*)" TLS
         AuthBasicProvider ldap
         Require valid-user
         </RequireAll>
   </Directory>

   Alias / "/usr/local/nagios/share/"
   <Directory "/usr/local/nagios/share">
      Options None
      AllowOverride None
         <RequireAll>
         Require all granted
         AuthName "Nagios Access"
         AuthType Basic
         AuthLDAPURL "ldaps://kanidm.example.com:636/dc=kanidm,dc=example,dc=com?name?sub?(name=*)" TLS
         AuthBasicProvider ldap
         Require valid-user
         </RequireAll>
   </Directory>
</VirtualHost>
</IfModule>

August 10, 2021 · 1 min reading time
#kanidm #apache #nagios #configuration