The net/icinga/core port

icinga-1.14.2p4 – obsolete version of Icinga network monitoring system (source)


Icinga monitors network resources such as servers, routers, switches,
applications and services and notifies administrators or responsible
persons. Current status information, historical logs and reports can
all be accessed via a web browser.

This package provides Icinga 1.x, the legacy version, which is a fork
of Nagios. New installations should use Icinga 2 (a different codebase).
Both versions support the extensive collection of standard monitoring
plug-ins that also work with Nagios and other similar software.


$OpenBSD: README-main,v 1.32 2018/09/04 12:53:16 espie Exp $

| Running ${PKGSTEM} on OpenBSD

Getting Started

The main documentation for Icinga is provided in HTML format as part of
the icinga-cgi package, see /var/www/icinga-cgi/docs/en/index.html
or at

The included sample configuration carries out some simple checks
on the local machine; these should work as-is.

You may check your configuration file format before starting Icinga:

   # su -m _icinga -c "${TRUEPREFIX}/bin/icinga -v ${SYSCONFDIR}/icinga.cfg"

This will parse all configuration files and warn about any problems
which have been identified.

Use the rcctl command to enable automatic startup on boot for icinga

   # rcctl enable icinga

To start icinga, reboot or start it manually:

   # rcctl start icinga

Upgrading from a previous version

If you are using IDODB, you will need to update the database schema.
Typically you will just need to apply updates from
${TRUEPREFIX}/share/examples/icinga/db//upgrade/, but
see ${PREFIX-cgi}/icinga-cgi/docs/en/upgrading_idoutils.html or for more

If upgrading from IDODB 1.6.1 or earlier, update your broker_module
setting in ${SYSCONFDIR}/icinga.cfg; the plugin was renamed from
${TRUEPREFIX}/bin/idomod.o to ${TRUEPREFIX}/lib/ in 1.7.0.

If upgrading from an earlier version of icinga-web (the PHP API-based
web interface), you will need to apply updates to the icinga_web database
schema from /var/www/icinga-web/etc/schema/updates. You should also clear
the cache by running "/var/www/icinga-web/bin/".

The 1.11.0 update enables CSRF protection for cmd.cgi by default;
if using external programs (like Nagstamon or aNag) to access the classic
UI, you may need to set disable_cmd_cgi_csrf_protection=1 in cgi.cfg.

Chroot Considerations

If you're using OpenBSD's default chroot environment for httpd or nginx
with the icinga-cgi package, some files will need to be moved inside the
jail and symbolic links created.

   mkdir -p ${PREFIX-cgi}/etc ${PREFIX-cgi}/var/log
   mv ${SYSCONFDIR} ${PREFIX-cgi}/etc/
   ln -s ${PREFIX-cgi}/etc/icinga ${BASESYSCONFDIR}
   mv /var/icinga ${PREFIX-cgi}/var/
   ln -s ${PREFIX-cgi}/var/icinga /var
   mv /var/log/icinga ${PREFIX-cgi}/var/log/
   ln -s ${PREFIX-cgi}/var/log/icinga /var/log

To display times in your local timezone, you will also need to provide
a suitable /var/www/etc/localtime; due to the chroot, a symbolic link cannot
be used here, instead the file can be copied:

   cp /usr/share/zoneinfo/Antarctica/South_Pole ${PREFIX-cgi}/etc/localtime

Web User-Interfaces

Two web-based user interfaces are available for Icinga. They are provided
in their own packages; one or both must be installed separately ("pkg_add
icinga-cgi" or "pkg_add icinga-web").

1) icinga-cgi: the classic (but improved) Nagios-style interface

   httpd and nginx don't support CGI scripts directly; instead the slowcgi(8)
   wrapper must be used. Use the rcctl command to enable it at startup and
   reboot or start it manually:

      # rcctl enable slowcgi
      # rcctl start slowcgi

   For nginx, add a configuration section like this to /etc/nginx/nginx.conf:

   location /icinga/ {
	alias		/icinga-cgi/;
	satisfy		any;
	allow		::1/128;
	auth_basic	"Icinga Access";
	auth_basic_user_file /etc/icinga/htpasswd.users;
   location /cgi-bin/icinga/ {
	satisfy		any;
	allow		::1/128;
	root		/;
	auth_basic	"Icinga Access";
	auth_basic_user_file /etc/icinga/htpasswd.users;
	try_files	$uri =404;
	fastcgi_pass	unix:run/slowcgi.sock;
	fastcgi_param	REMOTE_USER $remote_user;
	include		fastcgi_params;

   The example above permits access from the local machine without password,
   and requires HTTP basic authentication from other locations.

   For httpd, add a configuration section like this to /etc/httpd.conf:

      location "/cgi-bin/icinga/*cgi" {
              root "/"
              authenticate with "/etc/icinga/htpasswd.users"

   And create a symbolic link in the htdocs directory:

      # ln -s ../icinga-cgi icinga

   The examples above require HTTP basic authentication. The password file can
   be created as follows:

      # htpasswd ${SYSCONFDIR}/htpasswd.users 

   When done, reload the web server:

      # rcctl reload nginx


      # rcctl reload httpd

   You should then be able to access the web interface at

2) icinga-web: new API-based interface

   2.1) Setup the icinga database. For details see:

   2.2) Enable the ido2db daemon. Add "ido2db" to the pkg_scripts line
   in /etc/rc.conf.local _before_ icinga.

   Afterwards, you can start it by rebooting, or manually:

      # rcctl start ido2db

   2.3) Enable the "broker_module=${TRUEPREFIX}/lib/ ..." line in
   ${SYSCONFDIR}/icinga.cfg and restart icinga:

      # rcctl restart icinga

   Now you should see in the icinga logfile, that icinga is storing
   information in the db.

   2.4) Setup the icinga_web database (change the password!):

      mysql -u root -p <


The OpenBSD ports mailing-list


icinga-1.14.2p4 icinga-cgi-1.14.2p4 icinga-idoutils-1.14.2p4


lang/php net

Library dependencies

Build dependencies

Run dependencies

Test dependencies

Reverse dependencies

File Descr
Path Name
Category Maintainer