summaryrefslogtreecommitdiff
path: root/sitemodules/profiles/templates
diff options
context:
space:
mode:
authorJan Dittberner <jandd@cacert.org>2019-07-19 22:32:44 +0200
committerJan Dittberner <jandd@cacert.org>2019-07-19 22:32:44 +0200
commit75fe9c5c44d8645f43cb604c1cb3d7344a77ecd7 (patch)
treebafb4b8cd2f11a4b89faabd6941ab2a8bfd19ea0 /sitemodules/profiles/templates
parent7057c8f72da80f2bfd374c3ec1a18ee7f9971ee3 (diff)
downloadcacert-puppet-75fe9c5c44d8645f43cb604c1cb3d7344a77ecd7.tar.gz
cacert-puppet-75fe9c5c44d8645f43cb604c1cb3d7344a77ecd7.tar.xz
cacert-puppet-75fe9c5c44d8645f43cb604c1cb3d7344a77ecd7.zip
Add Icinga2 master configuration files
Diffstat (limited to 'sitemodules/profiles/templates')
-rw-r--r--sitemodules/profiles/templates/icinga2_master/conf.d/api-users.epp.conf15
-rw-r--r--sitemodules/profiles/templates/icinga2_master/constants.epp.conf32
-rw-r--r--sitemodules/profiles/templates/icinga2_master/features-available/api.app.conf13
-rw-r--r--sitemodules/profiles/templates/icinga2_master/features-available/ido-pgsql.epp.conf19
-rw-r--r--sitemodules/profiles/templates/icinga2_master/zones.epp.conf12
5 files changed, 91 insertions, 0 deletions
diff --git a/sitemodules/profiles/templates/icinga2_master/conf.d/api-users.epp.conf b/sitemodules/profiles/templates/icinga2_master/conf.d/api-users.epp.conf
new file mode 100644
index 0000000..4b73364
--- /dev/null
+++ b/sitemodules/profiles/templates/icinga2_master/conf.d/api-users.epp.conf
@@ -0,0 +1,15 @@
+<%- | Array[Hash[String, String]] $api_users
+| -%>
+/**
+ * The APIUser objects are used for authentication against the API.
+ *
+ * This file is managed by Puppet and should not be modified manually.
+ */
+<%- $api_users.each |api_user| { -%>
+object ApiUser "<%= api_user['username'] %> {
+ password = "<%= api_user['password'] %>"
+ // client_cn = ""
+
+ permissions = [ "<%= $api_user['permissions'].join('", "') %>" ]
+}
+<% } -%>
diff --git a/sitemodules/profiles/templates/icinga2_master/constants.epp.conf b/sitemodules/profiles/templates/icinga2_master/constants.epp.conf
new file mode 100644
index 0000000..0baa08c
--- /dev/null
+++ b/sitemodules/profiles/templates/icinga2_master/constants.epp.conf
@@ -0,0 +1,32 @@
+<%- | String $ticket_salt
+| -%>
+/**
+ * This file defines global constants which can be used in
+ * the other configuration files.
+ *
+ * This file is managed by Puppet and should not be modified manually.
+ */
+
+/* The directory which contains the plugins from the Monitoring Plugins project. */
+const PluginDir = "/usr/lib/nagios/plugins"
+
+/* The directory which contains the Manubulon plugins.
+ * Check the documentation, chapter "SNMP Manubulon Plugin Check Commands", for details.
+ */
+const ManubulonPluginDir = "/usr/lib/nagios/plugins"
+
+/* The directory which you use to store additional plugins which ITL provides user contributed command definitions for.
+ * Check the documentation, chapter "Plugins Contribution", for details.
+ */
+const PluginContribDir = "/usr/lib/nagios/plugins"
+
+/* Our local instance name. By default this is the server's hostname as returned by `hostname --fqdn`.
+ * This should be the common name from the API certificate.
+ */
+const NodeName = "<%= $facts['fqdn'] %>"
+
+/* Our local zone name. */
+const ZoneName = "<%= $facts['fqdn'] %>"
+
+/* Secret key for remote node tickets */
+const TicketSalt = "<%= $ticket_salt %>"
diff --git a/sitemodules/profiles/templates/icinga2_master/features-available/api.app.conf b/sitemodules/profiles/templates/icinga2_master/features-available/api.app.conf
new file mode 100644
index 0000000..57dc0e9
--- /dev/null
+++ b/sitemodules/profiles/templates/icinga2_master/features-available/api.app.conf
@@ -0,0 +1,13 @@
+/**
+ * The API listener is used for distributed monitoring setups.
+ *
+ * This file is managed by Puppet and should not be modified manually.
+ */
+object ApiListener "api" {
+ cert_path = SysconfDir + "/icinga2/pki/" + NodeName + ".crt"
+ key_path = SysconfDir + "/icinga2/pki/" + NodeName + ".key"
+ ca_path = SysconfDir + "/icinga2/pki/ca.crt"
+ bind_host = "<%= $facts['ip_address'] %>"
+
+ ticket_salt = TicketSalt
+}
diff --git a/sitemodules/profiles/templates/icinga2_master/features-available/ido-pgsql.epp.conf b/sitemodules/profiles/templates/icinga2_master/features-available/ido-pgsql.epp.conf
new file mode 100644
index 0000000..8673f58
--- /dev/null
+++ b/sitemodules/profiles/templates/icinga2_master/features-available/ido-pgsql.epp.conf
@@ -0,0 +1,19 @@
+<%-| String $db_name,
+ String $db_user,
+ String $db_password
+|-%>
+/**
+ * The db_ido_pgsql library implements IDO functionality
+ * for PostgreSQL.
+ *
+ * This file is managed by Puppet and should not be modified manually.
+ */
+
+library "db_ido_pgsql"
+
+object IdoPgsqlConnection "ido-pgsql" {
+ user = "<%= $db_user %>",
+ password = "<%= $db_password %>",
+ host = "localhost",
+ database = "<%= $db_name %>"
+}
diff --git a/sitemodules/profiles/templates/icinga2_master/zones.epp.conf b/sitemodules/profiles/templates/icinga2_master/zones.epp.conf
new file mode 100644
index 0000000..ac74bbe
--- /dev/null
+++ b/sitemodules/profiles/templates/icinga2_master/zones.epp.conf
@@ -0,0 +1,12 @@
+/*
+ * This file is managed by Puppet and should not be modified manually.
+ */
+
+object Endpoint NodeName {
+}
+
+object Zone ZoneName {
+ endpoints = [ NodeName ]
+}
+
+