diff options
| author | Jan Dittberner <jandd@cacert.org> | 2019-07-19 22:32:44 +0200 |
|---|---|---|
| committer | Jan Dittberner <jandd@cacert.org> | 2019-07-19 22:32:44 +0200 |
| commit | 75fe9c5c44d8645f43cb604c1cb3d7344a77ecd7 (patch) | |
| tree | bafb4b8cd2f11a4b89faabd6941ab2a8bfd19ea0 /sitemodules/profiles/templates | |
| parent | 7057c8f72da80f2bfd374c3ec1a18ee7f9971ee3 (diff) | |
| download | cacert-puppet-75fe9c5c44d8645f43cb604c1cb3d7344a77ecd7.tar.gz cacert-puppet-75fe9c5c44d8645f43cb604c1cb3d7344a77ecd7.tar.xz cacert-puppet-75fe9c5c44d8645f43cb604c1cb3d7344a77ecd7.zip | |
Add Icinga2 master configuration files
Diffstat (limited to 'sitemodules/profiles/templates')
5 files changed, 91 insertions, 0 deletions
diff --git a/sitemodules/profiles/templates/icinga2_master/conf.d/api-users.epp.conf b/sitemodules/profiles/templates/icinga2_master/conf.d/api-users.epp.conf new file mode 100644 index 0000000..4b73364 --- /dev/null +++ b/sitemodules/profiles/templates/icinga2_master/conf.d/api-users.epp.conf @@ -0,0 +1,15 @@ +<%- | Array[Hash[String, String]] $api_users +| -%> +/** + * The APIUser objects are used for authentication against the API. + * + * This file is managed by Puppet and should not be modified manually. + */ +<%- $api_users.each |api_user| { -%> +object ApiUser "<%= api_user['username'] %> { + password = "<%= api_user['password'] %>" + // client_cn = "" + + permissions = [ "<%= $api_user['permissions'].join('", "') %>" ] +} +<% } -%> diff --git a/sitemodules/profiles/templates/icinga2_master/constants.epp.conf b/sitemodules/profiles/templates/icinga2_master/constants.epp.conf new file mode 100644 index 0000000..0baa08c --- /dev/null +++ b/sitemodules/profiles/templates/icinga2_master/constants.epp.conf @@ -0,0 +1,32 @@ +<%- | String $ticket_salt +| -%> +/** + * This file defines global constants which can be used in + * the other configuration files. + * + * This file is managed by Puppet and should not be modified manually. + */ + +/* The directory which contains the plugins from the Monitoring Plugins project. */ +const PluginDir = "/usr/lib/nagios/plugins" + +/* The directory which contains the Manubulon plugins. + * Check the documentation, chapter "SNMP Manubulon Plugin Check Commands", for details. + */ +const ManubulonPluginDir = "/usr/lib/nagios/plugins" + +/* The directory which you use to store additional plugins which ITL provides user contributed command definitions for. + * Check the documentation, chapter "Plugins Contribution", for details. + */ +const PluginContribDir = "/usr/lib/nagios/plugins" + +/* Our local instance name. By default this is the server's hostname as returned by `hostname --fqdn`. + * This should be the common name from the API certificate. + */ +const NodeName = "<%= $facts['fqdn'] %>" + +/* Our local zone name. */ +const ZoneName = "<%= $facts['fqdn'] %>" + +/* Secret key for remote node tickets */ +const TicketSalt = "<%= $ticket_salt %>" diff --git a/sitemodules/profiles/templates/icinga2_master/features-available/api.app.conf b/sitemodules/profiles/templates/icinga2_master/features-available/api.app.conf new file mode 100644 index 0000000..57dc0e9 --- /dev/null +++ b/sitemodules/profiles/templates/icinga2_master/features-available/api.app.conf @@ -0,0 +1,13 @@ +/** + * The API listener is used for distributed monitoring setups. + * + * This file is managed by Puppet and should not be modified manually. + */ +object ApiListener "api" { + cert_path = SysconfDir + "/icinga2/pki/" + NodeName + ".crt" + key_path = SysconfDir + "/icinga2/pki/" + NodeName + ".key" + ca_path = SysconfDir + "/icinga2/pki/ca.crt" + bind_host = "<%= $facts['ip_address'] %>" + + ticket_salt = TicketSalt +} diff --git a/sitemodules/profiles/templates/icinga2_master/features-available/ido-pgsql.epp.conf b/sitemodules/profiles/templates/icinga2_master/features-available/ido-pgsql.epp.conf new file mode 100644 index 0000000..8673f58 --- /dev/null +++ b/sitemodules/profiles/templates/icinga2_master/features-available/ido-pgsql.epp.conf @@ -0,0 +1,19 @@ +<%-| String $db_name, + String $db_user, + String $db_password +|-%> +/** + * The db_ido_pgsql library implements IDO functionality + * for PostgreSQL. + * + * This file is managed by Puppet and should not be modified manually. + */ + +library "db_ido_pgsql" + +object IdoPgsqlConnection "ido-pgsql" { + user = "<%= $db_user %>", + password = "<%= $db_password %>", + host = "localhost", + database = "<%= $db_name %>" +} diff --git a/sitemodules/profiles/templates/icinga2_master/zones.epp.conf b/sitemodules/profiles/templates/icinga2_master/zones.epp.conf new file mode 100644 index 0000000..ac74bbe --- /dev/null +++ b/sitemodules/profiles/templates/icinga2_master/zones.epp.conf @@ -0,0 +1,12 @@ +/* + * This file is managed by Puppet and should not be modified manually. + */ + +object Endpoint NodeName { +} + +object Zone ZoneName { + endpoints = [ NodeName ] +} + + |