diff options
| author | Jan Dittberner <jandd@cacert.org> | 2019-07-21 12:48:18 +0200 |
|---|---|---|
| committer | Jan Dittberner <jandd@cacert.org> | 2019-07-21 12:48:18 +0200 |
| commit | 35771b450fcb2e03e38e8f5cb1c60602a855e5d9 (patch) | |
| tree | c9382b776cfcd6c7673dfbd0e01b47419ffea381 /sitemodules | |
| parent | 92d30ca710296814488ce50ba48d30f557451b81 (diff) | |
| download | cacert-puppet-35771b450fcb2e03e38e8f5cb1c60602a855e5d9.tar.gz cacert-puppet-35771b450fcb2e03e38e8f5cb1c60602a855e5d9.tar.xz cacert-puppet-35771b450fcb2e03e38e8f5cb1c60602a855e5d9.zip | |
Do not manage constants.conf
Let icinga2 node setup handle constants.conf, add global zone
definitions to zones.conf.epp and remove explicit zone and cn parameters
to node setup on master.
Diffstat (limited to 'sitemodules')
3 files changed, 8 insertions, 48 deletions
diff --git a/sitemodules/profiles/manifests/icinga2_master.pp b/sitemodules/profiles/manifests/icinga2_master.pp index d8d93c6..595112e 100644 --- a/sitemodules/profiles/manifests/icinga2_master.pp +++ b/sitemodules/profiles/manifests/icinga2_master.pp @@ -10,8 +10,6 @@ # @param web2_database_name database name for IcingaWeb2 database # @param web2_database_user database user for IcingaWeb2 database # @param web2_database_password database password for IcingaWeb2 database -# @param icinga2_ticket_salt salt for certificate request tickets for -# Icinga2 node authentication # @param api_users Icinga2 API users # @param ca_key Icinga2 CA private key content # @param master_key Icinga2 master private key content @@ -38,7 +36,6 @@ class profiles::icinga2_master ( String $web2_database_name, String $web2_database_user, String $web2_database_password, - String $icinga2_ticket_salt, Array[Hash[String, Variant[String, Tuple[String, 1]]]] $api_users, String $ca_key, String $master_key, @@ -61,16 +58,6 @@ class profiles::icinga2_master ( File['/var/cache/debconf/icinga2-ido-pgsql.preseed'], ] } - file { '/etc/icinga2/constants.conf': - ensure => file, - content => epp('profiles/icinga2_master/constants.conf.epp', { - 'ticket_salt' => $icinga2_ticket_salt - }), - owner => 'root', - group => 'nagios', - mode => '0640', - require => Package['icinga2'], - } file { '/etc/icinga2/icinga2.conf': ensure => file, source => 'puppet:///modules/profiles/icinga2_master/icinga2.conf', @@ -176,7 +163,7 @@ class profiles::icinga2_master ( mode => '0644', require => File['/var/lib/icinga2/ca'], } - exec { "/usr/sbin/icinga2 node setup --master --zone ${::facts['fqdn']} --cn ${::facts['fqdn']}": + exec { "/usr/sbin/icinga2 node setup --master": creates => "/etc/icinga2/features-enabled/api.conf", require => [ Package['icinga2'], @@ -198,7 +185,6 @@ class profiles::icinga2_master ( Package['icinga2-ido-pgsql'], ], subscribe => [ - File['/etc/icinga2/constants.conf'], File['/etc/icinga2/icinga2.conf'], File['/etc/icinga2/init.conf'], File['/etc/icinga2/features-enabled/checker.conf'], diff --git a/sitemodules/profiles/templates/icinga2_master/constants.conf.epp b/sitemodules/profiles/templates/icinga2_master/constants.conf.epp deleted file mode 100644 index 0baa08c..0000000 --- a/sitemodules/profiles/templates/icinga2_master/constants.conf.epp +++ /dev/null @@ -1,32 +0,0 @@ -<%- | String $ticket_salt -| -%> -/** - * This file defines global constants which can be used in - * the other configuration files. - * - * This file is managed by Puppet and should not be modified manually. - */ - -/* The directory which contains the plugins from the Monitoring Plugins project. */ -const PluginDir = "/usr/lib/nagios/plugins" - -/* The directory which contains the Manubulon plugins. - * Check the documentation, chapter "SNMP Manubulon Plugin Check Commands", for details. - */ -const ManubulonPluginDir = "/usr/lib/nagios/plugins" - -/* The directory which you use to store additional plugins which ITL provides user contributed command definitions for. - * Check the documentation, chapter "Plugins Contribution", for details. - */ -const PluginContribDir = "/usr/lib/nagios/plugins" - -/* Our local instance name. By default this is the server's hostname as returned by `hostname --fqdn`. - * This should be the common name from the API certificate. - */ -const NodeName = "<%= $facts['fqdn'] %>" - -/* Our local zone name. */ -const ZoneName = "<%= $facts['fqdn'] %>" - -/* Secret key for remote node tickets */ -const TicketSalt = "<%= $ticket_salt %>" diff --git a/sitemodules/profiles/templates/icinga2_master/zones.conf.epp b/sitemodules/profiles/templates/icinga2_master/zones.conf.epp index ac74bbe..3430fae 100644 --- a/sitemodules/profiles/templates/icinga2_master/zones.conf.epp +++ b/sitemodules/profiles/templates/icinga2_master/zones.conf.epp @@ -6,7 +6,13 @@ object Endpoint NodeName { } object Zone ZoneName { - endpoints = [ NodeName ] + endpoints = [ NodeName ] } +object Zone "global-templates" { + global = true +} +object Zone "director-global" { + global = true +} |