From 75a96e7ce55f92c855324fe1b45017ade38e7004 Mon Sep 17 00:00:00 2001 From: Jan Dittberner Date: Sun, 21 Jul 2019 14:49:56 +0200 Subject: Add missing changes for icinga2 module --- sitemodules/profiles/manifests/icinga2_common.pp | 9 +- sitemodules/profiles/manifests/icinga2_master.pp | 259 +++++++++-------------- 2 files changed, 101 insertions(+), 167 deletions(-) diff --git a/sitemodules/profiles/manifests/icinga2_common.pp b/sitemodules/profiles/manifests/icinga2_common.pp index 0c9bb0a..7cfdf91 100644 --- a/sitemodules/profiles/manifests/icinga2_common.pp +++ b/sitemodules/profiles/manifests/icinga2_common.pp @@ -33,10 +33,8 @@ class profiles::icinga2_common ( String $master_certificate, ) { class { '::icinga2': - manage_repo => false, - manage_package => false, - manage_service => false, - purge_features => false, + manage_repo => false, + features => ['mainlog'] } if $::lsbdistcodename == 'stretch' { apt::pin { 'icinga2_backports': @@ -53,9 +51,6 @@ class profiles::icinga2_common ( } Apt::Pin['icinga2_backports'] -> Package <| name == 'icinga2' or name == 'icinga2-ido-pgsql' |> } - package { 'icinga2': - ensure => latest, - } file { '/var/lib/icinga2/certs': ensure => directory, owner => 'nagios', diff --git a/sitemodules/profiles/manifests/icinga2_master.pp b/sitemodules/profiles/manifests/icinga2_master.pp index e200fb3..ce196e0 100644 --- a/sitemodules/profiles/manifests/icinga2_master.pp +++ b/sitemodules/profiles/manifests/icinga2_master.pp @@ -42,6 +42,19 @@ class profiles::icinga2_master ( ) { include 'profiles::icinga2_common' + postgresql::server::db { 'icinga2': + user => 'icinga2', + password => postgresql_password('icinga2', $ido_database_password), + } + + class { '::icinga2::feature::idopgsql': + user => 'icinga2', + password => $ido_database_password, + database => 'icinga2', + import_schema => true, + require => Postgresql::Server::Db['icinga2'], + } + class { '::icinga2::feature::api': endpoints => { $::fqdn => {}, @@ -53,170 +66,96 @@ class profiles::icinga2_master ( }, } - postgresql::server::db { 'icinga2': - user => 'icinga2', - password => postgresql_password('icinga2', $ido_database_password), - } - icinga2::object::zone { 'global-templates': global => true, } - file { '/var/cache/debconf/icinga2-ido-pgsql.preseed': - ensure => file, - source => 'puppet:///modules/profiles/icinga2_master/icinga2-ido-pgsql.preseed', - owner => 'root', - group => 'root', - mode => '0600', - } - package { 'icinga2-ido-pgsql': - ensure => latest, - responsefile => '/var/cache/debconf/icinga2-ido-pgsql.preseed', - require => [ - Package['icinga2'], - File['/var/cache/debconf/icinga2-ido-pgsql.preseed'], - ] - } - file { '/etc/icinga2/icinga2.conf': - ensure => file, - source => 'puppet:///modules/profiles/icinga2_master/icinga2.conf', - owner => 'root', - group => 'root', - mode => '0644', - } - file { '/etc/icinga2/init.conf': - ensure => file, - source => 'puppet:///modules/profiles/icinga2_master/init.conf', - owner => 'root', - group => 'root', - mode => '0644', - } - file { '/etc/icinga2/features-available/checker.conf': - ensure => file, - source => 'puppet:///modules/profiles/icinga2_master/features-available/checker.conf', - owner => 'root', - group => 'root', - mode => '0644', - require => Package['icinga2'], - } - file { '/etc/icinga2/features-available/mainlog.conf': - ensure => file, - source => 'puppet:///modules/profiles/icinga2_master/features-available/mainlog.conf', - owner => 'root', - group => 'root', - mode => '0644', - require => Package['icinga2'], - } - file { '/etc/icinga2/features-enabled/checker.conf': - ensure => link, - target => '/etc/icinga2/features-available/checker.conf', - owner => 'root', - group => 'root', - } - file { '/etc/icinga2/features-enabled/mainlog.conf': - ensure => link, - target => '/etc/icinga2/features-available/mainlog.conf', - owner => 'root', - group => 'root', - } - file { '/etc/icinga2/features-enabled/notification.conf': - ensure => link, - target => '/etc/icinga2/features-available/notification.conf', - owner => 'root', - group => 'root', - } - file { '/etc/icinga2/zones.conf': - ensure => file, - content => epp('profiles/icinga2_master/zones.conf.epp'), - owner => 'root', - group => 'root', - mode => '0644', - require => Package['icinga2'], - } - file { '/etc/icinga2/conf.d/api-users.conf': - ensure => file, - content => epp('profiles/icinga2_master/conf.d/api-users.conf.epp', { - 'api_users' => $api_users - }), - owner => 'root', - group => 'nagios', - mode => '0640', - require => Package['icinga2'], - } - file { "/var/lib/icinga2/certs/${::facts['fqdn']}.key": - ensure => file, - owner => 'nagios', - group => 'nagios', - mode => '0600', - content => $master_key, - require => File['/var/lib/icinga2/certs'], - } - file { "/var/lib/icinga2/certs/${::facts['fqdn']}.csr": - ensure => file, - owner => 'nagios', - group => 'nagios', - mode => '0644', - content => $master_csr, - require => File['/var/lib/icinga2/certs'], - } - file { '/var/lib/icinga2/ca': - ensure => directory, - owner => 'nagios', - group => 'nagios', - mode => '0700', - require => Package['icinga2'], - } - file { '/var/lib/icinga2/ca/ca.key': - ensure => file, - content => $ca_key, - owner => 'nagios', - group => 'nagios', - mode => '0600', - require => File['/var/lib/icinga2/ca'], - } - file { '/var/lib/icinga2/ca/ca.crt': - ensure => file, - content => $::profiles::icinga2_common::ca_certificate, - owner => 'nagios', - group => 'nagios', - mode => '0644', - require => File['/var/lib/icinga2/ca'], - } - exec { "/usr/sbin/icinga2 node setup --master": - creates => "/etc/icinga2/features-enabled/api.conf", - require => [ - Package['icinga2'], - File['/var/lib/icinga2/ca/ca.key'], - File["/var/lib/icinga2/certs/${::facts['fqdn']}.key"] - ], - notify => Service['icinga2'], - } - exec { '/usr/sbin/icinga2 feature enable ido-pgsql': - creates => "/etc/icinga2/features-enabled/ido-pgsql.conf", - require => Package['icinga2-ido-pgsql'], - notify => Service['icinga2'], - } - service { 'icinga2': - ensure => 'running', - enable => true, - require => [ - Package['icinga2'], - Package['icinga2-ido-pgsql'], - ], - subscribe => [ - File['/etc/icinga2/icinga2.conf'], - File['/etc/icinga2/init.conf'], - File['/etc/icinga2/features-enabled/checker.conf'], - File['/etc/icinga2/features-enabled/mainlog.conf'], - File['/etc/icinga2/features-enabled/notification.conf'], - File['/etc/icinga2/zones.conf'], - File['/etc/icinga2/conf.d/api-users.conf'], - File['/var/lib/icinga2/ca'], - File['/var/lib/icinga2/ca/ca.key'], - File['/var/lib/icinga2/ca/ca.crt'], - File['/var/lib/icinga2/certs/ca.crt'], - ], - } + #file { '/etc/icinga2/conf.d/api-users.conf': + # ensure => file, + # content => epp('profiles/icinga2_master/conf.d/api-users.conf.epp', { + # 'api_users' => $api_users + # }), + # owner => 'root', + # group => 'nagios', + # mode => '0640', + # require => Package['icinga2'], + #} + + create_resources(icinga2::object::apiuser, $api_users) + #file { "/var/lib/icinga2/certs/${::facts['fqdn']}.key": + # ensure => file, + # owner => 'nagios', + # group => 'nagios', + # mode => '0600', + # content => $master_key, + # require => File['/var/lib/icinga2/certs'], + #} + #file { "/var/lib/icinga2/certs/${::facts['fqdn']}.csr": + # ensure => file, + # owner => 'nagios', + # group => 'nagios', + # mode => '0644', + # content => $master_csr, + # require => File['/var/lib/icinga2/certs'], + #} + #file { '/var/lib/icinga2/ca': + # ensure => directory, + # owner => 'nagios', + # group => 'nagios', + # mode => '0700', + # require => Package['icinga2'], + #} + #file { '/var/lib/icinga2/ca/ca.key': + # ensure => file, + # content => $ca_key, + # owner => 'nagios', + # group => 'nagios', + # mode => '0600', + # require => File['/var/lib/icinga2/ca'], + #} + #file { '/var/lib/icinga2/ca/ca.crt': + # ensure => file, + # content => $::profiles::icinga2_common::ca_certificate, + # owner => 'nagios', + # group => 'nagios', + # mode => '0644', + # require => File['/var/lib/icinga2/ca'], + #} + #exec { "/usr/sbin/icinga2 node setup --master": + # creates => "/etc/icinga2/features-enabled/api.conf", + # require => [ + # Package['icinga2'], + # File['/var/lib/icinga2/ca/ca.key'], + # File["/var/lib/icinga2/certs/${::facts['fqdn']}.key"] + # ], + # notify => Service['icinga2'], + #} + #exec { '/usr/sbin/icinga2 feature enable ido-pgsql': + # creates => "/etc/icinga2/features-enabled/ido-pgsql.conf", + # require => Package['icinga2-ido-pgsql'], + # notify => Service['icinga2'], + #} + #service { 'icinga2': + # ensure => 'running', + # enable => true, + # require => [ + # Package['icinga2'], + # Package['icinga2-ido-pgsql'], + # ], + # subscribe => [ + # File['/etc/icinga2/icinga2.conf'], + # File['/etc/icinga2/init.conf'], + # File['/etc/icinga2/features-enabled/checker.conf'], + # File['/etc/icinga2/features-enabled/mainlog.conf'], + # File['/etc/icinga2/features-enabled/notification.conf'], + # File['/etc/icinga2/zones.conf'], + # File['/etc/icinga2/conf.d/api-users.conf'], + # File['/var/lib/icinga2/ca'], + # File['/var/lib/icinga2/ca/ca.key'], + # File['/var/lib/icinga2/ca/ca.crt'], + # File['/var/lib/icinga2/certs/ca.crt'], + # ], + #} Icinga2::Object::Zone <<| |>> ~> Service['icinga2'] Icinga2::Object::Endpoint <<| |>> ~> Service['icinga2'] -- cgit v1.2.1