summaryrefslogtreecommitdiff
path: root/sitemodules/profiles/manifests/icinga2_agent.pp
blob: 3ea1bba73d2bdb62abcb7d46bb14f92c7ca49395 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
# Class: profiles::icinga2_agent
# ==============================
#
# This class installs and configures an Icinga2 agent.
#
# Parameters
# ----------
#
# @param pki_ticket         Ticket for getting a signed certificate
#                           from the master
#
# @param master_host        Hostname of the master
#
# @param master_certificate TLS certificate of the master
#
# Examples
# --------
#
# @example
#   class roles::myhost {
#     include profiles::icinga2_agent
#   }
#
# Authors
# -------
#
# Jan Dittberner <jandd@cacert.org>
#
# Copyright
# ---------
#
# Copyright 2019 Jan Dittberner
class profiles::icinga2_agent (
  String $pki_ticket,
  String $master_host,
  String $master_certificate,
) {
  include 'profiles::icinga2_common'

  file { "/var/lib/icinga2/certs/trusted-cert.crt":
    ensure  => file,
    content => $master_certificate,
    owner   => 'nagios',
    group   => 'nagios',
    mode    => '0644',
    require => File['/var/lib/icinga2/certs'],
  }

  class { '::icinga2':
    manage_repo => false,
    features    => ['mainlog'],
  }

  class { '::icinga2::feature::api':
    pki             => 'none',
    accept_config   => true,
    accept_commands => true,
    ticket_id       => $pki_ticket,
    endpoints       => {
      'NodeName' => {},
    },
    zones           => {
      'ZoneName'   => {
        'endpoints' => ['NodeName'],
        'parent'    => $master_host,
      },
      $master_host => {
        'endpoints' => [$master_host],
      },
    },
  }

  @@icinga2::object::endpoint { $::fqdn:
    ensure        => present,
    target        => "/etc/icinga2/zones.d/${::fqdn}.conf",
  }

  @@icinga2::object::zone { $::fqdn:
    ensure    => present,
    endpoints => [$::fqdn],
    parent    => $master_host,
    target        => "/etc/icinga2/zones.d/${::fqdn}.conf",
  }
}