1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
|
# Class: profiles::icinga2_agent
# ==============================
#
# This class installs and configures an Icinga2 agent.
#
# Parameters
# ----------
#
# @param pki_ticket Ticket for getting a signed certificate
# from the master
#
# @param master_host Hostname of the master
#
# @param master_certificate TLS certificate of the master
#
# Examples
# --------
#
# @example
# class roles::myhost {
# include profiles::icinga2_agent
# }
#
# Authors
# -------
#
# Jan Dittberner <jandd@cacert.org>
#
# Copyright
# ---------
#
# Copyright 2019 Jan Dittberner
class profiles::icinga2_agent (
String $pki_ticket,
String $master_host,
String $master_certificate,
) {
include 'profiles::icinga2_common'
file { "/var/lib/icinga2/certs/trusted-cert.crt":
ensure => file,
content => $master_certificate,
owner => 'nagios',
group => 'nagios',
mode => '0644',
require => File['/var/lib/icinga2/certs'],
}
class { '::icinga2':
manage_repo => false,
features => ['mainlog'],
}
class { '::icinga2::feature::api':
pki => 'none',
accept_config => true,
accept_commands => true,
ticket_id => $pki_ticket,
endpoints => {
'NodeName' => {},
$master_host => {
host => $master_host,
},
},
zones => {
'ZoneName' => {
'endpoints' => ['NodeName'],
'parent' => $master_host,
},
$master_host => {
'endpoints' => [$master_host],
},
},
}
icinga2::object::zone { 'global-templates':
global => true,
}
@@icinga2::object::endpoint { $::fqdn:
ensure => present,
target => "/etc/icinga2/zones.d/${::fqdn}.conf",
}
@@icinga2::object::zone { $::fqdn:
ensure => present,
endpoints => [$::fqdn],
parent => $master_host,
target => "/etc/icinga2/zones.d/${::fqdn}.conf",
}
}
|