summaryrefslogtreecommitdiff
path: root/sitemodules/profiles/manifests/icinga2_common.pp
blob: 83afcebd3176d45ab559adc13f68b4630984663f (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
# Class: profiles::icinga2_common
# ===============================
#
# Common configuration code for Icinga2 agent and master setups.
#
# This manifest is meant to be included from other manifests.
#
# Parameters
# ----------
#
# @param ca_certificate     Icinga2 CA certificate content
# @param master_host        Icinga2 master hostname
# @param master_certificate Icinga2 master certificate content
#
# Examples
# --------
#
# @example
#   include profiles::icinga2_common
#
# Authors
# -------
#
# Jan Dittberner <jandd@cacert.org>
#
# Copyright
# ---------
#
# Copyright 2019 Jan Dittberner
class profiles::icinga2_common (
  String $ca_certificate,
  String $master_host,
  String $master_certificate,
) {
  if $::lsbdistcodename == 'stretch' {
    apt::pin { 'icinga2_backports':
      packages => [
        'icinga2',
        'icinga2-bin',
        'icinga2-common',
        'icinga2-doc',
        'icinga2-ido-pgsql',
        'libicinga2',
      ],
      priority => 500,
      release  => 'stretch-backports',
    }
    Apt::Pin['icinga2_backports'] -> Package <| name == 'icinga2' or name == 'icinga2-ido-pgsql' |>
  }
  package { 'icinga2':
    ensure => latest,
  }
  file { '/var/lib/icinga2/certs':
    ensure  => directory,
    owner   => 'nagios',
    group   => 'nagios',
    mode    => '0700',
    require => Package['icinga2'],
  }
  file { '/var/lib/icinga2/certs/ca.crt':
    ensure  => file,
    content => $ca_certificate,
    owner   => 'nagios',
    group   => 'nagios',
    mode    => '0644',
    require => File['/var/lib/icinga2/certs'],
  }
  file { "/var/lib/icinga2/certs/${master_host}.crt":
    ensure  => file,
    content => $master_certificate,
    owner   => 'nagios',
    group   => 'nagios',
    mode    => '0644',
    require => File['/var/lib/icinga2/certs'],
  }
}