1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
|
# Class: profiles::icinga2_common
# ===============================
#
# Common configuration code for Icinga2 agent and master setups.
#
# This manifest is meant to be included from other manifests.
#
# Parameters
# ----------
#
# @param ca_certificate Icinga2 CA certificate content
# @param master_host Icinga2 master hostname
# @param master_certificate Icinga2 master certificate content
#
# Examples
# --------
#
# @example
# include profiles::icinga2_common
#
# Authors
# -------
#
# Jan Dittberner <jandd@cacert.org>
#
# Copyright
# ---------
#
# Copyright 2019 Jan Dittberner
class profiles::icinga2_common (
String $ca_certificate,
String $master_host,
String $master_certificate,
) {
class { '::icinga2':
manage_repo => false,
manage_package => false,
manage_service => false,
purge_features => false,
}
if $::lsbdistcodename == 'stretch' {
apt::pin { 'icinga2_backports':
packages => [
'icinga2',
'icinga2-bin',
'icinga2-common',
'icinga2-doc',
'icinga2-ido-pgsql',
'libicinga2',
],
priority => 500,
release => 'stretch-backports',
}
Apt::Pin['icinga2_backports'] -> Package <| name == 'icinga2' or name == 'icinga2-ido-pgsql' |>
}
package { 'icinga2':
ensure => latest,
}
file { '/var/lib/icinga2/certs':
ensure => directory,
owner => 'nagios',
group => 'nagios',
mode => '0700',
require => Package['icinga2'],
}
file { '/var/lib/icinga2/certs/ca.crt':
ensure => file,
content => $ca_certificate,
owner => 'nagios',
group => 'nagios',
mode => '0644',
require => File['/var/lib/icinga2/certs'],
}
file { "/var/lib/icinga2/certs/${master_host}.crt":
ensure => file,
content => $master_certificate,
owner => 'nagios',
group => 'nagios',
mode => '0644',
require => File['/var/lib/icinga2/certs'],
}
}
|
