summaryrefslogtreecommitdiff
path: root/sitemodules/profiles/manifests/icinga2_satellite.pp
blob: 2dea62b6643f644ed93e39932e56787439f435ed (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
# Class: profiles::icinga2_satellite
# ==================================
#
# This class installs and configures an Icinga2 satellite.
#
# Parameters
# ----------
#
# None
#
# Examples
# --------
#
# @example
#   class roles::myhost {
#     include profiles::icinga2_satellite
#   }
#
# Authors
# -------
#
# Jan Dittberner <jandd@cacert.org>
#
# Copyright
# ---------
#
# Copyright 2021 Jan Dittberner
class profiles::icinga2_satellite {
  include 'profiles::icinga2_common'
  include 'profiles::icinga2_agent'

  file { ['/usr/local/lib/nagios', '/usr/local/lib/nagios/plugins']:
    ensure => directory,
    owner  => 'root',
    group  => 'root',
    mode   => '0755',
  }

  $cacert_class1_file = '/usr/local/share/ca-certificates/cacert_class1_X0F.crt'
  $cacert_class3_file = '/usr/local/share/ca-certificates/cacert_class3_2021.crt'

  file { '/usr/local/lib/nagios/plugins/check_ocsp':
    ensure  => file,
    owner   => 'root',
    group   => 'root',
    mode    => '0755',
    source  => 'puppet:///modules/profiles/icinga2_external_commands/check_ocsp',
    require => [
      Package['ca-certificates'],
      File[$cacert_class1_file],
      File[$cacert_class3_file]
    ],
  }

  package {['rsync', 'python3-nagiosplugin', 'python3-cryptography']:
    ensure => present,
  }

  file { '/usr/local/lib/nagios/plugins/check_cacert_crl':
    ensure  => file,
    owner   => 'root',
    group   => 'root',
    mode    => '0755',
    source  => 'puppet:///modules/profiles/icinga2_external_commands/cacert_check_crl.py',
    require => [Package['rsync'], Package['python3-nagiosplugin'], Package['python3-cryptography']],
  }

  file { '/etc/icinga2/conf.d/external-commands.conf':
    ensure => absent,
  }
}