docker/icinga2
6
0
Fork 0
Code Issues Actions Packages Activity

add icinga master init
All checks were successful
build container icinga2 / build (push) Successful in 1m1s
Details

Browse Source
This commit is contained in:
Schreiner Pascal
2025-02-02 21:06:31 +01:00
parent 558f5bea02
commit e5b25658d8
2 changed files with 19 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
README.md
View File

@@ -26,6 +26,9 @@ All other var can be use at is, because all is in docker network and not exposed
Hints: Hints:
* API user setup only runs once at start up! * API user setup only runs once at start up!
* Redis conf runs every time * Redis conf runs every time
* DONT Remove ICINGA_API_HOST var!
* This var set the hostname for the container.
* The hostname is used for icinga2 master setup
If you plan to use satellites and wish full auto deployment. If you plan to use satellites and wish full auto deployment.
Set ICINGA2_API_USER_SATELLITE_PASS to get a API user for ticket generation (only on fist init). Set ICINGA2_API_USER_SATELLITE_PASS to get a API user for ticket generation (only on fist init).

16
init.sh
View File

@@ -5,13 +5,26 @@ ICINGA2_FILE_API_USER_CONF=/etc/icinga2/conf.d/api-users.conf
ICINGA2_FILE_ICINGADB_CONF=/etc/icinga2/features-enabled/icingadb.conf ICINGA2_FILE_ICINGADB_CONF=/etc/icinga2/features-enabled/icingadb.conf
ICINGA2_FILE_INFLUXDB_CONF=/etc/icinga2/features-enabled/influxdb.conf ICINGA2_FILE_INFLUXDB_CONF=/etc/icinga2/features-enabled/influxdb.conf
ICINGA2_CONF_DIR='/etc/icinga2/conf.d'
ICINGA2_ZONE_MASTER='/etc/icinga2/zones.d/master'
ICINGA2_GLOBAL_TEMPLATES='/etc/icinga2/zones.d/global-templates'
## init icinga config files if need ## init icinga config files if need
if [ -z "$(ls -A /data)" ]; then if [ -z "$(ls -A /data)" ]; then
echo init icinga2 config echo init icinga2 config
cp -ax /data-init/* /data cp -ax /data-init/* /data
rm -rf /data-init rm -rf /data-init
## init node as master and global templates
icinga2 node setup --master --disable-confd
mkdir -p $ICINGA2_GLOBAL_TEMPLATES
mkdir -p $ICINGA2_ZONE_MASTER
mv $ICINGA2_CONF_DIR/hosts.conf $ICINGA2_ZONE_MASTER/
mv $ICINGA2_CONF_DIR/*.conf $ICINGA2_GLOBAL_TEMPLATES/
mv $ICINGA2_GLOBAL_TEMPLATES/api-users.conf $ICINGA2_CONF_DIR/
fi fi
## init api user ## init api user
if [ ! -f "$ICINGA2_FILE_API_CONF" ]; then if [ ! -f "$ICINGA2_FILE_API_CONF" ]; then
echo run api setup because no config exists echo run api setup because no config exists
@@ -32,6 +45,9 @@ if [ ! -f "$ICINGA2_FILE_API_CONF" ]; then
echo ' permissions = [ "status/query", "actions/*", "objects/modify/*", "objects/query/*" ]' >> $ICINGA2_FILE_API_USER_CONF echo ' permissions = [ "status/query", "actions/*", "objects/modify/*", "objects/query/*" ]' >> $ICINGA2_FILE_API_USER_CONF
echo '}' >> $ICINGA2_FILE_API_USER_CONF echo '}' >> $ICINGA2_FILE_API_USER_CONF
fi fi
## only on inital setup create a pki-ticket api user if env var is set
## permission source: https://icinga.com/docs/icinga-2/latest/doc/06-distributed-monitoring/#csr-auto-signing-on-the-master
if [ ! -z "$ICINGA2_API_USER_SATELLITE_PASS" ]; then if [ ! -z "$ICINGA2_API_USER_SATELLITE_PASS" ]; then
echo set inital icingadb api user echo set inital icingadb api user
echo 'object ApiUser "pki-ticket" {' >> $ICINGA2_FILE_API_USER_CONF echo 'object ApiUser "pki-ticket" {' >> $ICINGA2_FILE_API_USER_CONF