docker/icinga2
6
0
Fork 0
Code Issues Actions Packages Activity

add icinga master init
All checks were successful
build container icinga2 / build (push) Successful in 1m1s
Details

Browse Source
This commit is contained in:
Schreiner Pascal
2025-02-02 21:06:31 +01:00
parent 558f5bea02
commit e5b25658d8
2 changed files with 19 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
README.md
View File

@@ -26,6 +26,9 @@ All other var can be use at is, because all is in docker network and not exposed
Hints:
* API user setup only runs once at start up!
* Redis conf runs every time
* DONT Remove ICINGA_API_HOST var!
* This var set the hostname for the container.
* The hostname is used for icinga2 master setup
If you plan to use satellites and wish full auto deployment.
Set ICINGA2_API_USER_SATELLITE_PASS to get a API user for ticket generation (only on fist init).

16
init.sh
View File

@@ -5,13 +5,26 @@ ICINGA2_FILE_API_USER_CONF=/etc/icinga2/conf.d/api-users.conf
ICINGA2_FILE_ICINGADB_CONF=/etc/icinga2/features-enabled/icingadb.conf
ICINGA2_FILE_INFLUXDB_CONF=/etc/icinga2/features-enabled/influxdb.conf
ICINGA2_CONF_DIR='/etc/icinga2/conf.d'
ICINGA2_ZONE_MASTER='/etc/icinga2/zones.d/master'
ICINGA2_GLOBAL_TEMPLATES='/etc/icinga2/zones.d/global-templates'
## init icinga config files if need
if [ -z "$(ls -A /data)" ]; then
echo init icinga2 config
cp -ax /data-init/* /data
rm -rf /data-init
## init node as master and global templates
icinga2 node setup --master --disable-confd
mkdir -p $ICINGA2_GLOBAL_TEMPLATES
mkdir -p $ICINGA2_ZONE_MASTER
mv $ICINGA2_CONF_DIR/hosts.conf $ICINGA2_ZONE_MASTER/
mv $ICINGA2_CONF_DIR/*.conf $ICINGA2_GLOBAL_TEMPLATES/
mv $ICINGA2_GLOBAL_TEMPLATES/api-users.conf $ICINGA2_CONF_DIR/
fi
## init api user
if [ ! -f "$ICINGA2_FILE_API_CONF" ]; then
echo run api setup because no config exists
@@ -32,6 +45,9 @@ if [ ! -f "$ICINGA2_FILE_API_CONF" ]; then
echo ' permissions = [ "status/query", "actions/*", "objects/modify/*", "objects/query/*" ]' >> $ICINGA2_FILE_API_USER_CONF
echo '}' >> $ICINGA2_FILE_API_USER_CONF
fi
## only on inital setup create a pki-ticket api user if env var is set
## permission source: https://icinga.com/docs/icinga-2/latest/doc/06-distributed-monitoring/#csr-auto-signing-on-the-master
if [ ! -z "$ICINGA2_API_USER_SATELLITE_PASS" ]; then
echo set inital icingadb api user
echo 'object ApiUser "pki-ticket" {' >> $ICINGA2_FILE_API_USER_CONF