docker/icinga2
6
0
Fork 0
Code Issues Actions Packages Activity

remove api setup because master init do it
All checks were successful
build container icinga2 / build (push) Successful in 2m35s
Details

Browse Source
This commit is contained in:
Schreiner Pascal
2025-02-02 21:13:57 +01:00
parent 6d1b917631
commit f224e974b0
1 changed files with 22 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

50
init.sh
View File

@@ -25,37 +25,31 @@ if [ -z "$(ls -A /data)" ]; then
fi fi
## init api user ## only on inital setup replace one time the api root user password if a env var is set
if [ ! -f "$ICINGA2_FILE_API_CONF" ]; then if [ ! -z "$ICINGA2_API_USER_ROOT_PASS" ]; then
echo run api setup because no config exists echo set inital api root user password
/usr/sbin/icinga2 api setup sed -i "s|password = \".*\"|password = \"$ICINGA2_API_USER_ROOT_PASS\"|g" $ICINGA2_FILE_API_USER_CONF
fi
## only on inital setup replace one time the api root user password if a env var is set ## only on inital setup create a icingaweb api user if env var is set
if [ ! -z "$ICINGA2_API_USER_ROOT_PASS" ]; then ## permission source: https://icinga.com/docs/icinga-web/latest/modules/monitoring/doc/05-Command-Transports/
echo set inital api root user password if [ ! -z "$ICINGA2_API_USER_ICINGAWEB_PASS" ]; then
sed -i "s|password = \".*\"|password = \"$ICINGA2_API_USER_ROOT_PASS\"|g" $ICINGA2_FILE_API_USER_CONF echo set inital icingadb api user
fi echo 'object ApiUser "icingaweb2" {' >> $ICINGA2_FILE_API_USER_CONF
echo " password = \"$ICINGA2_API_USER_ICINGAWEB_PASS\"" >> $ICINGA2_FILE_API_USER_CONF
echo ' permissions = [ "status/query", "actions/*", "objects/modify/*", "objects/query/*" ]' >> $ICINGA2_FILE_API_USER_CONF
echo '}' >> $ICINGA2_FILE_API_USER_CONF
fi
## only on inital setup create a icingaweb api user if env var is set ## only on inital setup create a pki-ticket api user if env var is set
## permission source: https://icinga.com/docs/icinga-web/latest/modules/monitoring/doc/05-Command-Transports/ ## permission source: https://icinga.com/docs/icinga-2/latest/doc/06-distributed-monitoring/#csr-auto-signing-on-the-master
if [ ! -z "$ICINGA2_API_USER_ICINGAWEB_PASS" ]; then if [ ! -z "$ICINGA2_API_USER_SATELLITE_PASS" ]; then
echo set inital icingadb api user echo set inital icingadb api user
echo 'object ApiUser "icingaweb2" {' >> $ICINGA2_FILE_API_USER_CONF echo 'object ApiUser "pki-ticket" {' >> $ICINGA2_FILE_API_USER_CONF
echo " password = \"$ICINGA2_API_USER_ICINGAWEB_PASS\"" >> $ICINGA2_FILE_API_USER_CONF echo " password = \"$ICINGA2_API_USER_SATELLITE_PASS\"" >> $ICINGA2_FILE_API_USER_CONF
echo ' permissions = [ "status/query", "actions/*", "objects/modify/*", "objects/query/*" ]' >> $ICINGA2_FILE_API_USER_CONF echo ' permissions = [ "actions/generate-ticket" ]' >> $ICINGA2_FILE_API_USER_CONF
echo '}' >> $ICINGA2_FILE_API_USER_CONF echo '}' >> $ICINGA2_FILE_API_USER_CONF
fi
## only on inital setup create a pki-ticket api user if env var is set
## permission source: https://icinga.com/docs/icinga-2/latest/doc/06-distributed-monitoring/#csr-auto-signing-on-the-master
if [ ! -z "$ICINGA2_API_USER_SATELLITE_PASS" ]; then
echo set inital icingadb api user
echo 'object ApiUser "pki-ticket" {' >> $ICINGA2_FILE_API_USER_CONF
echo " password = \"$ICINGA2_API_USER_SATELLITE_PASS\"" >> $ICINGA2_FILE_API_USER_CONF
echo ' permissions = [ "actions/generate-ticket" ]' >> $ICINGA2_FILE_API_USER_CONF
echo '}' >> $ICINGA2_FILE_API_USER_CONF
fi
fi fi
## enable icingadb feature if not active ## enable icingadb feature if not active