add mqtt python lib sys wide

Dockerfile

@@ -1,9 +1,9 @@
 FROM debian:bookworm-slim
 LABEL maintainer="docker@ao-it.net"
 
+ARG DEBIAN_FRONTEND=noninteractive
 ## prepare requirements
 RUN ["bash", "-exo", "pipefail", "-c", "\
-    export DEBIAN_FRONTEND=noninteractive ; \
     apt update ; \ 
     apt install -y wget gnupg ; \
     wget -O - https://packages.icinga.com/icinga.key | \
@@ -16,7 +16,6 @@ RUN ["bash", "-exo", "pipefail", "-c", "\
 
 ## install icinga2 
 RUN ["bash", "-exo", "pipefail", "-c", "\
-    export DEBIAN_FRONTEND=noninteractive ; \
     apt update ; \
     apt install -y icinga2 monitoring-plugins ; \
     mkdir -p /run/icinga2 ; \
@@ -24,6 +23,20 @@ RUN ["bash", "-exo", "pipefail", "-c", "\
     apt clean all ; \
     rm -vrf /var/lib/apt/lists/* "]
 
+## install easysnmp
+# need for full-features (add maybe if need): libsnmp-dev snmp-mibs-downloader
+# sed -i 's|main|main non-free|g' $SOURCELIST_FILE ; \
+# ARG SOURCELIST_FILE="/etc/apt/sources.list.d/debian.sources"
+RUN ["bash", "-exo", "pipefail", "-c", "\
+    apt update ; \
+    apt-get install -y \
+        python3-requests \
+        python3-easysnmp \
+        python3-paho-mqtt \
+        python3-nagiosplugin; \
+    apt clean all ; \
+    rm -vrf /var/lib/apt/lists/* "]
+
 ## create persistend data store
 RUN ["bash", "-exo", "pipefail", "-c", "\
     mkdir -p /data ; \
@@ -37,6 +50,11 @@ RUN ["bash", "-exo", "pipefail", "-c", "\
     ln -vs /data/var/icinga2 /var/lib/icinga2 ; \
     ln -vs /data/plugins /usr/lib/nagios/plugins "]
 
+## basic aliases
+RUN ["bash", "-exo", "pipefail", "-c", "\
+    echo alias icinga2reload=\"'/usr/lib/icinga2/safe-reload /etc/default/icinga2'\" >> /root/.bashrc ; \
+    echo alias icinga2checkconfig=\"'icinga2 daemon -C -X'\" >> /root/.bashrc "]
+
 COPY init.sh /root/init.sh
     
 EXPOSE 5665

compose.yml

@@ -61,8 +61,9 @@ services:
     restart: always
     volumes:
       - ./files/icinga2:/data
+      - /etc/localtime:/etc/localtime:ro
     ports:
-      - ${ICINGA_API_PORT:5665}:5665  # only need if you plan to use api from other sources as icingaweb2
+      - ${ICINGA_API_PORT:-5665}:5665  # only need if you plan to use api from other sources as icingaweb2
     networks:
       - icinga
       #- backend

init.sh

@@ -22,35 +22,38 @@ if [ -z "$(ls -A /data)" ]; then
     mv $ICINGA2_CONF_DIR/hosts.conf $ICINGA2_ZONE_MASTER/
     mv $ICINGA2_CONF_DIR/*.conf $ICINGA2_GLOBAL_TEMPLATES/
     mv $ICINGA2_GLOBAL_TEMPLATES/api-users.conf $ICINGA2_CONF_DIR/
+
+    ## only on inital setup replace one time the api root user password if a env var is set
+    if [ ! -z "$ICINGA2_API_USER_ROOT_PASS" ]; then
+        echo set inital api root user password
+        sed -i "s|password = \".*\"|password = \"$ICINGA2_API_USER_ROOT_PASS\"|g" $ICINGA2_FILE_API_USER_CONF
+    fi
+    
+    ## only on inital setup create a icingaweb api user if env var is set
+    ## permission source: https://icinga.com/docs/icinga-web/latest/modules/monitoring/doc/05-Command-Transports/
+    if [ ! -z "$ICINGA2_API_USER_ICINGAWEB_PASS" ]; then
+        echo set inital icingadb api user
+        echo 'object ApiUser "icingaweb2" {' >> $ICINGA2_FILE_API_USER_CONF
+        echo "  password = \"$ICINGA2_API_USER_ICINGAWEB_PASS\"" >> $ICINGA2_FILE_API_USER_CONF
+        echo '  permissions = [ "status/query", "actions/*", "objects/modify/*", "objects/query/*" ]' >> $ICINGA2_FILE_API_USER_CONF
+        echo '}' >> $ICINGA2_FILE_API_USER_CONF
+    fi
+
+    ## only on inital setup create a pki-ticket api user if env var is set
+    ## permission source: https://icinga.com/docs/icinga-2/latest/doc/06-distributed-monitoring/#csr-auto-signing-on-the-master
+    if [ ! -z "$ICINGA2_API_USER_SATELLITE_PASS" ]; then
+        echo set inital pki-ticket api user
+        echo 'object ApiUser "pki-ticket" {' >> $ICINGA2_FILE_API_USER_CONF
+        echo "  password = \"$ICINGA2_API_USER_SATELLITE_PASS\"" >> $ICINGA2_FILE_API_USER_CONF
+        echo '  permissions = [ "actions/generate-ticket" ]' >> $ICINGA2_FILE_API_USER_CONF
+        echo '}' >> $ICINGA2_FILE_API_USER_CONF
+
+    fi
+    
 fi
 
 
-## only on inital setup replace one time the api root user password if a env var is set
-if [ ! -z "$ICINGA2_API_USER_ROOT_PASS" ]; then
-    echo set inital api root user password
-    sed -i "s|password = \".*\"|password = \"$ICINGA2_API_USER_ROOT_PASS\"|g" $ICINGA2_FILE_API_USER_CONF
-fi
 
-## only on inital setup create a icingaweb api user if env var is set
-## permission source: https://icinga.com/docs/icinga-web/latest/modules/monitoring/doc/05-Command-Transports/
-if [ ! -z "$ICINGA2_API_USER_ICINGAWEB_PASS" ]; then
-    echo set inital icingadb api user
-    echo 'object ApiUser "icingaweb2" {' >> $ICINGA2_FILE_API_USER_CONF
-    echo "  password = \"$ICINGA2_API_USER_ICINGAWEB_PASS\"" >> $ICINGA2_FILE_API_USER_CONF
-    echo '  permissions = [ "status/query", "actions/*", "objects/modify/*", "objects/query/*" ]' >> $ICINGA2_FILE_API_USER_CONF
-    echo '}' >> $ICINGA2_FILE_API_USER_CONF
-fi
-
-## only on inital setup create a pki-ticket api user if env var is set
-## permission source: https://icinga.com/docs/icinga-2/latest/doc/06-distributed-monitoring/#csr-auto-signing-on-the-master
-if [ ! -z "$ICINGA2_API_USER_SATELLITE_PASS" ]; then
-    echo set inital icingadb api user
-    echo 'object ApiUser "pki-ticket" {' >> $ICINGA2_FILE_API_USER_CONF
-    echo "  password = \"$ICINGA2_API_USER_SATELLITE_PASS\"" >> $ICINGA2_FILE_API_USER_CONF
-    echo '  permissions = [ "actions/generate-ticket" ]' >> $ICINGA2_FILE_API_USER_CONF
-    echo '}' >> $ICINGA2_FILE_API_USER_CONF
-
-fi
 
 ## enable icingadb feature if not active
 if [ ! -f "$ICINGA2_FILE_ICINGADB_CONF" ]; then