docker/icinga2
6
0
Fork 0
Code Issues Actions Packages Activity
Files
1653e5e44ba27cc3fdc43e61bc7e0f8dd74798c0
icinga2/init.sh
anima 1653e5e44b
Some checks failed
build container icinga2 / build (push) Has been cancelled
Details
move api pass set to init only
2025-02-07 03:03:29 +01:00

100 lines
4.0 KiB
Bash
Raw Blame History

#!/bin/bash
ICINGA2_FILE_API_CONF=/etc/icinga2/features-enabled/api.conf
ICINGA2_FILE_API_USER_CONF=/etc/icinga2/conf.d/api-users.conf
ICINGA2_FILE_ICINGADB_CONF=/etc/icinga2/features-enabled/icingadb.conf
ICINGA2_FILE_INFLUXDB_CONF=/etc/icinga2/features-enabled/influxdb.conf
ICINGA2_CONF_DIR='/etc/icinga2/conf.d'
ICINGA2_ZONE_MASTER='/etc/icinga2/zones.d/master'
ICINGA2_GLOBAL_TEMPLATES='/etc/icinga2/zones.d/global-templates'
## init icinga config files if need
if [ -z "$(ls -A /data)" ]; then
echo init icinga2 config
cp -ax /data-init/* /data
rm -rf /data-init
## init node as master and global templates
icinga2 node setup --master --disable-confd
mkdir -p $ICINGA2_GLOBAL_TEMPLATES
mkdir -p $ICINGA2_ZONE_MASTER
mv $ICINGA2_CONF_DIR/hosts.conf $ICINGA2_ZONE_MASTER/
mv $ICINGA2_CONF_DIR/*.conf $ICINGA2_GLOBAL_TEMPLATES/
mv $ICINGA2_GLOBAL_TEMPLATES/api-users.conf $ICINGA2_CONF_DIR/
## only on inital setup create a icingaweb api user if env var is set
## permission source: https://icinga.com/docs/icinga-web/latest/modules/monitoring/doc/05-Command-Transports/
if [ ! -z "$ICINGA2_API_USER_ICINGAWEB_PASS" ]; then
echo set inital icingadb api user
echo 'object ApiUser "icingaweb2" {' >> $ICINGA2_FILE_API_USER_CONF
echo " password = \"$ICINGA2_API_USER_ICINGAWEB_PASS\"" >> $ICINGA2_FILE_API_USER_CONF
echo ' permissions = [ "status/query", "actions/*", "objects/modify/*", "objects/query/*" ]' >> $ICINGA2_FILE_API_USER_CONF
echo '}' >> $ICINGA2_FILE_API_USER_CONF
fi
## only on inital setup create a pki-ticket api user if env var is set
## permission source: https://icinga.com/docs/icinga-2/latest/doc/06-distributed-monitoring/#csr-auto-signing-on-the-master
if [ ! -z "$ICINGA2_API_USER_SATELLITE_PASS" ]; then
echo set inital pki-ticket api user
echo 'object ApiUser "pki-ticket" {' >> $ICINGA2_FILE_API_USER_CONF
echo " password = \"$ICINGA2_API_USER_SATELLITE_PASS\"" >> $ICINGA2_FILE_API_USER_CONF
echo ' permissions = [ "actions/generate-ticket" ]' >> $ICINGA2_FILE_API_USER_CONF
echo '}' >> $ICINGA2_FILE_API_USER_CONF
fi
## only on inital setup replace one time the api root user password if a env var is set
if [ ! -z "$ICINGA2_API_USER_ROOT_PASS" ]; then
echo set inital api root user password
sed -i "s|password = \".*\"|password = \"$ICINGA2_API_USER_ROOT_PASS\"|g" $ICINGA2_FILE_API_USER_CONF
fi
fi
## enable icingadb feature if not active
if [ ! -f "$ICINGA2_FILE_ICINGADB_CONF" ]; then
echo enable icingadb
/usr/sbin/icinga2 feature enable icingadb
fi
## icingadb: replace redis conf is env vars set (anytime)
if [ ! -z "$ICINGA2_ICINGADB_REDIS_HOST" ]; then
echo set new redis host
sed -i "s|\(//\)*host = \".*\"|host = \"$ICINGA2_ICINGADB_REDIS_HOST\"|g" $ICINGA2_FILE_ICINGADB_CONF
fi
if [ ! -z "$ICINGA2_ICINGADB_REDIS_PORT" ]; then
echo set new redis port
sed -i "s|\(//\)*port = .*|port = $ICINGA2_ICINGADB_REDIS_PORT|g" $ICINGA2_FILE_ICINGADB_CONF
fi
if [ ! -z "$ICINGA2_ICINGADB_REDIS_PASS" ]; then
echo set new redis password
sed -i "s|\(//\)*password = \".*\"|password = \"$ICINGA2_ICINGADB_REDIS_PASS\"|g" $ICINGA2_FILE_ICINGADB_CONF
fi
## enable icingadb feature if not active
if [ ! -f "$ICINGA2_FILE_INFLUXDB_CONF" ]; then
echo enable influxdb
/usr/sbin/icinga2 feature enable influxdb
sed -i "s|//| |g" $ICINGA2_FILE_INFLUXDB_CONF
fi
if [ ! -z "$ICINGA2_INFLUXDB_HOST" ]; then
echo set new influxdb host
sed -i "s|\(//\)*host = \".*\"|host = \"$ICINGA2_INFLUXDB_HOST\"|g" $ICINGA2_FILE_INFLUXDB_CONF
fi
if [ ! -z "$ICINGA2_INFLUXDB_PORT" ]; then
echo set new influxdb port
sed -i "s|\(//\)*port = \".*\"|port = $ICINGA2_INFLUXDB_PORT|g" $ICINGA2_FILE_INFLUXDB_CONF
fi
if [ ! -z "$ICINGA2_INFLUXDB_DB" ]; then
echo set new influxdb database
sed -i "s|\(//\)*database = \".*\"|database = \"$ICINGA2_INFLUXDB_DB\"|g" $ICINGA2_FILE_INFLUXDB_CONF
fi
# run CMD
exec "$@"
Reference in New Issue View Git Blame Copy Permalink