diff --git a/README.md b/README.md new file mode 100644 index 0000000..ad18273 --- /dev/null +++ b/README.md @@ -0,0 +1,128 @@ +# Docker IcingaWeb2 +[![Build Status](https://git.ao-it.net/docker/icingaweb2/actions/workflows/docker-build.yml/badge.svg?branch=main&event=push)](https://git.ao-it.net/docker/icingaweb2/actions?workflow=docker-build.yml&actor=0&status=0) + +Designed with [https://git.ao-it.net/docker/icinga2](https://git.ao-it.net/docker/icinga2) + +## quick start +If you have a functional icinga2 instance only without icingaweb2: +```bash +git clone https://git.ao-it.net/docker/icingaweb2 +cd icingaweb2 +cp env.sample .env +nano .env # edit your settings +docker compose up -d +``` + +For a full deployment see: [comming soon ...]() + + +## understand environment +For the configuration (primarily the initial setup) I use a similar method as: https://hub.docker.com/r/icinga/icingaweb2 +* In my case a prefix like `ICINGAWEB2_CONF` refers a configuration file. +* After the first `.` it follows the `Section` from this ini file. +* After the second `.` it follows the `Key` from this `Section` before. +* And after the `=` is comes the `value`. + +So will this: +``` +ICINGAWEB2_CONF.global.config_backend=db +``` + +create this: +```ini +[global] +config_backend = db +``` + +--- + +### vars icingaweb2 +prefix | file | ref +--- | --- | --- +ICINGAWEB2_CONF | /etc/icingaweb2/config.ini | [General Configuration](https://icinga.com/docs/icinga-web/latest/doc/03-Configuration/#configuration-general) +ICINGAWEB2_RESOURCES | /etc/icingaweb2/resources.ini | [Resources](https://icinga.com/docs/icinga-web/latest/doc/04-Resources/#resources) +ICINGAWEB2_AUTH | /etc/icingaweb2/authentication.ini | [Authentication](https://icinga.com/docs/icinga-web/latest/doc/05-Authentication/#authentication) +ICINGAWEB2_GROUPS | /etc/icingaweb2/groups.ini | [Groups](https://icinga.com/docs/icinga-web/latest/doc/05-Authentication/#groups) +ICINGAWEB2_ROLES | /etc/icingaweb2/roles.ini | [Roles](https://icinga.com/docs/icinga-web/latest/doc/06-Security/#roles) + + +### vars modules +prefix | module | file | ref +--- | --- | --- | --- +ICINGAWEB2_ICINGADB_CONF | icingadb | /etc/icingaweb2/modules/icingadb/config.ini | [General Configuration](https://icinga.com/docs/icinga-db-web/latest/doc/03-Configuration/#general-configuration) +ICINGAWEB2_ICINGADB_REDIS | icingadb | /etc/icingaweb2/modules/icingadb/redis.ini | [Redis® Configuration](https://icinga.com/docs/icinga-db-web/latest/doc/03-Configuration/#redis-configuration) +ICINGAWEB2_ICINGADB_API | icingadb | /etc/icingaweb2/modules/icingadb/commandtransports.ini | [Command Transport Configuration](https://icinga.com/docs/icinga-db-web/latest/doc/03-Configuration/#command-transport-configuration) + +--- + +### static vars +var | description +--- | --- +ICINGAWEB2_CONF_ONCE | if true: all configuration setups (above) run only on fist setup. +ICINGAWEB2_DB_RESOURCE_NAME | needed for setup scrip to know witch database is used for users +ICINGAWEB2_DEFAULT_ADMIN_USER | default admin username +ICINGAWEB2_DEFAULT_ADMIN_PASS | default admin password + +### easy setup +If you use the example, than you kan setup the `env.sample`. +All required variables are included and insert the values ​​in the correct places. + +Hint: in this file all vars dont have the `2` behind icingaweb2 or icinga. +Vars for the container have the `2` + +## example +See [compose.yml](compose.yml). +This is for environment priview +```yaml +services: + icingaweb2: + image: git.ao-it.net/docker/icingaweb2 + environment: + - ICINGAWEB2_CONF_ONCE=true + - ICINGAWEB2_CONF.logging.log=php + - ICINGAWEB2_CONF.logging.level=ERROR + - ICINGAWEB2_CONF.logging.application=icingaweb2 + - ICINGAWEB2_CONF.global.config_backend=db + - ICINGAWEB2_CONF.global.config_resource=${ICINGAWEB_DB_RESOURCE_NAME:-icingaweb_db} + - ICINGAWEB2_RESOURCES.${ICINGAWEB_DB_RESOURCE_NAME:-icingaweb_db}.type=db + - ICINGAWEB2_RESOURCES.${ICINGAWEB_DB_RESOURCE_NAME:-icingaweb_db}.db=mysql + - ICINGAWEB2_RESOURCES.${ICINGAWEB_DB_RESOURCE_NAME:-icingaweb_db}.host=${ICINGAWEB_DB_HOST:-db_icingaweb} + - ICINGAWEB2_RESOURCES.${ICINGAWEB_DB_RESOURCE_NAME:-icingaweb_db}.dbname=${ICINGAWEB_DB:-icingaweb} + - ICINGAWEB2_RESOURCES.${ICINGAWEB_DB_RESOURCE_NAME:-icingaweb_db}.username=${ICINGAWEB_DB_USER:-icingaweb} + - ICINGAWEB2_RESOURCES.${ICINGAWEB_DB_RESOURCE_NAME:-icingaweb_db}.password=${ICINGAWEB_DB_PASS:-icingaweb} + - ICINGAWEB2_RESOURCES.${ICINGAWEB_DB_RESOURCE_NAME:-icingaweb_db}.charset=utf8mb4 + - ICINGAWEB2_RESOURCES.${ICINGAWDB_RESOURCE_NAME:-icingadb}.type=db + - ICINGAWEB2_RESOURCES.${ICINGAWDB_RESOURCE_NAME:-icingadb}.db=mysql + - ICINGAWEB2_RESOURCES.${ICINGAWDB_RESOURCE_NAME:-icingadb}.host=${ICINGA_DB_HOST:-db_icinga} + - ICINGAWEB2_RESOURCES.${ICINGAWDB_RESOURCE_NAME:-icingadb}.dbname=${ICINGA_DB:-icingadb} + - ICINGAWEB2_RESOURCES.${ICINGAWDB_RESOURCE_NAME:-icingadb}.username=${ICINGA_DB_USER:-icingadb} + - ICINGAWEB2_RESOURCES.${ICINGAWDB_RESOURCE_NAME:-icingadb}.password=${ICINGA_DB_PASS:-icingadb} + - ICINGAWEB2_RESOURCES.${ICINGAWDB_RESOURCE_NAME:-icingadb}.charset=utf8mb4 + - ICINGAWEB2_AUTH.icingaweb2.backend=db + - ICINGAWEB2_AUTH.icingaweb2.resource=${ICINGAWEB_DB_RESOURCE_NAME:-icingaweb_db} + - ICINGAWEB2_GROUPS.icingaweb2.backend=db + - ICINGAWEB2_GROUPS.icingaweb2.resource=${ICINGAWEB_DB_RESOURCE_NAME:-icingaweb_db} + - ICINGAWEB2_ROLES.${ICINGAWEB_DEFAULT_ADMIN_ROLE:-Administrators}.groups=${ICINGAWEB_DEFAULT_ADMIN_ROLE:-Administrators} + - ICINGAWEB2_ROLES.${ICINGAWEB_DEFAULT_ADMIN_ROLE:-Administrators}.permissions="*" + - ICINGAWEB2_ROLES.${ICINGAWEB_DEFAULT_ADMIN_ROLE:-Administrators}.users=${ICINGAWEB_DEFAULT_ADMIN_USER:-icingaadmin} + - ICINGAWEB2_ICINGADB_CONF.icingadb.resource=icingadb + - ICINGAWEB2_ICINGADB_REDIS.redis1.host=redis + - ICINGAWEB2_ICINGADB_REDIS.redis1.port=6379 + - ICINGAWEB2_ICINGADB_API.icinga2.transport=api + - ICINGAWEB2_ICINGADB_API.icinga2.host=icinga2 + - ICINGAWEB2_ICINGADB_API.icinga2.port=5665 + - ICINGAWEB2_ICINGADB_API.icinga2.username=icingaweb + - ICINGAWEB2_ICINGADB_API.icinga2.password=icingaweb + - ICINGAWEB2_DB_RESOURCE_NAME=${ICINGAWEB_DB_RESOURCE_NAME:-icingaweb_db} + - ICINGAWEB2_DEFAULT_ADMIN_USER=${ICINGAWEB_DEFAULT_ADMIN_USER:-icingaadmin} + - ICINGAWEB2_DEFAULT_ADMIN_PASS=${ICINGAWEB_DEFAULT_ADMIN_PASS:-icingaadmin} +``` + +If you ask why the hell vars with `.` : +- Underscores a bad for splitting in case of icingaweb2. Some options need them +- https://stackoverflow.com/questions/2821043/allowed-characters-in-linux-environment-variable-names +- no better idea to handle this for setup script + +You can remove the environment var `ICINGAWEB2_CONF_ONCE` whan will changes in `compose.yml` environment deploy every time if the container starts. +You can use this for future config changes, but this isn't tested and i am not sure i will recommend this... +For now be save and use it only for inital setup. \ No newline at end of file diff --git a/TODO.md b/TODO.md new file mode 100644 index 0000000..ec357bd --- /dev/null +++ b/TODO.md @@ -0,0 +1,4 @@ +# TODO's + +## planed features +- [ ] add grafana module \ No newline at end of file diff --git a/env.sample b/env.sample new file mode 100644 index 0000000..1b30945 --- /dev/null +++ b/env.sample @@ -0,0 +1,31 @@ +# icingaweb2 environment + +### icingaweb db connection +ICINGAWEB_DB_RESOURCE_NAME=icingaweb_db +ICINGAWEB_DB=icingaweb +ICINGAWEB_DB_HOST=db_icingaweb +ICINGAWEB_DB_USER=icingaweb +ICINGAWEB_DB_PASS=icingaweb + +## inital login +ICINGAWEB_DEFAULT_ADMIN_ROLE=Administrators +ICINGAWEB_DEFAULT_ADMIN_USER=icingaadmin +ICINGAWEB_DEFAULT_ADMIN_PASS=icingaadmin + +## icingadb SQL connection +ICINGAWDB_RESOURCE_NAME=icingadb +ICINGA_DB=icingadb +ICINGA_DB_HOST=db_icinga +ICINGA_DB_USER=icingadb +ICINGA_DB_PASS=icingadb + +## icingadb redis connection +ICINGADB_REDIS_HOST=redis +ICINGADB_REDIS_PORT=6379 + +## icingadb command transport +ICINGADB_CMD_TYPE=api +ICINGA_API_HOST=icinga2 +ICINGA_API_PORT=5665 +ICINGA_API_ICINGAWEB_USER=icingaweb +ICINGA_API_ICINGAWEB_PASS=icingaweb \ No newline at end of file