From cceca4b7240102b17e1f2b9628a3b93877e540e1 Mon Sep 17 00:00:00 2001
From: anima <p.schreiner@4nima.de>
Date: Sat, 1 Feb 2025 11:16:41 +0100
Subject: [PATCH] inital version

---
 README.md  | 128 +++++++++++++++++++++++++++++++++++++++++++++++++++++
 TODO.md    |   4 ++
 env.sample |  31 +++++++++++++
 3 files changed, 163 insertions(+)
 create mode 100644 README.md
 create mode 100644 TODO.md
 create mode 100644 env.sample

diff --git a/README.md b/README.md
new file mode 100644
index 0000000..ad18273
--- /dev/null
+++ b/README.md
@@ -0,0 +1,128 @@
+# Docker IcingaWeb2
+[![Build Status](https://git.ao-it.net/docker/icingaweb2/actions/workflows/docker-build.yml/badge.svg?branch=main&event=push)](https://git.ao-it.net/docker/icingaweb2/actions?workflow=docker-build.yml&actor=0&status=0)
+
+Designed with [https://git.ao-it.net/docker/icinga2](https://git.ao-it.net/docker/icinga2)
+
+## quick start
+If you have a functional icinga2 instance only without icingaweb2:  
+```bash
+git clone https://git.ao-it.net/docker/icingaweb2
+cd icingaweb2 
+cp env.sample .env
+nano .env     # edit your settings
+docker compose up -d
+```
+
+For a full deployment see: [comming soon ...]()  
+
+
+## understand environment
+For the configuration (primarily the initial setup) I use a similar method as: https://hub.docker.com/r/icinga/icingaweb2  
+* In my case a prefix like `ICINGAWEB2_CONF` refers a configuration file.  
+* After the first `.` it follows the `Section` from this ini file.  
+* After the second `.` it follows the `Key` from this `Section` before.  
+* And after the `=` is comes the `value`.  
+
+So will this: 
+```
+ICINGAWEB2_CONF.global.config_backend=db
+```
+
+create this: 
+```ini
+[global]
+config_backend = db
+```
+
+--- 
+
+### vars icingaweb2
+prefix | file | ref
+--- | --- | ---
+ICINGAWEB2_CONF | /etc/icingaweb2/config.ini | [General Configuration](https://icinga.com/docs/icinga-web/latest/doc/03-Configuration/#configuration-general)
+ICINGAWEB2_RESOURCES | /etc/icingaweb2/resources.ini | [Resources](https://icinga.com/docs/icinga-web/latest/doc/04-Resources/#resources)
+ICINGAWEB2_AUTH | /etc/icingaweb2/authentication.ini | [Authentication](https://icinga.com/docs/icinga-web/latest/doc/05-Authentication/#authentication)
+ICINGAWEB2_GROUPS | /etc/icingaweb2/groups.ini | [Groups](https://icinga.com/docs/icinga-web/latest/doc/05-Authentication/#groups)
+ICINGAWEB2_ROLES | /etc/icingaweb2/roles.ini | [Roles](https://icinga.com/docs/icinga-web/latest/doc/06-Security/#roles)
+
+
+### vars modules
+prefix | module | file | ref
+--- | --- | --- | ---
+ICINGAWEB2_ICINGADB_CONF | icingadb | /etc/icingaweb2/modules/icingadb/config.ini | [General Configuration](https://icinga.com/docs/icinga-db-web/latest/doc/03-Configuration/#general-configuration)
+ICINGAWEB2_ICINGADB_REDIS | icingadb | /etc/icingaweb2/modules/icingadb/redis.ini | [Redis® Configuration](https://icinga.com/docs/icinga-db-web/latest/doc/03-Configuration/#redis-configuration)
+ICINGAWEB2_ICINGADB_API | icingadb | /etc/icingaweb2/modules/icingadb/commandtransports.ini | [Command Transport Configuration](https://icinga.com/docs/icinga-db-web/latest/doc/03-Configuration/#command-transport-configuration)
+
+---
+
+### static vars
+var | description
+--- | ---
+ICINGAWEB2_CONF_ONCE | if true: all configuration setups (above) run only on fist setup.
+ICINGAWEB2_DB_RESOURCE_NAME | needed for setup scrip to know witch database is used for users
+ICINGAWEB2_DEFAULT_ADMIN_USER | default admin username
+ICINGAWEB2_DEFAULT_ADMIN_PASS | default admin password
+
+### easy setup
+If you use the example, than you kan setup the `env.sample`. 
+All required variables are included and insert the values ​​in the correct places.
+
+Hint: in this file all vars dont have the `2` behind icingaweb2 or icinga. 
+Vars for the container have the `2`
+
+## example
+See [compose.yml](compose.yml).  
+This is for environment priview
+```yaml
+services:
+  icingaweb2:
+    image: git.ao-it.net/docker/icingaweb2
+    environment:
+      - ICINGAWEB2_CONF_ONCE=true
+      - ICINGAWEB2_CONF.logging.log=php
+      - ICINGAWEB2_CONF.logging.level=ERROR
+      - ICINGAWEB2_CONF.logging.application=icingaweb2
+      - ICINGAWEB2_CONF.global.config_backend=db
+      - ICINGAWEB2_CONF.global.config_resource=${ICINGAWEB_DB_RESOURCE_NAME:-icingaweb_db}
+      - ICINGAWEB2_RESOURCES.${ICINGAWEB_DB_RESOURCE_NAME:-icingaweb_db}.type=db
+      - ICINGAWEB2_RESOURCES.${ICINGAWEB_DB_RESOURCE_NAME:-icingaweb_db}.db=mysql
+      - ICINGAWEB2_RESOURCES.${ICINGAWEB_DB_RESOURCE_NAME:-icingaweb_db}.host=${ICINGAWEB_DB_HOST:-db_icingaweb}
+      - ICINGAWEB2_RESOURCES.${ICINGAWEB_DB_RESOURCE_NAME:-icingaweb_db}.dbname=${ICINGAWEB_DB:-icingaweb}
+      - ICINGAWEB2_RESOURCES.${ICINGAWEB_DB_RESOURCE_NAME:-icingaweb_db}.username=${ICINGAWEB_DB_USER:-icingaweb}
+      - ICINGAWEB2_RESOURCES.${ICINGAWEB_DB_RESOURCE_NAME:-icingaweb_db}.password=${ICINGAWEB_DB_PASS:-icingaweb}
+      - ICINGAWEB2_RESOURCES.${ICINGAWEB_DB_RESOURCE_NAME:-icingaweb_db}.charset=utf8mb4
+      - ICINGAWEB2_RESOURCES.${ICINGAWDB_RESOURCE_NAME:-icingadb}.type=db
+      - ICINGAWEB2_RESOURCES.${ICINGAWDB_RESOURCE_NAME:-icingadb}.db=mysql
+      - ICINGAWEB2_RESOURCES.${ICINGAWDB_RESOURCE_NAME:-icingadb}.host=${ICINGA_DB_HOST:-db_icinga}
+      - ICINGAWEB2_RESOURCES.${ICINGAWDB_RESOURCE_NAME:-icingadb}.dbname=${ICINGA_DB:-icingadb}
+      - ICINGAWEB2_RESOURCES.${ICINGAWDB_RESOURCE_NAME:-icingadb}.username=${ICINGA_DB_USER:-icingadb}
+      - ICINGAWEB2_RESOURCES.${ICINGAWDB_RESOURCE_NAME:-icingadb}.password=${ICINGA_DB_PASS:-icingadb}
+      - ICINGAWEB2_RESOURCES.${ICINGAWDB_RESOURCE_NAME:-icingadb}.charset=utf8mb4
+      - ICINGAWEB2_AUTH.icingaweb2.backend=db
+      - ICINGAWEB2_AUTH.icingaweb2.resource=${ICINGAWEB_DB_RESOURCE_NAME:-icingaweb_db}
+      - ICINGAWEB2_GROUPS.icingaweb2.backend=db
+      - ICINGAWEB2_GROUPS.icingaweb2.resource=${ICINGAWEB_DB_RESOURCE_NAME:-icingaweb_db}
+      - ICINGAWEB2_ROLES.${ICINGAWEB_DEFAULT_ADMIN_ROLE:-Administrators}.groups=${ICINGAWEB_DEFAULT_ADMIN_ROLE:-Administrators}
+      - ICINGAWEB2_ROLES.${ICINGAWEB_DEFAULT_ADMIN_ROLE:-Administrators}.permissions="*"
+      - ICINGAWEB2_ROLES.${ICINGAWEB_DEFAULT_ADMIN_ROLE:-Administrators}.users=${ICINGAWEB_DEFAULT_ADMIN_USER:-icingaadmin}
+      - ICINGAWEB2_ICINGADB_CONF.icingadb.resource=icingadb
+      - ICINGAWEB2_ICINGADB_REDIS.redis1.host=redis
+      - ICINGAWEB2_ICINGADB_REDIS.redis1.port=6379
+      - ICINGAWEB2_ICINGADB_API.icinga2.transport=api
+      - ICINGAWEB2_ICINGADB_API.icinga2.host=icinga2
+      - ICINGAWEB2_ICINGADB_API.icinga2.port=5665
+      - ICINGAWEB2_ICINGADB_API.icinga2.username=icingaweb
+      - ICINGAWEB2_ICINGADB_API.icinga2.password=icingaweb
+      - ICINGAWEB2_DB_RESOURCE_NAME=${ICINGAWEB_DB_RESOURCE_NAME:-icingaweb_db}
+      - ICINGAWEB2_DEFAULT_ADMIN_USER=${ICINGAWEB_DEFAULT_ADMIN_USER:-icingaadmin}
+      - ICINGAWEB2_DEFAULT_ADMIN_PASS=${ICINGAWEB_DEFAULT_ADMIN_PASS:-icingaadmin}
+```
+
+If you ask why the hell vars with `.` : 
+- Underscores a bad for splitting in case of icingaweb2. Some options need them
+- https://stackoverflow.com/questions/2821043/allowed-characters-in-linux-environment-variable-names
+- no better idea to handle this for setup script
+
+You can remove the environment var `ICINGAWEB2_CONF_ONCE` whan will changes in `compose.yml` environment deploy every time if the container starts.  
+You can use this for future config changes, but this isn't tested and i am not sure i will recommend this...  
+For now be save and use it only for inital setup.  
\ No newline at end of file
diff --git a/TODO.md b/TODO.md
new file mode 100644
index 0000000..ec357bd
--- /dev/null
+++ b/TODO.md
@@ -0,0 +1,4 @@
+# TODO's 
+
+## planed features
+- [ ] add grafana module
\ No newline at end of file
diff --git a/env.sample b/env.sample
new file mode 100644
index 0000000..1b30945
--- /dev/null
+++ b/env.sample
@@ -0,0 +1,31 @@
+# icingaweb2 environment
+
+### icingaweb db connection
+ICINGAWEB_DB_RESOURCE_NAME=icingaweb_db
+ICINGAWEB_DB=icingaweb
+ICINGAWEB_DB_HOST=db_icingaweb
+ICINGAWEB_DB_USER=icingaweb
+ICINGAWEB_DB_PASS=icingaweb
+
+## inital login 
+ICINGAWEB_DEFAULT_ADMIN_ROLE=Administrators
+ICINGAWEB_DEFAULT_ADMIN_USER=icingaadmin
+ICINGAWEB_DEFAULT_ADMIN_PASS=icingaadmin
+
+## icingadb SQL connection
+ICINGAWDB_RESOURCE_NAME=icingadb
+ICINGA_DB=icingadb
+ICINGA_DB_HOST=db_icinga
+ICINGA_DB_USER=icingadb
+ICINGA_DB_PASS=icingadb
+
+## icingadb redis connection
+ICINGADB_REDIS_HOST=redis
+ICINGADB_REDIS_PORT=6379
+
+## icingadb command transport 
+ICINGADB_CMD_TYPE=api
+ICINGA_API_HOST=icinga2
+ICINGA_API_PORT=5665
+ICINGA_API_ICINGAWEB_USER=icingaweb
+ICINGA_API_ICINGAWEB_PASS=icingaweb
\ No newline at end of file