mirror of https://github.com/Icinga/icinga2.git
Gunnar Beutner
parent
43bbbfce13
commit
12015e0eca
|
|
@ -49,17 +49,14 @@ int ApiSetupCommand::GetMaxArguments(void) const
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* The entry point for the "node wizard" CLI command.
|
* The entry point for the "api setup" CLI command.
|
||||||
*
|
*
|
||||||
* @returns An exit status.
|
* @returns An exit status.
|
||||||
*/
|
*/
|
||||||
int ApiSetupCommand::Run(const boost::program_options::variables_map& vm, const std::vector<std::string>& ap) const
|
int ApiSetupCommand::Run(const boost::program_options::variables_map& vm, const std::vector<std::string>& ap) const
|
||||||
{
|
{
|
||||||
if (!ApiSetupUtility::SetupMaster(Utility::GetFQDN()))
|
if (!ApiSetupUtility::SetupMaster(Utility::GetFQDN(), true))
|
||||||
return 1;
|
return 1;
|
||||||
|
|
||||||
std::cout << "Done.\n\n";
|
|
||||||
std::cout << "Now restart your Icinga 2 daemon to finish the installation!\n\n";
|
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -43,7 +43,7 @@ String ApiSetupUtility::GetConfdPath(void)
|
||||||
return Application::GetSysconfDir() + "/icinga2/conf.d";
|
return Application::GetSysconfDir() + "/icinga2/conf.d";
|
||||||
}
|
}
|
||||||
|
|
||||||
bool ApiSetupUtility::SetupMaster(const String& cn)
|
bool ApiSetupUtility::SetupMaster(const String& cn, bool prompt_restart)
|
||||||
{
|
{
|
||||||
/* if the 'api' feature is enabled we can safely assume
|
/* if the 'api' feature is enabled we can safely assume
|
||||||
* that either 'api setup' was run, or the user manually
|
* that either 'api setup' was run, or the user manually
|
||||||
|
|
@ -63,13 +63,17 @@ bool ApiSetupUtility::SetupMaster(const String& cn)
|
||||||
if (!SetupMasterEnableApi())
|
if (!SetupMasterEnableApi())
|
||||||
return false;
|
return false;
|
||||||
|
|
||||||
|
if (prompt_restart) {
|
||||||
|
std::cout << "Done.\n\n";
|
||||||
|
std::cout << "Now restart your Icinga 2 daemon to finish the installation!\n\n";
|
||||||
|
}
|
||||||
|
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
bool ApiSetupUtility::SetupMasterCertificates(const String& cn)
|
bool ApiSetupUtility::SetupMasterCertificates(const String& cn)
|
||||||
{
|
{
|
||||||
Log(LogInformation, "cli")
|
Log(LogInformation, "cli", "Generating new CA.");
|
||||||
<< "Generating new CA.\n";
|
|
||||||
|
|
||||||
if (PkiUtility::NewCa() > 0)
|
if (PkiUtility::NewCa() > 0)
|
||||||
Log(LogWarning, "cli", "Found CA, skipping and using the existing one.");
|
Log(LogWarning, "cli", "Found CA, skipping and using the existing one.");
|
||||||
|
|
@ -82,14 +86,14 @@ bool ApiSetupUtility::SetupMasterCertificates(const String& cn)
|
||||||
|
|
||||||
if (!Utility::SetFileOwnership(pki_path, user, group)) {
|
if (!Utility::SetFileOwnership(pki_path, user, group)) {
|
||||||
Log(LogWarning, "cli")
|
Log(LogWarning, "cli")
|
||||||
<< "Cannot set ownership for user '" << user << "' group '" << group << "' on file '" << pki_path << "'. Verify it yourself!";
|
<< "Cannot set ownership for user '" << user << "' group '" << group << "' on file '" << pki_path << "'.";
|
||||||
}
|
}
|
||||||
|
|
||||||
String key = pki_path + "/" + cn + ".key";
|
String key = pki_path + "/" + cn + ".key";
|
||||||
String csr = pki_path + "/" + cn + ".csr";
|
String csr = pki_path + "/" + cn + ".csr";
|
||||||
|
|
||||||
Log(LogInformation, "cli")
|
Log(LogInformation, "cli")
|
||||||
<< "Generating new CSR in '" << csr << "'.\n";
|
<< "Generating new CSR in '" << csr << "'.";
|
||||||
|
|
||||||
if (Utility::PathExists(key))
|
if (Utility::PathExists(key))
|
||||||
NodeUtility::CreateBackupFile(key, true);
|
NodeUtility::CreateBackupFile(key, true);
|
||||||
|
|
@ -105,7 +109,7 @@ bool ApiSetupUtility::SetupMasterCertificates(const String& cn)
|
||||||
String cert = pki_path + "/" + cn + ".crt";
|
String cert = pki_path + "/" + cn + ".crt";
|
||||||
|
|
||||||
Log(LogInformation, "cli")
|
Log(LogInformation, "cli")
|
||||||
<< "Signing CSR with CA and writing certificate to '" << cert << "'.\n";
|
<< "Signing CSR with CA and writing certificate to '" << cert << "'.";
|
||||||
|
|
||||||
if (Utility::PathExists(cert))
|
if (Utility::PathExists(cert))
|
||||||
NodeUtility::CreateBackupFile(cert);
|
NodeUtility::CreateBackupFile(cert);
|
||||||
|
|
@ -123,7 +127,7 @@ bool ApiSetupUtility::SetupMasterCertificates(const String& cn)
|
||||||
String target_ca = pki_path + "/ca.crt";
|
String target_ca = pki_path + "/ca.crt";
|
||||||
|
|
||||||
Log(LogInformation, "cli")
|
Log(LogInformation, "cli")
|
||||||
<< "Copying CA certificate to '" << target_ca << "'.\n";
|
<< "Copying CA certificate to '" << target_ca << "'.";
|
||||||
|
|
||||||
if (Utility::PathExists(target_ca))
|
if (Utility::PathExists(target_ca))
|
||||||
NodeUtility::CreateBackupFile(target_ca);
|
NodeUtility::CreateBackupFile(target_ca);
|
||||||
|
|
@ -145,7 +149,7 @@ bool ApiSetupUtility::SetupMasterCertificates(const String& cn)
|
||||||
BOOST_FOREACH(const String& file, files) {
|
BOOST_FOREACH(const String& file, files) {
|
||||||
if (!Utility::SetFileOwnership(file, user, group)) {
|
if (!Utility::SetFileOwnership(file, user, group)) {
|
||||||
Log(LogWarning, "cli")
|
Log(LogWarning, "cli")
|
||||||
<< "Cannot set ownership for user '" << user << "' group '" << group << "' on file '" << file << "'. Verify it yourself!";
|
<< "Cannot set ownership for user '" << user << "' group '" << group << "' on file '" << file << "'.";
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -159,7 +163,7 @@ bool ApiSetupUtility::SetupMasterApiUser(void)
|
||||||
String apiuserspath = GetConfdPath() + "/api-users.conf";
|
String apiuserspath = GetConfdPath() + "/api-users.conf";
|
||||||
|
|
||||||
Log(LogInformation, "cli")
|
Log(LogInformation, "cli")
|
||||||
<< "Adding new ApiUser '" << api_username << "' in '" << apiuserspath << "'.\n";
|
<< "Adding new ApiUser '" << api_username << "' in '" << apiuserspath << "'.";
|
||||||
|
|
||||||
NodeUtility::CreateBackupFile(apiuserspath);
|
NodeUtility::CreateBackupFile(apiuserspath);
|
||||||
|
|
||||||
|
|
@ -173,7 +177,7 @@ bool ApiSetupUtility::SetupMasterApiUser(void)
|
||||||
<< " */\n"
|
<< " */\n"
|
||||||
<< "object ApiUser \"" << api_username << "\" {\n"
|
<< "object ApiUser \"" << api_username << "\" {\n"
|
||||||
<< " password = \"" << api_password << "\"\n"
|
<< " password = \"" << api_password << "\"\n"
|
||||||
<< " //client_cn = \"\"\n"
|
<< " // client_cn = \"\"\n"
|
||||||
<< "\n"
|
<< "\n"
|
||||||
<< " permissions = [ \"*\" ]\n"
|
<< " permissions = [ \"*\" ]\n"
|
||||||
<< "}\n";
|
<< "}\n";
|
||||||
|
|
@ -196,7 +200,7 @@ bool ApiSetupUtility::SetupMasterApiUser(void)
|
||||||
|
|
||||||
bool ApiSetupUtility::SetupMasterEnableApi(void)
|
bool ApiSetupUtility::SetupMasterEnableApi(void)
|
||||||
{
|
{
|
||||||
Log(LogInformation, "cli", "Enabling the ApiListener feature.\n");
|
Log(LogInformation, "cli", "Enabling the 'api' feature.");
|
||||||
|
|
||||||
std::vector<std::string> features;
|
std::vector<std::string> features;
|
||||||
features.push_back("api");
|
features.push_back("api");
|
||||||
|
|
|
||||||
|
|
@ -37,7 +37,7 @@ namespace icinga
|
||||||
class I2_CLI_API ApiSetupUtility
|
class I2_CLI_API ApiSetupUtility
|
||||||
{
|
{
|
||||||
public:
|
public:
|
||||||
static bool SetupMaster(const String& cn);
|
static bool SetupMaster(const String& cn, bool prompt_restart = false);
|
||||||
|
|
||||||
static bool SetupMasterCertificates(const String& cn);
|
static bool SetupMasterCertificates(const String& cn);
|
||||||
static bool SetupMasterApiUser(void);
|
static bool SetupMasterApiUser(void);
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue