tyler.durden/icinga2
1
0
Fork 0
mirror of https://github.com/Icinga/icinga2.git synced 2025-07-20 20:24:33 +02:00
Code Issues Packages Projects Releases Wiki Activity

'node wizard/setup' should always generate new certificates

Browse Source 
Unless an existing certificate is found. The configuration
(api feature, user) is always generated including a backup.

fixes #9590
This commit is contained in:
Michael Friedrich 2015-07-08 15:32:47 +02:00
parent f123c8218d
commit 84d83a4453
2 changed files with 44 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
lib/cli/nodesetupcommand.cpp
View File

@ -128,11 +128,33 @@ int NodeSetupCommand::SetupMaster(const boost::program_options::variables_map& v
if (vm.count("cn")) if (vm.count("cn"))
cn = vm["cn"].as<std::string>(); cn = vm["cn"].as<std::string>();
if (FeatureUtility::CheckFeatureDisabled("api")) { /* check whether the user wants to generate a new certificate or not */
Log(LogInformation, "cli", "'api' feature not enabled, running 'api setup' now.\n"); String existing_path = PkiUtility::GetPkiPath() + "/" + cn + ".crt";
ApiSetupUtility::SetupMaster(cn);
} else Log(LogInformation, "cli")
Log(LogInformation, "cli", "'api' feature already enabled.\n"); << "Checking for existing certificates for common name '" << cn << "'...";
if (Utility::PathExists(existing_path)) {
Log(LogWarning, "cli")
<< "Certificate '" << existing_path << "' for CN '" << cn << "' already existing. Skipping certificate generation.";
} else {
Log(LogInformation, "cli")
<< "Certificates not yet generated. Running 'api setup' now.";
ApiSetupUtility::SetupMasterCertificates(cn);
}
Log(LogInformation, "cli", "Generating master configuration for Icinga 2.");
ApiSetupUtility::SetupMasterApiUser(cn);
if (!FeatureUtility::CheckFeatureEnabled("api")) {
ApiSetupUtility::SetupMasterEnableApi(cn);
} else {
Log(LogInformation, "cli")
<< "'api' feature already enabled.\n";
}
NodeUtility::GenerateNodeMasterIcingaConfig(cn);
/* read zones.conf and update with zone + endpoint information */ /* read zones.conf and update with zone + endpoint information */

21
lib/cli/nodewizardcommand.cpp
View File

@ -455,13 +455,26 @@ wizard_ticket:
String cn = answer; String cn = answer;
cn.Trim(); cn.Trim();
std::cout << ConsoleColorTag(Console_Normal) << "Checking the 'api' feature...\n"; /* check whether the user wants to generate a new certificate or not */
String existing_path = PkiUtility::GetPkiPath() + "/" + cn + ".crt";
if (FeatureUtility::CheckFeatureDisabled("api")) { std::cout << ConsoleColorTag(Console_Normal) << "Checking for existing certificates for common name '" << cn << "'...\n";
std::cout << ConsoleColorTag(Console_Bold) << "'api' feature not enabled, running 'api setup' now.\n";
ApiSetupUtility::SetupMaster(cn); if (Utility::PathExists(existing_path)) {
std::cout << "Certificate '" << existing_path << "' for CN '" << cn << "' already existing. Skipping certificate generation.\n";
} else {
std::cout << "Certificates not yet generated. Running 'api setup' now.\n";
ApiSetupUtility::SetupMasterCertificates(cn);
} }
std::cout << ConsoleColorTag(Console_Bold) << "Generating master configuration for Icinga 2.\n" << ConsoleColorTag(Console_Normal);
ApiSetupUtility::SetupMasterApiUser(cn);
if (!FeatureUtility::CheckFeatureEnabled("api"))
ApiSetupUtility::SetupMasterEnableApi(cn);
else
std::cout << "'api' feature already enabled.\n";
NodeUtility::GenerateNodeMasterIcingaConfig(cn); NodeUtility::GenerateNodeMasterIcingaConfig(cn);
/* apilistener config */ /* apilistener config */