Commit Graph

2368 Commits

Author SHA1 Message Date
Alexander A. Klimov 501175229c Doc: Distributed Monitoring: add section "External CA/PKI"
The following already works:

* Custom key sizes, e.g. 2048 bits
* Custom key types, e.g. ECC
* Multiple trusted root CAs in `/var/lib/icinga2/certs/ca.crt`
* Different root CAs per cluster subtree, as long as each node trusts the
  issuers of the certificates of all nodes it's directly connected to
* Any number of intermediate CAs
2024-11-27 14:49:06 +01:00
Christian Lauf b7335841a3
Enhance documentation regarding internal icinga config sync check (#10101)
* Update 10-icinga-template-library.md

Explicitly name the config-sync check feature of the icinga check, as before this was a little bit too undocumented making it unknown to me.
Also mention where the check has to executed in order to bring the desired results.

* Update 15-troubleshooting.md

Add 4h typical error point for configuration stored outside of /etc/icinga2/zones.d. For when a non-distributed setup was migrated to a distributed setup.
Also link to the internal icinga CheckCommand to promote its existance.

* Update 15-troubleshooting.md

Remove "-" from link

* Revert "Update 15-troubleshooting.md"

This reverts commit bb25ba3ff5.

* Update AUTHORS

Add myself to AUTHORS

* Update doc/15-troubleshooting.md

Co-authored-by: alvar <8402811+oxzi@users.noreply.github.com>

* Update doc/10-icinga-template-library.md

Co-authored-by: alvar <8402811+oxzi@users.noreply.github.com>

* Update doc/15-troubleshooting.md

Co-authored-by: alvar <8402811+oxzi@users.noreply.github.com>

---------

Co-authored-by: alvar <8402811+oxzi@users.noreply.github.com>
2024-11-26 10:52:05 +01:00
Alexander Aleksandrovič Klimov 211bae87b5
Merge pull request #10205 from Icinga/Al2Klimov-patch-11
openSUSE install docs: remove false info
2024-11-15 11:30:03 +01:00
Alvar Penning e620f9515b
ITL: Add --exclude-process to check_procs
For check_procs, both the Monitoring Plugins' implementation[0] and the
Nagios Plugin[1] are supporting the "-X" or "--exclude-process" flag to
exclude one or many processes by name. However, this flag is missing
here in the Icinga Template Library.

The Nagios Plugin implementation also comes with "-j" and "-g" for
FreeBSD jails and Linux cgroups, respectively. But, to keep it
compatible, I would ignore these for the moment.

Closes #10226.

[0]: https://www.monitoring-plugins.org/doc/man/check_procs.html
[1]: https://nagios-plugins.org/doc/man/check_procs.html
2024-11-13 09:36:06 +01:00
Julian Brost 67175c43c0
Merge pull request #10102 from Icinga/icingadb-redis-username
Icinga DB: Config no_user_modify and Support Redis username authentication
2024-11-12 17:04:20 +01:00
Alexander Aleksandrovič Klimov 65a642dbee
Merge pull request #9981 from Icinga/Al2Klimov-patch-3
Document how to enable/disable Debug Output on the fly
2024-10-30 16:18:45 +01:00
Alexander Aleksandrovič Klimov 73e992da81
openSUSE install docs: remove false info
No packages to be installed according to these instructions require the given repo.
2024-10-28 12:12:35 +01:00
Alexander A. Klimov e889528b14 Document how to enable/disable Debug Output on the fly
This is a good alternative to `icinga2 feature enable debuglog`:

* Object creation/deletion via API happens immediately and requires no restart
* Hence, the debug log is enabled exactly as long as desired

Co-authored-by: alvar <8402811+oxzi@users.noreply.github.com>
2024-10-24 09:49:55 +02:00
Alexander A. Klimov 095e5982f4 doc/: fix "a HA" -> "an HA" 2024-10-24 09:44:36 +02:00
Alvar Penning 98f60fd78e
Icinga DB: Support Redis username authentication
The Redis ACL system was introduced with Redis 6.0. It introduced users
with precisely granular permissions. This change allows Icinga 2 to use
the Icinga DB feature against a Redis with an ACL user.

This was reflected in the documentation, next to the already
implemented, but undocumented Redis database.

Closes #9536.
2024-10-24 09:18:19 +02:00
Alvar Penning 57fab7f39e
Icinga DB: Config no_user_modify
Each configuration field of an IcingaDB Object was marked with
no_user_modify as modifications via the API would not result in an
actual change. While the Object would be updated, the internal Redis
connection would not be restarted, resulting in an unexpected behavior.

The missing db_index was added to the documentation.
2024-10-24 09:18:09 +02:00
Yonas Habteab 9fa438c956 docs: Add missing space 2024-10-21 12:41:32 +02:00
Yonas Habteab 39337fbeae docs: Add `$` to the escape sequences section
feat: Add the `$` character to the escape sequences table.
2024-10-21 12:41:32 +02:00
Alexander A. Klimov 7216220de1 Bump OpenSSL shipped for Windows to v3.0.15 2024-09-20 17:39:26 +02:00
Yonas Habteab 3ffec77ae5
Merge pull request #10135 from Icinga/centos
doc/: don't mention CentOS
2024-09-18 10:22:09 +02:00
Alexander A. Klimov 6da948c830 doc/: don't mention CentOS
It's EOL.
2024-09-16 17:08:42 +02:00
Alexander Aleksandrovič Klimov f3ed85171e
Linux Dev Environment: fix /usr/local/icinga2/etc ownership
We instruct the users to build as root and chown just /usr/local/icinga2/var, but at least `icinga2 api setup` also needs to modify /usr/local/icinga2/etc.
2024-09-16 16:13:02 +02:00
Yonas Habteab 0b8f70bbba
Merge pull request #10152 from Josef-Friedrich/remove-trailing-whitespaces
Remove trailing whitespaces in the markdown files of the documentation
2024-09-13 10:06:45 +02:00
Josef Friedrich 1cd515ef8a
Fix typo in the api documentation 2024-09-12 08:46:27 +02:00
Josef Friedrich 1f31f725f8 Remove trailing whitespaces in the markdown files of the documentation 2024-09-12 08:39:15 +02:00
Yonas Habteab c0b047b1aa
Merge pull request #10035 from Icinga/check_systemd_name_fix
check_systemd: Fix executable name and include latest arguments
2024-09-06 11:57:33 +02:00
Alvar Penning e7670e9ba9
check_systemd: harmonize ITL w/ upstream
Harmonize the arguments with the upstream CheckCommand[0], including a
patch to use the ITL variables[1].

[0]: https://github.com/Josef-Friedrich/check_systemd/blob/main/contrib/icinga2/command.conf
[1]: https://github.com/Josef-Friedrich/check_systemd/pull/38

Co-Authored-By: RincewindsHat <12514511+RincewindsHat@users.noreply.github.com>
2024-09-06 10:21:30 +02:00
Lorenz Kästle ba200f74e1
Add check_curl to ITL (#9205)
* Add check_curl to ITL

* small fixes and boolean defaults

* Add documentation for check_curl

* Replace dash with underscore in variables

* Add link to documentation

* Change order of argument attributes to adhere to style guide

* Shorten description of  tls option in itl

* Just remove information for check_curl options

* itl - check_curl: document -4 and -6

* itl - check_curl: Add haproxy option for check_curl

* itl - check_curl: add cookie-jar option

* itl - check_curl: add continue_after_certificate option

* itl - check_curl: replace dashes with underscores in macros

* Update itl/command-plugins.conf

Co-authored-by: alvar <8402811+oxzi@users.noreply.github.com>

* Update itl/command-plugins.conf

Co-authored-by: alvar <8402811+oxzi@users.noreply.github.com>

* itl - check_curl: add missing option documentation and reorder options

* itl - check_curl: Split certificate lifetime in two parameters

* itl - check_curl: replace remaining instances of single parameter for remaining valid time

* check_curl: allow assignements for host without address set

* check_curl: fix typo expext -> expect

* itl - check_curl: add state-regex option and documentation

* Add Tls options with version and without

* itl - check_curl: fix indentation

* itl - check_curl: Set v4/v6 variables

* itl - check_curl: Edit description for --sni

* doc - check_curl: fix singular-plural typo for curl_max_redir(s)

* doc/check_curl: sni description

* itl - check_curl: remove superfluous brace

* itl - check_curl: add extra-opts parameter

---------

Co-authored-by: alvar <8402811+oxzi@users.noreply.github.com>
2024-08-30 10:25:27 +00:00
Julian Brost 73d3e5b1c7
Merge pull request #10136 from Icinga/icinga-archive-keyring
.deb: let user install icinga-archive-keyring package
2024-08-29 17:36:20 +02:00
Tobias Bauriedel 600281bfa0
Fix ITL for http CheckCommand definition
There were some missing arguments.

ref/NC/806131
2024-08-27 14:07:43 +02:00
Nicolas Berens c76cade9ae add new variables to documentation 2024-08-26 15:36:21 +02:00
Julian Brost 585b357c3f
Merge pull request #10090 from Icinga/rpi-os
Clarify that our Debian installation docs also apply to the Raspberry Pi OS
2024-08-26 13:54:30 +02:00
Alexander A. Klimov d6bb971c7f doc/02-installation.md: remove Raspbian which is not supported anymore 2024-08-21 13:20:25 +02:00
Alexander A. Klimov 14e269060a Clarify that our Debian installation docs also apply to the Raspberry Pi OS 2024-08-21 13:19:54 +02:00
Alexander Aleksandrovič Klimov aab0952bb1
doc/02-installation.md: remove outdated info
The Backports Repository is required for Debian 9, but we don't build even v10 anymore.
2024-08-21 12:09:27 +02:00
Alexander A. Klimov 81607426a2 .deb: let user install icinga-archive-keyring package 2024-08-21 11:48:19 +02:00
Julian Brost 914a26ce79
Merge pull request #10118 from Icinga/Al2Klimov-patch-7
doc/21-development.md: fix bad link address
2024-08-21 11:01:10 +02:00
Alexander A. Klimov 584340a203 Bump Boost shipped for Windows to v1.86 2024-08-20 18:18:07 +02:00
Alexander Aleksandrovič Klimov 4fefdd0969
doc/21-development.md: fix bad link address 2024-08-20 18:13:42 +02:00
Julian Brost be50050d2b
Merge pull request #10115 from Icinga/Al2Klimov-patch-7
doc/03-monitoring-basics.md: fix invalid link address
2024-08-20 16:18:40 +02:00
Julian Brost ac84405334
Merge pull request #10116 from Icinga/missing-angle-bracket
Docs: Add missing angle bracket
2024-08-20 10:07:43 +02:00
Alexander Aleksandrovič Klimov edb6730858
doc/03-monitoring-basics.md: fix invalid link address 2024-08-19 16:49:12 +02:00
Alexander Aleksandrovič Klimov 02ba5e4101
Merge pull request #10015 from Icinga/malloc_info
/v1/debug/malloc_info: call malloc_info(3) if available
2024-08-12 14:41:09 +02:00
Alexander A. Klimov f3c7ac11e9 /v1/debug/malloc_info: call malloc_info(3) if available
The GNU libc function malloc_info(3) provides memory allocation and usage
statistics of Icinga 2 itself.
2024-08-09 12:59:25 +02:00
Alexander Aleksandrovič Klimov c5c7925d8a
Merge pull request #10071 from Icinga/add-missing-evs-docs
Add missing `Object{created,deleted,modified}` docs
2024-06-12 11:25:24 +02:00
Yonas Habteab 2432d1a861 Add missing `Object{created,deleted,modified}` docs 2024-06-11 09:46:18 +02:00
Alexander A. Klimov b1eae017c9 Bump OpenSSL shipped for Windows to v3.0.14 2024-06-07 16:07:42 +02:00
Alexander A. Klimov 561d6a3981 Bump Boost shipped for Windows to v1.85
Note: For doc/21-development.md use:

perl -pi -e 's/(boost[-\w]*?1[-_]?)84/${1}85/g' doc/21-development.md
2024-06-07 16:02:07 +02:00
Alexander Aleksandrovič Klimov b6b2f72055
Merge pull request #10056 from legioner0/patch-1
Update 06-distributed-monitoring.md
2024-06-04 09:50:43 +02:00
Alexander Aleksandrovič Klimov c7e4c2af5a
doc/: ITL: correct ping_timeout default
ITL config says it's 10, not 0, and running check_ping itself confirms that.
2024-05-27 10:32:49 +02:00
Christian Gut 7cc8d81d5d
check_ssl_cert: integrate new option to set maximum validity (#9881)
* check_ssl_cert: integrate new option to set maximum validity

check_ssl_cert has a new option with a new default: --maximum-validity. This change allows for services to use that option to override the default of 397 days. It is needed, if you have internal certificates that have a longer duration.

---------

Co-authored-by: Alexander A. Klimov <alexander.klimov@icinga.com>
2024-05-27 09:59:36 +02:00
Alexander Aleksandrovič Klimov b56839fe18
Merge pull request #9758 from liip-forks/OdyX-fix-ssl-cert-warnings
Fix ssl_cert deprecation warnings
2024-05-24 11:57:34 +02:00
Alexander Aleksandrovič Klimov 1bdfc6fb89
Merge pull request #9749 from Icinga/Al2Klimov-patch-7
ITL: check_disk: ignore more fuse* filesystems
2024-05-22 10:33:55 +02:00
Alexander Aleksandrovič Klimov 252b075d0f
Merge pull request #10064 from Icinga/rpm--import
Don't rpm --import https://packages.icinga.com/icinga.key
2024-05-21 14:35:41 +02:00
Alexander A. Klimov d68b328c9e Don't rpm --import https://packages.icinga.com/icinga.key
just like on packages.icinga.com and for the same security reasons we don't
use apt-key add anymore for: https://blog.cloudflare.com/dont-use-apt-key

Our repos already reference https://packages.icinga.com/icinga.key
and both RPM distro families properly handle that.
2024-05-16 13:13:13 +02:00