tyler.durden
/
icinga2
mirror of https://github.com/Icinga/icinga2.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
8,461 Commits 347 Branches 117 Tags 197 MiB
Commit Graph

8461 Commits

Author SHA1 Message Date
Michael b2dd330e1f Fixed downtime example in documentation 2017-09-13 16:58:48 +02:00
Michael Friedrich c6f19d7e15 Merge pull request #5570 from Napsty/esxi-hardware-no-lcd 
check_esxi_hardware.py with new --no-lcd parameter
 2017-09-13 10:41:16 +02:00
Gunnar Beutner cd31327f72 Merge pull request #5571 from Icinga/feature/ca-proxy 
Implement support for forwarding certificate signing requests in the cluster
 2017-09-12 14:00:59 +02:00
Gunnar Beutner 4f5727fe1f Update documentation 
refs #5450
 2017-09-12 13:47:04 +02:00
Gunnar Beutner 80421e4619 Build fix for OpenSSL < 1.0.2 
refs #5450
 2017-09-12 13:09:16 +02:00
Michael Friedrich 578dcbe861 Add some more verbose logging details 
refs #5450
 2017-09-12 12:52:50 +02:00
Michael Friedrich 95f0a7a022 Docs: Technical Concepts for cluster and signing 
refs #5450
 2017-09-12 12:52:50 +02:00
Michael Friedrich 4cb090e1a6 Docs: Update user documentation for signing methods and Linux client setups 
Better explanation for "CSR Auto-Signing" and a new term "On-Demand CSR Signing".

The Linux setup now accompanies the user step by step on each question asked.
The full table with all the details is moved to the bottom.

TODO: The Windows setup wizard does not support connection-less or ticket-less requests yet.

refs #5450
 2017-09-12 12:52:50 +02:00
Michael Friedrich f6b267b843 Docs: Update ApiListener object type 
refs #5450
 2017-09-12 12:52:49 +02:00
Michael Friedrich 10b8c00d7a Docs: Add upgrade note for certs path 
refs #5450
 2017-09-12 12:52:49 +02:00
Michael Friedrich 72115e2a99 Docs: Update certs path 
refs #5450
 2017-09-12 12:52:49 +02:00
Michael Friedrich 37ea6ab1fc Fix wrong certs path in ApiListener config 
refs #5450
 2017-09-12 12:52:49 +02:00
Michael Friedrich 501ade374c Remove debug logging, fix ticket path, enhance logging 
refs #5450
 2017-09-12 12:52:49 +02:00
Gunnar Beutner 043106242d Remove API stubs for now 
refs #5450
 2017-09-12 12:52:49 +02:00
Gunnar Beutner 88e57f7fd4 Implement support for cleaning up certificate requests 
refs #5450
 2017-09-12 12:52:49 +02:00
Michael Friedrich 0a85977831 Node Wizard: Tell the user to put ca.crt if no connection to parent is selected 
This also fixes the choice tree for connection-less questions
and prevents empty tickets being stored on disk.

refs #5450
 2017-09-12 12:52:49 +02:00
Gunnar Beutner 2fec16952d Remove unused code 
refs #5450
 2017-09-12 12:52:49 +02:00
Gunnar Beutner f43516a097 Implement the --verbose option for "node wizard" 
refs #5450
 2017-09-12 12:52:49 +02:00
Michael Friedrich e424017c15 Refactor the node wizard/setup CLI commands 
refs #5450
 2017-09-12 12:52:49 +02:00
Michael Friedrich 181b91b759 Enhance logging for certificate requests 
Examples:
https://github.com/Icinga/icinga2/issues/5450#issuecomment-327479874

This also adds code comments where applicable.

refs #5450
 2017-09-12 12:52:49 +02:00
Michael Friedrich ce88e89cc0 Fix wrong cert path for CLI commands 
refs #5450
 2017-09-12 12:52:49 +02:00
Gunnar Beutner a7fe6467ba Improve log messages for the 'pki save-cert' command 
refs #5450
 2017-09-12 12:52:49 +02:00
Michael Friedrich 8040bda2e1 Change directory layout to /var/lib/icinga2/{ca,certs,certificate_requests} 
refs #5450
 2017-09-12 12:52:49 +02:00
Michael Friedrich 88b4a54e6b Fix ticket hash calculation for indirectly connected clients 
refs #5450
 2017-09-12 12:52:49 +02:00
Gunnar Beutner c02742925e Refactor PkiUtility class 
refs #5450
 2017-09-12 12:52:49 +02:00
Michael Friedrich 1e7860f2b1 Implement ApiListener::Get*Dir() functions 
refs #5450
 2017-09-12 12:52:49 +02:00
Gunnar Beutner 6a533796e5 Update output format for the new CLI commands 
refs #5450
 2017-09-12 12:52:49 +02:00
Gunnar Beutner 774936bfe8 Implement support for pki::UpdateCertificate messages 
refs #5450
 2017-09-12 12:52:49 +02:00
Gunnar Beutner 623208d617 Implement support for forwarding certificate requests 
refs #5450
 2017-09-12 12:52:49 +02:00
Gunnar Beutner 03f5ccd252 Implement support for cleaning up expired API callbacks 
refs #5450
 2017-09-12 12:52:49 +02:00
Gunnar Beutner cc43dc734b Refuse to sign certificate if it already has the correct chain and doesn’t expire soon 
refs #5450
 2017-09-12 12:52:49 +02:00
Gunnar Beutner 440f848c7c Improve error handling for JSON-RPC calls 
refs #5450
 2017-09-12 12:52:49 +02:00
Gunnar Beutner a8cc0a601b Add missing _unlink() calls for Windows 
refs #5450
 2017-09-12 12:52:49 +02:00
Gunnar Beutner cb49ac1264 Delete ticket file once we have a signed certificate 
refs #5450
 2017-09-12 12:52:49 +02:00
Gunnar Beutner 4cfbf6eb17 Disconnect all clients when we update our own certificate 
refs #5450
 2017-09-12 12:52:49 +02:00
Gunnar Beutner 439251532e Implement support for saving client tickets 
refs #5450
 2017-09-12 12:52:49 +02:00
Gunnar Beutner 192502f9e5 Implement support for reloading SSL certificates without a restart 
refs #5450
 2017-09-12 12:52:49 +02:00
Gunnar Beutner 0ec07bce51 Implement support for updating client certificates 
refs #5450
 2017-09-12 12:52:49 +02:00
Gunnar Beutner cdff792c11 Make the ticket optional in 'icinga2 node wizard' 
refs #5450
 2017-09-12 12:52:49 +02:00
Gunnar Beutner 8d05fc99c9 Improve message formatting for the 'icinga2 node wizard' command 
refs #5450
 2017-09-12 12:52:49 +02:00
Gunnar Beutner a4684d1bfd Implement support for sending pki::RequestCertificate messages in the cluster 
refs #5450
 2017-09-12 12:52:49 +02:00
Gunnar Beutner b08f5477dc Change PKI path from /etc/icinga2/pki to /var/lib/icinga2/pki 
refs #5450
 2017-09-12 12:52:49 +02:00
Gunnar Beutner abdd4b307b Implement the 'ca list' and 'ca sign' CLI commands 
refs #5450
 2017-09-12 12:52:49 +02:00
Gunnar Beutner 510e2d622a Implement support for ticket-less certificate requests 
refs #5450
 2017-09-12 12:52:49 +02:00
Michael Friedrich 1d75a15d8e ElasticWriter: Implement support for TLS connections (HTTP proxy) 
This commit also enhances the log messages.

refs #5538
 2017-09-12 12:52:49 +02:00
Michael Friedrich 95fbd75df8 ElasticWriter: Add basic auth support for Elasticsearch behind an HTTP proxy 
refs #5538
 2017-09-12 12:52:49 +02:00
Michael Friedrich 344b047ea0 Move Base64 class into libbase 
refs #5538
 2017-09-12 12:52:49 +02:00
Michael Friedrich 386b9de042 Drop obsolete code 
refs #4054
 2017-09-12 12:52:49 +02:00
Jean Flach e19d3f57c7 Add ElasticWriter 
fixes #5538
 2017-09-12 12:52:49 +02:00
Michael Friedrich 9e17ff874b Logs: Change config sync update to highlight an information, not an error 
fixes #5484
 2017-09-12 12:52:49 +02:00