87 lines
2.6 KiB
PHTML
87 lines
2.6 KiB
PHTML
<div class="controls">
|
|
<?= $this->tabs ?>
|
|
<h1><?= $this->escape($this->title) ?></h1>
|
|
</div>
|
|
|
|
<div class="content">
|
|
<?php
|
|
$cert = $this->escape($this->certname);
|
|
$master = $this->escape($this->master);
|
|
?>
|
|
<p>Please check the <a href="http://docs.icinga.org/icinga2/latest/doc/module/icinga2/chapter/icinga2-client">Icinga 2 Client documentation</a> for more related information. The Director-assisted setup corresponds to configuring the <a href="http://docs.icinga.org/icinga2/latest/doc/module/icinga2/chapter/icinga2-client#icinga2-client-configuration-command-bridge">Client as Command Execution Bridge</a>.</p>
|
|
|
|
<?php if ($this->error): ?>
|
|
<p class="error"><?= $this->escape($this->error) ?></p>
|
|
<?php endif ?>
|
|
|
|
<h2>When using the node wizard</h2>
|
|
<p>Ticket : <code><?= $this->escape($ticket) ?></code></p>
|
|
<h2>Linux commandline</h2>
|
|
<p>Just copy & paste this script (and please scroll down for a corresponding icinga2.cfg):</p>
|
|
<pre>
|
|
#!/bin/bash
|
|
|
|
# This generates and signs your required certificates. Please do not
|
|
# forget to install the Icinga 2 package and your desired monitoring
|
|
# plugins first:
|
|
|
|
ICINGA_PKI_DIR=/etc/icinga2/pki
|
|
ICINGA_USER=nagios
|
|
chown $ICINGA_USER $ICINGA_PKI_DIR
|
|
|
|
icinga2 pki new-cert --cn <?= $cert ?> \
|
|
--key $ICINGA_PKI_DIR/<?= $cert ?>.key \
|
|
--cert $ICINGA_PKI_DIR/<?= $cert ?>.crt
|
|
|
|
icinga2 pki save-cert --key $ICINGA_PKI_DIR/<?= $cert ?>.key \
|
|
--trustedcert $ICINGA_PKI_DIR/trusted-master.crt \
|
|
--host <?= $master ?>
|
|
|
|
icinga2 pki request --host <?= $master ?> \
|
|
--port 5665 \
|
|
--ticket <?= $this->escape($ticket) ?> \
|
|
--key $ICINGA_PKI_DIR/<?= $cert ?>.key \
|
|
--cert $ICINGA_PKI_DIR/<?= $cert ?>.crt \
|
|
--trustedcert $ICINGA_PKI_DIR/trusted-master.crt \
|
|
--ca $ICINGA_PKI_DIR/ca.crt
|
|
</pre>
|
|
|
|
<h2>/etc/icinga2/icinga2.conf</h2>
|
|
<pre>
|
|
/** Icinga 2 Config - proposed by Icinga Director */
|
|
|
|
include "constants.conf"
|
|
include <itl>
|
|
include <plugins>
|
|
// include <plugins-contrib>
|
|
|
|
object FileLogger "main-log" {
|
|
severity = "information"
|
|
path = LocalStateDir + "/log/icinga2/icinga2.log"
|
|
}
|
|
|
|
// TODO: improve establish connection handling
|
|
object Endpoint "<?= $cert ?>" {}
|
|
object Endpoint "<?= $master ?>" {}
|
|
object Zone "<?= $masterzone ?>" {
|
|
endpoints = [ "<?= $master ?>" ]
|
|
// TODO: all endpoints in master zone
|
|
}
|
|
|
|
object Zone "<?= $globalzone ?>" { global = true }
|
|
|
|
object Zone "<?= $cert ?>" {
|
|
parent = "<?= $master ?>"
|
|
endpoints = [ "<?= $cert ?>" ]
|
|
}
|
|
|
|
object ApiListener "api" {
|
|
cert_path = SysconfDir + "/icinga2/pki/<?= $cert ?>.crt"
|
|
key_path = SysconfDir + "/icinga2/pki/<?= $cert ?>.key"
|
|
ca_path = SysconfDir + "/icinga2/pki/ca.crt"
|
|
accept_commands = true
|
|
accept_config = true
|
|
}
|
|
</pre>
|
|
</div>
|