2017-07-14 16:33:05 +02:00
# Resources <a id="resources"></a>
2014-11-18 16:21:48 +01:00
2017-09-26 18:52:32 +02:00
The configuration file `resources.ini` contains information about data sources that can be referenced in other
2014-11-18 16:21:48 +01:00
configuration files. This allows you to manage all data sources at one central place, avoiding the need to edit several
2017-09-26 18:52:32 +02:00
different files when the information about a data source changes.
2014-11-18 16:21:48 +01:00
2017-07-14 16:33:05 +02:00
## Configuration <a id="resources-configuration"></a>
2014-11-18 16:21:48 +01:00
2017-09-26 18:52:32 +02:00
Each section in `resources.ini` represents a data source with the section name being the identifier used to
2014-11-18 16:21:48 +01:00
reference this specific data source. Depending on the data source type, the sections define different directives.
2017-09-26 18:52:32 +02:00
The available data source types are `db` , `ldap` and `ssh` which will described in detail in the following
2014-11-18 16:21:48 +01:00
paragraphs.
2017-09-26 18:52:32 +02:00
Type | Description
-------------------------|-----------------------------------------------
db | A [database ](04-Resources.md#resources-configuration-database ) resource (e.g. Icinga 2 DB IDO or Icinga Web 2 user preferences)
ldap | An [LDAP ](04-Resources.md#resources-configuration-ldap ) resource for authentication.
ssh | Manage [SSH ](04-Resources.md#resources-configuration-ssh ) keys for remote access (e.g. command transport).
2017-07-14 16:33:05 +02:00
### Database <a id="resources-configuration-database"></a>
2014-11-18 16:21:48 +01:00
2017-09-26 18:52:32 +02:00
A Database resource defines a connection to a SQL database which
can contain users and groups to handle authentication and authorization, monitoring data or user preferences.
2014-11-18 16:21:48 +01:00
2018-07-13 19:50:18 +02:00
Option | Description
------------------------------------|------------
type | **Required.** Specifies the resource type. Must be set to `db` .
db | **Required.** Database type. In most cases `mysql` or `pgsql` .
host | **Required.** Connect to the database server on the given host. For using unix domain sockets, specify `localhost` for MySQL and the path to the unix domain socket directory for PostgreSQL.
port | **Required.** Port number to use. MySQL defaults to `3306` , PostgreSQL defaults to `5432` . Mandatory for connections to a PostgreSQL database.
username | **Required.** The database username.
password | **Required.** The database password.
dbname | **Required.** The database name.
charset | **Optional.** The character set for the database connection.
ssl\_do\_not\_verify\_server\_cert | **Optional.** Disable validation of the server certificate. Only available for the `mysql` database and on PHP versions > 5.6.
ssl\_cert | **Optional.** The file path to the SSL certificate. Only available for the `mysql` database.
ssl\_key | **Optional.** The file path to the SSL key. Only available for the `mysql` database.
ssl\_ca | **Optional.** The file path to the SSL certificate authority. Only available for the `mysql` database.
ssl\_capath | **Optional.** The file path to the directory that contains the trusted SSL CA certificates, which are stored in PEM format.Only available for the `mysql` database.
ssl\_cipher | **Optional.** A list of one or more permissible ciphers to use for SSL encryption, in a format understood by OpenSSL. For example: `DHE-RSA-AES256-SHA:AES128-SHA` . Only available for the `mysql` database.
2017-09-28 11:56:50 +02:00
2014-11-18 16:21:48 +01:00
2017-07-14 16:33:05 +02:00
#### Example <a id="resources-configuration-database-example"></a>
2014-11-18 16:21:48 +01:00
2017-09-26 18:52:32 +02:00
The name in brackets defines the resource name.
2016-09-01 14:31:39 +02:00
```
2015-09-28 16:29:01 +02:00
[icingaweb-mysql-tcp]
2014-11-18 16:21:48 +01:00
type = db
db = mysql
2015-09-28 16:29:01 +02:00
host = 127.0.0.1
2014-11-18 16:21:48 +01:00
port = 3306
username = icingaweb
password = icingaweb
dbname = icingaweb
2015-09-28 16:29:01 +02:00
[icingaweb-mysql-socket]
type = db
db = mysql
host = localhost
username = icingaweb
password = icingaweb
dbname = icingaweb
[icingaweb-pgsql-socket]
type = db
db = pgsql
host = /var/run/postgresql
port = 5432
username = icingaweb
password = icingaweb
dbname = icingaweb
2016-09-01 14:31:39 +02:00
```
2014-11-18 16:21:48 +01:00
2017-07-14 16:33:05 +02:00
### LDAP <a id="resources-configuration-ldap"></a>
2014-11-18 16:21:48 +01:00
2017-09-26 18:52:32 +02:00
A LDAP resource represents a tree in a LDAP directory.
LDAP is usually used for authentication and authorization.
2014-11-18 16:21:48 +01:00
2017-09-26 18:52:32 +02:00
Option | Description
-------------------------|-----------------------------------------------
type | **Required.** Specifies the resource type. Must be set to `ldap` .
hostname | **Required.** Connect to the LDAP server on the given host. You can also provide multiple hosts separated by a space.
port | **Required.** Port number to use for the connection.
root\_dn | **Required.** Root object of the tree, e.g. `ou=people,dc=icinga,dc=org` .
bind\_dn | **Required.** The user to use when connecting to the server.
bind\_pw | **Required.** The password to use when connecting to the server.
encryption | **Optional.** Type of encryption to use: `none` (default), `starttls` , `ldaps` .
2018-10-18 10:52:01 +02:00
timeout | **Optional.** Connection timeout for every LDAP connection. Defaults to `5` .
2014-11-18 16:21:48 +01:00
2017-07-14 16:33:05 +02:00
#### Example <a id="resources-configuration-ldap-example"></a>
2014-11-18 16:21:48 +01:00
2017-09-26 18:52:32 +02:00
The name in brackets defines the resource name.
2016-09-01 14:31:39 +02:00
```
2014-11-18 16:21:48 +01:00
[ad]
2016-09-01 14:18:29 +02:00
type = ldap
hostname = localhost
port = 389
root_dn = "ou=people,dc=icinga,dc=org"
bind_dn = "cn=admin,ou=people,dc=icinga,dc=org"
bind_pw = admin
2016-09-01 14:31:39 +02:00
```
2014-11-18 16:21:48 +01:00
2017-07-14 16:33:05 +02:00
### SSH <a id="resources-configuration-ssh"></a>
2015-05-28 10:42:18 +02:00
A SSH resource contains the information about the user and the private key location, which can be used for the key-based
ssh authentication.
2017-09-26 18:52:32 +02:00
Option | Description
-------------------------|-----------------------------------------------
type | **Required.** Specifies the resource type. Must be set to `ssh` .
user | **Required.** The username to use when connecting to the server.
private\_key | **Required.** The path to the private key of the user.
2015-05-28 10:42:18 +02:00
2017-07-14 16:33:05 +02:00
#### Example <a id="resources-configuration-ssh-example"></a>
2015-05-28 10:42:18 +02:00
2017-09-26 18:52:32 +02:00
The name in brackets defines the resource name.
2016-07-08 16:39:24 +02:00
2017-09-26 18:52:32 +02:00
```
2015-05-28 10:42:18 +02:00
[ssh]
2016-09-01 14:18:29 +02:00
type = "ssh"
user = "ssh-user"
private_key = "/etc/icingaweb2/ssh/ssh-user"
2016-09-01 14:31:39 +02:00
```