tyler.durden
/
icingaweb2
mirror of https://github.com/Icinga/icingaweb2.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Remove the Vagrant file and all its assets

This commit is contained in:
Sukhwinder Dhillon 2022-04-29 09:43:50 +02:00
parent c5cf7abf0d
commit 09e8644753
72 changed files with 1 additions and 2724 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
.gitattributes vendored
View File

@ -1,11 +1,5 @@
# Exclude files related to git when generating an archive
.git* export-ignore
# Exclude Vagrant and Puppet related files when generating an archive
.puppet* export-ignore
Vagrantfile export-ignore
# Normalize puppet manifests' line endings to LF on checkin and prevent conversion to CRLF when the files are checked out
.puppet* eol=lf
# Include version information on `git archive'
/application/VERSION export-subst

3
.gitignore vendored
View File

@ -1,9 +1,8 @@
# Exclude all hidden files
.*
# Except those related to git and vagrant
# Except those related to git
!.git*
!.puppet*
!.travis.yml
!.mailmap

22
.puppet/TODO.md
View File

@ -1,22 +0,0 @@
Fix steps that are always provisioned:
==> default: Notice: /Stage[main]/Icinga2/Icinga2::Feature[statusdata]/Parent_dirs[/etc/icinga2/features-enabled/statusdata.conf]/Exec[parent_dirs-/etc/icinga2/features-enabled/statusdata.conf]/returns: executed successfully
==> default: Notice: /Stage[main]/Icinga2_dev/Icinga2::Config[constants]/Parent_dirs[/etc/icinga2/constants.conf]/Exec[parent_dirs-/etc/icinga2/constants.conf]/returns: executed successfully
==> default: Notice: /Stage[main]/Icinga2_dev/Icinga2::Config[conf.d/commands]/Parent_dirs[/etc/icinga2/conf.d/commands.conf]/Exec[parent_dirs-/etc/icinga2/conf.d/commands.conf]/returns: executed successfully
==> default: Notice: /Stage[main]/Icinga2/Icinga2::Feature[command]/Parent_dirs[/etc/icinga2/features-enabled/command.conf]/Exec[parent_dirs-/etc/icinga2/features-enabled/command.conf]/returns: executed successfully
==> default: Notice: /Stage[main]/Icingaweb2_dev/Pgsql::Database::Populate[icingaweb]/Exec[populate-icingaweb-pgsql-db]/returns: executed successfully
==> default: Notice: /Stage[main]/Php/Exec[php-timezone]/returns: executed successfully
==> default: Notice: /Stage[main]/Icinga2_dev/Icinga2::Config[conf.d/test-config]/Parent_dirs[/etc/icinga2/conf.d/test-config.conf]/Exec[parent_dirs-/etc/icinga2/conf.d/test-config.conf]/returns: executed successfully
==> default: Notice: /Stage[main]/Icingaweb2_dev/Exec[populate-openldap]/returns: executed successfully
==> default: Notice: /Stage[main]/Monitoring_test_config/Git_cmmi[Monitoring-Generator-TestConfig]/Cmmi_dir[Monitoring-Generator-TestConfig]/Exec[configure-Monitoring-Generator-TestConfig]/returns: executed successfully
==> default: Notice: /Stage[main]/Monitoring_test_config/Git_cmmi[Monitoring-Generator-TestConfig]/Cmmi_dir[Monitoring-Generator-TestConfig]/Exec[make-Monitoring-Generator-TestConfig]/returns: executed successfully
==> default: Notice: /Stage[main]/Icinga2/Icinga2::Feature[compatlog]/Parent_dirs[/etc/icinga2/features-enabled/compatlog.conf]/Exec[parent_dirs-/etc/icinga2/features-enabled/compatlog.conf]/returns: executed successfully
==> default: Notice: /Stage[main]/Icinga2_mysql/Icinga2::Feature[ido-mysql]/Parent_dirs[/etc/icinga2/features-enabled/ido-mysql.conf]/Exec[parent_dirs-/etc/icinga2/features-enabled/ido-mysql.conf]/returns: executed successfully
==> default: Notice: /Stage[main]/Apache/Service[httpd]: Triggered 'refresh' from 1 events
==> default: Notice: /Stage[main]/Icingaweb2_dev/Exec[enable-monitoring-module]/returns: executed successfully
==> default: Notice: /Stage[main]/Icingaweb2_dev/Exec[enable-test-module]/returns: executed successfully
==> default: Notice: /Stage[main]/Icinga2_mysql/Icinga2::Feature[ido-mysql]/Icinga2::Config[features-available/ido-mysql]/Parent_dirs[/etc/icinga2/features-available/ido-mysql.conf]/Exec[parent_dirs-/etc/icinga2/features-available/ido-mysql.conf]/returns: executed successfully
==> default: Notice: /Stage[main]/Icinga2_pgsql/Icinga2::Feature[ido-pgsql]/Icinga2::Config[features-available/ido-pgsql]/Parent_dirs[/etc/icinga2/features-available/ido-pgsql.conf]/Exec[parent_dirs-/etc/icinga2/features-available/ido-pgsql.conf]/returns: executed successfully
==> default: Notice: /Stage[main]/Icinga2_pgsql/Icinga2::Feature[ido-pgsql]/Parent_dirs[/etc/icinga2/features-enabled/ido-pgsql.conf]/Exec[parent_dirs-/etc/icinga2/features-enabled/ido-pgsql.conf]/returns: executed successfully
Fix provisioning for CentOS 7

2
.puppet/files/etc/profile.d/env.sh
View File

@ -1,2 +0,0 @@
export PATH="/opt/rh/rh-php73/root/bin:$PATH"
export PATH="$PATH:/usr/local/bin"

8
.puppet/hiera/common.yaml
View File

@ -1,8 +0,0 @@
---
icingaweb2::config: /etc/icingaweb2
icingaweb2::log: /var/log/icingaweb2/icingaweb2.log
icingaweb2::web_path: icingaweb2
icingaweb2::db_user: icingaweb2
icingaweb2::db_pass: icingaweb2
icingaweb2::db_name: icingaweb2
icingaweb2::group: icingaweb2

9
.puppet/hiera/hiera.yaml
View File

@ -1,9 +0,0 @@
---
:backends:
- yaml
:hierarchy:
- common
:yaml:
:datadir: /vagrant/.puppet/hiera

26
.puppet/manifests/puppet.sh
View File

@ -1,26 +0,0 @@
#!/bin/bash
set -e
if which puppet >/dev/null 2>&1; then
exit 0
fi
RELEASEVER=$(rpm -q --qf "%{VERSION}" $(rpm -q --whatprovides redhat-release))
case $RELEASEVER in
6|7)
PUPPET="https://yum.puppetlabs.com/puppetlabs-release-el-${RELEASEVER}.noarch.rpm"
;;
*)
echo "Unknown release version: $RELEASEVER" >&2
exit 1
;;
esac
echo "Adding puppet repository.."
rpm --import "https://yum.puppetlabs.com/RPM-GPG-KEY-puppetlabs"
rpm -Uvh $PUPPET >/dev/null
echo "Installing puppet.."
yum install -y puppet >/dev/null

18
.puppet/manifests/site.pp
View File

@ -1,18 +0,0 @@
stage { 'repositories':
before => Stage['main'],
}
node default {
class { 'epel':
stage => repositories,
}
include base
include icinga2_dev
include icingaweb2_dev
include motd
file { '/etc/profile.d/env.sh':
source => 'puppet:////vagrant/.puppet/files/etc/profile.d/env.sh'
}
@user { vagrant: ensure => present }
User <| title == vagrant |> { groups +> hiera('icingaweb2::group') }
}

48
.puppet/modules/apache/manifests/init.pp
View File

@ -1,48 +0,0 @@
# Class: apache
#
# This class installs the apache server.
#
# Parameters:
#
# Actions:
#
# Requires:
#
# Sample Usage:
#
# include apache
#
class apache {
$apache = $::operatingsystem ? {
/(Debian|Ubuntu)/ => 'apache2',
/(RedHat|CentOS|Fedora)/ => 'httpd'
}
$user = $::operatingsystem ? {
/(Debian|Ubuntu)/ => 'www-data',
/(RedHat|CentOS|Fedora)/ => 'apache'
}
package { $apache:
ensure => latest,
alias => 'apache',
}
service { $apache:
ensure => running,
enable => true,
alias => 'apache',
require => Package['apache'],
}
package { 'mod_ssl':
ensure => latest,
notify => Service[$apache],
}
@user { $user:
alias => 'apache',
}
User <| alias == apache |>
}

15
.puppet/modules/cmmi_dir/manifests/init.pp
View File

@ -1,15 +0,0 @@
define cmmi_dir (
$configure='./configure',
$make='make && make install'
) {
Exec {
path => '/usr/bin:/bin',
cwd => "/usr/local/src/${name}",
}
exec { "configure-${name}":
command => $configure,
} -> exec { "make-${name}":
command => $make,
}
}

24
.puppet/modules/epel/manifests/init.pp
View File

@ -1,24 +0,0 @@
# Class: epel
#
# Configure EPEL repository.
#
# Parameters:
#
# Actions:
#
# Requires:
#
# Sample Usage:
#
# include epel
#
class epel {
exec { 'rpm --import RPM-GPG-KEY-EPEL':
command => '/bin/rpm --import https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-7',
}
-> exec { 'yum install epel-release-latest':
command => '/bin/yum install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm',
creates => '/etc/yum.repos.d/epel.repo',
}
}

13
.puppet/modules/git/manifests/init.pp
View File

@ -1,13 +0,0 @@
# Class: git
#
# This class installs git.
#
# Sample Usage:
#
# include git
#
class git {
package { 'git':
ensure => latest,
}
}

20
.puppet/modules/git_cmmi/manifests/init.pp
View File

@ -1,20 +0,0 @@
define git_cmmi (
$url,
$configure='./configure',
$make='make && make install'
) {
include git
$srcDir = '/usr/local/src'
exec { "git-clone-${name}":
cwd => $srcDir,
path => '/usr/bin:/bin',
unless => "test -d '${srcDir}/${name}/.git'",
command => "git clone '${url}' '${name}'",
require => Class['git'],
} -> cmmi_dir { $name:
configure => $configure,
make => $make,
}
}

353
.puppet/modules/icinga/templates/ido2db-mysql.cfg.erb
View File

@ -1,353 +0,0 @@
#####################################################################
# IDO2DB DAEMON CONFIG FILE
#####################################################################
# LOCK FILE
# This is the lockfile that IDO2DB will use to store its PID number
# in when it is running in daemon mode.
lock_file=/usr/local/icinga-mysql/var/ido2db.lock
# USER/GROUP PRIVILIGES
# These options determine the user/group that the daemon should run as.
# You can specify a number (uid/gid) or a name for either option.
ido2db_user=icinga
ido2db_group=icinga
# SOCKET TYPE
# This option determines what type of socket the daemon will create
# an accept connections from.
# Value:
# unix = Unix domain socket (default)
# tcp = TCP socket
socket_type=unix
#socket_type=tcp
# SOCKET NAME
# This option determines the name and path of the UNIX domain
# socket that the daemon will create and accept connections from.
# This option is only valid if the socket type specified above
# is "unix".
socket_name=/usr/local/icinga-mysql/var/ido.sock
# SOCKET PERMISSIONS
# This option determines the permissions of the Unix domain
# socket. This option is only valid if the socket type specified
# above is "unix". Default permissions are set to 0755.
socket_perm=0755
# TCP PORT
# This option determines what port the daemon will listen for
# connections on. This option is only vlaid if the socket type
# specified above is "tcp".
tcp_port=5668
# ENCRYPTION
# This option determines if the ido2db daemon will accept SSL to encrypt the
# network traffic between module and ido2db daemon.
# Both sides have to enable this feature which depends on SSL Libraries
# like openssl or kerberos
# This option is only valid if the output type
# option specified above is "tcpsocket".
#
# A value of '1' will enable this feature
use_ssl=0
# LIBDBI DRIVER DIRECTORY !!!EXPERIMENTAL!!!
# This option is only valid when using libdbi as database abstraction layer
# (so not oracle) on compile time. By default, libdbi will figure out the
# correct path itsself. If you want to change it, enable and change the value.
#
# Default: not in use, enable and change to e.g. /usr/local/lib/dbd
#libdbi_driver_dir=/usr/local/lib/dbd
# DATABASE SERVER TYPE
# This option determines what type of DB server the daemon should
# connect to.
# Values:
# mysql = MySQL
# pgsql = PostgreSQL
# db2 = DB2
# firebird = Firebird
# freetds = FreeTDS
# ingres = Ingres
# msql = MSSQL
# oracle = Oracle
# sqlite = SQLite
# sqlite3 = SQLite3
# Currently supported:
# libdbi: mysql, pgsql
# ocilib: oracle
db_servertype=mysql
# DATABASE HOST
# This option specifies what host the DB server is running on.
# Note: Oracle will ignore this setting
db_host=localhost
# DATABASE PORT
# This option specifies the port that the DB server is running on.
# Values:
# 3306 = Default MySQL port
# 5432 = Default PostgreSQL port
# 1521 = Default Oracle port
#
# Note: ocilib will ignore this, you have to modify your tnsnames.ora
db_port=3306
# DATABASE SOCKET
# Optional db_socket allows to specify a different socket location.
# This will be passed to libdbi MySQL as mysql_unix_socket, while
# PostgeSQL overrides the port, ocilib Oracle ignores this setting.
#
# Note: This setting overrules db_port, making it useless!
#db_socket=/var/lib/mysql/mysql.sock
# DATABASE NAME
# This option specifies the name of the database that should be used.
#
# Note: Oracle with ocilib requires tnsnames.ora filled with host, port
# and database information. you can use the SID then with ocilib and
# one of the following:
# //DBSERVER/SID
# SID
db_name=icinga
# DATABASE TABLE PREFIX
# Determines the prefix (if any) that should be prepended to table names.
# If you modify the table prefix, you'll need to modify the SQL script for
# creating the database!
#
# Note: Oracle will ignore this prefix since the tablename length will exceed
# 30 characters.
db_prefix=icinga_
# DATABASE USERNAME/PASSWORD
# This is the username/password that will be used to authenticate to the DB.
# The user needs at least SELECT, INSERT, UPDATE, and DELETE privileges on
# the database.
db_user=icinga
db_pass=icinga
## TABLE TRIMMING OPTIONS
# Several database tables containing Icinga event data can become quite large
# over time. Most admins will want to trim these tables and keep only a
# certain amount of data in them. The options below are used to specify the
# age (in MINUTES) that data should be allowd to remain in various tables
# before it is deleted. Using a value of zero (0) for any value means that
# that particular table should NOT be automatically trimmed.
#
# Remember: There are no optimized settings, it depends on your rdbm install,
# number/checkinterval of host/service-checks and your desired time of data
# savings - historical vs live-data. Please keep in mind that low delete
# intervals may interfere with insert/update data from Icinga.
# ***DEFAULT***
# Keep timed events for 1 hour
max_timedevents_age=60
# Keep system commands for 1 day
max_systemcommands_age=1440
# Keep service checks for 1 day
max_servicechecks_age=1440
# Keep host checks for 1 day
max_hostchecks_age=1440
# Keep event handlers for 1 week
max_eventhandlers_age=10080
# Keep external commands for 1 week
max_externalcommands_age=10080
# Keep logentries for 31 days
max_logentries_age=44640
# Keep acknowledgements for 31 days
max_acknowledgements_age=44640
# Keep notifications for 31 days
max_notifications_age=44640
# Keep contactnotifications for 31 days
max_contactnotifications_age=44640
# Keep contactnotificationmethods for 31 days
max_contactnotificationmethods_age=44640
## CLEAN REALTIME TABLES AT CORE STARTUP !!!EXPERIMENTAL!!!
# If you don't want to clean all those tables, set this option to 0.
# This can be useful if the deletes slow down the normal data
# processing.
# Values: 0 - don't clean
# 1 - clean (default)
clean_realtime_tables_on_core_startup=1
## CLEAN CONFIG TABLES AT CORE STARTUP !!!EXPERIMENTAL!!!
# If you don't want to clean all those tables, set this option to 0.
# This can be useful if the deletes slow down the normal data
# processing.
# Furthermore if you need to keep e.g. the state of customvariables
# or any other tables not directly linked to the objects table.
# Values: 0 - don't clean
# 1 - clean (default)
clean_config_tables_on_core_startup=1
# ***EXPERIMENTAL*** DB TRIMMING INTERVAL
# ido2db default db trimming interval is set to 3600 SECONDS.
# Some environments will require higher or lower values. This setting is
# highly experimental!!!
# Modify at your own risk to set the interval DB trimming interval
# to an appropriate value. If left blank, it defaults to 3600 seconds.
trim_db_interval=3600
# DB TRIMMING THREAD DELAY ON STARTUP
# ido2db spawns a thread for parallel db trimming. This option can be
# modified to extend/minimize the initial wait delay at startup.
# Default is set to 300 seconds in order to allow startup routines.
# 300 seconds is also the minimum value, lower ones will be overwritten.
housekeeping_thread_startup_delay=300
# DEBUG LEVEL
# This option determines how much (if any) debugging information will
# be written to the debug file. OR values together to log multiple
# types of information.
# Values: -1 = Everything
# 0 = Nothing
# 1 = Process info
# 2 = SQL queries
debug_level=0
# DEBUG VERBOSITY
# This option determines how verbose the debug log out will be.
# Values: 0 = Brief output
# 1 = More detailed
# 2 = Very detailed
debug_verbosity=2
# DEBUG FILE
# This option determines where the daemon should write debugging information.
debug_file=/usr/local/icinga-mysql/var/ido2db.debug
# MAX DEBUG FILE SIZE
# This option determines the maximum size (in bytes) of the debug file. If
# the file grows larger than this size, it will be renamed with a .old
# extension. If a file already exists with a .old extension it will
# automatically be deleted. This helps ensure your disk space usage doesn't
# get out of control when debugging.
# 100M
max_debug_file_size=100000000
# DEBUG READABLE TIMESTAMP
# This option will allow you to set a readable timestamp instead of the
# default unix timestamp.
# Values: 0 = disabled, 1 = enabled
debug_readable_timestamp=0
# OCI ERRORS TO SYSLOG
# ido2db registers an error handler in ocilib which spits all msg
# into debug and syslog by default. Setting this option to 0,
# syslog output will be disabled, only debug log will be used (if
# appropriate debug_level is set).
oci_errors_to_syslog=1
# ORACLE TRACE LEVEL
# This setting activates oracle session trace for each ido2db connection using trace event
# Level value must be one of the currently supported values (1,4,8,12) or 0 for off
# this requires explicit "alter session" privilege
# select rights to v$session and v$process are recommanded
# 0 - pseudo level TRACE OFF
# 1 standard SQL trace, no wait events, or bind variables.
# 4 Bind variables only
# 8 Wait events only
# 12 Bind Variables and Wait Events
oracle_trace_level=0
# ENABLE SLA - DEPRECATED!
# This setting enables collection of SLA data in the slahistory table
# Values: 0 = disabled, 1 = enabled
#
# WARNING: This setting will be deprecated in 1.9 and not developed
# anymore, as it has never been used by any Icinga application.
enable_sla=0

353
.puppet/modules/icinga/templates/ido2db-pgsql.cfg.erb
View File

@ -1,353 +0,0 @@
#####################################################################
# IDO2DB DAEMON CONFIG FILE
#####################################################################
# LOCK FILE
# This is the lockfile that IDO2DB will use to store its PID number
# in when it is running in daemon mode.
lock_file=/usr/local/icinga-pgsql/var/ido2db.lock
# USER/GROUP PRIVILIGES
# These options determine the user/group that the daemon should run as.
# You can specify a number (uid/gid) or a name for either option.
ido2db_user=icinga
ido2db_group=icinga
# SOCKET TYPE
# This option determines what type of socket the daemon will create
# an accept connections from.
# Value:
# unix = Unix domain socket (default)
# tcp = TCP socket
socket_type=unix
#socket_type=tcp
# SOCKET NAME
# This option determines the name and path of the UNIX domain
# socket that the daemon will create and accept connections from.
# This option is only valid if the socket type specified above
# is "unix".
socket_name=/usr/local/icinga-pgsql/var/ido.sock
# SOCKET PERMISSIONS
# This option determines the permissions of the Unix domain
# socket. This option is only valid if the socket type specified
# above is "unix". Default permissions are set to 0755.
socket_perm=0755
# TCP PORT
# This option determines what port the daemon will listen for
# connections on. This option is only vlaid if the socket type
# specified above is "tcp".
tcp_port=5668
# ENCRYPTION
# This option determines if the ido2db daemon will accept SSL to encrypt the
# network traffic between module and ido2db daemon.
# Both sides have to enable this feature which depends on SSL Libraries
# like openssl or kerberos
# This option is only valid if the output type
# option specified above is "tcpsocket".
#
# A value of '1' will enable this feature
use_ssl=0
# LIBDBI DRIVER DIRECTORY !!!EXPERIMENTAL!!!
# This option is only valid when using libdbi as database abstraction layer
# (so not oracle) on compile time. By default, libdbi will figure out the
# correct path itsself. If you want to change it, enable and change the value.
#
# Default: not in use, enable and change to e.g. /usr/local/lib/dbd
#libdbi_driver_dir=/usr/local/lib/dbd
# DATABASE SERVER TYPE
# This option determines what type of DB server the daemon should
# connect to.
# Values:
# mysql = MySQL
# pgsql = PostgreSQL
# db2 = DB2
# firebird = Firebird
# freetds = FreeTDS
# ingres = Ingres
# msql = MSSQL
# oracle = Oracle
# sqlite = SQLite
# sqlite3 = SQLite3
# Currently supported:
# libdbi: mysql, pgsql
# ocilib: oracle
db_servertype=pgsql
# DATABASE HOST
# This option specifies what host the DB server is running on.
# Note: Oracle will ignore this setting
db_host=127.0.0.1
# DATABASE PORT
# This option specifies the port that the DB server is running on.
# Values:
# 3306 = Default MySQL port
# 5432 = Default PostgreSQL port
# 1521 = Default Oracle port
#
# Note: ocilib will ignore this, you have to modify your tnsnames.ora
db_port=5432
# DATABASE SOCKET
# Optional db_socket allows to specify a different socket location.
# This will be passed to libdbi MySQL as mysql_unix_socket, while
# PostgeSQL overrides the port, ocilib Oracle ignores this setting.
#
# Note: This setting overrules db_port, making it useless!
#db_socket=/var/lib/mysql/mysql.sock
# DATABASE NAME
# This option specifies the name of the database that should be used.
#
# Note: Oracle with ocilib requires tnsnames.ora filled with host, port
# and database information. you can use the SID then with ocilib and
# one of the following:
# //DBSERVER/SID
# SID
db_name=icinga
# DATABASE TABLE PREFIX
# Determines the prefix (if any) that should be prepended to table names.
# If you modify the table prefix, you'll need to modify the SQL script for
# creating the database!
#
# Note: Oracle will ignore this prefix since the tablename length will exceed
# 30 characters.
db_prefix=icinga_
# DATABASE USERNAME/PASSWORD
# This is the username/password that will be used to authenticate to the DB.
# The user needs at least SELECT, INSERT, UPDATE, and DELETE privileges on
# the database.
db_user=icinga
db_pass=icinga
## TABLE TRIMMING OPTIONS
# Several database tables containing Icinga event data can become quite large
# over time. Most admins will want to trim these tables and keep only a
# certain amount of data in them. The options below are used to specify the
# age (in MINUTES) that data should be allowd to remain in various tables
# before it is deleted. Using a value of zero (0) for any value means that
# that particular table should NOT be automatically trimmed.
#
# Remember: There are no optimized settings, it depends on your rdbm install,
# number/checkinterval of host/service-checks and your desired time of data
# savings - historical vs live-data. Please keep in mind that low delete
# intervals may interfere with insert/update data from Icinga.
# ***DEFAULT***
# Keep timed events for 1 hour
max_timedevents_age=60
# Keep system commands for 1 day
max_systemcommands_age=1440
# Keep service checks for 1 day
max_servicechecks_age=1440
# Keep host checks for 1 day
max_hostchecks_age=1440
# Keep event handlers for 1 week
max_eventhandlers_age=10080
# Keep external commands for 1 week
max_externalcommands_age=10080
# Keep logentries for 31 days
max_logentries_age=44640
# Keep acknowledgements for 31 days
max_acknowledgements_age=44640
# Keep notifications for 31 days
max_notifications_age=44640
# Keep contactnotifications for 31 days
max_contactnotifications_age=44640
# Keep contactnotificationmethods for 31 days
max_contactnotificationmethods_age=44640
## CLEAN REALTIME TABLES AT CORE STARTUP !!!EXPERIMENTAL!!!
# If you don't want to clean all those tables, set this option to 0.
# This can be useful if the deletes slow down the normal data
# processing.
# Values: 0 - don't clean
# 1 - clean (default)
clean_realtime_tables_on_core_startup=1
## CLEAN CONFIG TABLES AT CORE STARTUP !!!EXPERIMENTAL!!!
# If you don't want to clean all those tables, set this option to 0.
# This can be useful if the deletes slow down the normal data
# processing.
# Furthermore if you need to keep e.g. the state of customvariables
# or any other tables not directly linked to the objects table.
# Values: 0 - don't clean
# 1 - clean (default)
clean_config_tables_on_core_startup=1
# ***EXPERIMENTAL*** DB TRIMMING INTERVAL
# ido2db default db trimming interval is set to 3600 SECONDS.
# Some environments will require higher or lower values. This setting is
# highly experimental!!!
# Modify at your own risk to set the interval DB trimming interval
# to an appropriate value. If left blank, it defaults to 3600 seconds.
trim_db_interval=3600
# DB TRIMMING THREAD DELAY ON STARTUP
# ido2db spawns a thread for parallel db trimming. This option can be
# modified to extend/minimize the initial wait delay at startup.
# Default is set to 300 seconds in order to allow startup routines.
# 300 seconds is also the minimum value, lower ones will be overwritten.
housekeeping_thread_startup_delay=300
# DEBUG LEVEL
# This option determines how much (if any) debugging information will
# be written to the debug file. OR values together to log multiple
# types of information.
# Values: -1 = Everything
# 0 = Nothing
# 1 = Process info
# 2 = SQL queries
debug_level=0
# DEBUG VERBOSITY
# This option determines how verbose the debug log out will be.
# Values: 0 = Brief output
# 1 = More detailed
# 2 = Very detailed
debug_verbosity=2
# DEBUG FILE
# This option determines where the daemon should write debugging information.
debug_file=/usr/local/icinga-pgsql/var/ido2db.debug
# MAX DEBUG FILE SIZE
# This option determines the maximum size (in bytes) of the debug file. If
# the file grows larger than this size, it will be renamed with a .old
# extension. If a file already exists with a .old extension it will
# automatically be deleted. This helps ensure your disk space usage doesn't
# get out of control when debugging.
# 100M
max_debug_file_size=100000000
# DEBUG READABLE TIMESTAMP
# This option will allow you to set a readable timestamp instead of the
# default unix timestamp.
# Values: 0 = disabled, 1 = enabled
debug_readable_timestamp=0
# OCI ERRORS TO SYSLOG
# ido2db registers an error handler in ocilib which spits all msg
# into debug and syslog by default. Setting this option to 0,
# syslog output will be disabled, only debug log will be used (if
# appropriate debug_level is set).
oci_errors_to_syslog=1
# ORACLE TRACE LEVEL
# This setting activates oracle session trace for each ido2db connection using trace event
# Level value must be one of the currently supported values (1,4,8,12) or 0 for off
# this requires explicit "alter session" privilege
# select rights to v$session and v$process are recommanded
# 0 - pseudo level TRACE OFF
# 1 standard SQL trace, no wait events, or bind variables.
# 4 Bind variables only
# 8 Wait events only
# 12 Bind Variables and Wait Events
oracle_trace_level=0
# ENABLE SLA - DEPRECATED!
# This setting enables collection of SLA data in the slahistory table
# Values: 0 = disabled, 1 = enabled
#
# WARNING: This setting will be deprecated in 1.9 and not developed
# anymore, as it has never been used by any Icinga application.
enable_sla=0

42
.puppet/modules/icinga2/manifests/config.pp
View File

@ -1,42 +0,0 @@
# Define: icinga2::config
#
# Provide Icinga 2 configuration file
#
# Parameters:
#
# [*source*] - where to take the file from
#
# Requires:
#
# icinga2
#
# Sample Usage:
#
# icinga2::config { 'constants';
# source => 'puppet:///modules/icinga2_dev',
# }
#
# Provide configuration file '/etc/icinga2/constants.conf'
# from 'puppet:///modules/icinga2_dev/constants.conf'
# ('/path/to/puppet/modules/icinga2_dev/files/constants.conf')
#
define icinga2::config ($source) {
include icinga2
$path = "/etc/icinga2/${name}.conf"
parent_dirs { $path:
user => 'icinga',
require => [
User['icinga'],
File['icinga2cfgDir']
],
}
-> file { $path:
source => "${source}/${name}.conf",
owner => 'icinga',
group => 'icinga',
notify => Service['icinga2'],
require => User['icinga'],
}
}

31
.puppet/modules/icinga2/manifests/feature.pp
View File

@ -1,31 +0,0 @@
# Define: icinga2::feature
#
# Enable Icinga 2 feature
#
# Requires:
#
# icinga2
#
# Sample Usage:
#
# icinga2::feature { 'example-feature'; }
#
define icinga2::feature ($ensure = 'present') {
include icinga2
$action = $ensure ? {
/(present)/ => 'enable',
/(absent)/ => 'disable',
}
$test = $ensure ? {
/(present)/ => '-e',
/(absent)/ => '! -e',
}
exec { "icinga2-feature-${action}-${name}":
unless => "/usr/bin/test ${test} /etc/icinga2/features-enabled/${name}.conf",
command => "/usr/sbin/icinga2 feature ${action} ${name}",
require => Package['icinga2'],
notify => Service['icinga2'],
}
}

42
.puppet/modules/icinga2/manifests/init.pp
View File

@ -1,42 +0,0 @@
# Class: icinga2
#
# This class installs Icinga 2.
#
# Requires:
#
# icinga_packages
# icinga2::feature
#
# Sample Usage:
#
# include icinga2
#
class icinga2 {
include icinga_packages
package { [
'icinga2', 'icinga2-doc'
]:
ensure => latest,
require => Class['icinga_packages'],
}
-> service { 'icinga2':
ensure => running,
enable => true,
require => User['icinga'],
}
user { 'icinga':
ensure => present,
}
-> file { 'icinga2cfgDir':
path => '/etc/icinga2',
ensure => directory,
links => follow,
owner => 'icinga',
group => 'icinga',
mode => '6750',
}
icinga2::feature { [ 'statusdata', 'command', 'compatlog' ]: }
}

13
.puppet/modules/icinga2_mysql/files/features-available/ido-mysql.conf
View File

@ -1,13 +0,0 @@
/**
* The db_ido_mysql library implements IDO functionality
* for MySQL.
*/
library "db_ido_mysql"
object IdoMysqlConnection "ido-mysql" {
user = "icinga2",
password = "icinga2",
host = "localhost",
database = "icinga2"
}

35
.puppet/modules/icinga2_mysql/manifests/init.pp
View File

@ -1,35 +0,0 @@
# Class: icinga2_mysql
#
# This class installs Icinga 2 and Icinga-2-IDO-MySQL and set up the database for the last one.
#
# Requires:
#
# icinga_packages
# icinga2
# icinga2::feature
# icinga2::config
# mysql::database::populate
#
# Sample Usage:
#
# include icinga2_mysql
#
class icinga2_mysql {
include icinga2
include icinga_packages
package { 'icinga2-ido-mysql':
ensure => latest,
require => Class['icinga_packages'],
}
-> mysql::database::populate { 'icinga2':
username => 'icinga2',
password => 'icinga2',
privileges => 'SELECT,INSERT,UPDATE,DELETE',
schemafile => '/usr/share/icinga2-ido-mysql/schema/mysql.sql',
}
-> icinga2::config { 'features-available/ido-mysql':
source => 'puppet:///modules/icinga2_mysql',
}
-> icinga2::feature { 'ido-mysql': }
}

13
.puppet/modules/icinga2_pgsql/files/features-available/ido-pgsql.conf
View File

@ -1,13 +0,0 @@
/**
* The db_ido_pgsql library implements IDO functionality
* for PostgreSQL.
*/
library "db_ido_pgsql"
object IdoPgsqlConnection "ido-pgsql" {
user = "icinga2",
password = "icinga2",
host = "localhost",
database = "icinga2"
}

18
.puppet/modules/icinga2_pgsql/manifests/init.pp
View File

@ -1,18 +0,0 @@
class icinga2_pgsql {
include icinga2
include icinga_packages
package { 'icinga2-ido-pgsql':
ensure => latest,
require => Class['icinga_packages'],
}
-> pgsql::database::populate { 'icinga2':
username => 'icinga2',
password => 'icinga2',
schemafile => '/usr/share/icinga2-ido-pgsql/schema/pgsql.sql',
}
# Because Icinga 2 does not handle more than one IDO connection properly, The ido-pgsql will not be enabled by default.
# -> icinga2::feature { 'ido-pgsql':
# source => 'puppet:///modules/icinga2_pgsql',
# }
}

26
.puppet/modules/icinga_packages/manifests/init.pp
View File

@ -1,26 +0,0 @@
# Class: icinga_packages
#
# This class adds the YUM repository for the Icinga packages.
#
# Sample Usage:
#
# include icinga_packages
#
class icinga_packages {
yumrepo { 'icinga_packages':
baseurl => "https://packages.icinga.com/epel/${::operatingsystemmajrelease}/snapshot/",
enabled => '1',
gpgcheck => '1',
gpgkey => 'https://packages.icinga.com/icinga.key',
descr => "Icinga Repository - ${::architecture}"
}
yumrepo { 'icinga_release_packages':
baseurl => "https://packages.icinga.com/epel/${::operatingsystemmajrelease}/release/",
enabled => '1',
gpgcheck => '1',
gpgkey => 'https://packages.icinga.com/icinga.key',
descr => "Icinga Repository - ${::architecture} (release)",
includepkgs => 'icinga-php-*'
}
}

12
.puppet/modules/icingacli/manifests/init.pp
View File

@ -1,12 +0,0 @@
# TODO(el): This module is not reuseable because it relies on vagrant paths
class icingacli {
file { '/usr/local/bin/icingacli':
ensure => link,
target => '/vagrant/bin/icingacli',
}
file { '/etc/bash_completion.d/icingacli':
ensure => link,
target => '/vagrant/etc/bash_completion.d/icingacli',
}
}

15
.puppet/modules/icingaweb2/manifests/config.pp
View File

@ -1,15 +0,0 @@
class icingaweb2::config (
$config = hiera('icingaweb2::config'),
$web_group = hiera('icingaweb2::group')
) {
group { $web_group:
ensure => present,
}
file { [ "${config}", "${config}/enabledModules", "${config}/modules", "${config}/preferences" ]:
ensure => directory,
owner => 'root',
group => $web_group,
mode => '2770',
}
}

21
.puppet/modules/icingaweb2/manifests/config/general.pp
View File

@ -1,21 +0,0 @@
define icingaweb2::config::general (
$source,
$config = hiera('icingaweb2::config'),
$log = hiera('icingaweb2::log'),
$web_path = hiera('icingaweb2::web_path'),
$db_user = hiera('icingaweb2::db_user'),
$db_pass = hiera('icingaweb2::db_pass'),
$db_name = hiera('icingaweb2::db_name'),
$web_group = hiera('icingaweb2::group'),
$replace = true
) {
include icingaweb2::config
file { "${config}/${name}.ini":
content => template("${source}/${name}.ini.erb"),
owner => 'root',
group => $web_group,
mode => '0660',
replace => $replace,
}
}

26
.puppet/modules/icingaweb2/manifests/config/module.pp
View File

@ -1,26 +0,0 @@
define icingaweb2::config::module (
$module,
$source,
$config = hiera('icingaweb2::config'),
$web_group = hiera('icingaweb2::group'),
$replace = true
) {
include icingaweb2::config
if ! defined(File["${config}/modules/${module}"]) {
file { "${config}/modules/${module}":
ensure => directory,
owner => 'root',
group => $web_group,
mode => '2770',
}
}
file { "${config}/modules/${module}/${name}.ini":
source => "${source}/modules/${module}/${name}.ini",
owner => 'root',
group => $web_group,
mode => '0660',
replace => $replace,
}
}

9
.puppet/modules/monitoring_plugins/manifests/init.pp
View File

@ -1,9 +0,0 @@
class monitoring_plugins {
include epel
# nagios plugins from epel
package { 'nagios-plugins-all':
ensure => latest,
require => Class['epel']
}
}

25
.puppet/modules/monitoring_test_config/manifests/init.pp
View File

@ -1,25 +0,0 @@
class monitoring_test_config {
package { [
'perl',
'perl-Module-Install',
'perl-CPAN',
'perl-File-Which',
'perl-Time-HiRes'
]:
ensure => latest,
}
-> git_cmmi { 'Monitoring-Generator-TestConfig':
url => 'https://github.com/sni/Monitoring-Generator-TestConfig.git',
configure => 'perl Makefile.PL',
make => 'make && make test && make install',
}
-> exec { 'create_monitoring_test_config':
path => '/usr/local/bin:/usr/bin:/bin',
command => 'install -o root -g root -d /usr/local/share/misc/ && \
create_monitoring_test_config.pl -l icinga /usr/local/share/misc/monitoring_test_config',
creates => '/usr/local/share/misc/monitoring_test_config',
}
-> monitoring_test_config::populate_plugins { [
'test_hostcheck.pl', 'test_servicecheck.pl'
]: }
}

17
.puppet/modules/monitoring_test_config/manifests/populate_plugins.pp
View File

@ -1,17 +0,0 @@
define monitoring_test_config::populate_plugins {
include icinga2
include monitoring_plugins
include monitoring_test_config
file { "/usr/lib64/nagios/plugins/${name}":
owner => 'icinga',
group => 'icinga',
source => "/usr/local/share/misc/monitoring_test_config/plugins/${name}",
require => [
User['icinga'],
Exec['create_monitoring_test_config'],
Class['monitoring_plugins']
],
notify => Service['icinga2'],
}
}

19
.puppet/modules/motd/files/motd
View File

@ -1,19 +0,0 @@
88 88
88 ""
88
88 ,adPPYba, 88 8b,dPPYba, ,adPPYb,d8 ,adPPYYba,
88 a8" "" 88 88P' `"8a a8" `Y88 "" `Y8
88 8b 88 88 88 8b 88 ,adPPPPP88
88 "8a, ,aa 88 88 88 "8a, ,d88 88, ,88
88 `"Ybbd8"' 88 88 88 `"YbbdP"Y8 `"8bbdP"Y8
aa, ,88
"Y8bbdP"
I8, 8 ,8I 88 ad888888b,
`8b d8b d8' 88 d8" "88
"8, ,8"8, ,8" 88 a8P
Y8 8P Y8 8P ,adPPYba, 88,dPPYba, ,d8P"
`8b d8' `8b d8' a8P_____88 88P' "8a a8P"
`8a a8' `8a a8' 8PP""""""" 88 d8 a8P'
`8a8' `8a8' "8b, ,aa 88b, ,a8" d8"
`8' `8' `"Ybbd8"' 8Y"Ybbd8"' 88888888888

7
.puppet/modules/motd/manifests/init.pp
View File

@ -1,7 +0,0 @@
class motd {
file { '/etc/motd':
source => 'puppet:///modules/motd/motd',
owner => root,
group => root,
}
}

33
.puppet/modules/mysql/manifests/database/create.pp
View File

@ -1,33 +0,0 @@
# Define: mysql::database::create
#
# Create a MySQL database
#
# Parameters:
#
# [*username*] - name of the user the database belongs to
# [*password*] - password of the user the database belongs to
# [*privileges*] - privileges of the user the database belongs to
#
# Requires:
#
# mysql
#
# Sample Usage:
#
# mysql::database::create { 'icinga2':
# username => 'icinga2',
# password => 'icinga2',
# privileges => 'SELECT,INSERT,UPDATE,DELETE',
# }
#
define mysql::database::create ($username, $password, $privileges) {
include mysql
exec { "create-mysql-${name}-db":
unless => "mysql -u${username} -p${password} ${name}",
command => "mysql -uroot -e \"CREATE DATABASE ${name}; \
GRANT ${privileges} ON ${name}.* TO ${username}@localhost \
IDENTIFIED BY '${password}';\"",
require => Class['mysql']
}
}

39
.puppet/modules/mysql/manifests/database/populate.pp
View File

@ -1,39 +0,0 @@
# Define: mysql::database::populate
#
# Create and populate a MySQL database
#
# Parameters:
#
# [*username*] - name of the user the database belongs to
# [*password*] - password of the user the database belongs to
# [*privileges*] - privileges of the user the database belongs to
# [*schemafile*] - file with the schema for the database
#
# Requires:
#
# mysql::database::create
#
# Sample Usage:
#
# mysql::database::populate { 'icinga2':
# username => 'icinga2',
# password => 'icinga2',
# privileges => 'SELECT,INSERT,UPDATE,DELETE',
# schemafile => '/usr/share/icinga2-ido-mysql/schema/mysql.sql',
# }
#
define mysql::database::populate ($username, $password, $privileges, $schemafile) {
Exec { path => '/bin:/usr/bin' }
mysql::database::create { $name:
username => $username,
password => $password,
privileges => $privileges,
}
exec { "populate-${name}-mysql-db":
onlyif => "mysql -u${username} -p${password} ${name} -e \"SELECT COUNT(*) FROM information_schema.tables WHERE table_schema = '${name}';\" 2>/dev/null |grep -qEe '^ *0 *$'",
command => "mysql -uroot ${name} < ${schemafile}",
require => Mysql::Database::Create[$name],
}
}

54
.puppet/modules/mysql/manifests/init.pp
View File

@ -1,54 +0,0 @@
# Class: mysql
#
# This class installs the MySQL server and client software on a RHEL or CentOS
#
# Parameters:
#
# Actions:
#
# Requires:
#
# Sample Usage:
#
# include mysql
#
class mysql {
Exec { path => '/usr/bin' }
if versioncmp($::operatingsystemmajrelease, '7') >= 0 {
$client_package_name = 'mariadb'
$server_package_name = 'mariadb-server'
$server_service_name = 'mariadb'
$cnf = '/etc/my.cnf.d/server.cnf'
$log_error = '/var/log/mariadb/mariadb.log'
$pid_file = '/var/run/mariadb/mariadb.pid'
} else {
$client_package_name = 'mysql'
$server_package_name = 'mysql-server'
$server_service_name = 'mysqld'
$cnf = '/etc/my.cnf'
$log_error = '/var/log/mysqld.log'
$pid_file = '/var/run/mysqld/mysqld.pid'
}
package { [
$client_package_name, $server_package_name,
]:
ensure => latest,
}
service { $server_service_name:
alias => 'mysqld',
enable => true,
ensure => running,
require => Package[$server_package_name],
}
file { $cnf:
content => template('mysql/my.cnf.erb'),
notify => Service['mysqld'],
recurse => true,
require => Package[$server_package_name],
}
}

133
.puppet/modules/mysql/templates/my.cnf.erb
View File

@ -1,133 +0,0 @@
[mysqld]
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
user=mysql
# Disabling symbolic-links is recommended to prevent assorted security risks
symbolic-links=0
# This permits the application to give the threads system a hint for the
# desired number of threads that should be run at the same time. This
# value only makes sense on systems that support the thread_concurrency()
# function call (Sun Solaris, for example).
# You should try [number of CPUs]*(2..4) for thread_concurrency
thread_concurrency = 8
# The number of open tables for all threads. Increasing this value
# increases the number of file descriptors that mysqld requires.
# Therefore you have to make sure to set the amount of open files
# allowed to at least thread_concurrency * table_open_cache in the variable "open-files-limit" in
# section [mysqld_safe]
table_open_cache = 256
# Size of the buffer used for doing full table scans.
# Allocated per thread, if a full scan is needed.
read_buffer_size = 1M
# When reading rows in sorted order after a sort, the rows are read
# through this buffer to avoid disk seeks. You can improve ORDER BY
# performance a lot, if set this to a high value.
# Allocated per thread, when needed.
read_rnd_buffer_size = 4M
# Sort buffer is used to perform sorts for some ORDER BY and GROUP BY
# queries. If sorted data does not fit into the sort buffer, a disk
# based merge sort is used instead - See the "Sort_merge_passes"
# status variable. Allocated per thread if sort is needed.
sort_buffer_size = 1M
# The maximum size of a query packet the server can handle as well as
# maximum query size server can process (Important when working with
# large BLOBs). enlarged dynamically, for each connection.
max_allowed_packet = 16M
# Query cache is used to cache SELECT results and later return them
# without actual executing the same query once again. Having the query
# cache enabled may result in significant speed improvements, if your
# have a lot of identical queries and rarely changing tables. See the
# "Qcache_lowmem_prunes" status variable to check if the current value
# is high enough for your load.
# Note: In case your tables change very often or if your queries are
# textually different every time, the query cache may result in a
# slowdown instead of a performance improvement.
query_cache_size = 16M
# *** INNODB Specific options ***
innodb_data_home_dir = /var/lib/mysql
# InnoDB, unlike MyISAM, uses a buffer pool to cache both indexes and
# row data. The bigger you set this the less disk I/O is needed to
# access data in tables. On a dedicated database server you may set this
# parameter up to 80% of the machine physical memory size. Do not set it
# too large, though, because competition of the physical memory may
# cause paging in the operating system. Note that on 32bit systems you
# might be limited to 2-3.5G of user level memory per process, so do not
# set it too high.
innodb_buffer_pool_size = 256M
# InnoDB stores data in one or more data files forming the tablespace.
# If you have a single logical drive for your data, a single
# autoextending file would be good enough. In other cases, a single file
# per device is often a good choice. You can configure InnoDB to use raw
# disk partitions as well - please refer to the manual for more info
# about this.
innodb_data_file_path = ibdata1:10M:autoextend
# If set to 1, InnoDB will flush (fsync) the transaction logs to the
# disk at each commit, which offers full ACID behavior. If you are
# willing to compromise this safety, and you are running small
# transactions, you may set this to 0 or 2 to reduce disk I/O to the
# logs. Value 0 means that the log is only written to the log file and
# the log file flushed to disk approximately once per second. Value 2
# means the log is written to the log file at each commit, but the log
# file is only flushed to disk approximately once per second.
innodb_flush_log_at_trx_commit = 2
# The size of the buffer InnoDB uses for buffering log data. As soon as
# it is full, InnoDB will have to flush it to disk. As it is flushed
# once per second anyway, it does not make sense to have it very large
# (even with long transactions).
innodb_log_buffer_size = 8M
# Total number of files in the log group. A value of 2-3 is usually good
# enough.
innodb_log_files_in_group = 3
# The flush method InnoDB will use for Log. The tablespace always uses
# doublewrite flush logic. The default value is "fdatasync", another
# option is "O_DSYNC".
innodb_flush_method = O_DIRECT
innodb_support_xa = 0
innodb_file_per_table
# 25 % of buffer pool size
innodb_log_file_size = 64M
[mysqld_safe]
log-error=<%= @log_error %>
pid-file=<%= @pid_file %>
# Increase the amount of open files allowed per process. Warning: Make
# sure you have set the global system limit high enough! The high value
# is required for a large number of opened tables
open-files-limit = 2048
[mysqldump]
# Do not buffer the whole result set in memory before writing it to
# file. Required for dumping very large tables
quick
max_allowed_packet = 16M
[mysql]
no-auto-rehash
[myisamchk]
key_buffer_size = 128M
sort_buffer_size = 128M
read_buffer = 2M
write_buffer = 2M
[mysqlhotcopy]
interactive-timeout

35
.puppet/modules/openldap/manifests/init.pp
View File

@ -1,35 +0,0 @@
# Class: openldap
#
# This class installs the openldap servers and clients software.
#
# Parameters:
#
# Actions:
#
# Requires:
#
# Sample Usage:
#
# include openldap
#
class openldap {
package { [ 'openldap-servers', 'openldap-clients', ]:
ensure => latest,
}
service { 'slapd':
enable => true,
ensure => running,
require => Package['openldap-servers'],
}
if versioncmp($::operatingsystemmajrelease, '7') >= 0 {
openldap::schema{ 'core': }
-> openldap::schema{ 'cosine': }
-> openldap::schema{ 'inetorgperson': }
-> openldap::schema{ 'nis': }
-> openldap::schema{ 'misc': }
-> openldap::schema{ 'openldap': }
}
}

24
.puppet/modules/openldap/manifests/schema.pp
View File

@ -1,24 +0,0 @@
# define: openldap::schema
#
# Install a schema.
#
# Parameters:
#
# Actions:
#
# Requires:
#
# Sample Usage:
#
define openldap::schema {
include openldap
exec { "openldap-schema-${name}":
command => "ldapadd -Y EXTERNAL -H ldapi:// -f /etc/openldap/schema/${name}.ldif",
group => 'root',
require => Service['slapd'],
unless => "test -n \"$(find /etc/openldap/slapd.d/cn=config/cn=schema/ -name cn={*}${name}.ldif -print -quit)\"",
user => 'root',
}
}

8
.puppet/modules/parent_dirs/manifests/init.pp
View File

@ -1,8 +0,0 @@
# TODO(el): Remove this. It's always executed and hackish
define parent_dirs ($user = 'root') {
exec { "parent_dirs-${name}":
command => "mkdir -p \"\$(dirname \"\$(readlink -m '${name}')\")\"",
path => '/bin:/usr/bin',
user => $user,
}
}

32
.puppet/modules/pgsql/manifests/database/create.pp
View File

@ -1,32 +0,0 @@
# Define: pgsql::database::create
#
# Create a PgSQL database
#
# Parameters:
#
# [*username*] - name of the user the database belongs to
# [*password*] - password of the user the database belongs to
#
# Requires:
#
# pgsql
#
# Sample Usage:
#
# pgsql::database::create { 'icinga2':
# username => 'icinga2',
# password => 'icinga2',
# }
#
define pgsql::database::create ($username, $password) {
include pgsql
exec { "create-pgsql-${name}-db":
unless => "psql -tAc \"SELECT 1 FROM pg_roles WHERE rolname='${username}'\" | grep -q 1",
command => "psql -c \"CREATE ROLE ${username} WITH LOGIN PASSWORD '${password}';\" && \
createdb -O ${username} -E UTF8 -T template0 ${name} && \
(createlang plpgsql ${name} || true)",
user => 'postgres',
require => Class['pgsql']
}
}

37
.puppet/modules/pgsql/manifests/database/populate.pp
View File

@ -1,37 +0,0 @@
# Define: pgsql::database::populate
#
# Create and populate a PgSQL database
#
# Parameters:
#
# [*username*] - name of the user the database belongs to
# [*password*] - password of the user the database belongs to
# [*schemafile*] - file with the schema for the database
#
# Requires:
#
# pgsql::database::create
#
# Sample Usage:
#
# pgsql::database::populate { 'icinga2':
# username => 'icinga2',
# password => 'icinga2',
# schemafile => '/usr/share/icinga2-ido-pgsql/schema/pgsql.sql',
# }
#
define pgsql::database::populate ($username, $password, $schemafile) {
Exec { path => '/bin:/usr/bin' }
pgsql::database::create { $name:
username => $username,
password => $password,
}
exec { "populate-${name}-pgsql-db":
onlyif => "psql -U ${username} -d ${name} -c \"SELECT COUNT(*) FROM information_schema.tables WHERE table_schema = '${name}';\" 2>/dev/null |grep -qEe '^ *0 *$'",
command => "psql -U ${username} -d ${name} < ${schemafile}",
user => 'postgres',
require => Pgsql::Database::Create[$name],
}
}

41
.puppet/modules/pgsql/manifests/init.pp
View File

@ -1,41 +0,0 @@
# Class: pgsql
#
# This class installs the PostgreSQL server and client software.
# Further it configures pg_hba.conf to trust the local icinga user.
#
# Parameters:
#
# Actions:
#
# Requires:
#
# Sample Usage:
#
# include pgsql
#
class pgsql {
Exec { path => '/sbin:/bin:/usr/bin' }
package { [ 'postgresql', 'postgresql-server', ]:
ensure => latest,
}
exec { 'initdb':
command => 'service postgresql initdb',
creates => '/var/lib/pgsql/data/pg_xlog',
require => Package['postgresql-server'],
}
service { 'postgresql':
enable => true,
ensure => running,
require => [ Package['postgresql-server'], Exec['initdb'], ]
}
file { '/var/lib/pgsql/data/pg_hba.conf':
content => template('pgsql/pg_hba.conf.erb'),
require => [ Package['postgresql-server'], Exec['initdb'], ],
notify => Service['postgresql'],
}
}

99
.puppet/modules/pgsql/templates/pg_hba.conf.erb
View File

@ -1,99 +0,0 @@
# PostgreSQL Client Authentication Configuration File
# ===================================================
#
# Refer to the "Client Authentication" section in the
# PostgreSQL documentation for a complete description
# of this file. A short synopsis follows.
#
# This file controls: which hosts are allowed to connect, how clients
# are authenticated, which PostgreSQL user names they can use, which
# databases they can access. Records take one of these forms:
#
# local DATABASE USER METHOD [OPTIONS]
# host DATABASE USER CIDR-ADDRESS METHOD [OPTIONS]
# hostssl DATABASE USER CIDR-ADDRESS METHOD [OPTIONS]
# hostnossl DATABASE USER CIDR-ADDRESS METHOD [OPTIONS]
#
# (The uppercase items must be replaced by actual values.)
#
# The first field is the connection type: "local" is a Unix-domain socket,
# "host" is either a plain or SSL-encrypted TCP/IP socket, "hostssl" is an
# SSL-encrypted TCP/IP socket, and "hostnossl" is a plain TCP/IP socket.
#
# DATABASE can be "all", "sameuser", "samerole", a database name, or
# a comma-separated list thereof.
#
# USER can be "all", a user name, a group name prefixed with "+", or
# a comma-separated list thereof. In both the DATABASE and USER fields
# you can also write a file name prefixed with "@" to include names from
# a separate file.
#
# CIDR-ADDRESS specifies the set of hosts the record matches.
# It is made up of an IP address and a CIDR mask that is an integer
# (between 0 and 32 (IPv4) or 128 (IPv6) inclusive) that specifies
# the number of significant bits in the mask. Alternatively, you can write
# an IP address and netmask in separate columns to specify the set of hosts.
#
# METHOD can be "trust", "reject", "md5", "password", "gss", "sspi", "krb5",
# "ident", "pam", "ldap" or "cert". Note that "password" sends passwords
# in clear text; "md5" is preferred since it sends encrypted passwords.
#
# OPTIONS are a set of options for the authentication in the format
# NAME=VALUE. The available options depend on the different authentication
# methods - refer to the "Client Authentication" section in the documentation
# for a list of which options are available for which authentication methods.
#
# Database and user names containing spaces, commas, quotes and other special
# characters must be quoted. Quoting one of the keywords "all", "sameuser" or
# "samerole" makes the name lose its special character, and just match a
# database or username with that name.
#
# This file is read on server startup and when the postmaster receives
# a SIGHUP signal. If you edit the file on a running system, you have
# to SIGHUP the postmaster for the changes to take effect. You can use
# "pg_ctl reload" to do that.
# Put your actual configuration here
# ----------------------------------
#
# If you want to allow non-local connections, you need to add more
# "host" records. In that case you will also need to make PostgreSQL listen
# on a non-local interface via the listen_addresses configuration parameter,
# or via the -i or -h command line switches.
#
# TYPE DATABASE USER CIDR-ADDRESS METHOD
# icinga
local icinga icinga trust
host icinga icinga 127.0.0.1/32 trust
host icinga icinga ::1/128 trust
# icinga2
local icinga2 icinga2 trust
host icinga2 icinga2 127.0.0.1/32 trust
host icinga2 icinga2 ::1/128 trust
# icinga_unittest
local icinga_unittest icinga_unittest trust
host icinga_unittest icinga_unittest 127.0.0.1/32 trust
host icinga_unittest icinga_unittest ::1/128 trust
# icingaweb
local icingaweb icingaweb trust
host icingaweb icingaweb 127.0.0.1/32 trust
host icingaweb icingaweb ::1/128 trust
# icingaweb2
local <%= scope.function_hiera(['icingaweb2::db_user']) %> <%= scope.function_hiera(['icingaweb2::db_user']) %> trust
host <%= scope.function_hiera(['icingaweb2::db_user']) %> <%= scope.function_hiera(['icingaweb2::db_user']) %> 127.0.0.1/32 trust
host <%= scope.function_hiera(['icingaweb2::db_user']) %> <%= scope.function_hiera(['icingaweb2::db_user']) %> ::1/128 trust
# "local" is for Unix domain socket connections only
local all all ident
# IPv4 local connections:
host all all 127.0.0.1/32 ident
# IPv6 local connections:
host all all ::1/128 ident

34
.puppet/modules/php/manifests/extension.pp
View File

@ -1,34 +0,0 @@
# define: php::extension
#
# Install additional PHP modules.
#
# Parameters:
#
# Actions:
#
# Requires:
#
# Sample Usage:
#
# php::extension { 'php-ldap': }
# php::extension { ['php-mysql'], ['php-pgsql']: }
#
define php::extension(
$ensure=installed
) {
include apache
include php
if $::require {
$require_ = [Package['apache'], Class['php'], $::require]
} else {
$require_ = [Package['apache'], Class['php']]
}
package { $name:
ensure => $ensure,
require => $require_,
notify => Service['apache']
}
}

43
.puppet/modules/php/manifests/init.pp
View File

@ -1,43 +0,0 @@
# Class: php
#
# This class installs php.
#
# Parameters:
#
# Actions:
#
# Requires:
#
# apache
# epel
# scl
#
# Sample Usage:
#
# include php
#
class php {
include apache
include epel
include scl
package { 'rh-php73-php-fpm':
ensure => latest,
notify => Service['apache'],
require => [ Class['scl'], Package['apache'] ],
}
-> service { 'rh-php73-php-fpm':
ensure => running,
enable => true,
alias => 'php-fpm',
}
package { 'php-pecl-xdebug':
ensure => latest,
notify => Service['apache'],
require => Class['epel'],
}
php::phpd { ['error_reporting', 'timezone', 'xdebug_settings' ]: }
}

22
.puppet/modules/php/manifests/phpd.pp
View File

@ -1,22 +0,0 @@
# define: php::phpd
#
# Provision php.d config
#
# Parameters:
#
# Actions:
#
# Requires:
#
# Sample Usage:
#
define php::phpd {
include php
file { "/etc/opt/rh/rh-php73/php.d/$name.ini":
content => template("php/$name.ini.erb"),
notify => Service['apache'],
require => Package['rh-php73-php-fpm'],
}
}

4
.puppet/modules/php/templates/error_reporting.ini.erb
View File

@ -1,4 +0,0 @@
error_reporting = E_ALL | E_STRICT
display_errors = On
display_startup_errors = On
html_errors = On

1
.puppet/modules/php/templates/timezone.ini.erb
View File

@ -1 +0,0 @@
date.timezone = "UTC"

5
.puppet/modules/php/templates/xdebug_settings.ini.erb
View File

@ -1,5 +0,0 @@
xdebug.var_display_max_children = 128
xdebug.var_display_max_data = 1024
xdebug.var_display_max_depth = 5
xdebug.remote_enable = 1
xdebug.remote_connect_back = 1

29
.puppet/modules/php_imagick/manifests/init.pp
View File

@ -1,29 +0,0 @@
# Class: php_imagick
#
# This class installs the ImageMagick PHP module.
#
# Parameters:
#
# Actions:
#
# Requires:
#
# php
#
# Sample Usage:
#
# include php_imagick
#
class php_imagick {
include php
$php_imagick = $::operatingsystem ? {
/(Debian|Ubuntu)/ => 'php5-imagick',
/(RedHat|CentOS|Fedora)/ => 'php-pecl-imagick',
/(SLES|OpenSuSE)/ => 'php5-imagick',
}
package { $php_imagick:
ensure => latest,
}
}

19
.puppet/modules/scl/manifests/init.pp
View File

@ -1,19 +0,0 @@
# Class: scl
#
# This class installs centos-release-scl.
#
# Parameters:
#
# Actions:
#
# Requires:
#
# Sample Usage:
#
# include scl
#
class scl {
package { 'centos-release-scl':
ensure => latest,
}
}

24
.puppet/modules/zend_framework/manifests/init.pp
View File

@ -1,24 +0,0 @@
# Class: zend_framework
#
# This class installs the Zend Framework.
#
# Requires:
#
# epel
#
# Sample Usage:
#
# include zend_framework
#
class zend_framework {
include epel
package { [
'php-ZendFramework',
'php-ZendFramework-Db-Adapter-Pdo-Mysql',
'php-ZendFramework-Db-Adapter-Pdo-Pgsql'
]:
ensure => latest,
require => Class['epel'],
}
}

5
.puppet/profiles/base/manifests/init.pp
View File

@ -1,5 +0,0 @@
class base {
package { [ 'vim-enhanced', 'bash-completion', 'htop' ]:
ensure => latest,
}
}

48
.puppet/profiles/icinga2_dev/files/conf.d/commands.conf
View File

@ -1,48 +0,0 @@
/* Command objects */
object CheckCommand "kernel" {
import "plugin-check-command"
command = [ "sudo", SysconfDir + "/icinga2/scripts/check_kernel" ]
}
object NotificationCommand "mail-host-notification" {
import "plugin-notification-command"
command = [ "/bin/true" ]
env = {
"NOTIFICATIONTYPE" = "$notification.type$"
"HOSTALIAS" = "$host.display_name$",
"HOSTADDRESS" = "$address$",
"HOSTSTATE" = "$host.state$",
"LONGDATETIME" = "$icinga.long_date_time$",
"HOSTOUTPUT" = "$host.output$",
"NOTIFICATIONAUTHORNAME" = "$notification.author$",
"NOTIFICATIONCOMMENT" = "$notification.comment$",
"HOSTDISPLAYNAME" = "$host.display_name$",
"USEREMAIL" = "$user.email$"
}
}
object NotificationCommand "mail-service-notification" {
import "plugin-notification-command"
command = [ "/bin/true" ]
env = {
"NOTIFICATIONTYPE" = "$notification.type$"
"SERVICEDESC" = "$service.name$"
"HOSTALIAS" = "$host.display_name$",
"HOSTADDRESS" = "$address$",
"SERVICESTATE" = "$service.state$",
"LONGDATETIME" = "$icinga.long_date_time$",
"SERVICEOUTPUT" = "$service.output$",
"NOTIFICATIONAUTHORNAME" = "$notification.author$",
"NOTIFICATIONCOMMENT" = "$notification.comment$",
"HOSTDISPLAYNAME" = "$host.display_name$",
"SERVICEDISPLAYNAME" = "$service.display_name$",
"USEREMAIL" = "$user.email$"
}
}

113
.puppet/profiles/icinga2_dev/files/conf.d/test-config.conf
View File

@ -1,113 +0,0 @@
object CheckCommand "dummy-host" {
import "plugin-check-command"
command = [ PluginDir + "/test_hostcheck.pl" ]
arguments = {
"--type" = "$check_type$"
"--failchance" = "$check_failchance$"
"--previous-state" = "$check_previous_state$"
"--state-duration" = "$check_state_duration$"
"--hostname" = "$check_hostname$"
}
vars.check_type = "UP"
vars.check_failchance = "2%"
vars.check_previous_state = "$state$"
vars.check_state_duration = "$duration_sec$"
vars.check_hostname = "$name$"
}
object CheckCommand "dummy-service" {
import "plugin-check-command"
command = [ PluginDir + "/test_servicecheck.pl" ]
arguments = {
"--total-critical-on-host" = "$check_critical_on_host$"
"--total-warning-on-host" = "$check_warning_on_host$"
"--type" = "$check_type$"
"--failchance" = "$check_failchance$"
"--previous-state" = "$check_previous_state$"
"--state-duration" = "$check_state_duration$"
"--hostname" = "$check_hostname$"
"--servicedesc" = "$check_servicedesc$"
}
vars.check_critical_on_host = "$host.total_services_critical$"
vars.check_warning_on_host = "$host.total_services_warning$"
vars.check_type = "random"
vars.check_failchange = "5%"
vars.check_previous_state = "$service.state$"
vars.check_duration = "$service.duration_sec$"
vars.check_hostname = "$host.name$"
vars.check_servicedesc = "$service.name$"
}
// Hostgroups
object HostGroup "all-hosts" {
display_name = "All hosts on the system"
assign where true
}
var host_types = ["ok", "random", "down", "up", "unreachable", "pending"]
for (host_type in host_types) {
object HostGroup "all-" + host_type use (host_type) {
display_name = "All " + host_type + " hosts"
assign where host.vars.check_type == host_type
}
}
var service_types = ["ok", "warning", "critical", "unknown", "flapping", "pending"]
// Servicegroups
for (service_type in service_types) {
object ServiceGroup "service-" + service_type use (service_type) {
display_name = "All " + service_type + " services"
assign where service.vars.check_type == service_type
}
}
// ---------------------------------------------------------------------------------------------------------------------
// Services
// ---------------------------------------------------------------------------------------------------------------------
function createService(service_type, num) {
apply Service "service-" + service_type + "-" + string(num + 1) use (service_type) {
import "generic-service"
check_command = "dummy-service"
enable_active_checks = (service_type != "pending")
vars.check_type = service_type
assign where service_type in host.vars.check_config
}
}
for (num in range(4)) {
for (service_type in service_types) {
createService(service_type, num)
}
}
// ---------------------------------------------------------------------------------------------------------------------
// Hosts
// ---------------------------------------------------------------------------------------------------------------------
function createHost(checkType, checkConfig, num, checkEnabled) {
object Host "test-" + checkType + "-" + string(num + 1) use (checkEnabled, checkType, checkConfig) {
import "generic-host"
address = "127.0.0.1"
check_command = "dummy-host"
enable_active_checks = checkEnabled
vars.check_type = checkType
vars.check_config = checkConfig
}
}
for (num in range(10)) {
createHost("ok", [ "ok" ], num, true)
createHost("random", [ "random", "flapping" ], num, true)
createHost("down", [ "warning", "critical" ], num, true)
createHost("unreachable", [ "unknown" ], num, true)
createHost("pending", [ "pending" ], num, false)
createHost("flap", [ "flapping" ], num, true)
}
// EOF

26
.puppet/profiles/icinga2_dev/files/constants.conf
View File

@ -1,26 +0,0 @@
/**
* This file defines global constants which can be used in
* the other configuration files.
*/
/* The directory which contains the plugins from the Monitoring Plugins project. */
const PluginDir = "/usr/lib64/nagios/plugins"
/* The directory which contains the Manubulon plugins.
* Check the documentation, chapter "SNMP Manubulon Plugin Check Commands", for details.
*/
const ManubulonPluginDir = "/usr/lib64/nagios/plugins"
/* The directory which you use to store additional plugins which ITL provides user contributed command definitions for.
* Check the documentation, chapter "Plugins Contribution", for details.
*/
const PluginContribDir = "/usr/lib64/nagios/plugins"
/* Our local instance name. By default this is the server's hostname as returned by `hostname --fqdn`.
* This should be the common name from the API certificate.
*/
const NodeName = "localhost"
/* Our local zone name. */
const ZoneName = NodeName
const TicketSalt = ""

35
.puppet/profiles/icinga2_dev/manifests/init.pp
View File

@ -1,35 +0,0 @@
# Class: icinga2_dev
#
# This class installs Icinga 2 w/ MySQL and PostgreSQL and provides Icinga 2 test configuration.
#
# Requires:
#
# icinga2_mysql
# icinga2::config
# icinga2::feature
#
# Sample Usage:
#
# include icinga2_dev
#
class icinga2_dev {
include icinga2_mysql
include icinga2_pgsql
include monitoring_plugins
include monitoring_test_config
icinga2::config { [
'conf.d/test-config', 'conf.d/commands', 'constants'
]:
source => 'puppet:///modules/icinga2_dev',
}
icinga2::feature { 'api':
ensure => absent,
}
icinga2::feature { 'ido-pgsql':
ensure => absent,
require => Class['icinga2_pgsql'],
}
}

7
.puppet/profiles/icingaweb2_dev/files/modules/monitoring/backends.ini
View File

@ -1,7 +0,0 @@
[ido-mysql]
type = ido
resource = ido-mysql
[ido-pgsql]
type = ido
resource = ido-pgsql

3
.puppet/profiles/icingaweb2_dev/files/modules/monitoring/commandtransports.ini
View File

@ -1,3 +0,0 @@
[local]
transport = local
path = /var/run/icinga2/cmd/icinga2.cmd

2
.puppet/profiles/icingaweb2_dev/files/modules/monitoring/config.ini
View File

@ -1,2 +0,0 @@
[security]
protected_customvars = "*pw*,*pass*,community"

2
.puppet/profiles/icingaweb2_dev/files/modules/monitoring/instances.ini
View File

@ -1,2 +0,0 @@
[icinga]
path = "/var/run/icinga2/cmd/icinga2.cmd"

18
.puppet/profiles/icingaweb2_dev/files/openldap/db.ldif
View File

@ -1,18 +0,0 @@
dn: olcDatabase={0}config,cn=config
changetype: modify
replace: olcRootPW
olcRootPW: {SSHA}N/2WMqT8q7cElh7KUQz+p9TJbjmKv/u9
-
replace: olcRootDN
olcRootDN: cn=admin,cn=config
dn: olcDatabase={2}hdb,cn=config
changetype: modify
replace: olcRootPW
olcRootPW: {SSHA}MxMpLBo2/TSymoIBf/Sb5iQac7Wwiur5
-
replace: olcSuffix
olcSuffix: dc=icinga,dc=org
-
replace: olcRootDN
olcRootDN: cn=admin,dc=icinga,dc=org

4
.puppet/profiles/icingaweb2_dev/files/openldap/dit.ldif
View File

@ -1,4 +0,0 @@
dn: dc=icinga,dc=org
dc: icinga
objectClass: top
objectClass: domain

52
.puppet/profiles/icingaweb2_dev/files/openldap/users.ldif
View File

@ -1,52 +0,0 @@
dn: ou=people,dc=icinga,dc=org
ou: people
objectclass: organizationalunit
dn: ou=groups,dc=icinga,dc=org
ou: groups
objectclass: organizationalunit
dn: cn=John Doe,ou=people,dc=icinga,dc=org
objectclass: inetOrgPerson
cn: John Doe
sn: Doe
uid: jdoe
userpassword: password
dn: cn=Jane Smith,ou=people,dc=icinga,dc=org
objectclass: inetOrgPerson
cn: Jane Smith
sn: Smith
uid: jsmith
userpassword: password
dn: cn=John Q. Public,ou=people,dc=icinga,dc=org
objectclass: inetOrgPerson
cn: John Q. Public
sn: Public
uid: jqpublic
userpassword: password
dn: cn=Richard Roe,ou=people,dc=icinga,dc=org
objectclass: inetOrgPerson
cn: Richard Roe
sn: Roe
uid: rroe
userpassword: password
dn: cn=Users,ou=groups,dc=icinga,dc=org
objectClass: groupOfUniqueNames
cn: Users
uniqueMember: cn=John Doe,ou=people,dc=icinga,dc=org
uniqueMember: cn=Jane Smith,ou=people,dc=icinga,dc=org
uniqueMember: cn=John Q. Public,ou=people,dc=icinga,dc=org
uniqueMember: cn=Richard Roe,ou=people,dc=icinga,dc=org
dn: cn=PosixUsers,ou=groups,dc=icinga,dc=org
objectClass: posixGroup
cn: PosixUsers
gidNumber: 2001
memberUid: jdoe
memberUid: jsmith
memberUid: jqpublic
memberUid: rroe

162
.puppet/profiles/icingaweb2_dev/manifests/init.pp
View File

@ -1,162 +0,0 @@
class icingaweb2_dev (
$config = hiera('icingaweb2::config'),
$log = hiera('icingaweb2::log'),
$web_path = hiera('icingaweb2::web_path'),
$db_user = hiera('icingaweb2::db_user'),
$db_pass = hiera('icingaweb2::db_pass'),
$db_name = hiera('icingaweb2::db_name'),
$web_group = hiera('icingaweb2::group'),
) {
include apache
include php
include php_imagick
include icingaweb2::config
include icingacli
include icinga_packages
include openldap
# TODO(el): Only include zend_framework. Apache does not have to be notified
class { 'zend_framework':
notify => Service['apache'],
}
# TODO(el): icinga-gui is not a icingaweb2_dev package
package { [
'icinga-php-library',
'icinga-php-thirdparty',
'rh-php73-php-cli',
'rh-php73-php-gd',
'rh-php73-php-intl',
'rh-php73-php-pdo',
'rh-php73-php-mysqlnd',
'rh-php73-php-pgsql',
'rh-php73-php-ldap',
'rh-php73-php-xml',
'rh-php73-php-mbstring',
'rh-php73-php-pecl-xdebug',
'sclo-php73-php-pecl-imagick',
'php-phpunit-PHPUnit'
]:
ensure => latest,
notify => Service['php-fpm'],
require => Class['icinga_packages'],
}
Exec { path => '/opt/rh/rh-php73/root/bin:/usr/local/bin:/usr/bin:/bin' }
# TODO(el): Enabling/disabling modules should be a resource
User <| alias == apache |> { groups +> $web_group }
-> exec { 'enable-monitoring-module':
command => 'icingacli module enable monitoring',
user => 'apache',
require => [ Class[[ 'icingacli', 'apache' ]], Package[[ 'icinga-php-library', 'icinga-php-thirdparty' ]] ],
}
-> exec { 'enable-test-module':
command => 'icingacli module enable test',
user => 'apache'
}
# TODO(el): 'icingacmd' is NOT a icingaweb2_dev group
group { 'icingacmd':
ensure => present,
}
User <| alias == apache |> { groups +> 'icingacmd' }
$log_dir = inline_template('<%= File.dirname(@log) %>')
file { $log_dir:
ensure => directory,
owner => 'root',
group => $web_group,
mode => '2775'
}
$icingaadminSelect = "as CNT from icingaweb_user where name = \'icingaadmin\'\" |grep -qwe \'cnt=0\'"
$icingaadminInsert = "\"INSERT INTO icingaweb_user (name, active, password_hash) VALUES (\'icingaadmin\', 1, \'\\\$1\\\$JMdnEc9M\\\$FW7yapAjv0atS43NkapGo/\');\""
mysql::database::populate { "${db_name}":
username => "${db_user}",
password => "${db_pass}",
privileges => 'ALL',
schemafile => '/vagrant/etc/schema/mysql.schema.sql',
}
-> exec { 'mysql-icingaadmin':
onlyif => "mysql -u${db_user} -p${db_pass} ${db_name} -e \"select CONCAT(\'cnt=\', COUNT(name)) ${icingaadminSelect}",
command => "mysql -u${db_user} -p${db_pass} ${db_name} -e ${icingaadminInsert}",
}
pgsql::database::populate { "${db_name}":
username => "${db_user}",
password => "${db_pass}",
schemafile => '/vagrant/etc/schema/pgsql.schema.sql',
}
-> exec { 'pgsql-icingaadmin':
onlyif => "psql -U ${db_user} -w -d ${db_name} -c \"select 'cnt=' || COUNT(name) ${icingaadminSelect}",
command => "psql -U ${db_user} -w -d ${db_name} -c ${icingaadminInsert}",
environment => "PGPASSWORD=${db_pass}",
}
file { '/etc/httpd/conf.d/icingaweb.conf':
content => template("$name/icingaweb.conf.erb"),
notify => Service['apache'],
}
icingaweb2::config::general { 'authentication':
source => $name,
replace => false,
}
icingaweb2::config::general { [ 'config', 'resources', 'roles' ]:
source => $name,
replace => false,
}
icingaweb2::config::module { [ 'backends', 'commandtransports', 'config', 'instances' ]:
module => 'monitoring',
source => 'puppet:///modules/icingaweb2_dev',
}
# TODO(el): Should be a resource
package { 'iptables':
ensure => latest
}
-> exec { 'iptables-allow-http':
unless => 'grep -qe "-A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT" /etc/sysconfig/iptables',
command => '/sbin/iptables -I INPUT 1 -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT && /sbin/iptables-save > /etc/sysconfig/iptables'
}
# TODO(el): Don't define inside a class
define openldap_file {
file { "openldap/${name}.ldif":
path => "/usr/share/openldap-servers/${name}.ldif",
source => "puppet:///modules/icingaweb2_dev/openldap/${name}.ldif",
require => Class['openldap'],
}
}
openldap_file { [ 'db', 'dit', 'users' ]: }
exec { 'populate-openldap':
# TODO(el): Split the command and use unless instead of trying to populate openldap everytime
command => 'sudo ldapadd -c -Y EXTERNAL -H ldapi:/// -f /usr/share/openldap-servers/db.ldif || true && \
sudo ldapadd -c -D cn=admin,dc=icinga,dc=org -x -w admin -f /usr/share/openldap-servers/dit.ldif || true && \
sudo ldapadd -c -D cn=admin,dc=icinga,dc=org -x -w admin -f /usr/share/openldap-servers/users.ldif || true',
require => [
Service['slapd'],
File[[
'openldap/db.ldif',
'openldap/dit.ldif',
'openldap/users.ldif'
]]
],
}
# TODO(el): Should be a module
package { 'php-deepend-Mockery':
ensure => latest,
}
-> exec { 'move-mockery-to-opt':
command => 'cp -R /usr/share/php/Mockery* /opt/rh/rh-php73/root/usr/share/php/',
unless => 'test -d /opt/rh/rh-php73/root/usr/share/php/Mockery'
}
}

16
.puppet/profiles/icingaweb2_dev/templates/authentication.ini.erb
View File

@ -1,16 +0,0 @@
[autologin]
backend = external
[icingaweb-mysql]
backend = db
resource = icingaweb-mysql
[icingaweb-pgsql]
backend = db
resource = icingaweb-pgsql
[local-ldap]
backend = ldap
resource = local-ldap
user_class = inetOrgPerson
user_name_attribute = uid

8
.puppet/profiles/icingaweb2_dev/templates/config.ini.erb
View File

@ -1,8 +0,0 @@
[logging]
log = "file"
file = "<%= @log %>"
level = DEBUG
[global]
config_backend = "db"
config_resource = "icingaweb-mysql"

49
.puppet/profiles/icingaweb2_dev/templates/icingaweb.conf.erb
View File

@ -1,49 +0,0 @@
Alias /<%= @web_path %> "/vagrant/public"
<Directory "/vagrant/public">
Options SymLinksIfOwnerMatch
AllowOverride None
<IfModule mod_authz_core.c>
# Apache 2.4
<RequireAll>
Require all granted
</RequireAll>
</IfModule>
<IfModule !mod_authz_core.c>
# Apache 2.2
Order allow,deny
Allow from all
</IfModule>
SetEnv ICINGAWEB_CONFIGDIR <%= @config %>
SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
EnableSendfile Off
DirectoryIndex index.php
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteBase /<%= @web_path %>/
RewriteCond %{REQUEST_FILENAME} -s [OR]
RewriteCond %{REQUEST_FILENAME} -l [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^.*$ - [NC,L]
RewriteRule ^.*$ index.php [NC,L]
</IfModule>
<FilesMatch "\.php$">
SetHandler "proxy:fcgi://127.0.0.1:9000"
ErrorDocument 503 /icingaweb2/error_unavailable.html
</FilesMatch>
<IfModule !mod_rewrite.c>
DirectoryIndex error_norewrite.html
ErrorDocument 404 /error_norewrite.html
</IfModule>
</Directory>
ProxyTimeout 3600

43
.puppet/profiles/icingaweb2_dev/templates/resources.ini.erb
View File

@ -1,43 +0,0 @@
[icingaweb-mysql]
type = db
db = mysql
host = localhost
port = 3306
username = <%= @db_user %>
password = <%= @db_pass %>
dbname = <%= @db_name %>
[icingaweb-pgsql]
type = db
db = pgsql
host = localhost
port = 5432
username = <%= @db_user %>
password = <%= @db_pass %>
dbname = <%= @db_name %>
[ido-mysql]
type = db
db = mysql
host = localhost
port = 3306
password = icinga2
username = icinga2
dbname = icinga2
[ido-pgsql]
type = db
db = pgsql
host = localhost
port = 5432
password = icinga2
username = icinga2
dbname = icinga2
[local-ldap]
type = ldap
hostname = localhost
port = 389
root_dn = "ou=people,dc=icinga,dc=org"
bind_dn = "cn=admin,cn=config"
bind_pw = admin

3
.puppet/profiles/icingaweb2_dev/templates/roles.ini.erb
View File

@ -1,3 +0,0 @@
[admins]
users = icingaadmin
permissions = *

59
Vagrantfile vendored
View File

@ -1,59 +0,0 @@
# -*- mode: ruby -*-
# vi: set ft=ruby :
# Icinga Web 2 | (c) 2013 Icinga Development Team | GPLv2+
VAGRANTFILE_API_VERSION = "2"
VAGRANT_REQUIRED_VERSION = "1.5.0"
if ! defined? Vagrant.require_version
if Gem::Version.new(Vagrant::VERSION) < Gem::Version.new(VAGRANT_REQUIRED_VERSION)
puts "Vagrant >= " + VAGRANT_REQUIRED_VERSION + " required. Your version is " + Vagrant::VERSION
exit 1
end
else
Vagrant.require_version ">= " + VAGRANT_REQUIRED_VERSION
end
Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
config.vm.network "forwarded_port", guest: 80, host: 8080,
auto_correct: true
config.vm.network "forwarded_port", guest: 443, host: 8443,
auto_correct: true
config.vm.box = "bento/centos-7"
config.vm.provision :shell, :path => ".puppet/manifests/puppet.sh"
config.vm.provider :parallels do |p, override|
p.name = "Icinga Web 2 Development"
# Set power consumption mode to "Better Performance"
p.optimize_power_consumption = false
p.memory = 1024
p.cpus = 2
end
config.vm.provider :vmware_workstation do |v, override|
v.vmx["memsize"] = "1024"
v.vmx["numvcpus"] = "1"
end
config.vm.provider :virtualbox do |vb, override|
vb.customize ["modifyvm", :id, "--memory", "1024"]
vb.customize ["modifyvm", :id, "--cpus", "2"]
end
config.vm.provision :puppet do |puppet|
puppet.hiera_config_path = ".puppet/hiera/hiera.yaml"
puppet.module_path = [ ".puppet/modules", ".puppet/profiles" ]
puppet.manifests_path = ".puppet/manifests"
puppet.manifest_file = "site.pp"
puppet.options = "--parser=future"
end
if File.exists?(".Vagrantfile.local") then
eval(IO.read(".Vagrantfile.local"), binding)
end
end

63
doc/99-Vagrant.md
View File

@ -1,63 +0,0 @@
# Vagrant <a id="vagrant"></a>
This chapter explains how to setup the development environment
for Icinga Web 2 inside a Vagrant VM.
If you are looking for a demo setup, please use the official
[Icinga Vagrant boxes](https://github.com/icinga/icinga-vagrant)
instead.
## <a id="vagrant-requirements"></a>Requirements
* Vagrant &gt;= version 1.5
* VirtualBox or Parallels Desktop
Parallels requires the additional provider plugin
[vagrant-paralells](https://parallels.github.io/vagrant-parallels/docs/) to be installed:
```
$ vagrant plugin install vagrant-parallels
```
## <a id="vagrant-general"></a>General
The Icinga Web 2 project ships with a Vagrant virtual machine that integrates
the source code with various services and example data in a controlled
environment. This enables developers and users to test
MySQL and PostgreSQL backends as well as the LDAP authentication. All you
have to do is install Vagrant and run:
```
vagrant up
```
> **Note:** The first boot of the vm takes a fairly long time because
> you'll download a plain CentOS base box and Vagrant will automatically
> provision the environment on the first go.
After you should be able to browse [localhost:8080/icingaweb2](http://localhost:8080/icingaweb2).
## <a id="vagrant-login"></a>Log into Icinga Web 2
Both LDAP and a MySQL are configured as authentication backend. Please use one of the following login credentials:
> LDAP:
>> **Username**: `jdoe`
>> **Password**: `password`
>MySQL:
>> **Username**: `icingaadmin`
>> **Password**: `icinga`
## <a id="vagrant-testing"></a>Testing the Source Code
All software required to run tests is installed in the virtual machine.
In order to run all tests you have to execute the following command:
```
vagrant ssh -c "icingacli test php unit"
```