From 78552933024366c86872b3de8f8b1887f76d1285 Mon Sep 17 00:00:00 2001 From: Eric Lippmann Date: Wed, 14 Dec 2022 12:23:25 +0100 Subject: [PATCH] Remove packages/ Moved to the packaging repository. --- packages/RPM.md | 110 ------------------ packages/files/apache/icingaweb2.conf | 60 ---------- packages/files/apache/icingaweb2.fpm.conf | 57 --------- packages/files/bin/icingacli | 7 -- packages/files/config/modules/doc/config.ini | 3 - .../files/config/modules/setup/config.ini | 2 - .../config/modules/translation/config.ini | 4 - packages/files/public/index.php | 4 - packages/selinux/icingaweb2.fc | 7 -- packages/selinux/icingaweb2.if | 45 ------- packages/selinux/icingaweb2.sh | 52 --------- packages/selinux/icingaweb2.te | 29 ----- 12 files changed, 380 deletions(-) delete mode 100644 packages/RPM.md delete mode 100644 packages/files/apache/icingaweb2.conf delete mode 100644 packages/files/apache/icingaweb2.fpm.conf delete mode 100755 packages/files/bin/icingacli delete mode 100644 packages/files/config/modules/doc/config.ini delete mode 100644 packages/files/config/modules/setup/config.ini delete mode 100644 packages/files/config/modules/translation/config.ini delete mode 100644 packages/files/public/index.php delete mode 100644 packages/selinux/icingaweb2.fc delete mode 100644 packages/selinux/icingaweb2.if delete mode 100755 packages/selinux/icingaweb2.sh delete mode 100644 packages/selinux/icingaweb2.te diff --git a/packages/RPM.md b/packages/RPM.md deleted file mode 100644 index c93b60170..000000000 --- a/packages/RPM.md +++ /dev/null @@ -1,110 +0,0 @@ -# Icinga Web 2 README for RPM Packages - -This file will describe how to install Icinga Web 2 from an RPM -package (RHEL/CentOS/Fedora, SLES/OpenSUSE). - -## Requirements - -* EPEL/OBS Repository for Zend Framework -* Apache 2.2+ -* PHP 5.3+, Zend Framework, PHP PDO MySQL/PostgreSQL, PHP LDAP (optional) -* MySQL or PostgreSQL for internal DB -* Icinga 1.x or 2.x providing an IDO database (default: `icinga`) -* Icinga 1.x or 2.x providing an external command pipe (default: `icinga2.cmd`) - -### SELinux - -Disabled SELinux for sending commands via external command pipe -provided by Icinga (2) Core. - - setenforce 0 - -## Webserver Configuration - -Can be generated using the following local icingacli command: - - /usr/share/icingaweb2/bin/icingacli setup config webserver apache - -Pipe the output into `/etc/httpd/conf.d/icingaweb2.conf` or similar, -if not already existing. - -## Setup Wizard - -Navigate to `/icingaweb/setup` and follow the on-screen instructions. - - -## Support - -Please use one of the listed support channels at https://support.icinga.com - - -## Manual Setup - -### Internal DB Setup - -Decide whether to use MySQL or PostgreSQL. - -#### MySQL - - mysql -u root -p - CREATE USER `icingaweb`@`localhost` IDENTIFIED BY 'icingaweb'; - CREATE DATABASE `icingaweb`; - GRANT ALL PRIVILEGES ON `icingaweb`.* TO `icingaweb`@`localhost`; - FLUSH PRIVILEGES; - quit - - mysql -u root -p icingaweb < /usr/share/doc/icingaweb2*/schema/mysql.schema..sql - -#### PostgreSQL - - sudo su postgres - psql - postgres=# CREATE USER icingaweb WITH PASSWORD 'icingaweb'; - postgres=# CREATE DATABASE icingaweb; - postgres=# \q - -Add the `icingaweb` user for trusted authentication to your `pg_hba.conf` file -in `/var/lib/pgsql/data/pg_hba.conf` and restart the PostgreSQL server. - - local icingaweb icingaweb trust - host icingaweb icingaweb 127.0.0.1/32 trust - host icingaweb icingaweb ::1/128 trust - -Now install the `icingaweb` schema - - bash$ psql -U icingaweb -a -f /usr/share/doc/icingaweb2*/schema/pgsql.schema.sql - - -### Configuration - -#### Module Configuration - -The monitoring module is enabled by default. - -#### Backend configuration - -`/etc/icingaweb2/resources.ini` contains the database backend information. -By default the Icinga 2 DB IDO is used by the monitoring module in -`/etc/icingaweb2/modules/monitoring/backends.ini` - -The external command pipe is required for sending commands -and configured for Icinga 2 in -`/etc/icingaweb2/modules/monitoring/commandtransports.ini` - -#### Authentication configuration - -The `/etc/icingaweb2/authentication.ini` file uses the internal database as -default. This requires the database being installed properly before -allowing users to login via web console. - -#### Default User - -When not using the default setup wizard, you can generate a secure password hash with openssl -and insert that manually like so: - - openssl passwd -1 "yoursecurepassword" - - mysql -uicingaweb -p icingaweb - - mysql> INSERT INTO icingaweb_user (name, active, password_hash) VALUES ('icingaadmin', 1, '$yoursecurepassword_hash'); - diff --git a/packages/files/apache/icingaweb2.conf b/packages/files/apache/icingaweb2.conf deleted file mode 100644 index da8c56572..000000000 --- a/packages/files/apache/icingaweb2.conf +++ /dev/null @@ -1,60 +0,0 @@ -Alias /icingaweb2 "/usr/share/icingaweb2/public" - -# Remove comments if you want to use PHP FPM and your Apache version is older than 2.4 -# -# # Forward PHP requests to FPM -# SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1 -# -# ProxyPassMatch "fcgi://127.0.0.1:9000/{documentRoot}/$1" -# -# - - - Options SymLinksIfOwnerMatch - AllowOverride None - - DirectoryIndex index.php - - - # Apache 2.4 - - Require all granted - - - - - # Apache 2.2 - Order allow,deny - Allow from all - - - SetEnv ICINGAWEB_CONFIGDIR "/etc/icingaweb2" - - EnableSendfile Off - - - RewriteEngine on - RewriteBase /icingaweb2/ - RewriteCond %{REQUEST_FILENAME} -s [OR] - RewriteCond %{REQUEST_FILENAME} -l [OR] - RewriteCond %{REQUEST_FILENAME} -d - RewriteRule ^.*$ - [NC,L] - RewriteRule ^.*$ index.php [NC,L] - - - - DirectoryIndex error_norewrite.html - ErrorDocument 404 /icingaweb2/error_norewrite.html - - -# Remove comments if you want to use PHP FPM and your Apache version -# is greater than or equal to 2.4 -# = 2.4> -# # Forward PHP requests to FPM -# SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1 -# -# SetHandler "proxy:fcgi://127.0.0.1:9000" -# ErrorDocument 503 {urlPath}/error_unavailable.html -# -# - diff --git a/packages/files/apache/icingaweb2.fpm.conf b/packages/files/apache/icingaweb2.fpm.conf deleted file mode 100644 index 8d5b9db71..000000000 --- a/packages/files/apache/icingaweb2.fpm.conf +++ /dev/null @@ -1,57 +0,0 @@ -Alias /icingaweb2 "/usr/share/icingaweb2/public" - - - # Forward PHP requests to FPM - SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1 - - ProxyPassMatch "fcgi://127.0.0.1:9000/usr/share/icingaweb2/public/$1" - - - - - Options SymLinksIfOwnerMatch - AllowOverride None - - DirectoryIndex index.php - - - # Apache 2.4 - - Require all granted - - - - - # Apache 2.2 - Order allow,deny - Allow from all - - - SetEnv ICINGAWEB_CONFIGDIR "/etc/icingaweb2" - - EnableSendfile Off - - - RewriteEngine on - RewriteBase /icingaweb2/ - RewriteCond %{REQUEST_FILENAME} -s [OR] - RewriteCond %{REQUEST_FILENAME} -l [OR] - RewriteCond %{REQUEST_FILENAME} -d - RewriteRule ^.*$ - [NC,L] - RewriteRule ^.*$ index.php [NC,L] - - - - DirectoryIndex error_norewrite.html - ErrorDocument 404 /icingaweb2/error_norewrite.html - - - = 2.4> - # Forward PHP requests to FPM - SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1 - - SetHandler "proxy:fcgi://127.0.0.1:9000" - ErrorDocument 503 /icingaweb2/error_unavailable.html - - - diff --git a/packages/files/bin/icingacli b/packages/files/bin/icingacli deleted file mode 100755 index 4b51e3384..000000000 --- a/packages/files/bin/icingacli +++ /dev/null @@ -1,7 +0,0 @@ -#!/usr/bin/php -dispatch(); diff --git a/packages/files/config/modules/doc/config.ini b/packages/files/config/modules/doc/config.ini deleted file mode 100644 index 80df20784..000000000 --- a/packages/files/config/modules/doc/config.ini +++ /dev/null @@ -1,3 +0,0 @@ -[documentation] -icingaweb2 = /usr/share/doc/icingaweb2/markdown -modules = /usr/share/doc/icingaweb2/modules/{module}/markdown diff --git a/packages/files/config/modules/setup/config.ini b/packages/files/config/modules/setup/config.ini deleted file mode 100644 index 5158aae99..000000000 --- a/packages/files/config/modules/setup/config.ini +++ /dev/null @@ -1,2 +0,0 @@ -[schema] -path = /usr/share/doc/icingaweb2/schema diff --git a/packages/files/config/modules/translation/config.ini b/packages/files/config/modules/translation/config.ini deleted file mode 100644 index 5bdf37b0c..000000000 --- a/packages/files/config/modules/translation/config.ini +++ /dev/null @@ -1,4 +0,0 @@ -[translation] -msgmerge = /usr/bin/msgmerge -xgettext = /usr/bin/xgettext -msgfmt = /usr/bin/msgfmt diff --git a/packages/files/public/index.php b/packages/files/public/index.php deleted file mode 100644 index 8ea9e80d1..000000000 --- a/packages/files/public/index.php +++ /dev/null @@ -1,4 +0,0 @@ - -## Allow the specified domain to read -## icingaweb2 configuration files. -## -## -## -## Domain allowed access. -## -## -## -# -interface(`icingaweb2_read_config',` - gen_require(` - type icingaweb2_config_t; - ') - - files_search_etc($1) - list_dirs_pattern($1, icingaweb2_config_t, icingaweb2_config_t) - read_files_pattern($1, icingaweb2_config_t, icingaweb2_config_t) - read_lnk_files_pattern($1, icingaweb2_config_t, icingaweb2_config_t) -') - -######################################## -## -## Allow the specified domain to read -## and write icingaweb2 configuration files. -## -## -## -## Domain allowed access. -## -## -## -# -interface(`icingaweb2_manage_config',` - gen_require(` - type icingaweb2_config_t; - ') - - files_search_etc($1) - manage_dirs_pattern($1, icingaweb2_config_t, icingaweb2_config_t) - manage_files_pattern($1, icingaweb2_config_t, icingaweb2_config_t) - manage_lnk_files_pattern($1, icingaweb2_config_t, icingaweb2_config_t) -') diff --git a/packages/selinux/icingaweb2.sh b/packages/selinux/icingaweb2.sh deleted file mode 100755 index bbe2a2e74..000000000 --- a/packages/selinux/icingaweb2.sh +++ /dev/null @@ -1,52 +0,0 @@ -#!/bin/sh -e - -DIRNAME=`dirname $0` -cd $DIRNAME -USAGE="$0 [ --update ]" -if [ `id -u` != 0 ]; then -echo 'You must be root to run this script' -exit 1 -fi - -if [ $# -eq 1 ]; then - if [ "$1" = "--update" ] ; then - time=`ls -l --time-style="+%x %X" icingaweb2.te | awk '{ printf "%s %s", $6, $7 }'` - rules=`ausearch --start $time -m avc --raw -se icinga2` - if [ x"$rules" != "x" ] ; then - echo "Found avc's to update policy with" - echo -e "$rules" | audit2allow -R - echo "Do you want these changes added to policy [y/n]?" - read ANS - if [ "$ANS" = "y" -o "$ANS" = "Y" ] ; then - echo "Updating policy" - echo -e "$rules" | audit2allow -R >> icingaweb2.te - # Fall though and rebuild policy - else - exit 0 - fi - else - echo "No new avcs found" - exit 0 - fi - else - echo -e $USAGE - exit 1 - fi -elif [ $# -ge 2 ] ; then - echo -e $USAGE - exit 1 -fi - -echo "Building and Loading Policy" -set -x -make -f /usr/share/selinux/devel/Makefile icingaweb2.pp || exit -/usr/sbin/semodule -i icingaweb2.pp - -# Generate a man page off the installed module -#sepolicy manpage -p . -d icingaweb2_t -# Fixing the file context on /etc/icingaweb2 -/sbin/restorecon -F -R -v /etc/icingaweb2 -# Fixing the file context on /var/log/icingaweb2 -/sbin/restorecon -F -R -v /var/log/icingaweb2 -# Fixing the file context on /usr/share/icingaweb2 -/sbin/restorecon -F -R -v /usr/share/icingaweb2 diff --git a/packages/selinux/icingaweb2.te b/packages/selinux/icingaweb2.te deleted file mode 100644 index e7c8f9df7..000000000 --- a/packages/selinux/icingaweb2.te +++ /dev/null @@ -1,29 +0,0 @@ -policy_module(icingaweb2, 0.0.1) - -######################################## -# -# Declarations -# - -require { - type httpd_t; -} - -## -##

-## Allow Apache to manage icingaweb2 configuration -##

-## -gen_tunable(httpd_can_manage_icingaweb2_config, true) - -type icingaweb2_config_t; -files_config_file(icingaweb2_config_t) - -optional_policy(` - apache_content_template(icingaweb2) - icingaweb2_read_config(httpd_t) - tunable_policy(`httpd_can_manage_icingaweb2_config',` - icingaweb2_manage_config(httpd_t) - ') -') -