From ce955118905a8249bf1ff3daa9357a2673ba953c Mon Sep 17 00:00:00 2001 From: Matthias Jentsch Date: Fri, 26 Jul 2013 12:58:21 +0200 Subject: [PATCH] Change default database to "icingaweb" and add installation instructions Set the default database and user to "icingaweb" in the authentication.ini. Add instructions about how to set up the databases to authentication.ini. refs #3769 --- config/authentication.ini | 6 +-- doc/authentication.md | 4 +- doc/installation.md | 45 ++++++++++++++++++- etc/schema/users.mysql.sql | 8 +--- etc/schema/users.pgsql.sql | 8 +--- .../Authentication/Backend/DbUserBackend.php | 14 +++--- .../controllers/ListController.php | 2 - 7 files changed, 60 insertions(+), 27 deletions(-) diff --git a/config/authentication.ini b/config/authentication.ini index 89334e609..381dc9df0 100644 --- a/config/authentication.ini +++ b/config/authentication.ini @@ -1,11 +1,11 @@ [users] backend=Db dbtype=mysql -table=icinga_users +table=user host=localhost password=icinga -user=icinga -db=icinga +user=icingaweb +db=icingaweb root_dn="ou=people,dc=icinga,dc=org" bind_dn="cn=admin,cn=config" diff --git a/doc/authentication.md b/doc/authentication.md index d05c8babd..70a22f144 100644 --- a/doc/authentication.md +++ b/doc/authentication.md @@ -1,12 +1,12 @@ # Authentication via internal DB -The class DbUserBackend allows +The class DbUserBackend allows to handle the user authentication internally in a database. ## Configuration The internal authentication is configured in *config/authentication.ini*. The value of the configuration key "backend" will determine which UserBackend class to -load. To use the internal backend you will need to specifiy the value "Db" +load. To use the internal backend you need to specifiy the value "Db" which will cause the class "DbUserBackend" to be loaded. There are various configuration keys in "Authentication.ini" and some are only diff --git a/doc/installation.md b/doc/installation.md index 438b3df9a..3170bf4b3 100644 --- a/doc/installation.md +++ b/doc/installation.md @@ -22,7 +22,7 @@ If you want to install the application to a different directory, use the --prefi configure call: ` ./configure --prefix=/my/target/directory -` +` ### Authentication @@ -38,6 +38,49 @@ The default option for icinga2web is to configure all icinga backends with the d call `--with-icinga-backend=` and provide ido, livestatus or statusdat as an option. To further configure your backend, take a look at the various options described in `./configure --help` +### Databases + +It is required to set up all used Databases correctly, which basically means to create all needed user accounts and to +create all database tables. You will find the installation guides for the different databases in the sections below: + +*IMPORTANT*: Select a secure password instead of "icinga" and alter the config/*.ini accordingly. + + +#### MySQL + +1. Create the user and the database + + + mysql -u root -p + mysql> CREATE USER `icingaweb`@`localhost` IDENTIFIED BY 'icinga'; + mysql> CREATE DATABASE `icingaweb`; + mysql> GRANT ALL PRIVILEGES ON `icingaweb`.* TO `icingaweb`@`localhost`; + mysql> FLUSH PRIVILEGES; + mysql> quit + + +2. Create all tables (You need to be in the icinga2-web folder) + + + bash$ mysql -u root -p icingaweb < etc/schema/users.mysql.sql + + +#### PostgreSQL + +1. Create the user and the database + + + sudo su postgres + psql + postgres=# CREATE USER icingaweb WITH PASSWORD 'icinga'; + postgres=# CREATE DATABASE icingaweb; + postgres=# \q + + +2. Create all tables (You need to be in the icinga2-web folder) + + + bash$ psql -d icingaweb -a -f etc/schema/users.mysql.sql Quick and Dirty diff --git a/etc/schema/users.mysql.sql b/etc/schema/users.mysql.sql index d3920d956..e564050e0 100644 --- a/etc/schema/users.mysql.sql +++ b/etc/schema/users.mysql.sql @@ -1,4 +1,4 @@ -create table icinga_users ( +create table user ( user_name varchar(255) NOT NULL, first_name varchar(255), last_name varchar(255), @@ -15,17 +15,13 @@ create table icinga_users ( * user: icingaadmin * password: icinga */ -INSERT INTO icinga_users ( +INSERT INTO user ( user_name, - first_name, - last_name, salt, password, active) VALUES ( 'icingaadmin', - 'john', - 'doe', 'IepKgTTShC', '52deddb5cc7a5769484fcb0fbc5981a7c62cd9f3ddbb8ff3ddb1b89ea324ad16', true diff --git a/etc/schema/users.pgsql.sql b/etc/schema/users.pgsql.sql index d3920d956..f0e3d511b 100644 --- a/etc/schema/users.pgsql.sql +++ b/etc/schema/users.pgsql.sql @@ -1,4 +1,4 @@ -create table icinga_users ( +create table "user" ( user_name varchar(255) NOT NULL, first_name varchar(255), last_name varchar(255), @@ -15,17 +15,13 @@ create table icinga_users ( * user: icingaadmin * password: icinga */ -INSERT INTO icinga_users ( +INSERT INTO "user" ( user_name, - first_name, - last_name, salt, password, active) VALUES ( 'icingaadmin', - 'john', - 'doe', 'IepKgTTShC', '52deddb5cc7a5769484fcb0fbc5981a7c62cd9f3ddbb8ff3ddb1b89ea324ad16', true diff --git a/library/Icinga/Authentication/Backend/DbUserBackend.php b/library/Icinga/Authentication/Backend/DbUserBackend.php index 8db400a24..a1e0f785e 100644 --- a/library/Icinga/Authentication/Backend/DbUserBackend.php +++ b/library/Icinga/Authentication/Backend/DbUserBackend.php @@ -64,7 +64,7 @@ class DbUserBackend implements UserBackend { ); /** - * Creates a DbUserBackend with the given configuration + * Creates a DbUserBackend * * @param $config The configuration-object containing the members host,user,password,db */ @@ -90,9 +90,9 @@ class DbUserBackend implements UserBackend { } /** - * Checks if the user in the given Credentials-object is available + * Checks if the user identified by the given credentials is available * - * @param Credentials $credentials The login credentials of the user. + * @param Credentials $credentials The login credentials * @return boolean True when the username is known and currently active. */ public function hasUsername(Credentials $credential) @@ -104,7 +104,7 @@ class DbUserBackend implements UserBackend { /** * Authenticate a user with the given credentials * - * @param Credentials $credentials + * @param Credentials $credentials The login credentials * @return User|null The authenticated user or Null. */ public function authenticate(Credentials $credential) @@ -126,7 +126,7 @@ class DbUserBackend implements UserBackend { } /** - * Updates the timestamp containing the time of the last login for + * Update the timestamp containing the time of the last login for * the user with the given username * * @param $username The login-name of the user. @@ -143,7 +143,7 @@ class DbUserBackend implements UserBackend { } /** - * Fetches the user's salt from the database + * Fetch the user's salt from the database * * @param $username The user whose salt should be fetched. * @return String|null Returns the salt-string or Null, when the user does not exist. @@ -159,7 +159,7 @@ class DbUserBackend implements UserBackend { } /** - * Fetches the user information from the database + * Fetch the user information from the database * * @param $username The name of the user. * @return User|null Returns the user object, or null when the user does not exist. diff --git a/modules/monitoring/application/controllers/ListController.php b/modules/monitoring/application/controllers/ListController.php index aea386433..2d0b4d281 100644 --- a/modules/monitoring/application/controllers/ListController.php +++ b/modules/monitoring/application/controllers/ListController.php @@ -89,8 +89,6 @@ class Monitoring_ListController extends ModuleActionController if ($this->_getParam('sort')) { $this->view->sort = $this->_getParam('sort'); } - - } public function hostgroupsAction()