diff --git a/doc/02-Installation.md b/doc/02-Installation.md index 04ec7b842..593354514 100644 --- a/doc/02-Installation.md +++ b/doc/02-Installation.md @@ -4,7 +4,7 @@ The preferred way of installing Icinga Web 2 is to use the official package repo system and distribution you are running. But it is also possible to install Icinga Web 2 directly from source. In case you are upgrading from an older version of Icinga Web 2 -please make sure to read the [upgrading](installation.md#upgrading) section +please make sure to read the [upgrading](02-Installation.md#upgrading) section thoroughly. ## Installing Requirements @@ -179,7 +179,7 @@ git clone git://git.icinga.org/icingaweb2.git ### Installing Requirements from Source -You will need to install certain dependencies depending on your setup listed [here](installation.md#installing-requirements). +You will need to install certain dependencies depending on your setup listed [here](02-Installation.md#installing-requirements). The following example installs Apache2 as web server, MySQL as RDBMS and uses the PHP adapter for MySQL. Adopt the package requirements to your needs (e.g. adding ldap for authentication) and distribution. @@ -318,7 +318,7 @@ Puppet, Ansible, Chef, etc. modules. > Read the documentation on the respective linked configuration sections before > deploying the configuration manually. > -> If you are unsure about certain settings, use the [setup wizard](installation.md#web-setup-wizard-from-source) once +> If you are unsure about certain settings, use the [setup wizard](02-Installation.md#web-setup-wizard-from-source) once > and then collect the generated configuration as well as sql dumps. #### Icinga Web 2 Manual Database Setup @@ -336,7 +336,7 @@ mysql -p icingaweb2 < /usr/share/icingaweb2/etc/schema/mysql.schema.sql ``` -Then generate a new password hash as described in the [authentication docs](authentication.md#authentication-configuration-db-setup) +Then generate a new password hash as described in the [authentication docs](05-Authentication.md#authentication-configuration-db-setup) and use it to insert a new user called `icingaadmin` into the database. ``` @@ -349,7 +349,7 @@ quit #### Icinga Web 2 Manual Configuration -[resources.ini](resources.md#resources) providing the details for the Icinga Web 2 and +[resources.ini](04-Resources.md#resources) providing the details for the Icinga Web 2 and Icinga 2 IDO database configuration. Example for MySQL: ``` @@ -375,7 +375,7 @@ username = "icinga" password = "icinga" ``` -[config.ini](configuration.md#configuration) defining general application settings. +[config.ini](03-Configuration.md#configuration) defining general application settings. ``` vim /etc/icingaweb2/config.ini @@ -391,7 +391,7 @@ type = "db" resource = "icingaweb2" ``` -[authentication.ini](authentication.md#authentication) for e.g. using the previously created database. +[authentication.ini](05-Authentication.md#authentication) for e.g. using the previously created database. ``` vim /etc/icingaweb2/authentication.ini @@ -402,7 +402,7 @@ resource = "icingaweb2" ``` -[roles.ini](security.md#security) granting the previously added `icingaadmin` user all permissions. +[roles.ini](06-Security.md#security) granting the previously added `icingaadmin` user all permissions. ``` vim /etc/icingaweb2/roles.ini @@ -415,7 +415,7 @@ permissions = "*" #### Icinga Web 2 Manual Configuration Monitoring Module -[config.ini](../modules/monitoring/doc/configuration.md#configuration) defining additional security settings. +**config.ini** defining additional security settings. ``` vim /etc/icingaweb2/modules/monitoring/config.ini @@ -424,7 +424,7 @@ vim /etc/icingaweb2/modules/monitoring/config.ini protected_customvars = "*pw*,*pass*,community" ``` -[backends.ini](../modules/monitoring/doc/configuration.md#configuration) referencing the Icinga 2 DB IDO resource. +**backends.ini** referencing the Icinga 2 DB IDO resource. ``` vim /etc/icingaweb2/modules/monitoring/backends.ini @@ -434,7 +434,7 @@ type = "ido" resource = "icinga2" ``` -[commandtransports.ini](../modules/monitoring/doc/commandtransports.md#commandtransports) defining the Icinga 2 command pipe. +**commandtransports.ini** defining the Icinga command pipe. ``` vim /etc/icingaweb2/modules/monitoring/commandtransports.ini diff --git a/doc/03-Configuration.md b/doc/03-Configuration.md index 90946be83..4df9ad2e6 100644 --- a/doc/03-Configuration.md +++ b/doc/03-Configuration.md @@ -5,11 +5,11 @@ Apart from its web configuration capabilities, the local configuration is stored in `/etc/icingaweb2` by default (depending on your config setup). - Location | File | Description - ------------------------------|-----------------------|--------------------------- - . | config.ini | General configuration (logging, preferences) - . | resources.ini | Global resources (Icinga Web 2 database for preferences and authentication, icinga ido database) - . | roles.ini | User specific roles (e.g. `administrators`) and permissions - . | [authentication.ini](authentication.md) | Authentication backends (e.g. database) - enabledModules | Symlink | Contains symlinks to enabled modules from `/usr/share/icingaweb2/modules/*`. Defaults to [monitoring](modules/monitoring/doc/configuration.md) and `doc`. - modules | Directory | Module specific configuration +File/Directory | Description +--------------------------------------------------------- +config.ini | General configuration (logging, preferences) +[resources.ini](04-Ressources.md) | Global resources (Icinga Web 2 database for preferences and authentication, Icinga IDO database) +roles.ini | User specific roles (e.g. `administrators`) and permissions +[authentication.ini](05-Authentication.md) | Authentication backends (e.g. database) +enabledModules | Contains symlinks to enabled modules +modules | Directory for module specific configuration diff --git a/doc/05-Authentication.md b/doc/05-Authentication.md index a1455e203..c30c593ff 100644 --- a/doc/05-Authentication.md +++ b/doc/05-Authentication.md @@ -63,7 +63,7 @@ Restart your web server to apply the changes. ## Active Directory or LDAP Authentication If you want to authenticate against Active Directory or LDAP, you have to define a -[LDAP resource](resources.md#resources-configuration-ldap) which will be referenced as data source for the +[LDAP resource](04-Resources.md#resources-configuration-ldap) which will be referenced as data source for the Active Directory or LDAP configuration method. ### LDAP @@ -71,7 +71,7 @@ Active Directory or LDAP configuration method. Directive | Description ------------------------|------------ **backend** | `ldap` -**resource** | The name of the LDAP resource defined in [resources.ini](resources.md#resources). +**resource** | The name of the LDAP resource defined in [resources.ini](04-Resources.md#resources). **user_class** | LDAP user class. **user_name_attribute** | LDAP attribute which contains the username. **filter** | LDAP search filter. @@ -96,7 +96,7 @@ with Icinga Web 2 (e.g. an alias) no matter what the primary user id might actua Directive | Description ------------------------|------------ **backend** | `msldap` -**resource** | The name of the LDAP resource defined in [resources.ini](resources.md#resources). +**resource** | The name of the LDAP resource defined in [resources.ini](04-Resources.md#resources). **Example:** @@ -109,13 +109,13 @@ resource = my_ad ## Database Authentication If you want to authenticate against a MySQL or a PostgreSQL database, you have to define a -[database resource](resources.md#resources-configuration-database) which will be referenced as data source for the database +[database resource](04-Resources.md#resources-configuration-database) which will be referenced as data source for the database authentication method. Directive | Description ------------------------|------------ **backend** | `db` -**resource** | The name of the database resource defined in [resources.ini](resources.md#resources). +**resource** | The name of the database resource defined in [resources.ini](04-Resources.md#resources). **Example:** @@ -132,7 +132,7 @@ For authenticating against a database, you have to import one of the following d * **etc/schema/preferences.mysql.sql** (for **MySQL** database) * **etc/schema/preferences.pgsql.sql** (for **PostgreSQL** databases) -After that you have to define the [database resource](resources.md#resources-configuration-database). +After that you have to define the [database resource](04-Resources.md#resources-configuration-database). **Manually Creating Users** diff --git a/doc/06-Security.md b/doc/06-Security.md index c39b508de..65c908342 100644 --- a/doc/06-Security.md +++ b/doc/06-Security.md @@ -21,9 +21,8 @@ things to which access can be managed: actions and objects. ### Actions Actions are all the things an Icinga Web 2 user can do, like changing a certain configuration, -changing permissions or sending a command to the Icinga instance through the -Command Pipe -in the monitoring module. All actions must be be **allowed explicitly** using permissions. +changing permissions or sending a command to the Icinga instance through the Icinga command pipe. +All actions must be be **allowed explicitly** using permissions. A permission is a simple list of identifiers of actions a user is allowed to do. Permissions are described in greater detail in the @@ -47,7 +46,7 @@ using Active Directory, and a user **icingaadmin** that is authenticated using a In the configuration, both can be referenced to by using their user names **icingaadmin** or **jdoe**. Icinga Web 2 users and groups are not configured by a configuration file, but provided by -an **authentication backend**. For extended information on setting up authentication backends and managing users, please read the chapter [Authentication](authentication.md#authentication). +an **authentication backend**. For extended information on setting up authentication backends and managing users, please read the chapter [Authentication](05-Authentication.md#authentication).
@@ -59,7 +58,7 @@ an **authentication backend**. For extended information on setting up authentica #### Managing Users When using a [Database -as authentication backend](authentication.md#authentication-configuration-db-authentication), it is possible to create, add and delete users directly in the frontend. This configuration +as authentication backend](05-Authentication.md#authentication-configuration-db-authentication), it is possible to create, add and delete users directly in the frontend. This configuration can be found at **Configuration > Authentication > Users **. ### Groups @@ -70,12 +69,12 @@ A user can be member of multiple groups and will inherit all permissions and res Like users, groups are identified solely by their **name** that is provided by a **group backend**. For extended information on setting up group backends, - please read the chapter [Authentication](authentication.md#authentication). + please read the chapter [Authentication](05-Authentication.md#authentication). #### Managing Groups -When using a [Database as an authentication backend](#authentication.md#authentication-configuration-db-authentication), +When using a [Database as an authentication backend](05-Authentication.md#authentication-configuration-db-authentication), it is possible to manage groups and group memberships directly in the frontend. This configuration can be found at **Configuration > Authentication > Groups **. @@ -168,7 +167,7 @@ module/<moduleName> | Allow access to module <moduleName> ### Monitoring Module Permissions The built-in monitoring module defines an additional set of permissions, that -is described in detail in the [monitoring module documentation](/icingaweb2/doc/module/doc/chapter/monitoring-security#monitoring-security). +is described in detail in the monitoring module documentation. ## Restrictions @@ -187,7 +186,7 @@ mentioned in the section [Syntax](#syntax). ### Filter Expressions Filters operate on columns. A complete list of all available filter columns on hosts and services can be found in -the [monitoring module documentation](/icingaweb2/doc/module/doc/chapter/monitoring-security#monitoring-security-restrictions). +the monitoring module documentation. Any filter expression that is allowed in the filtered view, is also an allowed filter expression. This means, that it is possible to define negations, wildcards, and even nested diff --git a/doc/07-Preferences.md b/doc/07-Preferences.md index ca26b66b0..e89a507bf 100644 --- a/doc/07-Preferences.md +++ b/doc/07-Preferences.md @@ -27,13 +27,13 @@ type = ini ### Store Preferences in a Database In order to be more flexible in distributed setups you can store preferences in a MySQL or in a PostgreSQL database. -For storing preferences in a database, you have to define a [database resource](resources.md#resources-configuration-database) +For storing preferences in a database, you have to define a [database resource](04-Resources.md#resources-configuration-database) which will be referenced as resource for the preferences storage. Directive | Description ------------------------|------------ **type** | `db` -**resource** | The name of the database resource defined in [resources.ini](resources.md#resources). +**resource** | The name of the database resource defined in [resources.ini](04-Resources.md#resources). **Example:** @@ -50,4 +50,4 @@ For storing preferences in a database, you have to import one of the following d * **etc/schema/preferences.mysql.sql** (for **MySQL** database) * **etc/schema/preferences.pgsql.sql** (for **PostgreSQL** databases) -After that you have to define the [database resource](resources.md#resources-configuration-database). +After that you have to define the [database resource](04-Resources.md#resources-configuration-database).