From ff8ccc716d8e2d3673b853a4ec8fcdb0165a8d44 Mon Sep 17 00:00:00 2001 From: Frank Brehm Date: Tue, 10 Oct 2017 23:26:04 +0200 Subject: [PATCH] saving uncommitted changes in /etc prior to apt run --- .etckeeper | 3 ++ icinga2/conf.d/api-users.conf | 7 +++ icinga2/conf.d/ns1.conf | 2 +- icinga2/conf.d/ns1/apt.conf | 2 +- icinga2/conf.d/ns1/icinga.conf | 2 +- icinga2/conf.d/ns1/load.conf | 2 +- icinga2/conf.d/ns1/procs.conf | 2 +- icinga2/conf.d/ns1/swap.conf | 2 +- icinga2/conf.d/ns1/users.conf | 2 +- icinga2/conf.d/services/dns.conf | 2 +- icinga2/constants.conf | 6 +-- icinga2/constants.conf.orig | 28 +++++++++++ icinga2/features-available/api.conf | 1 - icinga2/features-available/api.conf.orig | 11 +++++ icinga2/zones.conf | 56 ++------------------- icinga2/zones.conf.orig | 63 ++++++++++++++++++++++++ 16 files changed, 126 insertions(+), 65 deletions(-) create mode 100644 icinga2/constants.conf.orig create mode 100644 icinga2/features-available/api.conf.orig create mode 100644 icinga2/zones.conf.orig diff --git a/.etckeeper b/.etckeeper index eb4c677..225736c 100755 --- a/.etckeeper +++ b/.etckeeper @@ -826,8 +826,10 @@ maybe chmod 0644 'icinga2/conf.d/templates.conf' maybe chmod 0644 'icinga2/conf.d/timeperiods.conf' maybe chmod 0644 'icinga2/conf.d/users.conf' maybe chmod 0644 'icinga2/constants.conf' +maybe chmod 0644 'icinga2/constants.conf.orig' maybe chmod 0755 'icinga2/features-available' maybe chmod 0644 'icinga2/features-available/api.conf' +maybe chmod 0644 'icinga2/features-available/api.conf.orig' maybe chmod 0644 'icinga2/features-available/checker.conf' maybe chmod 0644 'icinga2/features-available/command.conf' maybe chmod 0644 'icinga2/features-available/compatlog.conf' @@ -866,6 +868,7 @@ maybe chmod 0755 'icinga2/scripts' maybe chmod 0755 'icinga2/scripts/mail-host-notification.sh' maybe chmod 0755 'icinga2/scripts/mail-service-notification.sh' maybe chmod 0644 'icinga2/zones.conf' +maybe chmod 0644 'icinga2/zones.conf.orig' maybe chmod 0755 'icinga2/zones.d' maybe chmod 0644 'icinga2/zones.d/README' maybe chmod 0755 'init' diff --git a/icinga2/conf.d/api-users.conf b/icinga2/conf.d/api-users.conf index 022b8d5..22bd9bc 100644 --- a/icinga2/conf.d/api-users.conf +++ b/icinga2/conf.d/api-users.conf @@ -7,3 +7,10 @@ object ApiUser "root" { permissions = [ "*" ] } + +object ApiUser "client-pki-ticket" { + password = "aixeirqieghae3ahngo9mei3" + permissions = [ "actions/generate-ticket" ] +} + + diff --git a/icinga2/conf.d/ns1.conf b/icinga2/conf.d/ns1.conf index f186637..4cb562d 100644 --- a/icinga2/conf.d/ns1.conf +++ b/icinga2/conf.d/ns1.conf @@ -1,5 +1,5 @@ -object Host "ns1" { +object Host "ns1.uhu-banane.de" { /* Import the default host template defined in `templates.conf`. */ import "generic-host" diff --git a/icinga2/conf.d/ns1/apt.conf b/icinga2/conf.d/ns1/apt.conf index a8a63e0..9ccc216 100644 --- a/icinga2/conf.d/ns1/apt.conf +++ b/icinga2/conf.d/ns1/apt.conf @@ -4,6 +4,6 @@ apply Service "apt" { check_command = "apt" enable_notifications = false - assign where host.name == "ns1" + assign where host.name == "ns1.uhu-banane.de" } diff --git a/icinga2/conf.d/ns1/icinga.conf b/icinga2/conf.d/ns1/icinga.conf index 3b7249b..21de233 100644 --- a/icinga2/conf.d/ns1/icinga.conf +++ b/icinga2/conf.d/ns1/icinga.conf @@ -4,6 +4,6 @@ apply Service "icinga" { check_command = "icinga" - assign where host.name == "ns1" + assign where host.name == "ns1.uhu-banane.de" } diff --git a/icinga2/conf.d/ns1/load.conf b/icinga2/conf.d/ns1/load.conf index b16d6c3..050186a 100644 --- a/icinga2/conf.d/ns1/load.conf +++ b/icinga2/conf.d/ns1/load.conf @@ -7,7 +7,7 @@ apply Service "load" { /* Used by the ScheduledDowntime apply rule in `downtimes.conf`. */ vars.backup_downtime = "02:00-03:00" - assign where host.name == "ns1" + assign where host.name == "ns1.uhu-banane.de" } diff --git a/icinga2/conf.d/ns1/procs.conf b/icinga2/conf.d/ns1/procs.conf index 09dcd95..9abf65c 100644 --- a/icinga2/conf.d/ns1/procs.conf +++ b/icinga2/conf.d/ns1/procs.conf @@ -4,6 +4,6 @@ apply Service "procs" { check_command = "procs" - assign where host.name == "ns1" + assign where host.name == "ns1.uhu-banane.de" } diff --git a/icinga2/conf.d/ns1/swap.conf b/icinga2/conf.d/ns1/swap.conf index 6ccd390..05e2b7b 100644 --- a/icinga2/conf.d/ns1/swap.conf +++ b/icinga2/conf.d/ns1/swap.conf @@ -4,6 +4,6 @@ apply Service "swap" { check_command = "swap" - assign where host.name == "ns1" + assign where host.name == "ns1.uhu-banane.de" } diff --git a/icinga2/conf.d/ns1/users.conf b/icinga2/conf.d/ns1/users.conf index 63d6dc7..88ebacf 100644 --- a/icinga2/conf.d/ns1/users.conf +++ b/icinga2/conf.d/ns1/users.conf @@ -4,6 +4,6 @@ apply Service "users" { check_command = "users" - assign where host.name == "ns1" + assign where host.name == "ns1.uhu-banane.de" } diff --git a/icinga2/conf.d/services/dns.conf b/icinga2/conf.d/services/dns.conf index f6e1185..f28638d 100644 --- a/icinga2/conf.d/services/dns.conf +++ b/icinga2/conf.d/services/dns.conf @@ -1,7 +1,7 @@ apply Service "proc named" { import "generic-service" - #host_name = "ns1" + #host_name = "ns1.uhu-banane.de" check_command = "procs" vars.procs_argument = "/usr/sbin/named" diff --git a/icinga2/constants.conf b/icinga2/constants.conf index 29232d6..c27ef8c 100644 --- a/icinga2/constants.conf +++ b/icinga2/constants.conf @@ -19,10 +19,10 @@ const PluginContribDir = "/usr/lib/nagios/plugins" /* Our local instance name. By default this is the server's hostname as returned by `hostname --fqdn`. * This should be the common name from the API certificate. */ -//const NodeName = "localhost" +const NodeName = "ns1.uhu-banane.de" /* Our local zone name. */ -const ZoneName = NodeName +const ZoneName = "ns1.uhu-banane.de" /* Secret key for remote node tickets */ -const TicketSalt = "" +const TicketSalt = "4d6b7086706aa4aa3d43bafb7df4b6c2" diff --git a/icinga2/constants.conf.orig b/icinga2/constants.conf.orig new file mode 100644 index 0000000..29232d6 --- /dev/null +++ b/icinga2/constants.conf.orig @@ -0,0 +1,28 @@ +/** + * This file defines global constants which can be used in + * the other configuration files. + */ + +/* The directory which contains the plugins from the Monitoring Plugins project. */ +const PluginDir = "/usr/lib/nagios/plugins" + +/* The directory which contains the Manubulon plugins. + * Check the documentation, chapter "SNMP Manubulon Plugin Check Commands", for details. + */ +const ManubulonPluginDir = "/usr/lib/nagios/plugins" + +/* The directory which you use to store additional plugins which ITL provides user contributed command definitions for. + * Check the documentation, chapter "Plugins Contribution", for details. + */ +const PluginContribDir = "/usr/lib/nagios/plugins" + +/* Our local instance name. By default this is the server's hostname as returned by `hostname --fqdn`. + * This should be the common name from the API certificate. + */ +//const NodeName = "localhost" + +/* Our local zone name. */ +const ZoneName = NodeName + +/* Secret key for remote node tickets */ +const TicketSalt = "" diff --git a/icinga2/features-available/api.conf b/icinga2/features-available/api.conf index 0136de0..28bf922 100644 --- a/icinga2/features-available/api.conf +++ b/icinga2/features-available/api.conf @@ -1,7 +1,6 @@ /** * The API listener is used for distributed monitoring setups. */ - object ApiListener "api" { cert_path = SysconfDir + "/icinga2/pki/" + NodeName + ".crt" key_path = SysconfDir + "/icinga2/pki/" + NodeName + ".key" diff --git a/icinga2/features-available/api.conf.orig b/icinga2/features-available/api.conf.orig new file mode 100644 index 0000000..0136de0 --- /dev/null +++ b/icinga2/features-available/api.conf.orig @@ -0,0 +1,11 @@ +/** + * The API listener is used for distributed monitoring setups. + */ + +object ApiListener "api" { + cert_path = SysconfDir + "/icinga2/pki/" + NodeName + ".crt" + key_path = SysconfDir + "/icinga2/pki/" + NodeName + ".key" + ca_path = SysconfDir + "/icinga2/pki/ca.crt" + + ticket_salt = TicketSalt +} diff --git a/icinga2/zones.conf b/icinga2/zones.conf index 70ac766..d81674b 100644 --- a/icinga2/zones.conf +++ b/icinga2/zones.conf @@ -1,63 +1,13 @@ /* - * Endpoint and Zone configuration for a cluster setup - * This local example requires `NodeName` defined in - * constants.conf. + * Generated by Icinga 2 node setup commands + * on 2017-10-10 22:56:42 +0200 */ object Endpoint NodeName { - host = NodeName } object Zone ZoneName { - endpoints = [ NodeName ] + endpoints = [ NodeName ] } -/* - * Defines a global zone for distributed setups with masters, - * satellites and clients. - * This is required to sync configuration commands, - * templates, apply rules, etc. to satellite and clients. - * All nodes require the same configuration and must - * have `accept_config` enabled in the `api` feature. - */ - -object Zone "global-templates" { - global = true -} - -/* - * Defines a global zone for the Icinga Director. - * This is required to sync configuration commands, - * templates, apply rules, etc. to satellite and clients. - * All nodes require the same configuration and must - * have `accept_config` enabled in the `api` feature. - */ - -object Zone "director-global" { - global = true -} - -/* - * Read the documentation on how to configure - * a cluster setup with multiple zones. - */ - -/* -object Endpoint "master.example.org" { - host = "master.example.org" -} - -object Endpoint "satellite.example.org" { - host = "satellite.example.org" -} - -object Zone "master" { - endpoints = [ "master.example.org" ] -} - -object Zone "satellite" { - parent = "master" - endpoints = [ "satellite.example.org" ] -} -*/ diff --git a/icinga2/zones.conf.orig b/icinga2/zones.conf.orig new file mode 100644 index 0000000..70ac766 --- /dev/null +++ b/icinga2/zones.conf.orig @@ -0,0 +1,63 @@ +/* + * Endpoint and Zone configuration for a cluster setup + * This local example requires `NodeName` defined in + * constants.conf. + */ + +object Endpoint NodeName { + host = NodeName +} + +object Zone ZoneName { + endpoints = [ NodeName ] +} + +/* + * Defines a global zone for distributed setups with masters, + * satellites and clients. + * This is required to sync configuration commands, + * templates, apply rules, etc. to satellite and clients. + * All nodes require the same configuration and must + * have `accept_config` enabled in the `api` feature. + */ + +object Zone "global-templates" { + global = true +} + +/* + * Defines a global zone for the Icinga Director. + * This is required to sync configuration commands, + * templates, apply rules, etc. to satellite and clients. + * All nodes require the same configuration and must + * have `accept_config` enabled in the `api` feature. + */ + +object Zone "director-global" { + global = true +} + +/* + * Read the documentation on how to configure + * a cluster setup with multiple zones. + */ + +/* +object Endpoint "master.example.org" { + host = "master.example.org" +} + +object Endpoint "satellite.example.org" { + host = "satellite.example.org" +} + +object Zone "master" { + endpoints = [ "master.example.org" ] +} + +object Zone "satellite" { + parent = "master" + endpoints = [ "satellite.example.org" ] +} +*/ + -- 2.39.5