summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSam Chudnick <sam@chudnick.com>2022-04-17 12:30:41 -0400
committerSam Chudnick <sam@chudnick.com>2022-04-17 12:30:41 -0400
commit313af9efa65641516ae41f1c1ea0549ee445e455 (patch)
tree5eb83f48be0a560f79209f23d2299b671dde4516
parentccc0e036fd52e84ce47af4ad11cb6ecd271309c0 (diff)
Added sections for configuring director, monitoring module, and the web server. Fixed a few mistakes.
Diffstat
-rwxr-xr-xmonitoring/icinga-master99
1 files changed, 67 insertions, 32 deletions
diff --git a/monitoring/icinga-master b/monitoring/icinga-master
index ed82bc5..f8cedd1 100755
--- a/monitoring/icinga-master
+++ b/monitoring/icinga-master
@@ -15,57 +15,60 @@ admin_user="admin"
15admin_password="changeme" 15admin_password="changeme"
16 16
17# Install packages 17# Install packages
18apt install -y incinga2 icingaweb2 icinga2-ido-mysql icingaweb2-module-director \ 18apt install -y icinga2 icingaweb2 icinga2-ido-mysql icingaweb2-module-director \
19 monitoring-plugins monitoring-plugins-contrib 19 monitoring-plugins monitoring-plugins-contrib default-mysql-server
20 20
21# Secure mysql 21# Secure mysql
22mysql_secure_installation 22mysql_secure_installation
23 23
24# Create primary monitoring database 24# Create primary monitoring database
25mysql -u root -e "CREATE DATABASE icinga2; 25echo "Creating IDO database..."
26GRANT SELECT, INSERT, UPDATE, DELETE, DROP, CREATE VIEW, INDEX, EXECUTE 26mysql -u root -e "CREATE DATABASE icinga2; GRANT SELECT, INSERT, UPDATE, DELETE, DROP, CREATE VIEW, INDEX, EXECUTE ON icinga2.* TO '$ido_user'@'localhost' IDENTIFIED BY '$ido_password'; FLUSH PRIVILEGES;"
27ON icinga2.* TO '$ido_user'@'localhost' IDENTIFIED BY '$ido_password'; 27mysql -u root icinga2 </usr/share/icinga2-ido-mysql/schema/mysql.sql
28FLUSH PRIVILEGES; "
29mysql -u root icinga2 </usr/share/icinga2-ido-mysql/scheme/mysql.sql
30echo "library \"db_ido_mysql\" 28echo "library \"db_ido_mysql\"
31object IdoMysqlConnection \"ido-mysql\" { 29object IdoMysqlConnection \"ido-mysql\" {
32 user = \"$ido_user\", 30 user = \"$ido_user\",
33 password = \"$ido_password\", 31 password = \"$ido_password\",
34 host = \"localhost\", 32 host = \"localhost\",
35 databse = \"icinga2\" 33 database = \"icinga2\"
36}" > /etc/icinga2/features-available/ido-mysql.conf 34}" > /etc/icinga2/features-available/ido-mysql.conf
37icinga2 feature enable ido-mysql 35icinga2 feature enable ido-mysql
38 36
39# Create icingaweb2 database 37# Create icingaweb2 database
40mysql -u root -e "CREATE DATABASE icingaweb2; 38echo "Creating icingaweb2 database..."
41GRANT ALL ON icingaweb2.* TO '$icingaweb2_user'@'localhost' 39mysql -u root -e "CREATE DATABASE icingaweb2;GRANT ALL ON icingaweb2.* TO '$icingaweb2_user'@'localhost' IDENTIFIED BY '$icingaweb2_password'; FLUSH PRIVILEGES;"
42IDENTIFIED BY '$icingaweb2_password'; 40mysql icingaweb2 </usr/share/icingaweb2/etc/schema/mysql.schema.sql
43FLUSH PRIVILEGES;"
44mysql icingaweb2 </usr/share/icingaweb2/etc/scheme/mysql.schema.sql
45# Create initial admin user to login to icingaweb2 41# Create initial admin user to login to icingaweb2
46passhash="$(php -r "echo password_hash(\"$admin_password\", PASSWORD_DEFAULT);")" 42passhash="$(php -r "echo password_hash(\"$admin_password\", PASSWORD_DEFAULT);")"
47mysql -u root -e "USE icingaweb2; 43mysql -u root -e "USE icingaweb2; INSERT INTO icingaweb_user (name, active, password_hash) VALUES (\"$admin_user\", 1, \"$passhash\"); FLUSH PRIVILEGES;"
48INSERT INTO icingaweb_user (name, active, password_hash)
49VALUES (\"$admin_user\", 1, \"$passhash\");
50FLUSH PRIVILEGES; "
51 44
52# Create director database 45# Create director database
53mysql -u root -e "CREATE DATABASE director CHARACTER SET 'utf8'; 46echo "Creating director database..."
54GRANT ALL on director.* TO '$director_user'@'localhost' 47mysql -u root -e "CREATE DATABASE director CHARACTER SET 'utf8'; GRANT ALL on director.* TO '$director_user'@'localhost' IDENTIFIED BY '$director_password';FLUSH PRIVILEGES;"
55IDENTIFIED BY '$director_password';
56FLUSH PRIVILEGES;"
57icingacli module enable director
58icingacli director migration run --verbose
59 48
60# Setup API 49# Setup API
50echo "Setting up API..."
61icinga2 api setup 51icinga2 api setup
62 52
63# Restart service 53# Restart service
64systemctl restart icinga2 54systemctl restart icinga2
65 55
56# Configure web server
57websrv=
58webstr=
59[ -d /etc/apache2 ] && websrv="apache" && webstr="apache2"
60[ -d /etc/nginx ] && websrv="nginx" && webstr="nginx"
61sitefile="/etc/$webstr/sites-available/icingaweb2.conf"
62icingacli module enable setup
63icingacli setup config webserver $websrv --file $sitefile
64ln -s $sitefile /etc/$webstr/sites-enabled
65[ "$websrv" = "apache" ] && a2enmod ssl && a2enmod php7.4 && a2enconf icingaweb2 && a2ensite default-ssl.conf
66systemctl restart $webstr
67icingacli module disable setup
66 68
67# -- Icingaweb2 Configuration --
68 69
70# -- Icingaweb2 Configuration --
71echo "Configuring icingaweb2..."
69# Configure authentication 72# Configure authentication
70echo "[icingaweb2] 73echo "[icingaweb2]
71backend = \"db\" 74backend = \"db\"
@@ -76,18 +79,18 @@ resource = \"icingaweb2\"
76echo "[icinga2] 79echo "[icinga2]
77type = \"db\" 80type = \"db\"
78db = \"mysql\" 81db = \"mysql\"
79host \"localhost\" 82host = \"localhost\"
80port = \"\" 83port = \"\"
81dbname = \"icinga2\" 84dbname = \"icinga2\"
82username = \"$icinga2_user\" 85username = \"$ido_user\"
83password = \"$icinga2_password\" 86password = \"$ido_password\"
84charset = \"\" 87charset = \"\"
85use_ssl = \"0\" 88use_ssl = \"0\"
86 89
87[icingaweb2] 90[icingaweb2]
88type = \"db\" 91type = \"db\"
89db = \"mysql\" 92db = \"mysql\"
90host \"localhost\" 93host = \"localhost\"
91port = \"\" 94port = \"\"
92dbname = \"icingaweb2\" 95dbname = \"icingaweb2\"
93username = \"$icingaweb2_user\" 96username = \"$icingaweb2_user\"
@@ -95,10 +98,10 @@ password = \"$icingaweb2_password\"
95charset = \"\" 98charset = \"\"
96use_ssl = \"0\" 99use_ssl = \"0\"
97 100
98[icingaweb2] 101[director]
99type = \"db\" 102type = \"db\"
100db = \"mysql\" 103db = \"mysql\"
101host \"localhost\" 104host = \"localhost\"
102port = \"\" 105port = \"\"
103dbname = \"director\" 106dbname = \"director\"
104username = \"$director_user\" 107username = \"$director_user\"
@@ -112,9 +115,41 @@ echo "[admins]
112users = \"$admin_user\" 115users = \"$admin_user\"
113permissions = \"*\" " > /etc/icingaweb2/roles.ini 116permissions = \"*\" " > /etc/icingaweb2/roles.ini
114 117
118# Configure monitoring module
119echo "Configuring monitoring..."
120echo "[icinga]
121type = \"ido\"
122resource = \"icinga2\"
123" > /etc/icingaweb2/modules/monitoring/backends.ini
124api_pass="$(grep password /etc/icinga2/conf.d/api-users.conf | tr -d ' "' | cut -d '=' -f 2)"
125echo "[icinga2]
126transport = \"api\"
127host = \"$(hostname)\"
128port = \"5665\"
129username = \"root\"
130password = \"$api_pass\"
131" > /etc/icingaweb2/modules/monitoring/commandtransports.ini
132
133echo "[security]
134protected_customvars = \"*pw*,*pass*,*community*\"
135" > /etc/icingaweb2/modules/monitoring/config.ini
136
137
115# Configure director 138# Configure director
139echo "Configuring director..."
116echo "[db] 140echo "[db]
117resource = \"director\" 141resource = \"director\"
118" > /etc/icingaweb2/modules/director/config.ini 142" > /etc/icingaweb2/modules/director/config.ini
119 143icingacli module enable director
120echo "NOW\nBrowse to http://$(hostname)/icingaweb2/ and login as $admin_user" 144icingacli director migration run
145echo "[config]
146endpoint = \"monitoring.home.local\"
147username = \"root\"
148password = \"$api_pass\"
149" > /etc/icingaweb2/modules/director/kickstart.ini
150icingacli director kickstart run
151icingacli director config render
152icingacli director config deploy
153shred -uz /etc/icingaweb2/modules/director/kickstart.ini
154
155echo "\n\nNOW\n\nBrowse to http://$(hostname)/icingaweb2/ and login as $admin_user"