1 files changed, 97 insertions, 0 deletions
diff --git a/monitoring/icinga-influx b/monitoring/icinga-influx
new file mode 100755
index 0000000..c1b7116
--- /dev/null
+++ b/monitoring/icinga-influx
@@ -0,0 +1,97 @@
+#!/bin/sh
+#
+# Configures influxdb and configures icinga2 to write data to influxdb
+# Assumes that influxdb and icinga master are on the same host
+dbname="icinga2"
+admin="admin"
+adminpass="changeme"
+icingauser="icinga2"
+icingapass="changeme"
+rouser="readonly"
+ropass="changeme"
+# install packages
+apt install -y influxdb influxdb-client ssl-cert
+# configure influx
+mv /etc/influxdb/influxdb.conf /etc/influxdb/influxdb.conf.orig
+# generate self-signed certificate
+make-ssl-cert generate-default-snakeoil
+usermod -aG ssl-cert influxdb
+echo "reporting-enabled = false
+[meta]
+  dir = \"/var/lib/influxdb/meta\"
+[data]
+  dir = \"/var/lib/influxdb/data\"
+  wal-dir = \"/var/lib/influxdb/wal\"
+[coordinator]
+[retention]
+[shard-precreation]
+[monitor]
+[http]
+  enabled = true
+  bind-address = \":8086\"
+  auth-enabled = false
+  https-enabled = true
+  https-certificate = \"/etc/ssl/certs/ssl-cert-snakeoil.pem\"
+  https-private-key = \"/etc/ssl/private/ssl-cert-snakeoil.key\"
+[ifql]
+[logging]
+[subscriber]
+[[graphite]]
+[[collectd]]
+[[opentsdb]]
+[[udp]]
+[continuous_queries]
+[tls]
+  min-version = \"tls1.2\"
+" > /etc/influxdb/influxdb.conf
+systemctl enable --now influxdb
+sleep 2
+# create influx database and users
+# uses unsafeSsl because of self-signed cert
+influx -ssl -unsafeSsl -execute \
+                "create database $dbname; \
+                create user $admin      with password '$adminpass'; \
+                create user $icingauser with password '$icingapass'; \
+                create user $rouser with password '$ropass'; \
+                grant all to $admin; \
+                grant write on $dbname to $icingauser; \
+                grant read on $dbname to $rouser;"
+# enable influxdb auth after creation of admin user
+sed -i "s/auth-enabled = false/auth-enabled = true/" /etc/influxdb/influxdb.conf
+systemctl restart influxdb
+# enable and configure influx feature in icinga
+icinga2 feature enable influxdb
+echo "object InfluxdbWriter \"influxdb\" {
+  host = \"127.0.0.1\"
+  port = 8086
+  username = \"$icingauser\"
+  password = \"$icingapass\"
+  ssl_enable = true
+  database = \"$dbname\"
+  flush_threshold = 1024
+  flush_interval = 10s
+  host_template = {
+    measurement = \"\$host.check_command$\"
+    tags = {
+      hostname = \"\$host.name$\"
+    }
+  }
+  service_template = {
+    measurement = \"\$service.check_command$\"
+    tags = {
+      hostname = \"\$host.name$\"
+      service = \"\$service.name$\"
+    }
+  }
+} " > /etc/icinga2/features-available/influxdb.conf
+systemctl restart icinga2

diff --git a/monitoring/icinga-influx b/monitoring/icinga-influx new file mode 100755 index 0000000..c1b7116 --- /dev/null +++ b/monitoring/icinga-influx
@@ -0,0 +1,97 @@
	1	#!/bin/sh
	2	#
	3	# Configures influxdb and configures icinga2 to write data to influxdb
	4	# Assumes that influxdb and icinga master are on the same host
	5
	6	dbname="icinga2"
	7	admin="admin"
	8	adminpass="changeme"
	9	icingauser="icinga2"
	10	icingapass="changeme"
	11	rouser="readonly"
	12	ropass="changeme"
	13
	14	# install packages
	15	apt install -y influxdb influxdb-client ssl-cert
	16
	17	# configure influx
	18	mv /etc/influxdb/influxdb.conf /etc/influxdb/influxdb.conf.orig
	19
	20	# generate self-signed certificate
	21	make-ssl-cert generate-default-snakeoil
	22	usermod -aG ssl-cert influxdb
	23
	24	echo "reporting-enabled = false
	25	[meta]
	26	dir = \"/var/lib/influxdb/meta\"
	27	[data]
	28	dir = \"/var/lib/influxdb/data\"
	29	wal-dir = \"/var/lib/influxdb/wal\"
	30	[coordinator]
	31	[retention]
	32	[shard-precreation]
	33	[monitor]
	34	[http]
	35	enabled = true
	36	bind-address = \":8086\"
	37	auth-enabled = false
	38	https-enabled = true
	39	https-certificate = \"/etc/ssl/certs/ssl-cert-snakeoil.pem\"
	40	https-private-key = \"/etc/ssl/private/ssl-cert-snakeoil.key\"
	41	[ifql]
	42	[logging]
	43	[subscriber]
	44	[[graphite]]
	45	[[collectd]]
	46	[[opentsdb]]
	47	[[udp]]
	48	[continuous_queries]
	49	[tls]
	50	min-version = \"tls1.2\"
	51	" > /etc/influxdb/influxdb.conf
	52
	53	systemctl enable --now influxdb
	54	sleep 2
	55
	56	# create influx database and users
	57	# uses unsafeSsl because of self-signed cert
	58	influx -ssl -unsafeSsl -execute \
	59	"create database $dbname; \
	60	create user $admin with password '$adminpass'; \
	61	create user $icingauser with password '$icingapass'; \
	62	create user $rouser with password '$ropass'; \
	63	grant all to $admin; \
	64	grant write on $dbname to $icingauser; \
	65	grant read on $dbname to $rouser;"
	66
	67
	68	# enable influxdb auth after creation of admin user
	69	sed -i "s/auth-enabled = false/auth-enabled = true/" /etc/influxdb/influxdb.conf
	70	systemctl restart influxdb
	71
	72	# enable and configure influx feature in icinga
	73	icinga2 feature enable influxdb
	74	echo "object InfluxdbWriter \"influxdb\" {
	75	host = \"127.0.0.1\"
	76	port = 8086
	77	username = \"$icingauser\"
	78	password = \"$icingapass\"
	79	ssl_enable = true
	80	database = \"$dbname\"
	81	flush_threshold = 1024
	82	flush_interval = 10s
	83	host_template = {
	84	measurement = \"\$host.check_command$\"
	85	tags = {
	86	hostname = \"\$host.name$\"
	87	}
	88	}
	89	service_template = {
	90	measurement = \"\$service.check_command$\"
	91	tags = {
	92	hostname = \"\$host.name$\"
	93	service = \"\$service.name$\"
	94	}
	95	}
	96	} " > /etc/icinga2/features-available/influxdb.conf
	97	systemctl restart icinga2