blob: c1b7116238bc3bafa4c0d3f410a6b5179fd5005a (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
|
#!/bin/sh
#
# Configures influxdb and configures icinga2 to write data to influxdb
# Assumes that influxdb and icinga master are on the same host
dbname="icinga2"
admin="admin"
adminpass="changeme"
icingauser="icinga2"
icingapass="changeme"
rouser="readonly"
ropass="changeme"
# install packages
apt install -y influxdb influxdb-client ssl-cert
# configure influx
mv /etc/influxdb/influxdb.conf /etc/influxdb/influxdb.conf.orig
# generate self-signed certificate
make-ssl-cert generate-default-snakeoil
usermod -aG ssl-cert influxdb
echo "reporting-enabled = false
[meta]
dir = \"/var/lib/influxdb/meta\"
[data]
dir = \"/var/lib/influxdb/data\"
wal-dir = \"/var/lib/influxdb/wal\"
[coordinator]
[retention]
[shard-precreation]
[monitor]
[http]
enabled = true
bind-address = \":8086\"
auth-enabled = false
https-enabled = true
https-certificate = \"/etc/ssl/certs/ssl-cert-snakeoil.pem\"
https-private-key = \"/etc/ssl/private/ssl-cert-snakeoil.key\"
[ifql]
[logging]
[subscriber]
[[graphite]]
[[collectd]]
[[opentsdb]]
[[udp]]
[continuous_queries]
[tls]
min-version = \"tls1.2\"
" > /etc/influxdb/influxdb.conf
systemctl enable --now influxdb
sleep 2
# create influx database and users
# uses unsafeSsl because of self-signed cert
influx -ssl -unsafeSsl -execute \
"create database $dbname; \
create user $admin with password '$adminpass'; \
create user $icingauser with password '$icingapass'; \
create user $rouser with password '$ropass'; \
grant all to $admin; \
grant write on $dbname to $icingauser; \
grant read on $dbname to $rouser;"
# enable influxdb auth after creation of admin user
sed -i "s/auth-enabled = false/auth-enabled = true/" /etc/influxdb/influxdb.conf
systemctl restart influxdb
# enable and configure influx feature in icinga
icinga2 feature enable influxdb
echo "object InfluxdbWriter \"influxdb\" {
host = \"127.0.0.1\"
port = 8086
username = \"$icingauser\"
password = \"$icingapass\"
ssl_enable = true
database = \"$dbname\"
flush_threshold = 1024
flush_interval = 10s
host_template = {
measurement = \"\$host.check_command$\"
tags = {
hostname = \"\$host.name$\"
}
}
service_template = {
measurement = \"\$service.check_command$\"
tags = {
hostname = \"\$host.name$\"
service = \"\$service.name$\"
}
}
} " > /etc/icinga2/features-available/influxdb.conf
systemctl restart icinga2
|
