1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
|
#!/bin/sh
#
# Configuration for an Iciniga2 master (with icingaweb2, director, and mysql backend)
ido_user="icinga2"
ido_password="changeme"
icingaweb2_user="icingaweb2"
icingaweb2_password="changeme"
director_user="director"
director_password="changeme"
admin_user="admin"
admin_password="changeme"
# Install packages
apt install -y incinga2 icingaweb2 icinga2-ido-mysql icingaweb2-module-director \
monitoring-plugins monitoring-plugins-contrib
# Secure mysql
mysql_secure_installation
# Create primary monitoring database
mysql -u root -e "CREATE DATABASE icinga2;
GRANT SELECT, INSERT, UPDATE, DELETE, DROP, CREATE VIEW, INDEX, EXECUTE
ON icinga2.* TO '$ido_user'@'localhost' IDENTIFIED BY '$ido_password';
FLUSH PRIVILEGES; "
mysql -u root icinga2 </usr/share/icinga2-ido-mysql/scheme/mysql.sql
echo "library \"db_ido_mysql\"
object IdoMysqlConnection \"ido-mysql\" {
user = \"$ido_user\",
password = \"$ido_password\",
host = \"localhost\",
databse = \"icinga2\"
}" > /etc/icinga2/features-available/ido-mysql.conf
icinga2 feature enable ido-mysql
# Create icingaweb2 database
mysql -u root -e "CREATE DATABASE icingaweb2;
GRANT ALL ON icingaweb2.* TO '$icingaweb2_user'@'localhost'
IDENTIFIED BY '$icingaweb2_password';
FLUSH PRIVILEGES;"
mysql icingaweb2 </usr/share/icingaweb2/etc/scheme/mysql.schema.sql
# Create initial admin user to login to icingaweb2
passhash="$(php -r "echo password_hash(\"$admin_password\", PASSWORD_DEFAULT);")"
mysql -u root -e "USE icingaweb2;
INSERT INTO icingaweb_user (name, active, password_hash)
VALUES (\"$admin_user\", 1, \"$passhash\");
FLUSH PRIVILEGES; "
# Create director database
mysql -u root -e "CREATE DATABASE director CHARACTER SET 'utf8';
GRANT ALL on director.* TO '$director_user'@'localhost'
IDENTIFIED BY '$director_password';
FLUSH PRIVILEGES;"
icingacli module enable director
icingacli director migration run --verbose
# Setup API
icinga2 api setup
# Restart service
systemctl restart icinga2
# -- Icingaweb2 Configuration --
# Configure authentication
echo "[icingaweb2]
backend = \"db\"
resource = \"icingaweb2\"
" > /etc/icingaweb2/authentication.ini
# Configure resources
echo "[icinga2]
type = \"db\"
db = \"mysql\"
host \"localhost\"
port = \"\"
dbname = \"icinga2\"
username = \"$icinga2_user\"
password = \"$icinga2_password\"
charset = \"\"
use_ssl = \"0\"
[icingaweb2]
type = \"db\"
db = \"mysql\"
host \"localhost\"
port = \"\"
dbname = \"icingaweb2\"
username = \"$icingaweb2_user\"
password = \"$icingaweb2_password\"
charset = \"\"
use_ssl = \"0\"
[icingaweb2]
type = \"db\"
db = \"mysql\"
host \"localhost\"
port = \"\"
dbname = \"director\"
username = \"$director_user\"
password = \"$director_password\"
charset = \"utf8\"
use_ssl = \"0\"
" > /etc/icingaweb2/resources.ini
# Configure roles
echo "[admins]
users = \"$admin_user\"
permissions = \"*\" " > /etc/icingaweb2/roles.ini
# Configure director
echo "[db]
resource = \"director\"
" > /etc/icingaweb2/modules/director/config.ini
echo "NOW\nBrowse to http://$(hostname)/icingaweb2/ and login as $admin_user"
|
