diff --git a/.gitignore b/.gitignore
index 2767022..3f15512 100644
--- a/.gitignore
+++ b/.gitignore
@@ -16,7 +16,7 @@
/log/
/pkg/
/spec/fixtures/manifests/
-/spec/fixtures/modules/
+/spec/fixtures/modules/*
/tmp/
/vendor/
/convert_report.txt
@@ -25,3 +25,4 @@
.project
.envrc
/inventory.yaml
+/spec/fixtures/litmus_inventory.yaml
diff --git a/.pdkignore b/.pdkignore
index c538bea..584438f 100644
--- a/.pdkignore
+++ b/.pdkignore
@@ -16,7 +16,7 @@
/log/
/pkg/
/spec/fixtures/manifests/
-/spec/fixtures/modules/
+/spec/fixtures/modules/*
/tmp/
/vendor/
/convert_report.txt
@@ -26,20 +26,16 @@
.envrc
/inventory.yaml
/spec/fixtures/litmus_inventory.yaml
-/appveyor.yml
-/.editorconfig
/.fixtures.yml
/Gemfile
/.gitattributes
/.gitignore
-/.gitlab-ci.yml
/.pdkignore
/.puppet-lint.rc
/Rakefile
/rakelib/
/.rspec
-/.rubocop.yml
-/.travis.yml
+/..yml
/.yardopts
/spec/
/.vscode/
diff --git a/.rubocop.yml b/.rubocop.yml
index 2d88620..5be1f9f 100644
--- a/.rubocop.yml
+++ b/.rubocop.yml
@@ -4,7 +4,7 @@ require:
- rubocop-rspec
AllCops:
DisplayCopNames: true
- TargetRubyVersion: '2.5'
+ TargetRubyVersion: '2.6'
Include:
- "**/*.rb"
Exclude:
@@ -21,8 +21,6 @@ AllCops:
Layout/LineLength:
Description: People have wide screens, use them.
Max: 200
-RSpec/EmptyExampleGroup:
- Enabled: false
RSpec/BeforeAfterAll:
Description: Beware of using after(:all) as it may cause state to leak between tests.
A necessary evil in acceptance testing.
@@ -113,8 +111,14 @@ Style/MethodCalledOnDoEndBlock:
Enabled: true
Style/StringMethods:
Enabled: true
+Bundler/GemFilename:
+ Enabled: false
Bundler/InsecureProtocolSource:
Enabled: false
+Capybara/CurrentPathExpectation:
+ Enabled: false
+Capybara/VisibilityMatcher:
+ Enabled: false
Gemspec/DuplicatedAssignment:
Enabled: false
Gemspec/OrderedDependencies:
@@ -289,11 +293,9 @@ Performance/UriDefaultParser:
Enabled: false
RSpec/Be:
Enabled: false
-RSpec/Capybara/CurrentPathExpectation:
- Enabled: false
RSpec/Capybara/FeatureMethods:
Enabled: false
-RSpec/Capybara/VisibilityMatcher:
+RSpec/ContainExactly:
Enabled: false
RSpec/ContextMethod:
Enabled: false
@@ -333,6 +335,8 @@ RSpec/LeakyConstantDeclaration:
Enabled: false
RSpec/LetBeforeExamples:
Enabled: false
+RSpec/MatchArray:
+ Enabled: false
RSpec/MissingExampleGroupArgument:
Enabled: false
RSpec/MultipleExpectations:
@@ -375,8 +379,6 @@ Style/AccessModifierDeclarations:
Enabled: false
Style/AccessorGrouping:
Enabled: false
-Style/AsciiComments:
- Enabled: false
Style/BisectedAttrAccessor:
Enabled: false
Style/CaseLikeIf:
@@ -487,35 +489,235 @@ Style/TrailingMethodEndStatement:
Enabled: false
Style/UnpackFirst:
Enabled: false
+Capybara/MatchStyle:
+ Enabled: false
+Capybara/NegationMatcher:
+ Enabled: false
+Capybara/SpecificActions:
+ Enabled: false
+Capybara/SpecificFinders:
+ Enabled: false
+Capybara/SpecificMatcher:
+ Enabled: false
+Gemspec/DeprecatedAttributeAssignment:
+ Enabled: false
+Gemspec/DevelopmentDependencies:
+ Enabled: false
+Gemspec/RequireMFA:
+ Enabled: false
+Layout/LineContinuationLeadingSpace:
+ Enabled: false
+Layout/LineContinuationSpacing:
+ Enabled: false
+Layout/LineEndStringConcatenationIndentation:
+ Enabled: false
+Layout/SpaceBeforeBrackets:
+ Enabled: false
+Lint/AmbiguousAssignment:
+ Enabled: false
+Lint/AmbiguousOperatorPrecedence:
+ Enabled: false
+Lint/AmbiguousRange:
+ Enabled: false
+Lint/ConstantOverwrittenInRescue:
+ Enabled: false
+Lint/DeprecatedConstants:
+ Enabled: false
Lint/DuplicateBranch:
Enabled: false
+Lint/DuplicateMagicComment:
+ Enabled: false
Lint/DuplicateRegexpCharacterClassElement:
Enabled: false
Lint/EmptyBlock:
Enabled: false
Lint/EmptyClass:
Enabled: false
+Lint/EmptyInPattern:
+ Enabled: false
+Lint/IncompatibleIoSelectWithFiberScheduler:
+ Enabled: false
+Lint/LambdaWithoutLiteralBlock:
+ Enabled: false
Lint/NoReturnInBeginEndBlocks:
Enabled: false
+Lint/NonAtomicFileOperation:
+ Enabled: false
+Lint/NumberedParameterAssignment:
+ Enabled: false
+Lint/OrAssignmentToConstant:
+ Enabled: false
+Lint/RedundantDirGlobSort:
+ Enabled: false
+Lint/RefinementImportMethods:
+ Enabled: false
+Lint/RequireRangeParentheses:
+ Enabled: false
+Lint/RequireRelativeSelfPath:
+ Enabled: false
+Lint/SymbolConversion:
+ Enabled: false
Lint/ToEnumArguments:
Enabled: false
+Lint/TripleQuotes:
+ Enabled: false
Lint/UnexpectedBlockArity:
Enabled: false
Lint/UnmodifiedReduceAccumulator:
Enabled: false
+Lint/UselessRescue:
+ Enabled: false
+Lint/UselessRuby2Keywords:
+ Enabled: false
+Metrics/CollectionLiteralLength:
+ Enabled: false
+Naming/BlockForwarding:
+ Enabled: false
Performance/CollectionLiteralInLoop:
Enabled: false
+Performance/ConcurrentMonotonicTime:
+ Enabled: false
+Performance/MapCompact:
+ Enabled: false
+Performance/RedundantEqualityComparisonBlock:
+ Enabled: false
+Performance/RedundantSplitRegexpArgument:
+ Enabled: false
+Performance/StringIdentifierArgument:
+ Enabled: false
+RSpec/BeEq:
+ Enabled: false
+RSpec/BeNil:
+ Enabled: false
+RSpec/ChangeByZero:
+ Enabled: false
+RSpec/ClassCheck:
+ Enabled: false
+RSpec/DuplicatedMetadata:
+ Enabled: false
+RSpec/ExcessiveDocstringSpacing:
+ Enabled: false
+RSpec/FactoryBot/ConsistentParenthesesStyle:
+ Enabled: false
+RSpec/FactoryBot/FactoryNameStyle:
+ Enabled: false
+RSpec/FactoryBot/SyntaxMethods:
+ Enabled: false
+RSpec/IdenticalEqualityAssertion:
+ Enabled: false
+RSpec/NoExpectationExample:
+ Enabled: false
+RSpec/PendingWithoutReason:
+ Enabled: false
+RSpec/Rails/AvoidSetupHook:
+ Enabled: false
+RSpec/Rails/HaveHttpStatus:
+ Enabled: false
+RSpec/Rails/InferredSpecType:
+ Enabled: false
+RSpec/Rails/MinitestAssertions:
+ Enabled: false
+RSpec/Rails/TravelAround:
+ Enabled: false
+RSpec/RedundantAround:
+ Enabled: false
+RSpec/SkipBlockInsideExample:
+ Enabled: false
+RSpec/SortMetadata:
+ Enabled: false
+RSpec/SubjectDeclaration:
+ Enabled: false
+RSpec/VerifiedDoubleReference:
+ Enabled: false
+Security/CompoundHash:
+ Enabled: false
+Security/IoMethods:
+ Enabled: false
Style/ArgumentsForwarding:
Enabled: false
+Style/ArrayIntersect:
+ Enabled: false
Style/CollectionCompact:
Enabled: false
+Style/ComparableClamp:
+ Enabled: false
+Style/ConcatArrayLiterals:
+ Enabled: false
+Style/DirEmpty:
+ Enabled: false
Style/DocumentDynamicEvalDefinition:
Enabled: false
+Style/EmptyHeredoc:
+ Enabled: false
+Style/EndlessMethod:
+ Enabled: false
+Style/EnvHome:
+ Enabled: false
+Style/FetchEnvVar:
+ Enabled: false
+Style/FileEmpty:
+ Enabled: false
+Style/FileRead:
+ Enabled: false
+Style/FileWrite:
+ Enabled: false
+Style/HashConversion:
+ Enabled: false
+Style/HashExcept:
+ Enabled: false
+Style/IfWithBooleanLiteralBranches:
+ Enabled: false
+Style/InPatternThen:
+ Enabled: false
+Style/MagicCommentFormat:
+ Enabled: false
+Style/MapCompactWithConditionalBlock:
+ Enabled: false
+Style/MapToHash:
+ Enabled: false
+Style/MapToSet:
+ Enabled: false
+Style/MinMaxComparison:
+ Enabled: false
+Style/MultilineInPatternThen:
+ Enabled: false
Style/NegatedIfElseCondition:
Enabled: false
+Style/NestedFileDirname:
+ Enabled: false
Style/NilLambda:
Enabled: false
+Style/NumberedParameters:
+ Enabled: false
+Style/NumberedParametersLimit:
+ Enabled: false
+Style/ObjectThen:
+ Enabled: false
+Style/OpenStructUse:
+ Enabled: false
+Style/OperatorMethodCall:
+ Enabled: false
+Style/QuotedSymbols:
+ Enabled: false
Style/RedundantArgument:
Enabled: false
+Style/RedundantConstantBase:
+ Enabled: false
+Style/RedundantDoubleSplatHashBraces:
+ Enabled: false
+Style/RedundantEach:
+ Enabled: false
+Style/RedundantHeredocDelimiterQuotes:
+ Enabled: false
+Style/RedundantInitialize:
+ Enabled: false
+Style/RedundantSelfAssignmentBranch:
+ Enabled: false
+Style/RedundantStringEscape:
+ Enabled: false
+Style/SelectByRegexp:
+ Enabled: false
+Style/StringChars:
+ Enabled: false
Style/SwapValues:
Enabled: false
diff --git a/CHANGELOG.md b/CHANGELOG.md
index ea6c44b..2f15b2f 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,6 +1,50 @@
-# Change Log
+# Changelog
+
+## [v4.1.1](https://github.com/icinga/puppet-icinga/tree/v4.1.1) (2023-12-21)
+
+[Full Changelog](https://github.com/icinga/puppet-icinga/compare/v4.1.0...v4.1.1)
+
+**Fixed bugs:**
+
+- Add PostgreSQL 15 support [\#100](https://github.com/Icinga/puppet-icinga/issues/100)
+
+**Closed issues:**
+
+- Add example for an Icinga HA and TLS based with dedicated MariaDB/MySQL and Icinga Web [\#101](https://github.com/Icinga/puppet-icinga/issues/101)
+
+## [v4.1.0](https://github.com/icinga/puppet-icinga/tree/v4.1.0) (2023-11-28)
+
+[Full Changelog](https://github.com/icinga/puppet-icinga/compare/v4.0.0...v4.1.0)
+
+**Implemented enhancements:**
+
+- Add feature to add additional zones to server and workers e.g. for cascading satellites [\#99](https://github.com/Icinga/puppet-icinga/issues/99)
+- Add order to global zones to have them at the end of the file zones.conf [\#98](https://github.com/Icinga/puppet-icinga/issues/98)
+
+## [v4.0.0](https://github.com/icinga/puppet-icinga/tree/v4.0.0) (2023-11-23)
+
+[Full Changelog](https://github.com/icinga/puppet-icinga/compare/v3.2.1...v4.0.0)
+
+**Implemented enhancements:**
+
+- Fix the icingaweb2 modules to run with older puppet-icingaweb2 than 4… [\#95](https://github.com/Icinga/puppet-icinga/pull/95) ([lbetz](https://github.com/lbetz))
+- Add new parameter to mange a additional config dir like conf.d [\#94](https://github.com/Icinga/puppet-icinga/pull/94) ([lbetz](https://github.com/lbetz))
+- Add Puppet 8 Support [\#93](https://github.com/Icinga/puppet-icinga/pull/93) ([lbetz](https://github.com/lbetz))
+- Add x509 module support [\#87](https://github.com/Icinga/puppet-icinga/pull/87) ([lbetz](https://github.com/lbetz))
+
+**Fixed bugs:**
+
+- Add missing grants on mysql Ido database for idoreports [\#97](https://github.com/Icinga/puppet-icinga/issues/97)
+- mysql:db above 13.1.0 requires an array for the tis\_options [\#91](https://github.com/Icinga/puppet-icinga/issues/91)
+- Fix some issues if tls and noverify for mariadb/mysql [\#96](https://github.com/Icinga/puppet-icinga/pull/96) ([lbetz](https://github.com/lbetz))
+
+**Closed issues:**
+
+- Add classes to manage pdfexports [\#46](https://github.com/Icinga/puppet-icinga/issues/46)
+- Drop Puppet 6 Support [\#90](https://github.com/Icinga/puppet-icinga/issues/90)
## [v3.2.1](https://github.com/icinga/puppet-icinga/tree/v3.2.1) (2023-04-15)
+
[Full Changelog](https://github.com/icinga/puppet-icinga/compare/v3.2.0...v3.2.1)
**Fixed bugs:**
@@ -8,6 +52,7 @@
- Fix db\_charset \(UTF8\) for the web-icingadb resource [\#86](https://github.com/Icinga/puppet-icinga/pull/86) ([lbetz](https://github.com/lbetz))
## [v3.2.0](https://github.com/icinga/puppet-icinga/tree/v3.2.0) (2023-03-10)
+
[Full Changelog](https://github.com/icinga/puppet-icinga/compare/v3.1.1...v3.2.0)
**Implemented enhancements:**
@@ -20,6 +65,7 @@
- Remove handling of PHP extensions [\#83](https://github.com/Icinga/puppet-icinga/pull/83) ([lbetz](https://github.com/lbetz))
## [v3.1.1](https://github.com/icinga/puppet-icinga/tree/v3.1.1) (2023-03-05)
+
[Full Changelog](https://github.com/icinga/puppet-icinga/compare/v3.1.0...v3.1.1)
**Fixed bugs:**
@@ -27,6 +73,7 @@
- Install citext extension via contrib class [\#82](https://github.com/Icinga/puppet-icinga/pull/82) ([lbetz](https://github.com/lbetz))
## [v3.1.0](https://github.com/icinga/puppet-icinga/tree/v3.1.0) (2023-03-05)
+
[Full Changelog](https://github.com/icinga/puppet-icinga/compare/v3.0.1...v3.1.0)
**Implemented enhancements:**
@@ -46,6 +93,7 @@
- Remove setting of default db ports in modules [\#76](https://github.com/Icinga/puppet-icinga/pull/76) ([lbetz](https://github.com/lbetz))
## [v3.0.1](https://github.com/icinga/puppet-icinga/tree/v3.0.1) (2023-02-02)
+
[Full Changelog](https://github.com/icinga/puppet-icinga/compare/v3.0.0...v3.0.1)
**Fixed bugs:**
@@ -53,6 +101,7 @@
- Fix php extentions mysql and process [\#75](https://github.com/Icinga/puppet-icinga/pull/75) ([lbetz](https://github.com/lbetz))
## [v3.0.0](https://github.com/icinga/puppet-icinga/tree/v3.0.0) (2023-01-31)
+
[Full Changelog](https://github.com/icinga/puppet-icinga/compare/v2.9.1...v3.0.0)
**Implemented enhancements:**
@@ -67,6 +116,7 @@
- Add example for using the Icinga Subscription Repo [\#69](https://github.com/Icinga/puppet-icinga/issues/69)
## [v2.9.1](https://github.com/icinga/puppet-icinga/tree/v2.9.1) (2023-01-02)
+
[Full Changelog](https://github.com/icinga/puppet-icinga/compare/v2.9.0...v2.9.1)
**Fixed bugs:**
@@ -75,6 +125,7 @@
- error: Could not find template 'icinga/apache\_custom\_default.conf' [\#70](https://github.com/Icinga/puppet-icinga/issues/70)
## [v2.9.0](https://github.com/icinga/puppet-icinga/tree/v2.9.0) (2022-12-27)
+
[Full Changelog](https://github.com/icinga/puppet-icinga/compare/v2.8.0...v2.9.0)
**Implemented enhancements:**
@@ -84,6 +135,7 @@
- Add param manage\_crb to class icinga::repos [\#68](https://github.com/Icinga/puppet-icinga/pull/68) ([lbetz](https://github.com/lbetz))
## [v2.8.0](https://github.com/icinga/puppet-icinga/tree/v2.8.0) (2022-07-26)
+
[Full Changelog](https://github.com/icinga/puppet-icinga/compare/v2.7.1...v2.8.0)
**Implemented enhancements:**
@@ -97,6 +149,7 @@
- Support Alma and Rocky Linux [\#55](https://github.com/Icinga/puppet-icinga/issues/55)
## [v2.7.1](https://github.com/icinga/puppet-icinga/tree/v2.7.1) (2022-05-30)
+
[Full Changelog](https://github.com/icinga/puppet-icinga/compare/v2.7.0...v2.7.1)
**Fixed bugs:**
@@ -104,6 +157,7 @@
- Fix unsupported apache feature CGIPassAuth for older version like on RHEL7 [\#58](https://github.com/Icinga/puppet-icinga/issues/58)
## [v2.7.0](https://github.com/icinga/puppet-icinga/tree/v2.7.0) (2022-03-08)
+
[Full Changelog](https://github.com/icinga/puppet-icinga/compare/v2.6.1...v2.7.0)
**Implemented enhancements:**
@@ -117,6 +171,7 @@
- Remove management of Fedora's EPEL from OracleLinux [\#56](https://github.com/Icinga/puppet-icinga/issues/56)
## [v2.6.1](https://github.com/icinga/puppet-icinga/tree/v2.6.1) (2022-01-14)
+
[Full Changelog](https://github.com/icinga/puppet-icinga/compare/v2.6.0...v2.6.1)
**Fixed bugs:**
@@ -125,6 +180,7 @@
- Add missing mime apache module [\#52](https://github.com/Icinga/puppet-icinga/issues/52)
## [v2.6.0](https://github.com/icinga/puppet-icinga/tree/v2.6.0) (2022-01-05)
+
[Full Changelog](https://github.com/icinga/puppet-icinga/compare/v2.5.0...v2.6.0)
**Implemented enhancements:**
@@ -132,11 +188,8 @@
- Add management of module fileshipper to director class [\#51](https://github.com/Icinga/puppet-icinga/issues/51)
- Update to https repos for Debian [\#50](https://github.com/Icinga/puppet-icinga/issues/50)
-**Fixed bugs:**
-
-- Update to https repos for Debian [\#50](https://github.com/Icinga/puppet-icinga/issues/50)
-
## [v2.5.0](https://github.com/icinga/puppet-icinga/tree/v2.5.0) (2021-12-03)
+
[Full Changelog](https://github.com/icinga/puppet-icinga/compare/v2.4.2...v2.5.0)
**Implemented enhancements:**
@@ -150,6 +203,7 @@
- Idempotency of icinga::web::director is broken [\#44](https://github.com/Icinga/puppet-icinga/issues/44)
## [v2.4.2](https://github.com/icinga/puppet-icinga/tree/v2.4.2) (2021-12-01)
+
[Full Changelog](https://github.com/icinga/puppet-icinga/compare/v2.4.1...v2.4.2)
**Fixed bugs:**
@@ -157,6 +211,7 @@
- set import\_schema in web class to hiera lookup [\#34](https://github.com/Icinga/puppet-icinga/issues/34)
## [v2.4.1](https://github.com/icinga/puppet-icinga/tree/v2.4.1) (2021-11-05)
+
[Full Changelog](https://github.com/icinga/puppet-icinga/compare/v2.4.0...v2.4.1)
**Fixed bugs:**
@@ -164,6 +219,7 @@
- Debian Bullseye support is broken [\#43](https://github.com/Icinga/puppet-icinga/issues/43)
## [v2.4.0](https://github.com/icinga/puppet-icinga/tree/v2.4.0) (2021-11-05)
+
[Full Changelog](https://github.com/icinga/puppet-icinga/compare/v2.3.3...v2.4.0)
**Implemented enhancements:**
@@ -173,6 +229,7 @@
- Add director support [\#38](https://github.com/Icinga/puppet-icinga/issues/38)
## [v2.3.3](https://github.com/icinga/puppet-icinga/tree/v2.3.3) (2021-09-03)
+
[Full Changelog](https://github.com/icinga/puppet-icinga/compare/v2.3.2...v2.3.3)
**Fixed bugs:**
@@ -180,6 +237,7 @@
- Namespace function postgresql::postgresql\_password does not work on Puppet 5 [\#36](https://github.com/Icinga/puppet-icinga/issues/36)
## [v2.3.2](https://github.com/icinga/puppet-icinga/tree/v2.3.2) (2021-08-17)
+
[Full Changelog](https://github.com/icinga/puppet-icinga/compare/v2.3.1...v2.3.2)
**Fixed bugs:**
@@ -187,6 +245,7 @@
- using data types of another module breaks puppet 5 compatibility [\#35](https://github.com/Icinga/puppet-icinga/issues/35)
## [v2.3.1](https://github.com/icinga/puppet-icinga/tree/v2.3.1) (2021-06-21)
+
[Full Changelog](https://github.com/icinga/puppet-icinga/compare/v2.3.0...v2.3.1)
**Fixed bugs:**
@@ -194,6 +253,7 @@
- NETWAYS repos named the suffix -release by there packages [\#33](https://github.com/Icinga/puppet-icinga/issues/33)
## [v2.3.0](https://github.com/icinga/puppet-icinga/tree/v2.3.0) (2021-06-05)
+
[Full Changelog](https://github.com/icinga/puppet-icinga/compare/v2.2.0...v2.3.0)
**Implemented enhancements:**
@@ -208,6 +268,7 @@
- Option to switch off the package management on windows [\#27](https://github.com/Icinga/puppet-icinga/issues/27)
## [v2.2.0](https://github.com/icinga/puppet-icinga/tree/v2.2.0) (2021-05-19)
+
[Full Changelog](https://github.com/icinga/puppet-icinga/compare/v2.1.4...v2.2.0)
**Implemented enhancements:**
@@ -217,6 +278,7 @@
- Add management of extra packages [\#17](https://github.com/Icinga/puppet-icinga/issues/17)
## [v2.1.4](https://github.com/icinga/puppet-icinga/tree/v2.1.4) (2021-05-04)
+
[Full Changelog](https://github.com/icinga/puppet-icinga/compare/v2.1.3...v2.1.4)
**Fixed bugs:**
@@ -224,6 +286,7 @@
- Broken dependency for yumrepos [\#22](https://github.com/Icinga/puppet-icinga/issues/22)
## [v2.1.3](https://github.com/icinga/puppet-icinga/tree/v2.1.3) (2021-05-04)
+
[Full Changelog](https://github.com/icinga/puppet-icinga/compare/v2.1.2...v2.1.3)
**Fixed bugs:**
@@ -232,6 +295,7 @@
- manage\_epel do not work [\#20](https://github.com/Icinga/puppet-icinga/issues/20)
## [v2.1.2](https://github.com/icinga/puppet-icinga/tree/v2.1.2) (2021-04-26)
+
[Full Changelog](https://github.com/icinga/puppet-icinga/compare/v2.1.1...v2.1.2)
**Fixed bugs:**
@@ -239,6 +303,7 @@
- Setting config\_server manage a zones directory named zone [\#18](https://github.com/Icinga/puppet-icinga/issues/18)
## [v2.1.1](https://github.com/icinga/puppet-icinga/tree/v2.1.1) (2021-04-26)
+
[Full Changelog](https://github.com/icinga/puppet-icinga/compare/v2.1.0...v2.1.1)
**Fixed bugs:**
@@ -246,6 +311,7 @@
- Setting manage for any repo does not work [\#16](https://github.com/Icinga/puppet-icinga/issues/16)
## [v2.1.0](https://github.com/icinga/puppet-icinga/tree/v2.1.0) (2021-04-24)
+
[Full Changelog](https://github.com/icinga/puppet-icinga/compare/v2.0.0...v2.1.0)
**Implemented enhancements:**
@@ -262,6 +328,7 @@
- Duplicate declaration: Yumrepo\[epel\] is already declared [\#9](https://github.com/Icinga/puppet-icinga/issues/9)
## [v2.0.0](https://github.com/icinga/puppet-icinga/tree/v2.0.0) (2021-01-11)
+
[Full Changelog](https://github.com/icinga/puppet-icinga/compare/v1.0.3...v2.0.0)
**Fixed bugs:**
@@ -273,6 +340,7 @@
- Add Dependency to puppet-redis [\#8](https://github.com/Icinga/puppet-icinga/issues/8)
## [v1.0.3](https://github.com/icinga/puppet-icinga/tree/v1.0.3) (2020-10-22)
+
[Full Changelog](https://github.com/icinga/puppet-icinga/compare/v1.0.2...v1.0.3)
**Fixed bugs:**
@@ -280,6 +348,7 @@
- fix gpgkey for epel EL8 [\#5](https://github.com/Icinga/puppet-icinga/pull/5) ([lbetz](https://github.com/lbetz))
## [v1.0.2](https://github.com/icinga/puppet-icinga/tree/v1.0.2) (2020-10-13)
+
[Full Changelog](https://github.com/icinga/puppet-icinga/compare/v0.1.2...v1.0.2)
**Implemented enhancements:**
@@ -292,12 +361,17 @@
- correct fixtures and metadata [\#4](https://github.com/Icinga/puppet-icinga/issues/4)
## [v0.1.2](https://github.com/icinga/puppet-icinga/tree/v0.1.2) (2020-04-21)
+
[Full Changelog](https://github.com/icinga/puppet-icinga/compare/v0.1.1...v0.1.2)
## [v0.1.1](https://github.com/icinga/puppet-icinga/tree/v0.1.1) (2020-04-20)
+
[Full Changelog](https://github.com/icinga/puppet-icinga/compare/v0.1.0...v0.1.1)
## [v0.1.0](https://github.com/icinga/puppet-icinga/tree/v0.1.0) (2020-04-20)
+[Full Changelog](https://github.com/icinga/puppet-icinga/compare/fad739989bd9c9133abffd39e0d7deb75797de06...v0.1.0)
+
+
-\* *This Change Log was automatically generated by [github_changelog_generator](https://github.com/skywinder/Github-Changelog-Generator)*
\ No newline at end of file
+\* *This Changelog was automatically generated by [github_changelog_generator](https://github.com/github-changelog-generator/github-changelog-generator)*
diff --git a/Gemfile b/Gemfile
index fc28658..864c168 100644
--- a/Gemfile
+++ b/Gemfile
@@ -13,22 +13,34 @@ def location_for(place_or_version, fake_version = nil)
end
end
-ruby_version_segments = Gem::Version.new(RUBY_VERSION.dup).segments
-minor_version = ruby_version_segments[0..1].join('.')
-
group :development do
- gem "json", '= 2.0.4', require: false if Gem::Requirement.create('~> 2.4.2').satisfied_by?(Gem::Version.new(RUBY_VERSION.dup))
- gem "json", '= 2.1.0', require: false if Gem::Requirement.create(['>= 2.5.0', '< 2.7.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup))
- gem "json", '= 2.3.0', require: false if Gem::Requirement.create(['>= 2.7.0', '< 2.8.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup))
- gem "puppet-module-posix-default-r#{minor_version}", '~> 1.0', require: false, platforms: [:ruby]
- gem "puppet-module-posix-dev-r#{minor_version}", '~> 1.0', require: false, platforms: [:ruby]
- gem "puppet-module-win-default-r#{minor_version}", '~> 1.0', require: false, platforms: [:mswin, :mingw, :x64_mingw]
- gem "puppet-module-win-dev-r#{minor_version}", '~> 1.0', require: false, platforms: [:mswin, :mingw, :x64_mingw]
- gem "voxpupuli-puppet-lint-plugins", '>= 3.0', require: false
+ gem "json", '= 2.1.0', require: false if Gem::Requirement.create(['>= 2.5.0', '< 2.7.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup))
+ gem "json", '= 2.3.0', require: false if Gem::Requirement.create(['>= 2.7.0', '< 3.0.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup))
+ gem "json", '= 2.5.1', require: false if Gem::Requirement.create(['>= 3.0.0', '< 3.0.5']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup))
+ gem "json", '= 2.6.1', require: false if Gem::Requirement.create(['>= 3.1.0', '< 3.1.3']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup))
+ gem "json", '= 2.6.3', require: false if Gem::Requirement.create(['>= 3.2.0', '< 4.0.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup))
+ gem "racc", '~> 1.4.0', require: false if Gem::Requirement.create(['>= 2.7.0', '< 3.0.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup))
+ gem "voxpupuli-puppet-lint-plugins", '~> 5.0', require: false
+ gem "facterdb", '~> 1.18', require: false
+ gem "metadata-json-lint", '~> 3.0', require: false
+ gem "puppetlabs_spec_helper", '~> 6.0', require: false
+ gem "rspec-puppet-facts", '~> 2.0', require: false
+ gem "codecov", '~> 0.2', require: false
+ gem "dependency_checker", '~> 1.0.0', require: false
+ gem "parallel_tests", '= 3.12.1', require: false
+ gem "pry", '~> 0.10', require: false
+ gem "simplecov-console", '~> 0.5', require: false
+ gem "puppet-debugger", '~> 1.0', require: false
+ gem "rubocop", '= 1.48.1', require: false
+ gem "rubocop-performance", '= 1.16.0', require: false
+ gem "rubocop-rspec", '= 2.19.0', require: false
+ gem "puppet-strings", '~> 4.0', require: false
+ gem "rb-readline", '= 0.5.5', require: false, platforms: [:mswin, :mingw, :x64_mingw]
+ gem "concurrent-ruby", '< 1.2.0', require: false
end
group :system_tests do
- gem "puppet-module-posix-system-r#{minor_version}", '~> 1.0', require: false, platforms: [:ruby]
- gem "puppet-module-win-system-r#{minor_version}", '~> 1.0', require: false, platforms: [:mswin, :mingw, :x64_mingw]
+ gem "puppet_litmus", '~> 1.0', require: false, platforms: [:ruby, :x64_mingw]
+ gem "serverspec", '~> 2.41', require: false
end
puppet_version = ENV['PUPPET_GEM_VERSION']
diff --git a/README.md b/README.md
index 1a0d9a6..cb6e097 100644
--- a/README.md
+++ b/README.md
@@ -84,15 +84,14 @@ git checkout v2.5.0
The class supports:
-* [puppet] >= 6.0 < 8.0
+* [puppet] >= 7.0 < 9.0
And requiers:
-* [puppetlabs/stdlib] >= 5.1.0
-* [puppetlabs/apt] >= 6.0.0
-* [puppet/zypprepo] >= 2.2.1
-* [puppetlabs/yumrepo_core] >= 1.0.0
-* [puppet/redis] >= 7.0.0
+* [puppetlabs/stdlib] >= 6.6.0 < 10.0.0
+* [puppetlabs/apt] >= 7.7.0 < 10.0.0
+* [puppet/zypprepo] >= 4.0.0 < 6.0.0
+* [puppetlabs/yumrepo_core] >= 1.1.0 < 3.0.0
By default the upstream Icinga repository for stable release are involved.
```
@@ -214,11 +213,11 @@ apt::backports::location: 'https://archive.debian.org/debian'
The class supports:
-* [puppet] >= 6.0 < 8.0
+* [puppet] >= 7.0 < 9.0
And requiers:
-* [icinga/icinga2] >= 2.0.0 < 4.0.0
+* [icinga/icinga2] >= 3.1.0 < 5.0.0
Setting up a Icinga Server with a CA and to store configuration:
@@ -276,14 +275,14 @@ NOTICE: To switch off the package installation via chocolatey on windows, `icing
The class supports:
-* [puppet] >= 6.0 < 8.0
+* [puppet] >= 7.0 < 9.0
Ands requires:
-* [puppetlabs/mysql] >= 6.0.0 =< 13.1.0
-* [puppetlabs/postgresql] >= 7.0.0
-* [icinga/icinga2] >= 2.0.0 < 4.0.0
-* [icinga/icingadb] >= 1.0.0 < 2.0.0
+* [puppetlabs/mysql] >= 10.9.0 =< 16.0.0
+* [puppetlabs/postgresql] >= 7.0.0 < 11.0.0
+* [icinga/icinga2] >= 2.9.0 < 5.0.0
+* [icinga/icingadb] >= 1.0.0 < 3.0.0
To activate and configure the IcingaDB (usally on a server) do:
@@ -304,13 +303,13 @@ Setting `manage_database` to `true` also setups a database as specified in `db_t
The class supports:
-* [puppet] >= 6.0 < 8.0
+* [puppet] >= 7.0 < 9.0
Ands requires:
-* [puppetlabs/mysql] >= 6.0.0 =< 13.1.0
-* [puppetlabs/postgresql] >= 7.0.0
-* [icinga/icinga2] >= 2.0.0 < 4.0.0
+* [puppetlabs/mysql] >= 10.9.0 =< 16.0.0
+* [puppetlabs/postgresql] >= 7.0.0 < 11.0.0
+* [icinga/icinga2] >= 2.9.0 < 5.0.0
To activate and configure the IDO feature (usally on a server) do:
@@ -329,16 +328,16 @@ Setting `manage_database` to `true` also setups a database as specified in `db_t
The class supports:
-* [puppet] >= 6.0 < 8.0
+* [puppet] >= 7.0 < 9.0
And requires:
-* [puppetlabs/mysql] >= 6.0.0 =< 13.1.0
-* [puppetlabs/postgresql] >= 7.0.0
-* [puppetlabs/apache] >= 3.0.0
-* [puppet/php] >= 8.0.0
-* [icinga/icinga2] >= 2.0.0
-* [icinga/icingaweb2] >= 2.0.0
+* [puppetlabs/mysql] >= 10.9.0 =< 16.0.0
+* [puppetlabs/postgresql] >= 7.0.0 < 11.0.0
+* [icinga/icingaweb2] >= 3.6.0 < 5.0.0
+* [icinga/icinga2] >= 2.9.0 < 5.0.0
+* [puppetlabs/apache] >= 5.8.0 < 12.0.0
+* [puppet/php] >= 8.0.0 < 11.0.0
A Icinga Web 2 with an Apache and PHP-FPM can be managed as follows:
@@ -409,14 +408,6 @@ In this example the Icinga server is running on the same Host like the web and t
#### icinga::web::vspheredb
-The class supports:
-
-* [puppet] >= 6.0 < 8.0
-
-And required in addition to `icinga::web`:
-
-* [icinga/icingaweb2] >= 3.2.0
-
The following example sets up the `vspheredb` Icinga Web 2 module and the required database. At this time only MySQL/MariaDB is support by the Icinga team, so this class also supports only `mysql`.
```
@@ -432,11 +423,13 @@ class { 'icinga::web::vspheredb':
The class supports:
-* [puppet] >= 6.0 < 8.0
+* [puppet] >= 7.0 < 9.0
And required in addition to `icinga::web::icingadb` or `icinga::web::monitoring`:
-* [icinga/icingaweb2] >= 3.7.0
+* [puppetlabs/mysql] >= 10.9.0 =< 16.0.0
+* [puppetlabs/postgresql] >= 7.0.0 < 11.0.0
+* [icinga/icingaweb2] >= 3.7.0 < 5.0.0
An example to setup reporting and the required database:
diff --git a/REFERENCE.md b/REFERENCE.md
index 2c23815..4db1767 100644
--- a/REFERENCE.md
+++ b/REFERENCE.md
@@ -8,26 +8,28 @@
#### Public Classes
-* [`icinga::agent`](#icingaagent): Setup a Icinga agent.
-* [`icinga::db`](#icingadb)
-* [`icinga::db::database`](#icingadbdatabase): Setup database for IcingaDB.
-* [`icinga::ido`](#icingaido): Configure IDO Backend.
-* [`icinga::ido::database`](#icingaidodatabase): Configure IDO backend database.
-* [`icinga::redis`](#icingaredis): Base class for all redis owned by Icinga.
-* [`icinga::repos`](#icingarepos): This class manages the stages stable, testing and snapshot of packages.icinga.com repository and depending on the operating system platform s
-* [`icinga::server`](#icingaserver): Setup a Icinga server.
-* [`icinga::web`](#icingaweb): Setup Icinga Web 2 including a database backend for user settings,
+* [`icinga::agent`](#icinga--agent): Setup a Icinga agent.
+* [`icinga::db`](#icinga--db)
+* [`icinga::db::database`](#icinga--db--database): Setup database for IcingaDB.
+* [`icinga::ido`](#icinga--ido): Configure IDO Backend.
+* [`icinga::ido::database`](#icinga--ido--database): Configure IDO backend database.
+* [`icinga::redis`](#icinga--redis): Base class for all redis owned by Icinga.
+* [`icinga::repos`](#icinga--repos): This class manages the stages stable, testing and snapshot of packages.icinga.com repository and depending on the operating system platform s
+* [`icinga::server`](#icinga--server): Setup a Icinga server.
+* [`icinga::web`](#icinga--web): Setup Icinga Web 2 including a database backend for user settings,
PHP and a Webserver.
-* [`icinga::web::database`](#icingawebdatabase): Setup Icinga Web 2 database for user settings.
-* [`icinga::web::director`](#icingawebdirector): Setup Director module for Icinga Web 2
-* [`icinga::web::director::database`](#icingawebdirectordatabase): Setup Director database.
-* [`icinga::web::icingadb`](#icingawebicingadb): Setup IcingaDB module for the new backend.
-* [`icinga::web::monitoring`](#icingawebmonitoring): Setup Monitoring module for the IDO backend.
-* [`icinga::web::reporting`](#icingawebreporting): Setup the reporting module for Icinga Web 2
-* [`icinga::web::reporting::database`](#icingawebreportingdatabase): Setup the reporting database.
-* [`icinga::web::vspheredb`](#icingawebvspheredb): Setup VSphereDB module for Icinga Web 2
-* [`icinga::web::vspheredb::database`](#icingawebvspheredbdatabase): Setup VSphereDB database.
-* [`icinga::worker`](#icingaworker): Setup a Icinga worker (aka satellite).
+* [`icinga::web::database`](#icinga--web--database): Setup Icinga Web 2 database for user settings.
+* [`icinga::web::director`](#icinga--web--director): Setup Director module for Icinga Web 2
+* [`icinga::web::director::database`](#icinga--web--director--database): Setup Director database.
+* [`icinga::web::icingadb`](#icinga--web--icingadb): Setup IcingaDB module for the new backend.
+* [`icinga::web::monitoring`](#icinga--web--monitoring): Setup Monitoring module for the IDO backend.
+* [`icinga::web::reporting`](#icinga--web--reporting): Setup the reporting module for Icinga Web 2
+* [`icinga::web::reporting::database`](#icinga--web--reporting--database): Setup the reporting database.
+* [`icinga::web::vspheredb`](#icinga--web--vspheredb): Setup VSphereDB module for Icinga Web 2
+* [`icinga::web::vspheredb::database`](#icinga--web--vspheredb--database): Setup VSphereDB database.
+* [`icinga::web::x509`](#icinga--web--x509): Setup the x509 module for Icinga Web 2
+* [`icinga::web::x509::database`](#icinga--web--x509--database): Setup the x509 database.
+* [`icinga::worker`](#icinga--worker): Setup a Icinga worker (aka satellite).
#### Private Classes
@@ -41,7 +43,7 @@ PHP and a Webserver.
#### Public Defined types
-* [`icinga::cert`](#icingacert): A class to generate tls key, cert and cacert files.
+* [`icinga::cert`](#icinga--cert): A class to generate tls key, cert and cacert files.
#### Private Defined types
@@ -49,22 +51,22 @@ PHP and a Webserver.
### Functions
-* [`icinga::cert::files`](#icingacertfiles): Choose the path of tls key, cert and ca file.
-* [`icinga::db::connect`](#icingadbconnect): This function returns a string to connect databases
+* [`icinga::cert::files`](#icinga--cert--files): Choose the path of tls key, cert and ca file.
+* [`icinga::db::connect`](#icinga--db--connect): This function returns a string to connect databases
with or without TLS information.
-* [`icinga::newline`](#icinganewline): Replace newlines for Windows systems.
-* [`icinga::prepare_web`](#icingaprepare_web): This funktion checks for web preparation and display a warning if fails
-* [`icinga::unwrap`](#icingaunwrap): This function returns an unwrap string if necessary.
+* [`icinga::newline`](#icinga--newline): Replace newlines for Windows systems.
+* [`icinga::prepare_web`](#icinga--prepare_web): This funktion checks for web preparation and display a warning if fails
+* [`icinga::unwrap`](#icinga--unwrap): This function returns an unwrap string if necessary.
### Data types
-* [`Icinga::Certificate`](#icingacertificate): A strict type for a certificate
-* [`Icinga::LogLevel`](#icingaloglevel): A strict type for log levels
-* [`Icinga::Secret`](#icingasecret): A strict type for the secrets like passwords or keys
+* [`Icinga::Certificate`](#Icinga--Certificate): A strict type for a certificate
+* [`Icinga::LogLevel`](#Icinga--LogLevel): A strict type for log levels
+* [`Icinga::Secret`](#Icinga--Secret): A strict type for the secrets like passwords or keys
## Classes
-### `icinga::agent`
+### `icinga::agent`
Setup a Icinga agent.
@@ -72,22 +74,22 @@ Setup a Icinga agent.
The following parameters are available in the `icinga::agent` class:
-* [`ca_server`](#ca_server)
-* [`parent_zone`](#parent_zone)
-* [`parent_endpoints`](#parent_endpoints)
-* [`global_zones`](#global_zones)
-* [`logging_type`](#logging_type)
-* [`logging_level`](#logging_level)
-* [`zone`](#zone)
-* [`run_web`](#run_web)
+* [`ca_server`](#-icinga--agent--ca_server)
+* [`parent_zone`](#-icinga--agent--parent_zone)
+* [`parent_endpoints`](#-icinga--agent--parent_endpoints)
+* [`global_zones`](#-icinga--agent--global_zones)
+* [`logging_type`](#-icinga--agent--logging_type)
+* [`logging_level`](#-icinga--agent--logging_level)
+* [`zone`](#-icinga--agent--zone)
+* [`run_web`](#-icinga--agent--run_web)
-##### `ca_server`
+##### `ca_server`
Data type: `Stdlib::Host`
The CA to send the certificate request to.
-##### `parent_zone`
+##### `parent_zone`
Data type: `String`
@@ -95,13 +97,13 @@ Name of the parent Icinga zone.
Default value: `'main'`
-##### `parent_endpoints`
+##### `parent_endpoints`
Data type: `Hash[String, Hash]`
Configures these endpoints of the parent zone.
-##### `global_zones`
+##### `global_zones`
Data type: `Array[String]`
@@ -109,7 +111,7 @@ List of global zones to configure.
Default value: `[]`
-##### `logging_type`
+##### `logging_type`
Data type: `Enum['file', 'syslog']`
@@ -117,15 +119,15 @@ Switch the log target. Only `file` is supported on Windows.
Default value: `'file'`
-##### `logging_level`
+##### `logging_level`
Data type: `Optional[Icinga::LogLevel]`
Set the log level.
-Default value: ``undef``
+Default value: `undef`
-##### `zone`
+##### `zone`
Data type: `String`
@@ -133,16 +135,16 @@ Set a dedicated zone name.
Default value: `'NodeName'`
-##### `run_web`
+##### `run_web`
Data type: `Boolean`
Prepare to run Icinga Web 2 on the same machine. Manage a group `icingaweb2`
and add the Icinga user to this group.
-Default value: ``false``
+Default value: `false`
-### `icinga::db`
+### `icinga::db`
The icinga::db class.
@@ -150,28 +152,28 @@ The icinga::db class.
The following parameters are available in the `icinga::db` class:
-* [`db_type`](#db_type)
-* [`db_host`](#db_host)
-* [`db_port`](#db_port)
-* [`db_name`](#db_name)
-* [`db_user`](#db_user)
-* [`db_pass`](#db_pass)
-* [`manage_database`](#manage_database)
-* [`db_accesses`](#db_accesses)
-* [`redis_host`](#redis_host)
-* [`redis_bind`](#redis_bind)
-* [`redis_port`](#redis_port)
-* [`redis_pass`](#redis_pass)
-* [`manage_redis`](#manage_redis)
-* [`manage_feature`](#manage_feature)
-
-##### `db_type`
+* [`db_type`](#-icinga--db--db_type)
+* [`db_host`](#-icinga--db--db_host)
+* [`db_port`](#-icinga--db--db_port)
+* [`db_name`](#-icinga--db--db_name)
+* [`db_user`](#-icinga--db--db_user)
+* [`db_pass`](#-icinga--db--db_pass)
+* [`manage_database`](#-icinga--db--manage_database)
+* [`db_accesses`](#-icinga--db--db_accesses)
+* [`redis_host`](#-icinga--db--redis_host)
+* [`redis_bind`](#-icinga--db--redis_bind)
+* [`redis_port`](#-icinga--db--redis_port)
+* [`redis_pass`](#-icinga--db--redis_pass)
+* [`manage_redis`](#-icinga--db--manage_redis)
+* [`manage_feature`](#-icinga--db--manage_feature)
+
+##### `db_type`
Data type: `Enum['mysql', 'pgsql']`
Choose wether MySQL or PostgreSQL as backend for historical data.
-##### `db_host`
+##### `db_host`
Data type: `Stdlib::Host`
@@ -179,15 +181,15 @@ Database server.
Default value: `'localhost'`
-##### `db_port`
+##### `db_port`
Data type: `Optional[Stdlib::Port::Unprivileged]`
Port to connect the database.
-Default value: ``undef``
+Default value: `undef`
-##### `db_name`
+##### `db_name`
Data type: `String`
@@ -195,7 +197,7 @@ The IcingaDB database.
Default value: `'icingadb'`
-##### `db_user`
+##### `db_user`
Data type: `String`
@@ -203,21 +205,21 @@ User to connect the database.
Default value: `'icingadb'`
-##### `db_pass`
+##### `db_pass`
Data type: `Icinga::Secret`
Passwort to login into database.
-##### `manage_database`
+##### `manage_database`
Data type: `Boolean`
Install and create database on localhost.
-Default value: ``false``
+Default value: `false`
-##### `db_accesses`
+##### `db_accesses`
Data type: `Array[Stdlib::Host]`
@@ -226,7 +228,7 @@ Omly valid if `manage_database` is `true`.
Default value: `[]`
-##### `redis_host`
+##### `redis_host`
Data type: `Stdlib::Host`
@@ -234,49 +236,49 @@ Redis host to connect.
Default value: `'localhost'`
-##### `redis_bind`
+##### `redis_bind`
Data type: `Optional[Array[Stdlib::Host]]`
When Redis runs on a differnt host than Icinga, here the listining interfaces
have to be set.
-Default value: ``undef``
+Default value: `undef`
-##### `redis_port`
+##### `redis_port`
Data type: `Optional[Stdlib::Port]`
Port for Redis listening.
-Default value: ``undef``
+Default value: `undef`
-##### `redis_pass`
+##### `redis_pass`
Data type: `Optional[Icinga::Secret]`
Password to authenticate against Redis.
-Default value: ``undef``
+Default value: `undef`
-##### `manage_redis`
+##### `manage_redis`
Data type: `Boolean`
Install and create the IcingaDB Redis service on localhost.
-Default value: ``true``
+Default value: `true`
-##### `manage_feature`
+##### `manage_feature`
Data type: `Boolean`
If you wanna manage the Icinga 2 feature for the IcingaDB, set this to `true`.
This only make sense when an Icinga 2 Server is running on the same host.
-Default value: ``true``
+Default value: `true`
-### `icinga::db::database`
+### `icinga::db::database`
Setup database for IcingaDB.
@@ -284,32 +286,32 @@ Setup database for IcingaDB.
The following parameters are available in the `icinga::db::database` class:
-* [`db_type`](#db_type)
-* [`access_instances`](#access_instances)
-* [`db_pass`](#db_pass)
-* [`db_name`](#db_name)
-* [`db_user`](#db_user)
-* [`tls`](#tls)
+* [`db_type`](#-icinga--db--database--db_type)
+* [`access_instances`](#-icinga--db--database--access_instances)
+* [`db_pass`](#-icinga--db--database--db_pass)
+* [`db_name`](#-icinga--db--database--db_name)
+* [`db_user`](#-icinga--db--database--db_user)
+* [`tls`](#-icinga--db--database--tls)
-##### `db_type`
+##### `db_type`
Data type: `Enum['mysql','pgsql']`
What kind of database type to use.
-##### `access_instances`
+##### `access_instances`
Data type: `Array[Stdlib::Host]`
List of Hosts to allow write access to the database. Usually an IcingaDB instance.
-##### `db_pass`
+##### `db_pass`
Data type: `Icinga::Secret`
Password to connect the database.
-##### `db_name`
+##### `db_name`
Data type: `String`
@@ -317,7 +319,7 @@ Name of the database.
Default value: `'icingadb'`
-##### `db_user`
+##### `db_user`
Data type: `String`
@@ -325,17 +327,21 @@ Database user name.
Default value: `'icingadb'`
-##### `tls`
+##### `tls`
-Data type: `Variant[Boolean,
- Enum['password','cert']]`
+Data type:
+
+```puppet
+Variant[Boolean,
+ Enum['password','cert']]
+```
Access only for TLS encrypted connections. Authentication via `password` or `cert`,
value `true` means password auth.
-Default value: ``false``
+Default value: `false`
-### `icinga::ido`
+### `icinga::ido`
Configure IDO Backend.
@@ -343,22 +349,22 @@ Configure IDO Backend.
The following parameters are available in the `icinga::ido` class:
-* [`db_pass`](#db_pass)
-* [`db_type`](#db_type)
-* [`db_host`](#db_host)
-* [`db_port`](#db_port)
-* [`db_name`](#db_name)
-* [`db_user`](#db_user)
-* [`manage_database`](#manage_database)
-* [`enable_ha`](#enable_ha)
+* [`db_pass`](#-icinga--ido--db_pass)
+* [`db_type`](#-icinga--ido--db_type)
+* [`db_host`](#-icinga--ido--db_host)
+* [`db_port`](#-icinga--ido--db_port)
+* [`db_name`](#-icinga--ido--db_name)
+* [`db_user`](#-icinga--ido--db_user)
+* [`manage_database`](#-icinga--ido--manage_database)
+* [`enable_ha`](#-icinga--ido--enable_ha)
-##### `db_pass`
+##### `db_pass`
Data type: `Icinga::Secret`
Password to connect the database.
-##### `db_type`
+##### `db_type`
Data type: `Enum['mysql','pgsql']`
@@ -366,7 +372,7 @@ What kind of database type to use.
Default value: `'mysql'`
-##### `db_host`
+##### `db_host`
Data type: `Stdlib::Host`
@@ -374,15 +380,15 @@ Database host to connect.
Default value: `'localhost'`
-##### `db_port`
+##### `db_port`
Data type: `Optional[Stdlib::Port]`
Port to connect. Only affects for connection to remote database hosts.
-Default value: ``undef``
+Default value: `undef`
-##### `db_name`
+##### `db_name`
Data type: `String`
@@ -390,7 +396,7 @@ Name of the database.
Default value: `'icinga2'`
-##### `db_user`
+##### `db_user`
Data type: `String`
@@ -398,23 +404,23 @@ Database user name.
Default value: `'icinga2'`
-##### `manage_database`
+##### `manage_database`
Data type: `Boolean`
Create database and import schema.
-Default value: ``false``
+Default value: `false`
-##### `enable_ha`
+##### `enable_ha`
Data type: `Boolean`
Enable HA feature for database.
-Default value: ``false``
+Default value: `false`
-### `icinga::ido::database`
+### `icinga::ido::database`
Configure IDO backend database.
@@ -422,33 +428,33 @@ Configure IDO backend database.
The following parameters are available in the `icinga::ido::database` class:
-* [`db_type`](#db_type)
-* [`ido_instances`](#ido_instances)
-* [`db_pass`](#db_pass)
-* [`db_name`](#db_name)
-* [`db_user`](#db_user)
-* [`tls`](#tls)
+* [`db_type`](#-icinga--ido--database--db_type)
+* [`ido_instances`](#-icinga--ido--database--ido_instances)
+* [`db_pass`](#-icinga--ido--database--db_pass)
+* [`db_name`](#-icinga--ido--database--db_name)
+* [`db_user`](#-icinga--ido--database--db_user)
+* [`tls`](#-icinga--ido--database--tls)
-##### `db_type`
+##### `db_type`
Data type: `Enum['mysql','pgsql']`
What kind of database type to use.
-##### `ido_instances`
+##### `ido_instances`
Data type: `Array[Stdlib::Host]`
List of Hosts to allow write access to the database.
Usually an Icinga Server with enabled IDO feature.
-##### `db_pass`
+##### `db_pass`
Data type: `Icinga::Secret`
Password to connect the database.
-##### `db_name`
+##### `db_name`
Data type: `String`
@@ -456,7 +462,7 @@ Name of the database.
Default value: `'icinga2'`
-##### `db_user`
+##### `db_user`
Data type: `String`
@@ -464,21 +470,25 @@ Database user name.
Default value: `'icinga2'`
-##### `tls`
+##### `tls`
-Data type: `Variant[Boolean,
- Enum['password','cert']]`
+Data type:
+
+```puppet
+Variant[Boolean,
+ Enum['password','cert']]
+```
Access only for TLS encrypted connections. Authentication via `password` or `cert`,
value `true` means password auth.
-Default value: ``false``
+Default value: `false`
-### `icinga::redis`
+### `icinga::redis`
Base class for all redis owned by Icinga.
-### `icinga::repos`
+### `icinga::repos`
This class manages the stages stable, testing and snapshot of packages.icinga.com repository
and depending on the operating system platform some other repositories.
@@ -495,66 +505,66 @@ require icinga::repos
The following parameters are available in the `icinga::repos` class:
-* [`manage_stable`](#manage_stable)
-* [`manage_testing`](#manage_testing)
-* [`manage_nightly`](#manage_nightly)
-* [`configure_backports`](#configure_backports)
-* [`manage_epel`](#manage_epel)
-* [`manage_powertools`](#manage_powertools)
-* [`manage_crb`](#manage_crb)
-* [`manage_server_monitoring`](#manage_server_monitoring)
-* [`manage_plugins`](#manage_plugins)
-* [`manage_extras`](#manage_extras)
+* [`manage_stable`](#-icinga--repos--manage_stable)
+* [`manage_testing`](#-icinga--repos--manage_testing)
+* [`manage_nightly`](#-icinga--repos--manage_nightly)
+* [`configure_backports`](#-icinga--repos--configure_backports)
+* [`manage_epel`](#-icinga--repos--manage_epel)
+* [`manage_powertools`](#-icinga--repos--manage_powertools)
+* [`manage_crb`](#-icinga--repos--manage_crb)
+* [`manage_server_monitoring`](#-icinga--repos--manage_server_monitoring)
+* [`manage_plugins`](#-icinga--repos--manage_plugins)
+* [`manage_extras`](#-icinga--repos--manage_extras)
-##### `manage_stable`
+##### `manage_stable`
Data type: `Boolean`
Manage the Icinga stable repository. Disabled by setting to 'false'. Defaults to 'true'.
-##### `manage_testing`
+##### `manage_testing`
Data type: `Boolean`
Manage the Icinga testing repository to get access to release candidates.
Enabled by setting to 'true'. Defaults to 'false'.
-##### `manage_nightly`
+##### `manage_nightly`
Data type: `Boolean`
Manage the Icinga snapshot repository to get access to nightly snapshots.
Enabled by setting to 'true'. Defaults to 'false'.
-##### `configure_backports`
+##### `configure_backports`
Data type: `Boolean`
Enables or Disables the backports repository. Has only an effect on plattforms
simular to Debian. To configure the backports repo uses apt::backports in hiera.
-##### `manage_epel`
+##### `manage_epel`
Data type: `Boolean`
Manage the EPEL (Extra Packages Enterprise Linux) repository that is needed for some package
like newer Boost libraries. Has only an effect on plattforms simular to RedHat Enterprise.
-##### `manage_powertools`
+##### `manage_powertools`
Data type: `Boolean`
Manage the PowerTools repository that is needed for some package like nagios-plugins on
Linux Enterprise systems like Alma 8, Rocky 8 and CentOS Stream 8.
-##### `manage_crb`
+##### `manage_crb`
Data type: `Boolean`
Manage the CRB repository that is needed for some package like nagios-plugins on
Linux Enterprise systems like Alma 9, Rocky 9 and CentOS Stream 9.
-##### `manage_server_monitoring`
+##### `manage_server_monitoring`
Data type: `Boolean`
@@ -562,19 +572,19 @@ Manage the 'server:monitoring' repository on SLES platforms that is needed for s
like monitoring-plugins-common. Additional also the 'monitoring-plugins' are provided by this
repository. Bye default the repository is added with a lower priority of 120.
-##### `manage_plugins`
+##### `manage_plugins`
Data type: `Boolean`
Manage the NETWAYS plugins repository that provides some packages for additional plugins.
-##### `manage_extras`
+##### `manage_extras`
Data type: `Boolean`
Manage the NETWAYS extras repository that provides some packages for extras.
-### `icinga::server`
+### `icinga::server`
Setup a Icinga server.
@@ -582,39 +592,39 @@ Setup a Icinga server.
The following parameters are available in the `icinga::server` class:
-* [`ca`](#ca)
-* [`config_server`](#config_server)
-* [`zone`](#zone)
-* [`colocation_endpoints`](#colocation_endpoints)
-* [`workers`](#workers)
-* [`global_zones`](#global_zones)
-* [`ca_server`](#ca_server)
-* [`ticket_salt`](#ticket_salt)
-* [`web_api_user`](#web_api_user)
-* [`web_api_pass`](#web_api_pass)
-* [`director_api_user`](#director_api_user)
-* [`director_api_pass`](#director_api_pass)
-* [`logging_type`](#logging_type)
-* [`logging_level`](#logging_level)
-* [`run_web`](#run_web)
-
-##### `ca`
+* [`ca`](#-icinga--server--ca)
+* [`config_server`](#-icinga--server--config_server)
+* [`zone`](#-icinga--server--zone)
+* [`colocation_endpoints`](#-icinga--server--colocation_endpoints)
+* [`workers`](#-icinga--server--workers)
+* [`global_zones`](#-icinga--server--global_zones)
+* [`ca_server`](#-icinga--server--ca_server)
+* [`ticket_salt`](#-icinga--server--ticket_salt)
+* [`web_api_user`](#-icinga--server--web_api_user)
+* [`web_api_pass`](#-icinga--server--web_api_pass)
+* [`director_api_user`](#-icinga--server--director_api_user)
+* [`director_api_pass`](#-icinga--server--director_api_pass)
+* [`logging_type`](#-icinga--server--logging_type)
+* [`logging_level`](#-icinga--server--logging_level)
+* [`run_web`](#-icinga--server--run_web)
+
+##### `ca`
Data type: `Boolean`
Enables a CA on this node.
-Default value: ``false``
+Default value: `false`
-##### `config_server`
+##### `config_server`
Data type: `Boolean`
Enables that this node is the central configuration server.
-Default value: ``false``
+Default value: `false`
-##### `zone`
+##### `zone`
Data type: `String`
@@ -622,7 +632,7 @@ Name of the Icinga zone.
Default value: `'main'`
-##### `colocation_endpoints`
+##### `colocation_endpoints`
Data type: `Hash[String,Hash]`
@@ -631,16 +641,15 @@ Icinga supports two endpoints per zone only.
Default value: `{}`
-##### `workers`
+##### `workers`
Data type: `Hash[String,Hash]`
-All worker zones with key 'endpoints' for
-endpoint objects.
+All worker zones with key 'endpoints' for endpoint objects.
Default value: `{}`
-##### `global_zones`
+##### `global_zones`
Data type: `Array[String]`
@@ -648,23 +657,23 @@ List of global zones to configure.
Default value: `[]`
-##### `ca_server`
+##### `ca_server`
Data type: `Optional[Stdlib::Host]`
The CA to send the certificate request to.
-Default value: ``undef``
+Default value: `undef`
-##### `ticket_salt`
+##### `ticket_salt`
Data type: `Optional[Icinga::Secret]`
Set an alternate ticket salt to icinga::ticket_salt from Hiera.
-Default value: ``undef``
+Default value: `undef`
-##### `web_api_user`
+##### `web_api_user`
Data type: `String`
@@ -672,15 +681,15 @@ Icinga API user to connect Icinga 2. Notice: user is only created if a password
Default value: `'icingaweb2'`
-##### `web_api_pass`
+##### `web_api_pass`
Data type: `Optional[Icinga::Secret]`
Icinga API user password.
-Default value: ``undef``
+Default value: `undef`
-##### `director_api_user`
+##### `director_api_user`
Data type: `String`
@@ -688,15 +697,15 @@ Icinga API director user to connect Icinga 2. Notice: user is only created if a
Default value: `'director'`
-##### `director_api_pass`
+##### `director_api_pass`
Data type: `Optional[Icinga::Secret]`
Icinga API director user password.
-Default value: ``undef``
+Default value: `undef`
-##### `logging_type`
+##### `logging_type`
Data type: `Enum['file', 'syslog']`
@@ -704,24 +713,24 @@ Switch the log target. Only `file` is supported on Windows.
Default value: `'file'`
-##### `logging_level`
+##### `logging_level`
Data type: `Optional[Icinga::LogLevel]`
Set the log level.
-Default value: ``undef``
+Default value: `undef`
-##### `run_web`
+##### `run_web`
Data type: `Boolean`
Prepare to run Icinga Web 2 on the same machine. Manage a group `icingaweb2`
and add the Icinga user to this group.
-Default value: ``false``
+Default value: `false`
-### `icinga::web`
+### `icinga::web`
Setup Icinga Web 2 including a database backend for user settings,
PHP and a Webserver.
@@ -730,21 +739,21 @@ PHP and a Webserver.
The following parameters are available in the `icinga::web` class:
-* [`default_admin_user`](#default_admin_user)
-* [`default_admin_pass`](#default_admin_pass)
-* [`db_pass`](#db_pass)
-* [`apache_cgi_pass_auth`](#apache_cgi_pass_auth)
-* [`db_type`](#db_type)
-* [`db_host`](#db_host)
-* [`db_port`](#db_port)
-* [`db_name`](#db_name)
-* [`db_user`](#db_user)
-* [`manage_database`](#manage_database)
-* [`api_host`](#api_host)
-* [`api_user`](#api_user)
-* [`api_pass`](#api_pass)
-
-##### `default_admin_user`
+* [`default_admin_user`](#-icinga--web--default_admin_user)
+* [`default_admin_pass`](#-icinga--web--default_admin_pass)
+* [`db_pass`](#-icinga--web--db_pass)
+* [`apache_cgi_pass_auth`](#-icinga--web--apache_cgi_pass_auth)
+* [`db_type`](#-icinga--web--db_type)
+* [`db_host`](#-icinga--web--db_host)
+* [`db_port`](#-icinga--web--db_port)
+* [`db_name`](#-icinga--web--db_name)
+* [`db_user`](#-icinga--web--db_user)
+* [`manage_database`](#-icinga--web--manage_database)
+* [`api_host`](#-icinga--web--api_host)
+* [`api_user`](#-icinga--web--api_user)
+* [`api_pass`](#-icinga--web--api_pass)
+
+##### `default_admin_user`
Data type: `String`
@@ -752,7 +761,7 @@ Set the initial name of the admin user.
Default value: `'icingaadmin'`
-##### `default_admin_pass`
+##### `default_admin_pass`
Data type: `Icinga::Secret`
@@ -760,20 +769,20 @@ Set the initial password for the admin user.
Default value: `'icingaadmin'`
-##### `db_pass`
+##### `db_pass`
Data type: `Icinga::Secret`
Password to connect the database.
-##### `apache_cgi_pass_auth`
+##### `apache_cgi_pass_auth`
Data type: `Boolean`
Either turn on or off the apache cgi pass thru auth.
An option available since Apache v2.4.15 and required for authenticated access to the Icinga Web Api.
-##### `db_type`
+##### `db_type`
Data type: `Enum['mysql', 'pgsql']`
@@ -781,7 +790,7 @@ What kind of database type to use.
Default value: `'mysql'`
-##### `db_host`
+##### `db_host`
Data type: `Stdlib::Host`
@@ -789,15 +798,15 @@ Database host to connect.
Default value: `'localhost'`
-##### `db_port`
+##### `db_port`
Data type: `Optional[Stdlib::Port::Unprivileged]`
Port to connect. Only affects for connection to remote database hosts.
-Default value: ``undef``
+Default value: `undef`
-##### `db_name`
+##### `db_name`
Data type: `String`
@@ -805,7 +814,7 @@ Name of the database.
Default value: `'icingaweb2'`
-##### `db_user`
+##### `db_user`
Data type: `String`
@@ -813,15 +822,15 @@ Database user name.
Default value: `'icingaweb2'`
-##### `manage_database`
+##### `manage_database`
Data type: `Boolean`
Create database.
-Default value: ``false``
+Default value: `false`
-##### `api_host`
+##### `api_host`
Data type: `Variant[Stdlib::Host, Array[Stdlib::Host]]`
@@ -829,7 +838,7 @@ Single or list of Icinga 2 API endpoints to connect.
Default value: `'localhost'`
-##### `api_user`
+##### `api_user`
Data type: `String`
@@ -837,13 +846,13 @@ Icinga 2 API user.
Default value: `'icingaweb2'`
-##### `api_pass`
+##### `api_pass`
Data type: `Icinga::Secret`
Password to connect the Icinga 2 API.
-### `icinga::web::database`
+### `icinga::web::database`
Setup Icinga Web 2 database for user settings.
@@ -851,32 +860,32 @@ Setup Icinga Web 2 database for user settings.
The following parameters are available in the `icinga::web::database` class:
-* [`db_type`](#db_type)
-* [`web_instances`](#web_instances)
-* [`db_pass`](#db_pass)
-* [`db_name`](#db_name)
-* [`db_user`](#db_user)
-* [`tls`](#tls)
+* [`db_type`](#-icinga--web--database--db_type)
+* [`web_instances`](#-icinga--web--database--web_instances)
+* [`db_pass`](#-icinga--web--database--db_pass)
+* [`db_name`](#-icinga--web--database--db_name)
+* [`db_user`](#-icinga--web--database--db_user)
+* [`tls`](#-icinga--web--database--tls)
-##### `db_type`
+##### `db_type`
Data type: `Enum['mysql','pgsql']`
What kind of database type to use.
-##### `web_instances`
+##### `web_instances`
Data type: `Array[Stdlib::Host]`
List of Hosts to allow write access to the database. Usually an Icinga Web 2 instance.
-##### `db_pass`
+##### `db_pass`
Data type: `Icinga::Secret`
Password to connect the database.
-##### `db_name`
+##### `db_name`
Data type: `String`
@@ -884,7 +893,7 @@ Name of the database.
Default value: `'icingaweb2'`
-##### `db_user`
+##### `db_user`
Data type: `String`
@@ -892,17 +901,21 @@ Database user name.
Default value: `'icingaweb2'`
-##### `tls`
+##### `tls`
+
+Data type:
-Data type: `Variant[Boolean,
- Enum['password','cert']]`
+```puppet
+Variant[Boolean,
+ Enum['password','cert']]
+```
Access only for TLS encrypted connections. Authentication via `password` or `cert`,
value `true` means password auth.
-Default value: ``false``
+Default value: `false`
-### `icinga::web::director`
+### `icinga::web::director`
Setup Director module for Icinga Web 2
@@ -910,21 +923,21 @@ Setup Director module for Icinga Web 2
The following parameters are available in the `icinga::web::director` class:
-* [`service_ensure`](#service_ensure)
-* [`service_enable`](#service_enable)
-* [`db_type`](#db_type)
-* [`db_host`](#db_host)
-* [`db_port`](#db_port)
-* [`db_name`](#db_name)
-* [`db_user`](#db_user)
-* [`db_pass`](#db_pass)
-* [`endpoint`](#endpoint)
-* [`manage_database`](#manage_database)
-* [`api_host`](#api_host)
-* [`api_user`](#api_user)
-* [`api_pass`](#api_pass)
-
-##### `service_ensure`
+* [`service_ensure`](#-icinga--web--director--service_ensure)
+* [`service_enable`](#-icinga--web--director--service_enable)
+* [`db_type`](#-icinga--web--director--db_type)
+* [`db_host`](#-icinga--web--director--db_host)
+* [`db_port`](#-icinga--web--director--db_port)
+* [`db_name`](#-icinga--web--director--db_name)
+* [`db_user`](#-icinga--web--director--db_user)
+* [`db_pass`](#-icinga--web--director--db_pass)
+* [`endpoint`](#-icinga--web--director--endpoint)
+* [`manage_database`](#-icinga--web--director--manage_database)
+* [`api_host`](#-icinga--web--director--api_host)
+* [`api_user`](#-icinga--web--director--api_user)
+* [`api_pass`](#-icinga--web--director--api_pass)
+
+##### `service_ensure`
Data type: `Stdlib::Ensure::Service`
@@ -932,15 +945,15 @@ Manages if the Director service should be stopped or running.
Default value: `'running'`
-##### `service_enable`
+##### `service_enable`
Data type: `Boolean`
If set to true the Director service will start on boot.
-Default value: ``true``
+Default value: `true`
-##### `db_type`
+##### `db_type`
Data type: `Enum['mysql', 'pgsql']`
@@ -948,7 +961,7 @@ Type of your database. Either `mysql` or `pgsql`.
Default value: `'mysql'`
-##### `db_host`
+##### `db_host`
Data type: `Stdlib::Host`
@@ -956,15 +969,15 @@ Hostname of the database.
Default value: `'localhost'`
-##### `db_port`
+##### `db_port`
Data type: `Optional[Stdlib::Port]`
Port of the database.
-Default value: ``undef``
+Default value: `undef`
-##### `db_name`
+##### `db_name`
Data type: `String`
@@ -972,7 +985,7 @@ Name of the database.
Default value: `'director'`
-##### `db_user`
+##### `db_user`
Data type: `String`
@@ -980,27 +993,27 @@ Username for DB connection.
Default value: `'director'`
-##### `db_pass`
+##### `db_pass`
Data type: `Icinga::Secret`
Password for DB connection.
-##### `endpoint`
+##### `endpoint`
Data type: `String`
Endpoint object name of Icinga 2 API.
-##### `manage_database`
+##### `manage_database`
Data type: `Boolean`
Create database and import schema.
-Default value: ``false``
+Default value: `false`
-##### `api_host`
+##### `api_host`
Data type: `Stdlib::Host`
@@ -1008,7 +1021,7 @@ Icinga 2 API hostname.
Default value: `'localhost'`
-##### `api_user`
+##### `api_user`
Data type: `String`
@@ -1016,13 +1029,13 @@ Icinga 2 API username.
Default value: `'director'`
-##### `api_pass`
+##### `api_pass`
Data type: `Icinga::Secret`
Icinga 2 API password.
-### `icinga::web::director::database`
+### `icinga::web::director::database`
Setup Director database.
@@ -1030,33 +1043,33 @@ Setup Director database.
The following parameters are available in the `icinga::web::director::database` class:
-* [`db_type`](#db_type)
-* [`web_instances`](#web_instances)
-* [`db_pass`](#db_pass)
-* [`db_name`](#db_name)
-* [`db_user`](#db_user)
-* [`tls`](#tls)
+* [`db_type`](#-icinga--web--director--database--db_type)
+* [`web_instances`](#-icinga--web--director--database--web_instances)
+* [`db_pass`](#-icinga--web--director--database--db_pass)
+* [`db_name`](#-icinga--web--director--database--db_name)
+* [`db_user`](#-icinga--web--director--database--db_user)
+* [`tls`](#-icinga--web--director--database--tls)
-##### `db_type`
+##### `db_type`
Data type: `Enum['mysql','pgsql']`
What kind of database type to use.
-##### `web_instances`
+##### `web_instances`
Data type: `Array[Stdlib::Host]`
List of Hosts to allow write access to the database.
Usually an Icinga Web 2 instance.
-##### `db_pass`
+##### `db_pass`
Data type: `Icinga::Secret`
Password to connect the database.
-##### `db_name`
+##### `db_name`
Data type: `String`
@@ -1064,7 +1077,7 @@ Name of the database.
Default value: `'director'`
-##### `db_user`
+##### `db_user`
Data type: `String`
@@ -1072,17 +1085,21 @@ Database user name.
Default value: `'director'`
-##### `tls`
+##### `tls`
-Data type: `Variant[Boolean,
- Enum['password','cert']]`
+Data type:
+
+```puppet
+Variant[Boolean,
+ Enum['password','cert']]
+```
Access only for TLS encrypted connections. Authentication via `password` or `cert`,
value `true` means password auth.
-Default value: ``false``
+Default value: `false`
-### `icinga::web::icingadb`
+### `icinga::web::icingadb`
Setup IcingaDB module for the new backend.
@@ -1090,29 +1107,29 @@ Setup IcingaDB module for the new backend.
The following parameters are available in the `icinga::web::icingadb` class:
-* [`db_type`](#db_type)
-* [`db_host`](#db_host)
-* [`db_port`](#db_port)
-* [`db_name`](#db_name)
-* [`db_user`](#db_user)
-* [`db_pass`](#db_pass)
-* [`redis_host`](#redis_host)
-* [`redis_port`](#redis_port)
-* [`redis_pass`](#redis_pass)
-* [`redis_primary_host`](#redis_primary_host)
-* [`redis_primary_port`](#redis_primary_port)
-* [`redis_primary_pass`](#redis_primary_pass)
-* [`redis_secondary_host`](#redis_secondary_host)
-* [`redis_secondary_port`](#redis_secondary_port)
-* [`redis_secondary_pass`](#redis_secondary_pass)
-
-##### `db_type`
+* [`db_type`](#-icinga--web--icingadb--db_type)
+* [`db_host`](#-icinga--web--icingadb--db_host)
+* [`db_port`](#-icinga--web--icingadb--db_port)
+* [`db_name`](#-icinga--web--icingadb--db_name)
+* [`db_user`](#-icinga--web--icingadb--db_user)
+* [`db_pass`](#-icinga--web--icingadb--db_pass)
+* [`redis_host`](#-icinga--web--icingadb--redis_host)
+* [`redis_port`](#-icinga--web--icingadb--redis_port)
+* [`redis_pass`](#-icinga--web--icingadb--redis_pass)
+* [`redis_primary_host`](#-icinga--web--icingadb--redis_primary_host)
+* [`redis_primary_port`](#-icinga--web--icingadb--redis_primary_port)
+* [`redis_primary_pass`](#-icinga--web--icingadb--redis_primary_pass)
+* [`redis_secondary_host`](#-icinga--web--icingadb--redis_secondary_host)
+* [`redis_secondary_port`](#-icinga--web--icingadb--redis_secondary_port)
+* [`redis_secondary_pass`](#-icinga--web--icingadb--redis_secondary_pass)
+
+##### `db_type`
Data type: `Enum['mysql', 'pgsql']`
What kind of database type to use as backend.
-##### `db_host`
+##### `db_host`
Data type: `Stdlib::Host`
@@ -1120,15 +1137,15 @@ Database host to connect for the backenend.
Default value: `'localhost'`
-##### `db_port`
+##### `db_port`
Data type: `Optional[Stdlib::Port::Unprivileged]`
Port to connect the backend.
-Default value: ``undef``
+Default value: `undef`
-##### `db_name`
+##### `db_name`
Data type: `String`
@@ -1136,7 +1153,7 @@ Name of the database backend.
Default value: `'icingadb'`
-##### `db_user`
+##### `db_user`
Data type: `String`
@@ -1144,13 +1161,13 @@ Database backend user name.
Default value: `'icingadb'`
-##### `db_pass`
+##### `db_pass`
Data type: `Icinga::Secret`
Password to connect the backend.
-##### `redis_host`
+##### `redis_host`
Data type: `Stdlib::Host`
@@ -1158,23 +1175,23 @@ Redis host to connect.
Default value: `'localhost'`
-##### `redis_port`
+##### `redis_port`
Data type: `Optional[Stdlib::Port]`
Connect `redis_host` om this port.
-Default value: ``undef``
+Default value: `undef`
-##### `redis_pass`
+##### `redis_pass`
Data type: `Optional[Icinga::Secret]`
Password for Redis connection.
-Default value: ``undef``
+Default value: `undef`
-##### `redis_primary_host`
+##### `redis_primary_host`
Data type: `Stdlib::Host`
@@ -1182,7 +1199,7 @@ Alternative parameter to use for `redis_host`. Useful for high availability envi
Default value: `$redis_host`
-##### `redis_primary_port`
+##### `redis_primary_port`
Data type: `Optional[Stdlib::Port]`
@@ -1190,7 +1207,7 @@ Alternative parameter to use for `redis_port`. Useful for high availability envi
Default value: `$redis_port`
-##### `redis_primary_pass`
+##### `redis_primary_pass`
Data type: `Optional[Icinga::Secret]`
@@ -1198,31 +1215,31 @@ Alternative parameter to use for `redis_passwod`. Useful for high availability e
Default value: `$redis_pass`
-##### `redis_secondary_host`
+##### `redis_secondary_host`
Data type: `Optional[Stdlib::Host]`
Fallback Redis host to connect if the first one fails.
-Default value: ``undef``
+Default value: `undef`
-##### `redis_secondary_port`
+##### `redis_secondary_port`
Data type: `Optional[Stdlib::Port]`
Port to connect on the fallback Redis server.
-Default value: ``undef``
+Default value: `undef`
-##### `redis_secondary_pass`
+##### `redis_secondary_pass`
Data type: `Optional[Icinga::Secret]`
Password for the second Redis server.
-Default value: ``undef``
+Default value: `undef`
-### `icinga::web::monitoring`
+### `icinga::web::monitoring`
Setup Monitoring module for the IDO backend.
@@ -1230,14 +1247,14 @@ Setup Monitoring module for the IDO backend.
The following parameters are available in the `icinga::web::monitoring` class:
-* [`db_type`](#db_type)
-* [`db_host`](#db_host)
-* [`db_port`](#db_port)
-* [`db_name`](#db_name)
-* [`db_user`](#db_user)
-* [`db_pass`](#db_pass)
+* [`db_type`](#-icinga--web--monitoring--db_type)
+* [`db_host`](#-icinga--web--monitoring--db_host)
+* [`db_port`](#-icinga--web--monitoring--db_port)
+* [`db_name`](#-icinga--web--monitoring--db_name)
+* [`db_user`](#-icinga--web--monitoring--db_user)
+* [`db_pass`](#-icinga--web--monitoring--db_pass)
-##### `db_type`
+##### `db_type`
Data type: `Enum['mysql', 'pgsql']`
@@ -1245,7 +1262,7 @@ What kind of database type to use as IDO backend.
Default value: `'mysql'`
-##### `db_host`
+##### `db_host`
Data type: `Stdlib::Host`
@@ -1253,15 +1270,15 @@ Database host to connect for the IDO backenend.
Default value: `'localhost'`
-##### `db_port`
+##### `db_port`
Data type: `Optional[Stdlib::Port::Unprivileged]`
Port to connect the IDO backend.
-Default value: ``undef``
+Default value: `undef`
-##### `db_name`
+##### `db_name`
Data type: `String`
@@ -1269,7 +1286,7 @@ Name of the IDO database backend.
Default value: `'icinga2'`
-##### `db_user`
+##### `db_user`
Data type: `String`
@@ -1277,13 +1294,13 @@ IDO database backend user name.
Default value: `'icinga2'`
-##### `db_pass`
+##### `db_pass`
Data type: `Icinga::Secret`
Pasword to connect the IDO backend.
-### `icinga::web::reporting`
+### `icinga::web::reporting`
Setup the reporting module for Icinga Web 2
@@ -1291,18 +1308,18 @@ Setup the reporting module for Icinga Web 2
The following parameters are available in the `icinga::web::reporting` class:
-* [`service_ensure`](#service_ensure)
-* [`service_enable`](#service_enable)
-* [`db_type`](#db_type)
-* [`db_host`](#db_host)
-* [`db_port`](#db_port)
-* [`db_name`](#db_name)
-* [`db_user`](#db_user)
-* [`db_pass`](#db_pass)
-* [`manage_database`](#manage_database)
-* [`mail`](#mail)
+* [`service_ensure`](#-icinga--web--reporting--service_ensure)
+* [`service_enable`](#-icinga--web--reporting--service_enable)
+* [`db_type`](#-icinga--web--reporting--db_type)
+* [`db_host`](#-icinga--web--reporting--db_host)
+* [`db_port`](#-icinga--web--reporting--db_port)
+* [`db_name`](#-icinga--web--reporting--db_name)
+* [`db_user`](#-icinga--web--reporting--db_user)
+* [`db_pass`](#-icinga--web--reporting--db_pass)
+* [`manage_database`](#-icinga--web--reporting--manage_database)
+* [`mail`](#-icinga--web--reporting--mail)
-##### `service_ensure`
+##### `service_ensure`
Data type: `Stdlib::Ensure::Service`
@@ -1310,21 +1327,21 @@ Manages if the reporting service should be stopped or running.
Default value: `'running'`
-##### `service_enable`
+##### `service_enable`
Data type: `Boolean`
If set to true the reporting service will start on boot.
-Default value: ``true``
+Default value: `true`
-##### `db_type`
+##### `db_type`
Data type: `Enum['mysql', 'pgsql']`
Type of your database.
-##### `db_host`
+##### `db_host`
Data type: `Stdlib::Host`
@@ -1332,15 +1349,15 @@ Hostname of the database.
Default value: `'localhost'`
-##### `db_port`
+##### `db_port`
Data type: `Optional[Stdlib::Port]`
Port of the database.
-Default value: ``undef``
+Default value: `undef`
-##### `db_name`
+##### `db_name`
Data type: `String`
@@ -1348,7 +1365,7 @@ Name of the database.
Default value: `'reporting'`
-##### `db_user`
+##### `db_user`
Data type: `String`
@@ -1356,29 +1373,29 @@ Username for DB connection.
Default value: `'reporting'`
-##### `db_pass`
+##### `db_pass`
Data type: `Icinga::Secret`
Password for DB connection.
-##### `manage_database`
+##### `manage_database`
Data type: `Boolean`
Create database and import schema.
-Default value: ``false``
+Default value: `false`
-##### `mail`
+##### `mail`
Data type: `Optional[String]`
Mails are sent with this sender address.
-Default value: ``undef``
+Default value: `undef`
-### `icinga::web::reporting::database`
+### `icinga::web::reporting::database`
Setup the reporting database.
@@ -1386,33 +1403,33 @@ Setup the reporting database.
The following parameters are available in the `icinga::web::reporting::database` class:
-* [`db_type`](#db_type)
-* [`web_instances`](#web_instances)
-* [`db_pass`](#db_pass)
-* [`db_name`](#db_name)
-* [`db_user`](#db_user)
-* [`tls`](#tls)
+* [`db_type`](#-icinga--web--reporting--database--db_type)
+* [`web_instances`](#-icinga--web--reporting--database--web_instances)
+* [`db_pass`](#-icinga--web--reporting--database--db_pass)
+* [`db_name`](#-icinga--web--reporting--database--db_name)
+* [`db_user`](#-icinga--web--reporting--database--db_user)
+* [`tls`](#-icinga--web--reporting--database--tls)
-##### `db_type`
+##### `db_type`
Data type: `Enum['mysql','pgsql']`
What kind of database type to use.
-##### `web_instances`
+##### `web_instances`
Data type: `Array[Stdlib::Host]`
List of Hosts to allow write access to the database.
Usually an Icinga Web 2 instance.
-##### `db_pass`
+##### `db_pass`
Data type: `Icinga::Secret`
Password to connect the database.
-##### `db_name`
+##### `db_name`
Data type: `String`
@@ -1420,7 +1437,7 @@ Name of the database.
Default value: `'reporting'`
-##### `db_user`
+##### `db_user`
Data type: `String`
@@ -1428,17 +1445,21 @@ Database user name.
Default value: `'reporting'`
-##### `tls`
+##### `tls`
-Data type: `Variant[Boolean,
- Enum['password','cert']]`
+Data type:
+
+```puppet
+Variant[Boolean,
+ Enum['password','cert']]
+```
Access only for TLS encrypted connections. Authentication via `password` or `cert`,
value `true` means password auth.
-Default value: ``false``
+Default value: `false`
-### `icinga::web::vspheredb`
+### `icinga::web::vspheredb`
Setup VSphereDB module for Icinga Web 2
@@ -1446,17 +1467,17 @@ Setup VSphereDB module for Icinga Web 2
The following parameters are available in the `icinga::web::vspheredb` class:
-* [`service_ensure`](#service_ensure)
-* [`service_enable`](#service_enable)
-* [`db_type`](#db_type)
-* [`db_host`](#db_host)
-* [`db_port`](#db_port)
-* [`db_name`](#db_name)
-* [`db_user`](#db_user)
-* [`db_pass`](#db_pass)
-* [`manage_database`](#manage_database)
+* [`service_ensure`](#-icinga--web--vspheredb--service_ensure)
+* [`service_enable`](#-icinga--web--vspheredb--service_enable)
+* [`db_type`](#-icinga--web--vspheredb--db_type)
+* [`db_host`](#-icinga--web--vspheredb--db_host)
+* [`db_port`](#-icinga--web--vspheredb--db_port)
+* [`db_name`](#-icinga--web--vspheredb--db_name)
+* [`db_user`](#-icinga--web--vspheredb--db_user)
+* [`db_pass`](#-icinga--web--vspheredb--db_pass)
+* [`manage_database`](#-icinga--web--vspheredb--manage_database)
-##### `service_ensure`
+##### `service_ensure`
Data type: `Stdlib::Ensure::Service`
@@ -1464,15 +1485,15 @@ Manages if the VSphereDB service should be stopped or running.
Default value: `'running'`
-##### `service_enable`
+##### `service_enable`
Data type: `Boolean`
If set to true the VSphereDB service will start on boot.
-Default value: ``true``
+Default value: `true`
-##### `db_type`
+##### `db_type`
Data type: `Enum['mysql']`
@@ -1480,7 +1501,7 @@ Type of your database. At the moment only `mysql` is supported by the Icinga tea
Default value: `'mysql'`
-##### `db_host`
+##### `db_host`
Data type: `Stdlib::Host`
@@ -1488,15 +1509,15 @@ Hostname of the database.
Default value: `'localhost'`
-##### `db_port`
+##### `db_port`
Data type: `Optional[Stdlib::Port]`
Port of the database.
-Default value: ``undef``
+Default value: `undef`
-##### `db_name`
+##### `db_name`
Data type: `String`
@@ -1504,7 +1525,7 @@ Name of the database.
Default value: `'vspheredb'`
-##### `db_user`
+##### `db_user`
Data type: `String`
@@ -1512,21 +1533,21 @@ Username for DB connection.
Default value: `'vspheredb'`
-##### `db_pass`
+##### `db_pass`
Data type: `Icinga::Secret`
Password for DB connection.
-##### `manage_database`
+##### `manage_database`
Data type: `Boolean`
Create database and import schema.
-Default value: ``false``
+Default value: `false`
-### `icinga::web::vspheredb::database`
+### `icinga::web::vspheredb::database`
Setup VSphereDB database.
@@ -1534,32 +1555,32 @@ Setup VSphereDB database.
The following parameters are available in the `icinga::web::vspheredb::database` class:
-* [`db_type`](#db_type)
-* [`web_instances`](#web_instances)
-* [`db_pass`](#db_pass)
-* [`db_name`](#db_name)
-* [`db_user`](#db_user)
-* [`tls`](#tls)
+* [`db_type`](#-icinga--web--vspheredb--database--db_type)
+* [`web_instances`](#-icinga--web--vspheredb--database--web_instances)
+* [`db_pass`](#-icinga--web--vspheredb--database--db_pass)
+* [`db_name`](#-icinga--web--vspheredb--database--db_name)
+* [`db_user`](#-icinga--web--vspheredb--database--db_user)
+* [`tls`](#-icinga--web--vspheredb--database--tls)
-##### `db_type`
+##### `db_type`
Data type: `Enum['mysql']`
What kind of database type to use.
-##### `web_instances`
+##### `web_instances`
Data type: `Array[Stdlib::Host]`
List of Hosts to allow write access to the database. Usually an Icinga Web 2 instance.
-##### `db_pass`
+##### `db_pass`
Data type: `Icinga::Secret`
Password to connect the database.
-##### `db_name`
+##### `db_name`
Data type: `String`
@@ -1567,7 +1588,7 @@ Name of the database.
Default value: `'vspheredb'`
-##### `db_user`
+##### `db_user`
Data type: `String`
@@ -1575,17 +1596,171 @@ Database user name.
Default value: `'vspheredb'`
-##### `tls`
+##### `tls`
+
+Data type:
-Data type: `Variant[Boolean,
- Enum['password','cert']]`
+```puppet
+Variant[Boolean,
+ Enum['password','cert']]
+```
Access only for TLS encrypted connections. Authentication via `password` or `cert`,
value `true` means password auth.
-Default value: ``false``
+Default value: `false`
+
+### `icinga::web::x509`
+
+Setup the x509 module for Icinga Web 2
+
+#### Parameters
+
+The following parameters are available in the `icinga::web::x509` class:
+
+* [`service_ensure`](#-icinga--web--x509--service_ensure)
+* [`service_enable`](#-icinga--web--x509--service_enable)
+* [`db_type`](#-icinga--web--x509--db_type)
+* [`db_host`](#-icinga--web--x509--db_host)
+* [`db_port`](#-icinga--web--x509--db_port)
+* [`db_name`](#-icinga--web--x509--db_name)
+* [`db_user`](#-icinga--web--x509--db_user)
+* [`db_pass`](#-icinga--web--x509--db_pass)
+* [`manage_database`](#-icinga--web--x509--manage_database)
+
+##### `service_ensure`
+
+Data type: `Stdlib::Ensure::Service`
+
+Manages if the x509 service should be stopped or running.
+
+Default value: `'running'`
+
+##### `service_enable`
+
+Data type: `Boolean`
+
+If set to true the x509 service will start on boot.
+
+Default value: `true`
-### `icinga::worker`
+##### `db_type`
+
+Data type: `Enum['mysql', 'pgsql']`
+
+Type of your database.
+
+##### `db_host`
+
+Data type: `Stdlib::Host`
+
+Hostname of the database.
+
+Default value: `'localhost'`
+
+##### `db_port`
+
+Data type: `Optional[Stdlib::Port]`
+
+Port of the database.
+
+Default value: `undef`
+
+##### `db_name`
+
+Data type: `String`
+
+Name of the database.
+
+Default value: `'x509'`
+
+##### `db_user`
+
+Data type: `String`
+
+Username for DB connection.
+
+Default value: `'x509'`
+
+##### `db_pass`
+
+Data type: `Icinga::Secret`
+
+Password for DB connection.
+
+##### `manage_database`
+
+Data type: `Boolean`
+
+Create database and import schema.
+
+Default value: `false`
+
+### `icinga::web::x509::database`
+
+Setup the x509 database.
+
+#### Parameters
+
+The following parameters are available in the `icinga::web::x509::database` class:
+
+* [`db_type`](#-icinga--web--x509--database--db_type)
+* [`web_instances`](#-icinga--web--x509--database--web_instances)
+* [`db_pass`](#-icinga--web--x509--database--db_pass)
+* [`db_name`](#-icinga--web--x509--database--db_name)
+* [`db_user`](#-icinga--web--x509--database--db_user)
+* [`tls`](#-icinga--web--x509--database--tls)
+
+##### `db_type`
+
+Data type: `Enum['mysql','pgsql']`
+
+What kind of database type to use.
+
+##### `web_instances`
+
+Data type: `Array[Stdlib::Host]`
+
+List of Hosts to allow write access to the database.
+Usually an Icinga Web 2 instance.
+
+##### `db_pass`
+
+Data type: `Icinga::Secret`
+
+Password to connect the database.
+
+##### `db_name`
+
+Data type: `String`
+
+Name of the database.
+
+Default value: `'x509'`
+
+##### `db_user`
+
+Data type: `String`
+
+Database user name.
+
+Default value: `'x509'`
+
+##### `tls`
+
+Data type:
+
+```puppet
+Variant[Boolean,
+ Enum['password','cert']]
+```
+
+Access only for TLS encrypted connections. Authentication via `password` or `cert`,
+value `true` means password auth.
+
+Default value: `false`
+
+### `icinga::worker`
Setup a Icinga worker (aka satellite).
@@ -1593,29 +1768,30 @@ Setup a Icinga worker (aka satellite).
The following parameters are available in the `icinga::worker` class:
-* [`ca_server`](#ca_server)
-* [`zone`](#zone)
-* [`parent_zone`](#parent_zone)
-* [`parent_endpoints`](#parent_endpoints)
-* [`colocation_endpoints`](#colocation_endpoints)
-* [`global_zones`](#global_zones)
-* [`logging_type`](#logging_type)
-* [`logging_level`](#logging_level)
-* [`run_web`](#run_web)
+* [`ca_server`](#-icinga--worker--ca_server)
+* [`zone`](#-icinga--worker--zone)
+* [`parent_zone`](#-icinga--worker--parent_zone)
+* [`parent_endpoints`](#-icinga--worker--parent_endpoints)
+* [`colocation_endpoints`](#-icinga--worker--colocation_endpoints)
+* [`workers`](#-icinga--worker--workers)
+* [`global_zones`](#-icinga--worker--global_zones)
+* [`logging_type`](#-icinga--worker--logging_type)
+* [`logging_level`](#-icinga--worker--logging_level)
+* [`run_web`](#-icinga--worker--run_web)
-##### `ca_server`
+##### `ca_server`
Data type: `Stdlib::Host`
The CA to send the certificate request to.
-##### `zone`
+##### `zone`
Data type: `String`
Name of the Icinga zone.
-##### `parent_zone`
+##### `parent_zone`
Data type: `String`
@@ -1623,13 +1799,13 @@ Name of the parent Icinga zone.
Default value: `'main'`
-##### `parent_endpoints`
+##### `parent_endpoints`
Data type: `Hash[String, Hash]`
Configures these endpoints of the parent zone.
-##### `colocation_endpoints`
+##### `colocation_endpoints`
Data type: `Hash[String, Hash]`
@@ -1638,7 +1814,15 @@ Icinga supports two endpoints per zone only.
Default value: `{}`
-##### `global_zones`
+##### `workers`
+
+Data type: `Hash[String, Hash]`
+
+All cascading worker zones with key 'endpoints' for endpoint objects.
+
+Default value: `{}`
+
+##### `global_zones`
Data type: `Array[String]`
@@ -1646,7 +1830,7 @@ List of global zones to configure.
Default value: `[]`
-##### `logging_type`
+##### `logging_type`
Data type: `Enum['file', 'syslog']`
@@ -1654,26 +1838,26 @@ Switch the log target. Only `file` is supported on Windows.
Default value: `'file'`
-##### `logging_level`
+##### `logging_level`
Data type: `Optional[Icinga::LogLevel]`
Set the log level.
-Default value: ``undef``
+Default value: `undef`
-##### `run_web`
+##### `run_web`
Data type: `Boolean`
Prepare to run Icinga Web 2 on the same machine. Manage a group `icingaweb2`
and add the Icinga user to this group.
-Default value: ``false``
+Default value: `false`
## Defined types
-### `icinga::cert`
+### `icinga::cert`
A class to generate tls key, cert and cacert files.
@@ -1681,24 +1865,24 @@ A class to generate tls key, cert and cacert files.
The following parameters are available in the `icinga::cert` defined type:
-* [`args`](#args)
-* [`owner`](#owner)
-* [`group`](#group)
+* [`args`](#-icinga--cert--args)
+* [`owner`](#-icinga--cert--owner)
+* [`group`](#-icinga--cert--group)
-##### `args`
+##### `args`
Data type: `Icinga::Certificate`
A config hash with the keys:
key_file, cert_file, cacert_file, key, cert and cacert
-##### `owner`
+##### `owner`
Data type: `String`
Owner of the files.
-##### `group`
+##### `group`
Data type: `String`
@@ -1706,7 +1890,7 @@ Group membership of all files.
## Functions
-### `icinga::cert::files`
+### `icinga::cert::files`
Type: Puppet Language
@@ -1766,7 +1950,7 @@ Data type: `Optional[String]`
-### `icinga::db::connect`
+### `icinga::db::connect`
Type: Puppet Language
@@ -1788,14 +1972,18 @@ Returns: `String` Connection string to connect database.
##### `db`
-Data type: `Struct[{
+Data type:
+
+```puppet
+Struct[{
type => Enum['pgsql','mysql','mariadb'],
host => Stdlib::Host,
port => Optional[Stdlib::Port],
database => String,
username => String,
password => Optional[Variant[String, Sensitive[String]]],
- }]`
+ }]
+```
@@ -1811,7 +1999,7 @@ Data type: `Optional[Boolean]`
-### `icinga::newline`
+### `icinga::newline`
Type: Puppet Language
@@ -1829,7 +2017,7 @@ Data type: `Optional[String]`
-### `icinga::prepare_web`
+### `icinga::prepare_web`
Type: Puppet Language
@@ -1847,7 +2035,7 @@ Data type: `String`
-### `icinga::unwrap`
+### `icinga::unwrap`
Type: Puppet Language
@@ -1867,7 +2055,7 @@ Data type: `Optional[Variant[String, Sensitive[String]]]`
## Data types
-### `Icinga::Certificate`
+### `Icinga::Certificate`
A strict type for a certificate
@@ -1885,23 +2073,15 @@ Struct[{
}]
```
-### `Icinga::LogLevel`
+### `Icinga::LogLevel`
A strict type for log levels
-Alias of
-
-```puppet
-Enum['debug', 'information', 'notice', 'warning', 'critical']
-```
+Alias of `Enum['debug', 'information', 'notice', 'warning', 'critical']`
-### `Icinga::Secret`
+### `Icinga::Secret`
A strict type for the secrets like passwords or keys
-Alias of
-
-```puppet
-Variant[String, Sensitive[String]]
-```
+Alias of `Variant[String, Sensitive[String]]`
diff --git a/Rakefile b/Rakefile
index 0f8754e..74415a9 100644
--- a/Rakefile
+++ b/Rakefile
@@ -1,12 +1,11 @@
# frozen_string_literal: true
require 'bundler'
-require 'puppet_litmus/rake_tasks' if Bundler.rubygems.find_name('puppet_litmus').any?
+require 'puppet_litmus/rake_tasks' if Gem.loaded_specs.key? 'puppet_litmus'
require 'puppetlabs_spec_helper/rake_tasks'
require 'puppet-syntax/tasks/puppet-syntax'
-require 'puppet_blacksmith/rake_tasks' if Bundler.rubygems.find_name('puppet-blacksmith').any?
-require 'github_changelog_generator/task' if Bundler.rubygems.find_name('github_changelog_generator').any?
-require 'puppet-strings/tasks' if Bundler.rubygems.find_name('puppet-strings').any?
+require 'github_changelog_generator/task' if Gem.loaded_specs.key? 'github_changelog_generator'
+require 'puppet-strings/tasks' if Gem.loaded_specs.key? 'puppet-strings'
def changelog_user
return unless Rake.application.top_level_tasks.include? "changelog"
@@ -44,7 +43,7 @@ end
PuppetLint.configuration.send('disable_relative')
-if Bundler.rubygems.find_name('github_changelog_generator').any?
+if Gem.loaded_specs.key? 'github_changelog_generator'
GitHubChangelogGenerator::RakeTask.new :changelog do |config|
raise "Set CHANGELOG_GITHUB_TOKEN environment variable eg 'export CHANGELOG_GITHUB_TOKEN=valid_token_here'" if Rake.application.top_level_tasks.include? "changelog" and ENV['CHANGELOG_GITHUB_TOKEN'].nil?
config.user = "#{changelog_user}"
diff --git a/examples/mysql/data/common.yaml b/examples/mysql/data/common.yaml
new file mode 100644
index 0000000..5692863
--- /dev/null
+++ b/examples/mysql/data/common.yaml
@@ -0,0 +1,2 @@
+---
+icinga::ticket_salt: supersecret
diff --git a/examples/mysql/data/server1.icinga.com.yaml b/examples/mysql/data/server1.icinga.com.yaml
new file mode 100644
index 0000000..0f39a0f
--- /dev/null
+++ b/examples/mysql/data/server1.icinga.com.yaml
@@ -0,0 +1,50 @@
+---
+icingadb::db_use_tls: true
+icingadb::db_tls_insecure: true
+icingadb::db_tls_cert: |
+ -----BEGIN CERTIFICATE-----
+ MIIC9TCCAd2gAwIBAgIIGo/Sz6h1KTIwDQYJKoZIhvcNAQELBQAwADAeFw0yMjEx
+ MDQwODI3MDBaFw0zMDExMDQwODI3MDBaMFwxCzAJBgNVBAYTAkRFMRAwDgYDVQQI
+ EwdCYXZhcmlhMRIwEAYDVQQHEwlOdXJlbWJlcmcxFDASBgNVBAoTC0ljaW5nYSBH
+ bWJIMREwDwYDVQQDEwhpY2luZ2FkYjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
+ AQoCggEBAKzGSMdB/EHOzFpUVoaUf1tEA4YHcNDF/U3EzZRJyHlummoDYGK0f5yO
+ rIQhsl/XQRhW1PsCr2DL7U91SwHmkjjKDz3n51DuLhZoQX7gDYSJTOj8uyaIGoNu
+ yCbLMvxznxVFscsoiKTJN79pyOH+OkMh/wAlADjeqs/VzuLZHngNmezYQlt0U32L
+ 9LYQV6P1y2i1H/V8YXvCX2GTjw9b/ER5OxmtI0Z1UEIJ8ENTl+9lJRb72d+xZp8q
+ 4ZVjoUTO///3YUAkWnVA3BN+ZEL7ikbJBoyxYbDlGi5Dw/g+wVsvVWnyHdoWlJVX
+ w9n3wRXkYREdQHvO+OfVMoRpZW333YUCAwEAAaMXMBUwEwYDVR0lBAwwCgYIKwYB
+ BQUHAwIwDQYJKoZIhvcNAQELBQADggEBADtAKxj0d7Imv365abCQ3BBt2H3zpMfs
+ +V54uB08ACKX1Qb/KHJspp2uTBIoPbaPickvVZDiaaekKpEJ5HArTQodNkyCj+SA
+ XcRqfJGceBhwydBQBEgsYudeA3qRvM90Hy+jZsVNrOWylu/g3vjy6dnmcewDjczv
+ YdbGBZ6eevQcReCyK4ea0IC7iEheQ2az3S3ctgTZJD27Gc8THaC3Z/z1FhLTRjsf
+ VnszSSNjRWVcTuWDlaNwOGpEtiG+zLpqhIh1X2QFja3HCIFBjudpUtTd3/fgapWg
+ me68EXkRhPW0l6BC3rwlOMrN0VZYeM8ZAe8o5kB/Jolm68AdxJmtsyg=
+ -----END CERTIFICATE-----
+icingadb::db_tls_key: |
+ -----BEGIN RSA PRIVATE KEY-----
+ MIIEpAIBAAKCAQEArMZIx0H8Qc7MWlRWhpR/W0QDhgdw0MX9TcTNlEnIeW6aagNg
+ YrR/nI6shCGyX9dBGFbU+wKvYMvtT3VLAeaSOMoPPefnUO4uFmhBfuANhIlM6Py7
+ Jogag27IJssy/HOfFUWxyyiIpMk3v2nI4f46QyH/ACUAON6qz9XO4tkeeA2Z7NhC
+ W3RTfYv0thBXo/XLaLUf9Xxhe8JfYZOPD1v8RHk7Ga0jRnVQQgnwQ1OX72UlFvvZ
+ 37FmnyrhlWOhRM7///dhQCRadUDcE35kQvuKRskGjLFhsOUaLkPD+D7BWy9VafId
+ 2haUlVfD2ffBFeRhER1Ae87459UyhGllbffdhQIDAQABAoIBAQCofDzgw4JiEm7J
+ 79DpMMr5j1v4Si1ECq+4NSFdaI5tjORcWaqW1vpTC/dEay/tspYyTAsqNTYdqQBl
+ KjbZRaZ2ZuVyM0Iqc/rRsx2bwpasFtC/rCY9ryBb556b5jB0a7RJJEv7mC2YtPj+
+ WwShDjB24yIvW+XZj5r3TsOQCLdjzhWBDpYM3t3bO/ip8r1/Jp0aR6gQNGMfLODj
+ Xnc270bbOYcNwORPj1sXTYoJlbuYcZunRVzR+ibQmorv01ZS2nZ7zzrZ1bgMspLn
+ A4G44DdfQRWlS5JlmY5/VoFMQC2vDsDRFznHavJYfwf4ljuT4dqq0zWlSIsuDGmV
+ WIb+dFHJAoGBANVdqvIlMq+H3LymNFaqW3XewFCmdHNNCtPjKJotWEWM5arbw1Jc
+ 5K4ijx4W7SCjDjaBd6Fei6yzHrmRhpq42vs9k+5+Hp9kml6IpgFSkuDJQkxbltH2
+ tXpT4PK97JoF1gz7vH1WkTJv3YvHTgkeirKKjvPQbqubu+Fj8Gv5DlH7AoGBAM9M
+ PhWgssvzmB1qs5bVjT4iaFrbhdJ3G1U9k8N84Nl75iJrFMGVwq1T/bg+ljVbVPPq
+ gQIBqQL/b/RZVaBm/G7eEYvkmtAVvjaeyqsSLTOTG1c4F7wUusOB9CGPz6ym5Mia
+ dqq/5Bn9vGwZfunsi58sXZK1wACu4y+uR49BYvZ/AoGBAMluP4eRBJPgUM0sn7a9
+ 59CUdbzuGHwN3M4C438ClhY7GUu/Y1urZRzcdX6zqDQqm61rdrQ6nORyyevo7km9
+ gMa18KW0HVbfVDkxCn+vJAjhGB0cTnt0TQnqjDC+itMx9U2WjvFJO5SBNYfTpeFI
+ GyrJUoHtYb3TLYFwpzZYD2PnAoGAbTBjo1C53OO6RARoBBMICqpk/TaUDn/eTc/Z
+ fSbR6LxyQ77TeARCPrn28o1E4WXyIWhr+3qUY5fYiIRlrc+RN3SRGXaYdPJ+9pY9
+ ek5gsMHTrOVG2zKwDTruNJ9jbDWcXG3AA8B/jZExJl9nkh+ei4D66MQDFlkIIZ1S
+ 5Ao07lECgYBYHli46N16zNGVzryL5M9mRue54qAnt8JOCHJF/Wf7DDqGhzMF8Fmv
+ 6C2zo2N/Jex1Sd8UitTOsATs9olEhAx+9lVMd/qUFzdCOlKpnFOgIu76HGAVSBNR
+ qU2COgF5D3GyaLweHUz6yS6Fto1I78JQXyVxEquqZ2RbeHZ7Da6Okw==
+ -----END RSA PRIVATE KEY-----
diff --git a/examples/mysql/data/server2.icinga.com.yaml b/examples/mysql/data/server2.icinga.com.yaml
new file mode 100644
index 0000000..0f39a0f
--- /dev/null
+++ b/examples/mysql/data/server2.icinga.com.yaml
@@ -0,0 +1,50 @@
+---
+icingadb::db_use_tls: true
+icingadb::db_tls_insecure: true
+icingadb::db_tls_cert: |
+ -----BEGIN CERTIFICATE-----
+ MIIC9TCCAd2gAwIBAgIIGo/Sz6h1KTIwDQYJKoZIhvcNAQELBQAwADAeFw0yMjEx
+ MDQwODI3MDBaFw0zMDExMDQwODI3MDBaMFwxCzAJBgNVBAYTAkRFMRAwDgYDVQQI
+ EwdCYXZhcmlhMRIwEAYDVQQHEwlOdXJlbWJlcmcxFDASBgNVBAoTC0ljaW5nYSBH
+ bWJIMREwDwYDVQQDEwhpY2luZ2FkYjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
+ AQoCggEBAKzGSMdB/EHOzFpUVoaUf1tEA4YHcNDF/U3EzZRJyHlummoDYGK0f5yO
+ rIQhsl/XQRhW1PsCr2DL7U91SwHmkjjKDz3n51DuLhZoQX7gDYSJTOj8uyaIGoNu
+ yCbLMvxznxVFscsoiKTJN79pyOH+OkMh/wAlADjeqs/VzuLZHngNmezYQlt0U32L
+ 9LYQV6P1y2i1H/V8YXvCX2GTjw9b/ER5OxmtI0Z1UEIJ8ENTl+9lJRb72d+xZp8q
+ 4ZVjoUTO///3YUAkWnVA3BN+ZEL7ikbJBoyxYbDlGi5Dw/g+wVsvVWnyHdoWlJVX
+ w9n3wRXkYREdQHvO+OfVMoRpZW333YUCAwEAAaMXMBUwEwYDVR0lBAwwCgYIKwYB
+ BQUHAwIwDQYJKoZIhvcNAQELBQADggEBADtAKxj0d7Imv365abCQ3BBt2H3zpMfs
+ +V54uB08ACKX1Qb/KHJspp2uTBIoPbaPickvVZDiaaekKpEJ5HArTQodNkyCj+SA
+ XcRqfJGceBhwydBQBEgsYudeA3qRvM90Hy+jZsVNrOWylu/g3vjy6dnmcewDjczv
+ YdbGBZ6eevQcReCyK4ea0IC7iEheQ2az3S3ctgTZJD27Gc8THaC3Z/z1FhLTRjsf
+ VnszSSNjRWVcTuWDlaNwOGpEtiG+zLpqhIh1X2QFja3HCIFBjudpUtTd3/fgapWg
+ me68EXkRhPW0l6BC3rwlOMrN0VZYeM8ZAe8o5kB/Jolm68AdxJmtsyg=
+ -----END CERTIFICATE-----
+icingadb::db_tls_key: |
+ -----BEGIN RSA PRIVATE KEY-----
+ MIIEpAIBAAKCAQEArMZIx0H8Qc7MWlRWhpR/W0QDhgdw0MX9TcTNlEnIeW6aagNg
+ YrR/nI6shCGyX9dBGFbU+wKvYMvtT3VLAeaSOMoPPefnUO4uFmhBfuANhIlM6Py7
+ Jogag27IJssy/HOfFUWxyyiIpMk3v2nI4f46QyH/ACUAON6qz9XO4tkeeA2Z7NhC
+ W3RTfYv0thBXo/XLaLUf9Xxhe8JfYZOPD1v8RHk7Ga0jRnVQQgnwQ1OX72UlFvvZ
+ 37FmnyrhlWOhRM7///dhQCRadUDcE35kQvuKRskGjLFhsOUaLkPD+D7BWy9VafId
+ 2haUlVfD2ffBFeRhER1Ae87459UyhGllbffdhQIDAQABAoIBAQCofDzgw4JiEm7J
+ 79DpMMr5j1v4Si1ECq+4NSFdaI5tjORcWaqW1vpTC/dEay/tspYyTAsqNTYdqQBl
+ KjbZRaZ2ZuVyM0Iqc/rRsx2bwpasFtC/rCY9ryBb556b5jB0a7RJJEv7mC2YtPj+
+ WwShDjB24yIvW+XZj5r3TsOQCLdjzhWBDpYM3t3bO/ip8r1/Jp0aR6gQNGMfLODj
+ Xnc270bbOYcNwORPj1sXTYoJlbuYcZunRVzR+ibQmorv01ZS2nZ7zzrZ1bgMspLn
+ A4G44DdfQRWlS5JlmY5/VoFMQC2vDsDRFznHavJYfwf4ljuT4dqq0zWlSIsuDGmV
+ WIb+dFHJAoGBANVdqvIlMq+H3LymNFaqW3XewFCmdHNNCtPjKJotWEWM5arbw1Jc
+ 5K4ijx4W7SCjDjaBd6Fei6yzHrmRhpq42vs9k+5+Hp9kml6IpgFSkuDJQkxbltH2
+ tXpT4PK97JoF1gz7vH1WkTJv3YvHTgkeirKKjvPQbqubu+Fj8Gv5DlH7AoGBAM9M
+ PhWgssvzmB1qs5bVjT4iaFrbhdJ3G1U9k8N84Nl75iJrFMGVwq1T/bg+ljVbVPPq
+ gQIBqQL/b/RZVaBm/G7eEYvkmtAVvjaeyqsSLTOTG1c4F7wUusOB9CGPz6ym5Mia
+ dqq/5Bn9vGwZfunsi58sXZK1wACu4y+uR49BYvZ/AoGBAMluP4eRBJPgUM0sn7a9
+ 59CUdbzuGHwN3M4C438ClhY7GUu/Y1urZRzcdX6zqDQqm61rdrQ6nORyyevo7km9
+ gMa18KW0HVbfVDkxCn+vJAjhGB0cTnt0TQnqjDC+itMx9U2WjvFJO5SBNYfTpeFI
+ GyrJUoHtYb3TLYFwpzZYD2PnAoGAbTBjo1C53OO6RARoBBMICqpk/TaUDn/eTc/Z
+ fSbR6LxyQ77TeARCPrn28o1E4WXyIWhr+3qUY5fYiIRlrc+RN3SRGXaYdPJ+9pY9
+ ek5gsMHTrOVG2zKwDTruNJ9jbDWcXG3AA8B/jZExJl9nkh+ei4D66MQDFlkIIZ1S
+ 5Ao07lECgYBYHli46N16zNGVzryL5M9mRue54qAnt8JOCHJF/Wf7DDqGhzMF8Fmv
+ 6C2zo2N/Jex1Sd8UitTOsATs9olEhAx+9lVMd/qUFzdCOlKpnFOgIu76HGAVSBNR
+ qU2COgF5D3GyaLweHUz6yS6Fto1I78JQXyVxEquqZ2RbeHZ7Da6Okw==
+ -----END RSA PRIVATE KEY-----
diff --git a/examples/mysql/data/web.icinga.com.yaml b/examples/mysql/data/web.icinga.com.yaml
new file mode 100644
index 0000000..b46ae36
--- /dev/null
+++ b/examples/mysql/data/web.icinga.com.yaml
@@ -0,0 +1,122 @@
+---
+icingaweb2::use_tls: true
+icingaweb2::module::monitoring::use_tls: true
+icingaweb2::module::director::use_tls: true
+icingaweb2::module::reporting::use_tls: true
+icingaweb2::module::x509::use_tls: true
+
+icingaweb2::module::icingadb::db_use_tls: true
+icingaweb2::module::icingadb::db_tls_cert: |
+ -----BEGIN CERTIFICATE-----
+ MIIC9TCCAd2gAwIBAgIIGo/Sz6h1KTIwDQYJKoZIhvcNAQELBQAwADAeFw0yMjEx
+ MDQwODI3MDBaFw0zMDExMDQwODI3MDBaMFwxCzAJBgNVBAYTAkRFMRAwDgYDVQQI
+ EwdCYXZhcmlhMRIwEAYDVQQHEwlOdXJlbWJlcmcxFDASBgNVBAoTC0ljaW5nYSBH
+ bWJIMREwDwYDVQQDEwhpY2luZ2FkYjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
+ AQoCggEBAKzGSMdB/EHOzFpUVoaUf1tEA4YHcNDF/U3EzZRJyHlummoDYGK0f5yO
+ rIQhsl/XQRhW1PsCr2DL7U91SwHmkjjKDz3n51DuLhZoQX7gDYSJTOj8uyaIGoNu
+ yCbLMvxznxVFscsoiKTJN79pyOH+OkMh/wAlADjeqs/VzuLZHngNmezYQlt0U32L
+ 9LYQV6P1y2i1H/V8YXvCX2GTjw9b/ER5OxmtI0Z1UEIJ8ENTl+9lJRb72d+xZp8q
+ 4ZVjoUTO///3YUAkWnVA3BN+ZEL7ikbJBoyxYbDlGi5Dw/g+wVsvVWnyHdoWlJVX
+ w9n3wRXkYREdQHvO+OfVMoRpZW333YUCAwEAAaMXMBUwEwYDVR0lBAwwCgYIKwYB
+ BQUHAwIwDQYJKoZIhvcNAQELBQADggEBADtAKxj0d7Imv365abCQ3BBt2H3zpMfs
+ +V54uB08ACKX1Qb/KHJspp2uTBIoPbaPickvVZDiaaekKpEJ5HArTQodNkyCj+SA
+ XcRqfJGceBhwydBQBEgsYudeA3qRvM90Hy+jZsVNrOWylu/g3vjy6dnmcewDjczv
+ YdbGBZ6eevQcReCyK4ea0IC7iEheQ2az3S3ctgTZJD27Gc8THaC3Z/z1FhLTRjsf
+ VnszSSNjRWVcTuWDlaNwOGpEtiG+zLpqhIh1X2QFja3HCIFBjudpUtTd3/fgapWg
+ me68EXkRhPW0l6BC3rwlOMrN0VZYeM8ZAe8o5kB/Jolm68AdxJmtsyg=
+ -----END CERTIFICATE-----
+icingaweb2::module::icingadb::db_tls_key: |
+ -----BEGIN RSA PRIVATE KEY-----
+ MIIEpAIBAAKCAQEArMZIx0H8Qc7MWlRWhpR/W0QDhgdw0MX9TcTNlEnIeW6aagNg
+ YrR/nI6shCGyX9dBGFbU+wKvYMvtT3VLAeaSOMoPPefnUO4uFmhBfuANhIlM6Py7
+ Jogag27IJssy/HOfFUWxyyiIpMk3v2nI4f46QyH/ACUAON6qz9XO4tkeeA2Z7NhC
+ W3RTfYv0thBXo/XLaLUf9Xxhe8JfYZOPD1v8RHk7Ga0jRnVQQgnwQ1OX72UlFvvZ
+ 37FmnyrhlWOhRM7///dhQCRadUDcE35kQvuKRskGjLFhsOUaLkPD+D7BWy9VafId
+ 2haUlVfD2ffBFeRhER1Ae87459UyhGllbffdhQIDAQABAoIBAQCofDzgw4JiEm7J
+ 79DpMMr5j1v4Si1ECq+4NSFdaI5tjORcWaqW1vpTC/dEay/tspYyTAsqNTYdqQBl
+ KjbZRaZ2ZuVyM0Iqc/rRsx2bwpasFtC/rCY9ryBb556b5jB0a7RJJEv7mC2YtPj+
+ WwShDjB24yIvW+XZj5r3TsOQCLdjzhWBDpYM3t3bO/ip8r1/Jp0aR6gQNGMfLODj
+ Xnc270bbOYcNwORPj1sXTYoJlbuYcZunRVzR+ibQmorv01ZS2nZ7zzrZ1bgMspLn
+ A4G44DdfQRWlS5JlmY5/VoFMQC2vDsDRFznHavJYfwf4ljuT4dqq0zWlSIsuDGmV
+ WIb+dFHJAoGBANVdqvIlMq+H3LymNFaqW3XewFCmdHNNCtPjKJotWEWM5arbw1Jc
+ 5K4ijx4W7SCjDjaBd6Fei6yzHrmRhpq42vs9k+5+Hp9kml6IpgFSkuDJQkxbltH2
+ tXpT4PK97JoF1gz7vH1WkTJv3YvHTgkeirKKjvPQbqubu+Fj8Gv5DlH7AoGBAM9M
+ PhWgssvzmB1qs5bVjT4iaFrbhdJ3G1U9k8N84Nl75iJrFMGVwq1T/bg+ljVbVPPq
+ gQIBqQL/b/RZVaBm/G7eEYvkmtAVvjaeyqsSLTOTG1c4F7wUusOB9CGPz6ym5Mia
+ dqq/5Bn9vGwZfunsi58sXZK1wACu4y+uR49BYvZ/AoGBAMluP4eRBJPgUM0sn7a9
+ 59CUdbzuGHwN3M4C438ClhY7GUu/Y1urZRzcdX6zqDQqm61rdrQ6nORyyevo7km9
+ gMa18KW0HVbfVDkxCn+vJAjhGB0cTnt0TQnqjDC+itMx9U2WjvFJO5SBNYfTpeFI
+ GyrJUoHtYb3TLYFwpzZYD2PnAoGAbTBjo1C53OO6RARoBBMICqpk/TaUDn/eTc/Z
+ fSbR6LxyQ77TeARCPrn28o1E4WXyIWhr+3qUY5fYiIRlrc+RN3SRGXaYdPJ+9pY9
+ ek5gsMHTrOVG2zKwDTruNJ9jbDWcXG3AA8B/jZExJl9nkh+ei4D66MQDFlkIIZ1S
+ 5Ao07lECgYBYHli46N16zNGVzryL5M9mRue54qAnt8JOCHJF/Wf7DDqGhzMF8Fmv
+ 6C2zo2N/Jex1Sd8UitTOsATs9olEhAx+9lVMd/qUFzdCOlKpnFOgIu76HGAVSBNR
+ qU2COgF5D3GyaLweHUz6yS6Fto1I78JQXyVxEquqZ2RbeHZ7Da6Okw==
+ -----END RSA PRIVATE KEY-----
+
+icingaweb2::tls_cacert: |
+ -----BEGIN CERTIFICATE-----
+ MIICkjCCAXqgAwIBAgIINVcaz0+ZvhcwDQYJKoZIhvcNAQELBQAwADAeFw0yMjEw
+ MDkwNzU0MDBaFw0zMjEwMDkwNzU0MDBaMAAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
+ DwAwggEKAoIBAQDGbxXsiQH1ClfQu8Sg4PQ4fEnYKCSjjCefyPbZd+TqCVW8DE9x
+ L34uZijsgRolVi115orFHW+X0y+13CbtE5t+blD8IjOgw8iZ33Isu+UwkSP31NdS
+ A/C17WhVTv8qmipoHezjXz9cGyWj/QjFyoWGG6DfZT+zdC54zbcGL+XJ1ZEgCs3r
+ rnpLb4FKSp5w75US6JFsPLO0uN5vGNUwAwyeav/9bKvkzEFkwCWzT500lqgjmO3z
+ wFTk2kQf2Pjss2YtfVEef0jOTGxNXIBduAkDaPm2fdyObYYsdY2BFYDHq1TzAvyH
+ N6r5igRBhZVNbIeFUtskKJFgTcl8ShNruwB7AgMBAAGjEDAOMAwGA1UdEwQFMAMB
+ Af8wDQYJKoZIhvcNAQELBQADggEBAEiKjmVci32v/xEakVhjgxlpC6XVGLv0UhlK
+ mbDwjbziSXFeUwLZ4lVbi+04HJnb4wcEbIUT4c2ftFrLGU2bwpafb2bkg82gjkSt
+ CaoKi+/jkmZye9Jd8QrTWOQbnLGuB9ZnrAUKVSRIA8oYsreDPQfm7L2sNMDesk3T
+ 2mbjea/t7yFjLBIyWaPEGlUgpc+WeeUgcXsnoTP/gjSIFQBYpgUCswm+n757lwGR
+ KyxALP1ZqBGFXT/gBi3pLkbKoof3Jwnz5bD859j6scsLnLuKaIqb4M3Jd1IVlUda
+ yvtnXmJd1VkSKW3rRZzjh/vegarvrhhX139khH1eq8BIq++iUyU=
+ -----END CERTIFICATE-----
+icingaweb2::tls_cert: |
+ -----BEGIN CERTIFICATE-----
+ MIIDSjCCAjKgAwIBAgIISjfODHGgYcYwDQYJKoZIhvcNAQELBQAwADAeFw0yMjEw
+ MDkwODI3MDBaFw0yNzEwMDkwODI3MDBaMFkxCzAJBgNVBAYTAkRFMRAwDgYDVQQI
+ EwdCYXZhcmlhMRIwEAYDVQQHEwlOdXJlbWJlcmcxDzANBgNVBAoTBkljaW5nYTET
+ MBEGA1UEAxMKaWNpbmdhd2ViMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
+ ggEBAL/6mgA/+pM/oCfmRqtQ71dRFKNwkTdwrvy4FcxF8ZmhiU/m+4GqxLbcZb92
+ arOhOYrtXNRjCjTyR8pjOkWsz0Tz0l7i5qFCy3t5vNJwK942Th3CMMqeS1GJzwgm
+ OISAuUYq7sUjX+lIVMfuxT20N4QIM5zVD2HJcFxKnKabAAvjUahce0nAtfVhXRsW
+ vIlzV9eZ9a1gc8hZwmYgnnx9QyFp2BsR7+qm7IY+yGwYX/HOqLoSi808R0kGrsBS
+ OXj+WLnah9KXhxAthZYdBX3SOjyd/GPe+KDM7QooKb2QY7QRDbPvtLBWGL+gUshD
+ 8fMV+k85oaTvb3yw3w/tRwFUOe8CAwEAAaNvMG0wDAYDVR0TAQH/BAIwADAdBgNV
+ HQ4EFgQUxBkdrPRo7JZlBqC1t8PbgJ9Wd6swCwYDVR0PBAQDAgSwMBEGCWCGSAGG
+ +EIBAQQEAwIFoDAeBglghkgBhvhCAQ0EERYPeGNhIGNlcnRpZmljYXRlMA0GCSqG
+ SIb3DQEBCwUAA4IBAQCEbqZPIae3lklGuDxJL9vX6C0+VZRr62ndhlDTXHKFZT1O
+ ED2Q+w4vMOEf07VuRaAPXpexkmNt+llq+yLEw4WGa4S5Q5NGVC+GojyRY91dToNz
+ zI140sVeqfi7IYuxkz2LM4ABEb1qcbQE5pgnIuPGMQAMLtFMcnbe8TnuHWMMAt8z
+ +182RyFeOPvg+Zy+uIawDlIHZWerc/79dZ0lrzoJ7d1MaQwTwZQwdQ0fzMndaoqJ
+ /YSlvmwMHL7z7+QGAAOSNaOfQyEMpoPrc6gHhqliGpUrZvzqkomEE7PrK1jj33H9
+ V5YMCF7QVPAN/6I5XyOwTWPMBdUSPPed+mdZfJAl
+ -----END CERTIFICATE-----
+icingaweb2::tls_key: |
+ -----BEGIN RSA PRIVATE KEY-----
+ MIIEpAIBAAKCAQEAv/qaAD/6kz+gJ+ZGq1DvV1EUo3CRN3Cu/LgVzEXxmaGJT+b7
+ garEttxlv3Zqs6E5iu1c1GMKNPJHymM6RazPRPPSXuLmoULLe3m80nAr3jZOHcIw
+ yp5LUYnPCCY4hIC5RiruxSNf6UhUx+7FPbQ3hAgznNUPYclwXEqcppsAC+NRqFx7
+ ScC19WFdGxa8iXNX15n1rWBzyFnCZiCefH1DIWnYGxHv6qbshj7IbBhf8c6ouhKL
+ zTxHSQauwFI5eP5YudqH0peHEC2Flh0FfdI6PJ38Y974oMztCigpvZBjtBENs++0
+ sFYYv6BSyEPx8xX6TzmhpO9vfLDfD+1HAVQ57wIDAQABAoIBAAvU3v7a8o92oWE0
+ IPDX+RgxiAsWmeyHxlEO61D+kog8W2EQRDnWk28NoDuviZ3udsRoIot4Wx2uPNxt
+ Rx8aKl/+gt2UMFCJ9E50zz1M6nc0c5YD7Mvf+5ZX3umKqXsJD+ISLUr7BiMzcP4t
+ afyGidFaTAwDWYJWTtVxR7xA2zzgNwTcPPFPaaimmjk4WV21DViK6tnb1GzC41Ty
+ yET2u0lknTmaCwCP//1aBd6AxBcgCyKL2n9Qidk0KwcA33eimR+OZRVxkq8/y2um
+ 22QO9b5Ji2Jef+pMPcXWK1nzq4QNidSLsxfRE7IYPFCrPjm8myBoFtm2zT1gmxbH
+ wq/COpkCgYEA/xBybJlK7fY1N8uKDAr30S5Mg/AEbtdHknv97WG6IFUZ2EcnHN7s
+ UsyOe7w3Ct1XHs8UkrZCTcciQcaZb8Bi/Gtzkz/auqa6hoaiBbr4XT2gOPAa5ngK
+ WozgaNDA7+6WqfHp0pa+76v7pZ4I3VPwAO5gfW5RCPhUKx570B6+NZMCgYEAwK7n
+ 2fvs8QA7vuWJ3QxOE+b03+luIOtIkCONadDb1suO5gSDqd9cga5n5z4Rt/Z6kIkh
+ hw4Jjmh5nMEw/mw6NhO9r06PaKjteKmLaY0UscD8Q1zUNx+vvkgLBY9iR1uwpvAB
+ N0CvuF9jnti/32HOIqOjoXf817S7fiuzal2t47UCgYEA7htwdij0Zgi9zYRZLrze
+ c4yBKXna6Y5W5kyR1BSzKJPJOLnTrYP9oZ4MNT6TM7VFKyGt1vgGFY2cUUMQ4d37
+ iiDVF9U4X55d6k+s2SSdzo1FEWIz+op9P+Lba33VXyafx65p1YmcXSl0FjvdkqBV
+ IMlnkjB1vaX1DPu8IaFRd7kCgYBBuCZqSivxs2OtY7sXAwhqb17cNFEUt0tjpkyo
+ Z81jwMA3ohiKSx3ROXxE+f2vIkmBnNQrrVUDFo1MMvSUArQEF82dyozNZLjCbAmZ
+ 8b26NxmTnEjhmFQn8YiY1+PsdNCWz8uKXezRVO+0kTc4aLKXS/sWqsc5h3JfwWYL
+ hHI39QKBgQCiknEVd2D0zfQsRGRCg7VzgtCKR5j5tnIXMHroxAIule8RzKCykfXO
+ olHQKr3C3UcA8Jz2FQ0rMKhDMcOP1DmLz1PFQIiwgV8sIsIzycBzGqvduAbtzQKv
+ 94NFB2QUMPc9gl4hbOwe8RB6q0Isp4mFaBUdSWoHSuETjg5EYsIsOQ==
+ -----END RSA PRIVATE KEY-----
diff --git a/examples/mysql/databases.pp b/examples/mysql/databases.pp
index bc35fb8..4ea8c97 100644
--- a/examples/mysql/databases.pp
+++ b/examples/mysql/databases.pp
@@ -54,31 +54,50 @@
}
class { 'icinga::ido::database':
- ido_instances => ['192.168.5.13', '192.168.5.23'],
+ ido_instances => ['192.168.6.2', '192.168.6.11', '192.168.6.12'],
db_type => 'mysql',
db_pass => 'icinga2',
+ tls => 'password',
}
class { 'icinga::db::database':
- access_instances => ['192.168.5.13', '192.168.5.23'],
+ access_instances => ['192.168.6.2', '192.168.6.11', '192.168.6.12'],
db_type => 'mysql',
db_pass => 'icingadb',
+ tls => 'cert',
}
class { 'icinga::web::database':
- web_instances => ['192.168.5.13', '192.168.5.23'],
+ web_instances => ['192.168.6.2', '192.168.6.11', '192.168.6.12'],
db_type => 'mysql',
db_pass => 'icingaweb2',
+ tls => 'cert',
}
class { 'icinga::web::director::database':
- web_instances => ['192.168.5.13', '192.168.5.23'],
+ web_instances => ['192.168.6.2'],
db_type => 'mysql',
db_pass => 'director',
+ tls => 'password',
+}
+
+class { 'icinga::web::reporting::database':
+ web_instances => ['192.168.6.2'],
+ db_type => 'mysql',
+ db_pass => 'reporting',
+ tls => 'password',
+}
+
+class { 'icinga::web::x509::database':
+ web_instances => ['192.168.6.2'],
+ db_type => 'mysql',
+ db_pass => 'x509',
+ tls => 'password',
}
class { 'icinga::web::vspheredb::database':
- web_instances => ['192.168.5.13', '192.168.5.23'],
+ web_instances => ['192.168.6.2'],
db_type => 'mysql',
db_pass => 'vspheredb',
+ tls => 'password',
}
diff --git a/examples/mysql/icingaweb2.pp b/examples/mysql/icingaweb2.pp
deleted file mode 100644
index 781fc40..0000000
--- a/examples/mysql/icingaweb2.pp
+++ /dev/null
@@ -1,12 +0,0 @@
-class { 'icinga::repos':
- manage_epel => true,
-}
-
-class { 'icinga::web':
- db_type => 'mysql',
- db_host => 'localhost',
- db_pass => 'icingaweb2',
- default_admin_user => 'admin',
- default_admin_pass => 'admin',
- manage_database => true,
-}
diff --git a/examples/mysql/server1-icingadb.pp b/examples/mysql/server1-icingadb.pp
new file mode 100644
index 0000000..d659f6b
--- /dev/null
+++ b/examples/mysql/server1-icingadb.pp
@@ -0,0 +1,33 @@
+# Example for Icinga HA for server1.icinga.com as config server
+# and server2.icinga2.com as secondary server.
+# Notice: The example for db.icinga.com in examples/mysql/database.pp is TLS based.
+# For TLS base example use hiera data in examples/mysql/data/.
+
+host { 'db.icinga.com':
+ ip => '192.168.6.10',
+}
+
+class { 'icinga::repos':
+ manage_epel => true,
+ manage_extras => true,
+}
+
+class { 'icinga::server':
+ ca => true,
+ config_server => true,
+ colocation_endpoints => { 'server2.icinga.com' => { 'host' => '192.168.6.12', } },
+ workers => {},
+ global_zones => ['global-templates', 'linux-commands', 'windows-commands'],
+ web_api_pass => Sensitive('icingaweb2'),
+ director_api_pass => Sensitive('director'),
+ run_web => true,
+}
+
+class { 'icinga::db':
+ db_type => 'mysql',
+ db_host => 'db.icinga.com',
+ db_pass => Sensitive('icingadb'),
+ manage_database => false,
+ redis_bind => ['127.0.0.1', '192.168.6.11'],
+ redis_pass => Sensitive('redis'),
+}
diff --git a/examples/mysql/server2-icingadb.pp b/examples/mysql/server2-icingadb.pp
new file mode 100644
index 0000000..5f4b4de
--- /dev/null
+++ b/examples/mysql/server2-icingadb.pp
@@ -0,0 +1,32 @@
+# Example for Icinga HA for server2.icinga.com as config server
+# and server1.icinga2.com as secondary server.
+# Notice: The example for db.icinga.com in examples/mysql/database.pp is TLS based.
+# For TLS base example use hiera data in examples/mysql/data/.
+
+host { 'db.icinga.com':
+ ip => '192.168.6.10',
+}
+
+class { 'icinga::repos':
+ manage_epel => true,
+ manage_extras => true,
+}
+
+class { 'icinga::server':
+ ca_server => '192.168.6.11',
+ colocation_endpoints => { 'server1.icinga.com' => { 'host' => '192.168.6.11', } },
+ workers => {},
+ global_zones => ['global-templates', 'linux-commands', 'windows-commands'],
+ web_api_pass => Sensitive('icingaweb2'),
+ director_api_pass => Sensitive('director'),
+ run_web => true,
+}
+
+class { 'icinga::db':
+ db_type => 'mysql',
+ db_host => 'db.icinga.com',
+ db_pass => Sensitive('icingadb'),
+ manage_database => false,
+ redis_bind => ['127.0.0.1', '192.168.6.12'],
+ redis_pass => Sensitive('redis'),
+}
diff --git a/examples/mysql/web.pp b/examples/mysql/web.pp
new file mode 100644
index 0000000..8625358
--- /dev/null
+++ b/examples/mysql/web.pp
@@ -0,0 +1,58 @@
+# Example for a dedicated Icinga Web instance for the examples in
+# examples/mysql/server1-icingadb.pp and server2-icingadb.pp.
+# For TLS base example use hiera data in examples/mysql/data/web.icinga.com.yaml.
+
+host { 'db.icinga.com':
+ ip => '192.168.6.10',
+}
+
+host { 'server1.icinga.com':
+ ip => '192.168.6.11',
+}
+
+host { 'server2.icinga.com':
+ ip => '192.168.6.12',
+}
+
+class { 'icinga::repos':
+ manage_epel => true,
+ manage_extras => true,
+}
+
+class { 'icinga::web':
+ db_type => 'mysql',
+ db_host => 'db.icinga.com',
+ db_pass => Sensitive('icingaweb2'),
+ default_admin_user => 'admin',
+ default_admin_pass => Sensitive('admin'),
+ manage_database => false,
+ api_host => ['server1.icinga.com', 'server2.icinga.com'],
+ api_pass => Sensitive('icingaweb2'),
+}
+
+class { 'icinga::web::icingadb':
+ db_type => 'mysql',
+ db_host => 'db.icinga.com',
+ db_pass => Sensitive('icingadb'),
+ redis_primary_host => '192.168.6.11',
+ redis_primary_pass => 'redis',
+ redis_secondary_host => '192.168.6.12',
+ redis_secondary_pass => 'redis',
+}
+
+class { 'icinga::web::director':
+ db_type => 'mysql',
+ db_host => 'db.icinga.com',
+ db_pass => Sensitive('director'),
+ manage_database => false,
+ endpoint => 'server1.icinga.com',
+ api_host => '192.168.6.11',
+ api_pass => Sensitive('director'),
+}
+
+#class { 'icinga::web::reporting':
+# db_type => 'mysql',
+# db_host => 'db.icinga.com',
+# db_pass => Sensitive('reporting'),
+# manage_database => false,
+#}
diff --git a/files/examples/server1.icinga.com.crt b/files/examples/server1.icinga.com.crt
new file mode 100644
index 0000000..269be45
--- /dev/null
+++ b/files/examples/server1.icinga.com.crt
@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDiDCCAnCgAwIBAgIIKGTxg7QszA8wDQYJKoZIhvcNAQELBQAwADAeFw0yMzEy
+MTkwOTM4MDBaFw0zMjEwMDkwNzU0MDBaMGExCzAJBgNVBAYTAkRFMRAwDgYDVQQI
+EwdCYXZhcmlhMRIwEAYDVQQHEwlOdXJlbWJlcmcxDzANBgNVBAoTBkljaW5nYTEb
+MBkGA1UEAxMSc2VydmVyMS5pY2luZ2EuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEAo9le5qQpjIQ2guhEno1VYE7g5fXQFxT8sFPOhBcL3iKtMfbB
+QxTo8sWHEFdZ7ZjJJUhkS6skl6yhQweE4K3+S0b7lTq0B5UM7JuGxTNapf9xkIPA
+4jzMvVCaphihLgNhE3xbK1DbTIUvLl1budyxfslxIOFfFOb/wOgi9vt7akxIx8Iz
+LIsNRmefZChAYH450OkIIWol2s9TJBTgJNAHjuJ4cKc9DFLzP6tZsgBripXhJR/r
+3Ckkf2RI9dYUfNdmBzkrZnTJpwGUekBO03x9495o4tR8m5GDQ+m4pGdzD44bj93W
+4uVx75XzM3sN2JViF4c1HHqcfY0xpg4/U2ZjjQIDAQABo4GkMIGhMAwGA1UdEwEB
+/wQCMAAwHQYDVR0OBBYEFDTMuaEdofW7kRTDMdYPK99WZmftMAsGA1UdDwQEAwID
+6DATBgNVHSUEDDAKBggrBgEFBQcDATAdBgNVHREEFjAUghJzZXJ2ZXIxLmljaW5n
+YS5jb20wEQYJYIZIAYb4QgEBBAQDAgZAMB4GCWCGSAGG+EIBDQQRFg94Y2EgY2Vy
+dGlmaWNhdGUwDQYJKoZIhvcNAQELBQADggEBADtkEMfcus7yf29dfcd7uoy23Gbh
+NPMZqPzkdShIgyxJwuWzeNNPzK8glErT5cYbmle4LLYjZSPfjiVezlZWdLCg6f0d
+fup2yjFvq8rycnx64i49dhBsme6p3btJ0gmDIEwxGQAtU1cyPwrcuHH7sh1a73bV
+UW/kuzwLT2xaEWNp6Bj1ys7VPzZ+ZFvzEtSre780ILwhVAOEEf3OFm14thtp1crq
+6NA0PvAZxy9Fnn0RzUOJTRiZcRv712ueIbVYFXOlCXd7bOd580s+CMuhUfFBjXU6
+jcrlJLtKWe57cSAJLQu5GmBjOk0pNRPzmSDSpJLSBCU0PRm/5RnhKfi7aP4=
+-----END CERTIFICATE-----
diff --git a/files/examples/server1.icinga.com.key b/files/examples/server1.icinga.com.key
new file mode 100644
index 0000000..4ded0dd
--- /dev/null
+++ b/files/examples/server1.icinga.com.key
@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpAIBAAKCAQEAo9le5qQpjIQ2guhEno1VYE7g5fXQFxT8sFPOhBcL3iKtMfbB
+QxTo8sWHEFdZ7ZjJJUhkS6skl6yhQweE4K3+S0b7lTq0B5UM7JuGxTNapf9xkIPA
+4jzMvVCaphihLgNhE3xbK1DbTIUvLl1budyxfslxIOFfFOb/wOgi9vt7akxIx8Iz
+LIsNRmefZChAYH450OkIIWol2s9TJBTgJNAHjuJ4cKc9DFLzP6tZsgBripXhJR/r
+3Ckkf2RI9dYUfNdmBzkrZnTJpwGUekBO03x9495o4tR8m5GDQ+m4pGdzD44bj93W
+4uVx75XzM3sN2JViF4c1HHqcfY0xpg4/U2ZjjQIDAQABAoIBAC2HgoJujYkZWBhq
+OF8igN3hLUdZVfiEAW9x6kn0KX0Rf7UJj0x3q/+B+fUFgNyv/vzYL96C8QkglDMP
+DNJuJuJ+F/ywskQFG/FHilyT15WW9NSmd9ul73KPyllrMKabk8cZYDAaKMYLoD+u
++4UbGUtU6JWtaoFhayIMn2KoIPQ5SnWTP7xFp3BZ2za3wSn1M3d+ulDQdt6Brzrv
+F0NGkEUS/N1rjCsFdF2qWhlue4KS5wlpPUMEWPnNvm7kHQNsyhxQLmpuXb0H08Zd
+XdZPR65e0+qZc+eybJ8CxlRlX02cgTuXao5YpFSb1SLRK57Rwz2eY8H8jIMLAln1
+vfaAGLUCgYEA1f73W98BBIM20QNj5tTtagqaZ0ntjO5WfckqhRMGa33SF4aqnDmA
+DP5dHQXFqbTHyVIriqP2djIoBHMsUOQnlCwtx014OuZPPLGssYmj3IeSM9179i85
+Njcn9JAWHwEnlc8vOkty5Z9x7zm3jzD8Sala7/Lw1u7eXZ7ffSMR48cCgYEAxAKW
+KddBIuxcWSGCS6kUxuFr1AgEHZHyyQ9sKMuAttKzma+vUW7lEfxxM38OBvgHc/Ai
+S8OnOy7nReSmXQ3NVTT3QCFMLTPcfWYEl1jCbwox8ZwFtKRYWkzE1vhclBonuucJ
+I7cLuPS5DlrePWoMlyq3a2EPjKFmbUhdnPJ9lgsCgYEAif5ZWifqyxMmBRBPmqmR
+00C1Iof8pFWI9qIDRj7nc+d10+/mEsnNdhOMzctMFExcTMktBMEIjF15iq0OVbda
+gmUevBeLwUeErxnPx8h/HxVZRRK8/hqjpP9aR42mhiXDdgpdZRUEKWhxGxe386Fd
+/s4zsumRPrhYMjzh1xsHTT8CgYBSCFMYR8I2/3zWwLNrPuQ3J/ic0I4IYiCeDRpT
+KHhCC4Sm+WQCTMsJ8ADgcHhKaluUJhf0ZXoDxul70undX/1jf7tK16St9lp9EMkz
+Hi6hkj68w3OP2ogvoplu7pqwURH3ouGsVNtPGPyqCVWhllSWn4YMJp7/WD0p13N2
+T/ZHaQKBgQC0G21rKKGoIG4SMj/VCMq2y1nsgXiSzQ07n1fqqhZ79RFfKM7KPu+6
+x0B8jfPmYvIZ4GY5/TVef7PongDI8BxUtYGoXZwDH5jjW8Njxr75yiYMWUMLoPTV
+f+dJBmsJDJdSaIkkBC0oS121O4Hof8kD2JihPRxldc7QG2lenGgF5g==
+-----END RSA PRIVATE KEY-----
diff --git a/files/examples/server2.icinga.com.crt b/files/examples/server2.icinga.com.crt
new file mode 100644
index 0000000..4736217
--- /dev/null
+++ b/files/examples/server2.icinga.com.crt
@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDiDCCAnCgAwIBAgIIBELc8EJzxmEwDQYJKoZIhvcNAQELBQAwADAeFw0yMzEy
+MTkwOTM2MDBaFw0zMjEwMDkwNzU0MDBaMGExCzAJBgNVBAYTAkRFMRAwDgYDVQQI
+EwdCYXZhcmlhMRIwEAYDVQQHEwlOdXJlbWJlcmcxDzANBgNVBAoTBkljaW5nYTEb
+MBkGA1UEAxMSc2VydmVyMi5pY2luZ2EuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEAoaygiTyiI3UG3xv4MZEpz1H8PSz7dIu4afxJj8wQCk2uT5tD
+sPObaq+zZaiLM6eAnhr6xmMYpJ16Dn6ONmWrFGuvrFuD7dDsGq2lO4g8tdWWjRRb
+bFtthWZ627C7yqSAI62gKs5e/T5afUxJiBaAm7FmM3ky0r2rBSNcK1RnAvFB6xKs
+2YoVdK/7ql85HhNzOCyR1AV0JKERrwgRWcCJhdP3oM0uLDHXtD14HlZ/P15KsPAZ
+M64BX6U0Cq4KI+mZFIXSuydx8P8I3WFHNOCqbG1sI0hiDM9NzVhpBIiEVl+fUd7h
+/8vWNDljQtC8tS0Gd3ZPy06s65v6ESmay4pDLwIDAQABo4GkMIGhMAwGA1UdEwEB
+/wQCMAAwHQYDVR0OBBYEFP3JzUHckcRWuSJimTuELpOScoIzMAsGA1UdDwQEAwID
+6DATBgNVHSUEDDAKBggrBgEFBQcDATAdBgNVHREEFjAUghJzZXJ2ZXIyLmljaW5n
+YS5jb20wEQYJYIZIAYb4QgEBBAQDAgZAMB4GCWCGSAGG+EIBDQQRFg94Y2EgY2Vy
+dGlmaWNhdGUwDQYJKoZIhvcNAQELBQADggEBALYAqOq6V8Gkx30MCYTn/M7aD8UA
+pFaXnxyBxUXryzVfJ+QBo7xV7HzULi8C5QUjezBqigzSD1uwNpSINJLNzsf9QNu2
+h0Q0e6et8MFBrhOxCV4qZu0bkvqICkDeX2QBdeyEQ46TkS6jZ4noOnbMssNGkQDQ
+1wFgGR57pNiZ2S5PoCFcgbWWP502O/7iBIsKhA0GBHjBbsrIxF91fEoJrnVKv+GE
+wclNQwTm4SfbBx8kKhJ56qYS9tYvam/w0Qwg57w9ssUo3xJyct4JSqQdetpm54Yj
+Sn9Twqrhfk4U39yiGRQlp1LR5PrV+wOQXeN12STyvWXKczsnWc0mLE3toKo=
+-----END CERTIFICATE-----
diff --git a/files/examples/server2.icinga.com.key b/files/examples/server2.icinga.com.key
new file mode 100644
index 0000000..d99b03d
--- /dev/null
+++ b/files/examples/server2.icinga.com.key
@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpAIBAAKCAQEAoaygiTyiI3UG3xv4MZEpz1H8PSz7dIu4afxJj8wQCk2uT5tD
+sPObaq+zZaiLM6eAnhr6xmMYpJ16Dn6ONmWrFGuvrFuD7dDsGq2lO4g8tdWWjRRb
+bFtthWZ627C7yqSAI62gKs5e/T5afUxJiBaAm7FmM3ky0r2rBSNcK1RnAvFB6xKs
+2YoVdK/7ql85HhNzOCyR1AV0JKERrwgRWcCJhdP3oM0uLDHXtD14HlZ/P15KsPAZ
+M64BX6U0Cq4KI+mZFIXSuydx8P8I3WFHNOCqbG1sI0hiDM9NzVhpBIiEVl+fUd7h
+/8vWNDljQtC8tS0Gd3ZPy06s65v6ESmay4pDLwIDAQABAoIBAAPB0j0+NnpidtVq
+ffsQ54rU2erGB9XuhUuZPFBmKp1CruFUt17+WkdBbAbZwtphcyC5echwdxskObjq
+gf2LoU0pL3zu54L4TvRTwro+cUK8gvImXfWHrmTiO8qtMcAE0KGDoGw+PYDfGRU+
+V5sdAsIbfkeF8oNpOvc0mii7nmU4Ep2JtRG517gZyR88fvosat/Ur0bd+gnp6+Uh
+vNSDiHgdN1Uf9wmkVV8z0SlAGEZ4nTRhgGCJwCxwzvyqNs+KJq0LDUzebczF5OYV
+vNtRTTHkLVdhxpbMe4mQ1I8a4x5y8+cTTsE54eydcdhKHPHBaWku8GsnC5/eqynR
+Im4JJBkCgYEA0RkLlrqiqZMkN1h7sfPu1j/9MV5nfxP6GmReOCuCyWcc6TRtI5F3
+Iv2uE54UnBptbuR5dUko+CTi+gh7YSbJQC6RL9ROdboc6WLnjdQAJcql6ozcoo/m
+kIWEz2ic0RpKBGV7fXD9ptcExmqJW4uzu+7XNnzV+Y4zgDKs57YxDoUCgYEAxfBl
+yWYwTB8mXyBd3HECpq1KltPfXB9IXSUSvhN0Ntmu6bj5T8FT1Tt8rG6Qof+kxMVz
+/dZT1ZgNH17zCtuu2cpEQMA7io1VJrW0OqE6hx7xfUqXytJJVY+0/J/hPa8LoPhJ
+iRyQzqENM9VtqiKFs6hU3svJwdW19atWgHW8WyMCgYEAqkDMUNRyccSfLnlbblAC
+Xm0HydTmTHCFqkui8/VprnfI8JGBc/6TlOgdf1etzFUwWaSqyLbjJvlR3uhdHYOp
+RhskmF8z62O4+sdPZwoBfMP+SHadh7fHslElDIRPe2r+bYn7/O2tetWEy9IfOW0M
+0a7tiS4oQ+RnRrD8XEbatskCgYEAv8cYR5bLyqUPn3ETn8aaw/T4ZMQpD+97REvs
+Kd9dZNtqPicq3tw4Jkv5knOZjGvNL50DsffbyAIHDNMI9gc9FOSFVpsp1Sb0TooU
+cg3OUCZp4XPJOAigZtbSi0U4jXQw9yg4zzCvGJQv3321P/csxZGdkTOvai9umfUE
+3Xe1JDMCgYBeSWT6O1NZt2/z1Rib45yXObvvrf2TgEIozKD5OpWxPuiS3Q4VMnVR
+Ts409kfrOfhMQTweo/WN9/mhMfBZ74V6bcJiAnd4NVTtthPCfEQSsUJWAKcuyRNe
+odyxyjk8GJDrUW4RsvbU/cSSoNNNjMgMQKRT/VkGgV7BazqNAmDklw==
+-----END RSA PRIVATE KEY-----
diff --git a/functions/db/connect.pp b/functions/db/connect.pp
index 205f6eb..3aa5367 100644
--- a/functions/db/connect.pp
+++ b/functions/db/connect.pp
@@ -39,20 +39,20 @@ function icinga::db::connect(
'mariadb': {
$tls_options = join(any2array(delete_undef_values({
'--ssl' => '',
- '--ssl-ca' => $tls['cacert_file'],
+ '--ssl-ca' => if $tls['noverify'] { undef } else { $tls['cacert_file'] },
'--ssl-cert' => $tls['cert_file'],
'--ssl-key' => $tls['key_file'],
- '--ssl-capath' => $tls['capath'],
+ '--ssl-capath' => if $tls['noverify'] { undef } else { $tls['capath'] },
'--ssl-cipher' => $tls['cipher'],
})), ' ')
}
'mysql': {
$tls_options = join(any2array(delete_undef_values({
- '--ssl-mode' => 'required',
- '--ssl-ca' => $tls['cacert_file'],
+ '--ssl-mode' => if $tls['noverify'] { 'REQUIRED' } else { 'VERIFY_CA' },
+ '--ssl-ca' => if $tls['noverify'] { undef } else { $tls['cacert_file'] },
'--ssl-cert' => $tls['cert_file'],
'--ssl-key' => $tls['key_file'],
- '--ssl-capath' => $tls['capath'],
+ '--ssl-capath' => if $tls['noverify'] { undef } else { $tls['capath'] },
'--ssl-cipher' => $tls['cipher'],
})), ' ')
}
diff --git a/manifests/agent.pp b/manifests/agent.pp
index e0e9095..7d3af9d 100644
--- a/manifests/agent.pp
+++ b/manifests/agent.pp
@@ -52,5 +52,6 @@
icinga2::object::zone { $global_zones:
global => true,
+ order => 'zz',
}
}
diff --git a/manifests/database.pp b/manifests/database.pp
index 99533dd..ce11b14 100644
--- a/manifests/database.pp
+++ b/manifests/database.pp
@@ -30,7 +30,7 @@
}
}
- if versioncmp($::facts['puppetversion'], '6.0.0') < 0 or ($facts['os']['family'] == 'redhat' and Integer($facts['os']['release']['major']) < 8) {
+ if versioncmp($facts['puppetversion'], '6.0.0') < 0 or ($facts['os']['family'] == 'redhat' and Integer($facts['os']['release']['major']) < 8) {
$_pass = icinga::unwrap($db_pass)
} else {
$_pass = postgresql::postgresql_password($db_user, $db_pass, false, $postgresql::server::password_encryption)
@@ -47,6 +47,7 @@
password => $_pass,
encoding => $encoding,
locale => $collation,
+ owner => $db_user,
}
$access_instances.each |$host| {
@@ -82,7 +83,7 @@
mysql::db { $db_name:
host => $access_instances[0],
user => $db_user,
- tls_options => $_tls_options,
+ tls_options => any2array($_tls_options),
password => $db_pass,
grant => $mysql_privileges,
charset => $encoding,
diff --git a/manifests/db/database.pp b/manifests/db/database.pp
index 94f8606..d7bb5e7 100644
--- a/manifests/db/database.pp
+++ b/manifests/db/database.pp
@@ -49,8 +49,8 @@
include postgresql::server::contrib
postgresql::server::extension { "${db_name}-citext":
- extension => 'citext',
- database => $db_name,
+ extension => 'citext',
+ database => $db_name,
}
}
}
diff --git a/manifests/ido/database.pp b/manifests/ido/database.pp
index bbbdf34..a9e2ee7 100644
--- a/manifests/ido/database.pp
+++ b/manifests/ido/database.pp
@@ -36,8 +36,7 @@
db_user => $db_user,
db_pass => $db_pass,
access_instances => $ido_instances,
- mysql_privileges => ['SELECT', 'INSERT', 'UPDATE', 'DELETE', 'DROP', 'CREATE VIEW', 'CREATE', 'ALTER', 'INDEX', 'EXECUTE'],
-# mysql_privileges => ['SELECT', 'INSERT', 'UPDATE', 'DELETE', 'DROP', 'CREATE VIEW', 'CREATE', 'ALTER', 'INDEX', 'CREATE ROUTINE', 'ALTER ROUTINE', 'EXECUTE'],
+ mysql_privileges => ['SELECT', 'INSERT', 'UPDATE', 'DELETE', 'DROP', 'CREATE VIEW', 'CREATE', 'ALTER', 'INDEX', 'CREATE ROUTINE', 'ALTER ROUTINE', 'EXECUTE'],
tls => $tls,
}
}
diff --git a/manifests/init.pp b/manifests/init.pp
index f266178..bc612bc 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -41,6 +41,11 @@
# Prepare to run Icinga Web 2 on the same machine. Manage a group `icingaweb2`
# and add the Icinga user to this group.
#
+# @param confd
+# `conf.d` is the directory where Icinga 2 stores its object configuration by default. To enable it,
+# set this parameter to `true`. It's also possible to assign your own directory. This directory must be
+# managed outside of this module as file resource with tag icinga2::config::file.
+#
class icinga (
Boolean $ca,
String $this_zone,
@@ -55,6 +60,7 @@
Optional[Icinga::LogLevel] $logging_level = undef,
String $cert_name = $facts['networking']['fqdn'],
Boolean $prepare_web = false,
+ Variant[Boolean, String] $confd = false,
) {
assert_private()
@@ -78,7 +84,7 @@
}
class { 'icinga2':
- confd => false,
+ confd => $confd,
manage_packages => $manage_packages,
constants => lookup('icinga2::constants', undef, undef, {}) + $_constants,
features => [],
@@ -171,7 +177,7 @@
Package['icinga2'] -> Exec['restarting icinga2'] -> Class['icinga2']
exec { 'restarting icinga2':
- path => $::facts['path'],
+ path => $facts['path'],
command => "service ${icinga_service} restart",
onlyif => "service ${icinga_service} status",
refreshonly => true,
diff --git a/manifests/repos/apt.pp b/manifests/repos/apt.pp
index cf07d6b..0092d5e 100644
--- a/manifests/repos/apt.pp
+++ b/manifests/repos/apt.pp
@@ -27,7 +27,7 @@
if $managed[$repo_name] {
Apt::Source[$repo_name] -> Package <| title != 'apt-transport-https' |>
apt::source { $repo_name:
- * => merge({ ensure => present }, $repo_config),
+ * => { ensure => present } + $repo_config,
require => File['/etc/apt/sources.list.d/netways-plugins.list', '/etc/apt/sources.list.d/netways-extras.list'],
}
}
diff --git a/manifests/server.pp b/manifests/server.pp
index d79e6f4..dd85a7e 100644
--- a/manifests/server.pp
+++ b/manifests/server.pp
@@ -15,8 +15,7 @@
# Icinga supports two endpoints per zone only.
#
# @param workers
-# All worker zones with key 'endpoints' for
-# endpoint objects.
+# All worker zones with key 'endpoints' for endpoint objects.
#
# @param global_zones
# List of global zones to configure.
@@ -77,14 +76,14 @@
$_config_server = $config_server
}
- # inject parent zone
- $_workers = parseyaml(inline_template('<%= @workers.inject({}) {|h, (x,y)| h[x] = y.merge({"parent" => @zone}); h}.to_yaml %>'))
+ # inject parent zone if no parent exists
+ $_workers = $workers.reduce({}) |$memo, $worker| { $memo + { $worker[0] => { parent => $zone } + $worker[1] } }
class { 'icinga':
ca => $_ca,
ca_server => $ca_server,
this_zone => $zone,
- zones => merge({ 'ZoneName' => { 'endpoints' => { 'NodeName' => {} } + $colocation_endpoints } }, $_workers),
+ zones => { 'ZoneName' => { 'endpoints' => { 'NodeName' => {} } + $colocation_endpoints } } + $_workers,
logging_type => $logging_type,
logging_level => $logging_level,
ticket_salt => $ticket_salt,
@@ -96,6 +95,7 @@
icinga2::object::zone { $global_zones:
global => true,
+ order => 'zz',
}
if $_config_server {
diff --git a/manifests/web.pp b/manifests/web.pp
index 7df7ee8..63fe070 100644
--- a/manifests/web.pp
+++ b/manifests/web.pp
@@ -64,6 +64,9 @@
-> Class['apache']
-> Class['icingaweb2']
+ # version if the used icingaweb2 puppet module
+ $icingaweb2_version = load_module_metadata('icingaweb2')['version']
+
#
# Platform
#
@@ -184,18 +187,34 @@
#
# Icinga Web 2
#
- class { 'icingaweb2':
- db_type => $db_type,
- db_host => $_db_host,
- db_port => $db_port,
- db_name => $db_name,
- db_username => $db_user,
- db_password => $db_pass,
- default_admin_username => $default_admin_user,
- default_admin_password => $default_admin_pass,
- import_schema => lookup('icingaweb2::import_schema', undef, undef, true),
- config_backend => 'db',
- conf_user => $web_conf_user,
- manage_package => $manage_package,
+ if versioncmp($icingaweb2_version, '4.0.0') < 0 {
+ class { 'icingaweb2':
+ db_type => $db_type,
+ db_host => $_db_host,
+ db_port => $db_port,
+ db_name => $db_name,
+ db_username => $db_user,
+ db_password => $db_pass,
+ default_admin_username => $default_admin_user,
+ default_admin_password => $default_admin_pass,
+ import_schema => lookup('icingaweb2::import_schema', undef, undef, true),
+ config_backend => 'db',
+ conf_user => $web_conf_user,
+ manage_package => $manage_package,
+ }
+ } else {
+ class { 'icingaweb2':
+ db_type => $db_type,
+ db_host => $_db_host,
+ db_port => $db_port,
+ db_name => $db_name,
+ db_username => $db_user,
+ db_password => $db_pass,
+ default_admin_username => $default_admin_user,
+ default_admin_password => $default_admin_pass,
+ import_schema => lookup('icingaweb2::import_schema', undef, undef, true),
+ conf_user => $web_conf_user,
+ manage_package => $manage_package,
+ }
}
}
diff --git a/manifests/web/director.pp b/manifests/web/director.pp
index 654607e..1740696 100644
--- a/manifests/web/director.pp
+++ b/manifests/web/director.pp
@@ -57,6 +57,8 @@
) {
icinga::prepare_web('Director')
+ $icingaweb2_version = $icinga::web::icingaweb2_version
+
#
# Database
#
@@ -110,8 +112,10 @@
onlyif => 'systemctl status icinga-director',
}
- class { 'icingaweb2::module::director::service':
- ensure => $service_ensure,
- enable => $service_enable,
+ if versioncmp($icingaweb2_version, '4.0.0') < 0 {
+ class { 'icingaweb2::module::director::service':
+ ensure => $service_ensure,
+ enable => $service_enable,
+ }
}
}
diff --git a/manifests/web/reporting.pp b/manifests/web/reporting.pp
index 442b2c1..72aa227 100644
--- a/manifests/web/reporting.pp
+++ b/manifests/web/reporting.pp
@@ -49,7 +49,8 @@
icinga::prepare_web('Reporting')
- $_db_charset = $db_type ? {
+ $icingaweb2_version = $icinga::web::icingaweb2_version
+ $_db_charset = $db_type ? {
'mysql' => 'utf8mb4',
default => 'UTF8',
}
@@ -89,10 +90,12 @@
mail => $mail,
}
- service { 'icinga-reporting':
- ensure => $service_ensure,
- enable => $service_enable,
- require => Class['icingaweb2::module::reporting'],
+ if versioncmp($icingaweb2_version, '4.0.0') < 0 {
+ service { 'icinga-reporting':
+ ensure => $service_ensure,
+ enable => $service_enable,
+ require => Class['icingaweb2::module::reporting'],
+ }
}
if defined(Class['icinga::web::monitoring']) {
diff --git a/manifests/web/vspheredb.pp b/manifests/web/vspheredb.pp
index 604c5c6..9e0a9b4 100644
--- a/manifests/web/vspheredb.pp
+++ b/manifests/web/vspheredb.pp
@@ -41,7 +41,8 @@
) {
icinga::prepare_web('VSphereDB')
- $_db_charset = $db_type ? {
+ $icingaweb2_version = $icinga::web::icingaweb2_version
+ $_db_charset = $db_type ? {
'mysql' => 'utf8mb4',
default => 'UTF8',
}
@@ -80,9 +81,11 @@
import_schema => lookup('icingaweb2::module::vspheredb::import_schema', undef, undef, true),
}
- service { 'icinga-vspheredb':
- ensure => $service_ensure,
- enable => $service_enable,
- require => Class['icingaweb2::module::vspheredb'],
+ if versioncmp($icingaweb2_version, '4.0.0') < 0 {
+ service { 'icinga-vspheredb':
+ ensure => $service_ensure,
+ enable => $service_enable,
+ require => Class['icingaweb2::module::vspheredb'],
+ }
}
}
diff --git a/manifests/web/x509.pp b/manifests/web/x509.pp
index 6bbd880..f16cea6 100644
--- a/manifests/web/x509.pp
+++ b/manifests/web/x509.pp
@@ -43,7 +43,8 @@
fail('Class icinga::web::icingadb or icinga::web::monitoring has to be declared before!')
}
- $_db_charset = $db_type ? {
+ $icingaweb2_version = $icinga::web::icingaweb2_version
+ $_db_charset = $db_type ? {
'mysql' => 'utf8mb4',
default => 'UTF8',
}
@@ -82,9 +83,11 @@
import_schema => lookup('icingaweb2::module::x509::import_schema', undef, undef, true),
}
- service { 'icinga-x509':
- ensure => $service_ensure,
- enable => $service_enable,
- require => Class['icingaweb2::module::x509'],
+ if versioncmp($icingaweb2_version, '4.0.0') < 0 {
+ service { 'icinga-x509':
+ ensure => $service_ensure,
+ enable => $service_enable,
+ require => Class['icingaweb2::module::x509'],
+ }
}
}
diff --git a/manifests/worker.pp b/manifests/worker.pp
index 0c6ea6d..94d5d6c 100644
--- a/manifests/worker.pp
+++ b/manifests/worker.pp
@@ -17,6 +17,9 @@
# When the zone includes more than one endpoint, set here the additional endpoint(s).
# Icinga supports two endpoints per zone only.
#
+# @param workers
+# All cascading worker zones with key 'endpoints' for endpoint objects.
+#
# @param global_zones
# List of global zones to configure.
#
@@ -36,11 +39,15 @@
Hash[String, Hash] $parent_endpoints,
String $parent_zone = 'main',
Hash[String, Hash] $colocation_endpoints = {},
+ Hash[String, Hash] $workers = {},
Array[String] $global_zones = [],
Enum['file', 'syslog'] $logging_type = 'file',
Optional[Icinga::LogLevel] $logging_level = undef,
Boolean $run_web = false,
) {
+ # inject parent zone if no parent exists
+ $_workers = $workers.reduce({}) |$memo, $worker| { $memo + { $worker[0] => { parent => $zone } + $worker[1] } }
+
class { 'icinga':
ca => false,
ssh_private_key => undef,
@@ -49,7 +56,7 @@
zones => {
'ZoneName' => { 'endpoints' => { 'NodeName' => {} } + $colocation_endpoints, 'parent' => $parent_zone, },
$parent_zone => { 'endpoints' => $parent_endpoints, },
- },
+ } + $_workers,
logging_type => $logging_type,
logging_level => $logging_level,
prepare_web => $run_web,
@@ -59,5 +66,6 @@
icinga2::object::zone { $global_zones:
global => true,
+ order => 'zz',
}
}
diff --git a/metadata.json b/metadata.json
index b6d5a32..8d02109 100644
--- a/metadata.json
+++ b/metadata.json
@@ -1,6 +1,6 @@
{
"name": "icinga-icinga",
- "version": "3.2.1",
+ "version": "4.1.1",
"author": "Icinga",
"summary": "Puppet Module to manage the Icinga Software Stack",
"license": "Apache-2.0",
@@ -10,19 +10,15 @@
"dependencies": [
{
"name": "puppetlabs/stdlib",
- "version_requirement": ">= 5.1.0 < 9.0.0"
- },
- {
- "name": "puppet/redis",
- "version_requirement": ">= 7.0.0 < 9.0.0"
+ "version_requirement": ">= 6.6.0 < 10.0.0"
},
{
"name": "puppetlabs/apt",
- "version_requirement": ">= 6.0.0 < 9.0.0"
+ "version_requirement": ">= 7.7.0 < 10.0.0"
},
{
"name": "puppet/zypprepo",
- "version_requirement": ">= 2.2.1 < 5.0.0"
+ "version_requirement": ">= 4.0.0 < 6.0.0"
}
],
"operatingsystem_support": [
@@ -95,13 +91,13 @@
"requirements": [
{
"name": "puppet",
- "version_requirement": ">= 6.0.0 < 8.0.0"
+ "version_requirement": ">= 7.0.0 < 9.0.0"
}
],
"tags": [
"monitoring"
],
- "pdk-version": "2.5.0",
- "template-url": "https://github.com/puppetlabs/pdk-templates#1.18.1",
- "template-ref": "tags/1.18.1-0-g3d2e75c"
+ "pdk-version": "3.0.0",
+ "template-url": "https://github.com/puppetlabs/pdk-templates#3.0.0",
+ "template-ref": "tags/3.0.0-0-g5bfc1c0"
}
diff --git a/spec/classes/server_spec.rb b/spec/classes/server_spec.rb
index fc75129..d8c6e77 100644
--- a/spec/classes/server_spec.rb
+++ b/spec/classes/server_spec.rb
@@ -3,11 +3,11 @@
require 'spec_helper'
describe 'icinga::server' do
- on_supported_os.each do |os, os_facts|
+ on_supported_os.each do |os, facts|
context "on #{os}" do
- let(:facts) { os_facts }
+ let(:facts) { facts }
- case os_facts[:osfamily]
+ case facts[:os]['family']
when 'Debian'
let(:icinga2_config_dir) { '/etc/icinga2' }
let(:icinga2_user) { 'nagios' }
@@ -18,15 +18,15 @@
let(:icinga2_group) { 'icinga' }
end
- context 'with defaults' do
+ context "#{os} with defaults" do
it { is_expected.to compile.and_raise_error(%r{expects a String value if a CA is configured}) }
end
- context 'with ticket_salt => supersecret, global_zones => [foo], web_api_user => bar, web_api_pass => topsecret' do
+ context "#{os} with ticket_salt 'supersecret', global_zones ['foo','bar'], web_api_user 'bar', web_api_pass 'topsecret'" do
let(:params) do
{
ticket_salt: 'supersecret',
- global_zones: ['foo'],
+ global_zones: ['foo', 'bar'],
web_api_user: 'bar',
web_api_pass: 'topsecret'
}
@@ -65,7 +65,8 @@
)
}
- it { is_expected.to contain_icinga2__object__zone('foo').with('global' => true) }
+ it { is_expected.to contain_icinga2__object__zone('foo').with('global' => true, 'order' => 'zz') }
+ it { is_expected.to contain_icinga2__object__zone('bar').with('global' => true, 'order' => 'zz') }
it {
is_expected.to contain_file("#{icinga2_config_dir}/zones.d/foo").with(
@@ -81,7 +82,7 @@
it { is_expected.to contain_icinga2__object__apiuser('bar').with({ 'password' => 'topsecret' }) }
end
- context 'with ca_server => foo, ticket_salt => supersecret, colocation_endpoints => {bar => {host => 127.0.0.1}}' do
+ context "#{os} with ca_server 'foo', ticket_salt 'supersecret' and a colocation_endpoints" do
let(:params) do
{
ca_server: 'foo',
@@ -113,12 +114,15 @@
}
end
- context 'with ticket_salt => supersecret, zone => foo, workers => {bar => {endpoints => {foobar => {host => 127.0.0.1}}}}, logging_type => syslog, logging_level => warning' do
+ context "#{os} with ticket_salt 'supersecret', zone 'foo' and two workers, logging_type 'syslog', logging_level 'warning'" do
let(:params) do
{
ticket_salt: 'supersecret',
zone: 'foo',
- workers: { 'bar' => { 'endpoints' => { 'foobar' => { 'host' => '127.0.0.1' } } } },
+ workers: {
+ 'bar' => { 'endpoints' => { 'foobar' => { 'host' => '127.0.0.1' } } },
+ 'out' => { 'endpoints' => { 'outbar' => {} }, 'parent' => 'bar' },
+ },
logging_type: 'syslog',
logging_level: 'warning',
}
@@ -136,9 +140,13 @@
'endpoints' => { 'NodeName' => {} },
},
'bar' => {
+ 'parent' => 'foo',
'endpoints' => { 'foobar' => { 'host' => '127.0.0.1' } },
- 'parent' => 'foo',
},
+ 'out' => {
+ 'parent' => 'bar',
+ 'endpoints' => { 'outbar' => {} },
+ }
},
'logging_type' => 'syslog',
'logging_level' => 'warning',
diff --git a/spec/classes/worker_spec.rb b/spec/classes/worker_spec.rb
index 55f35fe..cb624bf 100644
--- a/spec/classes/worker_spec.rb
+++ b/spec/classes/worker_spec.rb
@@ -7,7 +7,7 @@
context "on #{os}" do
let(:facts) { facts }
- context 'with ca_server => foo, zone => bar, parent_endpoints => { foobar => { host => 127.0.0.1}}, global_zones => [foobaz]' do
+ context "#{os} with ca_server 'foo', zone 'bar', a parent_endpoints 'foobar', global_zones ['foobaz']" do
let(:params) do
{
ca_server: 'foo',
@@ -43,6 +43,51 @@
it { is_expected.to contain_icinga2__object__zone('foobaz').with({ 'global' => true }) }
end
+
+ context "#{os} with zone 'foo' and two workers, logging_type 'syslog', logging_level 'warning'" do
+ let(:params) do
+ {
+ ca_server: 'foo',
+ zone: 'foo',
+ parent_endpoints: { 'foobar' => { 'host' => '127.0.0.1' } },
+ workers: {
+ 'baz' => { 'endpoints' => { 'foobaz' => { 'host' => '127.0.0.1' } } },
+ 'out' => { 'endpoints' => { 'outbar' => {} }, 'parent' => 'baz' },
+ },
+ logging_type: 'syslog',
+ logging_level: 'warning',
+ }
+ end
+
+ it {
+ is_expected.to contain_class('icinga').with(
+ {
+ 'ca' => false,
+ 'ca_server' => 'foo',
+ 'this_zone' => 'foo',
+ 'zones' => {
+ 'ZoneName' => {
+ 'parent' => 'main',
+ 'endpoints' => { 'NodeName' => {} },
+ },
+ 'main' => {
+ 'endpoints' => { 'foobar' => { 'host' => '127.0.0.1' } },
+ },
+ 'baz' => {
+ 'parent' => 'foo',
+ 'endpoints' => { 'foobaz' => { 'host' => '127.0.0.1' } },
+ },
+ 'out' => {
+ 'parent' => 'baz',
+ 'endpoints' => { 'outbar' => {} },
+ }
+ },
+ 'logging_type' => 'syslog',
+ 'logging_level' => 'warning',
+ },
+ )
+ }
+ end
end
end
end
diff --git a/spec/default_facts.yml b/spec/default_facts.yml
index f777abf..188b4dc 100644
--- a/spec/default_facts.yml
+++ b/spec/default_facts.yml
@@ -2,7 +2,9 @@
#
# Facts specified here will override the values provided by rspec-puppet-facts.
---
-ipaddress: "172.16.254.254"
-ipaddress6: "FE80:0000:0000:0000:AAAA:AAAA:AAAA"
+networking:
+ ip: "172.16.254.254"
+ ip6: "FE80:0000:0000:0000:AAAA:AAAA:AAAA"
+ mac: "AA:AA:AA:AA:AA:AA"
+ fqdn: "foo.example.com"
is_pe: false
-macaddress: "AA:AA:AA:AA:AA:AA"
diff --git a/spec/functions/db_connect_spec.rb b/spec/functions/db_connect_spec.rb
index 1b4f705..4d42cf2 100644
--- a/spec/functions/db_connect_spec.rb
+++ b/spec/functions/db_connect_spec.rb
@@ -23,6 +23,14 @@
).and_return("-h db.example.org -u bar -p'supersecret' -D foo --ssl --ssl-ca /cacert.file")
end
+ it "with MariaDB TLS and noverify 'true' on db.example.org and password" do
+ is_expected.to run.with_params(
+ { 'type' => 'mariadb', 'host' => 'db.example.org', 'database' => 'foo', 'username' => 'bar', 'password' => 'supersecret' },
+ { 'noverify' => true, 'cacert_file' => '/cacert.file' },
+ true,
+ ).and_return("-h db.example.org -u bar -p'supersecret' -D foo --ssl")
+ end
+
it 'with MariaDB client TLS cert on db.example.org' do
is_expected.to run.with_params(
{ 'type' => 'mariadb', 'host' => 'db.example.org', 'database' => 'foo', 'username' => 'bar' },
@@ -36,15 +44,15 @@
{ 'type' => 'mysql', 'host' => 'db.example.org', 'database' => 'foo', 'username' => 'bar' },
{ 'key_file' => '/key.file', 'cert_file' => '/cert.file', 'cacert_file' => '/cacert.file' },
true,
- ).and_return('-h db.example.org -u bar -D foo --ssl-mode required --ssl-ca /cacert.file --ssl-cert /cert.file --ssl-key /key.file')
+ ).and_return('-h db.example.org -u bar -D foo --ssl-mode VERIFY_CA --ssl-ca /cacert.file --ssl-cert /cert.file --ssl-key /key.file')
end
- it 'with MySQL TLS on db.example.org and password' do
+ it "with MySQL TLS and noverify 'true' on db.example.org and password" do
is_expected.to run.with_params(
{ 'type' => 'mysql', 'host' => 'db.example.org', 'database' => 'foo', 'username' => 'bar', 'password' => 'supersecret' },
- { 'cacert_file' => '/cacert.file' },
+ { 'noverify' => true, 'cacert_file' => '/cacert.file' },
true,
- ).and_return("-h db.example.org -u bar -p'supersecret' -D foo --ssl-mode required --ssl-ca /cacert.file")
+ ).and_return("-h db.example.org -u bar -p'supersecret' -D foo --ssl-mode REQUIRED")
end
it 'with PostgreSQL' do
diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb
index b367fde..6820ceb 100644
--- a/spec/spec_helper.rb
+++ b/spec/spec_helper.rb
@@ -25,8 +25,8 @@
next unless File.exist?(f) && File.readable?(f) && File.size?(f)
begin
- default_facts.merge!(YAML.safe_load(File.read(f), [], [], true))
- rescue => e
+ default_facts.merge!(YAML.safe_load(File.read(f), permitted_classes: [], permitted_symbols: [], aliases: true))
+ rescue StandardError => e
RSpec.configuration.reporter.message "WARNING: Unable to load #{f}: #{e}"
end
end
@@ -46,6 +46,19 @@
end
c.filter_run_excluding(bolt: true) unless ENV['GEM_BOLT']
c.after(:suite) do
+ RSpec::Puppet::Coverage.report!(0)
+ end
+
+ # Filter backtrace noise
+ backtrace_exclusion_patterns = [
+ %r{spec_helper},
+ %r{gems},
+ ]
+
+ if c.respond_to?(:backtrace_exclusion_patterns)
+ c.backtrace_exclusion_patterns = backtrace_exclusion_patterns
+ elsif c.respond_to?(:backtrace_clean_patterns)
+ c.backtrace_clean_patterns = backtrace_exclusion_patterns
end
end