From 90f20a5fb6da15ba8293f1e16e0f1ceaf0ea2a12 Mon Sep 17 00:00:00 2001 From: Lennart Betz Date: Tue, 17 Oct 2023 16:32:32 +0200 Subject: [PATCH 01/21] replace merge function --- manifests/init.pp | 2 +- manifests/repos/apt.pp | 2 +- manifests/server.pp | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/manifests/init.pp b/manifests/init.pp index f266178..1888282 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -171,7 +171,7 @@ Package['icinga2'] -> Exec['restarting icinga2'] -> Class['icinga2'] exec { 'restarting icinga2': - path => $::facts['path'], + path => $facts['path'], command => "service ${icinga_service} restart", onlyif => "service ${icinga_service} status", refreshonly => true, diff --git a/manifests/repos/apt.pp b/manifests/repos/apt.pp index cf07d6b..0092d5e 100644 --- a/manifests/repos/apt.pp +++ b/manifests/repos/apt.pp @@ -27,7 +27,7 @@ if $managed[$repo_name] { Apt::Source[$repo_name] -> Package <| title != 'apt-transport-https' |> apt::source { $repo_name: - * => merge({ ensure => present }, $repo_config), + * => { ensure => present } + $repo_config, require => File['/etc/apt/sources.list.d/netways-plugins.list', '/etc/apt/sources.list.d/netways-extras.list'], } } diff --git a/manifests/server.pp b/manifests/server.pp index d79e6f4..839353a 100644 --- a/manifests/server.pp +++ b/manifests/server.pp @@ -84,7 +84,7 @@ ca => $_ca, ca_server => $ca_server, this_zone => $zone, - zones => merge({ 'ZoneName' => { 'endpoints' => { 'NodeName' => {} } + $colocation_endpoints } }, $_workers), + zones => { 'ZoneName' => { 'endpoints' => { 'NodeName' => {} } + $colocation_endpoints } } + $_workers, logging_type => $logging_type, logging_level => $logging_level, ticket_salt => $ticket_salt, From 0b9da40e3024f8929794ca2062926f6a02b14ca2 Mon Sep 17 00:00:00 2001 From: Lennart Betz Date: Tue, 17 Oct 2023 16:37:19 +0200 Subject: [PATCH 02/21] update metadata to use puppet 8 --- metadata.json | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/metadata.json b/metadata.json index b6d5a32..a0a3e48 100644 --- a/metadata.json +++ b/metadata.json @@ -10,19 +10,19 @@ "dependencies": [ { "name": "puppetlabs/stdlib", - "version_requirement": ">= 5.1.0 < 9.0.0" + "version_requirement": ">= 6.6.0 < 10.0.0" }, { "name": "puppet/redis", - "version_requirement": ">= 7.0.0 < 9.0.0" + "version_requirement": ">= 7.0.0 < 10.0.0" }, { "name": "puppetlabs/apt", - "version_requirement": ">= 6.0.0 < 9.0.0" + "version_requirement": ">= 7.7.0 < 10.0.0" }, { "name": "puppet/zypprepo", - "version_requirement": ">= 2.2.1 < 5.0.0" + "version_requirement": ">= 4.0.0 < 6.0.0" } ], "operatingsystem_support": [ @@ -95,7 +95,7 @@ "requirements": [ { "name": "puppet", - "version_requirement": ">= 6.0.0 < 8.0.0" + "version_requirement": ">= 7.0.0 < 9.0.0" } ], "tags": [ From 039b364e820ef298faf7326a041cd37d52c715b7 Mon Sep 17 00:00:00 2001 From: Lennart Betz Date: Tue, 17 Oct 2023 16:45:15 +0200 Subject: [PATCH 03/21] fix #91 mysql:db above 13.1.0 requires an array for the tis_options --- manifests/database.pp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/manifests/database.pp b/manifests/database.pp index 99533dd..d5680ee 100644 --- a/manifests/database.pp +++ b/manifests/database.pp @@ -30,7 +30,7 @@ } } - if versioncmp($::facts['puppetversion'], '6.0.0') < 0 or ($facts['os']['family'] == 'redhat' and Integer($facts['os']['release']['major']) < 8) { + if versioncmp($facts['puppetversion'], '6.0.0') < 0 or ($facts['os']['family'] == 'redhat' and Integer($facts['os']['release']['major']) < 8) { $_pass = icinga::unwrap($db_pass) } else { $_pass = postgresql::postgresql_password($db_user, $db_pass, false, $postgresql::server::password_encryption) @@ -82,7 +82,7 @@ mysql::db { $db_name: host => $access_instances[0], user => $db_user, - tls_options => $_tls_options, + tls_options => any2array($_tls_options), password => $db_pass, grant => $mysql_privileges, charset => $encoding, From fd2974f10fdbb71f5972e7dc91f4a833b2373088 Mon Sep 17 00:00:00 2001 From: Lennart Betz Date: Tue, 17 Oct 2023 18:46:56 +0200 Subject: [PATCH 04/21] pdk update to 3.0.0 --- .gitignore | 3 +- .pdkignore | 8 +- .rubocop.yml | 218 ++++++- Gemfile | 38 +- REFERENCE.md | 1112 ++++++++++++++++++++--------------- Rakefile | 9 +- manifests/db/database.pp | 4 +- metadata.json | 6 +- spec/classes/server_spec.rb | 6 +- spec/default_facts.yml | 8 +- spec/spec_helper.rb | 17 +- 11 files changed, 913 insertions(+), 516 deletions(-) diff --git a/.gitignore b/.gitignore index 2767022..3f15512 100644 --- a/.gitignore +++ b/.gitignore @@ -16,7 +16,7 @@ /log/ /pkg/ /spec/fixtures/manifests/ -/spec/fixtures/modules/ +/spec/fixtures/modules/* /tmp/ /vendor/ /convert_report.txt @@ -25,3 +25,4 @@ .project .envrc /inventory.yaml +/spec/fixtures/litmus_inventory.yaml diff --git a/.pdkignore b/.pdkignore index c538bea..584438f 100644 --- a/.pdkignore +++ b/.pdkignore @@ -16,7 +16,7 @@ /log/ /pkg/ /spec/fixtures/manifests/ -/spec/fixtures/modules/ +/spec/fixtures/modules/* /tmp/ /vendor/ /convert_report.txt @@ -26,20 +26,16 @@ .envrc /inventory.yaml /spec/fixtures/litmus_inventory.yaml -/appveyor.yml -/.editorconfig /.fixtures.yml /Gemfile /.gitattributes /.gitignore -/.gitlab-ci.yml /.pdkignore /.puppet-lint.rc /Rakefile /rakelib/ /.rspec -/.rubocop.yml -/.travis.yml +/..yml /.yardopts /spec/ /.vscode/ diff --git a/.rubocop.yml b/.rubocop.yml index 2d88620..5be1f9f 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -4,7 +4,7 @@ require: - rubocop-rspec AllCops: DisplayCopNames: true - TargetRubyVersion: '2.5' + TargetRubyVersion: '2.6' Include: - "**/*.rb" Exclude: @@ -21,8 +21,6 @@ AllCops: Layout/LineLength: Description: People have wide screens, use them. Max: 200 -RSpec/EmptyExampleGroup: - Enabled: false RSpec/BeforeAfterAll: Description: Beware of using after(:all) as it may cause state to leak between tests. A necessary evil in acceptance testing. @@ -113,8 +111,14 @@ Style/MethodCalledOnDoEndBlock: Enabled: true Style/StringMethods: Enabled: true +Bundler/GemFilename: + Enabled: false Bundler/InsecureProtocolSource: Enabled: false +Capybara/CurrentPathExpectation: + Enabled: false +Capybara/VisibilityMatcher: + Enabled: false Gemspec/DuplicatedAssignment: Enabled: false Gemspec/OrderedDependencies: @@ -289,11 +293,9 @@ Performance/UriDefaultParser: Enabled: false RSpec/Be: Enabled: false -RSpec/Capybara/CurrentPathExpectation: - Enabled: false RSpec/Capybara/FeatureMethods: Enabled: false -RSpec/Capybara/VisibilityMatcher: +RSpec/ContainExactly: Enabled: false RSpec/ContextMethod: Enabled: false @@ -333,6 +335,8 @@ RSpec/LeakyConstantDeclaration: Enabled: false RSpec/LetBeforeExamples: Enabled: false +RSpec/MatchArray: + Enabled: false RSpec/MissingExampleGroupArgument: Enabled: false RSpec/MultipleExpectations: @@ -375,8 +379,6 @@ Style/AccessModifierDeclarations: Enabled: false Style/AccessorGrouping: Enabled: false -Style/AsciiComments: - Enabled: false Style/BisectedAttrAccessor: Enabled: false Style/CaseLikeIf: @@ -487,35 +489,235 @@ Style/TrailingMethodEndStatement: Enabled: false Style/UnpackFirst: Enabled: false +Capybara/MatchStyle: + Enabled: false +Capybara/NegationMatcher: + Enabled: false +Capybara/SpecificActions: + Enabled: false +Capybara/SpecificFinders: + Enabled: false +Capybara/SpecificMatcher: + Enabled: false +Gemspec/DeprecatedAttributeAssignment: + Enabled: false +Gemspec/DevelopmentDependencies: + Enabled: false +Gemspec/RequireMFA: + Enabled: false +Layout/LineContinuationLeadingSpace: + Enabled: false +Layout/LineContinuationSpacing: + Enabled: false +Layout/LineEndStringConcatenationIndentation: + Enabled: false +Layout/SpaceBeforeBrackets: + Enabled: false +Lint/AmbiguousAssignment: + Enabled: false +Lint/AmbiguousOperatorPrecedence: + Enabled: false +Lint/AmbiguousRange: + Enabled: false +Lint/ConstantOverwrittenInRescue: + Enabled: false +Lint/DeprecatedConstants: + Enabled: false Lint/DuplicateBranch: Enabled: false +Lint/DuplicateMagicComment: + Enabled: false Lint/DuplicateRegexpCharacterClassElement: Enabled: false Lint/EmptyBlock: Enabled: false Lint/EmptyClass: Enabled: false +Lint/EmptyInPattern: + Enabled: false +Lint/IncompatibleIoSelectWithFiberScheduler: + Enabled: false +Lint/LambdaWithoutLiteralBlock: + Enabled: false Lint/NoReturnInBeginEndBlocks: Enabled: false +Lint/NonAtomicFileOperation: + Enabled: false +Lint/NumberedParameterAssignment: + Enabled: false +Lint/OrAssignmentToConstant: + Enabled: false +Lint/RedundantDirGlobSort: + Enabled: false +Lint/RefinementImportMethods: + Enabled: false +Lint/RequireRangeParentheses: + Enabled: false +Lint/RequireRelativeSelfPath: + Enabled: false +Lint/SymbolConversion: + Enabled: false Lint/ToEnumArguments: Enabled: false +Lint/TripleQuotes: + Enabled: false Lint/UnexpectedBlockArity: Enabled: false Lint/UnmodifiedReduceAccumulator: Enabled: false +Lint/UselessRescue: + Enabled: false +Lint/UselessRuby2Keywords: + Enabled: false +Metrics/CollectionLiteralLength: + Enabled: false +Naming/BlockForwarding: + Enabled: false Performance/CollectionLiteralInLoop: Enabled: false +Performance/ConcurrentMonotonicTime: + Enabled: false +Performance/MapCompact: + Enabled: false +Performance/RedundantEqualityComparisonBlock: + Enabled: false +Performance/RedundantSplitRegexpArgument: + Enabled: false +Performance/StringIdentifierArgument: + Enabled: false +RSpec/BeEq: + Enabled: false +RSpec/BeNil: + Enabled: false +RSpec/ChangeByZero: + Enabled: false +RSpec/ClassCheck: + Enabled: false +RSpec/DuplicatedMetadata: + Enabled: false +RSpec/ExcessiveDocstringSpacing: + Enabled: false +RSpec/FactoryBot/ConsistentParenthesesStyle: + Enabled: false +RSpec/FactoryBot/FactoryNameStyle: + Enabled: false +RSpec/FactoryBot/SyntaxMethods: + Enabled: false +RSpec/IdenticalEqualityAssertion: + Enabled: false +RSpec/NoExpectationExample: + Enabled: false +RSpec/PendingWithoutReason: + Enabled: false +RSpec/Rails/AvoidSetupHook: + Enabled: false +RSpec/Rails/HaveHttpStatus: + Enabled: false +RSpec/Rails/InferredSpecType: + Enabled: false +RSpec/Rails/MinitestAssertions: + Enabled: false +RSpec/Rails/TravelAround: + Enabled: false +RSpec/RedundantAround: + Enabled: false +RSpec/SkipBlockInsideExample: + Enabled: false +RSpec/SortMetadata: + Enabled: false +RSpec/SubjectDeclaration: + Enabled: false +RSpec/VerifiedDoubleReference: + Enabled: false +Security/CompoundHash: + Enabled: false +Security/IoMethods: + Enabled: false Style/ArgumentsForwarding: Enabled: false +Style/ArrayIntersect: + Enabled: false Style/CollectionCompact: Enabled: false +Style/ComparableClamp: + Enabled: false +Style/ConcatArrayLiterals: + Enabled: false +Style/DirEmpty: + Enabled: false Style/DocumentDynamicEvalDefinition: Enabled: false +Style/EmptyHeredoc: + Enabled: false +Style/EndlessMethod: + Enabled: false +Style/EnvHome: + Enabled: false +Style/FetchEnvVar: + Enabled: false +Style/FileEmpty: + Enabled: false +Style/FileRead: + Enabled: false +Style/FileWrite: + Enabled: false +Style/HashConversion: + Enabled: false +Style/HashExcept: + Enabled: false +Style/IfWithBooleanLiteralBranches: + Enabled: false +Style/InPatternThen: + Enabled: false +Style/MagicCommentFormat: + Enabled: false +Style/MapCompactWithConditionalBlock: + Enabled: false +Style/MapToHash: + Enabled: false +Style/MapToSet: + Enabled: false +Style/MinMaxComparison: + Enabled: false +Style/MultilineInPatternThen: + Enabled: false Style/NegatedIfElseCondition: Enabled: false +Style/NestedFileDirname: + Enabled: false Style/NilLambda: Enabled: false +Style/NumberedParameters: + Enabled: false +Style/NumberedParametersLimit: + Enabled: false +Style/ObjectThen: + Enabled: false +Style/OpenStructUse: + Enabled: false +Style/OperatorMethodCall: + Enabled: false +Style/QuotedSymbols: + Enabled: false Style/RedundantArgument: Enabled: false +Style/RedundantConstantBase: + Enabled: false +Style/RedundantDoubleSplatHashBraces: + Enabled: false +Style/RedundantEach: + Enabled: false +Style/RedundantHeredocDelimiterQuotes: + Enabled: false +Style/RedundantInitialize: + Enabled: false +Style/RedundantSelfAssignmentBranch: + Enabled: false +Style/RedundantStringEscape: + Enabled: false +Style/SelectByRegexp: + Enabled: false +Style/StringChars: + Enabled: false Style/SwapValues: Enabled: false diff --git a/Gemfile b/Gemfile index fc28658..864c168 100644 --- a/Gemfile +++ b/Gemfile @@ -13,22 +13,34 @@ def location_for(place_or_version, fake_version = nil) end end -ruby_version_segments = Gem::Version.new(RUBY_VERSION.dup).segments -minor_version = ruby_version_segments[0..1].join('.') - group :development do - gem "json", '= 2.0.4', require: false if Gem::Requirement.create('~> 2.4.2').satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) - gem "json", '= 2.1.0', require: false if Gem::Requirement.create(['>= 2.5.0', '< 2.7.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) - gem "json", '= 2.3.0', require: false if Gem::Requirement.create(['>= 2.7.0', '< 2.8.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) - gem "puppet-module-posix-default-r#{minor_version}", '~> 1.0', require: false, platforms: [:ruby] - gem "puppet-module-posix-dev-r#{minor_version}", '~> 1.0', require: false, platforms: [:ruby] - gem "puppet-module-win-default-r#{minor_version}", '~> 1.0', require: false, platforms: [:mswin, :mingw, :x64_mingw] - gem "puppet-module-win-dev-r#{minor_version}", '~> 1.0', require: false, platforms: [:mswin, :mingw, :x64_mingw] - gem "voxpupuli-puppet-lint-plugins", '>= 3.0', require: false + gem "json", '= 2.1.0', require: false if Gem::Requirement.create(['>= 2.5.0', '< 2.7.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) + gem "json", '= 2.3.0', require: false if Gem::Requirement.create(['>= 2.7.0', '< 3.0.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) + gem "json", '= 2.5.1', require: false if Gem::Requirement.create(['>= 3.0.0', '< 3.0.5']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) + gem "json", '= 2.6.1', require: false if Gem::Requirement.create(['>= 3.1.0', '< 3.1.3']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) + gem "json", '= 2.6.3', require: false if Gem::Requirement.create(['>= 3.2.0', '< 4.0.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) + gem "racc", '~> 1.4.0', require: false if Gem::Requirement.create(['>= 2.7.0', '< 3.0.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) + gem "voxpupuli-puppet-lint-plugins", '~> 5.0', require: false + gem "facterdb", '~> 1.18', require: false + gem "metadata-json-lint", '~> 3.0', require: false + gem "puppetlabs_spec_helper", '~> 6.0', require: false + gem "rspec-puppet-facts", '~> 2.0', require: false + gem "codecov", '~> 0.2', require: false + gem "dependency_checker", '~> 1.0.0', require: false + gem "parallel_tests", '= 3.12.1', require: false + gem "pry", '~> 0.10', require: false + gem "simplecov-console", '~> 0.5', require: false + gem "puppet-debugger", '~> 1.0', require: false + gem "rubocop", '= 1.48.1', require: false + gem "rubocop-performance", '= 1.16.0', require: false + gem "rubocop-rspec", '= 2.19.0', require: false + gem "puppet-strings", '~> 4.0', require: false + gem "rb-readline", '= 0.5.5', require: false, platforms: [:mswin, :mingw, :x64_mingw] + gem "concurrent-ruby", '< 1.2.0', require: false end group :system_tests do - gem "puppet-module-posix-system-r#{minor_version}", '~> 1.0', require: false, platforms: [:ruby] - gem "puppet-module-win-system-r#{minor_version}", '~> 1.0', require: false, platforms: [:mswin, :mingw, :x64_mingw] + gem "puppet_litmus", '~> 1.0', require: false, platforms: [:ruby, :x64_mingw] + gem "serverspec", '~> 2.41', require: false end puppet_version = ENV['PUPPET_GEM_VERSION'] diff --git a/REFERENCE.md b/REFERENCE.md index 2c23815..f06695a 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -8,26 +8,28 @@ #### Public Classes -* [`icinga::agent`](#icingaagent): Setup a Icinga agent. -* [`icinga::db`](#icingadb) -* [`icinga::db::database`](#icingadbdatabase): Setup database for IcingaDB. -* [`icinga::ido`](#icingaido): Configure IDO Backend. -* [`icinga::ido::database`](#icingaidodatabase): Configure IDO backend database. -* [`icinga::redis`](#icingaredis): Base class for all redis owned by Icinga. -* [`icinga::repos`](#icingarepos): This class manages the stages stable, testing and snapshot of packages.icinga.com repository and depending on the operating system platform s -* [`icinga::server`](#icingaserver): Setup a Icinga server. -* [`icinga::web`](#icingaweb): Setup Icinga Web 2 including a database backend for user settings, +* [`icinga::agent`](#icinga--agent): Setup a Icinga agent. +* [`icinga::db`](#icinga--db) +* [`icinga::db::database`](#icinga--db--database): Setup database for IcingaDB. +* [`icinga::ido`](#icinga--ido): Configure IDO Backend. +* [`icinga::ido::database`](#icinga--ido--database): Configure IDO backend database. +* [`icinga::redis`](#icinga--redis): Base class for all redis owned by Icinga. +* [`icinga::repos`](#icinga--repos): This class manages the stages stable, testing and snapshot of packages.icinga.com repository and depending on the operating system platform s +* [`icinga::server`](#icinga--server): Setup a Icinga server. +* [`icinga::web`](#icinga--web): Setup Icinga Web 2 including a database backend for user settings, PHP and a Webserver. -* [`icinga::web::database`](#icingawebdatabase): Setup Icinga Web 2 database for user settings. -* [`icinga::web::director`](#icingawebdirector): Setup Director module for Icinga Web 2 -* [`icinga::web::director::database`](#icingawebdirectordatabase): Setup Director database. -* [`icinga::web::icingadb`](#icingawebicingadb): Setup IcingaDB module for the new backend. -* [`icinga::web::monitoring`](#icingawebmonitoring): Setup Monitoring module for the IDO backend. -* [`icinga::web::reporting`](#icingawebreporting): Setup the reporting module for Icinga Web 2 -* [`icinga::web::reporting::database`](#icingawebreportingdatabase): Setup the reporting database. -* [`icinga::web::vspheredb`](#icingawebvspheredb): Setup VSphereDB module for Icinga Web 2 -* [`icinga::web::vspheredb::database`](#icingawebvspheredbdatabase): Setup VSphereDB database. -* [`icinga::worker`](#icingaworker): Setup a Icinga worker (aka satellite). +* [`icinga::web::database`](#icinga--web--database): Setup Icinga Web 2 database for user settings. +* [`icinga::web::director`](#icinga--web--director): Setup Director module for Icinga Web 2 +* [`icinga::web::director::database`](#icinga--web--director--database): Setup Director database. +* [`icinga::web::icingadb`](#icinga--web--icingadb): Setup IcingaDB module for the new backend. +* [`icinga::web::monitoring`](#icinga--web--monitoring): Setup Monitoring module for the IDO backend. +* [`icinga::web::reporting`](#icinga--web--reporting): Setup the reporting module for Icinga Web 2 +* [`icinga::web::reporting::database`](#icinga--web--reporting--database): Setup the reporting database. +* [`icinga::web::vspheredb`](#icinga--web--vspheredb): Setup VSphereDB module for Icinga Web 2 +* [`icinga::web::vspheredb::database`](#icinga--web--vspheredb--database): Setup VSphereDB database. +* [`icinga::web::x509`](#icinga--web--x509): Setup the x509 module for Icinga Web 2 +* [`icinga::web::x509::database`](#icinga--web--x509--database): Setup the x509 database. +* [`icinga::worker`](#icinga--worker): Setup a Icinga worker (aka satellite). #### Private Classes @@ -41,7 +43,7 @@ PHP and a Webserver. #### Public Defined types -* [`icinga::cert`](#icingacert): A class to generate tls key, cert and cacert files. +* [`icinga::cert`](#icinga--cert): A class to generate tls key, cert and cacert files. #### Private Defined types @@ -49,22 +51,22 @@ PHP and a Webserver. ### Functions -* [`icinga::cert::files`](#icingacertfiles): Choose the path of tls key, cert and ca file. -* [`icinga::db::connect`](#icingadbconnect): This function returns a string to connect databases +* [`icinga::cert::files`](#icinga--cert--files): Choose the path of tls key, cert and ca file. +* [`icinga::db::connect`](#icinga--db--connect): This function returns a string to connect databases with or without TLS information. -* [`icinga::newline`](#icinganewline): Replace newlines for Windows systems. -* [`icinga::prepare_web`](#icingaprepare_web): This funktion checks for web preparation and display a warning if fails -* [`icinga::unwrap`](#icingaunwrap): This function returns an unwrap string if necessary. +* [`icinga::newline`](#icinga--newline): Replace newlines for Windows systems. +* [`icinga::prepare_web`](#icinga--prepare_web): This funktion checks for web preparation and display a warning if fails +* [`icinga::unwrap`](#icinga--unwrap): This function returns an unwrap string if necessary. ### Data types -* [`Icinga::Certificate`](#icingacertificate): A strict type for a certificate -* [`Icinga::LogLevel`](#icingaloglevel): A strict type for log levels -* [`Icinga::Secret`](#icingasecret): A strict type for the secrets like passwords or keys +* [`Icinga::Certificate`](#Icinga--Certificate): A strict type for a certificate +* [`Icinga::LogLevel`](#Icinga--LogLevel): A strict type for log levels +* [`Icinga::Secret`](#Icinga--Secret): A strict type for the secrets like passwords or keys ## Classes -### `icinga::agent` +### `icinga::agent` Setup a Icinga agent. @@ -72,22 +74,22 @@ Setup a Icinga agent. The following parameters are available in the `icinga::agent` class: -* [`ca_server`](#ca_server) -* [`parent_zone`](#parent_zone) -* [`parent_endpoints`](#parent_endpoints) -* [`global_zones`](#global_zones) -* [`logging_type`](#logging_type) -* [`logging_level`](#logging_level) -* [`zone`](#zone) -* [`run_web`](#run_web) +* [`ca_server`](#-icinga--agent--ca_server) +* [`parent_zone`](#-icinga--agent--parent_zone) +* [`parent_endpoints`](#-icinga--agent--parent_endpoints) +* [`global_zones`](#-icinga--agent--global_zones) +* [`logging_type`](#-icinga--agent--logging_type) +* [`logging_level`](#-icinga--agent--logging_level) +* [`zone`](#-icinga--agent--zone) +* [`run_web`](#-icinga--agent--run_web) -##### `ca_server` +##### `ca_server` Data type: `Stdlib::Host` The CA to send the certificate request to. -##### `parent_zone` +##### `parent_zone` Data type: `String` @@ -95,13 +97,13 @@ Name of the parent Icinga zone. Default value: `'main'` -##### `parent_endpoints` +##### `parent_endpoints` Data type: `Hash[String, Hash]` Configures these endpoints of the parent zone. -##### `global_zones` +##### `global_zones` Data type: `Array[String]` @@ -109,7 +111,7 @@ List of global zones to configure. Default value: `[]` -##### `logging_type` +##### `logging_type` Data type: `Enum['file', 'syslog']` @@ -117,15 +119,15 @@ Switch the log target. Only `file` is supported on Windows. Default value: `'file'` -##### `logging_level` +##### `logging_level` Data type: `Optional[Icinga::LogLevel]` Set the log level. -Default value: ``undef`` +Default value: `undef` -##### `zone` +##### `zone` Data type: `String` @@ -133,16 +135,16 @@ Set a dedicated zone name. Default value: `'NodeName'` -##### `run_web` +##### `run_web` Data type: `Boolean` Prepare to run Icinga Web 2 on the same machine. Manage a group `icingaweb2` and add the Icinga user to this group. -Default value: ``false`` +Default value: `false` -### `icinga::db` +### `icinga::db` The icinga::db class. @@ -150,28 +152,28 @@ The icinga::db class. The following parameters are available in the `icinga::db` class: -* [`db_type`](#db_type) -* [`db_host`](#db_host) -* [`db_port`](#db_port) -* [`db_name`](#db_name) -* [`db_user`](#db_user) -* [`db_pass`](#db_pass) -* [`manage_database`](#manage_database) -* [`db_accesses`](#db_accesses) -* [`redis_host`](#redis_host) -* [`redis_bind`](#redis_bind) -* [`redis_port`](#redis_port) -* [`redis_pass`](#redis_pass) -* [`manage_redis`](#manage_redis) -* [`manage_feature`](#manage_feature) - -##### `db_type` +* [`db_type`](#-icinga--db--db_type) +* [`db_host`](#-icinga--db--db_host) +* [`db_port`](#-icinga--db--db_port) +* [`db_name`](#-icinga--db--db_name) +* [`db_user`](#-icinga--db--db_user) +* [`db_pass`](#-icinga--db--db_pass) +* [`manage_database`](#-icinga--db--manage_database) +* [`db_accesses`](#-icinga--db--db_accesses) +* [`redis_host`](#-icinga--db--redis_host) +* [`redis_bind`](#-icinga--db--redis_bind) +* [`redis_port`](#-icinga--db--redis_port) +* [`redis_pass`](#-icinga--db--redis_pass) +* [`manage_redis`](#-icinga--db--manage_redis) +* [`manage_feature`](#-icinga--db--manage_feature) + +##### `db_type` Data type: `Enum['mysql', 'pgsql']` Choose wether MySQL or PostgreSQL as backend for historical data. -##### `db_host` +##### `db_host` Data type: `Stdlib::Host` @@ -179,15 +181,15 @@ Database server. Default value: `'localhost'` -##### `db_port` +##### `db_port` Data type: `Optional[Stdlib::Port::Unprivileged]` Port to connect the database. -Default value: ``undef`` +Default value: `undef` -##### `db_name` +##### `db_name` Data type: `String` @@ -195,7 +197,7 @@ The IcingaDB database. Default value: `'icingadb'` -##### `db_user` +##### `db_user` Data type: `String` @@ -203,21 +205,21 @@ User to connect the database. Default value: `'icingadb'` -##### `db_pass` +##### `db_pass` Data type: `Icinga::Secret` Passwort to login into database. -##### `manage_database` +##### `manage_database` Data type: `Boolean` Install and create database on localhost. -Default value: ``false`` +Default value: `false` -##### `db_accesses` +##### `db_accesses` Data type: `Array[Stdlib::Host]` @@ -226,7 +228,7 @@ Omly valid if `manage_database` is `true`. Default value: `[]` -##### `redis_host` +##### `redis_host` Data type: `Stdlib::Host` @@ -234,49 +236,49 @@ Redis host to connect. Default value: `'localhost'` -##### `redis_bind` +##### `redis_bind` Data type: `Optional[Array[Stdlib::Host]]` When Redis runs on a differnt host than Icinga, here the listining interfaces have to be set. -Default value: ``undef`` +Default value: `undef` -##### `redis_port` +##### `redis_port` Data type: `Optional[Stdlib::Port]` Port for Redis listening. -Default value: ``undef`` +Default value: `undef` -##### `redis_pass` +##### `redis_pass` Data type: `Optional[Icinga::Secret]` Password to authenticate against Redis. -Default value: ``undef`` +Default value: `undef` -##### `manage_redis` +##### `manage_redis` Data type: `Boolean` Install and create the IcingaDB Redis service on localhost. -Default value: ``true`` +Default value: `true` -##### `manage_feature` +##### `manage_feature` Data type: `Boolean` If you wanna manage the Icinga 2 feature for the IcingaDB, set this to `true`. This only make sense when an Icinga 2 Server is running on the same host. -Default value: ``true`` +Default value: `true` -### `icinga::db::database` +### `icinga::db::database` Setup database for IcingaDB. @@ -284,32 +286,32 @@ Setup database for IcingaDB. The following parameters are available in the `icinga::db::database` class: -* [`db_type`](#db_type) -* [`access_instances`](#access_instances) -* [`db_pass`](#db_pass) -* [`db_name`](#db_name) -* [`db_user`](#db_user) -* [`tls`](#tls) +* [`db_type`](#-icinga--db--database--db_type) +* [`access_instances`](#-icinga--db--database--access_instances) +* [`db_pass`](#-icinga--db--database--db_pass) +* [`db_name`](#-icinga--db--database--db_name) +* [`db_user`](#-icinga--db--database--db_user) +* [`tls`](#-icinga--db--database--tls) -##### `db_type` +##### `db_type` Data type: `Enum['mysql','pgsql']` What kind of database type to use. -##### `access_instances` +##### `access_instances` Data type: `Array[Stdlib::Host]` List of Hosts to allow write access to the database. Usually an IcingaDB instance. -##### `db_pass` +##### `db_pass` Data type: `Icinga::Secret` Password to connect the database. -##### `db_name` +##### `db_name` Data type: `String` @@ -317,7 +319,7 @@ Name of the database. Default value: `'icingadb'` -##### `db_user` +##### `db_user` Data type: `String` @@ -325,17 +327,21 @@ Database user name. Default value: `'icingadb'` -##### `tls` +##### `tls` -Data type: `Variant[Boolean, - Enum['password','cert']]` +Data type: + +```puppet +Variant[Boolean, + Enum['password','cert']] +``` Access only for TLS encrypted connections. Authentication via `password` or `cert`, value `true` means password auth. -Default value: ``false`` +Default value: `false` -### `icinga::ido` +### `icinga::ido` Configure IDO Backend. @@ -343,22 +349,22 @@ Configure IDO Backend. The following parameters are available in the `icinga::ido` class: -* [`db_pass`](#db_pass) -* [`db_type`](#db_type) -* [`db_host`](#db_host) -* [`db_port`](#db_port) -* [`db_name`](#db_name) -* [`db_user`](#db_user) -* [`manage_database`](#manage_database) -* [`enable_ha`](#enable_ha) +* [`db_pass`](#-icinga--ido--db_pass) +* [`db_type`](#-icinga--ido--db_type) +* [`db_host`](#-icinga--ido--db_host) +* [`db_port`](#-icinga--ido--db_port) +* [`db_name`](#-icinga--ido--db_name) +* [`db_user`](#-icinga--ido--db_user) +* [`manage_database`](#-icinga--ido--manage_database) +* [`enable_ha`](#-icinga--ido--enable_ha) -##### `db_pass` +##### `db_pass` Data type: `Icinga::Secret` Password to connect the database. -##### `db_type` +##### `db_type` Data type: `Enum['mysql','pgsql']` @@ -366,7 +372,7 @@ What kind of database type to use. Default value: `'mysql'` -##### `db_host` +##### `db_host` Data type: `Stdlib::Host` @@ -374,15 +380,15 @@ Database host to connect. Default value: `'localhost'` -##### `db_port` +##### `db_port` Data type: `Optional[Stdlib::Port]` Port to connect. Only affects for connection to remote database hosts. -Default value: ``undef`` +Default value: `undef` -##### `db_name` +##### `db_name` Data type: `String` @@ -390,7 +396,7 @@ Name of the database. Default value: `'icinga2'` -##### `db_user` +##### `db_user` Data type: `String` @@ -398,23 +404,23 @@ Database user name. Default value: `'icinga2'` -##### `manage_database` +##### `manage_database` Data type: `Boolean` Create database and import schema. -Default value: ``false`` +Default value: `false` -##### `enable_ha` +##### `enable_ha` Data type: `Boolean` Enable HA feature for database. -Default value: ``false`` +Default value: `false` -### `icinga::ido::database` +### `icinga::ido::database` Configure IDO backend database. @@ -422,33 +428,33 @@ Configure IDO backend database. The following parameters are available in the `icinga::ido::database` class: -* [`db_type`](#db_type) -* [`ido_instances`](#ido_instances) -* [`db_pass`](#db_pass) -* [`db_name`](#db_name) -* [`db_user`](#db_user) -* [`tls`](#tls) +* [`db_type`](#-icinga--ido--database--db_type) +* [`ido_instances`](#-icinga--ido--database--ido_instances) +* [`db_pass`](#-icinga--ido--database--db_pass) +* [`db_name`](#-icinga--ido--database--db_name) +* [`db_user`](#-icinga--ido--database--db_user) +* [`tls`](#-icinga--ido--database--tls) -##### `db_type` +##### `db_type` Data type: `Enum['mysql','pgsql']` What kind of database type to use. -##### `ido_instances` +##### `ido_instances` Data type: `Array[Stdlib::Host]` List of Hosts to allow write access to the database. Usually an Icinga Server with enabled IDO feature. -##### `db_pass` +##### `db_pass` Data type: `Icinga::Secret` Password to connect the database. -##### `db_name` +##### `db_name` Data type: `String` @@ -456,7 +462,7 @@ Name of the database. Default value: `'icinga2'` -##### `db_user` +##### `db_user` Data type: `String` @@ -464,21 +470,25 @@ Database user name. Default value: `'icinga2'` -##### `tls` +##### `tls` -Data type: `Variant[Boolean, - Enum['password','cert']]` +Data type: + +```puppet +Variant[Boolean, + Enum['password','cert']] +``` Access only for TLS encrypted connections. Authentication via `password` or `cert`, value `true` means password auth. -Default value: ``false`` +Default value: `false` -### `icinga::redis` +### `icinga::redis` Base class for all redis owned by Icinga. -### `icinga::repos` +### `icinga::repos` This class manages the stages stable, testing and snapshot of packages.icinga.com repository and depending on the operating system platform some other repositories. @@ -495,66 +505,66 @@ require icinga::repos The following parameters are available in the `icinga::repos` class: -* [`manage_stable`](#manage_stable) -* [`manage_testing`](#manage_testing) -* [`manage_nightly`](#manage_nightly) -* [`configure_backports`](#configure_backports) -* [`manage_epel`](#manage_epel) -* [`manage_powertools`](#manage_powertools) -* [`manage_crb`](#manage_crb) -* [`manage_server_monitoring`](#manage_server_monitoring) -* [`manage_plugins`](#manage_plugins) -* [`manage_extras`](#manage_extras) +* [`manage_stable`](#-icinga--repos--manage_stable) +* [`manage_testing`](#-icinga--repos--manage_testing) +* [`manage_nightly`](#-icinga--repos--manage_nightly) +* [`configure_backports`](#-icinga--repos--configure_backports) +* [`manage_epel`](#-icinga--repos--manage_epel) +* [`manage_powertools`](#-icinga--repos--manage_powertools) +* [`manage_crb`](#-icinga--repos--manage_crb) +* [`manage_server_monitoring`](#-icinga--repos--manage_server_monitoring) +* [`manage_plugins`](#-icinga--repos--manage_plugins) +* [`manage_extras`](#-icinga--repos--manage_extras) -##### `manage_stable` +##### `manage_stable` Data type: `Boolean` Manage the Icinga stable repository. Disabled by setting to 'false'. Defaults to 'true'. -##### `manage_testing` +##### `manage_testing` Data type: `Boolean` Manage the Icinga testing repository to get access to release candidates. Enabled by setting to 'true'. Defaults to 'false'. -##### `manage_nightly` +##### `manage_nightly` Data type: `Boolean` Manage the Icinga snapshot repository to get access to nightly snapshots. Enabled by setting to 'true'. Defaults to 'false'. -##### `configure_backports` +##### `configure_backports` Data type: `Boolean` Enables or Disables the backports repository. Has only an effect on plattforms simular to Debian. To configure the backports repo uses apt::backports in hiera. -##### `manage_epel` +##### `manage_epel` Data type: `Boolean` Manage the EPEL (Extra Packages Enterprise Linux) repository that is needed for some package like newer Boost libraries. Has only an effect on plattforms simular to RedHat Enterprise. -##### `manage_powertools` +##### `manage_powertools` Data type: `Boolean` Manage the PowerTools repository that is needed for some package like nagios-plugins on Linux Enterprise systems like Alma 8, Rocky 8 and CentOS Stream 8. -##### `manage_crb` +##### `manage_crb` Data type: `Boolean` Manage the CRB repository that is needed for some package like nagios-plugins on Linux Enterprise systems like Alma 9, Rocky 9 and CentOS Stream 9. -##### `manage_server_monitoring` +##### `manage_server_monitoring` Data type: `Boolean` @@ -562,19 +572,19 @@ Manage the 'server:monitoring' repository on SLES platforms that is needed for s like monitoring-plugins-common. Additional also the 'monitoring-plugins' are provided by this repository. Bye default the repository is added with a lower priority of 120. -##### `manage_plugins` +##### `manage_plugins` Data type: `Boolean` Manage the NETWAYS plugins repository that provides some packages for additional plugins. -##### `manage_extras` +##### `manage_extras` Data type: `Boolean` Manage the NETWAYS extras repository that provides some packages for extras. -### `icinga::server` +### `icinga::server` Setup a Icinga server. @@ -582,39 +592,39 @@ Setup a Icinga server. The following parameters are available in the `icinga::server` class: -* [`ca`](#ca) -* [`config_server`](#config_server) -* [`zone`](#zone) -* [`colocation_endpoints`](#colocation_endpoints) -* [`workers`](#workers) -* [`global_zones`](#global_zones) -* [`ca_server`](#ca_server) -* [`ticket_salt`](#ticket_salt) -* [`web_api_user`](#web_api_user) -* [`web_api_pass`](#web_api_pass) -* [`director_api_user`](#director_api_user) -* [`director_api_pass`](#director_api_pass) -* [`logging_type`](#logging_type) -* [`logging_level`](#logging_level) -* [`run_web`](#run_web) - -##### `ca` +* [`ca`](#-icinga--server--ca) +* [`config_server`](#-icinga--server--config_server) +* [`zone`](#-icinga--server--zone) +* [`colocation_endpoints`](#-icinga--server--colocation_endpoints) +* [`workers`](#-icinga--server--workers) +* [`global_zones`](#-icinga--server--global_zones) +* [`ca_server`](#-icinga--server--ca_server) +* [`ticket_salt`](#-icinga--server--ticket_salt) +* [`web_api_user`](#-icinga--server--web_api_user) +* [`web_api_pass`](#-icinga--server--web_api_pass) +* [`director_api_user`](#-icinga--server--director_api_user) +* [`director_api_pass`](#-icinga--server--director_api_pass) +* [`logging_type`](#-icinga--server--logging_type) +* [`logging_level`](#-icinga--server--logging_level) +* [`run_web`](#-icinga--server--run_web) + +##### `ca` Data type: `Boolean` Enables a CA on this node. -Default value: ``false`` +Default value: `false` -##### `config_server` +##### `config_server` Data type: `Boolean` Enables that this node is the central configuration server. -Default value: ``false`` +Default value: `false` -##### `zone` +##### `zone` Data type: `String` @@ -622,7 +632,7 @@ Name of the Icinga zone. Default value: `'main'` -##### `colocation_endpoints` +##### `colocation_endpoints` Data type: `Hash[String,Hash]` @@ -631,7 +641,7 @@ Icinga supports two endpoints per zone only. Default value: `{}` -##### `workers` +##### `workers` Data type: `Hash[String,Hash]` @@ -640,7 +650,7 @@ endpoint objects. Default value: `{}` -##### `global_zones` +##### `global_zones` Data type: `Array[String]` @@ -648,23 +658,23 @@ List of global zones to configure. Default value: `[]` -##### `ca_server` +##### `ca_server` Data type: `Optional[Stdlib::Host]` The CA to send the certificate request to. -Default value: ``undef`` +Default value: `undef` -##### `ticket_salt` +##### `ticket_salt` Data type: `Optional[Icinga::Secret]` Set an alternate ticket salt to icinga::ticket_salt from Hiera. -Default value: ``undef`` +Default value: `undef` -##### `web_api_user` +##### `web_api_user` Data type: `String` @@ -672,15 +682,15 @@ Icinga API user to connect Icinga 2. Notice: user is only created if a password Default value: `'icingaweb2'` -##### `web_api_pass` +##### `web_api_pass` Data type: `Optional[Icinga::Secret]` Icinga API user password. -Default value: ``undef`` +Default value: `undef` -##### `director_api_user` +##### `director_api_user` Data type: `String` @@ -688,15 +698,15 @@ Icinga API director user to connect Icinga 2. Notice: user is only created if a Default value: `'director'` -##### `director_api_pass` +##### `director_api_pass` Data type: `Optional[Icinga::Secret]` Icinga API director user password. -Default value: ``undef`` +Default value: `undef` -##### `logging_type` +##### `logging_type` Data type: `Enum['file', 'syslog']` @@ -704,24 +714,24 @@ Switch the log target. Only `file` is supported on Windows. Default value: `'file'` -##### `logging_level` +##### `logging_level` Data type: `Optional[Icinga::LogLevel]` Set the log level. -Default value: ``undef`` +Default value: `undef` -##### `run_web` +##### `run_web` Data type: `Boolean` Prepare to run Icinga Web 2 on the same machine. Manage a group `icingaweb2` and add the Icinga user to this group. -Default value: ``false`` +Default value: `false` -### `icinga::web` +### `icinga::web` Setup Icinga Web 2 including a database backend for user settings, PHP and a Webserver. @@ -730,21 +740,21 @@ PHP and a Webserver. The following parameters are available in the `icinga::web` class: -* [`default_admin_user`](#default_admin_user) -* [`default_admin_pass`](#default_admin_pass) -* [`db_pass`](#db_pass) -* [`apache_cgi_pass_auth`](#apache_cgi_pass_auth) -* [`db_type`](#db_type) -* [`db_host`](#db_host) -* [`db_port`](#db_port) -* [`db_name`](#db_name) -* [`db_user`](#db_user) -* [`manage_database`](#manage_database) -* [`api_host`](#api_host) -* [`api_user`](#api_user) -* [`api_pass`](#api_pass) - -##### `default_admin_user` +* [`default_admin_user`](#-icinga--web--default_admin_user) +* [`default_admin_pass`](#-icinga--web--default_admin_pass) +* [`db_pass`](#-icinga--web--db_pass) +* [`apache_cgi_pass_auth`](#-icinga--web--apache_cgi_pass_auth) +* [`db_type`](#-icinga--web--db_type) +* [`db_host`](#-icinga--web--db_host) +* [`db_port`](#-icinga--web--db_port) +* [`db_name`](#-icinga--web--db_name) +* [`db_user`](#-icinga--web--db_user) +* [`manage_database`](#-icinga--web--manage_database) +* [`api_host`](#-icinga--web--api_host) +* [`api_user`](#-icinga--web--api_user) +* [`api_pass`](#-icinga--web--api_pass) + +##### `default_admin_user` Data type: `String` @@ -752,7 +762,7 @@ Set the initial name of the admin user. Default value: `'icingaadmin'` -##### `default_admin_pass` +##### `default_admin_pass` Data type: `Icinga::Secret` @@ -760,20 +770,20 @@ Set the initial password for the admin user. Default value: `'icingaadmin'` -##### `db_pass` +##### `db_pass` Data type: `Icinga::Secret` Password to connect the database. -##### `apache_cgi_pass_auth` +##### `apache_cgi_pass_auth` Data type: `Boolean` Either turn on or off the apache cgi pass thru auth. An option available since Apache v2.4.15 and required for authenticated access to the Icinga Web Api. -##### `db_type` +##### `db_type` Data type: `Enum['mysql', 'pgsql']` @@ -781,7 +791,7 @@ What kind of database type to use. Default value: `'mysql'` -##### `db_host` +##### `db_host` Data type: `Stdlib::Host` @@ -789,15 +799,15 @@ Database host to connect. Default value: `'localhost'` -##### `db_port` +##### `db_port` Data type: `Optional[Stdlib::Port::Unprivileged]` Port to connect. Only affects for connection to remote database hosts. -Default value: ``undef`` +Default value: `undef` -##### `db_name` +##### `db_name` Data type: `String` @@ -805,7 +815,7 @@ Name of the database. Default value: `'icingaweb2'` -##### `db_user` +##### `db_user` Data type: `String` @@ -813,15 +823,15 @@ Database user name. Default value: `'icingaweb2'` -##### `manage_database` +##### `manage_database` Data type: `Boolean` Create database. -Default value: ``false`` +Default value: `false` -##### `api_host` +##### `api_host` Data type: `Variant[Stdlib::Host, Array[Stdlib::Host]]` @@ -829,7 +839,7 @@ Single or list of Icinga 2 API endpoints to connect. Default value: `'localhost'` -##### `api_user` +##### `api_user` Data type: `String` @@ -837,13 +847,13 @@ Icinga 2 API user. Default value: `'icingaweb2'` -##### `api_pass` +##### `api_pass` Data type: `Icinga::Secret` Password to connect the Icinga 2 API. -### `icinga::web::database` +### `icinga::web::database` Setup Icinga Web 2 database for user settings. @@ -851,32 +861,32 @@ Setup Icinga Web 2 database for user settings. The following parameters are available in the `icinga::web::database` class: -* [`db_type`](#db_type) -* [`web_instances`](#web_instances) -* [`db_pass`](#db_pass) -* [`db_name`](#db_name) -* [`db_user`](#db_user) -* [`tls`](#tls) +* [`db_type`](#-icinga--web--database--db_type) +* [`web_instances`](#-icinga--web--database--web_instances) +* [`db_pass`](#-icinga--web--database--db_pass) +* [`db_name`](#-icinga--web--database--db_name) +* [`db_user`](#-icinga--web--database--db_user) +* [`tls`](#-icinga--web--database--tls) -##### `db_type` +##### `db_type` Data type: `Enum['mysql','pgsql']` What kind of database type to use. -##### `web_instances` +##### `web_instances` Data type: `Array[Stdlib::Host]` List of Hosts to allow write access to the database. Usually an Icinga Web 2 instance. -##### `db_pass` +##### `db_pass` Data type: `Icinga::Secret` Password to connect the database. -##### `db_name` +##### `db_name` Data type: `String` @@ -884,7 +894,7 @@ Name of the database. Default value: `'icingaweb2'` -##### `db_user` +##### `db_user` Data type: `String` @@ -892,17 +902,21 @@ Database user name. Default value: `'icingaweb2'` -##### `tls` +##### `tls` + +Data type: -Data type: `Variant[Boolean, - Enum['password','cert']]` +```puppet +Variant[Boolean, + Enum['password','cert']] +``` Access only for TLS encrypted connections. Authentication via `password` or `cert`, value `true` means password auth. -Default value: ``false`` +Default value: `false` -### `icinga::web::director` +### `icinga::web::director` Setup Director module for Icinga Web 2 @@ -910,21 +924,21 @@ Setup Director module for Icinga Web 2 The following parameters are available in the `icinga::web::director` class: -* [`service_ensure`](#service_ensure) -* [`service_enable`](#service_enable) -* [`db_type`](#db_type) -* [`db_host`](#db_host) -* [`db_port`](#db_port) -* [`db_name`](#db_name) -* [`db_user`](#db_user) -* [`db_pass`](#db_pass) -* [`endpoint`](#endpoint) -* [`manage_database`](#manage_database) -* [`api_host`](#api_host) -* [`api_user`](#api_user) -* [`api_pass`](#api_pass) - -##### `service_ensure` +* [`service_ensure`](#-icinga--web--director--service_ensure) +* [`service_enable`](#-icinga--web--director--service_enable) +* [`db_type`](#-icinga--web--director--db_type) +* [`db_host`](#-icinga--web--director--db_host) +* [`db_port`](#-icinga--web--director--db_port) +* [`db_name`](#-icinga--web--director--db_name) +* [`db_user`](#-icinga--web--director--db_user) +* [`db_pass`](#-icinga--web--director--db_pass) +* [`endpoint`](#-icinga--web--director--endpoint) +* [`manage_database`](#-icinga--web--director--manage_database) +* [`api_host`](#-icinga--web--director--api_host) +* [`api_user`](#-icinga--web--director--api_user) +* [`api_pass`](#-icinga--web--director--api_pass) + +##### `service_ensure` Data type: `Stdlib::Ensure::Service` @@ -932,15 +946,15 @@ Manages if the Director service should be stopped or running. Default value: `'running'` -##### `service_enable` +##### `service_enable` Data type: `Boolean` If set to true the Director service will start on boot. -Default value: ``true`` +Default value: `true` -##### `db_type` +##### `db_type` Data type: `Enum['mysql', 'pgsql']` @@ -948,7 +962,7 @@ Type of your database. Either `mysql` or `pgsql`. Default value: `'mysql'` -##### `db_host` +##### `db_host` Data type: `Stdlib::Host` @@ -956,15 +970,15 @@ Hostname of the database. Default value: `'localhost'` -##### `db_port` +##### `db_port` Data type: `Optional[Stdlib::Port]` Port of the database. -Default value: ``undef`` +Default value: `undef` -##### `db_name` +##### `db_name` Data type: `String` @@ -972,7 +986,7 @@ Name of the database. Default value: `'director'` -##### `db_user` +##### `db_user` Data type: `String` @@ -980,27 +994,27 @@ Username for DB connection. Default value: `'director'` -##### `db_pass` +##### `db_pass` Data type: `Icinga::Secret` Password for DB connection. -##### `endpoint` +##### `endpoint` Data type: `String` Endpoint object name of Icinga 2 API. -##### `manage_database` +##### `manage_database` Data type: `Boolean` Create database and import schema. -Default value: ``false`` +Default value: `false` -##### `api_host` +##### `api_host` Data type: `Stdlib::Host` @@ -1008,7 +1022,7 @@ Icinga 2 API hostname. Default value: `'localhost'` -##### `api_user` +##### `api_user` Data type: `String` @@ -1016,13 +1030,13 @@ Icinga 2 API username. Default value: `'director'` -##### `api_pass` +##### `api_pass` Data type: `Icinga::Secret` Icinga 2 API password. -### `icinga::web::director::database` +### `icinga::web::director::database` Setup Director database. @@ -1030,33 +1044,33 @@ Setup Director database. The following parameters are available in the `icinga::web::director::database` class: -* [`db_type`](#db_type) -* [`web_instances`](#web_instances) -* [`db_pass`](#db_pass) -* [`db_name`](#db_name) -* [`db_user`](#db_user) -* [`tls`](#tls) +* [`db_type`](#-icinga--web--director--database--db_type) +* [`web_instances`](#-icinga--web--director--database--web_instances) +* [`db_pass`](#-icinga--web--director--database--db_pass) +* [`db_name`](#-icinga--web--director--database--db_name) +* [`db_user`](#-icinga--web--director--database--db_user) +* [`tls`](#-icinga--web--director--database--tls) -##### `db_type` +##### `db_type` Data type: `Enum['mysql','pgsql']` What kind of database type to use. -##### `web_instances` +##### `web_instances` Data type: `Array[Stdlib::Host]` List of Hosts to allow write access to the database. Usually an Icinga Web 2 instance. -##### `db_pass` +##### `db_pass` Data type: `Icinga::Secret` Password to connect the database. -##### `db_name` +##### `db_name` Data type: `String` @@ -1064,7 +1078,7 @@ Name of the database. Default value: `'director'` -##### `db_user` +##### `db_user` Data type: `String` @@ -1072,17 +1086,21 @@ Database user name. Default value: `'director'` -##### `tls` +##### `tls` -Data type: `Variant[Boolean, - Enum['password','cert']]` +Data type: + +```puppet +Variant[Boolean, + Enum['password','cert']] +``` Access only for TLS encrypted connections. Authentication via `password` or `cert`, value `true` means password auth. -Default value: ``false`` +Default value: `false` -### `icinga::web::icingadb` +### `icinga::web::icingadb` Setup IcingaDB module for the new backend. @@ -1090,29 +1108,29 @@ Setup IcingaDB module for the new backend. The following parameters are available in the `icinga::web::icingadb` class: -* [`db_type`](#db_type) -* [`db_host`](#db_host) -* [`db_port`](#db_port) -* [`db_name`](#db_name) -* [`db_user`](#db_user) -* [`db_pass`](#db_pass) -* [`redis_host`](#redis_host) -* [`redis_port`](#redis_port) -* [`redis_pass`](#redis_pass) -* [`redis_primary_host`](#redis_primary_host) -* [`redis_primary_port`](#redis_primary_port) -* [`redis_primary_pass`](#redis_primary_pass) -* [`redis_secondary_host`](#redis_secondary_host) -* [`redis_secondary_port`](#redis_secondary_port) -* [`redis_secondary_pass`](#redis_secondary_pass) - -##### `db_type` +* [`db_type`](#-icinga--web--icingadb--db_type) +* [`db_host`](#-icinga--web--icingadb--db_host) +* [`db_port`](#-icinga--web--icingadb--db_port) +* [`db_name`](#-icinga--web--icingadb--db_name) +* [`db_user`](#-icinga--web--icingadb--db_user) +* [`db_pass`](#-icinga--web--icingadb--db_pass) +* [`redis_host`](#-icinga--web--icingadb--redis_host) +* [`redis_port`](#-icinga--web--icingadb--redis_port) +* [`redis_pass`](#-icinga--web--icingadb--redis_pass) +* [`redis_primary_host`](#-icinga--web--icingadb--redis_primary_host) +* [`redis_primary_port`](#-icinga--web--icingadb--redis_primary_port) +* [`redis_primary_pass`](#-icinga--web--icingadb--redis_primary_pass) +* [`redis_secondary_host`](#-icinga--web--icingadb--redis_secondary_host) +* [`redis_secondary_port`](#-icinga--web--icingadb--redis_secondary_port) +* [`redis_secondary_pass`](#-icinga--web--icingadb--redis_secondary_pass) + +##### `db_type` Data type: `Enum['mysql', 'pgsql']` What kind of database type to use as backend. -##### `db_host` +##### `db_host` Data type: `Stdlib::Host` @@ -1120,15 +1138,15 @@ Database host to connect for the backenend. Default value: `'localhost'` -##### `db_port` +##### `db_port` Data type: `Optional[Stdlib::Port::Unprivileged]` Port to connect the backend. -Default value: ``undef`` +Default value: `undef` -##### `db_name` +##### `db_name` Data type: `String` @@ -1136,7 +1154,7 @@ Name of the database backend. Default value: `'icingadb'` -##### `db_user` +##### `db_user` Data type: `String` @@ -1144,13 +1162,13 @@ Database backend user name. Default value: `'icingadb'` -##### `db_pass` +##### `db_pass` Data type: `Icinga::Secret` Password to connect the backend. -##### `redis_host` +##### `redis_host` Data type: `Stdlib::Host` @@ -1158,23 +1176,23 @@ Redis host to connect. Default value: `'localhost'` -##### `redis_port` +##### `redis_port` Data type: `Optional[Stdlib::Port]` Connect `redis_host` om this port. -Default value: ``undef`` +Default value: `undef` -##### `redis_pass` +##### `redis_pass` Data type: `Optional[Icinga::Secret]` Password for Redis connection. -Default value: ``undef`` +Default value: `undef` -##### `redis_primary_host` +##### `redis_primary_host` Data type: `Stdlib::Host` @@ -1182,7 +1200,7 @@ Alternative parameter to use for `redis_host`. Useful for high availability envi Default value: `$redis_host` -##### `redis_primary_port` +##### `redis_primary_port` Data type: `Optional[Stdlib::Port]` @@ -1190,7 +1208,7 @@ Alternative parameter to use for `redis_port`. Useful for high availability envi Default value: `$redis_port` -##### `redis_primary_pass` +##### `redis_primary_pass` Data type: `Optional[Icinga::Secret]` @@ -1198,31 +1216,31 @@ Alternative parameter to use for `redis_passwod`. Useful for high availability e Default value: `$redis_pass` -##### `redis_secondary_host` +##### `redis_secondary_host` Data type: `Optional[Stdlib::Host]` Fallback Redis host to connect if the first one fails. -Default value: ``undef`` +Default value: `undef` -##### `redis_secondary_port` +##### `redis_secondary_port` Data type: `Optional[Stdlib::Port]` Port to connect on the fallback Redis server. -Default value: ``undef`` +Default value: `undef` -##### `redis_secondary_pass` +##### `redis_secondary_pass` Data type: `Optional[Icinga::Secret]` Password for the second Redis server. -Default value: ``undef`` +Default value: `undef` -### `icinga::web::monitoring` +### `icinga::web::monitoring` Setup Monitoring module for the IDO backend. @@ -1230,14 +1248,14 @@ Setup Monitoring module for the IDO backend. The following parameters are available in the `icinga::web::monitoring` class: -* [`db_type`](#db_type) -* [`db_host`](#db_host) -* [`db_port`](#db_port) -* [`db_name`](#db_name) -* [`db_user`](#db_user) -* [`db_pass`](#db_pass) +* [`db_type`](#-icinga--web--monitoring--db_type) +* [`db_host`](#-icinga--web--monitoring--db_host) +* [`db_port`](#-icinga--web--monitoring--db_port) +* [`db_name`](#-icinga--web--monitoring--db_name) +* [`db_user`](#-icinga--web--monitoring--db_user) +* [`db_pass`](#-icinga--web--monitoring--db_pass) -##### `db_type` +##### `db_type` Data type: `Enum['mysql', 'pgsql']` @@ -1245,7 +1263,7 @@ What kind of database type to use as IDO backend. Default value: `'mysql'` -##### `db_host` +##### `db_host` Data type: `Stdlib::Host` @@ -1253,15 +1271,15 @@ Database host to connect for the IDO backenend. Default value: `'localhost'` -##### `db_port` +##### `db_port` Data type: `Optional[Stdlib::Port::Unprivileged]` Port to connect the IDO backend. -Default value: ``undef`` +Default value: `undef` -##### `db_name` +##### `db_name` Data type: `String` @@ -1269,7 +1287,7 @@ Name of the IDO database backend. Default value: `'icinga2'` -##### `db_user` +##### `db_user` Data type: `String` @@ -1277,13 +1295,13 @@ IDO database backend user name. Default value: `'icinga2'` -##### `db_pass` +##### `db_pass` Data type: `Icinga::Secret` Pasword to connect the IDO backend. -### `icinga::web::reporting` +### `icinga::web::reporting` Setup the reporting module for Icinga Web 2 @@ -1291,18 +1309,18 @@ Setup the reporting module for Icinga Web 2 The following parameters are available in the `icinga::web::reporting` class: -* [`service_ensure`](#service_ensure) -* [`service_enable`](#service_enable) -* [`db_type`](#db_type) -* [`db_host`](#db_host) -* [`db_port`](#db_port) -* [`db_name`](#db_name) -* [`db_user`](#db_user) -* [`db_pass`](#db_pass) -* [`manage_database`](#manage_database) -* [`mail`](#mail) +* [`service_ensure`](#-icinga--web--reporting--service_ensure) +* [`service_enable`](#-icinga--web--reporting--service_enable) +* [`db_type`](#-icinga--web--reporting--db_type) +* [`db_host`](#-icinga--web--reporting--db_host) +* [`db_port`](#-icinga--web--reporting--db_port) +* [`db_name`](#-icinga--web--reporting--db_name) +* [`db_user`](#-icinga--web--reporting--db_user) +* [`db_pass`](#-icinga--web--reporting--db_pass) +* [`manage_database`](#-icinga--web--reporting--manage_database) +* [`mail`](#-icinga--web--reporting--mail) -##### `service_ensure` +##### `service_ensure` Data type: `Stdlib::Ensure::Service` @@ -1310,21 +1328,21 @@ Manages if the reporting service should be stopped or running. Default value: `'running'` -##### `service_enable` +##### `service_enable` Data type: `Boolean` If set to true the reporting service will start on boot. -Default value: ``true`` +Default value: `true` -##### `db_type` +##### `db_type` Data type: `Enum['mysql', 'pgsql']` Type of your database. -##### `db_host` +##### `db_host` Data type: `Stdlib::Host` @@ -1332,15 +1350,15 @@ Hostname of the database. Default value: `'localhost'` -##### `db_port` +##### `db_port` Data type: `Optional[Stdlib::Port]` Port of the database. -Default value: ``undef`` +Default value: `undef` -##### `db_name` +##### `db_name` Data type: `String` @@ -1348,7 +1366,7 @@ Name of the database. Default value: `'reporting'` -##### `db_user` +##### `db_user` Data type: `String` @@ -1356,29 +1374,29 @@ Username for DB connection. Default value: `'reporting'` -##### `db_pass` +##### `db_pass` Data type: `Icinga::Secret` Password for DB connection. -##### `manage_database` +##### `manage_database` Data type: `Boolean` Create database and import schema. -Default value: ``false`` +Default value: `false` -##### `mail` +##### `mail` Data type: `Optional[String]` Mails are sent with this sender address. -Default value: ``undef`` +Default value: `undef` -### `icinga::web::reporting::database` +### `icinga::web::reporting::database` Setup the reporting database. @@ -1386,33 +1404,33 @@ Setup the reporting database. The following parameters are available in the `icinga::web::reporting::database` class: -* [`db_type`](#db_type) -* [`web_instances`](#web_instances) -* [`db_pass`](#db_pass) -* [`db_name`](#db_name) -* [`db_user`](#db_user) -* [`tls`](#tls) +* [`db_type`](#-icinga--web--reporting--database--db_type) +* [`web_instances`](#-icinga--web--reporting--database--web_instances) +* [`db_pass`](#-icinga--web--reporting--database--db_pass) +* [`db_name`](#-icinga--web--reporting--database--db_name) +* [`db_user`](#-icinga--web--reporting--database--db_user) +* [`tls`](#-icinga--web--reporting--database--tls) -##### `db_type` +##### `db_type` Data type: `Enum['mysql','pgsql']` What kind of database type to use. -##### `web_instances` +##### `web_instances` Data type: `Array[Stdlib::Host]` List of Hosts to allow write access to the database. Usually an Icinga Web 2 instance. -##### `db_pass` +##### `db_pass` Data type: `Icinga::Secret` Password to connect the database. -##### `db_name` +##### `db_name` Data type: `String` @@ -1420,7 +1438,7 @@ Name of the database. Default value: `'reporting'` -##### `db_user` +##### `db_user` Data type: `String` @@ -1428,17 +1446,21 @@ Database user name. Default value: `'reporting'` -##### `tls` +##### `tls` + +Data type: -Data type: `Variant[Boolean, - Enum['password','cert']]` +```puppet +Variant[Boolean, + Enum['password','cert']] +``` Access only for TLS encrypted connections. Authentication via `password` or `cert`, value `true` means password auth. -Default value: ``false`` +Default value: `false` -### `icinga::web::vspheredb` +### `icinga::web::vspheredb` Setup VSphereDB module for Icinga Web 2 @@ -1446,17 +1468,17 @@ Setup VSphereDB module for Icinga Web 2 The following parameters are available in the `icinga::web::vspheredb` class: -* [`service_ensure`](#service_ensure) -* [`service_enable`](#service_enable) -* [`db_type`](#db_type) -* [`db_host`](#db_host) -* [`db_port`](#db_port) -* [`db_name`](#db_name) -* [`db_user`](#db_user) -* [`db_pass`](#db_pass) -* [`manage_database`](#manage_database) +* [`service_ensure`](#-icinga--web--vspheredb--service_ensure) +* [`service_enable`](#-icinga--web--vspheredb--service_enable) +* [`db_type`](#-icinga--web--vspheredb--db_type) +* [`db_host`](#-icinga--web--vspheredb--db_host) +* [`db_port`](#-icinga--web--vspheredb--db_port) +* [`db_name`](#-icinga--web--vspheredb--db_name) +* [`db_user`](#-icinga--web--vspheredb--db_user) +* [`db_pass`](#-icinga--web--vspheredb--db_pass) +* [`manage_database`](#-icinga--web--vspheredb--manage_database) -##### `service_ensure` +##### `service_ensure` Data type: `Stdlib::Ensure::Service` @@ -1464,15 +1486,15 @@ Manages if the VSphereDB service should be stopped or running. Default value: `'running'` -##### `service_enable` +##### `service_enable` Data type: `Boolean` If set to true the VSphereDB service will start on boot. -Default value: ``true`` +Default value: `true` -##### `db_type` +##### `db_type` Data type: `Enum['mysql']` @@ -1480,7 +1502,7 @@ Type of your database. At the moment only `mysql` is supported by the Icinga tea Default value: `'mysql'` -##### `db_host` +##### `db_host` Data type: `Stdlib::Host` @@ -1488,15 +1510,15 @@ Hostname of the database. Default value: `'localhost'` -##### `db_port` +##### `db_port` Data type: `Optional[Stdlib::Port]` Port of the database. -Default value: ``undef`` +Default value: `undef` -##### `db_name` +##### `db_name` Data type: `String` @@ -1504,7 +1526,7 @@ Name of the database. Default value: `'vspheredb'` -##### `db_user` +##### `db_user` Data type: `String` @@ -1512,21 +1534,21 @@ Username for DB connection. Default value: `'vspheredb'` -##### `db_pass` +##### `db_pass` Data type: `Icinga::Secret` Password for DB connection. -##### `manage_database` +##### `manage_database` Data type: `Boolean` Create database and import schema. -Default value: ``false`` +Default value: `false` -### `icinga::web::vspheredb::database` +### `icinga::web::vspheredb::database` Setup VSphereDB database. @@ -1534,32 +1556,32 @@ Setup VSphereDB database. The following parameters are available in the `icinga::web::vspheredb::database` class: -* [`db_type`](#db_type) -* [`web_instances`](#web_instances) -* [`db_pass`](#db_pass) -* [`db_name`](#db_name) -* [`db_user`](#db_user) -* [`tls`](#tls) +* [`db_type`](#-icinga--web--vspheredb--database--db_type) +* [`web_instances`](#-icinga--web--vspheredb--database--web_instances) +* [`db_pass`](#-icinga--web--vspheredb--database--db_pass) +* [`db_name`](#-icinga--web--vspheredb--database--db_name) +* [`db_user`](#-icinga--web--vspheredb--database--db_user) +* [`tls`](#-icinga--web--vspheredb--database--tls) -##### `db_type` +##### `db_type` Data type: `Enum['mysql']` What kind of database type to use. -##### `web_instances` +##### `web_instances` Data type: `Array[Stdlib::Host]` List of Hosts to allow write access to the database. Usually an Icinga Web 2 instance. -##### `db_pass` +##### `db_pass` Data type: `Icinga::Secret` Password to connect the database. -##### `db_name` +##### `db_name` Data type: `String` @@ -1567,7 +1589,7 @@ Name of the database. Default value: `'vspheredb'` -##### `db_user` +##### `db_user` Data type: `String` @@ -1575,17 +1597,171 @@ Database user name. Default value: `'vspheredb'` -##### `tls` +##### `tls` -Data type: `Variant[Boolean, - Enum['password','cert']]` +Data type: + +```puppet +Variant[Boolean, + Enum['password','cert']] +``` Access only for TLS encrypted connections. Authentication via `password` or `cert`, value `true` means password auth. -Default value: ``false`` +Default value: `false` + +### `icinga::web::x509` + +Setup the x509 module for Icinga Web 2 + +#### Parameters + +The following parameters are available in the `icinga::web::x509` class: + +* [`service_ensure`](#-icinga--web--x509--service_ensure) +* [`service_enable`](#-icinga--web--x509--service_enable) +* [`db_type`](#-icinga--web--x509--db_type) +* [`db_host`](#-icinga--web--x509--db_host) +* [`db_port`](#-icinga--web--x509--db_port) +* [`db_name`](#-icinga--web--x509--db_name) +* [`db_user`](#-icinga--web--x509--db_user) +* [`db_pass`](#-icinga--web--x509--db_pass) +* [`manage_database`](#-icinga--web--x509--manage_database) + +##### `service_ensure` + +Data type: `Stdlib::Ensure::Service` + +Manages if the x509 service should be stopped or running. + +Default value: `'running'` + +##### `service_enable` + +Data type: `Boolean` + +If set to true the x509 service will start on boot. + +Default value: `true` + +##### `db_type` + +Data type: `Enum['mysql', 'pgsql']` -### `icinga::worker` +Type of your database. + +##### `db_host` + +Data type: `Stdlib::Host` + +Hostname of the database. + +Default value: `'localhost'` + +##### `db_port` + +Data type: `Optional[Stdlib::Port]` + +Port of the database. + +Default value: `undef` + +##### `db_name` + +Data type: `String` + +Name of the database. + +Default value: `'x509'` + +##### `db_user` + +Data type: `String` + +Username for DB connection. + +Default value: `'x509'` + +##### `db_pass` + +Data type: `Icinga::Secret` + +Password for DB connection. + +##### `manage_database` + +Data type: `Boolean` + +Create database and import schema. + +Default value: `false` + +### `icinga::web::x509::database` + +Setup the x509 database. + +#### Parameters + +The following parameters are available in the `icinga::web::x509::database` class: + +* [`db_type`](#-icinga--web--x509--database--db_type) +* [`web_instances`](#-icinga--web--x509--database--web_instances) +* [`db_pass`](#-icinga--web--x509--database--db_pass) +* [`db_name`](#-icinga--web--x509--database--db_name) +* [`db_user`](#-icinga--web--x509--database--db_user) +* [`tls`](#-icinga--web--x509--database--tls) + +##### `db_type` + +Data type: `Enum['mysql','pgsql']` + +What kind of database type to use. + +##### `web_instances` + +Data type: `Array[Stdlib::Host]` + +List of Hosts to allow write access to the database. +Usually an Icinga Web 2 instance. + +##### `db_pass` + +Data type: `Icinga::Secret` + +Password to connect the database. + +##### `db_name` + +Data type: `String` + +Name of the database. + +Default value: `'x509'` + +##### `db_user` + +Data type: `String` + +Database user name. + +Default value: `'x509'` + +##### `tls` + +Data type: + +```puppet +Variant[Boolean, + Enum['password','cert']] +``` + +Access only for TLS encrypted connections. Authentication via `password` or `cert`, +value `true` means password auth. + +Default value: `false` + +### `icinga::worker` Setup a Icinga worker (aka satellite). @@ -1593,29 +1769,29 @@ Setup a Icinga worker (aka satellite). The following parameters are available in the `icinga::worker` class: -* [`ca_server`](#ca_server) -* [`zone`](#zone) -* [`parent_zone`](#parent_zone) -* [`parent_endpoints`](#parent_endpoints) -* [`colocation_endpoints`](#colocation_endpoints) -* [`global_zones`](#global_zones) -* [`logging_type`](#logging_type) -* [`logging_level`](#logging_level) -* [`run_web`](#run_web) +* [`ca_server`](#-icinga--worker--ca_server) +* [`zone`](#-icinga--worker--zone) +* [`parent_zone`](#-icinga--worker--parent_zone) +* [`parent_endpoints`](#-icinga--worker--parent_endpoints) +* [`colocation_endpoints`](#-icinga--worker--colocation_endpoints) +* [`global_zones`](#-icinga--worker--global_zones) +* [`logging_type`](#-icinga--worker--logging_type) +* [`logging_level`](#-icinga--worker--logging_level) +* [`run_web`](#-icinga--worker--run_web) -##### `ca_server` +##### `ca_server` Data type: `Stdlib::Host` The CA to send the certificate request to. -##### `zone` +##### `zone` Data type: `String` Name of the Icinga zone. -##### `parent_zone` +##### `parent_zone` Data type: `String` @@ -1623,13 +1799,13 @@ Name of the parent Icinga zone. Default value: `'main'` -##### `parent_endpoints` +##### `parent_endpoints` Data type: `Hash[String, Hash]` Configures these endpoints of the parent zone. -##### `colocation_endpoints` +##### `colocation_endpoints` Data type: `Hash[String, Hash]` @@ -1638,7 +1814,7 @@ Icinga supports two endpoints per zone only. Default value: `{}` -##### `global_zones` +##### `global_zones` Data type: `Array[String]` @@ -1646,7 +1822,7 @@ List of global zones to configure. Default value: `[]` -##### `logging_type` +##### `logging_type` Data type: `Enum['file', 'syslog']` @@ -1654,26 +1830,26 @@ Switch the log target. Only `file` is supported on Windows. Default value: `'file'` -##### `logging_level` +##### `logging_level` Data type: `Optional[Icinga::LogLevel]` Set the log level. -Default value: ``undef`` +Default value: `undef` -##### `run_web` +##### `run_web` Data type: `Boolean` Prepare to run Icinga Web 2 on the same machine. Manage a group `icingaweb2` and add the Icinga user to this group. -Default value: ``false`` +Default value: `false` ## Defined types -### `icinga::cert` +### `icinga::cert` A class to generate tls key, cert and cacert files. @@ -1681,24 +1857,24 @@ A class to generate tls key, cert and cacert files. The following parameters are available in the `icinga::cert` defined type: -* [`args`](#args) -* [`owner`](#owner) -* [`group`](#group) +* [`args`](#-icinga--cert--args) +* [`owner`](#-icinga--cert--owner) +* [`group`](#-icinga--cert--group) -##### `args` +##### `args` Data type: `Icinga::Certificate` A config hash with the keys: key_file, cert_file, cacert_file, key, cert and cacert -##### `owner` +##### `owner` Data type: `String` Owner of the files. -##### `group` +##### `group` Data type: `String` @@ -1706,7 +1882,7 @@ Group membership of all files. ## Functions -### `icinga::cert::files` +### `icinga::cert::files` Type: Puppet Language @@ -1766,7 +1942,7 @@ Data type: `Optional[String]` -### `icinga::db::connect` +### `icinga::db::connect` Type: Puppet Language @@ -1788,14 +1964,18 @@ Returns: `String` Connection string to connect database. ##### `db` -Data type: `Struct[{ +Data type: + +```puppet +Struct[{ type => Enum['pgsql','mysql','mariadb'], host => Stdlib::Host, port => Optional[Stdlib::Port], database => String, username => String, password => Optional[Variant[String, Sensitive[String]]], - }]` + }] +``` @@ -1811,7 +1991,7 @@ Data type: `Optional[Boolean]` -### `icinga::newline` +### `icinga::newline` Type: Puppet Language @@ -1829,7 +2009,7 @@ Data type: `Optional[String]` -### `icinga::prepare_web` +### `icinga::prepare_web` Type: Puppet Language @@ -1847,7 +2027,7 @@ Data type: `String` -### `icinga::unwrap` +### `icinga::unwrap` Type: Puppet Language @@ -1867,7 +2047,7 @@ Data type: `Optional[Variant[String, Sensitive[String]]]` ## Data types -### `Icinga::Certificate` +### `Icinga::Certificate` A strict type for a certificate @@ -1885,23 +2065,15 @@ Struct[{ }] ``` -### `Icinga::LogLevel` +### `Icinga::LogLevel` A strict type for log levels -Alias of - -```puppet -Enum['debug', 'information', 'notice', 'warning', 'critical'] -``` +Alias of `Enum['debug', 'information', 'notice', 'warning', 'critical']` -### `Icinga::Secret` +### `Icinga::Secret` A strict type for the secrets like passwords or keys -Alias of - -```puppet -Variant[String, Sensitive[String]] -``` +Alias of `Variant[String, Sensitive[String]]` diff --git a/Rakefile b/Rakefile index 0f8754e..74415a9 100644 --- a/Rakefile +++ b/Rakefile @@ -1,12 +1,11 @@ # frozen_string_literal: true require 'bundler' -require 'puppet_litmus/rake_tasks' if Bundler.rubygems.find_name('puppet_litmus').any? +require 'puppet_litmus/rake_tasks' if Gem.loaded_specs.key? 'puppet_litmus' require 'puppetlabs_spec_helper/rake_tasks' require 'puppet-syntax/tasks/puppet-syntax' -require 'puppet_blacksmith/rake_tasks' if Bundler.rubygems.find_name('puppet-blacksmith').any? -require 'github_changelog_generator/task' if Bundler.rubygems.find_name('github_changelog_generator').any? -require 'puppet-strings/tasks' if Bundler.rubygems.find_name('puppet-strings').any? +require 'github_changelog_generator/task' if Gem.loaded_specs.key? 'github_changelog_generator' +require 'puppet-strings/tasks' if Gem.loaded_specs.key? 'puppet-strings' def changelog_user return unless Rake.application.top_level_tasks.include? "changelog" @@ -44,7 +43,7 @@ end PuppetLint.configuration.send('disable_relative') -if Bundler.rubygems.find_name('github_changelog_generator').any? +if Gem.loaded_specs.key? 'github_changelog_generator' GitHubChangelogGenerator::RakeTask.new :changelog do |config| raise "Set CHANGELOG_GITHUB_TOKEN environment variable eg 'export CHANGELOG_GITHUB_TOKEN=valid_token_here'" if Rake.application.top_level_tasks.include? "changelog" and ENV['CHANGELOG_GITHUB_TOKEN'].nil? config.user = "#{changelog_user}" diff --git a/manifests/db/database.pp b/manifests/db/database.pp index 94f8606..d7bb5e7 100644 --- a/manifests/db/database.pp +++ b/manifests/db/database.pp @@ -49,8 +49,8 @@ include postgresql::server::contrib postgresql::server::extension { "${db_name}-citext": - extension => 'citext', - database => $db_name, + extension => 'citext', + database => $db_name, } } } diff --git a/metadata.json b/metadata.json index a0a3e48..bfb4245 100644 --- a/metadata.json +++ b/metadata.json @@ -101,7 +101,7 @@ "tags": [ "monitoring" ], - "pdk-version": "2.5.0", - "template-url": "https://github.com/puppetlabs/pdk-templates#1.18.1", - "template-ref": "tags/1.18.1-0-g3d2e75c" + "pdk-version": "3.0.0", + "template-url": "https://github.com/puppetlabs/pdk-templates#3.0.0", + "template-ref": "tags/3.0.0-0-g5bfc1c0" } diff --git a/spec/classes/server_spec.rb b/spec/classes/server_spec.rb index fc75129..8709741 100644 --- a/spec/classes/server_spec.rb +++ b/spec/classes/server_spec.rb @@ -3,11 +3,11 @@ require 'spec_helper' describe 'icinga::server' do - on_supported_os.each do |os, os_facts| + on_supported_os.each do |os, facts| context "on #{os}" do - let(:facts) { os_facts } + let(:facts) { facts } - case os_facts[:osfamily] + case facts[:os]['family'] when 'Debian' let(:icinga2_config_dir) { '/etc/icinga2' } let(:icinga2_user) { 'nagios' } diff --git a/spec/default_facts.yml b/spec/default_facts.yml index f777abf..188b4dc 100644 --- a/spec/default_facts.yml +++ b/spec/default_facts.yml @@ -2,7 +2,9 @@ # # Facts specified here will override the values provided by rspec-puppet-facts. --- -ipaddress: "172.16.254.254" -ipaddress6: "FE80:0000:0000:0000:AAAA:AAAA:AAAA" +networking: + ip: "172.16.254.254" + ip6: "FE80:0000:0000:0000:AAAA:AAAA:AAAA" + mac: "AA:AA:AA:AA:AA:AA" + fqdn: "foo.example.com" is_pe: false -macaddress: "AA:AA:AA:AA:AA:AA" diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index b367fde..6820ceb 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -25,8 +25,8 @@ next unless File.exist?(f) && File.readable?(f) && File.size?(f) begin - default_facts.merge!(YAML.safe_load(File.read(f), [], [], true)) - rescue => e + default_facts.merge!(YAML.safe_load(File.read(f), permitted_classes: [], permitted_symbols: [], aliases: true)) + rescue StandardError => e RSpec.configuration.reporter.message "WARNING: Unable to load #{f}: #{e}" end end @@ -46,6 +46,19 @@ end c.filter_run_excluding(bolt: true) unless ENV['GEM_BOLT'] c.after(:suite) do + RSpec::Puppet::Coverage.report!(0) + end + + # Filter backtrace noise + backtrace_exclusion_patterns = [ + %r{spec_helper}, + %r{gems}, + ] + + if c.respond_to?(:backtrace_exclusion_patterns) + c.backtrace_exclusion_patterns = backtrace_exclusion_patterns + elsif c.respond_to?(:backtrace_clean_patterns) + c.backtrace_clean_patterns = backtrace_exclusion_patterns end end From f9c29f6f8c7b74d6cee59eeaeb39fd0a18402bb0 Mon Sep 17 00:00:00 2001 From: Lennart Betz Date: Tue, 17 Oct 2023 18:50:57 +0200 Subject: [PATCH 05/21] remove old redis class for icingadb prerelease --- REFERENCE.md | 5 ----- manifests/redis.pp | 17 ----------------- metadata.json | 4 ---- 3 files changed, 26 deletions(-) delete mode 100644 manifests/redis.pp diff --git a/REFERENCE.md b/REFERENCE.md index f06695a..424d4cc 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -13,7 +13,6 @@ * [`icinga::db::database`](#icinga--db--database): Setup database for IcingaDB. * [`icinga::ido`](#icinga--ido): Configure IDO Backend. * [`icinga::ido::database`](#icinga--ido--database): Configure IDO backend database. -* [`icinga::redis`](#icinga--redis): Base class for all redis owned by Icinga. * [`icinga::repos`](#icinga--repos): This class manages the stages stable, testing and snapshot of packages.icinga.com repository and depending on the operating system platform s * [`icinga::server`](#icinga--server): Setup a Icinga server. * [`icinga::web`](#icinga--web): Setup Icinga Web 2 including a database backend for user settings, @@ -484,10 +483,6 @@ value `true` means password auth. Default value: `false` -### `icinga::redis` - -Base class for all redis owned by Icinga. - ### `icinga::repos` This class manages the stages stable, testing and snapshot of packages.icinga.com repository diff --git a/manifests/redis.pp b/manifests/redis.pp deleted file mode 100644 index ac55d39..0000000 --- a/manifests/redis.pp +++ /dev/null @@ -1,17 +0,0 @@ -# @summary -# Base class for all redis owned by Icinga. -# -class icinga::redis { - class { 'redis': - manage_repo => false, - manage_package => false, - default_install => false, - ulimit_managed => false, - service_manage => false, - config_owner => 'root', - config_group => 'root', - service_user => 'root', - service_group => 'root', - } - contain redis -} diff --git a/metadata.json b/metadata.json index bfb4245..4c6704e 100644 --- a/metadata.json +++ b/metadata.json @@ -12,10 +12,6 @@ "name": "puppetlabs/stdlib", "version_requirement": ">= 6.6.0 < 10.0.0" }, - { - "name": "puppet/redis", - "version_requirement": ">= 7.0.0 < 10.0.0" - }, { "name": "puppetlabs/apt", "version_requirement": ">= 7.7.0 < 10.0.0" From 44fd7da1fb29be2937723eff6873f97643f0ee2a Mon Sep 17 00:00:00 2001 From: Lennart Betz Date: Wed, 18 Oct 2023 08:42:48 +0200 Subject: [PATCH 06/21] fix requirements in README --- README.md | 59 ++++++++++++++++++++++++------------------------------- 1 file changed, 26 insertions(+), 33 deletions(-) diff --git a/README.md b/README.md index 1a0d9a6..38a2e8a 100644 --- a/README.md +++ b/README.md @@ -84,15 +84,14 @@ git checkout v2.5.0 The class supports: -* [puppet] >= 6.0 < 8.0 +* [puppet] >= 7.0 < 9.0 And requiers: -* [puppetlabs/stdlib] >= 5.1.0 -* [puppetlabs/apt] >= 6.0.0 -* [puppet/zypprepo] >= 2.2.1 -* [puppetlabs/yumrepo_core] >= 1.0.0 -* [puppet/redis] >= 7.0.0 +* [puppetlabs/stdlib] >= 6.6.0 < 10.0.0 +* [puppetlabs/apt] >= 7.7.0 < 10.0.0 +* [puppet/zypprepo] >= 4.0.0 < 6.0.0 +* [puppetlabs/yumrepo_core] >= 1.1.0 < 3.0.0 By default the upstream Icinga repository for stable release are involved. ``` @@ -214,11 +213,11 @@ apt::backports::location: 'https://archive.debian.org/debian' The class supports: -* [puppet] >= 6.0 < 8.0 +* [puppet] >= 7.0 < 9.0 And requiers: -* [icinga/icinga2] >= 2.0.0 < 4.0.0 +* [icinga/icinga2] >= 3.1.0 < 5.0.0 Setting up a Icinga Server with a CA and to store configuration: @@ -276,14 +275,14 @@ NOTICE: To switch off the package installation via chocolatey on windows, `icing The class supports: -* [puppet] >= 6.0 < 8.0 +* [puppet] >= 7.0 < 9.0 Ands requires: -* [puppetlabs/mysql] >= 6.0.0 =< 13.1.0 -* [puppetlabs/postgresql] >= 7.0.0 -* [icinga/icinga2] >= 2.0.0 < 4.0.0 -* [icinga/icingadb] >= 1.0.0 < 2.0.0 +* [puppetlabs/mysql] >= 10.9.0 =< 16.0.0 +* [puppetlabs/postgresql] >= 7.0.0 < 11.0.0 +* [icinga/icinga2] >= 2.9.0 < 5.0.0 +* [icinga/icingadb] >= 1.0.0 < 3.0.0 To activate and configure the IcingaDB (usally on a server) do: @@ -304,13 +303,13 @@ Setting `manage_database` to `true` also setups a database as specified in `db_t The class supports: -* [puppet] >= 6.0 < 8.0 +* [puppet] >= 7.0 < 9.0 Ands requires: -* [puppetlabs/mysql] >= 6.0.0 =< 13.1.0 -* [puppetlabs/postgresql] >= 7.0.0 -* [icinga/icinga2] >= 2.0.0 < 4.0.0 +* [puppetlabs/mysql] >= 10.9.0 =< 16.0.0 +* [puppetlabs/postgresql] >= 7.0.0 < 11.0.0 +* [icinga/icinga2] >= 2.9.0 < 5.0.0 To activate and configure the IDO feature (usally on a server) do: @@ -333,12 +332,12 @@ The class supports: And requires: -* [puppetlabs/mysql] >= 6.0.0 =< 13.1.0 -* [puppetlabs/postgresql] >= 7.0.0 -* [puppetlabs/apache] >= 3.0.0 -* [puppet/php] >= 8.0.0 -* [icinga/icinga2] >= 2.0.0 -* [icinga/icingaweb2] >= 2.0.0 +* [puppetlabs/mysql] >= 10.9.0 =< 16.0.0 +* [puppetlabs/postgresql] >= 7.0.0 < 11.0.0 +* [icinga/icingaweb2] >= 3.6.0 < 5.0.0 +* [icinga/icinga2] >= 2.9.0 < 5.0.0 +* [puppetlabs/apache] >= 5.8.0 < 12.0.0 +* [puppet/php] >= 8.0.0 < 11.0.0 A Icinga Web 2 with an Apache and PHP-FPM can be managed as follows: @@ -409,14 +408,6 @@ In this example the Icinga server is running on the same Host like the web and t #### icinga::web::vspheredb -The class supports: - -* [puppet] >= 6.0 < 8.0 - -And required in addition to `icinga::web`: - -* [icinga/icingaweb2] >= 3.2.0 - The following example sets up the `vspheredb` Icinga Web 2 module and the required database. At this time only MySQL/MariaDB is support by the Icinga team, so this class also supports only `mysql`. ``` @@ -432,11 +423,13 @@ class { 'icinga::web::vspheredb': The class supports: -* [puppet] >= 6.0 < 8.0 +* [puppet] >= 7.0 < 9.0 And required in addition to `icinga::web::icingadb` or `icinga::web::monitoring`: -* [icinga/icingaweb2] >= 3.7.0 +* [puppetlabs/mysql] >= 10.9.0 =< 16.0.0 +* [puppetlabs/postgresql] >= 7.0.0 < 11.0.0 +* [icinga/icingaweb2] >= 3.7.0 < 5.0.0 An example to setup reporting and the required database: From 8d829aaea3e5a142cfee8c66d1a476bf3c05e43c Mon Sep 17 00:00:00 2001 From: Lennart Betz Date: Wed, 18 Oct 2023 14:37:51 +0200 Subject: [PATCH 07/21] fix module to run with older puppet-icingaweb2 than 4.0.0 --- manifests/redis.pp | 17 +++++++++++++++++ manifests/web.pp | 42 +++++++++++++++++++++++++++++------------- 2 files changed, 46 insertions(+), 13 deletions(-) create mode 100644 manifests/redis.pp diff --git a/manifests/redis.pp b/manifests/redis.pp new file mode 100644 index 0000000..ac55d39 --- /dev/null +++ b/manifests/redis.pp @@ -0,0 +1,17 @@ +# @summary +# Base class for all redis owned by Icinga. +# +class icinga::redis { + class { 'redis': + manage_repo => false, + manage_package => false, + default_install => false, + ulimit_managed => false, + service_manage => false, + config_owner => 'root', + config_group => 'root', + service_user => 'root', + service_group => 'root', + } + contain redis +} diff --git a/manifests/web.pp b/manifests/web.pp index 9e16767..155da02 100644 --- a/manifests/web.pp +++ b/manifests/web.pp @@ -181,18 +181,34 @@ # # Icinga Web 2 # - class { 'icingaweb2': - db_type => $db_type, - db_host => $_db_host, - db_port => $db_port, - db_name => $db_name, - db_username => $db_user, - db_password => $db_pass, - default_admin_username => $default_admin_user, - default_admin_password => $default_admin_pass, - import_schema => lookup('icingaweb2::import_schema', undef, undef, true), - config_backend => 'db', - conf_user => $web_conf_user, - manage_package => $manage_package, + if versioncmp(load_module_metadata('icingaweb2')['version'], '4.0.0') < 0 { + class { 'icingaweb2': + db_type => $db_type, + db_host => $_db_host, + db_port => $db_port, + db_name => $db_name, + db_username => $db_user, + db_password => $db_pass, + default_admin_username => $default_admin_user, + default_admin_password => $default_admin_pass, + import_schema => lookup('icingaweb2::import_schema', undef, undef, true), + config_backend => 'db', + conf_user => $web_conf_user, + manage_package => $manage_package, + } + } else { + class { 'icingaweb2': + db_type => $db_type, + db_host => $_db_host, + db_port => $db_port, + db_name => $db_name, + db_username => $db_user, + db_password => $db_pass, + default_admin_username => $default_admin_user, + default_admin_password => $default_admin_pass, + import_schema => lookup('icingaweb2::import_schema', undef, undef, true), + conf_user => $web_conf_user, + manage_package => $manage_package, + } } } From 795d34973d76ceddedc7f76b5110b64d6094b28e Mon Sep 17 00:00:00 2001 From: Lennart Betz Date: Wed, 18 Oct 2023 14:38:45 +0200 Subject: [PATCH 08/21] fix REFERENCE.md --- REFERENCE.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/REFERENCE.md b/REFERENCE.md index 424d4cc..f06695a 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -13,6 +13,7 @@ * [`icinga::db::database`](#icinga--db--database): Setup database for IcingaDB. * [`icinga::ido`](#icinga--ido): Configure IDO Backend. * [`icinga::ido::database`](#icinga--ido--database): Configure IDO backend database. +* [`icinga::redis`](#icinga--redis): Base class for all redis owned by Icinga. * [`icinga::repos`](#icinga--repos): This class manages the stages stable, testing and snapshot of packages.icinga.com repository and depending on the operating system platform s * [`icinga::server`](#icinga--server): Setup a Icinga server. * [`icinga::web`](#icinga--web): Setup Icinga Web 2 including a database backend for user settings, @@ -483,6 +484,10 @@ value `true` means password auth. Default value: `false` +### `icinga::redis` + +Base class for all redis owned by Icinga. + ### `icinga::repos` This class manages the stages stable, testing and snapshot of packages.icinga.com repository From 3ffb61d001e53e44eeed2a2aadf6a70e0e19364c Mon Sep 17 00:00:00 2001 From: Lennart Betz Date: Thu, 23 Nov 2023 13:45:26 +0100 Subject: [PATCH 09/21] Add new parameter to mange a additional config dir as conf.d --- manifests/init.pp | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/manifests/init.pp b/manifests/init.pp index 1888282..bc612bc 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -41,6 +41,11 @@ # Prepare to run Icinga Web 2 on the same machine. Manage a group `icingaweb2` # and add the Icinga user to this group. # +# @param confd +# `conf.d` is the directory where Icinga 2 stores its object configuration by default. To enable it, +# set this parameter to `true`. It's also possible to assign your own directory. This directory must be +# managed outside of this module as file resource with tag icinga2::config::file. +# class icinga ( Boolean $ca, String $this_zone, @@ -55,6 +60,7 @@ Optional[Icinga::LogLevel] $logging_level = undef, String $cert_name = $facts['networking']['fqdn'], Boolean $prepare_web = false, + Variant[Boolean, String] $confd = false, ) { assert_private() @@ -78,7 +84,7 @@ } class { 'icinga2': - confd => false, + confd => $confd, manage_packages => $manage_packages, constants => lookup('icinga2::constants', undef, undef, {}) + $_constants, features => [], From 1235fceac5812232c9c59adc76778bbe1d7d3eee Mon Sep 17 00:00:00 2001 From: Lennart Betz Date: Thu, 23 Nov 2023 14:12:36 +0100 Subject: [PATCH 10/21] Release version 4.0.0 --- CHANGELOG.md | 62 ++++++++++++++++++++++++++++++++++++++++++++++----- metadata.json | 2 +- 2 files changed, 57 insertions(+), 7 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index ea6c44b..9178a19 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,26 @@ -# Change Log +# Changelog + +## [v4.0.0](https://github.com/icinga/puppet-icinga/tree/v4.0.0) (2023-11-23) + +[Full Changelog](https://github.com/icinga/puppet-icinga/compare/v3.2.1...v4.0.0) + +**Implemented enhancements:** + +- Add new parameter to mange a additional config dir like conf.d [\#94](https://github.com/Icinga/puppet-icinga/pull/94) ([lbetz](https://github.com/lbetz)) +- Add Puppet 8 Support [\#93](https://github.com/Icinga/puppet-icinga/pull/93) ([lbetz](https://github.com/lbetz)) +- Add x509 module support [\#87](https://github.com/Icinga/puppet-icinga/pull/87) ([lbetz](https://github.com/lbetz)) + +**Fixed bugs:** + +- mysql:db above 13.1.0 requires an array for the tis\_options [\#91](https://github.com/Icinga/puppet-icinga/issues/91) + +**Closed issues:** + +- Drop Puppet 6 Support [\#90](https://github.com/Icinga/puppet-icinga/issues/90) +- Add classes to manage pdfexports [\#46](https://github.com/Icinga/puppet-icinga/issues/46) ## [v3.2.1](https://github.com/icinga/puppet-icinga/tree/v3.2.1) (2023-04-15) + [Full Changelog](https://github.com/icinga/puppet-icinga/compare/v3.2.0...v3.2.1) **Fixed bugs:** @@ -8,6 +28,7 @@ - Fix db\_charset \(UTF8\) for the web-icingadb resource [\#86](https://github.com/Icinga/puppet-icinga/pull/86) ([lbetz](https://github.com/lbetz)) ## [v3.2.0](https://github.com/icinga/puppet-icinga/tree/v3.2.0) (2023-03-10) + [Full Changelog](https://github.com/icinga/puppet-icinga/compare/v3.1.1...v3.2.0) **Implemented enhancements:** @@ -20,6 +41,7 @@ - Remove handling of PHP extensions [\#83](https://github.com/Icinga/puppet-icinga/pull/83) ([lbetz](https://github.com/lbetz)) ## [v3.1.1](https://github.com/icinga/puppet-icinga/tree/v3.1.1) (2023-03-05) + [Full Changelog](https://github.com/icinga/puppet-icinga/compare/v3.1.0...v3.1.1) **Fixed bugs:** @@ -27,6 +49,7 @@ - Install citext extension via contrib class [\#82](https://github.com/Icinga/puppet-icinga/pull/82) ([lbetz](https://github.com/lbetz)) ## [v3.1.0](https://github.com/icinga/puppet-icinga/tree/v3.1.0) (2023-03-05) + [Full Changelog](https://github.com/icinga/puppet-icinga/compare/v3.0.1...v3.1.0) **Implemented enhancements:** @@ -46,6 +69,7 @@ - Remove setting of default db ports in modules [\#76](https://github.com/Icinga/puppet-icinga/pull/76) ([lbetz](https://github.com/lbetz)) ## [v3.0.1](https://github.com/icinga/puppet-icinga/tree/v3.0.1) (2023-02-02) + [Full Changelog](https://github.com/icinga/puppet-icinga/compare/v3.0.0...v3.0.1) **Fixed bugs:** @@ -53,6 +77,7 @@ - Fix php extentions mysql and process [\#75](https://github.com/Icinga/puppet-icinga/pull/75) ([lbetz](https://github.com/lbetz)) ## [v3.0.0](https://github.com/icinga/puppet-icinga/tree/v3.0.0) (2023-01-31) + [Full Changelog](https://github.com/icinga/puppet-icinga/compare/v2.9.1...v3.0.0) **Implemented enhancements:** @@ -67,6 +92,7 @@ - Add example for using the Icinga Subscription Repo [\#69](https://github.com/Icinga/puppet-icinga/issues/69) ## [v2.9.1](https://github.com/icinga/puppet-icinga/tree/v2.9.1) (2023-01-02) + [Full Changelog](https://github.com/icinga/puppet-icinga/compare/v2.9.0...v2.9.1) **Fixed bugs:** @@ -75,6 +101,7 @@ - error: Could not find template 'icinga/apache\_custom\_default.conf' [\#70](https://github.com/Icinga/puppet-icinga/issues/70) ## [v2.9.0](https://github.com/icinga/puppet-icinga/tree/v2.9.0) (2022-12-27) + [Full Changelog](https://github.com/icinga/puppet-icinga/compare/v2.8.0...v2.9.0) **Implemented enhancements:** @@ -84,6 +111,7 @@ - Add param manage\_crb to class icinga::repos [\#68](https://github.com/Icinga/puppet-icinga/pull/68) ([lbetz](https://github.com/lbetz)) ## [v2.8.0](https://github.com/icinga/puppet-icinga/tree/v2.8.0) (2022-07-26) + [Full Changelog](https://github.com/icinga/puppet-icinga/compare/v2.7.1...v2.8.0) **Implemented enhancements:** @@ -97,6 +125,7 @@ - Support Alma and Rocky Linux [\#55](https://github.com/Icinga/puppet-icinga/issues/55) ## [v2.7.1](https://github.com/icinga/puppet-icinga/tree/v2.7.1) (2022-05-30) + [Full Changelog](https://github.com/icinga/puppet-icinga/compare/v2.7.0...v2.7.1) **Fixed bugs:** @@ -104,6 +133,7 @@ - Fix unsupported apache feature CGIPassAuth for older version like on RHEL7 [\#58](https://github.com/Icinga/puppet-icinga/issues/58) ## [v2.7.0](https://github.com/icinga/puppet-icinga/tree/v2.7.0) (2022-03-08) + [Full Changelog](https://github.com/icinga/puppet-icinga/compare/v2.6.1...v2.7.0) **Implemented enhancements:** @@ -117,6 +147,7 @@ - Remove management of Fedora's EPEL from OracleLinux [\#56](https://github.com/Icinga/puppet-icinga/issues/56) ## [v2.6.1](https://github.com/icinga/puppet-icinga/tree/v2.6.1) (2022-01-14) + [Full Changelog](https://github.com/icinga/puppet-icinga/compare/v2.6.0...v2.6.1) **Fixed bugs:** @@ -125,6 +156,7 @@ - Add missing mime apache module [\#52](https://github.com/Icinga/puppet-icinga/issues/52) ## [v2.6.0](https://github.com/icinga/puppet-icinga/tree/v2.6.0) (2022-01-05) + [Full Changelog](https://github.com/icinga/puppet-icinga/compare/v2.5.0...v2.6.0) **Implemented enhancements:** @@ -132,11 +164,8 @@ - Add management of module fileshipper to director class [\#51](https://github.com/Icinga/puppet-icinga/issues/51) - Update to https repos for Debian [\#50](https://github.com/Icinga/puppet-icinga/issues/50) -**Fixed bugs:** - -- Update to https repos for Debian [\#50](https://github.com/Icinga/puppet-icinga/issues/50) - ## [v2.5.0](https://github.com/icinga/puppet-icinga/tree/v2.5.0) (2021-12-03) + [Full Changelog](https://github.com/icinga/puppet-icinga/compare/v2.4.2...v2.5.0) **Implemented enhancements:** @@ -150,6 +179,7 @@ - Idempotency of icinga::web::director is broken [\#44](https://github.com/Icinga/puppet-icinga/issues/44) ## [v2.4.2](https://github.com/icinga/puppet-icinga/tree/v2.4.2) (2021-12-01) + [Full Changelog](https://github.com/icinga/puppet-icinga/compare/v2.4.1...v2.4.2) **Fixed bugs:** @@ -157,6 +187,7 @@ - set import\_schema in web class to hiera lookup [\#34](https://github.com/Icinga/puppet-icinga/issues/34) ## [v2.4.1](https://github.com/icinga/puppet-icinga/tree/v2.4.1) (2021-11-05) + [Full Changelog](https://github.com/icinga/puppet-icinga/compare/v2.4.0...v2.4.1) **Fixed bugs:** @@ -164,6 +195,7 @@ - Debian Bullseye support is broken [\#43](https://github.com/Icinga/puppet-icinga/issues/43) ## [v2.4.0](https://github.com/icinga/puppet-icinga/tree/v2.4.0) (2021-11-05) + [Full Changelog](https://github.com/icinga/puppet-icinga/compare/v2.3.3...v2.4.0) **Implemented enhancements:** @@ -173,6 +205,7 @@ - Add director support [\#38](https://github.com/Icinga/puppet-icinga/issues/38) ## [v2.3.3](https://github.com/icinga/puppet-icinga/tree/v2.3.3) (2021-09-03) + [Full Changelog](https://github.com/icinga/puppet-icinga/compare/v2.3.2...v2.3.3) **Fixed bugs:** @@ -180,6 +213,7 @@ - Namespace function postgresql::postgresql\_password does not work on Puppet 5 [\#36](https://github.com/Icinga/puppet-icinga/issues/36) ## [v2.3.2](https://github.com/icinga/puppet-icinga/tree/v2.3.2) (2021-08-17) + [Full Changelog](https://github.com/icinga/puppet-icinga/compare/v2.3.1...v2.3.2) **Fixed bugs:** @@ -187,6 +221,7 @@ - using data types of another module breaks puppet 5 compatibility [\#35](https://github.com/Icinga/puppet-icinga/issues/35) ## [v2.3.1](https://github.com/icinga/puppet-icinga/tree/v2.3.1) (2021-06-21) + [Full Changelog](https://github.com/icinga/puppet-icinga/compare/v2.3.0...v2.3.1) **Fixed bugs:** @@ -194,6 +229,7 @@ - NETWAYS repos named the suffix -release by there packages [\#33](https://github.com/Icinga/puppet-icinga/issues/33) ## [v2.3.0](https://github.com/icinga/puppet-icinga/tree/v2.3.0) (2021-06-05) + [Full Changelog](https://github.com/icinga/puppet-icinga/compare/v2.2.0...v2.3.0) **Implemented enhancements:** @@ -208,6 +244,7 @@ - Option to switch off the package management on windows [\#27](https://github.com/Icinga/puppet-icinga/issues/27) ## [v2.2.0](https://github.com/icinga/puppet-icinga/tree/v2.2.0) (2021-05-19) + [Full Changelog](https://github.com/icinga/puppet-icinga/compare/v2.1.4...v2.2.0) **Implemented enhancements:** @@ -217,6 +254,7 @@ - Add management of extra packages [\#17](https://github.com/Icinga/puppet-icinga/issues/17) ## [v2.1.4](https://github.com/icinga/puppet-icinga/tree/v2.1.4) (2021-05-04) + [Full Changelog](https://github.com/icinga/puppet-icinga/compare/v2.1.3...v2.1.4) **Fixed bugs:** @@ -224,6 +262,7 @@ - Broken dependency for yumrepos [\#22](https://github.com/Icinga/puppet-icinga/issues/22) ## [v2.1.3](https://github.com/icinga/puppet-icinga/tree/v2.1.3) (2021-05-04) + [Full Changelog](https://github.com/icinga/puppet-icinga/compare/v2.1.2...v2.1.3) **Fixed bugs:** @@ -232,6 +271,7 @@ - manage\_epel do not work [\#20](https://github.com/Icinga/puppet-icinga/issues/20) ## [v2.1.2](https://github.com/icinga/puppet-icinga/tree/v2.1.2) (2021-04-26) + [Full Changelog](https://github.com/icinga/puppet-icinga/compare/v2.1.1...v2.1.2) **Fixed bugs:** @@ -239,6 +279,7 @@ - Setting config\_server manage a zones directory named zone [\#18](https://github.com/Icinga/puppet-icinga/issues/18) ## [v2.1.1](https://github.com/icinga/puppet-icinga/tree/v2.1.1) (2021-04-26) + [Full Changelog](https://github.com/icinga/puppet-icinga/compare/v2.1.0...v2.1.1) **Fixed bugs:** @@ -246,6 +287,7 @@ - Setting manage for any repo does not work [\#16](https://github.com/Icinga/puppet-icinga/issues/16) ## [v2.1.0](https://github.com/icinga/puppet-icinga/tree/v2.1.0) (2021-04-24) + [Full Changelog](https://github.com/icinga/puppet-icinga/compare/v2.0.0...v2.1.0) **Implemented enhancements:** @@ -262,6 +304,7 @@ - Duplicate declaration: Yumrepo\[epel\] is already declared [\#9](https://github.com/Icinga/puppet-icinga/issues/9) ## [v2.0.0](https://github.com/icinga/puppet-icinga/tree/v2.0.0) (2021-01-11) + [Full Changelog](https://github.com/icinga/puppet-icinga/compare/v1.0.3...v2.0.0) **Fixed bugs:** @@ -273,6 +316,7 @@ - Add Dependency to puppet-redis [\#8](https://github.com/Icinga/puppet-icinga/issues/8) ## [v1.0.3](https://github.com/icinga/puppet-icinga/tree/v1.0.3) (2020-10-22) + [Full Changelog](https://github.com/icinga/puppet-icinga/compare/v1.0.2...v1.0.3) **Fixed bugs:** @@ -280,6 +324,7 @@ - fix gpgkey for epel EL8 [\#5](https://github.com/Icinga/puppet-icinga/pull/5) ([lbetz](https://github.com/lbetz)) ## [v1.0.2](https://github.com/icinga/puppet-icinga/tree/v1.0.2) (2020-10-13) + [Full Changelog](https://github.com/icinga/puppet-icinga/compare/v0.1.2...v1.0.2) **Implemented enhancements:** @@ -292,12 +337,17 @@ - correct fixtures and metadata [\#4](https://github.com/Icinga/puppet-icinga/issues/4) ## [v0.1.2](https://github.com/icinga/puppet-icinga/tree/v0.1.2) (2020-04-21) + [Full Changelog](https://github.com/icinga/puppet-icinga/compare/v0.1.1...v0.1.2) ## [v0.1.1](https://github.com/icinga/puppet-icinga/tree/v0.1.1) (2020-04-20) + [Full Changelog](https://github.com/icinga/puppet-icinga/compare/v0.1.0...v0.1.1) ## [v0.1.0](https://github.com/icinga/puppet-icinga/tree/v0.1.0) (2020-04-20) +[Full Changelog](https://github.com/icinga/puppet-icinga/compare/fad739989bd9c9133abffd39e0d7deb75797de06...v0.1.0) + + -\* *This Change Log was automatically generated by [github_changelog_generator](https://github.com/skywinder/Github-Changelog-Generator)* \ No newline at end of file +\* *This Changelog was automatically generated by [github_changelog_generator](https://github.com/github-changelog-generator/github-changelog-generator)* diff --git a/metadata.json b/metadata.json index 4c6704e..1588d10 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "icinga-icinga", - "version": "3.2.1", + "version": "4.0.0", "author": "Icinga", "summary": "Puppet Module to manage the Icinga Software Stack", "license": "Apache-2.0", From 0327f8e534a912267996e56d804603d53399844f Mon Sep 17 00:00:00 2001 From: Lennart Betz Date: Thu, 23 Nov 2023 14:42:53 +0100 Subject: [PATCH 11/21] Fix the icingaweb2 modules to run with older puppet-icingaweb2 than 4.0.0 --- manifests/web/director.pp | 10 +++++++--- manifests/web/reporting.pp | 13 ++++++++----- manifests/web/vspheredb.pp | 13 ++++++++----- manifests/web/x509.pp | 13 ++++++++----- 4 files changed, 31 insertions(+), 18 deletions(-) diff --git a/manifests/web/director.pp b/manifests/web/director.pp index 654607e..1740696 100644 --- a/manifests/web/director.pp +++ b/manifests/web/director.pp @@ -57,6 +57,8 @@ ) { icinga::prepare_web('Director') + $icingaweb2_version = $icinga::web::icingaweb2_version + # # Database # @@ -110,8 +112,10 @@ onlyif => 'systemctl status icinga-director', } - class { 'icingaweb2::module::director::service': - ensure => $service_ensure, - enable => $service_enable, + if versioncmp($icingaweb2_version, '4.0.0') < 0 { + class { 'icingaweb2::module::director::service': + ensure => $service_ensure, + enable => $service_enable, + } } } diff --git a/manifests/web/reporting.pp b/manifests/web/reporting.pp index 442b2c1..72aa227 100644 --- a/manifests/web/reporting.pp +++ b/manifests/web/reporting.pp @@ -49,7 +49,8 @@ icinga::prepare_web('Reporting') - $_db_charset = $db_type ? { + $icingaweb2_version = $icinga::web::icingaweb2_version + $_db_charset = $db_type ? { 'mysql' => 'utf8mb4', default => 'UTF8', } @@ -89,10 +90,12 @@ mail => $mail, } - service { 'icinga-reporting': - ensure => $service_ensure, - enable => $service_enable, - require => Class['icingaweb2::module::reporting'], + if versioncmp($icingaweb2_version, '4.0.0') < 0 { + service { 'icinga-reporting': + ensure => $service_ensure, + enable => $service_enable, + require => Class['icingaweb2::module::reporting'], + } } if defined(Class['icinga::web::monitoring']) { diff --git a/manifests/web/vspheredb.pp b/manifests/web/vspheredb.pp index 604c5c6..9e0a9b4 100644 --- a/manifests/web/vspheredb.pp +++ b/manifests/web/vspheredb.pp @@ -41,7 +41,8 @@ ) { icinga::prepare_web('VSphereDB') - $_db_charset = $db_type ? { + $icingaweb2_version = $icinga::web::icingaweb2_version + $_db_charset = $db_type ? { 'mysql' => 'utf8mb4', default => 'UTF8', } @@ -80,9 +81,11 @@ import_schema => lookup('icingaweb2::module::vspheredb::import_schema', undef, undef, true), } - service { 'icinga-vspheredb': - ensure => $service_ensure, - enable => $service_enable, - require => Class['icingaweb2::module::vspheredb'], + if versioncmp($icingaweb2_version, '4.0.0') < 0 { + service { 'icinga-vspheredb': + ensure => $service_ensure, + enable => $service_enable, + require => Class['icingaweb2::module::vspheredb'], + } } } diff --git a/manifests/web/x509.pp b/manifests/web/x509.pp index 6bbd880..f16cea6 100644 --- a/manifests/web/x509.pp +++ b/manifests/web/x509.pp @@ -43,7 +43,8 @@ fail('Class icinga::web::icingadb or icinga::web::monitoring has to be declared before!') } - $_db_charset = $db_type ? { + $icingaweb2_version = $icinga::web::icingaweb2_version + $_db_charset = $db_type ? { 'mysql' => 'utf8mb4', default => 'UTF8', } @@ -82,9 +83,11 @@ import_schema => lookup('icingaweb2::module::x509::import_schema', undef, undef, true), } - service { 'icinga-x509': - ensure => $service_ensure, - enable => $service_enable, - require => Class['icingaweb2::module::x509'], + if versioncmp($icingaweb2_version, '4.0.0') < 0 { + service { 'icinga-x509': + ensure => $service_ensure, + enable => $service_enable, + require => Class['icingaweb2::module::x509'], + } } } From 2a77dd5c6b12dae3c007576c648d805f650ad852 Mon Sep 17 00:00:00 2001 From: Lennart Betz Date: Thu, 23 Nov 2023 15:30:31 +0100 Subject: [PATCH 12/21] Fix some issues if tls and noverify for mariadb/mysql --- README.md | 2 +- functions/db/connect.pp | 10 +++++----- manifests/web.pp | 5 ++++- spec/functions/db_connect_spec.rb | 16 ++++++++++++---- 4 files changed, 22 insertions(+), 11 deletions(-) diff --git a/README.md b/README.md index 38a2e8a..cb6e097 100644 --- a/README.md +++ b/README.md @@ -328,7 +328,7 @@ Setting `manage_database` to `true` also setups a database as specified in `db_t The class supports: -* [puppet] >= 6.0 < 8.0 +* [puppet] >= 7.0 < 9.0 And requires: diff --git a/functions/db/connect.pp b/functions/db/connect.pp index 205f6eb..3aa5367 100644 --- a/functions/db/connect.pp +++ b/functions/db/connect.pp @@ -39,20 +39,20 @@ function icinga::db::connect( 'mariadb': { $tls_options = join(any2array(delete_undef_values({ '--ssl' => '', - '--ssl-ca' => $tls['cacert_file'], + '--ssl-ca' => if $tls['noverify'] { undef } else { $tls['cacert_file'] }, '--ssl-cert' => $tls['cert_file'], '--ssl-key' => $tls['key_file'], - '--ssl-capath' => $tls['capath'], + '--ssl-capath' => if $tls['noverify'] { undef } else { $tls['capath'] }, '--ssl-cipher' => $tls['cipher'], })), ' ') } 'mysql': { $tls_options = join(any2array(delete_undef_values({ - '--ssl-mode' => 'required', - '--ssl-ca' => $tls['cacert_file'], + '--ssl-mode' => if $tls['noverify'] { 'REQUIRED' } else { 'VERIFY_CA' }, + '--ssl-ca' => if $tls['noverify'] { undef } else { $tls['cacert_file'] }, '--ssl-cert' => $tls['cert_file'], '--ssl-key' => $tls['key_file'], - '--ssl-capath' => $tls['capath'], + '--ssl-capath' => if $tls['noverify'] { undef } else { $tls['capath'] }, '--ssl-cipher' => $tls['cipher'], })), ' ') } diff --git a/manifests/web.pp b/manifests/web.pp index 155da02..9534706 100644 --- a/manifests/web.pp +++ b/manifests/web.pp @@ -64,6 +64,9 @@ -> Class['apache'] -> Class['icingaweb2'] + # version if the used icingaweb2 puppet module + $icingaweb2_version = load_module_metadata('icingaweb2')['version'] + # # Platform # @@ -181,7 +184,7 @@ # # Icinga Web 2 # - if versioncmp(load_module_metadata('icingaweb2')['version'], '4.0.0') < 0 { + if versioncmp($icingaweb2_version, '4.0.0') < 0 { class { 'icingaweb2': db_type => $db_type, db_host => $_db_host, diff --git a/spec/functions/db_connect_spec.rb b/spec/functions/db_connect_spec.rb index 1b4f705..4d42cf2 100644 --- a/spec/functions/db_connect_spec.rb +++ b/spec/functions/db_connect_spec.rb @@ -23,6 +23,14 @@ ).and_return("-h db.example.org -u bar -p'supersecret' -D foo --ssl --ssl-ca /cacert.file") end + it "with MariaDB TLS and noverify 'true' on db.example.org and password" do + is_expected.to run.with_params( + { 'type' => 'mariadb', 'host' => 'db.example.org', 'database' => 'foo', 'username' => 'bar', 'password' => 'supersecret' }, + { 'noverify' => true, 'cacert_file' => '/cacert.file' }, + true, + ).and_return("-h db.example.org -u bar -p'supersecret' -D foo --ssl") + end + it 'with MariaDB client TLS cert on db.example.org' do is_expected.to run.with_params( { 'type' => 'mariadb', 'host' => 'db.example.org', 'database' => 'foo', 'username' => 'bar' }, @@ -36,15 +44,15 @@ { 'type' => 'mysql', 'host' => 'db.example.org', 'database' => 'foo', 'username' => 'bar' }, { 'key_file' => '/key.file', 'cert_file' => '/cert.file', 'cacert_file' => '/cacert.file' }, true, - ).and_return('-h db.example.org -u bar -D foo --ssl-mode required --ssl-ca /cacert.file --ssl-cert /cert.file --ssl-key /key.file') + ).and_return('-h db.example.org -u bar -D foo --ssl-mode VERIFY_CA --ssl-ca /cacert.file --ssl-cert /cert.file --ssl-key /key.file') end - it 'with MySQL TLS on db.example.org and password' do + it "with MySQL TLS and noverify 'true' on db.example.org and password" do is_expected.to run.with_params( { 'type' => 'mysql', 'host' => 'db.example.org', 'database' => 'foo', 'username' => 'bar', 'password' => 'supersecret' }, - { 'cacert_file' => '/cacert.file' }, + { 'noverify' => true, 'cacert_file' => '/cacert.file' }, true, - ).and_return("-h db.example.org -u bar -p'supersecret' -D foo --ssl-mode required --ssl-ca /cacert.file") + ).and_return("-h db.example.org -u bar -p'supersecret' -D foo --ssl-mode REQUIRED") end it 'with PostgreSQL' do From 2b5af160d6001bb221427facdd85b63d30a436b5 Mon Sep 17 00:00:00 2001 From: Lennart Betz Date: Thu, 23 Nov 2023 15:46:02 +0100 Subject: [PATCH 13/21] fix #97 Add missing grants on mysql Ido database for idoreports --- manifests/ido/database.pp | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/manifests/ido/database.pp b/manifests/ido/database.pp index bbbdf34..a9e2ee7 100644 --- a/manifests/ido/database.pp +++ b/manifests/ido/database.pp @@ -36,8 +36,7 @@ db_user => $db_user, db_pass => $db_pass, access_instances => $ido_instances, - mysql_privileges => ['SELECT', 'INSERT', 'UPDATE', 'DELETE', 'DROP', 'CREATE VIEW', 'CREATE', 'ALTER', 'INDEX', 'EXECUTE'], -# mysql_privileges => ['SELECT', 'INSERT', 'UPDATE', 'DELETE', 'DROP', 'CREATE VIEW', 'CREATE', 'ALTER', 'INDEX', 'CREATE ROUTINE', 'ALTER ROUTINE', 'EXECUTE'], + mysql_privileges => ['SELECT', 'INSERT', 'UPDATE', 'DELETE', 'DROP', 'CREATE VIEW', 'CREATE', 'ALTER', 'INDEX', 'CREATE ROUTINE', 'ALTER ROUTINE', 'EXECUTE'], tls => $tls, } } From 419dfecded35926739307190727d10e2467cf7b0 Mon Sep 17 00:00:00 2001 From: Lennart Betz Date: Thu, 23 Nov 2023 15:51:22 +0100 Subject: [PATCH 14/21] Release version 4.0.0 --- CHANGELOG.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 9178a19..fc93c9f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,13 +6,16 @@ **Implemented enhancements:** +- Fix the icingaweb2 modules to run with older puppet-icingaweb2 than 4… [\#95](https://github.com/Icinga/puppet-icinga/pull/95) ([lbetz](https://github.com/lbetz)) - Add new parameter to mange a additional config dir like conf.d [\#94](https://github.com/Icinga/puppet-icinga/pull/94) ([lbetz](https://github.com/lbetz)) - Add Puppet 8 Support [\#93](https://github.com/Icinga/puppet-icinga/pull/93) ([lbetz](https://github.com/lbetz)) - Add x509 module support [\#87](https://github.com/Icinga/puppet-icinga/pull/87) ([lbetz](https://github.com/lbetz)) **Fixed bugs:** +- Add missing grants on mysql Ido database for idoreports [\#97](https://github.com/Icinga/puppet-icinga/issues/97) - mysql:db above 13.1.0 requires an array for the tis\_options [\#91](https://github.com/Icinga/puppet-icinga/issues/91) +- Fix some issues if tls and noverify for mariadb/mysql [\#96](https://github.com/Icinga/puppet-icinga/pull/96) ([lbetz](https://github.com/lbetz)) **Closed issues:** From 3299c998a8181c060c866039705fd607320c2f42 Mon Sep 17 00:00:00 2001 From: Lennart Betz Date: Tue, 28 Nov 2023 17:02:44 +0100 Subject: [PATCH 15/21] fix #98i add order to global zones, fix #99 add feature to add additional zones --- REFERENCE.md | 17 ++++++++++++-- examples/mysql/databases.pp | 29 +++++++++++++++++++---- manifests/agent.pp | 1 + manifests/server.pp | 11 +++++---- manifests/worker.pp | 10 +++++++- spec/classes/server_spec.rb | 24 ++++++++++++------- spec/classes/worker_spec.rb | 47 ++++++++++++++++++++++++++++++++++++- 7 files changed, 118 insertions(+), 21 deletions(-) diff --git a/REFERENCE.md b/REFERENCE.md index f06695a..0a522e5 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -597,6 +597,7 @@ The following parameters are available in the `icinga::server` class: * [`zone`](#-icinga--server--zone) * [`colocation_endpoints`](#-icinga--server--colocation_endpoints) * [`workers`](#-icinga--server--workers) +* [`extra_zones`](#-icinga--server--extra_zones) * [`global_zones`](#-icinga--server--global_zones) * [`ca_server`](#-icinga--server--ca_server) * [`ticket_salt`](#-icinga--server--ticket_salt) @@ -645,11 +646,14 @@ Default value: `{}` Data type: `Hash[String,Hash]` -All worker zones with key 'endpoints' for -endpoint objects. +All worker zones with key 'endpoints' for endpoint objects. Default value: `{}` +##### `extra_zones` + +Additonal zones that are not limited to the 'parent_zone' as parent. + ##### `global_zones` Data type: `Array[String]` @@ -1774,6 +1778,7 @@ The following parameters are available in the `icinga::worker` class: * [`parent_zone`](#-icinga--worker--parent_zone) * [`parent_endpoints`](#-icinga--worker--parent_endpoints) * [`colocation_endpoints`](#-icinga--worker--colocation_endpoints) +* [`workers`](#-icinga--worker--workers) * [`global_zones`](#-icinga--worker--global_zones) * [`logging_type`](#-icinga--worker--logging_type) * [`logging_level`](#-icinga--worker--logging_level) @@ -1814,6 +1819,14 @@ Icinga supports two endpoints per zone only. Default value: `{}` +##### `workers` + +Data type: `Hash[String, Hash]` + +All cascading worker zones with key 'endpoints' for endpoint objects. + +Default value: `{}` + ##### `global_zones` Data type: `Array[String]` diff --git a/examples/mysql/databases.pp b/examples/mysql/databases.pp index bc35fb8..d97bf75 100644 --- a/examples/mysql/databases.pp +++ b/examples/mysql/databases.pp @@ -54,31 +54,50 @@ } class { 'icinga::ido::database': - ido_instances => ['192.168.5.13', '192.168.5.23'], + ido_instances => ['192.168.6.11', '192.168.6.12'], db_type => 'mysql', db_pass => 'icinga2', + tls => 'password', } class { 'icinga::db::database': - access_instances => ['192.168.5.13', '192.168.5.23'], + access_instances => ['192.168.6.11', '192.168.6.12'], db_type => 'mysql', db_pass => 'icingadb', + tls => 'cert', } class { 'icinga::web::database': - web_instances => ['192.168.5.13', '192.168.5.23'], + web_instances => ['192.168.6.11', '192.168.6.12'], db_type => 'mysql', db_pass => 'icingaweb2', + tls => 'cert', } class { 'icinga::web::director::database': - web_instances => ['192.168.5.13', '192.168.5.23'], + web_instances => ['192.168.6.11', '192.168.6.12'], db_type => 'mysql', db_pass => 'director', + tls => 'password', +} + +class { 'icinga::web::reporting::database': + web_instances => ['192.168.6.11', '192.168.6.12'], + db_type => 'mysql', + db_pass => 'reporting', + tls => 'password', +} + +class { 'icinga::web::x509::database': + web_instances => ['192.168.6.11', '192.168.6.12'], + db_type => 'mysql', + db_pass => 'x509', + tls => 'password', } class { 'icinga::web::vspheredb::database': - web_instances => ['192.168.5.13', '192.168.5.23'], + web_instances => ['192.168.6.11', '192.168.6.12'], db_type => 'mysql', db_pass => 'vspheredb', + tls => 'password', } diff --git a/manifests/agent.pp b/manifests/agent.pp index e0e9095..7d3af9d 100644 --- a/manifests/agent.pp +++ b/manifests/agent.pp @@ -52,5 +52,6 @@ icinga2::object::zone { $global_zones: global => true, + order => 'zz', } } diff --git a/manifests/server.pp b/manifests/server.pp index 839353a..7c4d414 100644 --- a/manifests/server.pp +++ b/manifests/server.pp @@ -15,8 +15,10 @@ # Icinga supports two endpoints per zone only. # # @param workers -# All worker zones with key 'endpoints' for -# endpoint objects. +# All worker zones with key 'endpoints' for endpoint objects. +# +# @param extra_zones +# Additonal zones that are not limited to the 'parent_zone' as parent. # # @param global_zones # List of global zones to configure. @@ -77,8 +79,8 @@ $_config_server = $config_server } - # inject parent zone - $_workers = parseyaml(inline_template('<%= @workers.inject({}) {|h, (x,y)| h[x] = y.merge({"parent" => @zone}); h}.to_yaml %>')) + # inject parent zone if no parent exists + $_workers = $workers.reduce( {} ) |$memo, $worker| { $memo + { $worker[0] => { parent => $zone } + $worker[1] } } class { 'icinga': ca => $_ca, @@ -96,6 +98,7 @@ icinga2::object::zone { $global_zones: global => true, + order => 'zz', } if $_config_server { diff --git a/manifests/worker.pp b/manifests/worker.pp index 0c6ea6d..f54e845 100644 --- a/manifests/worker.pp +++ b/manifests/worker.pp @@ -17,6 +17,9 @@ # When the zone includes more than one endpoint, set here the additional endpoint(s). # Icinga supports two endpoints per zone only. # +# @param workers +# All cascading worker zones with key 'endpoints' for endpoint objects. +# # @param global_zones # List of global zones to configure. # @@ -36,11 +39,15 @@ Hash[String, Hash] $parent_endpoints, String $parent_zone = 'main', Hash[String, Hash] $colocation_endpoints = {}, + Hash[String, Hash] $workers = {}, Array[String] $global_zones = [], Enum['file', 'syslog'] $logging_type = 'file', Optional[Icinga::LogLevel] $logging_level = undef, Boolean $run_web = false, ) { + # inject parent zone if no parent exists + $_workers = $workers.reduce( {} ) |$memo, $worker| { $memo + { $worker[0] => { parent => $zone } + $worker[1] } } + class { 'icinga': ca => false, ssh_private_key => undef, @@ -49,7 +56,7 @@ zones => { 'ZoneName' => { 'endpoints' => { 'NodeName' => {} } + $colocation_endpoints, 'parent' => $parent_zone, }, $parent_zone => { 'endpoints' => $parent_endpoints, }, - }, + } + $_workers, logging_type => $logging_type, logging_level => $logging_level, prepare_web => $run_web, @@ -59,5 +66,6 @@ icinga2::object::zone { $global_zones: global => true, + order => 'zz', } } diff --git a/spec/classes/server_spec.rb b/spec/classes/server_spec.rb index 8709741..d8c6e77 100644 --- a/spec/classes/server_spec.rb +++ b/spec/classes/server_spec.rb @@ -18,15 +18,15 @@ let(:icinga2_group) { 'icinga' } end - context 'with defaults' do + context "#{os} with defaults" do it { is_expected.to compile.and_raise_error(%r{expects a String value if a CA is configured}) } end - context 'with ticket_salt => supersecret, global_zones => [foo], web_api_user => bar, web_api_pass => topsecret' do + context "#{os} with ticket_salt 'supersecret', global_zones ['foo','bar'], web_api_user 'bar', web_api_pass 'topsecret'" do let(:params) do { ticket_salt: 'supersecret', - global_zones: ['foo'], + global_zones: ['foo', 'bar'], web_api_user: 'bar', web_api_pass: 'topsecret' } @@ -65,7 +65,8 @@ ) } - it { is_expected.to contain_icinga2__object__zone('foo').with('global' => true) } + it { is_expected.to contain_icinga2__object__zone('foo').with('global' => true, 'order' => 'zz') } + it { is_expected.to contain_icinga2__object__zone('bar').with('global' => true, 'order' => 'zz') } it { is_expected.to contain_file("#{icinga2_config_dir}/zones.d/foo").with( @@ -81,7 +82,7 @@ it { is_expected.to contain_icinga2__object__apiuser('bar').with({ 'password' => 'topsecret' }) } end - context 'with ca_server => foo, ticket_salt => supersecret, colocation_endpoints => {bar => {host => 127.0.0.1}}' do + context "#{os} with ca_server 'foo', ticket_salt 'supersecret' and a colocation_endpoints" do let(:params) do { ca_server: 'foo', @@ -113,12 +114,15 @@ } end - context 'with ticket_salt => supersecret, zone => foo, workers => {bar => {endpoints => {foobar => {host => 127.0.0.1}}}}, logging_type => syslog, logging_level => warning' do + context "#{os} with ticket_salt 'supersecret', zone 'foo' and two workers, logging_type 'syslog', logging_level 'warning'" do let(:params) do { ticket_salt: 'supersecret', zone: 'foo', - workers: { 'bar' => { 'endpoints' => { 'foobar' => { 'host' => '127.0.0.1' } } } }, + workers: { + 'bar' => { 'endpoints' => { 'foobar' => { 'host' => '127.0.0.1' } } }, + 'out' => { 'endpoints' => { 'outbar' => {} }, 'parent' => 'bar' }, + }, logging_type: 'syslog', logging_level: 'warning', } @@ -136,9 +140,13 @@ 'endpoints' => { 'NodeName' => {} }, }, 'bar' => { + 'parent' => 'foo', 'endpoints' => { 'foobar' => { 'host' => '127.0.0.1' } }, - 'parent' => 'foo', }, + 'out' => { + 'parent' => 'bar', + 'endpoints' => { 'outbar' => {} }, + } }, 'logging_type' => 'syslog', 'logging_level' => 'warning', diff --git a/spec/classes/worker_spec.rb b/spec/classes/worker_spec.rb index 55f35fe..cb624bf 100644 --- a/spec/classes/worker_spec.rb +++ b/spec/classes/worker_spec.rb @@ -7,7 +7,7 @@ context "on #{os}" do let(:facts) { facts } - context 'with ca_server => foo, zone => bar, parent_endpoints => { foobar => { host => 127.0.0.1}}, global_zones => [foobaz]' do + context "#{os} with ca_server 'foo', zone 'bar', a parent_endpoints 'foobar', global_zones ['foobaz']" do let(:params) do { ca_server: 'foo', @@ -43,6 +43,51 @@ it { is_expected.to contain_icinga2__object__zone('foobaz').with({ 'global' => true }) } end + + context "#{os} with zone 'foo' and two workers, logging_type 'syslog', logging_level 'warning'" do + let(:params) do + { + ca_server: 'foo', + zone: 'foo', + parent_endpoints: { 'foobar' => { 'host' => '127.0.0.1' } }, + workers: { + 'baz' => { 'endpoints' => { 'foobaz' => { 'host' => '127.0.0.1' } } }, + 'out' => { 'endpoints' => { 'outbar' => {} }, 'parent' => 'baz' }, + }, + logging_type: 'syslog', + logging_level: 'warning', + } + end + + it { + is_expected.to contain_class('icinga').with( + { + 'ca' => false, + 'ca_server' => 'foo', + 'this_zone' => 'foo', + 'zones' => { + 'ZoneName' => { + 'parent' => 'main', + 'endpoints' => { 'NodeName' => {} }, + }, + 'main' => { + 'endpoints' => { 'foobar' => { 'host' => '127.0.0.1' } }, + }, + 'baz' => { + 'parent' => 'foo', + 'endpoints' => { 'foobaz' => { 'host' => '127.0.0.1' } }, + }, + 'out' => { + 'parent' => 'baz', + 'endpoints' => { 'outbar' => {} }, + } + }, + 'logging_type' => 'syslog', + 'logging_level' => 'warning', + }, + ) + } + end end end end From 7b9ed7c4ffb0f3d1cc417a5756f9a8efbbe2d642 Mon Sep 17 00:00:00 2001 From: Lennart Betz Date: Tue, 28 Nov 2023 17:16:49 +0100 Subject: [PATCH 16/21] fix some style guide issues --- REFERENCE.md | 5 ----- manifests/server.pp | 5 +---- manifests/worker.pp | 2 +- 3 files changed, 2 insertions(+), 10 deletions(-) diff --git a/REFERENCE.md b/REFERENCE.md index 0a522e5..4db1767 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -597,7 +597,6 @@ The following parameters are available in the `icinga::server` class: * [`zone`](#-icinga--server--zone) * [`colocation_endpoints`](#-icinga--server--colocation_endpoints) * [`workers`](#-icinga--server--workers) -* [`extra_zones`](#-icinga--server--extra_zones) * [`global_zones`](#-icinga--server--global_zones) * [`ca_server`](#-icinga--server--ca_server) * [`ticket_salt`](#-icinga--server--ticket_salt) @@ -650,10 +649,6 @@ All worker zones with key 'endpoints' for endpoint objects. Default value: `{}` -##### `extra_zones` - -Additonal zones that are not limited to the 'parent_zone' as parent. - ##### `global_zones` Data type: `Array[String]` diff --git a/manifests/server.pp b/manifests/server.pp index 7c4d414..dd85a7e 100644 --- a/manifests/server.pp +++ b/manifests/server.pp @@ -17,9 +17,6 @@ # @param workers # All worker zones with key 'endpoints' for endpoint objects. # -# @param extra_zones -# Additonal zones that are not limited to the 'parent_zone' as parent. -# # @param global_zones # List of global zones to configure. # @@ -80,7 +77,7 @@ } # inject parent zone if no parent exists - $_workers = $workers.reduce( {} ) |$memo, $worker| { $memo + { $worker[0] => { parent => $zone } + $worker[1] } } + $_workers = $workers.reduce({}) |$memo, $worker| { $memo + { $worker[0] => { parent => $zone } + $worker[1] } } class { 'icinga': ca => $_ca, diff --git a/manifests/worker.pp b/manifests/worker.pp index f54e845..94d5d6c 100644 --- a/manifests/worker.pp +++ b/manifests/worker.pp @@ -46,7 +46,7 @@ Boolean $run_web = false, ) { # inject parent zone if no parent exists - $_workers = $workers.reduce( {} ) |$memo, $worker| { $memo + { $worker[0] => { parent => $zone } + $worker[1] } } + $_workers = $workers.reduce({}) |$memo, $worker| { $memo + { $worker[0] => { parent => $zone } + $worker[1] } } class { 'icinga': ca => false, From 30bf934228da7732535abefe0abb43033cf55efa Mon Sep 17 00:00:00 2001 From: Lennart Betz Date: Tue, 28 Nov 2023 17:22:20 +0100 Subject: [PATCH 17/21] Release version 4.1.0 --- CHANGELOG.md | 11 ++++++++++- metadata.json | 2 +- 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index fc93c9f..eb2a66d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,14 @@ # Changelog +## [v4.1.0](https://github.com/icinga/puppet-icinga/tree/v4.1.0) (2023-11-28) + +[Full Changelog](https://github.com/icinga/puppet-icinga/compare/v4.0.0...v4.1.0) + +**Implemented enhancements:** + +- Add feature to add additional zones to server and workers e.g. for cascading satellites [\#99](https://github.com/Icinga/puppet-icinga/issues/99) +- Add order to global zones to have them at the end of the file zones.conf [\#98](https://github.com/Icinga/puppet-icinga/issues/98) + ## [v4.0.0](https://github.com/icinga/puppet-icinga/tree/v4.0.0) (2023-11-23) [Full Changelog](https://github.com/icinga/puppet-icinga/compare/v3.2.1...v4.0.0) @@ -19,8 +28,8 @@ **Closed issues:** -- Drop Puppet 6 Support [\#90](https://github.com/Icinga/puppet-icinga/issues/90) - Add classes to manage pdfexports [\#46](https://github.com/Icinga/puppet-icinga/issues/46) +- Drop Puppet 6 Support [\#90](https://github.com/Icinga/puppet-icinga/issues/90) ## [v3.2.1](https://github.com/icinga/puppet-icinga/tree/v3.2.1) (2023-04-15) diff --git a/metadata.json b/metadata.json index 1588d10..9acfb83 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "icinga-icinga", - "version": "4.0.0", + "version": "4.1.0", "author": "Icinga", "summary": "Puppet Module to manage the Icinga Software Stack", "license": "Apache-2.0", From 3664d9b218cff9be2b998277181b3496adaa2cef Mon Sep 17 00:00:00 2001 From: Lennart Betz Date: Thu, 21 Dec 2023 10:37:30 +0100 Subject: [PATCH 18/21] fix #100 add PostgreSQL 15 support --- manifests/database.pp | 1 + 1 file changed, 1 insertion(+) diff --git a/manifests/database.pp b/manifests/database.pp index d5680ee..ce11b14 100644 --- a/manifests/database.pp +++ b/manifests/database.pp @@ -47,6 +47,7 @@ password => $_pass, encoding => $encoding, locale => $collation, + owner => $db_user, } $access_instances.each |$host| { From 71c1eb113261688f4c240eed406b8b4df5378da2 Mon Sep 17 00:00:00 2001 From: Lennart Betz Date: Thu, 21 Dec 2023 11:55:25 +0100 Subject: [PATCH 19/21] fix #101 add example for an Icinga HA and TLS based with dedicated MariaDB/MySQL and Icinga Web --- examples/mysql/data/common.yaml | 2 + examples/mysql/data/server1.icinga.com.yaml | 50 ++++++++ examples/mysql/data/server2.icinga.com.yaml | 50 ++++++++ examples/mysql/data/web.icinga.com.yaml | 122 ++++++++++++++++++++ examples/mysql/databases.pp | 14 +-- examples/mysql/icingaweb2.pp | 12 -- examples/mysql/server1-icingadb.pp | 35 ++++++ examples/mysql/server2-icingadb.pp | 34 ++++++ examples/mysql/web.pp | 60 ++++++++++ files/examples/server1.icinga.com.crt | 21 ++++ files/examples/server1.icinga.com.key | 27 +++++ files/examples/server2.icinga.com.crt | 21 ++++ files/examples/server2.icinga.com.key | 27 +++++ 13 files changed, 456 insertions(+), 19 deletions(-) create mode 100644 examples/mysql/data/common.yaml create mode 100644 examples/mysql/data/server1.icinga.com.yaml create mode 100644 examples/mysql/data/server2.icinga.com.yaml create mode 100644 examples/mysql/data/web.icinga.com.yaml delete mode 100644 examples/mysql/icingaweb2.pp create mode 100644 examples/mysql/server1-icingadb.pp create mode 100644 examples/mysql/server2-icingadb.pp create mode 100644 examples/mysql/web.pp create mode 100644 files/examples/server1.icinga.com.crt create mode 100644 files/examples/server1.icinga.com.key create mode 100644 files/examples/server2.icinga.com.crt create mode 100644 files/examples/server2.icinga.com.key diff --git a/examples/mysql/data/common.yaml b/examples/mysql/data/common.yaml new file mode 100644 index 0000000..5692863 --- /dev/null +++ b/examples/mysql/data/common.yaml @@ -0,0 +1,2 @@ +--- +icinga::ticket_salt: supersecret diff --git a/examples/mysql/data/server1.icinga.com.yaml b/examples/mysql/data/server1.icinga.com.yaml new file mode 100644 index 0000000..0f39a0f --- /dev/null +++ b/examples/mysql/data/server1.icinga.com.yaml @@ -0,0 +1,50 @@ +--- +icingadb::db_use_tls: true +icingadb::db_tls_insecure: true +icingadb::db_tls_cert: | + -----BEGIN CERTIFICATE----- + MIIC9TCCAd2gAwIBAgIIGo/Sz6h1KTIwDQYJKoZIhvcNAQELBQAwADAeFw0yMjEx + MDQwODI3MDBaFw0zMDExMDQwODI3MDBaMFwxCzAJBgNVBAYTAkRFMRAwDgYDVQQI + EwdCYXZhcmlhMRIwEAYDVQQHEwlOdXJlbWJlcmcxFDASBgNVBAoTC0ljaW5nYSBH + bWJIMREwDwYDVQQDEwhpY2luZ2FkYjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC + AQoCggEBAKzGSMdB/EHOzFpUVoaUf1tEA4YHcNDF/U3EzZRJyHlummoDYGK0f5yO + rIQhsl/XQRhW1PsCr2DL7U91SwHmkjjKDz3n51DuLhZoQX7gDYSJTOj8uyaIGoNu + yCbLMvxznxVFscsoiKTJN79pyOH+OkMh/wAlADjeqs/VzuLZHngNmezYQlt0U32L + 9LYQV6P1y2i1H/V8YXvCX2GTjw9b/ER5OxmtI0Z1UEIJ8ENTl+9lJRb72d+xZp8q + 4ZVjoUTO///3YUAkWnVA3BN+ZEL7ikbJBoyxYbDlGi5Dw/g+wVsvVWnyHdoWlJVX + w9n3wRXkYREdQHvO+OfVMoRpZW333YUCAwEAAaMXMBUwEwYDVR0lBAwwCgYIKwYB + BQUHAwIwDQYJKoZIhvcNAQELBQADggEBADtAKxj0d7Imv365abCQ3BBt2H3zpMfs + +V54uB08ACKX1Qb/KHJspp2uTBIoPbaPickvVZDiaaekKpEJ5HArTQodNkyCj+SA + XcRqfJGceBhwydBQBEgsYudeA3qRvM90Hy+jZsVNrOWylu/g3vjy6dnmcewDjczv + YdbGBZ6eevQcReCyK4ea0IC7iEheQ2az3S3ctgTZJD27Gc8THaC3Z/z1FhLTRjsf + VnszSSNjRWVcTuWDlaNwOGpEtiG+zLpqhIh1X2QFja3HCIFBjudpUtTd3/fgapWg + me68EXkRhPW0l6BC3rwlOMrN0VZYeM8ZAe8o5kB/Jolm68AdxJmtsyg= + -----END CERTIFICATE----- +icingadb::db_tls_key: | + -----BEGIN RSA PRIVATE KEY----- + MIIEpAIBAAKCAQEArMZIx0H8Qc7MWlRWhpR/W0QDhgdw0MX9TcTNlEnIeW6aagNg + YrR/nI6shCGyX9dBGFbU+wKvYMvtT3VLAeaSOMoPPefnUO4uFmhBfuANhIlM6Py7 + Jogag27IJssy/HOfFUWxyyiIpMk3v2nI4f46QyH/ACUAON6qz9XO4tkeeA2Z7NhC + W3RTfYv0thBXo/XLaLUf9Xxhe8JfYZOPD1v8RHk7Ga0jRnVQQgnwQ1OX72UlFvvZ + 37FmnyrhlWOhRM7///dhQCRadUDcE35kQvuKRskGjLFhsOUaLkPD+D7BWy9VafId + 2haUlVfD2ffBFeRhER1Ae87459UyhGllbffdhQIDAQABAoIBAQCofDzgw4JiEm7J + 79DpMMr5j1v4Si1ECq+4NSFdaI5tjORcWaqW1vpTC/dEay/tspYyTAsqNTYdqQBl + KjbZRaZ2ZuVyM0Iqc/rRsx2bwpasFtC/rCY9ryBb556b5jB0a7RJJEv7mC2YtPj+ + WwShDjB24yIvW+XZj5r3TsOQCLdjzhWBDpYM3t3bO/ip8r1/Jp0aR6gQNGMfLODj + Xnc270bbOYcNwORPj1sXTYoJlbuYcZunRVzR+ibQmorv01ZS2nZ7zzrZ1bgMspLn + A4G44DdfQRWlS5JlmY5/VoFMQC2vDsDRFznHavJYfwf4ljuT4dqq0zWlSIsuDGmV + WIb+dFHJAoGBANVdqvIlMq+H3LymNFaqW3XewFCmdHNNCtPjKJotWEWM5arbw1Jc + 5K4ijx4W7SCjDjaBd6Fei6yzHrmRhpq42vs9k+5+Hp9kml6IpgFSkuDJQkxbltH2 + tXpT4PK97JoF1gz7vH1WkTJv3YvHTgkeirKKjvPQbqubu+Fj8Gv5DlH7AoGBAM9M + PhWgssvzmB1qs5bVjT4iaFrbhdJ3G1U9k8N84Nl75iJrFMGVwq1T/bg+ljVbVPPq + gQIBqQL/b/RZVaBm/G7eEYvkmtAVvjaeyqsSLTOTG1c4F7wUusOB9CGPz6ym5Mia + dqq/5Bn9vGwZfunsi58sXZK1wACu4y+uR49BYvZ/AoGBAMluP4eRBJPgUM0sn7a9 + 59CUdbzuGHwN3M4C438ClhY7GUu/Y1urZRzcdX6zqDQqm61rdrQ6nORyyevo7km9 + gMa18KW0HVbfVDkxCn+vJAjhGB0cTnt0TQnqjDC+itMx9U2WjvFJO5SBNYfTpeFI + GyrJUoHtYb3TLYFwpzZYD2PnAoGAbTBjo1C53OO6RARoBBMICqpk/TaUDn/eTc/Z + fSbR6LxyQ77TeARCPrn28o1E4WXyIWhr+3qUY5fYiIRlrc+RN3SRGXaYdPJ+9pY9 + ek5gsMHTrOVG2zKwDTruNJ9jbDWcXG3AA8B/jZExJl9nkh+ei4D66MQDFlkIIZ1S + 5Ao07lECgYBYHli46N16zNGVzryL5M9mRue54qAnt8JOCHJF/Wf7DDqGhzMF8Fmv + 6C2zo2N/Jex1Sd8UitTOsATs9olEhAx+9lVMd/qUFzdCOlKpnFOgIu76HGAVSBNR + qU2COgF5D3GyaLweHUz6yS6Fto1I78JQXyVxEquqZ2RbeHZ7Da6Okw== + -----END RSA PRIVATE KEY----- diff --git a/examples/mysql/data/server2.icinga.com.yaml b/examples/mysql/data/server2.icinga.com.yaml new file mode 100644 index 0000000..0f39a0f --- /dev/null +++ b/examples/mysql/data/server2.icinga.com.yaml @@ -0,0 +1,50 @@ +--- +icingadb::db_use_tls: true +icingadb::db_tls_insecure: true +icingadb::db_tls_cert: | + -----BEGIN CERTIFICATE----- + MIIC9TCCAd2gAwIBAgIIGo/Sz6h1KTIwDQYJKoZIhvcNAQELBQAwADAeFw0yMjEx + MDQwODI3MDBaFw0zMDExMDQwODI3MDBaMFwxCzAJBgNVBAYTAkRFMRAwDgYDVQQI + EwdCYXZhcmlhMRIwEAYDVQQHEwlOdXJlbWJlcmcxFDASBgNVBAoTC0ljaW5nYSBH + bWJIMREwDwYDVQQDEwhpY2luZ2FkYjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC + AQoCggEBAKzGSMdB/EHOzFpUVoaUf1tEA4YHcNDF/U3EzZRJyHlummoDYGK0f5yO + rIQhsl/XQRhW1PsCr2DL7U91SwHmkjjKDz3n51DuLhZoQX7gDYSJTOj8uyaIGoNu + yCbLMvxznxVFscsoiKTJN79pyOH+OkMh/wAlADjeqs/VzuLZHngNmezYQlt0U32L + 9LYQV6P1y2i1H/V8YXvCX2GTjw9b/ER5OxmtI0Z1UEIJ8ENTl+9lJRb72d+xZp8q + 4ZVjoUTO///3YUAkWnVA3BN+ZEL7ikbJBoyxYbDlGi5Dw/g+wVsvVWnyHdoWlJVX + w9n3wRXkYREdQHvO+OfVMoRpZW333YUCAwEAAaMXMBUwEwYDVR0lBAwwCgYIKwYB + BQUHAwIwDQYJKoZIhvcNAQELBQADggEBADtAKxj0d7Imv365abCQ3BBt2H3zpMfs + +V54uB08ACKX1Qb/KHJspp2uTBIoPbaPickvVZDiaaekKpEJ5HArTQodNkyCj+SA + XcRqfJGceBhwydBQBEgsYudeA3qRvM90Hy+jZsVNrOWylu/g3vjy6dnmcewDjczv + YdbGBZ6eevQcReCyK4ea0IC7iEheQ2az3S3ctgTZJD27Gc8THaC3Z/z1FhLTRjsf + VnszSSNjRWVcTuWDlaNwOGpEtiG+zLpqhIh1X2QFja3HCIFBjudpUtTd3/fgapWg + me68EXkRhPW0l6BC3rwlOMrN0VZYeM8ZAe8o5kB/Jolm68AdxJmtsyg= + -----END CERTIFICATE----- +icingadb::db_tls_key: | + -----BEGIN RSA PRIVATE KEY----- + MIIEpAIBAAKCAQEArMZIx0H8Qc7MWlRWhpR/W0QDhgdw0MX9TcTNlEnIeW6aagNg + YrR/nI6shCGyX9dBGFbU+wKvYMvtT3VLAeaSOMoPPefnUO4uFmhBfuANhIlM6Py7 + Jogag27IJssy/HOfFUWxyyiIpMk3v2nI4f46QyH/ACUAON6qz9XO4tkeeA2Z7NhC + W3RTfYv0thBXo/XLaLUf9Xxhe8JfYZOPD1v8RHk7Ga0jRnVQQgnwQ1OX72UlFvvZ + 37FmnyrhlWOhRM7///dhQCRadUDcE35kQvuKRskGjLFhsOUaLkPD+D7BWy9VafId + 2haUlVfD2ffBFeRhER1Ae87459UyhGllbffdhQIDAQABAoIBAQCofDzgw4JiEm7J + 79DpMMr5j1v4Si1ECq+4NSFdaI5tjORcWaqW1vpTC/dEay/tspYyTAsqNTYdqQBl + KjbZRaZ2ZuVyM0Iqc/rRsx2bwpasFtC/rCY9ryBb556b5jB0a7RJJEv7mC2YtPj+ + WwShDjB24yIvW+XZj5r3TsOQCLdjzhWBDpYM3t3bO/ip8r1/Jp0aR6gQNGMfLODj + Xnc270bbOYcNwORPj1sXTYoJlbuYcZunRVzR+ibQmorv01ZS2nZ7zzrZ1bgMspLn + A4G44DdfQRWlS5JlmY5/VoFMQC2vDsDRFznHavJYfwf4ljuT4dqq0zWlSIsuDGmV + WIb+dFHJAoGBANVdqvIlMq+H3LymNFaqW3XewFCmdHNNCtPjKJotWEWM5arbw1Jc + 5K4ijx4W7SCjDjaBd6Fei6yzHrmRhpq42vs9k+5+Hp9kml6IpgFSkuDJQkxbltH2 + tXpT4PK97JoF1gz7vH1WkTJv3YvHTgkeirKKjvPQbqubu+Fj8Gv5DlH7AoGBAM9M + PhWgssvzmB1qs5bVjT4iaFrbhdJ3G1U9k8N84Nl75iJrFMGVwq1T/bg+ljVbVPPq + gQIBqQL/b/RZVaBm/G7eEYvkmtAVvjaeyqsSLTOTG1c4F7wUusOB9CGPz6ym5Mia + dqq/5Bn9vGwZfunsi58sXZK1wACu4y+uR49BYvZ/AoGBAMluP4eRBJPgUM0sn7a9 + 59CUdbzuGHwN3M4C438ClhY7GUu/Y1urZRzcdX6zqDQqm61rdrQ6nORyyevo7km9 + gMa18KW0HVbfVDkxCn+vJAjhGB0cTnt0TQnqjDC+itMx9U2WjvFJO5SBNYfTpeFI + GyrJUoHtYb3TLYFwpzZYD2PnAoGAbTBjo1C53OO6RARoBBMICqpk/TaUDn/eTc/Z + fSbR6LxyQ77TeARCPrn28o1E4WXyIWhr+3qUY5fYiIRlrc+RN3SRGXaYdPJ+9pY9 + ek5gsMHTrOVG2zKwDTruNJ9jbDWcXG3AA8B/jZExJl9nkh+ei4D66MQDFlkIIZ1S + 5Ao07lECgYBYHli46N16zNGVzryL5M9mRue54qAnt8JOCHJF/Wf7DDqGhzMF8Fmv + 6C2zo2N/Jex1Sd8UitTOsATs9olEhAx+9lVMd/qUFzdCOlKpnFOgIu76HGAVSBNR + qU2COgF5D3GyaLweHUz6yS6Fto1I78JQXyVxEquqZ2RbeHZ7Da6Okw== + -----END RSA PRIVATE KEY----- diff --git a/examples/mysql/data/web.icinga.com.yaml b/examples/mysql/data/web.icinga.com.yaml new file mode 100644 index 0000000..b46ae36 --- /dev/null +++ b/examples/mysql/data/web.icinga.com.yaml @@ -0,0 +1,122 @@ +--- +icingaweb2::use_tls: true +icingaweb2::module::monitoring::use_tls: true +icingaweb2::module::director::use_tls: true +icingaweb2::module::reporting::use_tls: true +icingaweb2::module::x509::use_tls: true + +icingaweb2::module::icingadb::db_use_tls: true +icingaweb2::module::icingadb::db_tls_cert: | + -----BEGIN CERTIFICATE----- + MIIC9TCCAd2gAwIBAgIIGo/Sz6h1KTIwDQYJKoZIhvcNAQELBQAwADAeFw0yMjEx + MDQwODI3MDBaFw0zMDExMDQwODI3MDBaMFwxCzAJBgNVBAYTAkRFMRAwDgYDVQQI + EwdCYXZhcmlhMRIwEAYDVQQHEwlOdXJlbWJlcmcxFDASBgNVBAoTC0ljaW5nYSBH + bWJIMREwDwYDVQQDEwhpY2luZ2FkYjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC + AQoCggEBAKzGSMdB/EHOzFpUVoaUf1tEA4YHcNDF/U3EzZRJyHlummoDYGK0f5yO + rIQhsl/XQRhW1PsCr2DL7U91SwHmkjjKDz3n51DuLhZoQX7gDYSJTOj8uyaIGoNu + yCbLMvxznxVFscsoiKTJN79pyOH+OkMh/wAlADjeqs/VzuLZHngNmezYQlt0U32L + 9LYQV6P1y2i1H/V8YXvCX2GTjw9b/ER5OxmtI0Z1UEIJ8ENTl+9lJRb72d+xZp8q + 4ZVjoUTO///3YUAkWnVA3BN+ZEL7ikbJBoyxYbDlGi5Dw/g+wVsvVWnyHdoWlJVX + w9n3wRXkYREdQHvO+OfVMoRpZW333YUCAwEAAaMXMBUwEwYDVR0lBAwwCgYIKwYB + BQUHAwIwDQYJKoZIhvcNAQELBQADggEBADtAKxj0d7Imv365abCQ3BBt2H3zpMfs + +V54uB08ACKX1Qb/KHJspp2uTBIoPbaPickvVZDiaaekKpEJ5HArTQodNkyCj+SA + XcRqfJGceBhwydBQBEgsYudeA3qRvM90Hy+jZsVNrOWylu/g3vjy6dnmcewDjczv + YdbGBZ6eevQcReCyK4ea0IC7iEheQ2az3S3ctgTZJD27Gc8THaC3Z/z1FhLTRjsf + VnszSSNjRWVcTuWDlaNwOGpEtiG+zLpqhIh1X2QFja3HCIFBjudpUtTd3/fgapWg + me68EXkRhPW0l6BC3rwlOMrN0VZYeM8ZAe8o5kB/Jolm68AdxJmtsyg= + -----END CERTIFICATE----- +icingaweb2::module::icingadb::db_tls_key: | + -----BEGIN RSA PRIVATE KEY----- + MIIEpAIBAAKCAQEArMZIx0H8Qc7MWlRWhpR/W0QDhgdw0MX9TcTNlEnIeW6aagNg + YrR/nI6shCGyX9dBGFbU+wKvYMvtT3VLAeaSOMoPPefnUO4uFmhBfuANhIlM6Py7 + Jogag27IJssy/HOfFUWxyyiIpMk3v2nI4f46QyH/ACUAON6qz9XO4tkeeA2Z7NhC + W3RTfYv0thBXo/XLaLUf9Xxhe8JfYZOPD1v8RHk7Ga0jRnVQQgnwQ1OX72UlFvvZ + 37FmnyrhlWOhRM7///dhQCRadUDcE35kQvuKRskGjLFhsOUaLkPD+D7BWy9VafId + 2haUlVfD2ffBFeRhER1Ae87459UyhGllbffdhQIDAQABAoIBAQCofDzgw4JiEm7J + 79DpMMr5j1v4Si1ECq+4NSFdaI5tjORcWaqW1vpTC/dEay/tspYyTAsqNTYdqQBl + KjbZRaZ2ZuVyM0Iqc/rRsx2bwpasFtC/rCY9ryBb556b5jB0a7RJJEv7mC2YtPj+ + WwShDjB24yIvW+XZj5r3TsOQCLdjzhWBDpYM3t3bO/ip8r1/Jp0aR6gQNGMfLODj + Xnc270bbOYcNwORPj1sXTYoJlbuYcZunRVzR+ibQmorv01ZS2nZ7zzrZ1bgMspLn + A4G44DdfQRWlS5JlmY5/VoFMQC2vDsDRFznHavJYfwf4ljuT4dqq0zWlSIsuDGmV + WIb+dFHJAoGBANVdqvIlMq+H3LymNFaqW3XewFCmdHNNCtPjKJotWEWM5arbw1Jc + 5K4ijx4W7SCjDjaBd6Fei6yzHrmRhpq42vs9k+5+Hp9kml6IpgFSkuDJQkxbltH2 + tXpT4PK97JoF1gz7vH1WkTJv3YvHTgkeirKKjvPQbqubu+Fj8Gv5DlH7AoGBAM9M + PhWgssvzmB1qs5bVjT4iaFrbhdJ3G1U9k8N84Nl75iJrFMGVwq1T/bg+ljVbVPPq + gQIBqQL/b/RZVaBm/G7eEYvkmtAVvjaeyqsSLTOTG1c4F7wUusOB9CGPz6ym5Mia + dqq/5Bn9vGwZfunsi58sXZK1wACu4y+uR49BYvZ/AoGBAMluP4eRBJPgUM0sn7a9 + 59CUdbzuGHwN3M4C438ClhY7GUu/Y1urZRzcdX6zqDQqm61rdrQ6nORyyevo7km9 + gMa18KW0HVbfVDkxCn+vJAjhGB0cTnt0TQnqjDC+itMx9U2WjvFJO5SBNYfTpeFI + GyrJUoHtYb3TLYFwpzZYD2PnAoGAbTBjo1C53OO6RARoBBMICqpk/TaUDn/eTc/Z + fSbR6LxyQ77TeARCPrn28o1E4WXyIWhr+3qUY5fYiIRlrc+RN3SRGXaYdPJ+9pY9 + ek5gsMHTrOVG2zKwDTruNJ9jbDWcXG3AA8B/jZExJl9nkh+ei4D66MQDFlkIIZ1S + 5Ao07lECgYBYHli46N16zNGVzryL5M9mRue54qAnt8JOCHJF/Wf7DDqGhzMF8Fmv + 6C2zo2N/Jex1Sd8UitTOsATs9olEhAx+9lVMd/qUFzdCOlKpnFOgIu76HGAVSBNR + qU2COgF5D3GyaLweHUz6yS6Fto1I78JQXyVxEquqZ2RbeHZ7Da6Okw== + -----END RSA PRIVATE KEY----- + +icingaweb2::tls_cacert: | + -----BEGIN CERTIFICATE----- + MIICkjCCAXqgAwIBAgIINVcaz0+ZvhcwDQYJKoZIhvcNAQELBQAwADAeFw0yMjEw + MDkwNzU0MDBaFw0zMjEwMDkwNzU0MDBaMAAwggEiMA0GCSqGSIb3DQEBAQUAA4IB + DwAwggEKAoIBAQDGbxXsiQH1ClfQu8Sg4PQ4fEnYKCSjjCefyPbZd+TqCVW8DE9x + L34uZijsgRolVi115orFHW+X0y+13CbtE5t+blD8IjOgw8iZ33Isu+UwkSP31NdS + A/C17WhVTv8qmipoHezjXz9cGyWj/QjFyoWGG6DfZT+zdC54zbcGL+XJ1ZEgCs3r + rnpLb4FKSp5w75US6JFsPLO0uN5vGNUwAwyeav/9bKvkzEFkwCWzT500lqgjmO3z + wFTk2kQf2Pjss2YtfVEef0jOTGxNXIBduAkDaPm2fdyObYYsdY2BFYDHq1TzAvyH + N6r5igRBhZVNbIeFUtskKJFgTcl8ShNruwB7AgMBAAGjEDAOMAwGA1UdEwQFMAMB + Af8wDQYJKoZIhvcNAQELBQADggEBAEiKjmVci32v/xEakVhjgxlpC6XVGLv0UhlK + mbDwjbziSXFeUwLZ4lVbi+04HJnb4wcEbIUT4c2ftFrLGU2bwpafb2bkg82gjkSt + CaoKi+/jkmZye9Jd8QrTWOQbnLGuB9ZnrAUKVSRIA8oYsreDPQfm7L2sNMDesk3T + 2mbjea/t7yFjLBIyWaPEGlUgpc+WeeUgcXsnoTP/gjSIFQBYpgUCswm+n757lwGR + KyxALP1ZqBGFXT/gBi3pLkbKoof3Jwnz5bD859j6scsLnLuKaIqb4M3Jd1IVlUda + yvtnXmJd1VkSKW3rRZzjh/vegarvrhhX139khH1eq8BIq++iUyU= + -----END CERTIFICATE----- +icingaweb2::tls_cert: | + -----BEGIN CERTIFICATE----- + MIIDSjCCAjKgAwIBAgIISjfODHGgYcYwDQYJKoZIhvcNAQELBQAwADAeFw0yMjEw + MDkwODI3MDBaFw0yNzEwMDkwODI3MDBaMFkxCzAJBgNVBAYTAkRFMRAwDgYDVQQI + EwdCYXZhcmlhMRIwEAYDVQQHEwlOdXJlbWJlcmcxDzANBgNVBAoTBkljaW5nYTET + MBEGA1UEAxMKaWNpbmdhd2ViMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC + ggEBAL/6mgA/+pM/oCfmRqtQ71dRFKNwkTdwrvy4FcxF8ZmhiU/m+4GqxLbcZb92 + arOhOYrtXNRjCjTyR8pjOkWsz0Tz0l7i5qFCy3t5vNJwK942Th3CMMqeS1GJzwgm + OISAuUYq7sUjX+lIVMfuxT20N4QIM5zVD2HJcFxKnKabAAvjUahce0nAtfVhXRsW + vIlzV9eZ9a1gc8hZwmYgnnx9QyFp2BsR7+qm7IY+yGwYX/HOqLoSi808R0kGrsBS + OXj+WLnah9KXhxAthZYdBX3SOjyd/GPe+KDM7QooKb2QY7QRDbPvtLBWGL+gUshD + 8fMV+k85oaTvb3yw3w/tRwFUOe8CAwEAAaNvMG0wDAYDVR0TAQH/BAIwADAdBgNV + HQ4EFgQUxBkdrPRo7JZlBqC1t8PbgJ9Wd6swCwYDVR0PBAQDAgSwMBEGCWCGSAGG + +EIBAQQEAwIFoDAeBglghkgBhvhCAQ0EERYPeGNhIGNlcnRpZmljYXRlMA0GCSqG + SIb3DQEBCwUAA4IBAQCEbqZPIae3lklGuDxJL9vX6C0+VZRr62ndhlDTXHKFZT1O + ED2Q+w4vMOEf07VuRaAPXpexkmNt+llq+yLEw4WGa4S5Q5NGVC+GojyRY91dToNz + zI140sVeqfi7IYuxkz2LM4ABEb1qcbQE5pgnIuPGMQAMLtFMcnbe8TnuHWMMAt8z + +182RyFeOPvg+Zy+uIawDlIHZWerc/79dZ0lrzoJ7d1MaQwTwZQwdQ0fzMndaoqJ + /YSlvmwMHL7z7+QGAAOSNaOfQyEMpoPrc6gHhqliGpUrZvzqkomEE7PrK1jj33H9 + V5YMCF7QVPAN/6I5XyOwTWPMBdUSPPed+mdZfJAl + -----END CERTIFICATE----- +icingaweb2::tls_key: | + -----BEGIN RSA PRIVATE KEY----- + MIIEpAIBAAKCAQEAv/qaAD/6kz+gJ+ZGq1DvV1EUo3CRN3Cu/LgVzEXxmaGJT+b7 + garEttxlv3Zqs6E5iu1c1GMKNPJHymM6RazPRPPSXuLmoULLe3m80nAr3jZOHcIw + yp5LUYnPCCY4hIC5RiruxSNf6UhUx+7FPbQ3hAgznNUPYclwXEqcppsAC+NRqFx7 + ScC19WFdGxa8iXNX15n1rWBzyFnCZiCefH1DIWnYGxHv6qbshj7IbBhf8c6ouhKL + zTxHSQauwFI5eP5YudqH0peHEC2Flh0FfdI6PJ38Y974oMztCigpvZBjtBENs++0 + sFYYv6BSyEPx8xX6TzmhpO9vfLDfD+1HAVQ57wIDAQABAoIBAAvU3v7a8o92oWE0 + IPDX+RgxiAsWmeyHxlEO61D+kog8W2EQRDnWk28NoDuviZ3udsRoIot4Wx2uPNxt + Rx8aKl/+gt2UMFCJ9E50zz1M6nc0c5YD7Mvf+5ZX3umKqXsJD+ISLUr7BiMzcP4t + afyGidFaTAwDWYJWTtVxR7xA2zzgNwTcPPFPaaimmjk4WV21DViK6tnb1GzC41Ty + yET2u0lknTmaCwCP//1aBd6AxBcgCyKL2n9Qidk0KwcA33eimR+OZRVxkq8/y2um + 22QO9b5Ji2Jef+pMPcXWK1nzq4QNidSLsxfRE7IYPFCrPjm8myBoFtm2zT1gmxbH + wq/COpkCgYEA/xBybJlK7fY1N8uKDAr30S5Mg/AEbtdHknv97WG6IFUZ2EcnHN7s + UsyOe7w3Ct1XHs8UkrZCTcciQcaZb8Bi/Gtzkz/auqa6hoaiBbr4XT2gOPAa5ngK + WozgaNDA7+6WqfHp0pa+76v7pZ4I3VPwAO5gfW5RCPhUKx570B6+NZMCgYEAwK7n + 2fvs8QA7vuWJ3QxOE+b03+luIOtIkCONadDb1suO5gSDqd9cga5n5z4Rt/Z6kIkh + hw4Jjmh5nMEw/mw6NhO9r06PaKjteKmLaY0UscD8Q1zUNx+vvkgLBY9iR1uwpvAB + N0CvuF9jnti/32HOIqOjoXf817S7fiuzal2t47UCgYEA7htwdij0Zgi9zYRZLrze + c4yBKXna6Y5W5kyR1BSzKJPJOLnTrYP9oZ4MNT6TM7VFKyGt1vgGFY2cUUMQ4d37 + iiDVF9U4X55d6k+s2SSdzo1FEWIz+op9P+Lba33VXyafx65p1YmcXSl0FjvdkqBV + IMlnkjB1vaX1DPu8IaFRd7kCgYBBuCZqSivxs2OtY7sXAwhqb17cNFEUt0tjpkyo + Z81jwMA3ohiKSx3ROXxE+f2vIkmBnNQrrVUDFo1MMvSUArQEF82dyozNZLjCbAmZ + 8b26NxmTnEjhmFQn8YiY1+PsdNCWz8uKXezRVO+0kTc4aLKXS/sWqsc5h3JfwWYL + hHI39QKBgQCiknEVd2D0zfQsRGRCg7VzgtCKR5j5tnIXMHroxAIule8RzKCykfXO + olHQKr3C3UcA8Jz2FQ0rMKhDMcOP1DmLz1PFQIiwgV8sIsIzycBzGqvduAbtzQKv + 94NFB2QUMPc9gl4hbOwe8RB6q0Isp4mFaBUdSWoHSuETjg5EYsIsOQ== + -----END RSA PRIVATE KEY----- diff --git a/examples/mysql/databases.pp b/examples/mysql/databases.pp index d97bf75..4ea8c97 100644 --- a/examples/mysql/databases.pp +++ b/examples/mysql/databases.pp @@ -54,49 +54,49 @@ } class { 'icinga::ido::database': - ido_instances => ['192.168.6.11', '192.168.6.12'], + ido_instances => ['192.168.6.2', '192.168.6.11', '192.168.6.12'], db_type => 'mysql', db_pass => 'icinga2', tls => 'password', } class { 'icinga::db::database': - access_instances => ['192.168.6.11', '192.168.6.12'], + access_instances => ['192.168.6.2', '192.168.6.11', '192.168.6.12'], db_type => 'mysql', db_pass => 'icingadb', tls => 'cert', } class { 'icinga::web::database': - web_instances => ['192.168.6.11', '192.168.6.12'], + web_instances => ['192.168.6.2', '192.168.6.11', '192.168.6.12'], db_type => 'mysql', db_pass => 'icingaweb2', tls => 'cert', } class { 'icinga::web::director::database': - web_instances => ['192.168.6.11', '192.168.6.12'], + web_instances => ['192.168.6.2'], db_type => 'mysql', db_pass => 'director', tls => 'password', } class { 'icinga::web::reporting::database': - web_instances => ['192.168.6.11', '192.168.6.12'], + web_instances => ['192.168.6.2'], db_type => 'mysql', db_pass => 'reporting', tls => 'password', } class { 'icinga::web::x509::database': - web_instances => ['192.168.6.11', '192.168.6.12'], + web_instances => ['192.168.6.2'], db_type => 'mysql', db_pass => 'x509', tls => 'password', } class { 'icinga::web::vspheredb::database': - web_instances => ['192.168.6.11', '192.168.6.12'], + web_instances => ['192.168.6.2'], db_type => 'mysql', db_pass => 'vspheredb', tls => 'password', diff --git a/examples/mysql/icingaweb2.pp b/examples/mysql/icingaweb2.pp deleted file mode 100644 index 781fc40..0000000 --- a/examples/mysql/icingaweb2.pp +++ /dev/null @@ -1,12 +0,0 @@ -class { 'icinga::repos': - manage_epel => true, -} - -class { 'icinga::web': - db_type => 'mysql', - db_host => 'localhost', - db_pass => 'icingaweb2', - default_admin_user => 'admin', - default_admin_pass => 'admin', - manage_database => true, -} diff --git a/examples/mysql/server1-icingadb.pp b/examples/mysql/server1-icingadb.pp new file mode 100644 index 0000000..0a2e621 --- /dev/null +++ b/examples/mysql/server1-icingadb.pp @@ -0,0 +1,35 @@ +/** + * Example for Icinga HA for server1.icinga.com as config server + * and server2.icinga2.com as secondary server. + * Notice: The example for db.icinga.com in examples/mysql/database.pp is TLS based. + * For TLS base example use hiera data in examples/mysql/data/. + */ + +host { 'db.icinga.com': + ip => '192.168.6.10', +} + +class { 'icinga::repos': + manage_epel => true, + manage_extras => true, +} + +class { 'icinga::server': + ca => true, + config_server => true, + colocation_endpoints => { 'server2.icinga.com' => { 'host' => '192.168.6.12', } }, + workers => {}, + global_zones => ['global-templates', 'linux-commands', 'windows-commands'], + web_api_pass => Sensitive('icingaweb2'), + director_api_pass => Sensitive('director'), + run_web => true, +} + +class { 'icinga::db': + db_type => 'mysql', + db_host => 'db.icinga.com', + db_pass => Sensitive('icingadb'), + manage_database => false, + redis_bind => ['127.0.0.1', '192.168.6.11'], + redis_pass => Sensitive('redis'), +} diff --git a/examples/mysql/server2-icingadb.pp b/examples/mysql/server2-icingadb.pp new file mode 100644 index 0000000..6dc3b72 --- /dev/null +++ b/examples/mysql/server2-icingadb.pp @@ -0,0 +1,34 @@ +/** + * Example for Icinga HA for server2.icinga.com as config server + * and server1.icinga2.com as secondary server. + * Notice: The example for db.icinga.com in examples/mysql/database.pp is TLS based. + * For TLS base example use hiera data in examples/mysql/data/. + */ + +host { 'db.icinga.com': + ip => '192.168.6.10', +} + +class { 'icinga::repos': + manage_epel => true, + manage_extras => true, +} + +class { 'icinga::server': + ca_server => '192.168.6.11', + colocation_endpoints => { 'server1.icinga.com' => { 'host' => '192.168.6.11', } }, + workers => {}, + global_zones => ['global-templates', 'linux-commands', 'windows-commands'], + web_api_pass => Sensitive('icingaweb2'), + director_api_pass => Sensitive('director'), + run_web => true, +} + +class { 'icinga::db': + db_type => 'mysql', + db_host => 'db.icinga.com', + db_pass => Sensitive('icingadb'), + manage_database => false, + redis_bind => ['127.0.0.1', '192.168.6.12'], + redis_pass => Sensitive('redis'), +} diff --git a/examples/mysql/web.pp b/examples/mysql/web.pp new file mode 100644 index 0000000..11e3381 --- /dev/null +++ b/examples/mysql/web.pp @@ -0,0 +1,60 @@ +/** + * Example for a dedicated Icinga Web instance for the examples in + * examples/mysql/server1-icingadb.pp and server2-icingadb.pp. + * For TLS base example use hiera data in examples/mysql/data/web.icinga.com.yaml. + */ + +host { 'db.icinga.com': + ip => '192.168.6.10', +} + +host { 'server1.icinga.com': + ip => '192.168.6.11', +} + +host { 'server2.icinga.com': + ip => '192.168.6.12', +} + +class { 'icinga::repos': + manage_epel => true, + manage_extras => true, +} + +class { 'icinga::web': + db_type => 'mysql', + db_host => 'db.icinga.com', + db_pass => Sensitive('icingaweb2'), + default_admin_user => 'admin', + default_admin_pass => Sensitive('admin'), + manage_database => false, + api_host => ['server1.icinga.com', 'server2.icinga.com'], + api_pass => Sensitive('icingaweb2'), +} + +class { 'icinga::web::icingadb': + db_type => 'mysql', + db_host => 'db.icinga.com', + db_pass => Sensitive('icingadb'), + redis_primary_host => '192.168.6.11', + redis_primary_pass => 'redis', + redis_secondary_host => '192.168.6.12', + redis_secondary_pass => 'redis', +} + +class { 'icinga::web::director': + db_type => 'mysql', + db_host => 'db.icinga.com', + db_pass => Sensitive('director'), + manage_database => false, + endpoint => 'server1.icinga.com', + api_host => '192.168.6.11', + api_pass => Sensitive('director'), +} + +#class { 'icinga::web::reporting': +# db_type => 'mysql', +# db_host => 'db.icinga.com', +# db_pass => Sensitive('reporting'), +# manage_database => false, +#} diff --git a/files/examples/server1.icinga.com.crt b/files/examples/server1.icinga.com.crt new file mode 100644 index 0000000..269be45 --- /dev/null +++ b/files/examples/server1.icinga.com.crt @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDiDCCAnCgAwIBAgIIKGTxg7QszA8wDQYJKoZIhvcNAQELBQAwADAeFw0yMzEy +MTkwOTM4MDBaFw0zMjEwMDkwNzU0MDBaMGExCzAJBgNVBAYTAkRFMRAwDgYDVQQI +EwdCYXZhcmlhMRIwEAYDVQQHEwlOdXJlbWJlcmcxDzANBgNVBAoTBkljaW5nYTEb +MBkGA1UEAxMSc2VydmVyMS5pY2luZ2EuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOC +AQ8AMIIBCgKCAQEAo9le5qQpjIQ2guhEno1VYE7g5fXQFxT8sFPOhBcL3iKtMfbB +QxTo8sWHEFdZ7ZjJJUhkS6skl6yhQweE4K3+S0b7lTq0B5UM7JuGxTNapf9xkIPA +4jzMvVCaphihLgNhE3xbK1DbTIUvLl1budyxfslxIOFfFOb/wOgi9vt7akxIx8Iz +LIsNRmefZChAYH450OkIIWol2s9TJBTgJNAHjuJ4cKc9DFLzP6tZsgBripXhJR/r +3Ckkf2RI9dYUfNdmBzkrZnTJpwGUekBO03x9495o4tR8m5GDQ+m4pGdzD44bj93W +4uVx75XzM3sN2JViF4c1HHqcfY0xpg4/U2ZjjQIDAQABo4GkMIGhMAwGA1UdEwEB +/wQCMAAwHQYDVR0OBBYEFDTMuaEdofW7kRTDMdYPK99WZmftMAsGA1UdDwQEAwID +6DATBgNVHSUEDDAKBggrBgEFBQcDATAdBgNVHREEFjAUghJzZXJ2ZXIxLmljaW5n +YS5jb20wEQYJYIZIAYb4QgEBBAQDAgZAMB4GCWCGSAGG+EIBDQQRFg94Y2EgY2Vy +dGlmaWNhdGUwDQYJKoZIhvcNAQELBQADggEBADtkEMfcus7yf29dfcd7uoy23Gbh +NPMZqPzkdShIgyxJwuWzeNNPzK8glErT5cYbmle4LLYjZSPfjiVezlZWdLCg6f0d +fup2yjFvq8rycnx64i49dhBsme6p3btJ0gmDIEwxGQAtU1cyPwrcuHH7sh1a73bV +UW/kuzwLT2xaEWNp6Bj1ys7VPzZ+ZFvzEtSre780ILwhVAOEEf3OFm14thtp1crq +6NA0PvAZxy9Fnn0RzUOJTRiZcRv712ueIbVYFXOlCXd7bOd580s+CMuhUfFBjXU6 +jcrlJLtKWe57cSAJLQu5GmBjOk0pNRPzmSDSpJLSBCU0PRm/5RnhKfi7aP4= +-----END CERTIFICATE----- diff --git a/files/examples/server1.icinga.com.key b/files/examples/server1.icinga.com.key new file mode 100644 index 0000000..4ded0dd --- /dev/null +++ b/files/examples/server1.icinga.com.key @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEAo9le5qQpjIQ2guhEno1VYE7g5fXQFxT8sFPOhBcL3iKtMfbB +QxTo8sWHEFdZ7ZjJJUhkS6skl6yhQweE4K3+S0b7lTq0B5UM7JuGxTNapf9xkIPA +4jzMvVCaphihLgNhE3xbK1DbTIUvLl1budyxfslxIOFfFOb/wOgi9vt7akxIx8Iz +LIsNRmefZChAYH450OkIIWol2s9TJBTgJNAHjuJ4cKc9DFLzP6tZsgBripXhJR/r +3Ckkf2RI9dYUfNdmBzkrZnTJpwGUekBO03x9495o4tR8m5GDQ+m4pGdzD44bj93W +4uVx75XzM3sN2JViF4c1HHqcfY0xpg4/U2ZjjQIDAQABAoIBAC2HgoJujYkZWBhq +OF8igN3hLUdZVfiEAW9x6kn0KX0Rf7UJj0x3q/+B+fUFgNyv/vzYL96C8QkglDMP +DNJuJuJ+F/ywskQFG/FHilyT15WW9NSmd9ul73KPyllrMKabk8cZYDAaKMYLoD+u ++4UbGUtU6JWtaoFhayIMn2KoIPQ5SnWTP7xFp3BZ2za3wSn1M3d+ulDQdt6Brzrv +F0NGkEUS/N1rjCsFdF2qWhlue4KS5wlpPUMEWPnNvm7kHQNsyhxQLmpuXb0H08Zd +XdZPR65e0+qZc+eybJ8CxlRlX02cgTuXao5YpFSb1SLRK57Rwz2eY8H8jIMLAln1 +vfaAGLUCgYEA1f73W98BBIM20QNj5tTtagqaZ0ntjO5WfckqhRMGa33SF4aqnDmA +DP5dHQXFqbTHyVIriqP2djIoBHMsUOQnlCwtx014OuZPPLGssYmj3IeSM9179i85 +Njcn9JAWHwEnlc8vOkty5Z9x7zm3jzD8Sala7/Lw1u7eXZ7ffSMR48cCgYEAxAKW +KddBIuxcWSGCS6kUxuFr1AgEHZHyyQ9sKMuAttKzma+vUW7lEfxxM38OBvgHc/Ai +S8OnOy7nReSmXQ3NVTT3QCFMLTPcfWYEl1jCbwox8ZwFtKRYWkzE1vhclBonuucJ +I7cLuPS5DlrePWoMlyq3a2EPjKFmbUhdnPJ9lgsCgYEAif5ZWifqyxMmBRBPmqmR +00C1Iof8pFWI9qIDRj7nc+d10+/mEsnNdhOMzctMFExcTMktBMEIjF15iq0OVbda +gmUevBeLwUeErxnPx8h/HxVZRRK8/hqjpP9aR42mhiXDdgpdZRUEKWhxGxe386Fd +/s4zsumRPrhYMjzh1xsHTT8CgYBSCFMYR8I2/3zWwLNrPuQ3J/ic0I4IYiCeDRpT +KHhCC4Sm+WQCTMsJ8ADgcHhKaluUJhf0ZXoDxul70undX/1jf7tK16St9lp9EMkz +Hi6hkj68w3OP2ogvoplu7pqwURH3ouGsVNtPGPyqCVWhllSWn4YMJp7/WD0p13N2 +T/ZHaQKBgQC0G21rKKGoIG4SMj/VCMq2y1nsgXiSzQ07n1fqqhZ79RFfKM7KPu+6 +x0B8jfPmYvIZ4GY5/TVef7PongDI8BxUtYGoXZwDH5jjW8Njxr75yiYMWUMLoPTV +f+dJBmsJDJdSaIkkBC0oS121O4Hof8kD2JihPRxldc7QG2lenGgF5g== +-----END RSA PRIVATE KEY----- diff --git a/files/examples/server2.icinga.com.crt b/files/examples/server2.icinga.com.crt new file mode 100644 index 0000000..4736217 --- /dev/null +++ b/files/examples/server2.icinga.com.crt @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDiDCCAnCgAwIBAgIIBELc8EJzxmEwDQYJKoZIhvcNAQELBQAwADAeFw0yMzEy +MTkwOTM2MDBaFw0zMjEwMDkwNzU0MDBaMGExCzAJBgNVBAYTAkRFMRAwDgYDVQQI +EwdCYXZhcmlhMRIwEAYDVQQHEwlOdXJlbWJlcmcxDzANBgNVBAoTBkljaW5nYTEb +MBkGA1UEAxMSc2VydmVyMi5pY2luZ2EuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOC +AQ8AMIIBCgKCAQEAoaygiTyiI3UG3xv4MZEpz1H8PSz7dIu4afxJj8wQCk2uT5tD +sPObaq+zZaiLM6eAnhr6xmMYpJ16Dn6ONmWrFGuvrFuD7dDsGq2lO4g8tdWWjRRb +bFtthWZ627C7yqSAI62gKs5e/T5afUxJiBaAm7FmM3ky0r2rBSNcK1RnAvFB6xKs +2YoVdK/7ql85HhNzOCyR1AV0JKERrwgRWcCJhdP3oM0uLDHXtD14HlZ/P15KsPAZ +M64BX6U0Cq4KI+mZFIXSuydx8P8I3WFHNOCqbG1sI0hiDM9NzVhpBIiEVl+fUd7h +/8vWNDljQtC8tS0Gd3ZPy06s65v6ESmay4pDLwIDAQABo4GkMIGhMAwGA1UdEwEB +/wQCMAAwHQYDVR0OBBYEFP3JzUHckcRWuSJimTuELpOScoIzMAsGA1UdDwQEAwID +6DATBgNVHSUEDDAKBggrBgEFBQcDATAdBgNVHREEFjAUghJzZXJ2ZXIyLmljaW5n +YS5jb20wEQYJYIZIAYb4QgEBBAQDAgZAMB4GCWCGSAGG+EIBDQQRFg94Y2EgY2Vy +dGlmaWNhdGUwDQYJKoZIhvcNAQELBQADggEBALYAqOq6V8Gkx30MCYTn/M7aD8UA +pFaXnxyBxUXryzVfJ+QBo7xV7HzULi8C5QUjezBqigzSD1uwNpSINJLNzsf9QNu2 +h0Q0e6et8MFBrhOxCV4qZu0bkvqICkDeX2QBdeyEQ46TkS6jZ4noOnbMssNGkQDQ +1wFgGR57pNiZ2S5PoCFcgbWWP502O/7iBIsKhA0GBHjBbsrIxF91fEoJrnVKv+GE +wclNQwTm4SfbBx8kKhJ56qYS9tYvam/w0Qwg57w9ssUo3xJyct4JSqQdetpm54Yj +Sn9Twqrhfk4U39yiGRQlp1LR5PrV+wOQXeN12STyvWXKczsnWc0mLE3toKo= +-----END CERTIFICATE----- diff --git a/files/examples/server2.icinga.com.key b/files/examples/server2.icinga.com.key new file mode 100644 index 0000000..d99b03d --- /dev/null +++ b/files/examples/server2.icinga.com.key @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEAoaygiTyiI3UG3xv4MZEpz1H8PSz7dIu4afxJj8wQCk2uT5tD +sPObaq+zZaiLM6eAnhr6xmMYpJ16Dn6ONmWrFGuvrFuD7dDsGq2lO4g8tdWWjRRb +bFtthWZ627C7yqSAI62gKs5e/T5afUxJiBaAm7FmM3ky0r2rBSNcK1RnAvFB6xKs +2YoVdK/7ql85HhNzOCyR1AV0JKERrwgRWcCJhdP3oM0uLDHXtD14HlZ/P15KsPAZ +M64BX6U0Cq4KI+mZFIXSuydx8P8I3WFHNOCqbG1sI0hiDM9NzVhpBIiEVl+fUd7h +/8vWNDljQtC8tS0Gd3ZPy06s65v6ESmay4pDLwIDAQABAoIBAAPB0j0+NnpidtVq +ffsQ54rU2erGB9XuhUuZPFBmKp1CruFUt17+WkdBbAbZwtphcyC5echwdxskObjq +gf2LoU0pL3zu54L4TvRTwro+cUK8gvImXfWHrmTiO8qtMcAE0KGDoGw+PYDfGRU+ +V5sdAsIbfkeF8oNpOvc0mii7nmU4Ep2JtRG517gZyR88fvosat/Ur0bd+gnp6+Uh +vNSDiHgdN1Uf9wmkVV8z0SlAGEZ4nTRhgGCJwCxwzvyqNs+KJq0LDUzebczF5OYV +vNtRTTHkLVdhxpbMe4mQ1I8a4x5y8+cTTsE54eydcdhKHPHBaWku8GsnC5/eqynR +Im4JJBkCgYEA0RkLlrqiqZMkN1h7sfPu1j/9MV5nfxP6GmReOCuCyWcc6TRtI5F3 +Iv2uE54UnBptbuR5dUko+CTi+gh7YSbJQC6RL9ROdboc6WLnjdQAJcql6ozcoo/m +kIWEz2ic0RpKBGV7fXD9ptcExmqJW4uzu+7XNnzV+Y4zgDKs57YxDoUCgYEAxfBl +yWYwTB8mXyBd3HECpq1KltPfXB9IXSUSvhN0Ntmu6bj5T8FT1Tt8rG6Qof+kxMVz +/dZT1ZgNH17zCtuu2cpEQMA7io1VJrW0OqE6hx7xfUqXytJJVY+0/J/hPa8LoPhJ +iRyQzqENM9VtqiKFs6hU3svJwdW19atWgHW8WyMCgYEAqkDMUNRyccSfLnlbblAC +Xm0HydTmTHCFqkui8/VprnfI8JGBc/6TlOgdf1etzFUwWaSqyLbjJvlR3uhdHYOp +RhskmF8z62O4+sdPZwoBfMP+SHadh7fHslElDIRPe2r+bYn7/O2tetWEy9IfOW0M +0a7tiS4oQ+RnRrD8XEbatskCgYEAv8cYR5bLyqUPn3ETn8aaw/T4ZMQpD+97REvs +Kd9dZNtqPicq3tw4Jkv5knOZjGvNL50DsffbyAIHDNMI9gc9FOSFVpsp1Sb0TooU +cg3OUCZp4XPJOAigZtbSi0U4jXQw9yg4zzCvGJQv3321P/csxZGdkTOvai9umfUE +3Xe1JDMCgYBeSWT6O1NZt2/z1Rib45yXObvvrf2TgEIozKD5OpWxPuiS3Q4VMnVR +Ts409kfrOfhMQTweo/WN9/mhMfBZ74V6bcJiAnd4NVTtthPCfEQSsUJWAKcuyRNe +odyxyjk8GJDrUW4RsvbU/cSSoNNNjMgMQKRT/VkGgV7BazqNAmDklw== +-----END RSA PRIVATE KEY----- From b33695ae016190344a1cc48c9a378d2e2832ed38 Mon Sep 17 00:00:00 2001 From: Lennart Betz Date: Thu, 21 Dec 2023 12:05:07 +0100 Subject: [PATCH 20/21] fix style of comments --- examples/mysql/server1-icingadb.pp | 12 +++++------- examples/mysql/server2-icingadb.pp | 10 ++++------ examples/mysql/web.pp | 8 +++----- 3 files changed, 12 insertions(+), 18 deletions(-) diff --git a/examples/mysql/server1-icingadb.pp b/examples/mysql/server1-icingadb.pp index 0a2e621..d659f6b 100644 --- a/examples/mysql/server1-icingadb.pp +++ b/examples/mysql/server1-icingadb.pp @@ -1,10 +1,8 @@ -/** - * Example for Icinga HA for server1.icinga.com as config server - * and server2.icinga2.com as secondary server. - * Notice: The example for db.icinga.com in examples/mysql/database.pp is TLS based. - * For TLS base example use hiera data in examples/mysql/data/. - */ - +# Example for Icinga HA for server1.icinga.com as config server +# and server2.icinga2.com as secondary server. +# Notice: The example for db.icinga.com in examples/mysql/database.pp is TLS based. +# For TLS base example use hiera data in examples/mysql/data/. + host { 'db.icinga.com': ip => '192.168.6.10', } diff --git a/examples/mysql/server2-icingadb.pp b/examples/mysql/server2-icingadb.pp index 6dc3b72..5f4b4de 100644 --- a/examples/mysql/server2-icingadb.pp +++ b/examples/mysql/server2-icingadb.pp @@ -1,9 +1,7 @@ -/** - * Example for Icinga HA for server2.icinga.com as config server - * and server1.icinga2.com as secondary server. - * Notice: The example for db.icinga.com in examples/mysql/database.pp is TLS based. - * For TLS base example use hiera data in examples/mysql/data/. - */ +# Example for Icinga HA for server2.icinga.com as config server +# and server1.icinga2.com as secondary server. +# Notice: The example for db.icinga.com in examples/mysql/database.pp is TLS based. +# For TLS base example use hiera data in examples/mysql/data/. host { 'db.icinga.com': ip => '192.168.6.10', diff --git a/examples/mysql/web.pp b/examples/mysql/web.pp index 11e3381..8625358 100644 --- a/examples/mysql/web.pp +++ b/examples/mysql/web.pp @@ -1,8 +1,6 @@ -/** - * Example for a dedicated Icinga Web instance for the examples in - * examples/mysql/server1-icingadb.pp and server2-icingadb.pp. - * For TLS base example use hiera data in examples/mysql/data/web.icinga.com.yaml. - */ +# Example for a dedicated Icinga Web instance for the examples in +# examples/mysql/server1-icingadb.pp and server2-icingadb.pp. +# For TLS base example use hiera data in examples/mysql/data/web.icinga.com.yaml. host { 'db.icinga.com': ip => '192.168.6.10', From 4a3d91602fe3e398cf2bc84d8798c77b3734beec Mon Sep 17 00:00:00 2001 From: Lennart Betz Date: Thu, 21 Dec 2023 12:16:32 +0100 Subject: [PATCH 21/21] Release version 4.1.1 --- CHANGELOG.md | 12 ++++++++++++ metadata.json | 2 +- 2 files changed, 13 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index eb2a66d..2f15b2f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,17 @@ # Changelog +## [v4.1.1](https://github.com/icinga/puppet-icinga/tree/v4.1.1) (2023-12-21) + +[Full Changelog](https://github.com/icinga/puppet-icinga/compare/v4.1.0...v4.1.1) + +**Fixed bugs:** + +- Add PostgreSQL 15 support [\#100](https://github.com/Icinga/puppet-icinga/issues/100) + +**Closed issues:** + +- Add example for an Icinga HA and TLS based with dedicated MariaDB/MySQL and Icinga Web [\#101](https://github.com/Icinga/puppet-icinga/issues/101) + ## [v4.1.0](https://github.com/icinga/puppet-icinga/tree/v4.1.0) (2023-11-28) [Full Changelog](https://github.com/icinga/puppet-icinga/compare/v4.0.0...v4.1.0) diff --git a/metadata.json b/metadata.json index 9acfb83..8d02109 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "icinga-icinga", - "version": "4.1.0", + "version": "4.1.1", "author": "Icinga", "summary": "Puppet Module to manage the Icinga Software Stack", "license": "Apache-2.0",