Puppet Class: icinga::server

Defined in:

manifests/server.pp

Summary

Setup a Icinga server.

Overview

Parameters:

• ca (Boolean) (defaults to: false) —

  Enables a CA on this node.

• config_server (Boolean) (defaults to: false) —

  Enables that this node is the central configuration server.

• zone (String) (defaults to: 'main') —

  Name of the Icinga zone.

• colocation_endpoints (Hash[String,Hash]) (defaults to: {}) —

  When the zone includes more than one endpoint, set here the additional endpoint(s). Icinga supports two endpoints per zone only.

• workers (Hash[String,Hash]) (defaults to: {}) —

  All worker zones with key ‘endpoints’ for endpoint objects.

• global_zones (Array[String]) (defaults to: []) —

  List of global zones to configure.

• ca_server (Optional[Stdlib::Host]) (defaults to: undef) —

  The CA to send the certificate request to.

• ticket_salt (Optional[String]) (defaults to: undef) —

  Set an alternate ticket salt to icinga::ticket_salt from Hiera.

• web_api_user (String) (defaults to: 'icingaweb2') —

  Icinga API user to connect Icinga 2.

• web_api_pass (Optional[String]) (defaults to: undef) —

  Icinga API user password.

• logging_type (Enum['file', 'syslog']) (defaults to: 'file') —

  Switch the log target. Only ‘file` is supported on Windows.

• logging_level (Optional[Icinga2::LogSeverity]) (defaults to: undef) —

  Set the log level.

# File 'manifests/server.pp', line 42

class icinga::server(
  Boolean                         $ca                   = false,
  Boolean                         $config_server        = false,
  String                          $zone                 = 'main',
  Hash[String,Hash]               $colocation_endpoints = {},
  Hash[String,Hash]               $workers              = {},
  Array[String]                   $global_zones         = [],
  Optional[Stdlib::Host]          $ca_server            = undef,
  Optional[String]                $ticket_salt          = undef,
  String                          $web_api_user         = 'icingaweb2',
  Optional[String]                $web_api_pass         = undef,
  Enum['file', 'syslog']          $logging_type         = 'file',
  Optional[Icinga2::LogSeverity]  $logging_level        = undef,
) {

  if empty($colocation_endpoints) {
    $_ca            = true
    $_config_server = true
  } else {
    if !$ca and !$ca_server {
      fail('Class[Icinga::Server]: expects a value for parameter \'ca_server\'')
    }
    $_ca            = $ca
    $_config_server = $config_server
  }

  # inject parent zone
  $_workers = parseyaml(inline_template(
    '<%= @workers.inject({}) {|h, (x,y)| h[x] = y.merge({"parent" => @zone}); h}.to_yaml %>'
  ))

  class { '::icinga':
    ca            => $_ca,
    ca_server     => $ca_server,
    this_zone     => $zone,
    zones         => merge({
      'ZoneName' => { 'endpoints' => { 'NodeName' => {}} + $colocation_endpoints },
    }, $_workers),
    logging_type  => $logging_type,
    logging_level => $logging_level,
    ticket_salt   => $ticket_salt,
  }

  include ::icinga2::feature::checker
  include ::icinga2::feature::notification

  ::icinga2::object::zone { $global_zones:
    global => true,
  }

  if $_config_server {
    ::icinga2::object::apiuser { $web_api_user:
      password    => $web_api_pass,
      permissions => [ 'status/query', 'actions/*', 'objects/modify/*', 'objects/query/*' ],
      target      => "/etc/icinga2/zones.d/${zone}/api-users.conf",
    }

    ($global_zones + keys($_workers) + $zone).each |String $dir| {
      file { "${::icinga2::globals::conf_dir}/zones.d/${dir}":
        ensure => directory,
        tag    => 'icinga2::config::file',
        owner  => $::icinga2::globals::user,
        group  => $::icinga2::globals::group,
        mode   => '0750',
      }
    }
  } else {
    file { "${::icinga2::globals::conf_dir}/zones.d":
      ensure  => directory,
      purge   => true,
      recurse => true,
      force   => true,
    }
  }

}