switching vps to be the icinga master

icinga2/files/client_sudo.jinja

@@ -1,3 +1,3 @@
 # monitoring sudoers rules
-nagios ALL=(ALL) NOPASSWD: \
+icinga ALL=(ALL) NOPASSWD: \
   {{ salt.pillar.get('icinga2:client_sudo') | join(", \\\n") | indent(2) }}

icinga2/files/git_clone_icinga2_conf.sh

@@ -0,0 +1,25 @@
+#!/bin/bash
+{# code: lang=jinja-shell #}
+
+if ! id icinga &>/dev/null; then
+  echo icinga user is missing
+  exit 1
+fi
+
+if [ -d /etc/icinga2/.git ]; then
+  echo already cloned
+  exit 1
+fi
+
+# show commands executed
+set -x
+# exit on errors
+set -e
+
+rm -rf /etc/icinga2
+
+cd /etc/
+
+git clone '{{ salt.pillar.get('icinga2:server:conf_git_url') }}' icinga2
+
+chown -R icinga.icinga /etc/icinga2

icinga2/files/icingaweb2.jinja

@@ -1,42 +0,0 @@
-server {
-
-server_name icinga.keiran.us;
-
-rewrite ^/$ https://icinga.keiran.us/icingaweb2 permanent;
-
-  location ~ ^/icingaweb2/index\.php(.*)$ {
-    # fastcgi_pass 127.0.0.1:9000;
-    fastcgi_pass unix:/var/run/php/php7.3-fpm.sock;
-    fastcgi_index index.php;
-    include fastcgi_params;
-    fastcgi_param SCRIPT_FILENAME /usr/share/icingaweb2/public/index.php;
-    fastcgi_param ICINGAWEB_CONFIGDIR /etc/icingaweb2;
-    fastcgi_param REMOTE_USER $remote_user;
-  }
-
-  location ~ ^/icingaweb2(.+)? {
-    alias /usr/share/icingaweb2/public;
-    index index.php;
-    try_files $1 $uri $uri/ /icingaweb2/index.php$is_args$args;
-  }
-
-    listen 443 ssl; # managed by Certbot
-    ssl_certificate /etc/letsencrypt/live/icinga.keiran.us/fullchain.pem; # managed by Certbot
-    ssl_certificate_key /etc/letsencrypt/live/icinga.keiran.us/privkey.pem; # managed by Certbot
-    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
-    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
-
-}
-server {
-    if ($host = icinga.keiran.us) {
-        return 301 https://$host$request_uri;
-    } # managed by Certbot
-
-
-
-server_name icinga.keiran.us;
-    listen 80;
-    return 404; # managed by Certbot
-
-
-}