switching vps to be the icinga master
This commit is contained in:
@@ -1,24 +1,4 @@
|
||||
include:
|
||||
- nginx
|
||||
|
||||
icinga_packages:
|
||||
pkg.installed:
|
||||
- pkgs:
|
||||
- vim-icinga2
|
||||
- icinga2
|
||||
- icingaweb2
|
||||
- icinga2-ido-mysql
|
||||
- certbot
|
||||
- python-certbot-nginx
|
||||
|
||||
apache2:
|
||||
service.dead:
|
||||
- enable: False
|
||||
- require_by:
|
||||
- pkg: nginx
|
||||
file.absent:
|
||||
- name: /etc/apache2
|
||||
|
||||
{#
|
||||
icingaweb2_vhost:
|
||||
file.managed:
|
||||
- name: /etc/nginx/sites-available/icingaweb2
|
||||
@@ -30,23 +10,88 @@ icingaweb2_vhost:
|
||||
- pkg: nginx
|
||||
- watch_by:
|
||||
- service: nginx
|
||||
#}
|
||||
|
||||
/etc/icinga2:
|
||||
git.cloned:
|
||||
- name: ssh://keiran5@git.keiran.us:9022/config-mgmt/icinga2-conf.git
|
||||
- user: nagios
|
||||
- target: /etc/icinga2
|
||||
/etc/pki/rpm-gpg/icinga.key:
|
||||
file.managed:
|
||||
- user: root
|
||||
- group: root
|
||||
- mode: 644
|
||||
- source: https://packages.icinga.com/icinga.key
|
||||
- source_hash: be677e07972ed57b99ffc2fd211379ac11b9c6a7c8d9460086b447b96b0a82bb
|
||||
|
||||
# icingacli setup config directory
|
||||
# icingacli setup token create
|
||||
# icingacli setup token show
|
||||
# visit /icingaweb2/setup
|
||||
icingacmd:
|
||||
group.present: []
|
||||
|
||||
icingaweb2_enable:
|
||||
icinga:
|
||||
user.present:
|
||||
- shell: /bin/bash
|
||||
- home: /var/spool/icinga2
|
||||
- createhome: true
|
||||
- groups:
|
||||
- icingacmd
|
||||
- system: true
|
||||
- require:
|
||||
- group: icingacmd
|
||||
pkgrepo.managed:
|
||||
- humanname: ICINGA (stable release)
|
||||
- baseurl: https://packages.icinga.com/epel/$releasever/release/
|
||||
- enabled: 1
|
||||
- gpgcheck: 1
|
||||
- gpgkey: file:///etc/pki/rpm-gpg/icinga.key
|
||||
- require:
|
||||
- file: /etc/pki/rpm-gpg/icinga.key
|
||||
- user: icinga
|
||||
pkg.installed:
|
||||
- pkgs:
|
||||
- vim-icinga2
|
||||
- icinga2
|
||||
- nagios-plugins-by_ssh
|
||||
- nagios-plugins-ping
|
||||
- nagios-plugins-ssh
|
||||
- nagios-plugins-http
|
||||
- icinga2-ido-mysql
|
||||
- require:
|
||||
- pkgrepo: icinga
|
||||
|
||||
# You'll need to add a temporary deploy key for root, then create a permanent
|
||||
# one for the icinga user
|
||||
'git clone /etc/icinga2':
|
||||
cmd.script:
|
||||
- shell: /bin/bash
|
||||
- source: 'salt://icinga2/files/git_clone_icinga2_conf.sh'
|
||||
- runas: root
|
||||
- template: jinja
|
||||
- creates: /etc/icinga2/.git
|
||||
- require:
|
||||
- pkg: icinga
|
||||
|
||||
/var/spool/icinga2/conf:
|
||||
file.symlink:
|
||||
- name: /etc/nginx/sites-enabled/icingaweb2
|
||||
- target: /etc/nginx/sites-available/icingaweb2
|
||||
- watch_by:
|
||||
- service: nginx
|
||||
- target: /etc/icinga2
|
||||
- require:
|
||||
- user: icinga
|
||||
|
||||
/var/spool/icinga2/.ssh:
|
||||
file.directory:
|
||||
- user: icinga
|
||||
- group: icinga
|
||||
- mode: 700
|
||||
- require:
|
||||
- user: icinga
|
||||
|
||||
/var/spool/icinga2/.ssh/authorized_keys:
|
||||
file.managed:
|
||||
- user: icinga
|
||||
- group: icinga
|
||||
- mode: 400
|
||||
- contents_pillar: icinga2:server:icinga_user_authkeys
|
||||
|
||||
#icingaweb2_enable:
|
||||
# file.symlink:
|
||||
# - name: /etc/nginx/sites-enabled/icingaweb2
|
||||
# - target: /etc/nginx/sites-available/icingaweb2
|
||||
# - watch_by:
|
||||
# - service: nginx
|
||||
|
||||
# apt --no-install-recommends install nagios-nrpe-plugin
|
||||
|
||||
Reference in New Issue
Block a user