salt
/
icinga2-formula
Beobachten 2
Favorisieren 0
Fork 0
Code Issues 0 Pull-Requests 0 Releases 0 Wiki Aktivität
Quellcode durchsuchen

Separate parameters minion id and fqdn to get CA and master certs

master
Ricardo Hernandez vor 8 Jahren
Ursprung
ee124b82e3
Commit
f6759d6bd6
5 geänderte Dateien mit 11 neuen und 10 gelöschten Zeilen
Geteilte Ansicht Diff-Statistik anzeigen
  1. +2
    -1
      icinga2/defaults.yaml
  2. +2
    -2
      icinga2/pki/cert.sls
  3. +1
    -1
      icinga2/pki/node.sls
  4. +1
    -1
      icinga2/templates/api.conf.jinja
  5. +5
    -5
      icinga2/templates/zones.conf.jinja

+ 2
- 1
icinga2/defaults.yaml Datei anzeigen

@@ -1,5 +1,6 @@
icinga2:
master_host: salt
master_minion_id: salt
master_fqdn: salt
port: 5665
config:
templates:

+ 2
- 2
icinga2/pki/cert.sls Datei anzeigen

@@ -9,7 +9,7 @@ include:
icinga2_node_ca_cert:
x509.pem_managed:
- name: {{icinga2.pki_dir}}/ca.crt
- text: {{ salt['mine.get'](icinga2.master_host, 'icinga2_ca_cert')[icinga2.master_host]|replace('\n', '') }}
- text: {{ salt['mine.get'](icinga2.master_minion_id, 'icinga2_ca_cert')[icinga2.master_minion_id]|replace('\n', '') }}
- require:
- file: icinga2_pki_dir

@@ -43,7 +43,7 @@ icinga2_node_key_perms:
icinga2_node_cert:
x509.certificate_managed:
- name: {{icinga2.pki_dir}}/{{fqdn}}.crt
- ca_server: {{icinga2.master_host}}
- ca_server: {{icinga2.master_minion_id}}
- signing_policy: icinga2
- public_key: {{icinga2.pki_dir}}/{{fqdn}}.key
- CN: {{fqdn}}

+ 1
- 1
icinga2/pki/node.sls Datei anzeigen

@@ -7,7 +7,7 @@ include:
icinga2_node_master_cert:
x509.pem_managed:
- name: {{icinga2.pki_dir}}/trusted-master.crt
- text: {{ salt['mine.get'](icinga2.master_host, 'icinga2_master_cert')[icinga2.master_host]|replace('\n', '') }}
- text: {{ salt['mine.get'](icinga2.master_minion_id, 'icinga2_master_cert')[icinga2.master_minion_id]|replace('\n', '') }}
- require:
- file: icinga2_pki_dir


+ 1
- 1
icinga2/templates/api.conf.jinja Datei anzeigen

@@ -5,7 +5,7 @@ object ApiListener "api" {
cert_path = SysconfDir + "/icinga2/pki/" + NodeName + ".crt"
key_path = SysconfDir + "/icinga2/pki/" + NodeName + ".key"
ca_path = SysconfDir + "/icinga2/pki/ca.crt"
{% if fqdn != icinga2.master_host -%}
{% if fqdn != icinga2.master_fqdn -%}
accept_config = true
accept_commands = true
{% endif -%}

+ 5
- 5
icinga2/templates/zones.conf.jinja Datei anzeigen

@@ -1,14 +1,14 @@
{%- from 'icinga2/map.jinja' import icinga2 with context %}
{%- set fqdn = salt.grains.get('fqdn') -%}

{% if fqdn != icinga2.master_host -%}
object Endpoint "{{icinga2.master_host}}" {
host = "{{icinga2.master_host}}"
{% if fqdn != icinga2.master_minion_id -%}
object Endpoint "{{icinga2.master_minion_id}}" {
host = "{{icinga2.master_minion_id}}"
port = "5665"
}

object Zone "master" {
endpoints = [ "{{icinga2.master_host}}" ]
endpoints = [ "{{icinga2.master_minion_id}}" ]
}
{%- endif %}

@@ -17,7 +17,7 @@ object Endpoint NodeName {

object Zone ZoneName {
endpoints = [ NodeName ]
{% if fqdn != icinga2.master_host -%}
{% if fqdn != icinga2.master_minion_id -%}
parent = "master"
{%- endif %}
}

Verfassen Vorschau
Laden…
Abbrechen
Speichern