Ricardo Hernandez
8 years ago
5 changed files with 11 additions and 10 deletions
+ 2
- 1
icinga2/defaults.yaml
View File
| icinga2: | icinga2: | ||||
| master_host: salt | |||||
| master_minion_id: salt | |||||
| master_fqdn: salt | |||||
| port: 5665 | port: 5665 | ||||
| config: | config: | ||||
| templates: | templates: |
+ 2
- 2
icinga2/pki/cert.sls
View File
| icinga2_node_ca_cert: | icinga2_node_ca_cert: | ||||
| x509.pem_managed: | x509.pem_managed: | ||||
| - name: {{icinga2.pki_dir}}/ca.crt | - name: {{icinga2.pki_dir}}/ca.crt | ||||
| - text: {{ salt['mine.get'](icinga2.master_host, 'icinga2_ca_cert')[icinga2.master_host]|replace('\n', '') }} | |||||
| - text: {{ salt['mine.get'](icinga2.master_minion_id, 'icinga2_ca_cert')[icinga2.master_minion_id]|replace('\n', '') }} | |||||
| - require: | - require: | ||||
| - file: icinga2_pki_dir | - file: icinga2_pki_dir | ||||
| icinga2_node_cert: | icinga2_node_cert: | ||||
| x509.certificate_managed: | x509.certificate_managed: | ||||
| - name: {{icinga2.pki_dir}}/{{fqdn}}.crt | - name: {{icinga2.pki_dir}}/{{fqdn}}.crt | ||||
| - ca_server: {{icinga2.master_host}} | |||||
| - ca_server: {{icinga2.master_minion_id}} | |||||
| - signing_policy: icinga2 | - signing_policy: icinga2 | ||||
| - public_key: {{icinga2.pki_dir}}/{{fqdn}}.key | - public_key: {{icinga2.pki_dir}}/{{fqdn}}.key | ||||
| - CN: {{fqdn}} | - CN: {{fqdn}} |
+ 1
- 1
icinga2/pki/node.sls
View File
| icinga2_node_master_cert: | icinga2_node_master_cert: | ||||
| x509.pem_managed: | x509.pem_managed: | ||||
| - name: {{icinga2.pki_dir}}/trusted-master.crt | - name: {{icinga2.pki_dir}}/trusted-master.crt | ||||
| - text: {{ salt['mine.get'](icinga2.master_host, 'icinga2_master_cert')[icinga2.master_host]|replace('\n', '') }} | |||||
| - text: {{ salt['mine.get'](icinga2.master_minion_id, 'icinga2_master_cert')[icinga2.master_minion_id]|replace('\n', '') }} | |||||
| - require: | - require: | ||||
| - file: icinga2_pki_dir | - file: icinga2_pki_dir | ||||
+ 1
- 1
icinga2/templates/api.conf.jinja
View File
| cert_path = SysconfDir + "/icinga2/pki/" + NodeName + ".crt" | cert_path = SysconfDir + "/icinga2/pki/" + NodeName + ".crt" | ||||
| key_path = SysconfDir + "/icinga2/pki/" + NodeName + ".key" | key_path = SysconfDir + "/icinga2/pki/" + NodeName + ".key" | ||||
| ca_path = SysconfDir + "/icinga2/pki/ca.crt" | ca_path = SysconfDir + "/icinga2/pki/ca.crt" | ||||
| {% if fqdn != icinga2.master_host -%} | |||||
| {% if fqdn != icinga2.master_fqdn -%} | |||||
| accept_config = true | accept_config = true | ||||
| accept_commands = true | accept_commands = true | ||||
| {% endif -%} | {% endif -%} |
+ 5
- 5
icinga2/templates/zones.conf.jinja
View File
| {%- from 'icinga2/map.jinja' import icinga2 with context %} | {%- from 'icinga2/map.jinja' import icinga2 with context %} | ||||
| {%- set fqdn = salt.grains.get('fqdn') -%} | {%- set fqdn = salt.grains.get('fqdn') -%} | ||||
| {% if fqdn != icinga2.master_host -%} | |||||
| object Endpoint "{{icinga2.master_host}}" { | |||||
| host = "{{icinga2.master_host}}" | |||||
| {% if fqdn != icinga2.master_minion_id -%} | |||||
| object Endpoint "{{icinga2.master_minion_id}}" { | |||||
| host = "{{icinga2.master_minion_id}}" | |||||
| port = "5665" | port = "5665" | ||||
| } | } | ||||
| object Zone "master" { | object Zone "master" { | ||||
| endpoints = [ "{{icinga2.master_host}}" ] | |||||
| endpoints = [ "{{icinga2.master_minion_id}}" ] | |||||
| } | } | ||||
| {%- endif %} | {%- endif %} | ||||
| object Zone ZoneName { | object Zone ZoneName { | ||||
| endpoints = [ NodeName ] | endpoints = [ NodeName ] | ||||
| {% if fqdn != icinga2.master_host -%} | |||||
| {% if fqdn != icinga2.master_minion_id -%} | |||||
| parent = "master" | parent = "master" | ||||
| {%- endif %} | {%- endif %} | ||||
| } | } |
Loading…