module-icingaweb2/manifests/config.pp

# == Class icingaweb2::config
#
class icingaweb2::config (
  $config_dir       = $::icingaweb2::config_dir,
  $config_dir_purge = $::icingaweb2::config_dir_purge,
  $web_root         = $::icingaweb2::web_root,
) {

  if $::icingaweb2::manage_user {
    @user { 'icingaweb2':
      ensure     => present,
      home       => $::icingaweb2::web_root,
      managehome => true,
    }

    @group { 'icingaweb2':
      ensure => present,
      system => true,
    }

    realize(User['icingaweb2'])
    realize(Group['icingaweb2'])
  }

  File {
    require => Class['::icingaweb2::install'],
    owner => $::icingaweb2::config_user,
    group => $::icingaweb2::config_group,
    mode  => $::icingaweb2::config_file_mode,
  }

  file {
    $::icingaweb2::config_dir:
      ensure  => directory,
      mode    => $::icingaweb2::config_dir_mode,
      purge   => $::icingaweb2::config_dir_purge,
      recurse => $::icingaweb2::config_dir_recurse;

    "${::icingaweb2::config_dir}/enabledModules":
      ensure => directory,
      mode   => $::icingaweb2::config_dir_mode;

    "${::icingaweb2::config_dir}/modules":
      ensure => directory,
      mode   => $::icingaweb2::config_dir_mode;

    "${::icingaweb2::config_dir}/authentication.ini":
      ensure => file;

    "${::icingaweb2::config_dir}/config.ini":
      ensure => file;

    "${::icingaweb2::config_dir}/resources.ini":
      ensure => file;

    "${::icingaweb2::config_dir}/roles.ini":
      ensure => file;

    $::icingaweb2::web_root:
      ensure => directory,
      mode   => $::icingaweb2::config_dir_mode;

    "${::icingaweb2::web_root}/modules":
      ensure => directory,
      mode   => $::icingaweb2::config_dir_mode;
  }

  # Configure authentication.ini settings
  case $::icingaweb2::auth_backend {
    'db': {
      icingaweb2::config::authentication_database { 'Local Database Authentication':
        auth_section  => 'icingaweb2',
        auth_resource => $::icingaweb2::auth_resource,
      }
    }
    'external': {
      icingaweb2::config::authentication_external { 'External Authentication':
        auth_section  => 'icingaweb2',
      }
    }
    'ldap': {
      icingaweb2::config::authentication_ldap { 'LDAP Authentication':
        auth_section        => 'icingaweb2',
        auth_resource       => 'ldap',
        user_class          => $::icingaweb2::auth_ldap_user_class,
        user_name_attribute => $::icingaweb2::auth_ldap_user_name_attribute,
        filter              => $::icingaweb2::auth_ldap_filter,
        base_dn             => $::icingaweb2::auth_ldap_base_dn,
      }
    }
    default: {}
  }

  # Configure config.ini settings
  Ini_Setting {
    ensure  => present,
    require => File["${::icingaweb2::config_dir}/config.ini"],
    path    => "${::icingaweb2::config_dir}/config.ini",
  }

  # Logging Configuration
  ini_setting { 'icingaweb2 config logging method':
    section => 'logging',
    setting => 'log',
    value   => "\"${::icingaweb2::log_method}\"",
  }

  ini_setting { 'icingaweb2 config logging level':
    section => 'logging',
    setting => 'level',
    value   => "\"${::icingaweb2::log_level}\"",
  }

  ini_setting { 'icingaweb2 config logging application':
    section => 'logging',
    setting => 'application',
    value   => "\"${::icingaweb2::log_application}\"",
  }

  # Preferences Configuration
  ini_setting { 'icingaweb2 config preferences store':
    section => 'preferences',
    setting => 'store',
    value   => "\"${::icingaweb2::log_store}\"",
  }

  ini_setting { 'icingaweb2 config preferences resource':
    section => 'preferences',
    setting => 'resource',
    value   => "\"${::icingaweb2::log_resource}\"",
  }

  # Configure resources.ini
  icingaweb2::config::resource_database { 'icingaweb_db':
    resource_db       => $::icingaweb2::web_db,
    resource_host     => $::icingaweb2::web_db_host,
    resource_port     => $::icingaweb2::web_db_port,
    resource_dbname   => $::icingaweb2::web_db_name,
    resource_username => $::icingaweb2::web_db_user,
    resource_password => $::icingaweb2::web_db_pass,
  }

  icingaweb2::config::resource_database { 'icinga_ido':
    resource_db       => $::icingaweb2::ido_db,
    resource_host     => $::icingaweb2::ido_db_host,
    resource_port     => $::icingaweb2::ido_db_port,
    resource_dbname   => $::icingaweb2::ido_db_name,
    resource_username => $::icingaweb2::ido_db_user,
    resource_password => $::icingaweb2::ido_db_pass,
  }

  if $::icingaweb2::auth_backend == 'ldap' {
    icingaweb2::config::resource_ldap { 'ldap':
      resource_host       => $::icingaweb2::ldap_host,
      resource_bind_dn    => $::icingaweb2::ldap_bind_dn,
      resource_bind_pw    => $::icingaweb2::ldap_bind_pw,
      resource_port       => $::icingaweb2::ldap_port,
      resource_root_dn    => $::icingaweb2::ldap_root_dn,
      resource_encryption => $::icingaweb2::ldap_encryption,
    }
  }

  # Configure roles.ini
  icingaweb2::config::roles { 'Admins':
    role_users       => $::icingaweb2::admin_users,
    role_permissions => $::icingaweb2::admin_permissions,
  }

  if $::icingaweb2::manage_apache_vhost {
    ::apache::custom_config { 'icingaweb2':
      content => template($::icingaweb2::template_apache),
    }
  }
}
Initial commit 2015-02-20 10:40:45 +01:00			`# == Class icingaweb2::config`
			`#`
Puppet 4.0.0 compatibility fixes 2015-04-23 11:26:23 +02:00			`class icingaweb2::config (`
Allowing to purge the confiruration directory 2015-09-17 16:20:19 +02:00			`$config_dir = $::icingaweb2::config_dir,`
			`$config_dir_purge = $::icingaweb2::config_dir_purge,`
			`$web_root = $::icingaweb2::web_root,`
Puppet 4.0.0 compatibility fixes 2015-04-23 11:26:23 +02:00			`) {`
Configure $config_user, $config_group 2015-02-20 13:08:43 +01:00
add parameter manage_user which defines if user and group should be managed by this module. This gives you the possibility to manage the user and group with another module or manually. The default value is set to true so it doesn't change the existent behaviour of this module. 2016-01-27 13:47:32 +01:00			`if $::icingaweb2::manage_user {`
			`@user { 'icingaweb2':`
			`ensure => present,`
			`home => $::icingaweb2::web_root,`
			`managehome => true,`
			`}`
Configure $config_user, $config_group 2015-02-20 13:08:43 +01:00
add parameter manage_user which defines if user and group should be managed by this module. This gives you the possibility to manage the user and group with another module or manually. The default value is set to true so it doesn't change the existent behaviour of this module. 2016-01-27 13:47:32 +01:00			`@group { 'icingaweb2':`
			`ensure => present,`
			`system => true,`
			`}`

			`realize(User['icingaweb2'])`
			`realize(Group['icingaweb2'])`
			`}`
Configure $config_user, $config_group 2015-02-20 13:08:43 +01:00
Initial commit 2015-02-20 10:40:45 +01:00			`File {`
			`require => Class['::icingaweb2::install'],`
Lintian fix 2015-02-23 10:49:32 +01:00			`owner => $::icingaweb2::config_user,`
			`group => $::icingaweb2::config_group,`
			`mode => $::icingaweb2::config_file_mode,`
Initial commit 2015-02-20 10:40:45 +01:00			`}`

			`file {`
			`$::icingaweb2::config_dir:`
			`ensure => directory,`
			`mode => $::icingaweb2::config_dir_mode,`
Allowing to purge the confiruration directory 2015-09-17 16:20:19 +02:00			`purge => $::icingaweb2::config_dir_purge,`
Initial commit 2015-02-20 10:40:45 +01:00			`recurse => $::icingaweb2::config_dir_recurse;`

			`"${::icingaweb2::config_dir}/enabledModules":`
Style fixes 2015-04-23 11:40:42 +02:00			`ensure => directory,`
			`mode => $::icingaweb2::config_dir_mode;`
Initial commit 2015-02-20 10:40:45 +01:00
			`"${::icingaweb2::config_dir}/modules":`
Style fixes 2015-04-23 11:40:42 +02:00			`ensure => directory,`
			`mode => $::icingaweb2::config_dir_mode;`
Initial commit 2015-02-20 10:40:45 +01:00
			`"${::icingaweb2::config_dir}/authentication.ini":`
Fix PuppetLint warnings due to config rewrite 2015-04-07 13:59:48 +02:00			`ensure => file;`
Initial commit 2015-02-20 10:40:45 +01:00
			`"${::icingaweb2::config_dir}/config.ini":`
Style fixes 2015-04-23 11:40:42 +02:00			`ensure => file;`
Initial commit 2015-02-20 10:40:45 +01:00
			`"${::icingaweb2::config_dir}/resources.ini":`
Style fixes 2015-04-23 11:40:42 +02:00			`ensure => file;`
Initial commit 2015-02-20 10:40:45 +01:00
			`"${::icingaweb2::config_dir}/roles.ini":`
Style fixes 2015-04-23 11:40:42 +02:00			`ensure => file;`
Create $web_root directory 2015-02-20 12:28:33 +01:00
			`$::icingaweb2::web_root:`
Style fixes 2015-02-20 13:04:10 +01:00			`ensure => directory,`
			`mode => $::icingaweb2::config_dir_mode;`
Add modules directory 2015-04-22 13:02:05 +02:00
			`"${::icingaweb2::web_root}/modules":`
			`ensure => directory,`
			`mode => $::icingaweb2::config_dir_mode;`
Initial commit 2015-02-20 10:40:45 +01:00			`}`
Manage apache vhost 2015-02-20 15:50:42 +01:00
Moving away from templates to usign inifile from Puppetlabs/inifile 2015-03-16 18:44:56 +01:00			`# Configure authentication.ini settings`
Fix usage of wrong parameter for auth backend 2015-04-07 14:22:33 +02:00			`case $::icingaweb2::auth_backend {`
Fix authentication configuration auth_method => external Was not handled at all, but provided as defined type. admin_users => [ list ] Was written into the wrong ini value 2015-04-07 13:40:54 +02:00			`'db': {`
			`icingaweb2::config::authentication_database { 'Local Database Authentication':`
			`auth_section => 'icingaweb2',`
			`auth_resource => $::icingaweb2::auth_resource,`
			`}`
			`}`
			`'external': {`
			`icingaweb2::config::authentication_external { 'External Authentication':`
			`auth_section => 'icingaweb2',`
			`}`
			`}`
Add possibility to set auth_backend to ldap next to the already existing possibilities db and external. If auth_backend is set to ldap an ldap ressource and an ldap authentication configuration is generated. Also support for ldap encryption is added. 2016-05-11 11:57:59 +02:00			`'ldap': {`
			`icingaweb2::config::authentication_ldap { 'LDAP Authentication':`
			`auth_section => 'icingaweb2',`
			`auth_resource => 'ldap',`
			`user_class => $::icingaweb2::auth_ldap_user_class,`
			`user_name_attribute => $::icingaweb2::auth_ldap_user_name_attribute,`
			`filter => $::icingaweb2::auth_ldap_filter,`
			`base_dn => $::icingaweb2::auth_ldap_base_dn,`
			`}`
			`}`
Fix authentication configuration auth_method => external Was not handled at all, but provided as defined type. admin_users => [ list ] Was written into the wrong ini value 2015-04-07 13:40:54 +02:00			`default: {}`
Moving away from templates to usign inifile from Puppetlabs/inifile 2015-03-16 18:44:56 +01:00			`}`

			`# Configure config.ini settings`
			`Ini_Setting {`
			`ensure => present,`
			`require => File["${::icingaweb2::config_dir}/config.ini"],`
			`path => "${::icingaweb2::config_dir}/config.ini",`
			`}`

			`# Logging Configuration`
			`ini_setting { 'icingaweb2 config logging method':`
			`section => 'logging',`
			`setting => 'log',`
			`value => "\"${::icingaweb2::log_method}\"",`
			`}`
Style fixes 2015-04-23 11:40:42 +02:00
Moving away from templates to usign inifile from Puppetlabs/inifile 2015-03-16 18:44:56 +01:00			`ini_setting { 'icingaweb2 config logging level':`
			`section => 'logging',`
			`setting => 'level',`
			`value => "\"${::icingaweb2::log_level}\"",`
			`}`
Style fixes 2015-04-23 11:40:42 +02:00
Moving away from templates to usign inifile from Puppetlabs/inifile 2015-03-16 18:44:56 +01:00			`ini_setting { 'icingaweb2 config logging application':`
			`section => 'logging',`
			`setting => 'application',`
			`value => "\"${::icingaweb2::log_application}\"",`
			`}`

			`# Preferences Configuration`
			`ini_setting { 'icingaweb2 config preferences store':`
			`section => 'preferences',`
			`setting => 'store',`
			`value => "\"${::icingaweb2::log_store}\"",`
			`}`
Style fixes 2015-04-23 11:40:42 +02:00
Moving away from templates to usign inifile from Puppetlabs/inifile 2015-03-16 18:44:56 +01:00			`ini_setting { 'icingaweb2 config preferences resource':`
			`section => 'preferences',`
			`setting => 'resource',`
			`value => "\"${::icingaweb2::log_resource}\"",`
			`}`

			`# Configure resources.ini`
			`icingaweb2::config::resource_database { 'icingaweb_db':`
Fix PuppetLint warnings due to config rewrite 2015-04-07 13:59:48 +02:00			`resource_db => $::icingaweb2::web_db,`
			`resource_host => $::icingaweb2::web_db_host,`
			`resource_port => $::icingaweb2::web_db_port,`
			`resource_dbname => $::icingaweb2::web_db_name,`
			`resource_username => $::icingaweb2::web_db_user,`
			`resource_password => $::icingaweb2::web_db_pass,`
Moving away from templates to usign inifile from Puppetlabs/inifile 2015-03-16 18:44:56 +01:00			`}`

			`icingaweb2::config::resource_database { 'icinga_ido':`
Fix PuppetLint warnings due to config rewrite 2015-04-07 13:59:48 +02:00			`resource_db => $::icingaweb2::ido_db,`
			`resource_host => $::icingaweb2::ido_db_host,`
			`resource_port => $::icingaweb2::ido_db_port,`
			`resource_dbname => $::icingaweb2::ido_db_name,`
			`resource_username => $::icingaweb2::ido_db_user,`
			`resource_password => $::icingaweb2::ido_db_pass,`
Moving away from templates to usign inifile from Puppetlabs/inifile 2015-03-16 18:44:56 +01:00			`}`

Add possibility to set auth_backend to ldap next to the already existing possibilities db and external. If auth_backend is set to ldap an ldap ressource and an ldap authentication configuration is generated. Also support for ldap encryption is added. 2016-05-11 11:57:59 +02:00			`if $::icingaweb2::auth_backend == 'ldap' {`
			`icingaweb2::config::resource_ldap { 'ldap':`
			`resource_host => $::icingaweb2::ldap_host,`
			`resource_bind_dn => $::icingaweb2::ldap_bind_dn,`
			`resource_bind_pw => $::icingaweb2::ldap_bind_pw,`
			`resource_port => $::icingaweb2::ldap_port,`
			`resource_root_dn => $::icingaweb2::ldap_root_dn,`
			`resource_encryption => $::icingaweb2::ldap_encryption,`
			`}`
			`}`

Moving away from templates to usign inifile from Puppetlabs/inifile 2015-03-16 18:44:56 +01:00			`# Configure roles.ini`
			`icingaweb2::config::roles { 'Admins':`
Fix PuppetLint warnings due to config rewrite 2015-04-07 13:59:48 +02:00			`role_users => $::icingaweb2::admin_users,`
			`role_permissions => $::icingaweb2::admin_permissions,`
Moving away from templates to usign inifile from Puppetlabs/inifile 2015-03-16 18:44:56 +01:00			`}`

Manage apache vhost 2015-02-20 15:50:42 +01:00			`if $::icingaweb2::manage_apache_vhost {`
			`::apache::custom_config { 'icingaweb2':`
Fix PuppetLint warnings due to config rewrite 2015-04-07 13:59:48 +02:00			`content => template($::icingaweb2::template_apache),`
Manage apache vhost 2015-02-20 15:50:42 +01:00			`}`
			`}`
Initial commit 2015-02-20 10:40:45 +01:00			`}`