Version information
This version is compatible with:
- Puppet Enterprise 2023.1.x, 2023.0.x, 2021.7.x, 2021.6.x, 2021.5.x, 2021.4.x, 2021.3.x, 2021.2.x, 2021.1.x, 2021.0.x, 2019.8.x, 2019.7.x, 2019.5.x, 2019.4.x, 2019.3.x, 2019.2.x, 2019.1.x, 2019.0.x
- Puppet >= 6.0.0 < 8.0.0
- , , , , , ,
Start using this module
Add this module to your Puppetfile:
mod 'icinga-icingaweb2', '3.8.0'
Learn more about managing modules with a PuppetfileDocumentation
Icinga Web 2 Puppet Module
Table of Contents
- Overview
- Module Description - What the module does and why it is useful
- Setup - The basics of getting started with Icinga Web 2
- Usage - Configuration options and additional functionality
- Reference
- Development - Guide for contributing to the module
Overview
Icinga Web 2 is the associated web interface for the open source monitoring tool Icinga 2. This module helps with installing and managing configuration of Icinga Web 2 and its modules on multiple operating systems.
Description
This module installs and configures Icinga Web 2 on your Linux host by using the official packages from packages.icinga.com. Dependend packages are installed as they are defined in the Icinga Web 2 package.
This module can manage all configurations files of Icinga Web 2 and import an initial database schema. It can install and manage all official modules as well as modules developed by the community.
What's new in version 3.0.0
- The current version now uses the
icinga::repos
class from the new moduleicinga
for the configuration of repositories including EPEL on RedHat and Backports on Debian. (see https://github.com/icinga/puppet-icinga)
Setup
What the Icinga 2 Puppet module supports
- Installation of Icinga Web 2 via packages
- Configuration
- MySQL / PostgreSQL database schema import
- Install and manage official Icinga Web 2 modules
- Install community modules
Dependencies
This module depends on
- icinga/icinga >= 1.0.0
- needed if
manage_repos
is set totrue
- needed if
- puppetlabs/stdlib >= 4.25.0
- puppetlabs/vcsrepo >= 1.3.0
- puppetlabs/concat >= 2.0.1
Limitations
This module has been tested on:
- Debian 10, 11
- CentOS/RHEL 7
- Requires Software Collections Repository
- RHEL/AlmaLinux/Rocky 8, 9
- Requires an Icinga Subscription for all versions >= 2.9.5 of Icinga Web 2.
- Ubuntu 20.04, 22.04
- SLES 15
Other operating systems or versions may work but have not been tested.
Usage
NOTE: If you plan to use additional modules from git, the CLI git
command has to be installed. You can manage it yourself as package resource or declare the package name in extra_packages
.
By default, your distribution's packages are used to install Icinga Web 2.
Use the manage_repos
parameter to configure repositories by default the official and stable packages.icinga.com. To configure your own
repositories, or use the official testing or nightly snapshot stage, see https://github.com/icinga/puppet-icinga.
class { '::icingaweb2':
manage_repos => true,
}
The usage of this module isn't simple. That depends on how Icinga Web 2 is implemented. Monitoring is here just a module in a framework. All basic stuff like authentication, logging or authorization is done by this framework. To store user and usergroups in a MySQL database, the database has to exist:
mysql::db { 'icingaweb2':
user => 'icingaweb2',
password => 'supersecret',
host => 'localhost',
grant => [ 'ALL' ],
}
class { 'icingaweb2':
manage_repos => true,
import_schema => true,
db_type => 'mysql',
db_host => 'localhost',
db_port => 3306,
db_username => 'icingaweb2',
db_password => 'supersecret',
config_backend => 'db',
extra_packages => [ 'git' ],
require => Mysql::Db['icingaweb2'],
}
If you set import_schema
to true
an default admin user icingaadmin
with password icinga
will be created automatically and you're allowed to login.
In case that import_schema
is disabled or you'd like to use a different backend for authorization like LDAP, more work is required. At first we need a ressource with credentials to connect a LDAP server:
class {'icingaweb2':
manage_repos => true,
}
icingaweb2::resource::ldap { 'my-ldap':
type => 'ldap',
host => 'localhost',
port => 389,
root_dn => 'ou=users,dc=icinga,dc=com',
bind_dn => 'cn=icingaweb2,ou=users,dc=icinga,dc=com',
bind_pw => 'supersecret',
}
With the help of this resource, we are now creating user and group backends. Users are permitted to login and users and groups will later be used for authorization.
icingaweb2::config::authmethod { 'ldap-auth':
backend => 'ldap',
resource => 'my-ldap',
ldap_user_class => 'user',
ldap_filter => '(memberof:1.2.840.113556.1.4.1941:=CN=monitoring,OU=groups,DC=icinga,DC=com)',
ldap_user_name_attribute => 'cn',
order => '05',
}
icingaweb2::config::groupbackend { 'ldap-groups':
backend => 'ldap',
resource => 'my-ldap',
ldap_group_class => 'group',
ldap_group_name_attribute => 'cn',
ldap_group_member_attribute => 'member',
ldap_base_dn => 'ou=groups,dc=icinga,dc=com',
domain => 'icinga.com',
}
So that a group gets admin rights a role has to manage:
icingaweb2::config::role { 'default admin user':
groups => 'icingaadmins',
permissions => '*',
}
All available permissions for module monitoring are listed below:
| Description | Value |
|-------------|-------|
| Allow everything | *
|
| Allow to share navigation items | application/share/navigation
|
| Allow to adjust in the preferences whether to show stacktraces | application/stacktraces
|
| Allow to view the application log | application/log
|
| Grant admin permissions, e.g. manage announcements | admin
|
| Allow config access | config/*
|
| Allow access to module doc | module/doc
|
| Allow access to module monitoring | module/monitoring
|
| Allow all commands | monitoring/command/*
|
| Allow scheduling host and service checks | monitoring/command/schedule-check
|
| Allow acknowledging host and service problems | monitoring/command/acknowledge-problem
|
| Allow removing problem acknowledgements | monitoring/command/remove-acknowledgement
|
| Allow adding and deleting host and service comments | monitoring/command/comment/*
|
| Allow commenting on hosts and services | monitoring/command/comment/add
|
| Allow deleting host and service comments | monitoring/command/comment/delete
|
| Allow scheduling and deleting host and service downtimes | monitoring/command/downtime/*
|
| Allow scheduling host and service downtimes | monitoring/command/downtime/schedule
|
| Allow deleting host and service downtimes | monitoring/command/downtime/delete
|
| Allow processing host and service check results | monitoring/command/process-check-result
|
| Allow processing commands for toggling features on an instance-wide basis | monitoring/command/feature/instance
|
| Allow processing commands for toggling features on host and service objects | monitoring/command/feature/object/*
) |
| Allow processing commands for toggling active checks on host and service objects | monitoring/command/feature/object/active-checks
|
| Allow processing commands for toggling passive checks on host and service objects | monitoring/command/feature/object/passive-checks
|
| Allow processing commands for toggling notifications on host and service objects | monitoring/command/feature/object/notifications
|
| Allow processing commands for toggling event handlers on host and service objects | monitoring/command/feature/object/event-handler
|
| Allow processing commands for toggling flap detection on host and service objects | monitoring/command/feature/object/flap-detection
|
| Allow sending custom notifications for hosts and services | monitoring/command/send-custom-notification
|
| Allow access to module setup | module/setup
|
| Allow access to module test | module/test
|
| Allow access to module translation | module/translation
|
Finally we configure the monitoring with the needed connection to the IDO to get information and an API user to send commands to Icinga 2:
class {'icingaweb2::module::monitoring':
ido_host => 'localhost',
ido_db_type => 'mysql',
ido_db_name => 'icinga2',
ido_db_username => 'icinga2',
ido_db_password => 'supersecret',
commandtransports => {
icinga2 => {
transport => 'api',
username => 'icingaweb2',
password => 'supersecret',
}
}
}
Reference
See REFERENCE.md
Development
A roadmap of this project is located at https://github.com/Icinga/puppet-icingaweb2/milestones. Please consider this roadmap when you start contributing to the project.
Contributing
When contributing several steps such as pull requests and proper testing implementations are required. Find a detailed step by step guide in CONTRIBUTING.md.
Testing
Testing is essential in our workflow to ensure a good quality. We use RSpec as well as Serverspec to test all components of this module. For a detailed description see TESTING.md.
Release Notes
When releasing new versions we refer to [SemVer 1.0.0] for version numbers. All steps required when creating a new release are described in RELEASE.md
See also CHANGELOG.md
Authors
AUTHORS is generated on each release.
Reference
Table of Contents
Classes
Public Classes
icingaweb2
: Installs and configures Icinga Web 2.icingaweb2::globals
: This class loads the default parameters by doing a hiera lookup.icingaweb2::module::audit
: Installs and enables the audit module.icingaweb2::module::businessprocess
: Installs and enables the businessprocess module.icingaweb2::module::cube
: Installs and enables the cube module.icingaweb2::module::director
: Installs and configures the director module.icingaweb2::module::director::service
: Installs and configures the director service.icingaweb2::module::doc
: The doc module provides an interface to the Icinga 2 and Icinga Web 2 documentation.icingaweb2::module::elasticsearch
: The Elasticsearch module displays events from data stored in Elasticsearch.icingaweb2::module::fileshipper
: The fileshipper module extends the Director. It offers import sources to deal with CSV, JSON, YAML and XML files.icingaweb2::module::generictts
: Installs and enables the generictts module.icingaweb2::module::graphite
: The Graphite module draws graphs out of time series data stored in Graphite.icingaweb2::module::icingadb
: Manages the icingadb module. This module is still optional at the moment.icingaweb2::module::idoreports
: Installs, configures and enables the idoreports module.icingaweb2::module::incubator
: Installs and enables the incubator module.icingaweb2::module::ipl
: Installs and enables the ipl module.icingaweb2::module::monitoring
: Manages the monitoring module. This module is mandatory for probably every setup.icingaweb2::module::pdfexport
: Installs, configures and enables the pdfexport module.icingaweb2::module::puppetdb
: Installs and configures the puppetdb module.icingaweb2::module::reactbundle
: Installs and enables the reactbundle module.icingaweb2::module::reporting
: Installs the reporting pluginicingaweb2::module::reporting::service
: Installs and configures the reporting scheduler.icingaweb2::module::translation
: Installs and configures the translation module.icingaweb2::module::vsphere
: The vSphere module extends the Director. It provides import sources for virtual machines and physical hosts from vSphere.icingaweb2::module::vspheredb
: Installs the vsphereDB pluginicingaweb2::module::vspheredb::service
: Installs and configures the vspheredb service.
Private Classes
icingaweb2::config
: Configures Icinga Web 2.icingaweb2::install
: Installs Icinga Web 2 and extra packages.
Defined types
Public Defined types
icingaweb2::config::authmethod
: Manage Icinga Web 2 authentication methods. Auth methods may be chained by setting proper ordering.icingaweb2::config::dashboard
: Manage a dashboard.icingaweb2::config::dashlet
: Manage a dashlet.icingaweb2::config::groupbackend
: Groups of users can be stored either in a database, LDAP or ActiveDirectory. This defined type configures backends that store groups.icingaweb2::config::navigation
: Navigate defines a menu entry, host- or service action.icingaweb2::config::resource
: Create and remove Icinga Web 2 resources. Resources may be referenced in other configuration sections.icingaweb2::config::role
: Roles define a set of permissions that may be applied to users or groups.icingaweb2::inisection
: Manage settings in INI configuration files.icingaweb2::module
: Download, enable and configure Icinga Web 2 modules.icingaweb2::resource::database
: Create and remove Icinga Web 2 database resources.icingaweb2::resource::ldap
: Create and remove Icinga Web 2 resources. Resources may be referenced in other configuration sections.
Private Defined types
icingaweb2::module::elasticsearch::eventtype
: Manages an Elasticsearch event typesicingaweb2::module::elasticsearch::instance
: Manages an Elasticsearch instanceicingaweb2::module::fileshipper::basedir
: Manages base directories for the fileshipper module.icingaweb2::module::fileshipper::directory
: Manages directories with plain Icinga 2 configuration files.icingaweb2::module::generictts::ticketsystem
: Manages ticketsystem configuration for the generictts module.icingaweb2::module::icingadb::commandtransport
: Manages commandtransport configuration for the icingadb module.icingaweb2::module::monitoring::commandtransport
: Manages commandtransport configuration for the monitoring module.icingaweb2::module::puppetdb::certificate
: Installs a certificate for the Icinga Web 2 puppetdb module.icingaweb2::tls::client
: A class to generate tls key, cert and cacert paths.
Functions
icingaweb2::assert_module
: This function returns a fail if the icingaweb2 class isn't declared.icingaweb2::cert::files
: Choose the path of tls key, cert and ca file.icingaweb2::db::connect
: This function returns a string to connect databases with or without TLS information.icingaweb2::unwrap
: This function returns an unwrap string if necessary.
Data types
Icingaweb2::AdminRole
: A strict type for the default admin roleIcingaweb2::Secret
: A strict type for the secrets like passwords or keys
Classes
icingaweb2
oracle
, mssql
, ibm
, oci
, sqlite
goes to icingaweb2::resource::database
.
Examples
Use MySQL as backend for user authentication:
include ::mysql::server
mysql::db { 'icingaweb2':
user => 'icingaweb2',
password => Sensitive('supersecret'),
host => 'localhost',
grant => [ 'ALL' ],
}
class { 'icingaweb2':
manage_repos => true,
import_schema => true,
db_type => 'mysql',
db_host => 'localhost',
db_port => 3306,
db_username => 'icingaweb2',
db_password => Sensitive('supersecret'),
require => Mysql::Db['icingaweb2'],
}
Use PostgreSQL as backend for user authentication:
include ::postgresql::server
postgresql::server::db { 'icingaweb2':
user => 'icingaweb2',
password => postgresql_password('icingaweb2', Sensitive('icingaweb2')),
}
class { 'icingaweb2':
manage_repos => true,
import_schema => true,
db_type => 'pgsql',
db_host => 'localhost',
db_port => 5432,
db_username => 'icingaweb2',
db_password => 'icingaweb2',
require => Postgresql::Server::Db['icingaweb2'],
}
Icinga Web 2 with an additional resource of type ldap
, e.g. for authentication:
class { 'icingaweb2':
resources => {
'my-ldap' => {
type => 'ldap',
host => 'localhost',
port => 389,
root_dn => 'ou=users,dc=icinga,dc=com',
bind_dn => 'cn=icingaweb2,ou=users,dc=icinga,dc=com',
bind_pw => Sensitive('supersecret'),
}
},
user_backends => {
'ldap-auth' => {
backend => 'ldap',
resource => 'my-ldap',
ldap_user_class => 'user',
ldap_filter => '(memberof:1.2.840.113556.1.4.1941:=CN=monitoring,OU=groups,DC=icinga,DC=com)',
ldap_user_name_attribute => 'userPrincipalName',
order => '05',
},
},
group_backends => {
'ldap-auth' => {
backend => 'ldap',
resource => 'my-ldap',
ldap_group_class => 'group',
ldap_group_name_attribute => 'cn',
ldap_group_member_attribute => 'member',
ldap_base_dn => 'ou=groups,dc=icinga,dc=com',
domain => 'icinga.com',
order => '05',
},
},
}
Parameters
The following parameters are available in the icingaweb2
class:
logging
logging_file
logging_level
logging_facility
logging_application
show_stacktraces
module_path
theme
theme_disabled
manage_repo
manage_repos
manage_package
extra_packages
import_schema
db_type
db_host
db_port
db_name
db_username
db_password
use_tls
tls_key_file
tls_cert_file
tls_cacert_file
tls_key
tls_cert
tls_cacert
tls_capath
tls_noverify
tls_cipher
config_backend
conf_user
conf_group
default_domain
cookie_path
admin_role
default_admin_username
default_admin_password
resources
user_backends
group_backends
logging
Data type: Enum['file', 'syslog', 'php', 'none']
Whether Icinga Web 2 should log to 'file', 'syslog' or 'php' (web server's error log). Setting 'none' disables logging.
Default value: 'file'
logging_file
Data type: Stdlib::Absolutepath
If 'logging' is set to 'file', this is the target log file.
logging_level
Data type: Enum['ERROR', 'WARNING', 'INFO', 'DEBUG']
Logging verbosity. Possible values are 'ERROR', 'WARNING', 'INFO' and 'DEBUG'.
Default value: 'INFO'
logging_facility
Data type: Pattern[/user|local[0-7]/]
Logging facility when using syslog. Possible values are 'user' or 'local0' up to 'local7'.
Default value: 'user'
logging_application
Data type: String
Logging application name when using syslog.
Default value: 'icingaweb2'
show_stacktraces
Data type: Boolean
Whether to display stacktraces in the web interface or not.
Default value: false
module_path
Data type: Optional[Variant[Stdlib::Absolutepath, Array[Stdlib::Absolutepath]]]
Additional path to module sources. Multiple paths must be separated by colon.
Default value: undef
theme
Data type: String
The default theme setting. Users may override this settings.
Default value: 'Icinga'
theme_disabled
Data type: Boolean
Whether users can change themes or not.
Default value: false
manage_repo
Data type: Boolean
Deprecated, use manage_repos.
Default value: false
manage_repos
Data type: Boolean
When set to true this module will use the module icinga/puppet-icinga to manage repositories, e.g. the release repo on packages.icinga.com repository by default, the EPEL repository or Backports. For more information, see http://github.com/icinga/puppet-icinga.
Default value: false
manage_package
Data type: Boolean
If set to false
packages aren't managed.
Default value: true
extra_packages
Data type: Optional[Array[String]]
An array of packages to install additionally.
Default value: undef
import_schema
Data type: Variant[Boolean, Enum['mariadb', 'mysql']]
Whether to import the MySQL schema or not. New options mariadb
and mysql
,
both means true. With mariadb its cli options are used for the import,
whereas with mysql its different options.
Default value: false
db_type
Data type: Enum['mysql', 'pgsql']
Database type, can be either mysql
or pgsql
.
Default value: 'mysql'
db_host
Data type: Stdlib::Host
Database hostname.
Default value: 'localhost'
db_port
Data type: Optional[Stdlib::Port]
Port to connect on the database host.
Default value: undef
db_name
Data type: String
Database name.
Default value: 'icingaweb2'
db_username
Data type: String
Username for database access.
Default value: 'icingaweb2'
db_password
Data type: Optional[Icingaweb2::Secret]
Password for database access.
Default value: undef
use_tls
Data type: Optional[Boolean]
Either enable or disable TLS encryption to the database. Other TLS parameters are only affected if this is set to 'true'.
Default value: undef
tls_key_file
Data type: Optional[Stdlib::Absolutepath]
Location of the private key for client authentication. Only valid if tls is enabled.
Default value: undef
tls_cert_file
Data type: Optional[Stdlib::Absolutepath]
Location of the certificate for client authentication. Only valid if tls is enabled.
Default value: undef
tls_cacert_file
Data type: Optional[Stdlib::Absolutepath]
Location of the ca certificate. Only valid if tls is enabled.
Default value: undef
tls_key
Data type: Optional[Icingaweb2::Secret]
The private key to store in spicified tls_key_file
file. Only valid if tls is enabled.
Default value: undef
tls_cert
Data type: Optional[String]
The certificate to store in spicified tls_cert_file
file. Only valid if tls is enabled.
Default value: undef
tls_cacert
Data type: Optional[String]
The ca certificate to store in spicified tls_cacert_file
file. Only valid if tls is enabled.
Default value: undef
tls_capath
Data type: Optional[Stdlib::Absolutepath]
The file path to the directory that contains the trusted SSL CA certificates, which are stored in PEM format. Only available for the mysql database.
Default value: undef
tls_noverify
Data type: Optional[Boolean]
Disable validation of the server certificate.
Default value: undef
tls_cipher
Data type: Optional[String]
Cipher to use for the encrypted database connection.
Default value: undef
config_backend
Data type: Enum['ini', 'db']
The global Icinga Web 2 preferences can either be stored in a database or in ini files. This parameter can either
be set to db
or ini
.
Default value: 'ini'
conf_user
Data type: String
By default this module expects Apache2 on the server. You can change the owner of the config files with this parameter.
conf_group
Data type: String
Group membership of config files.
default_domain
Data type: Optional[String]
When using domain-aware authentication, you can set a default domain here.
Default value: undef
cookie_path
Data type: Optional[Stdlib::Absolutepath]
Path to where cookies are stored.
Default value: undef
admin_role
Data type: Variant[Icingaweb2::AdminRole, Boolean[false]]
Manage a role for admin access.
default_admin_username
Data type: String
Default username for initial admin access. This parameter is only used
if import_schema
is set to true
and only during the import itself.
default_admin_password
Data type: Icingaweb2::Secret
Default password for initial admin access. This parameter is only used
if import_schema
is set to true
and only during the import itself.
resources
Data type: Hash[String, Hash[String, Any]]
Additional resources. Option type
has to be set as hash key. Type of ldap
declares a define resource of icingaweb2::resource::ldap
, a type of mysql
, pgsql
,
Default value: {}
user_backends
Data type: Hash[String, Hash[String, Any]]
Additional user backends for access control. See icingaweb2::config::authmethod
.
Default value: {}
group_backends
Data type: Hash[String, Hash[String, Any]]
Additional group backends for access control. See icingaweb2::config::groupbackend
.
Default value: {}
icingaweb2::globals
This class loads the default parameters by doing a hiera lookup.
- Note This parameters depend on the os plattform. Changes maybe will break the functional capability of the supported plattforms and versions. Please only do changes when you know what you're doing.
Parameters
The following parameters are available in the icingaweb2::globals
class:
package_name
conf_dir
data_dir
role_replace
comp_db_schema_dir
default_module_path
mysql_db_schema
pgsql_db_schema
mysql_vspheredb_schema
pgsql_vspheredb_schema
mysql_reporting_schema
pgsql_reporting_schema
mysql_idoreports_slaperiods
mysql_idoreports_sla_percent
pgsql_idoreports_slaperiods
pgsql_idoreports_sla_percent
gettext_package_name
icingacli_bin
package_name
Data type: String
Package to install.
conf_dir
Data type: Stdlib::Absolutepath
Path to the config files.
data_dir
Data type: Stdlib::Absolutepath
Location of PHP data files.
role_replace
Data type: Boolean
Specifies whether to overwrite the roles.ini file if it already exists.
comp_db_schema_dir
Data type: Stdlib::Absolutepath
For compatibility, since in Icinga Web 2 2.11.4 the schema files have been moved.
default_module_path
Data type: Stdlib::Absolutepath
Location of the modules.
mysql_db_schema
Data type: Stdlib::Absolutepath
Location of the database schema for MySQL/MariaDB.
pgsql_db_schema
Data type: Stdlib::Absolutepath
Location of the database schema for PostgreSQL.
mysql_vspheredb_schema
Data type: Stdlib::Absolutepath
Location of the vspheredb database schema for MySQL/MariaDB.
pgsql_vspheredb_schema
Data type: Stdlib::Absolutepath
Location of the vspheredb database schema for PostgreSQL.
mysql_reporting_schema
Data type: Stdlib::Absolutepath
Location of the reporting database schema for MySQL/MariaDB.
pgsql_reporting_schema
Data type: Stdlib::Absolutepath
Location of the reporting database schema for PostgreSQL.
mysql_idoreports_slaperiods
Data type: Stdlib::Absolutepath
Location of the slaperiods database extension for MySQL.
mysql_idoreports_sla_percent
Data type: Stdlib::Absolutepath
Location of the get_sla_ok_percent database extension for MySQL.
pgsql_idoreports_slaperiods
Data type: Stdlib::Absolutepath
Location of the slaperiods database extension for PostgreSQL.
pgsql_idoreports_sla_percent
Data type: Stdlib::Absolutepath
Location of the get_sla_ok_percent database extension for PostgreSQL.
gettext_package_name
Data type: String
Package name gettext
tool belongs to.
icingacli_bin
Data type: Stdlib::Absolutepath
Path to `icingacli' comand line tool.
icingaweb2::module::audit
Installs and enables the audit module.
- Note If you want to use
git
asinstall_method
, the CLIgit
command has to be installed.
Examples
class { 'icingaweb2::module::audit':
git_revision => 'v1.0.2',
log_type => 'syslog',
log_facility => 'authpriv',
}
Parameters
The following parameters are available in the icingaweb2::module::audit
class:
ensure
module_dir
git_repository
git_revision
install_method
package_name
log_type
log_file
log_ident
log_facility
stream_format
stream_file
ensure
Data type: Enum['absent', 'present']
Enable or disable module.
Default value: 'present'
module_dir
Data type: Optional[Stdlib::Absolutepath]
Target directory of the module.
Default value: undef
git_repository
Data type: String
Set a git repository URL.
Default value: 'https://github.com/Icinga/icingaweb2-module-audit.git'
git_revision
Data type: Optional[String]
Set either a branch or a tag name, eg. master
or v1.0.2
.
Default value: undef
install_method
Data type: Enum['git', 'none', 'package']
Install methods are git
, package
and none
is supported as installation method.
Default value: 'git'
package_name
Data type: String
Package name of the module. This setting is only valid in combination with the installation method package
.
Default value: 'icingaweb2-module-audit'
log_type
Data type: Enum['file', 'syslog', 'none']
Logging type to use.
Default value: 'none'
log_file
Data type: Optional[Stdlib::Absolutepath]
Location of the log file. Only valid if log_type
is set to file
.
Default value: undef
log_ident
Data type: Optional[String]
Logging prefix ident. Only valid if log_type
is set to syslog
.
Default value: undef
log_facility
Data type: Variant[ Enum['auth', 'user', 'authpriv'], Pattern[/^local[0-7]$/] ]
Facility to log to. Only valid if log_type
is set to syslog
.
Default value: 'auth'
stream_format
Data type: Enum['json', 'none']
Set to json
to stream in JSON format. Disabled by setting to none
.
Default value: 'none'
stream_file
Data type: Optional[Stdlib::Absolutepath]
Path to the stream destination.
Default value: undef
icingaweb2::module::businessprocess
Installs and enables the businessprocess module.
- Note If you want to use
git
asinstall_method
, the CLIgit
command has to be installed. You can manage it yourself as package resource or declare the package name in icingaweb2 class parameterextra_packages
.
Examples
class { 'icingaweb2::module::businessprocess':
git_revision => 'v2.1.0'
}
Parameters
The following parameters are available in the icingaweb2::module::businessprocess
class:
ensure
Data type: Enum['absent', 'present']
Enable or disable module.
Default value: 'present'
module_dir
Data type: Optional[Stdlib::Absolutepath]
Target directory of the module.
Default value: undef
git_repository
Data type: String
Set a git repository URL.
Default value: 'https://github.com/Icinga/icingaweb2-module-businessprocess.git'
git_revision
Data type: Optional[String]
Set either a branch or a tag name, eg. master
or v2.1.0
.
Default value: undef
install_method
Data type: Enum['git', 'none', 'package']
Install methods are git
, package
and none
is supported as installation method.
Default value: 'git'
package_name
Data type: String
Package name of the module. This setting is only valid in combination with the installation method package
.
Default value: 'icingaweb2-module-businessprocess'
icingaweb2::module::cube
Installs and enables the cube module.
- Note If you want to use
git
asinstall_method
, the CLIgit
command has to be installed. You can manage it yourself as package resource or declare the package name in icingaweb2 class parameterextra_packages
.
Examples
class { 'icingaweb2::module::cube':
git_revision => 'v1.0.0'
}
Parameters
The following parameters are available in the icingaweb2::module::cube
class:
ensure
Data type: Enum['absent', 'present']
Enable or disable module.
Default value: 'present'
module_dir
Data type: Optional[Stdlib::Absolutepath]
Target directory of the module.
Default value: undef
git_repository
Data type: String
Set a git repository URL.
Default value: 'https://github.com/Icinga/icingaweb2-module-cube.git'
git_revision
Data type: Optional[String]
Set either a branch or a tag name, eg. master
or v1.0.0
.
Default value: undef
install_method
Data type: Enum['git', 'none', 'package']
Install methods are git
, package
and none
is supported as installation method.
Default value: 'git'
package_name
Data type: String
Package name of the module. This setting is only valid in combination with the installation method package
.
Default value: 'icingaweb2-module-cube'
icingaweb2::module::director
Installs and configures the director module.
- Note If you want to use
git
asinstall_method
, the CLIgit
command has to be installed. You can manage it yourself as package resource or declare the package name in icingaweb2 class parameterextra_packages
.
Examples
class { 'icingaweb2::module::director':
git_revision => 'v1.7.2',
db_host => 'localhost',
db_name => 'director',
db_username => 'director',
db_password => 'supersecret',
import_schema => true,
kickstart => true,
endpoint => 'puppet-icingaweb2.localdomain',
api_username => 'director',
api_password => 'supersecret',
require => Mysql::Db['director']
}
Parameters
The following parameters are available in the icingaweb2::module::director
class:
ensure
module_dir
git_repository
git_revision
install_method
package_name
db_type
db_host
db_port
db_name
db_username
db_password
db_charset
use_tls
tls_key_file
tls_cert_file
tls_cacert_file
tls_key
tls_cert
tls_cacert
tls_capath
tls_noverify
tls_cipher
import_schema
kickstart
endpoint
api_host
api_port
api_username
api_password
ensure
Data type: Enum['absent', 'present']
Enable or disable module.
Default value: 'present'
module_dir
Data type: Optional[Stdlib::Absolutepath]
Target directory of the module.
Default value: undef
git_repository
Data type: String
Set a git repository URL.
Default value: 'https://github.com/Icinga/icingaweb2-module-director.git'
git_revision
Data type: Optional[String]
Set either a branch or a tag name, eg. master
or v1.3.2
.
Default value: undef
install_method
Data type: Enum['git', 'package', 'none']
Install methods are git
, package
and none
is supported as installation method.
Default value: 'git'
package_name
Data type: String
Package name of the module. This setting is only valid in combination with the installation method package
.
Default value: 'icingaweb2-module-director'
db_type
Data type: Enum['mysql', 'pgsql']
Type of your database. Either mysql
or pgsql
.
Default value: 'mysql'
db_host
Data type: Stdlib::Host
Hostname of the database.
Default value: 'localhost'
db_port
Data type: Optional[Stdlib::Port]
Port of the database.
Default value: undef
db_name
Data type: String
Name of the database.
Default value: 'director'
db_username
Data type: String
Username for DB connection.
Default value: 'director'
db_password
Data type: Optional[Icingaweb2::Secret]
Password for DB connection.
Default value: undef
db_charset
Data type: String
Character set to use for the database.
Default value: 'utf8'
use_tls
Data type: Optional[Boolean]
Either enable or disable TLS encryption to the database. Other TLS parameters are only affected if this is set to 'true'.
Default value: undef
tls_key_file
Data type: Optional[Stdlib::Absolutepath]
Location of the private key for client authentication. Only valid if tls is enabled.
Default value: undef
tls_cert_file
Data type: Optional[Stdlib::Absolutepath]
Location of the certificate for client authentication. Only valid if tls is enabled.
Default value: undef
tls_cacert_file
Data type: Optional[Stdlib::Absolutepath]
Location of the ca certificate. Only valid if tls is enabled.
Default value: undef
tls_key
Data type: Optional[Icingaweb2::Secret]
The private key to store in spicified tls_key_file
file. Only valid if tls is enabled.
Default value: undef
tls_cert
Data type: Optional[String]
The certificate to store in spicified tls_cert_file
file. Only valid if tls is enabled.
Default value: undef
tls_cacert
Data type: Optional[String]
The ca certificate to store in spicified tls_cacert_file
file. Only valid if tls is enabled.
Default value: undef
tls_capath
Data type: Optional[Stdlib::Absolutepath]
The file path to the directory that contains the trusted SSL CA certificates, which are stored in PEM format. Only available for the mysql database.
Default value: undef
tls_noverify
Data type: Optional[Boolean]
Disable validation of the server certificate.
Default value: undef
tls_cipher
Data type: Optional[String]
Cipher to use for the encrypted database connection.
Default value: undef
import_schema
Data type: Boolean
Import database schema.
Default value: false
kickstart
Data type: Boolean
Run kickstart command after database migration. This requires import_schema
to be true
.
Default value: false
endpoint
Data type: Optional[String]
Endpoint object name of Icinga 2 API. This setting is only valid if kickstart
is true
.
Default value: undef
api_host
Data type: Stdlib::Host
Icinga 2 API hostname. This setting is only valid if kickstart
is true
.
Default value: 'localhost'
api_port
Data type: Stdlib::Port
Icinga 2 API port. This setting is only valid if kickstart
is true
.
Default value: 5665
api_username
Data type: Optional[String]
Icinga 2 API username. This setting is only valid if kickstart
is true
.
Default value: undef
api_password
Data type: Optional[Icingaweb2::Secret]
Icinga 2 API password. This setting is only valid if kickstart
is true
.
Default value: undef
icingaweb2::module::director::service
Installs and configures the director service.
- Note Only systemd is supported by the Icinga Team and this module.
Parameters
The following parameters are available in the icingaweb2::module::director::service
class:
ensure
Data type: Stdlib::Ensure::Service
Whether the director service should be running.
Default value: 'running'
enable
Data type: Boolean
Enable or disable the service.
Default value: true
user
Data type: String
Specifies user to run director service daemon. Only available if install_method package is not used.
Default value: 'icingadirector'
group
Data type: String
Specifies primary group for user to run director service daemon. Only available if install_method package is not used.
Default value: 'icingaweb2'
manage_user
Data type: Boolean
Whether to manage the server user resource. Only available if install_method package is not used.
Default value: true
icingaweb2::module::doc
The doc module provides an interface to the Icinga 2 and Icinga Web 2 documentation.
Parameters
The following parameters are available in the icingaweb2::module::doc
class:
ensure
Data type: Enum['absent', 'present']
Enable or disable module. Defaults to present
Default value: 'present'
icingaweb2::module::elasticsearch
The Elasticsearch module displays events from data stored in Elasticsearch.
- Note If you want to use
git
asinstall_method
, the CLIgit
command has to be installed. You can manage it yourself as package resource or declare the package name in icingaweb2 class parameterextra_packages
.
Examples
class { 'icingaweb2::module::elasticsearch':
git_revision => 'v0.9.0',
instances => {
'elastic' => {
uri => 'http://localhost:9200',
user => 'foo',
password => 'bar',
}
},
eventtypes => {
'filebeat' => {
instance => 'elastic',
index => 'filebeat-*',
filter => 'beat.hostname={host.name}',
fields => 'input_type, source, message',
}
}
}
Parameters
The following parameters are available in the icingaweb2::module::elasticsearch
class:
ensure
Data type: Enum['absent', 'present']
Enable or disable module.
Default value: 'present'
module_dir
Data type: Optional[Stdlib::Absolutepath]
Target directory of the module.
Default value: undef
git_repository
Data type: String
Set a git repository URL.
Default value: 'https://github.com/Icinga/icingaweb2-module-elasticsearch.git'
install_method
Data type: Enum['git', 'none', 'package']
Install methods are git
, package
and none
is supported as installation method.
Default value: 'git'
package_name
Data type: String
Package name of the module. This setting is only valid in combination with the installation method package
.
Default value: 'icingaweb2-module-elasticsearch'
git_revision
Data type: Optional[String]
Set either a branch or a tag name, eg. master
or v1.3.2
.
Default value: undef
instances
Data type: Optional[Hash]
A hash that configures one or more Elasticsearch instances that this module connects to. The defined type
icingaweb2::module::elasticsearch::instance
is used to create the instance configuration.
Default value: undef
eventtypes
Data type: Optional[Hash]
A hash oft ypes of events that should be displayed. Event types are always connected to instances. The defined type
icingaweb2::module::elasticsearch::eventtype
is used to create the event types.
Default value: undef
icingaweb2::module::fileshipper
@example: class { 'icingaweb2::module::fileshipper': git_revision => 'v1.0.1', base_directories => { temp => '/var/lib/fileshipper' }, directories => { 'test' => { 'source' => '/var/lib/fileshipper/source', 'target' => '/var/lib/fileshipper/target', } } }
- Note If you want to use
git
asinstall_method
, the CLIgit
command has to be installed. You can manage it yourself as package resource or declare the package name in icingaweb2 class parameterextra_packages
.
Parameters
The following parameters are available in the icingaweb2::module::fileshipper
class:
ensure
module_dir
git_repository
install_method
package_name
git_revision
base_directories
directories
ensure
Data type: Enum['absent', 'present']
Enables or disables module.
Default value: 'present'
module_dir
Data type: Optional[Stdlib::Absolutepath]
Target directory of the module.
Default value: undef
git_repository
Data type: String
Set a git repository URL.
Default value: 'https://github.com/Icinga/icingaweb2-module-fileshipper.git'
install_method
Data type: Enum['git', 'none', 'package']
Install methods are git
, package
and none
is supported as installation method.
Default value: 'git'
package_name
Data type: String
Package name of the module. This setting is only valid in combination with the installation method package
.
Default value: 'icingaweb2-module-fileshipper'
git_revision
Data type: Optional[String]
Set either a branch or a tag name, eg. master
or v1.3.2
.
Default value: undef
base_directories
Data type: Hash
Hash of base directories. These directories can later be selected in the import source (Director).
Default value: {}
directories
Data type: Hash
Deploy plain Icinga 2 configuration files through the Director to your Icinga 2 master.
Default value: {}
icingaweb2::module::generictts
Installs and enables the generictts module.
- Note If you want to use
git
asinstall_method
, the CLIgit
command has to be installed. You can manage it yourself as package resource or declare the package name in icingaweb2 class parameterextra_packages
.
Examples
class { 'icingaweb2::module::generictts':
git_revision => 'v2.0.0',
ticketsystems => {
'my-ticket-system' => {
pattern => '/#([0-9]{4,6})/',
url => 'https://my.ticket.system/tickets/id=$1',
},
},
}
Parameters
The following parameters are available in the icingaweb2::module::generictts
class:
ensure
Data type: Enum['absent', 'present']
Enable or disable module.
Default value: 'present'
module_dir
Data type: Optional[Stdlib::Absolutepath]
Target directory of the module.
Default value: undef
git_repository
Data type: String
Set a git repository URL.
Default value: 'https://github.com/Icinga/icingaweb2-module-generictts.git'
git_revision
Data type: Optional[String]
Set either a branch or a tag name, eg. master
or v2.0.0
.
Default value: undef
install_method
Data type: Enum['git', 'none', 'package']
Install methods are git
, package
and none
is supported as installation method.
Default value: 'git'
package_name
Data type: String
Package name of the module. This setting is only valid in combination with the installation method package
.
Default value: 'icingaweb2-module-generictts'
ticketsystems
Data type: Hash
A hash of ticketsystems. The hash expects a patten
and a url
for each ticketsystem.
The regex pattern is to match the ticket ID, eg. /#([0-9]{4,6})/
. Place the ticket ID
in the URL, eg. https://my.ticket.system/tickets/id=$1
.
Default value: {}
icingaweb2::module::graphite
The Graphite module draws graphs out of time series data stored in Graphite.
- Note If you want to use
git
asinstall_method
, the CLIgit
command has to be installed. You can manage it yourself as package resource or declare the package name in icingaweb2 class parameterextra_packages
.
Examples
class { 'icingaweb2::module::graphite':
git_revision => 'v0.9.0',
url => 'https://localhost:8080'
}
Parameters
The following parameters are available in the icingaweb2::module::graphite
class:
ensure
module_dir
git_repository
git_revision
install_method
package_name
url
insecure
user
password
graphite_writer_host_name_template
graphite_writer_service_name_template
customvar_obscured_check_command
default_time_range_unit
default_time_range
disable_no_graphs
ensure
Data type: Enum['absent', 'present']
Enables or disables module.
Default value: 'present'
module_dir
Data type: Optional[Stdlib::Absolutepath]
Target directory of the module.
Default value: undef
git_repository
Data type: String
Set a git repository URL.
Default value: 'https://github.com/Icinga/icingaweb2-module-graphite.git'
git_revision
Data type: Optional[String]
Set either a branch or a tag name, eg. master
or v1.3.2
.
Default value: undef
install_method
Data type: Enum['git', 'none', 'package']
Install methods are git
, package
and none
is supported as installation method.
Default value: 'git'
package_name
Data type: String
Package name of the module. This setting is only valid in combination with the installation method package
.
Default value: 'icingaweb2-module-graphite'
url
Data type: Optional[String]
URL to your Graphite Web/API.
Default value: undef
insecure
Data type: Optional[Boolean]
Do not verify the TLS certificate.
Default value: undef
user
Data type: Optional[String]
A user with access to your Graphite Web via HTTP basic authentication.
Default value: undef
password
Data type: Optional[Icingaweb2::Secret]
The users password.
Default value: undef
graphite_writer_host_name_template
Data type: Optional[String]
The value of your Icinga 2 GraphiteWriter's attribute host_name_template
(if specified).
Default value: undef
graphite_writer_service_name_template
Data type: Optional[String]
The value of your icinga 2 GraphiteWriter's attribute service_name_template
(if specified).
Default value: undef
customvar_obscured_check_command
Data type: Optional[String]
The Icinga custom variable with the actual
check command obscured by e.g. check_by_ssh.
Default value: undef
default_time_range_unit
Data type: Optional[Enum[ 'minutes', 'hours', 'days', 'weeks', 'months', 'years' ]]
Set unit for the time range.
Default value: undef
default_time_range
Data type: Optional[Integer[1]]
Set the displayed time range.
Default value: undef
disable_no_graphs
Data type: Optional[Boolean]
Do not display empty graphs.
Default value: undef
icingaweb2::module::icingadb
Manages the icingadb module. This module is still optional at the moment.
- Note At first have a look at the IcingaDB module documentation.
Parameters
The following parameters are available in the icingaweb2::module::icingadb
class:
ensure
package_name
db_type
db_host
db_port
db_name
db_username
db_password
db_charset
db_use_tls
db_tls_cert_file
db_tls_key_file
db_tls_cacert_file
db_tls_cert
db_tls_key
db_tls_cacert
db_tls_capath
db_tls_noverify
db_tls_cipher
redis_host
redis_port
redis_password
redis_primary_host
redis_primary_port
redis_primary_password
redis_secondary_host
redis_secondary_port
redis_secondary_password
redis_use_tls
redis_tls_cert
redis_tls_key
redis_tls_cacert
redis_tls_cert_file
redis_tls_key_file
redis_tls_cacert_file
commandtransports
ensure
Data type: Enum['absent', 'present']
Enable or disable module.
Default value: 'present'
package_name
Data type: String
IicngaDB-Web module package name.
db_type
Data type: Enum['mysql', 'pgsql']
Type of your IDO database. Either mysql
or pgsql
.
Default value: 'mysql'
db_host
Data type: Stdlib::Host
Hostname of the IcingaDB database.
Default value: 'localhost'
db_port
Data type: Optional[Stdlib::Port]
Port of the IcingaDB database.
Default value: undef
db_name
Data type: String
Name of the IcingaDB database.
Default value: 'icingadb'
db_username
Data type: String
Username for IcingaDB database connection.
Default value: 'icingadb'
db_password
Data type: Icingaweb2::Secret
Password for IcingaDB database connection.
db_charset
Data type: Optional[String]
The character set to use for the IcingaDB database connection.
Default value: undef
db_use_tls
Data type: Optional[Boolean]
Either enable or disable TLS encryption to the database. Other TLS parameters are only affected if this is set to 'true'.
Default value: undef
db_tls_cert_file
Data type: Optional[Stdlib::Absolutepath]
Location of the certificate for client authentication. Only valid if db_use_tls is enabled.
Default value: undef
db_tls_key_file
Data type: Optional[Stdlib::Absolutepath]
Location of the private key for client authentication. Only valid if db_use_tls is enabled.
Default value: undef
db_tls_cacert_file
Data type: Optional[Stdlib::Absolutepath]
Location of the CA root certificate. Only valid if db_use_tls is enabled.
Default value: undef
db_tls_cert
Data type: Optional[String]
The client certificate in PEM format. Only valid if db_use_tls is enabled.
Default value: undef
db_tls_key
Data type: Optional[Icingaweb2::Secret]
The client private key in PEM format. Only valid if db_use_tls is enabled.
Default value: undef
db_tls_cacert
Data type: Optional[String]
The CA root certificate in PEM format. Only valid if db_use_tls is enabled.
Default value: undef
db_tls_capath
Data type: Optional[Stdlib::Absolutepath]
The file path to the directory that contains the trusted SSL CA certificates, which are stored in PEM format. Only available for the mysql database.
Default value: undef
db_tls_noverify
Data type: Optional[Boolean]
Disable validation of the server certificate.
Default value: undef
db_tls_cipher
Data type: Optional[String]
Cipher to use for the encrypted database connection.
Default value: undef
redis_host
Data type: Stdlib::Host
Redis host to connect.
Default value: 'localhost'
redis_port
Data type: Optional[Stdlib::Port]
Connect redis_host
om this port.
Default value: undef
redis_password
Data type: Optional[Icingaweb2::Secret]
Password for Redis connection.
Default value: undef
redis_primary_host
Data type: Stdlib::Host
Alternative parameter to use for redis_host
. Useful for high availability environments.
Default value: $redis_host
redis_primary_port
Data type: Optional[Stdlib::Port]
Alternative parameter to use for redis_port
. Useful for high availability environments.
Default value: $redis_port
redis_primary_password
Data type: Optional[Icingaweb2::Secret]
Alternative parameter to use for redis_passwod
. Useful for high availability environments.
Default value: $redis_password
redis_secondary_host
Data type: Optional[Stdlib::Host]
Fallback Redis host to connect if the first one fails.
Default value: undef
redis_secondary_port
Data type: Optional[Stdlib::Port]
Port to connect on the fallback Redis server.
Default value: undef
redis_secondary_password
Data type: Optional[Icingaweb2::Secret]
Password for the second Redis server.
Default value: undef
redis_use_tls
Data type: Optional[Boolean]
Use tls encrypt connection for Redis. All Credentials are applied for both connections in a high availability environments.
Default value: undef
redis_tls_cert
Data type: Optional[String]
Client certificate in PEM format to authenticate to Redis. Only valid if redis_use_tls is enabled.
Default value: undef
redis_tls_key
Data type: Optional[Icingaweb2::Secret]
Client private key in PEM format. Only valid if redis_use_tls is enabled.
Default value: undef
redis_tls_cacert
Data type: Optional[String]
The CA certificate in PEM format. Only valid if redis_use_tls is enabled.
Default value: undef
redis_tls_cert_file
Data type: Optional[Stdlib::Absolutepath]
Location of the client certificate. Only valid if redis_use_tls is enabled.
Default value: undef
redis_tls_key_file
Data type: Optional[Stdlib::Absolutepath]
Location of the private key. Only valid if redis_use_tls is enabled.
Default value: undef
redis_tls_cacert_file
Data type: Optional[Stdlib::Absolutepath]
Location of the CA certificate. Only valid if redis_use_tls is enabled.
Default value: undef
commandtransports
Data type: Hash[String, Hash]
A hash of command transports.
Default value: {}
icingaweb2::module::idoreports
Installs, configures and enables the idoreports module.
- Note If you want to use
git
asinstall_method
, the CLIgit
command has to be installed. You can manage it yourself as package resource or declare the package name in icingaweb2 class parameterextra_packages
.
Examples
class { 'icingaweb2::module::idoreports':
git_revision => 'v0.10.0',
}
Parameters
The following parameters are available in the icingaweb2::module::idoreports
class:
ensure
module_dir
git_repository
git_revision
install_method
package_name
import_schema
ido_db_username
ido_db_password
use_tls
tls_key_file
tls_cert_file
tls_cacert_file
tls_key
tls_cert
tls_cacert
tls_capath
tls_noverify
tls_cipher
ensure
Data type: Enum['absent', 'present']
Enable or disable module.
module_dir
Data type: Optional[Stdlib::Absolutepath]
Target directory of the module.
Default value: undef
git_repository
Data type: String
Set a git repository URL.
git_revision
Data type: Optional[String]
Set either a branch or a tag name, eg. master
or v2.1.0
.
Default value: undef
install_method
Data type: Enum['git', 'none', 'package']
Install methods are git
, package
and none
is supported as installation method.
package_name
Data type: String
Package name of the module. This setting is only valid in combination with the installation method package
.
import_schema
Data type: Variant[Boolean, Enum['mariadb', 'mysql']]
The IDO database needs some extensions for reorting. Whether to import the database extensions or not.
Options mariadb
and mysql
, both means true. With mariadb its cli options are used for the import,
whereas with mysql its different options.
Default value: false
ido_db_username
Data type: Optional[String]
An alternative username to login into the database. By default, the user from
the monitoring
module is used.
Default value: $icingaweb2::module::monitoring::ido_db_username
ido_db_password
Data type: Optional[Icingaweb2::Secret]
The password for the alternative user. By default, the password from
the monitoring
module is used.
Default value: $icingaweb2::module::monitoring::ido_db_password
use_tls
Data type: Optional[Boolean]
Either enable or disable TLS encryption to the database. Other TLS parameters
are only affected if this is set to 'true'. By default, same value from
the monitoring
module is used.
Default value: $icingaweb2::module::monitoring::use_tls
tls_key_file
Data type: Optional[Stdlib::Absolutepath]
Location of the private key for client authentication. Only valid if tls is enabled.
By default, same value from the monitoring
module is used.
Default value: $icingaweb2::module::monitoring::tls_key_file
tls_cert_file
Data type: Optional[Stdlib::Absolutepath]
Location of the certificate for client authentication. Only valid if tls is enabled.
By default, same value from the monitoring
module is used.
Default value: $icingaweb2::module::monitoring::tls_cert_file
tls_cacert_file
Data type: Optional[Stdlib::Absolutepath]
Location of the ca certificate. Only valid if tls is enabled.
By default, same value from the monitoring
module is used.
Default value: $icingaweb2::module::monitoring::tls_cacert_file
tls_key
Data type: Optional[Icingaweb2::Secret]
The private key to store in spicified tls_key_file
file. Only valid if tls is enabled.
By default, same value from the monitoring
module is used.
Default value: $icingaweb2::module::monitoring::tls_key
tls_cert
Data type: Optional[String]
The certificate to store in spicified tls_cert_file
file. Only valid if tls is enabled.
By default, same value from the monitoring
module is used.
Default value: $icingaweb2::module::monitoring::tls_cert
tls_cacert
Data type: Optional[String]
The ca certificate to store in spicified tls_cacert_file
file. Only valid if tls is enabled.
By default, same value from the monitoring
module is used.
Default value: $icingaweb2::module::monitoring::tls_cacert
tls_capath
Data type: Optional[Stdlib::Absolutepath]
The file path to the directory that contains the trusted SSL CA certificates, which are stored in PEM format.
Only available for the mysql database. By default, same value from the monitoring
module is used.
Default value: $icingaweb2::module::monitoring::tls_capath
tls_noverify
Data type: Optional[Boolean]
Disable validation of the server certificate. By default, same value from the monitoring
module is used.
Default value: $icingaweb2::module::monitoring::tls_noverify
tls_cipher
Data type: Optional[String]
Cipher to use for the encrypted database connection. By default, same value from the monitoring
module is used.
Default value: $icingaweb2::module::monitoring::tls_cipher
icingaweb2::module::incubator
Installs and enables the incubator module.
- Note If you want to use
git
asinstall_method
, the CLIgit
command has to be installed. You can manage it yourself as package resource or declare the package name in icingaweb2 class parameterextra_packages
.
Parameters
The following parameters are available in the icingaweb2::module::incubator
class:
ensure
Data type: Enum['absent', 'present']
Enable or disable module. Defaults to present
Default value: 'present'
module_dir
Data type: Optional[Stdlib::Absolutepath]
Target directory of the module.
Default value: undef
git_repository
Data type: String
Set a git repository URL. Defaults to github.
git_revision
Data type: String
Set either a branch or a tag name, eg. stable/0.7.0
or v0.7.0
.
icingaweb2::module::ipl
Installs and enables the ipl module.
- Note If you want to use
git
asinstall_method
, the CLIgit
command has to be installed. You can manage it yourself as package resource or declare the package name in icingaweb2 class parameterextra_packages
.
Parameters
The following parameters are available in the icingaweb2::module::ipl
class:
ensure
Data type: Enum['absent', 'present']
Enable or disable module.
Default value: 'present'
module_dir
Data type: Optional[Stdlib::Absolutepath]
Target directory of the module.
Default value: undef
git_repository
Data type: String
Set a git repository URL.
git_revision
Data type: String
Set either a branch or a tag name, eg. stable/0.7.0
or v0.7.0
.
icingaweb2::module::monitoring
Requirements:
-
IDO feature in Icinga 2 (MySQL or PostgreSQL)
-
ApiUser
object in Icinga 2 with proper permissionsclass {'icingaweb2::module::monitoring': ido_host => 'localhost', ido_type => 'mysql', ido_db_name => 'icinga2', ido_db_username => 'icinga2', ido_db_password => 'supersecret', commandtransports => { icinga2 => { transport => 'api', username => 'icingaweb2', password => 'supersecret', } } }
-
Note At first have a look at the Monitoring module documentation.
Examples
This module is mandatory for almost every setup. It connects your Icinga Web interface to the Icinga 2 core. Current and history information are queried through the IDO database. Actions such as Check Now
, Set Downtime
or Acknowledge
are send to the Icinga 2 API.
Parameters
The following parameters are available in the icingaweb2::module::monitoring
class:
ensure
protected_customvars
ido_type
ido_host
ido_port
ido_db_name
ido_db_username
ido_db_password
ido_db_charset
use_tls
tls_key_file
tls_cert_file
tls_cacert_file
tls_key
tls_cert
tls_cacert
tls_capath
tls_noverify
tls_cipher
commandtransports
ensure
Data type: Enum['absent', 'present']
Enable or disable module.
Default value: 'present'
protected_customvars
Data type: Variant[String, Array[String]]
Custom variables in Icinga 2 may contain sensible information. Set patterns for custom variables that should be hidden in the web interface.
Default value: ['*pw*', '*pass*', 'community']
ido_type
Data type: Enum['mysql', 'pgsql']
Type of your IDO database. Either mysql
or pgsql
.
Default value: 'mysql'
ido_host
Data type: Optional[Stdlib::Host]
Hostname of the IDO database.
Default value: undef
ido_port
Data type: Optional[Stdlib::Port]
Port of the IDO database.
Default value: undef
ido_db_name
Data type: Optional[String]
Name of the IDO database.
Default value: undef
ido_db_username
Data type: Optional[String]
Username for IDO DB connection.
Default value: undef
ido_db_password
Data type: Optional[Icingaweb2::Secret]
Password for IDO DB connection.
Default value: undef
ido_db_charset
Data type: Optional[String]
The character set to use for the database connection.
Default value: undef
use_tls
Data type: Optional[Boolean]
Either enable or disable TLS encryption to the database. Other TLS parameters are only affected if this is set to 'true'.
Default value: undef
tls_key_file
Data type: Optional[Stdlib::Absolutepath]
Location of the private key for client authentication. Only valid if tls is enabled.
Default value: undef
tls_cert_file
Data type: Optional[Stdlib::Absolutepath]
Location of the certificate for client authentication. Only valid if tls is enabled.
Default value: undef
tls_cacert_file
Data type: Optional[Stdlib::Absolutepath]
Location of the ca certificate. Only valid if tls is enabled.
Default value: undef
tls_key
Data type: Optional[Icingaweb2::Secret]
The private key to store in spicified tls_key_file
file. Only valid if tls is enabled.
Default value: undef
tls_cert
Data type: Optional[String]
The certificate to store in spicified tls_cert_file
file. Only valid if tls is enabled.
Default value: undef
tls_cacert
Data type: Optional[String]
The ca certificate to store in spicified tls_cacert_file
file. Only valid if tls is enabled.
Default value: undef
tls_capath
Data type: Optional[Stdlib::Absolutepath]
The file path to the directory that contains the trusted SSL CA certificates, which are stored in PEM format. Only available for the mysql database.
Default value: undef
tls_noverify
Data type: Optional[Boolean]
Disable validation of the server certificate.
Default value: undef
tls_cipher
Data type: Optional[String]
Cipher to use for the encrypted database connection.
Default value: undef
commandtransports
Data type: Hash
A hash of command transports.
Default value: {}
icingaweb2::module::pdfexport
Installs, configures and enables the pdfexport module.
- Note If you want to use
git
asinstall_method
, the CLIgit
command has to be installed. You can manage it yourself as package resource or declare the package name in icingaweb2 class parameterextra_packages
.
Examples
class { 'icingaweb2::module::pdfexport':
git_revision => 'v0.10.0',
chrome_binary => '/usr/bin/chromium-browser',
}
Parameters
The following parameters are available in the icingaweb2::module::pdfexport
class:
ensure
module_dir
git_repository
git_revision
install_method
package_name
chrome_binary
force_temp_storage
remote_host
remote_port
ensure
Data type: Enum['absent', 'present']
Enable or disable module.
Default value: 'present'
module_dir
Data type: Optional[Stdlib::Absolutepath]
Target directory of the module.
Default value: undef
git_repository
Data type: String
Set a git repository URL.
Default value: 'https://github.com/Icinga/icingaweb2-module-pdfexport.git'
git_revision
Data type: Optional[String]
Set either a branch or a tag name, eg. master
or v2.1.0
.
Default value: undef
install_method
Data type: Enum['git', 'none', 'package']
Install methods are git
, package
and none
is supported as installation method.
Default value: 'git'
package_name
Data type: String
Package name of the module. This setting is only valid in combination with the installation method package
.
Default value: 'icingaweb2-module-pdfexport'
chrome_binary
Data type: Optional[Stdlib::Absolutepath]
Path of the chrome or Chrome/Chromium binary.
Default value: undef
force_temp_storage
Data type: Optional[Boolean]
Force using of local temp storage.
Default value: undef
remote_host
Data type: Optional[Stdlib::Host]
Connect a remote running Chrome/Chromium.
Default value: undef
remote_port
Data type: Optional[Stdlib::Port]
Port to connect the remote running Chrome/Chromium.
Default value: undef
icingaweb2::module::puppetdb
Installs and configures the puppetdb module.
- Note If you want to use
git
asinstall_method
, the CLIgit
command has to be installed. You can manage it yourself as package resource or declare the package name in icingaweb2 class parameterextra_packages
.
Examples
Set up the PuppetDB module and configure two custom SSL keys:
$certificates = {
'pupdb1' => {
:ssl_key => '-----BEGIN RSA PRIVATE KEY----- abc...',
:ssl_cacert => '-----BEGIN RSA PRIVATE KEY----- def...',
},
'pupdb2' => {
:ssl_key => '-----BEGIN RSA PRIVATE KEY----- zyx...',
:ssl_cacert => '-----BEGIN RSA PRIVATE KEY----- wvur...',
},
}
class { '::icingaweb2::module::puppetdb':
git_revision => 'master',
ssl => 'none',
certificates => $certificates,
}
Set up the PuppetDB module and configure the hosts SSL key to connect to the PuppetDB host:
class {'::icingaweb2::module::puppetdb':
git_revision => 'master',
ssl => 'puppet',
host => 'puppetdb.example.com',
}
Parameters
The following parameters are available in the icingaweb2::module::puppetdb
class:
ensure
Data type: Enum['absent', 'present']
Enable or disable module.
Default value: 'present'
module_dir
Data type: Optional[Stdlib::Absolutepath]
Target directory of the module.
Default value: undef
git_repository
Data type: String
Set a git repository URL.
Default value: 'https://github.com/Icinga/icingaweb2-module-puppetdb.git'
git_revision
Data type: Optional[String]
Set either a branch or a tag name, eg. master
or v1.3.2
.
Default value: undef
install_method
Data type: Enum['git', 'none', 'package']
Install methods are git
, package
and none
is supported as installation method.
Default value: 'git'
package_name
Data type: String
Package name of the module. This setting is only valid in combination with the installation method package
.
Default value: 'icingaweb2-module-puppetdb'
ssl
Data type: Enum['none', 'puppet']
How to set up ssl certificates. To copy certificates from the local puppet installation, use puppet
.
Default value: 'none'
host
Data type: Optional[Stdlib::Host]
Hostname of the server where PuppetDB is running. The ssl
parameter needs to be set to puppet
.
Default value: undef
certificates
Data type: Hash
Hash with icingaweb2::module::puppetdb::certificate resources.
Default value: {}
icingaweb2::module::reactbundle
Installs and enables the reactbundle module.
- Note If you want to use
git
asinstall_method
, the CLIgit
command has to be installed. You can manage it yourself as package resource or declare the package name in icingaweb2 class parameterextra_packages
.
Parameters
The following parameters are available in the icingaweb2::module::reactbundle
class:
ensure
Data type: Enum['absent', 'present']
Enable or disable module.
Default value: 'present'
module_dir
Data type: Optional[Stdlib::Absolutepath]
Target directory of the module.
Default value: undef
git_repository
Data type: String
Set a git repository URL.
git_revision
Data type: String
Set either a branch or a tag name, eg. stable/0.7.0
or v0.7.0
.
icingaweb2::module::reporting
Installs the reporting plugin
Examples
class { 'icingaweb2::module::reporting':
ensure => present,
git_revision => 'v0.9.0',
db_host => 'localhost',
db_name => 'reporting',
db_username => 'reporting',
db_password => 'supersecret',
}
Parameters
The following parameters are available in the icingaweb2::module::reporting
class:
ensure
module_dir
git_repository
git_revision
install_method
package_name
db_type
db_host
db_port
db_name
db_username
db_password
db_charset
use_tls
tls_key_file
tls_cert_file
tls_cacert_file
tls_key
tls_cert
tls_cacert
tls_capath
tls_noverify
tls_cipher
import_schema
mail
ensure
Data type: Enum['absent', 'present']
Ensures the state of the reporting module.
module_dir
Data type: Optional[Stdlib::Absolutepath]
Target directory of the module.
Default value: undef
git_repository
Data type: String
The upstream module repository.
git_revision
Data type: Optional[String]
The version of the module that needs to be used.
Default value: undef
install_method
Data type: Enum['git', 'none', 'package']
Install methods are git
, package
and none
is supported as installation method.
package_name
Data type: String
Package name of the module. This setting is only valid in combination with the installation method package
.
db_type
Data type: Enum['mysql', 'pgsql']
The database type. Either mysql or postgres.
Default value: 'mysql'
db_host
Data type: Stdlib::Host
The host where the reporting database will be running
Default value: 'localhost'
db_port
Data type: Optional[Stdlib::Port]
The port on which the database is accessible.
Default value: undef
db_name
Data type: String
The name of the database this module should use.
Default value: 'reporting'
db_username
Data type: String
The username needed to access the database.
Default value: 'reporting'
db_password
Data type: Optional[Icingaweb2::Secret]
The password needed to access the database.
Default value: undef
db_charset
Data type: Optional[String]
The charset the database is set to.
Default value: undef
use_tls
Data type: Optional[Boolean]
Either enable or disable TLS encryption to the database. Other TLS parameters are only affected if this is set to 'true'.
Default value: undef
tls_key_file
Data type: Optional[Stdlib::Absolutepath]
Location of the private key for client authentication. Only valid if tls is enabled.
Default value: undef
tls_cert_file
Data type: Optional[Stdlib::Absolutepath]
Location of the certificate for client authentication. Only valid if tls is enabled.
Default value: undef
tls_cacert_file
Data type: Optional[Stdlib::Absolutepath]
Location of the ca certificate. Only valid if tls is enabled.
Default value: undef
tls_key
Data type: Optional[Icingaweb2::Secret]
The private key to store in spicified tls_key_file
file. Only valid if tls is enabled.
Default value: undef
tls_cert
Data type: Optional[String]
The certificate to store in spicified tls_cert_file
file. Only valid if tls is enabled.
Default value: undef
tls_cacert
Data type: Optional[String]
The ca certificate to store in spicified tls_cacert_file
file. Only valid if tls is enabled.
Default value: undef
tls_capath
Data type: Optional[Stdlib::Absolutepath]
The file path to the directory that contains the trusted SSL CA certificates, which are stored in PEM format. Only available for the mysql database.
Default value: undef
tls_noverify
Data type: Optional[Boolean]
Disable validation of the server certificate.
Default value: undef
tls_cipher
Data type: Optional[String]
Cipher to use for the encrypted database connection.
Default value: undef
import_schema
Data type: Variant[Boolean, Enum['mariadb', 'mysql']]
Whether to import the database schema or not. Options mariadb
and mysql
,
both means true. With mariadb its cli options are used for the import,
whereas with mysql its different options.
Default value: false
mail
Data type: Optional[String]
Mails are sent with this sender address.
Default value: undef
icingaweb2::module::reporting::service
Installs and configures the reporting scheduler.
- Note Only systemd is supported by the Icinga Team and this module.
Examples
include icingaweb2::module::reporting::service
Parameters
The following parameters are available in the icingaweb2::module::reporting::service
class:
ensure
Data type: Stdlib::Ensure::Service
Whether the reporting service should be running.
Default value: 'running'
enable
Data type: Boolean
Enable or disable the service.
Default value: true
user
Data type: String
Specifies the user to run the reporting service daemon as. Only available if install_method package is not used.
Default value: 'icingareporting'
group
Data type: String
Specifies the primary group to run the reporting service daemon as. Only available if install_method package is not used.
Default value: 'icingaweb2'
manage_user
Data type: Boolean
Whether to manage the server user resource. Only available if install_method package is not used.
Default value: true
icingaweb2::module::translation
Installs and configures the translation module.
Parameters
The following parameters are available in the icingaweb2::module::translation
class:
ensure
Data type: Enum['absent', 'present']
Enable or disable module.
Default value: 'present'
icingaweb2::module::vsphere
The vSphere module extends the Director. It provides import sources for virtual machines and physical hosts from vSphere.
- Note If you want to use
git
asinstall_method
, the CLIgit
command has to be installed. You can manage it yourself as package resource or declare the package name in icingaweb2 class parameterextra_packages
.
Parameters
The following parameters are available in the icingaweb2::module::vsphere
class:
ensure
Data type: Enum['absent', 'present']
Enable or disable module.
Default value: 'present'
module_dir
Data type: Optional[Stdlib::Absolutepath]
Target directory of the module.
Default value: undef
git_repository
Data type: String
Set a git repository URL.
Default value: 'https://github.com/Icinga/icingaweb2-module-vsphere.git'
install_method
Data type: Enum['git', 'none', 'package']
Install methods are git
, package
and none
is supported as installation method.
Default value: 'git'
package_name
Data type: String
Package name of the module. This setting is only valid in combination with the installation method package
.
Default value: 'icingaweb2-module-vsphere'
git_revision
Data type: Optional[String]
Set either a branch or a tag name, eg. stable/0.7.0
or v0.7.0
.
Default value: undef
icingaweb2::module::vspheredb
Installs the vsphereDB plugin
Examples
class { 'icingaweb2::module::vspheredb':
ensure => 'present',
git_revision => 'v1.1.0',
db_host => 'localhost',
db_name => 'vspheredb',
db_username => 'vspheredb',
db_password => 'supersecret',
}
Parameters
The following parameters are available in the icingaweb2::module::vspheredb
class:
ensure
module_dir
git_repository
git_revision
install_method
package_name
db_type
db_host
db_port
db_name
db_username
db_password
db_charset
use_tls
tls_key_file
tls_cert_file
tls_cacert_file
tls_key
tls_cert
tls_cacert
tls_capath
tls_noverify
tls_cipher
import_schema
ensure
Data type: Enum['absent', 'present']
Ensur es the state of the vspheredb module.
Default value: 'present'
module_dir
Data type: Optional[Stdlib::Absolutepath]
Target directory of the module.
Default value: undef
git_repository
Data type: String
The upstream module repository.
Default value: 'https://github.com/Icinga/icingaweb2-module-vspheredb.git'
git_revision
Data type: Optional[String]
The version of the module that needs to be used.
Default value: undef
install_method
Data type: Enum['git', 'none', 'package']
Install methods are git
, package
and none
is supported as installation method.
Default value: 'git'
package_name
Data type: String
Package name of the module. This setting is only valid in combination with the installation method package
.
Default value: 'icingaweb2-module-vspheredb'
db_type
Data type: Enum['mysql']
The database type. Either mysql or postgres.
Default value: 'mysql'
db_host
Data type: Stdlib::Host
The host where the vspheredb-database will be running
Default value: 'localhost'
db_port
Data type: Optional[Stdlib::Port]
The port on which the database is accessible.
Default value: undef
db_name
Data type: String
The name of the database this module should use.
Default value: 'vspheredb'
db_username
Data type: String
The username needed to access the database.
Default value: 'vspheredb'
db_password
Data type: Optional[Icingaweb2::Secret]
The password needed to access the database.
Default value: undef
db_charset
Data type: String
The charset the database is set to.
Default value: 'utf8mb4'
use_tls
Data type: Optional[Boolean]
Either enable or disable TLS encryption to the database. Other TLS parameters are only affected if this is set to 'true'.
Default value: undef
tls_key_file
Data type: Optional[Stdlib::Absolutepath]
Location of the private key for client authentication. Only valid if tls is enabled.
Default value: undef
tls_cert_file
Data type: Optional[Stdlib::Absolutepath]
Location of the certificate for client authentication. Only valid if tls is enabled.
Default value: undef
tls_cacert_file
Data type: Optional[Stdlib::Absolutepath]
Location of the ca certificate. Only valid if tls is enabled.
Default value: undef
tls_key
Data type: Optional[Icingaweb2::Secret]
The private key to store in spicified tls_key_file
file. Only valid if tls is enabled.
Default value: undef
tls_cert
Data type: Optional[String]
The certificate to store in spicified tls_cert_file
file. Only valid if tls is enabled.
Default value: undef
tls_cacert
Data type: Optional[String]
The ca certificate to store in spicified tls_cacert_file
file. Only valid if tls is enabled.
Default value: undef
tls_capath
Data type: Optional[Stdlib::Absolutepath]
The file path to the directory that contains the trusted SSL CA certificates, which are stored in PEM format. Only available for the mysql database.
Default value: undef
tls_noverify
Data type: Optional[Boolean]
Disable validation of the server certificate.
Default value: undef
tls_cipher
Data type: Optional[String]
Cipher to use for the encrypted database connection.
Default value: undef
import_schema
Data type: Variant[Boolean, Enum['mariadb', 'mysql']]
Whether to import the database schema or not. New options mariadb
and mysql
,
both means true. With mariadb its cli options are used for the import,
whereas with mysql its different options.
Default value: false
icingaweb2::module::vspheredb::service
Installs and configures the vspheredb service.
- Note Only systemd is supported by the Icinga Team and this module.
Examples
include icingaweb2::module::vspheredb::service
Parameters
The following parameters are available in the icingaweb2::module::vspheredb::service
class:
ensure
Data type: Stdlib::Ensure::Service
Whether the vspheredb service should be running.
Default value: 'running'
enable
Data type: Boolean
Enable or disable the service.
Default value: true
user
Data type: String
Specifies the user to run the vsphere service daemon as. Only available if install_method package is not used.
Default value: 'icingavspheredb'
group
Data type: String
Specifies the primary group to run the vspheredb service daemon as. Only available if install_method package is not used.
Default value: 'icingaweb2'
manage_user
Data type: Boolean
Whether to manage the server user resource. Only available if install_method package is not used.
Default value: true
Defined types
icingaweb2::config::authmethod
Manage Icinga Web 2 authentication methods. Auth methods may be chained by setting proper ordering.
Examples
Create an authentication method (db) and reference to a resource:
icingaweb2::config::authmethod { 'db-auth':
backend => 'db',
resource => 'my-sql',
order => 20,
}
Create a LDAP authmethod:
icingaweb2::config::authmethod { 'ldap-auth':
backend => 'ldap',
resource => 'my-ldap',
ldap_user_class => 'user',
ldap_filter => '(memberof:1.2.840.113556.1.4.1941:=CN=monitoring,OU=groups,DC=icinga,DC=com)',
ldap_user_name_attribute => 'userPrincipalName',
order => '05',
}
Parameters
The following parameters are available in the icingaweb2::config::authmethod
defined type:
backend
Data type: Enum['external', 'ldap', 'msldap', 'db']
Select between 'external', 'ldap', 'msldap' or 'db'. Each backend may require other settings.
resource
Data type: Optional[String]
The name of the resource defined in resources.ini.
Default value: undef
ldap_user_class
Data type: Optional[String]
LDAP user class. Only valid if backend
is ldap
or msldap
.
Default value: undef
ldap_user_name_attribute
Data type: Optional[String]
LDAP attribute which contains the username. Only valid if backend
is ldap
or msldap
.
Default value: undef
ldap_filter
Data type: Optional[String]
LDAP search filter. Only valid if backend
is ldap
or msladap
.
Default value: undef
ldap_base_dn
Data type: Optional[String]
LDAP base DN. Only valid if backend
is ldap
or msldap
.
Default value: undef
domain
Data type: Optional[String]
Domain for domain-aware authentication
Default value: undef
order
Data type: Variant[String, Integer]
Multiple authentication methods can be chained. The order of entries in the authentication configuration determines the order of the authentication methods.
Default value: '01'
icingaweb2::config::dashboard
Manage a dashboard.
Examples
Create a new Dashboard:
icingaweb2::config::dashboard { 'icingaadmin-NewDashboard':
owner => 'icingaadmin',
dashboard => 'New Dashboard',
}
Parameters
The following parameters are available in the icingaweb2::config::dashboard
defined type:
owner
Data type: String
Owner of the dashboard.
dashboard
Data type: String
Title of the dashboard.
icingaweb2::config::dashlet
Manage a dashlet.
Examples
Create a new Dashboard with a Dashlet:
icingaweb2::config::dashboard { 'icingaadmin-NewDashboard':
owner => 'icingaadmin',
dashboard => 'New Dashboard',
}
icingaweb2::config::dashlet { 'icingaadmin-NewDashboard':
owner => 'icingaadmin',
dashboard => 'New Dashboard',
dashlet => 'New Dashlet',
url => 'monitoring/list/hosts',
}
Add new Dashlet to an existing default dashboard:
icingaweb2::config::dashlet { 'icingaadmin-Overdue-NewDashlet':
owner => 'icingaadmin',
dashboard => 'Overdue',
dashlet => 'New Dashlet',
url => 'monitoring/list/hosts',
}
Parameters
The following parameters are available in the icingaweb2::config::dashlet
defined type:
owner
Data type: String
Owner of the dashlet.
dashboard
Data type: String
Dashboard to which the dashlet belongs.
dashlet
Data type: String
Name of the dashlet.
url
Data type: String
URL of the dashlet.
icingaweb2::config::groupbackend
Groups of users can be stored either in a database, LDAP or ActiveDirectory. This defined type configures backends that store groups.
Examples
A group backend for groups stored in LDAP:
icingaweb2::config::groupbackend { 'ldap-groups':
backend => 'ldap',
resource => 'my-ldap',
ldap_group_class => 'group',
ldap_group_name_attribute => 'cn',
ldap_group_member_attribute => 'member',
ldap_base_dn => 'ou=groups,dc=icinga,dc=com',
domain => 'icinga.com',
}
If you have imported the database schema (parameter import_schema
), this backend was also created automatically:
icingaweb2::config::groupbackend { 'mysql-backend':
backend => 'db',
resource => 'my-sql',
}
Parameters
The following parameters are available in the icingaweb2::config::groupbackend
defined type:
Change Log
v3.8.0 (2023-03-10)
Implemented enhancements:
- Add new parameters to pdfexport class #355 (lbetz)
- Add global parameter to prevent overwriting roles.ini #354 (lbetz)
- Add parameter for group backends to class icingaweb2 for access controll #353 (lbetz)
- Add parameter for user backends to class icingaweb2 for access controll #352 (lbetz)
- Add parameter for additinal resources to class icingaweb2 #351 (lbetz)
v3.7.3 (2023-03-05)
Fixed bugs:
Closed issues:
- icingaweb2 2.11.4 changed package layout, breaks icingaweb2::module::monitoring #349
v3.7.2 (2023-01-28)
Implemented enhancements:
Fixed bugs:
v3.7.1 (2023-01-23)
Fixed bugs:
v3.7.0 (2023-01-22)
Implemented enhancements:
- Add support for navigation items and dashboards #316
- Support for reporting and idoreports #299
- Add support for dashboards #344 (lbetz)
- Add support for navigation items #343 (lbetz)
- Add support for idoreports module #342 (lbetz)
- Add support for reporting module #341 (lbetz)
- Protect module classes against undefined variables #340 (lbetz)
Closed issues:
- Protect module classes against undefined variables #339
v3.6.1 (2023-01-15)
Fixed bugs:
- Set module to absent should only disable the module #336
- Add missing parameters parent and unrestricted in role #337 (lbetz)
Merged pull requests:
v3.6.0 (2023-01-06)
Implemented enhancements:
- Add support for Role permission refusals #335 (lbetz)
- Add audit module support #334 (lbetz)
- Add support for the icingadb module #333 (lbetz)
Closed issues:
- Add support for Role permission refusals, parent and unrestricted #331
- Add support for the icingadb module #321
- Support for audit #300
Merged pull requests:
- Add icingadb module #332 (mwaldmueller)
v3.5.0 (2022-10-15)
Implemented enhancements:
- Set icingaweb2::config::resource to deprecated #329
- Add ldap resource as new define resource #326
- Add database resource as new define resource #325
- Set module vsphere to deprecated #323
- Add Ubuntu jammy support #322
- Add TLS support to connect pgsql database #313
- Add TLS support to connect mysql database #312
v3.4.1 (2022-07-26)
Fixed bugs:
v3.4.0 (2022-05-10)
Implemented enhancements:
- Support Rocky and AlmaLinux #319
- Add new parameter module_dir to each module class #318
- Parameter module_path does not allow more than one path #317
v3.3.0 (2022-03-09)
Implemented enhancements:
- Add apache config file whitout CGIPassAuth for apache version before 2.4.13 #315
- Use Datatype Sensitive for Secrets #311
- Support for module pdfexports #309
- Feature/attempting to add freebsd support #210 (rick-pri)
Fixed bugs:
- default_admin_username and password are not set for postgresql database type #310
- fix vspheredb service with 1.2.x #314 (dgoetz)
v3.2.4 (2022-01-29)
Fixed bugs:
- Add parameter AddCGIPassAuth to Apache config #308 (RincewindsHat)
v3.2.3 (2022-01-13)
Fixed bugs:
- Import schema does not work for postgresql #306
v3.2.2 (2022-01-05)
Fixed bugs:
- Do not force permissions of module config directories #305
v3.2.1 (2021-12-03)
Implemented enhancements:
- Add import_schema feature to vspheredb module #304
- director module manage service unit file only if no package is used #303
- vspheredb module manage service unit file only if no package is used #302
- Add code to set the icingaadmin initial #282
- switch from camptocamp/systemd to puppet/systemd #298 (saz)
- Update dependency requirement to minimum version #295 (Rubueno)
- changed stdlib max version from \<8.0.0 to \<9.0.0 #294 (zilchms)
Merged pull requests:
v3.1.0 (2021-06-18)
Implemented enhancements:
- Add vpsheredb module #276 (JonasVerhofste)
- option to install modules as package #244 (pulecp)
Fixed bugs:
- Wrong path of config.ini in module director #290
Closed issues:
- Apache SSL configuration #279
Merged pull requests:
v3.0.1 (2020-11-16)
Fixed bugs:
v3.0.0 (2020-10-14)
Implemented enhancements:
- Add new param manage_repos to replace manage_repo in the future #274
- Replace class repo with new class from module icinga #260
v2.4.1 (2020-08-31)
Fixed bugs:
- Release defined resource commandtransport from private #264
- fix icingaweb2::module::director::service systemd::unit_file param name error #273 (jhoblitt)
- fix travis-ci failures #270 (jhoblitt)
Closed issues:
- icingaweb2::module::director::service systemd::unit_file param name error #272
- travis-ci rubocop check is failing on master #271
- travis-ci
check:git\_ignore
check is failing on master #269 - manage business process source files #265
- Update Package version #262
v2.4.0 (2020-07-06)
Implemented enhancements:
- add pdk support #259
- rework documentation #258
- Rework to use module data #257
- Add Support for RHEL 8 #255
- Add Support for Debian 10 #254
- Update params for authmethod msldap #252 (gomesar9)
- Add new 1.7.x dependencies #248 (lbetz)
- Add timeout to ldap resource #245 (joernott)
- Add logging config option php #242 (lbetz)
- Document logging config option 'php' #241 (lippserd)
- Add parameter poold_purge to class phpfpm #239 (dhoppe)
- Update and verify acceptance tests #234 (lazyfrosch)
Fixed bugs:
- Multiple LDAP Hosts do not work anymore #261
- Class ::icingaweb2::module::monitoring doesn't work with Documentation defaults #253
- Ensure config directory mode is set with setgid #251 (lazyfrosch)
- git_revision is a required parameter #249 (attachmentgenie)
- Remove question marks of parameter db_port #238 (dhoppe)
Closed issues:
- Add new 1.7.x dependencies for director module: ipl / reactbundle / incubator #247
Merged pull requests:
v2.3.1 (2019-06-25)
Implemented enhancements:
- metadata: Raise requirements for puppetlabs modules #236 (lazyfrosch)
Fixed bugs:
- possible regression: new cookie path parameter may break existing installs #235
- config: Let cookie_path be undef by default #237 (lazyfrosch)
v2.3.0 (2019-05-20)
Implemented enhancements:
- Support puppet 6 #220
- add logging facility and application to config #230 (costela)
- Support Puppet 6 #226 (wdschei)
- add config section to adjust the cookie path #218 (XnS)
Fixed bugs:
- Parameter url of module::graphite has to be optional #223
- Docs: icingaweb2::config::resource 'port' requires an integer, not a string #231 (dnsmichi)
Closed issues:
- support puppet/stdlib > 5.0 #232
- Error logging_path needs to be Stdlib::Absolutepath, got String instead #224
- icingaweb2::module::puppetdb tests are failing #216
Merged pull requests:
- Set confdir in the rspec context (fixes #216) #217 (johanfleury)
- Avoid duplicate inisection declarations #215 (johanfleury)
v2.2.0 (2018-05-14)
Implemented enhancements:
- 'icinga-icingaweb2' (v2.1.0) requires 'puppetlabs-vcsrepo' (>= 1.3.0 \< 2.0.0) #212
Closed issues:
- Should be possible to specify a relative path for icingaweb2::module::fileshipper target #209
Merged pull requests:
v2.1.0 (2018-01-23)
Implemented enhancements:
- missing domain attribute for icingaweb2::config::authmethod #203
- Add elasticsearch module #193
- Add graphite module #192
- Update apache2 example #191
- Add default backend in groups.ini #188
- Links to apache2 and nginx examples doesn't work #185
- Add vSphere module #183
- Add fileshipper module #182
Fixed bugs:
- Setting up icingaweb2 with postgresql on a different port than 5432 leads to an error #195
- protected_customvars handled incorrectly? #206
- puppetdb: issue if host does not resolve to puppetdb #197
Merged pull requests:
- added domain attribute to icingaweb2::config::groupbackend #205 (spaolo)
- added domain attribute to icingaweb2::config::authmethod #204 (spaolo)
- Provide specific port to mysql and postgresql #196 (Faffnir)
- Rename default administrative user to 'icingaadmin' #194 (dnsmichi)
- Add missing curly bracket and trailing commas #189 (rgevaert)
- Fix protected_customvars bugs and papercuts #186 (olasd)
v2.0.1 (2017-12-28)
Implemented enhancements:
- Support fcgi as example for apache #201
Merged pull requests:
v2.0.0 (2017-10-11)
Implemented enhancements:
- Store preferences in database #166
- Support icinga2 API command transport #74
- Use RSpec helper rspec-puppet-facts #70
- Support LDAP auth_backend #69
- Manage icingaweb2 user #68
- Updating graphite with more config #66
- Adding monitoring module #65
- [dev.icinga.com #9243] add ldaps to resource_ldap.pp #56
- [dev.icinga.com #9155] Add module generictts #54
- Update Docs Install Icinga Web icinga2 vs icingaweb2 #174
- Add translation module #169
- Parameterize conf_user #145
- Update version in Puppet Forge #141
- Add changelog #128
- Add Cube module #127
- Add Director module #126
- Add business process module #125
- Refactor monitoring module class #124
- Add defined type to generally handle module installations and configuration #122
- Rename classes to icingaweb2::module::modulename #121
- Remove unsupported modules #120
- Default auth mechanism #119
- Add defined type for roles #118
- Add defined type to handle config.ini #117
- Add defined type to handle groups.ini #116
- Add defined type to handle authentication.ini #115
- Add type to handle resources.ini #114
- Add defined type that handles Ini configurations #113
- Update basic specs #112
- Add release guide #111
- Add testing guide #110
- Add contributing guide #109
- Add some basic examples #108
- Basic Apache configuration with example #107
- Add reference documentation #106
- Update general documentation #105
- Create parameter manage_package #104
- Remove deprecated parameters #103
- General configuration #102
- Remove git installation method for Icinga Web 2 #101
- Ensure support for certain operating systems #100
- Add header with inline documentation to all files #99
- Support initialize for PostgreSQL #82
- Acceptance tests #78
- Adding database initialization #64
- Updating monitoring transports #75 (lazyfrosch)
- Update module base #73 (lazyfrosch)
- Refactoring repository management #72 (lazyfrosch)
- Using rspec-puppet-facts for new spec #71 (lazyfrosch)
Fixed bugs:
- Dependency puppetlabs/concat conflicts with puppet-icinga2 #165
- rspec tests broken due to unintepreted facts #161
- Can't manage multiple [config] sections because of duplicate resource #146
- Fixing config files permissions #67
- [dev.icinga.com #12142] Why does initialize.pp require /root/.my.cnf on RedHat/CentOS, not Debian/Ubuntu? #61
- [dev.icinga.com #11876] Path for mysql-command is missing #60
- [dev.icinga.com #11719] Missing packages if APT::Install-Recommends "false"; #59
- [dev.icinga.com #11584] what is the standard password set by initialize.pp? #58
- [dev.icinga.com #11507] installing icinga web2 #57
- Install dependencies by default #176
- Logging directory is not created by module #172
- Incorrect config directory access mode on Debian #85
- Package managers handle dependencies. #87 (tdb)
- deployment: Correct directory management #76 (lazyfrosch)
Closed issues:
- /etc/icingaweb2/modules isn't created #158
- Allow muliple API Host for icingaweb2::module::monitoring #155
- icingaweb2::module::module_dir parameter default value should probably not be undef #147
- Missing Configuration #138
- Syntax error at 'resource_name'; expected '}' #136
- Please move development to master #134
- Git install method is missing minified assets #129
- Add default modules #123
- How to enable module monitoring Via Puppet #95
- It would be nice to have possibility to change certain file/directory permissions #94
- Could not find declared class icingaweb2::mod::monitoring #93
- The parameter 'ido_db_host' is declared more than once #92
- missing groups.ini #91
- Add Debian Stretch to the compatibility list? #89
- Dependencies incorrect on Ubuntu 16.04+ #88
- Improve Apache integration and document it #83
- Default credentials for login #80
- Deprecate default install method #77
- [dev.icinga.com #9154] Add module pnp4nagios #53
- Icingaweb2::Module::Monitoring doesn't actually install the module #160
- Add generictts module #154
- add icingaweb2::module::puppetdb #152
- add icingaweb2::module::doc #150
- Icingaweb2 schema only created on second run when configured along with icinga2 #144
- Correct documentation for authentication configuration #143
- Align documentation for duplicate repository #131
- Non compatible dependencies between icinga2 and Icingaweb2 latest releases #98
- Roles setting is not up to date and is not supporting businessprocess-prefix #96
- Resources.ini should not be world-readable #90
- Documentation updates #79
Merged pull requests:
- Add example manifest for Grafana module #181 (druchoo)
- Add 'LDAP Base DN' to 'User Backends' #180 (druchoo)
- Removed puppetlabs-apache from dependencies #178 (noqqe)
- Manage logging directory and file #173 (baurmatt)
- Add translation module #170 (baurmatt)
- Allow preferences to be stored in db #168 (baurmatt)
- Add git repository config #167 (tdukaric)
- Add a context per operating system #162 (baurmatt)
- Add modules directory #159 (baurmatt)
- Loosen concat version restrictions #156 (quixoten)
- Implement puppetdb module #153 (rgevaert)
- Implement icingaweb2::module::doc #151 (rgevaert)
- Prevent duplicate resources errors #149 (rgevaert)
- Correct authentication configuration documentation #142 (rgevaert)
- Add GitHub issue template #137 (dnsmichi)
- Add nginx example #84 (prozach)
- Fixing testing issues #81 (lazyfrosch)
- Update URLs to GitHub #62 (bobapple)
- testing: Updating travis settings #51 (lazyfrosch)
- remove dependency on concat module #50 (jyniybinc)
- substituting non existing parameter #49 (attachmentgenie)
- Fix permissions #30 (petems)
- Change sql_schema_location if using git #29 (petems)
- Allow multiple commandtransports #157 (baurmatt)
1.0.6 (2015-11-10)
1.0.5 (2015-08-04)
1.0.4 (2015-06-24)
Merged pull requests:
1.0.3 (2015-05-07)
1.0.2 (2015-05-07)
1.0.1 (2015-05-07)
1.0.0 (2015-05-07)
Implemented enhancements:
- [dev.icinga.com #9158] Add module graphite #55
- [dev.icinga.com #9153] Add module businessprocess #52
- Fix authentication configuration #8 (lazyfrosch)
Merged pull requests:
- Don't put blank host/service filters in roles.ini #13 (jamesweakley)
- Moving away from templates to usign inifile from Puppetlabs/inifile #7 (smbambling)
* This Change Log was automatically generated by github_changelog_generator
Dependencies
- puppetlabs/stdlib (>= 4.25.0 < 9.0.0)
- puppetlabs/concat (>= 2.0.1 < 8.0.0)
- icinga/icinga (>= 1.0.0 < 3.0.0)
- puppetlabs/vcsrepo (>= 1.3.0 < 6.0.0)
- puppet/systemd (>= 3.0.0 < 5.0.0)
Copyright (C) 2012 Tom De Vylder Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.