-dist files introduction, doc updated and smaller items

.env-dist

@@ -0,0 +1,7 @@
+# .env file. This file is read by Dockerfile and docker-compose.yaml
+
+# Icinga2 machine information
+# for instance myfirstmaster, mysecondsatellite
+FIRSTNAME=icinga2-master-1
+# GUESS WHAT
+DOMAINNAME=example.com

.gitignore

@@ -6,3 +6,4 @@ icinga2-master-*
 .env
 *.swn
 secrets.env
+.env

README.md

@@ -8,24 +8,23 @@ It is slightly based on the original Dockerfile by [https://github.com/jjethwa/i
 
 1. Features four containers:
    - core: the icinga2 system, plus the ssmtp facility
-   - web: icingaweb2, the web-based, eye-candy gui, plus pnp4nagios
+   - web: icingaweb2, the web-based, eye-candy gui and director
    - sql: library/mariadb (no modification, no dockerfile, just as-is)
    - snmptrap: an snmptrap system based on snmptt, snmptrapd
 
-1. Based on debian:jessie-slim (core, snmptrap) and debian:stretch-slim (web)
+1. Based on debian:bullseye-slim (core, snmptrap) and debian:bullseye-slim (web)
 
 1. Key-Features:
    - icinga2
    - auto-setup as a satellite or a master, you choose!
    - icingacli
    - icingaweb2
-   - icingaweb2-pnp4nagios module
+   - director + required modules
    - ssmtp
    - MariaDB
    - Supervisor
    - Apache2
    - SSL Support
-   - pnp4nagios
    - a bunch of special plugins for monitoring ups, printer and temp sensor (via SNMP)
 
 ## Usage
@@ -89,6 +88,7 @@ The following two files are used to store variables:
 	- .env
 	- secrets.env
 
+Examples are provided via their respective -dist files. Please use those as a starting point.
 The .env file is read by the docker-compose and contains the two variables:
 
 | Variable | Description & Usage |
@@ -115,13 +115,22 @@ The secrets.env is ready by containers and contains the variables employed to co
 | ICINGA2\_PORT | core | port of your master (satellite setup) |
 | ICINGA2\_MASTER | core | FQDN of your master (satellite setup) |
 | ICINGA2\_TICKET | core | ticket generated by the master for your satellite (type icinga2 pki ticket --cn yoursatellitefqdn on master) |
+| DIRECTOR_DB | sql, web | DB for Director |
+| DIRECTOR_USER | sql, web | DB user for Director |
+| DIRECTOR_USER_PASSWORD | sql, web | DB user password for Directory |
+| DIRECTOR_EP | web | Endpoint name used by Director |
+| DIRECTOR_EP_USER | web | Username for endpoint name |
+| DIRECTOR_EP_PASSWORD | web | Password for endpoint name |
+| INFLUXDB_DB | core | Influx DB name |
+| INFLUXDB_USER | core | Username to connect to Influx |
+| INFLUXDB_USER_PASSWORD | core | Password for connecting to Influx DB |
 | SMTP\_ROOT | core | user that gets the mail |
-|SMTP\_MAILHOST | core | smtp server address |
-|SMTP\_PORT | core | smtp server port |
-|SMTP\_USER | core | smtp server user |
-|SMTP\_PASS | core | smtp server password |
-|SMTP\_USE\_STARTTLS | core | use starttls? yes/no |
-|SMTP\_FROM\_OVERRIDE | core| smtp from override? yes/no |
+| SMTP\_MAILHOST | core | smtp server address |
+| SMTP\_PORT | core | smtp server port |
+| SMTP\_USER | core | smtp server user |
+| SMTP\_PASS | core | smtp server password |
+| SMTP\_USE\_STARTTLS | core | use starttls? yes/no |
+| SMTP\_FROM\_OVERRIDE | core| smtp from override? yes/no |
 
 
 

core/content/opt/run

@@ -105,24 +105,6 @@ object IdoMysqlConnection "ido-mysql" {
 END
 fi
 
-cat >> /etc/icinga2/conf.d/api-users.conf <<-END
-
-object ApiUser "director" {
-  password = "director"
-  permissions = [ "*" ]
-  //client_cn = ""
-}
-
-END
-
-cat >> /etc/icinga2/zones.d/director.conf <<-END
-
-object Zone "director-global" {
-  global = true
-}
-
-END
-
 icinga2 feature enable ido-mysql
 
 #ssmtp factory defaults

docker-compose-grafana.template

@@ -29,7 +29,15 @@ services:
     hostname: ${FIRSTNAME}-sql
     volumes:
       - ./${FIRSTNAME}-container/lib/mysql:/var/lib/mysql
+#   grafana:
+#     image: grafana/grafana
+#     env_file: ./secrets.env
+#     domainname: ${DOMAINNAME}
+#     hostname: ${FIRSTNAME}-grafana
+#     volumes:
+#       - ./${FIRSTNAME}-container/lib/grafana:/var/lib/grafana
   influxdb:
+    # just use "influxdb" on x86_64
     image: arm32v7/influxdb
     env_file: ./secrets.env
     domainname: ${DOMAINNAME}

secrets.env-dist

@@ -0,0 +1,51 @@
+# Put your secrets here. 
+# Remember! Containers can only read this file, while settings in docker-compose.yaml and Dockerfile(s) are read by .env file
+# Master or satellite?
+TYPE=master
+
+# influxdb/PNP
+PERFDATA=influxdb
+
+# Localtime
+LOCALTIME=Europe/London
+
+# Maria Db
+MYSQL_ROOT_PASSWORD=prova
+ICINGA_PASSWORD=prova
+ICINGAWEB2_PASSWORD=prova
+
+# Icinga2 / Icingaweb2
+ICINGA2_USER_FULLNAME=Icinga2 super cool user
+ICINGAWEB2_ADMIN_USER=icingaadmin
+ICINGAWEB2_ADMIN_PASS=icinga
+
+# Set 'master' if you are configuring a master
+ICINGA2_ZONE=master
+
+# The following are used by a satellite setup:
+ICINGA2_MASTER_IP=xxxxx
+ICINGA2_PORT=5665
+ICINGA2_MASTER=xxxx
+ICINGA2_TICKET=xxx
+
+# Icinga Director
+DIRECTOR_DB=director
+DIRECTOR_USER=director
+DIRECTOR_USER_PASSWORD=secret
+
+# Icinga Endpoint
+DIRECTOR_EP=icinga2-master-1-core
+DIRECTOR_EP_USER=director
+DIRECTOR_EP_PASSWORD=director
+
+# INFLUXDB configuration
+INFLUXDB_DB=icinga2
+INFLUXDB_USER=icinga2
+INFLUXDB_USER_PASSWORD=segretissimo
+
+# Grafana configuration - ignore if you are using pnp
+GF_DEFAULT_INSTANCE_NAME=icinga2-grafana
+GF_SECURITY_ADMIN_PASSWORD=secretissimo
+GF_AUTH_ANONYMOUS=true
+GF_ORG_NAME=Randsolutions SRL #your society
+GF_ORG_ROLE=viewer #to just view graphs without authentication

web/content/opt/run

@@ -54,9 +54,7 @@ if [ ! -d "/var/lib/mysql/director" ]; then
 END
 fi
 
-if ! id "icingadirector" &>/dev/null; then
-  /opt/setup/director
-fi
+/opt/setup/director
 
 # If we cannot find nagvis conf, run conf script
 if [ ! -f "/usr/local/nagvis/etc/nagvis.ini.php" ]; then

web/content/opt/setup/director

@@ -1,47 +1,14 @@
 #!/bin/bash
 
-mkdir -p /etc/icingaweb2/modules/director
-
-cat >> /etc/icingaweb2/resources.ini <<-END
-
-[Director DB]
-type = "db"
-db = "mysql"
-host = "sql"
-dbname = "director"
-username = "director"
-password = "${DIRECTOR_USER_PASSWORD}"
-charset = "utf8"
-END
-
-cat >> /etc/icingaweb2/modules/director/config.ini <<-END
-
-[db]
-resource = "Director DB"
-END
-
-cat >> /etc/icingaweb2/modules/director/kickstart.ini <<-END
-
-[config]
-endpoint = ${DIRECTOR_EP}
-; host = 127.0.0.1
-; port = 5665
-username = ${DIRECTOR_EP_USER}
-password = ${DIRECTOR_EP_USER}
-
-END
-
-# Now finally, we can enable everything
-icingacli module enable director
-icingacli module enable reactbundle
-icingacli module enable ipl
-icingacli module enable incubator
-
 # Add the user to run its daemon
-useradd -r -g icingaweb2 -G www-data -d /var/lib/icingadirector -s /bin/false icingadirector
-install -d -o icingadirector -g icingaweb2 -m 0750 /var/lib/icingadirector
+if ! id "icingadirector" &>/dev/null; then
+  useradd -r -g icingaweb2 -G www-data -d /var/lib/icingadirector -s /bin/false icingadirector
+fi
+if [ ! -e /var/lib/icingadirector ] ; then
+  install -d -o icingadirector -g icingaweb2 -m 0750 /var/lib/icingadirector
+fi
 su - icingadirector -s /bin/bash -c "/usr/bin/icingacli director daemon run" &
 
-# Run the DB schema import
+# Run the DB migration
 icingacli director migration run --verbose
 

web/content/opt/setup/icingaweb2

@@ -103,13 +103,59 @@ cat >> /etc/icingaweb2/modules/monitoring/config.ini <<-END
 protected_customvars = "*pw*,*pass*,community"
 END
 
+cat >> /etc/icinga2/conf.d/api-users.conf <<-END
+
+object ApiUser "director" {
+  password = "director"
+  permissions = [ "*" ]
+  //client_cn = ""
+}
+END
+
+cat >> /etc/icinga2/zones.d/director.conf <<-END
+
+object Zone "director-global" {
+  global = true
+}
+END
+
 # cookie in config.ini
 cat >> /etc/icingaweb2/config.ini <<-END
 
 [cookie]
 path = /
 END
 
+mkdir -p /etc/icingaweb2/modules/director
+
+cat >> /etc/icingaweb2/resources.ini <<-END
+
+[Director DB]
+type = "db"
+db = "mysql"
+host = "sql"
+dbname = "director"
+username = "director"
+password = "${DIRECTOR_USER_PASSWORD}"
+charset = "utf8"
+END
+
+cat >> /etc/icingaweb2/modules/director/config.ini <<-END
+
+[db]
+resource = "Director DB"
+END
+
+cat >> /etc/icingaweb2/modules/director/kickstart.ini <<-END
+
+[config]
+endpoint = ${DIRECTOR_EP}
+; host = 127.0.0.1
+; port = 5665
+username = ${DIRECTOR_EP_USER}
+password = ${DIRECTOR_EP_USER}
+END
+
 # enable modules
 icingacli module enable monitoring
 icingacli module enable doc
@@ -118,7 +164,10 @@ icingacli module enable cube
 icingacli module enable map
 icingacli module enable nagvis
 icingacli module enable company
+icingacli module enable director
+icingacli module enable reactbundle
+icingacli module enable ipl
+icingacli module enable incubator
 
 # commit ourselves
 touch /etc/icingaweb2/CONFIGURED
-