bodsch / ansible-icingaweb2 Goto Github PK

View Code? Open in Web Editor NEW

3.0 3.0 4.0 254 KB

ansible role for icingaweb2, supports HA for icinga2

License: BSD 2-Clause "Simplified" License

Shell 2.62% Python 85.40% Jinja 11.77% Makefile 0.21%

icingaweb2 php7 icinga2 monitoring ansible automation

ansible-icingaweb2's Introduction

Ansible Role: `icingaweb2`

Install an icingaweb2 from sources.

I am in the process of transferring this role to a collection and will therefore no longer process any issues or merge requests here.
However, I will include them in the collection!
Please be patient until I have completed the work!

Supports various external modules and themes.

Supports also an Icinga2 HA cluster.

BREAKING CHANGES

Version 1.3.x to 1.4.x

1.3.x	1.4.x
`icingaweb_resources.db.icingaweb`	`icingaweb_resources.icingaweb`
`icingaweb_auth_backend`	`icingaweb_auth_backend.database`

Version < 1.7.x

<= 1.7	>= 1.8
`icingaweb_users`	`icingaweb_db_users`

Version < 1.8.x

Since version 1.8, the deployment of external themes and modules has been outsourced to separate Ansible roles.

<= 1.8	>= 1.8
`icingaweb_themes`	removed
`icingaweb_themes_default`	removed
`icingaweb_external_modules`	removed

Version < 1.9.x

Remove molecule tests for RedHat based distributions.

<= 1.9	>= 1.9
`icingaweb_php_library`	`icingaweb_web_modules[icinga-php-library]`
`icingaweb_php_thirdparty`	`icingaweb_web_modules[icinga-php-thirdparty]`

Why from sources?

The package offered by Icinga has a hard (and in my eyes unnecessary) dependency on Apache2.

This role also supports other distributions like ArchLinux, Gentoo by using the sources.

The source code archive is downloaded to the Ansible controller and then copied to the target system. For this purpose, a temporary directory is created under ${HOME}/.cache/ansible/icingaweb

If you want a different directory, you can specify an individual directory by setting the environment variable CUSTOM_LOCAL_TMP_DIRECTORY.

Requirements & Dependencies

running mariadb / mysql database
PHP > 7.0
nginx

Ansible Collections

bodsch.core

ansible-galaxy collection install bodsch.core

ansible-galaxy collection install --requirements-file collections.yml

tested operating systems

ArchLinux
Debian based
- Debian 10 / 11
- Ubuntu 20.04

Contribution

Please read Contribution

Development, Branches (Git Tags)

The master Branch is my Working Horse includes the "latest, hot shit" and can be complete broken!

If you want to use something stable, please use a Tagged Version!

Please read the following documention for configuration points.

Documentation

Examples

Take a look into the molecule directory. Some example configurations are stored there:

Or a complete test setup can be found in GitLab under icinga2-infrastructure.

Author and License

Bodo Schulz

License

BSD 2-clause

FREE SOFTWARE, HELL YEAH!

ansible-icingaweb2's People

Contributors

Stargazers

Watchers

Forkers

eifelmicha davidmorp jofiedler ekartsonakis

ansible-icingaweb2's Issues

move external (custom) modules into own role

Users are not added to database

I am unable to get the users defined in the vars to be added to the database. I have been trying to debug it myself but I'm at a loss.
I have modified the task to remove potential issues with the vars:

- name: test import icingaweb into database
  become: true
  icingaweb_database_user:
    state: 'present'
    username: 'hard'
    password: 'coded'
    force: true
    database_login_host: "{{ icingaweb_auth_backend.database.host }}"
    database_name: "{{ icingaweb_auth_backend.database.dbname }}"
    database_config_file: /etc/icingaweb2/.my.cnf
  # no_log: true
  register: import_icingaweb2_users
  when:
    - icingaweb_auth_backend is defined
    - icingaweb_auth_backend.database is defined
    - icingaweb_auth_backend.database.host is defined
    - icingaweb_auth_backend.database.dbname is defined

And ran: ansible-playbook playbook.yml -i inventory --tags "icingaweb_configure" -vvvv

TASK [icingaweb : test import icingaweb into database] *********************************************************************************************************************************************************
task path: /Users/david/Repos/ansible-icinga2-aio-deploy/roles/icingaweb/tasks/configure.yml:134
Wednesday 16 June 2021  10:14:38 +0200 (0:00:10.265)       0:01:10.861 ********
<10.0.0.99> ESTABLISH SSH CONNECTION FOR USER: ansible
<10.0.0.99> SSH: EXEC ssh -vvv -C -o ControlMaster=auto -o ControlPersist=60s -o 'IdentityFile="/Users/david/.ssh/icinga-ansible"' -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o 'User="ansible"' -o ConnectTimeout=10 -o ControlPath=/Users/david/.ansible/cp/da87df5b65 10.0.0.99 '/bin/sh -c '"'"'echo ~ansible && sleep 0'"'"''
<10.0.0.99> (0, b'/home/ansible\n', b'OpenSSH_8.1p1, LibreSSL 2.7.3\r\ndebug1: Reading configuration data /Users/david/.ssh/config\r\ndebug1: /Users/david/.ssh/config line 1: Applying options for 10.59.*\r\ndebug1: Reading configuration data /etc/ssh/ssh_config\r\ndebug1: /etc/ssh/ssh_config line 47: Applying options for *\r\ndebug2: resolve_canonicalize: hostname 10.0.0.99 is address\r\ndebug1: auto-mux: Trying existing master\r\ndebug2: fd 3 setting O_NONBLOCK\r\ndebug2: mux_client_hello_exchange: master version 4\r\ndebug3: mux_client_forwards: request forwardings: 0 local, 0 remote\r\ndebug3: mux_client_request_session: entering\r\ndebug3: mux_client_request_alive: entering\r\ndebug3: mux_client_request_alive: done pid = 25787\r\ndebug3: mux_client_request_session: session request sent\r\ndebug3: mux_client_read_packet: read header failed: Broken pipe\r\ndebug2: Received exit status from master 0\r\n')
<10.0.0.99> ESTABLISH SSH CONNECTION FOR USER: ansible
<10.0.0.99> SSH: EXEC ssh -vvv -C -o ControlMaster=auto -o ControlPersist=60s -o 'IdentityFile="/Users/david/.ssh/icinga-ansible"' -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o 'User="ansible"' -o ConnectTimeout=10 -o ControlPath=/Users/david/.ansible/cp/da87df5b65 10.0.0.99 '/bin/sh -c '"'"'( umask 77 && mkdir -p "` echo /home/ansible/.ansible/tmp `"&& mkdir "` echo /home/ansible/.ansible/tmp/ansible-tmp-1623831279.150812-26120-146535079938049 `" && echo ansible-tmp-1623831279.150812-26120-146535079938049="` echo /home/ansible/.ansible/tmp/ansible-tmp-1623831279.150812-26120-146535079938049 `" ) && sleep 0'"'"''
<10.0.0.99> (0, b'ansible-tmp-1623831279.150812-26120-146535079938049=/home/ansible/.ansible/tmp/ansible-tmp-1623831279.150812-26120-146535079938049\n', b'OpenSSH_8.1p1, LibreSSL 2.7.3\r\ndebug1: Reading configuration data /Users/david/.ssh/config\r\ndebug1: /Users/david/.ssh/config line 1: Applying options for 10.59.*\r\ndebug1: Reading configuration data /etc/ssh/ssh_config\r\ndebug1: /etc/ssh/ssh_config line 47: Applying options for *\r\ndebug2: resolve_canonicalize: hostname 10.0.0.99 is address\r\ndebug1: auto-mux: Trying existing master\r\ndebug2: fd 3 setting O_NONBLOCK\r\ndebug2: mux_client_hello_exchange: master version 4\r\ndebug3: mux_client_forwards: request forwardings: 0 local, 0 remote\r\ndebug3: mux_client_request_session: entering\r\ndebug3: mux_client_request_alive: entering\r\ndebug3: mux_client_request_alive: done pid = 25787\r\ndebug3: mux_client_request_session: session request sent\r\ndebug3: mux_client_read_packet: read header failed: Broken pipe\r\ndebug2: Received exit status from master 0\r\n')
Using module file /Users/david/Repos/ansible-icinga2-aio-deploy/roles/icingaweb/library/icingaweb_database_user.py
<10.0.0.99> PUT /Users/david/.ansible/tmp/ansible-local-25779hj3i6udd/tmpxrgsniqh TO /home/ansible/.ansible/tmp/ansible-tmp-1623831279.150812-26120-146535079938049/AnsiballZ_icingaweb_database_user.py
<10.0.0.99> SSH: EXEC sftp -b - -vvv -C -o ControlMaster=auto -o ControlPersist=60s -o 'IdentityFile="/Users/david/.ssh/icinga-ansible"' -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o 'User="ansible"' -o ConnectTimeout=10 -o ControlPath=/Users/david/.ansible/cp/da87df5b65 '[10.0.0.99]'
<10.0.0.99> (0, b'sftp> put /Users/david/.ansible/tmp/ansible-local-25779hj3i6udd/tmpxrgsniqh /home/ansible/.ansible/tmp/ansible-tmp-1623831279.150812-26120-146535079938049/AnsiballZ_icingaweb_database_user.py\n', b'OpenSSH_8.1p1, LibreSSL 2.7.3\r\ndebug1: Reading configuration data /Users/david/.ssh/config\r\ndebug1: /Users/david/.ssh/config line 1: Applying options for 10.59.*\r\ndebug1: Reading configuration data /etc/ssh/ssh_config\r\ndebug1: /etc/ssh/ssh_config line 47: Applying options for *\r\ndebug2: resolve_canonicalize: hostname 10.0.0.99 is address\r\ndebug1: auto-mux: Trying existing master\r\ndebug2: fd 3 setting O_NONBLOCK\r\ndebug2: mux_client_hello_exchange: master version 4\r\ndebug3: mux_client_forwards: request forwardings: 0 local, 0 remote\r\ndebug3: mux_client_request_session: entering\r\ndebug3: mux_client_request_alive: entering\r\ndebug3: mux_client_request_alive: done pid = 25787\r\ndebug3: mux_client_request_session: session request sent\r\ndebug2: Remote version: 3\r\ndebug2: Server supports extension "[email protected]" revision 1\r\ndebug2: Server supports extension "[email protected]" revision 2\r\ndebug2: Server supports extension "[email protected]" revision 2\r\ndebug2: Server supports extension "[email protected]" revision 1\r\ndebug2: Server supports extension "[email protected]" revision 1\r\ndebug3: Sent message fd 3 T:16 I:1\r\ndebug3: SSH_FXP_REALPATH . -> /home/ansible size 0\r\ndebug3: Looking up /Users/david/.ansible/tmp/ansible-local-25779hj3i6udd/tmpxrgsniqh\r\ndebug3: Sent message fd 3 T:17 I:2\r\ndebug3: Received stat reply T:101 I:2\r\ndebug1: Couldn\'t stat remote file: No such file or directory\r\ndebug3: Sent message SSH2_FXP_OPEN I:3 P:/home/ansible/.ansible/tmp/ansible-tmp-1623831279.150812-26120-146535079938049/AnsiballZ_icingaweb_database_user.py\r\ndebug3: Sent message SSH2_FXP_WRITE I:4 O:0 S:32768\r\ndebug3: SSH2_FXP_STATUS 0\r\ndebug3: In write loop, ack for 4 32768 bytes at 0\r\ndebug3: Sent message SSH2_FXP_WRITE I:5 O:32768 S:32768\r\ndebug3: Sent message SSH2_FXP_WRITE I:6 O:65536 S:32768\r\ndebug3: Sent message SSH2_FXP_WRITE I:7 O:98304 S:26770\r\ndebug3: SSH2_FXP_STATUS 0\r\ndebug3: In write loop, ack for 5 32768 bytes at 32768\r\ndebug3: SSH2_FXP_STATUS 0\r\ndebug3: In write loop, ack for 6 32768 bytes at 65536\r\ndebug3: SSH2_FXP_STATUS 0\r\ndebug3: In write loop, ack for 7 26770 bytes at 98304\r\ndebug3: Sent message SSH2_FXP_CLOSE I:4\r\ndebug3: SSH2_FXP_STATUS 0\r\ndebug3: mux_client_read_packet: read header failed: Broken pipe\r\ndebug2: Received exit status from master 0\r\n')
<10.0.0.99> ESTABLISH SSH CONNECTION FOR USER: ansible
<10.0.0.99> SSH: EXEC ssh -vvv -C -o ControlMaster=auto -o ControlPersist=60s -o 'IdentityFile="/Users/david/.ssh/icinga-ansible"' -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o 'User="ansible"' -o ConnectTimeout=10 -o ControlPath=/Users/david/.ansible/cp/da87df5b65 10.0.0.99 '/bin/sh -c '"'"'chmod u+x /home/ansible/.ansible/tmp/ansible-tmp-1623831279.150812-26120-146535079938049/ /home/ansible/.ansible/tmp/ansible-tmp-1623831279.150812-26120-146535079938049/AnsiballZ_icingaweb_database_user.py && sleep 0'"'"''
<10.0.0.99> (0, b'', b'OpenSSH_8.1p1, LibreSSL 2.7.3\r\ndebug1: Reading configuration data /Users/david/.ssh/config\r\ndebug1: /Users/david/.ssh/config line 1: Applying options for 10.59.*\r\ndebug1: Reading configuration data /etc/ssh/ssh_config\r\ndebug1: /etc/ssh/ssh_config line 47: Applying options for *\r\ndebug2: resolve_canonicalize: hostname 10.0.0.99 is address\r\ndebug1: auto-mux: Trying existing master\r\ndebug2: fd 3 setting O_NONBLOCK\r\ndebug2: mux_client_hello_exchange: master version 4\r\ndebug3: mux_client_forwards: request forwardings: 0 local, 0 remote\r\ndebug3: mux_client_request_session: entering\r\ndebug3: mux_client_request_alive: entering\r\ndebug3: mux_client_request_alive: done pid = 25787\r\ndebug3: mux_client_request_session: session request sent\r\ndebug3: mux_client_read_packet: read header failed: Broken pipe\r\ndebug2: Received exit status from master 0\r\n')
<10.0.0.99> ESTABLISH SSH CONNECTION FOR USER: ansible
<10.0.0.99> SSH: EXEC ssh -vvv -C -o ControlMaster=auto -o ControlPersist=60s -o 'IdentityFile="/Users/david/.ssh/icinga-ansible"' -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o 'User="ansible"' -o ConnectTimeout=10 -o ControlPath=/Users/david/.ansible/cp/da87df5b65 -tt 10.0.0.99 '/bin/sh -c '"'"'sudo -H -S  -p "[sudo via ansible, key=zqmjdndqmlossqqmvjppocmxscvlibul] password:" -u root /bin/sh -c '"'"'"'"'"'"'"'"'echo BECOME-SUCCESS-zqmjdndqmlossqqmvjppocmxscvlibul ; /usr/bin/python3 /home/ansible/.ansible/tmp/ansible-tmp-1623831279.150812-26120-146535079938049/AnsiballZ_icingaweb_database_user.py'"'"'"'"'"'"'"'"' && sleep 0'"'"''
Escalation succeeded
<10.0.0.99> (0, b'\r\n{"changed": true, "failed": false, "ansible_module_results": "none", "invocation": {"module_args": {"state": "present", "username": "hard", "password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", "force": true, "database_login_host": "10.0.0.96", "database_name": "icingaweb_config", "database_config_file": "/etc/icingaweb2/.my.cnf", "database_login_port": 3306, "preferences": null, "database_login_user": null, "database_login_password": null, "database_login_unix_socket": null}}}\r\n', b'OpenSSH_8.1p1, LibreSSL 2.7.3\r\ndebug1: Reading configuration data /Users/david/.ssh/config\r\ndebug1: /Users/david/.ssh/config line 1: Applying options for 10.59.*\r\ndebug1: Reading configuration data /etc/ssh/ssh_config\r\ndebug1: /etc/ssh/ssh_config line 47: Applying options for *\r\ndebug2: resolve_canonicalize: hostname 10.0.0.99 is address\r\ndebug1: auto-mux: Trying existing master\r\ndebug2: fd 3 setting O_NONBLOCK\r\ndebug2: mux_client_hello_exchange: master version 4\r\ndebug3: mux_client_forwards: request forwardings: 0 local, 0 remote\r\ndebug3: mux_client_request_session: entering\r\ndebug3: mux_client_request_alive: entering\r\ndebug3: mux_client_request_alive: done pid = 25787\r\ndebug3: mux_client_request_session: session request sent\r\ndebug3: mux_client_read_packet: read header failed: Broken pipe\r\ndebug2: Received exit status from master 0\r\nShared connection to 10.0.0.99 closed.\r\n')
changed: [david-icinga.internal] => changed=true
  ansible_module_results: none
  invocation:
    module_args:
      database_config_file: /etc/icingaweb2/.my.cnf
      database_login_host: 10.0.0.96
      database_login_password: null
      database_login_port: 3306
      database_login_unix_socket: null
      database_login_user: null
      database_name: icingaweb_config
      force: true
      password: VALUE_SPECIFIED_IN_NO_LOG_PARAMETER
      preferences: null
      state: present
      username: hard

This is the content of /etc/icingaweb2/.my.cnf

[client]

user = icingaweb_config
password = icingaweb_config
host = 10.0.0.96

The mysql database is unfortunately unchanged.
Users created in the web ui are present in the db and work as intended.
Is this working for you?
Let me know if I can provide any more info.

MySQL [icingaweb]> select * from icingaweb_group_membership;
+----------+----------+---------------------+-------+
| group_id | username | ctime               | mtime |
+----------+----------+---------------------+-------+
|        1 | davidmor | 2021-06-29 10:11:36 | NULL  |
+----------+----------+---------------------+-------+

MySQL [icingaweb]> select * from icingaweb_group;
+----+-------+--------+---------------------+-------+
| id | name  | parent | ctime               | mtime |
+----+-------+--------+---------------------+-------+
|  1 | gname |   NULL | 2021-06-29 10:11:22 | NULL  |
+----+-------+--------+---------------------+-------+

Many thanks!
David

support PHP-8

add redhat

ansible-icingaweb2/vars/main.yml

Line 22 in 19d03fd

centos: []

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.
Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
TensorFlow

An Open Source Machine Learning Framework for Everyone
Django

The Web framework for perfectionists with deadlines.
Laravel

A PHP framework for web artisans
D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
web

Some thing interesting about web. New door for the world.
server

A server is a program made to process requests and deliver data to clients.
Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Visualization

Some thing interesting about visualization, use data art
Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft

Open source projects and samples from Microsoft.
Google

Google ❤️ Open Source for everyone.
Alibaba

Alibaba Open Source for everyone
D3

Data-Driven Documents codes.
Tencent

China tencent open source team.