diff --git a/.fixtures.yml b/.fixtures.yml index f97301e..58d30e4 100644 --- a/.fixtures.yml +++ b/.fixtures.yml @@ -1,10 +1,11 @@ fixtures: forge_modules: stdlib: "puppetlabs/stdlib" concat: "puppetlabs/concat" vcsrepo: "puppetlabs/vcsrepo" apt: "puppetlabs/apt" yumrepo: "puppetlabs/yumrepo_core" zypprepo: "puppet/zypprepo" + systemd: "camptocamp/systemd" symlinks: icingaweb2: "#{source_dir}" diff --git a/data/Linux-kernel.yaml b/data/Linux-kernel.yaml index 3ef045c..1622e2c 100644 --- a/data/Linux-kernel.yaml +++ b/data/Linux-kernel.yaml @@ -1,10 +1,11 @@ --- icingaweb2::globals::package_name: icingaweb2 icingaweb2::globals::conf_dir: /etc/icingaweb2 icingaweb2::globals::mysql_db_schema: /usr/share/doc/icingaweb2/schema/mysql.schema.sql icingaweb2::globals::pgsql_db_schema: /usr/share/doc/icingaweb2/schema/pgsql.schema.sql icingaweb2::globals::gettext_package_name: gettext +icingaweb2::globals::icingacli_bin: /usr/bin/icingacli icingaweb2::module_path: /usr/share/icingaweb2/modules icingaweb2::conf_group: icingaweb2 icingaweb2::logging_file: /var/log/icingaweb2/icingaweb2.log diff --git a/manifests/globals.pp b/manifests/globals.pp index 179d895..eaef69a 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -1,14 +1,15 @@ # @summary # This class loads the default parameters by doing a hiera lookup. # # @note This parameters depend on the os plattform. Changes maybe will break the functional capability of the supported plattforms and versions. Please only do changes when you know what you're doing. # class icingaweb2::globals( String $package_name, Stdlib::Absolutepath $conf_dir, Stdlib::Absolutepath $mysql_db_schema, Stdlib::Absolutepath $pgsql_db_schema, String $gettext_package_name, + Stdlib::Absolutepath $icingacli_bin, ) { } diff --git a/manifests/module/director.pp b/manifests/module/director.pp index d053b51..7da210b 100644 --- a/manifests/module/director.pp +++ b/manifests/module/director.pp @@ -1,162 +1,163 @@ # @summary # Installs and configures the director module. # # @note If you want to use `git` as `install_method`, the CLI `git` command has to be installed. You can manage it yourself as package resource or declare the package name in icingaweb2 class parameter `extra_packages`. # # @param [Enum['absent', 'present']] ensure # Enable or disable module. # # @param [String] git_repository # Set a git repository URL. # # @param [Optional[String]] git_revision # Set either a branch or a tag name, eg. `master` or `v1.3.2`. # # @param [Enum['mysql', 'pgsql']] db_type # Type of your database. Either `mysql` or `pgsql`. # # @param [Stdlib::Host] db_host # Hostname of the database. # # @param [Stdlib::Port] db_port # Port of the database. # # @param [Optional[String]] db_name # Name of the database. # # @param [Optional[String]] db_username # Username for DB connection. # # @param [Optional[String]] db_password # Password for DB connection. # # @param [Boolean] import_schema # Import database schema. # # @param [Boolean] kickstart # Run kickstart command after database migration. This requires `import_schema` to be `true`. # # @param [Optional[String]] endpoint # Endpoint object name of Icinga 2 API. This setting is only valid if `kickstart` is `true`. # # @param [Stdlib::Host] api_host # Icinga 2 API hostname. This setting is only valid if `kickstart` is `true`. # # @param [Stdlib::Port] api_port # Icinga 2 API port. This setting is only valid if `kickstart` is `true`. # # @param [Optional[String]] api_username # Icinga 2 API username. This setting is only valid if `kickstart` is `true`. # # @param [Optional[String]] api_password # Icinga 2 API password. This setting is only valid if `kickstart` is `true`. # # @note Please checkout the [Director module documentation](https://www.icinga.com/docs/director/latest/) for requirements. # # @example # class { 'icingaweb2::module::director': # git_revision => 'v1.7.2', # db_host => 'localhost', # db_name => 'director', # db_username => 'director', # db_password => 'supersecret', # import_schema => true, # kickstart => true, # endpoint => 'puppet-icingaweb2.localdomain', # api_username => 'director', # api_password => 'supersecret', # require => Mysql::Db['director'] # } # class icingaweb2::module::director( String $git_repository, Enum['absent', 'present'] $ensure = 'present', Optional[String] $git_revision = undef, Enum['mysql', 'pgsql'] $db_type = 'mysql', - Stdlib::Host $db_host = undef, + Optional[Stdlib::Host] $db_host = undef, Stdlib::Port $db_port = 3306, Optional[String] $db_name = undef, Optional[String] $db_username = undef, Optional[String] $db_password = undef, String $db_charset = 'utf8', Boolean $import_schema = false, Boolean $kickstart = false, Optional[String] $endpoint = undef, Stdlib::Host $api_host = 'localhost', Stdlib::Port $api_port = 5665, Optional[String] $api_username = undef, Optional[String] $api_password = undef, ) { $conf_dir = $::icingaweb2::globals::conf_dir + $icingacli_bin = $::icingaweb2::globals::icingacli_bin $module_conf_dir = "${conf_dir}/modules/director" Exec { user => 'root', path => $::path, } icingaweb2::config::resource { 'icingaweb2-module-director': type => 'db', db_type => $db_type, host => $db_host, port => $db_port, db_name => $db_name, db_username => $db_username, db_password => $db_password, db_charset => $db_charset, } $db_settings = { 'module-director-db' => { 'section_name' => 'db', 'target' => "${module_conf_dir}/config.ini", 'settings' => { 'resource' => 'icingaweb2-module-director' } } } if $import_schema { ensure_packages(['icingacli'], { 'ensure' => 'present' }) exec { 'director-migration': - command => 'icingacli director migration run', - onlyif => 'icingacli director migration pending', + command => "${icingacli_bin} director migration run", + onlyif => "${icingacli_bin} director migration pending", require => [ Package['icingacli'], Icingaweb2::Module['director'] ] } if $kickstart { $kickstart_settings = { 'module-director-config' => { 'section_name' => 'config', 'target' => "${module_conf_dir}/kickstart.ini", 'settings' => { 'endpoint' => $endpoint, 'host' => $api_host, 'port' => $api_port, 'username' => $api_username, 'password' => $api_password, } } } exec { 'director-kickstart': - command => 'icingacli director kickstart run', - onlyif => 'icingacli director kickstart required', + command => "${icingacli_bin} director kickstart run", + onlyif => "${icingacli_bin} director kickstart required", require => Exec['director-migration'] } } else { $kickstart_settings = {} } } else { $kickstart_settings = {} } icingaweb2::module {'director': ensure => $ensure, git_repository => $git_repository, git_revision => $git_revision, settings => merge($db_settings, $kickstart_settings), } } diff --git a/manifests/module/director/service.pp b/manifests/module/director/service.pp new file mode 100644 index 0000000..80426f0 --- /dev/null +++ b/manifests/module/director/service.pp @@ -0,0 +1,51 @@ +# @summary +# Installs and configures the director service. +# +# @note Only systemd is supported by the Icinga Team and this module. +# +# @param [Stdlib::Ensure::Service] ensure +# Whether the director service should be running. +# +# @param [Boolean] enable +# Enable or disable the service. +# +# @param [String] user +# Specifies user to run director service daemon. +# +# @param [String] group +# Specifies primary group for user to run director service daemon. +# +# @param [Boolean] manage_user +# Whether to manage the server user resource. +# +class icingaweb2::module::director::service( + Stdlib::Ensure::Service $ensure = 'running', + Boolean $enable = true, + String $user = 'icingadirector', + String $group = 'icingaweb2', + Boolean $manage_user = true, +) { + + require ::icingaweb2::module::director + + $icingacli_bin = $::icingaweb2::globals::icingacli_bin + + if $manage_user { + user { $user: + ensure => present, + gid => $group, + shell => '/bin/false', + before => Systemd::Unit_file['icinga-director.service'], + } + } + + systemd::unit_file { 'icinga-director.service': + source => template('icingaweb2/icinga-director.service.erb'), + notify => Service['icinga-director'], + } + + service {'icinga-director': + ensure => $ensure, + enable => $enable, + } +} diff --git a/metadata.json b/metadata.json index 54501e7..6f76dc2 100644 --- a/metadata.json +++ b/metadata.json @@ -1,77 +1,80 @@ { "name": "icinga-icingaweb2", "version": "2.3.1", "author": "Icinga Development Team", "summary": "Icinga Web 2 Puppet Module", "license": "Apache-2.0", "source": "https://github.com/Icinga/puppet-icingaweb2.git", "project_page": "https://github.com/Icinga/puppet-icingaweb2", "issues_url": "https://github.com/Icinga/puppet-icingaweb2/issues", "dependencies": [ { "name": "puppetlabs/stdlib", "version_requirement": ">= 4.16.0 < 7.0.0" }, { "name": "puppetlabs/concat", "version_requirement": ">= 2.0.1 < 7.0.0" }, { "name": "puppetlabs/vcsrepo", "version_requirement": ">= 1.3.0 < 4.0.0" + }, + { "name": "camptocamp/systemd", + "version_requirement": ">= 1.1.1 < 3.0.0" } ], "operatingsystem_support": [ { "operatingsystem": "Debian", "operatingsystemrelease": [ "9", "10" ] }, { "operatingsystem": "RedHat", "operatingsystemrelease": [ "6", "7", "8" ] }, { "operatingsystem": "CentOS", "operatingsystemrelease": [ "6", "7", "8" ] }, { "operatingsystem": "Ubuntu", "operatingsystemrelease": [ "16.04", "18.04" ] }, { "operatingsystem": "SLES", "operatingsystemrelease": [ "12" ] } ], "requirements": [ { "name": "puppet", "version_requirement": ">= 4.7.0 < 7.0.0" } ], "tags": [ "icinga", "icinga2", "icingaweb2", "monitoring" ], "pdk-version": "1.17.0", "template-url": "pdk-default#1.17.0", "template-ref": "tags/1.17.0-0-gd3a4319" } diff --git a/spec/classes/director_servicespec.rb b/spec/classes/director_servicespec.rb new file mode 100644 index 0000000..fc2d197 --- /dev/null +++ b/spec/classes/director_servicespec.rb @@ -0,0 +1,29 @@ +require 'spec_helper' + +describe('icingaweb2::module::director::service', :type => :class) do + let(:pre_condition) { [ + "class { 'icingaweb2': }", + "class { 'icingaweb2::module::director': }", + ] } + + on_supported_os.each do |os, facts| + context "on #{os}" do + let :facts do + facts + end + + context "#{os} with defaults" do + it { is_expected.to contain_user('icingadirector') + .with({ 'ensure' => 'present', 'gid' => 'icingaweb2', 'shell' => '/bin/false' }).that_comes_before('Systemd::Unit_file[icinga-director.service]') } + it { is_expected.to contain_systemd__unit_file('icinga-director.service').that_notifies('Service[icinga-director]') } + it { is_expected.to contain_service('icinga-director') + .with({ + 'ensure' => 'running', + 'enable' => true }) } + + end + end + + end +end + diff --git a/templates/icinga-director.service.erb b/templates/icinga-director.service.erb new file mode 100644 index 0000000..915b472 --- /dev/null +++ b/templates/icinga-director.service.erb @@ -0,0 +1,21 @@ +[Unit] +Description=Icinga Director - Monitoring Configuration +Documentation=https://icinga.com/docs/director/latest/ +Wants=network.target + +[Service] +EnvironmentFile=-/etc/default/icinga-director +EnvironmentFile=-/etc/sysconfig/icinga-director +ExecStart=<%= @icingacli_bin %> director daemon run +ExecReload=/bin/kill -HUP ${MAINPID} +User=<%= @user %> +SyslogIdentifier=icingadirector +Type=notify + +NotifyAccess=main +WatchdogSec=10 +RestartSec=30 +Restart=always + +[Install] +WantedBy=multi-user.target