diff --git a/.fixtures.yml b/.fixtures.yml index f97301e..58d30e4 100644 --- a/.fixtures.yml +++ b/.fixtures.yml @@ -1,10 +1,11 @@ fixtures: forge_modules: stdlib: "puppetlabs/stdlib" concat: "puppetlabs/concat" vcsrepo: "puppetlabs/vcsrepo" apt: "puppetlabs/apt" yumrepo: "puppetlabs/yumrepo_core" zypprepo: "puppet/zypprepo" + systemd: "camptocamp/systemd" symlinks: icingaweb2: "#{source_dir}" diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..9032a01 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,5 @@ +*.rb eol=lf +*.erb eol=lf +*.pp eol=lf +*.sh eol=lf +*.epp eol=lf diff --git a/.gitignore b/.gitignore index c9b9539..2767022 100644 --- a/.gitignore +++ b/.gitignore @@ -1,34 +1,27 @@ -## MAC OS +.git/ +.*.sw[op] +.metadata +.yardoc +.yardwarns +*.iml +/.bundle/ +/.idea/ +/.vagrant/ +/coverage/ +/bin/ +/doc/ +/Gemfile.local +/Gemfile.lock +/junit/ +/log/ +/pkg/ +/spec/fixtures/manifests/ +/spec/fixtures/modules/ +/tmp/ +/vendor/ +/convert_report.txt +/update_report.txt .DS_Store - -## editor -*.tmproj -tmtags -*~ -\#* -.\#* -*.sw[op] -tags -.idea/ - -## Bundler -Gemfile.lock -.bundle -vendor/ - -## rbenv / rvm -.rbenv* -.rvmrc* -.ruby-* - -## rspec -spec/fixtures/ - -## acceptance -.vagrant/ -junit/ -log/ - -## Puppet module -pkg/ -coverage/ +.project +.envrc +/inventory.yaml diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml new file mode 100644 index 0000000..4868bf7 --- /dev/null +++ b/.gitlab-ci.yml @@ -0,0 +1,44 @@ +--- +stages: + - syntax + - unit + +cache: + paths: + - vendor/bundle + +before_script: + - bundle -v + - rm Gemfile.lock || true + - "# Update system gems if requested. This is useful to temporarily workaround troubles in the test runner" + - "# Set `rubygems_version` in the .sync.yml to set a value" + - "# Ignore exit code of SIGPIPE'd yes to not fail with shell's pipefail set" + - '[ -z "$RUBYGEMS_VERSION" ] || (yes || true) | gem update --system $RUBYGEMS_VERSION' + - gem --version + - bundle -v + - bundle install --without system_tests --path vendor/bundle --jobs $(nproc) + +syntax lint metadata_lint check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop-Ruby 2.5.7-Puppet ~> 6: + stage: syntax + image: ruby:2.5.7 + script: + - bundle exec rake syntax lint metadata_lint check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop + variables: + PUPPET_GEM_VERSION: '~> 6' + +parallel_spec-Ruby 2.5.7-Puppet ~> 6: + stage: unit + image: ruby:2.5.7 + script: + - bundle exec rake parallel_spec + variables: + PUPPET_GEM_VERSION: '~> 6' + +parallel_spec-Ruby 2.4.5-Puppet ~> 5: + stage: unit + image: ruby:2.4.5 + script: + - bundle exec rake parallel_spec + variables: + PUPPET_GEM_VERSION: '~> 5' + diff --git a/.pdkignore b/.pdkignore new file mode 100644 index 0000000..e6215cd --- /dev/null +++ b/.pdkignore @@ -0,0 +1,42 @@ +.git/ +.*.sw[op] +.metadata +.yardoc +.yardwarns +*.iml +/.bundle/ +/.idea/ +/.vagrant/ +/coverage/ +/bin/ +/doc/ +/Gemfile.local +/Gemfile.lock +/junit/ +/log/ +/pkg/ +/spec/fixtures/manifests/ +/spec/fixtures/modules/ +/tmp/ +/vendor/ +/convert_report.txt +/update_report.txt +.DS_Store +.project +.envrc +/inventory.yaml +/appveyor.yml +/.fixtures.yml +/Gemfile +/.gitattributes +/.gitignore +/.gitlab-ci.yml +/.pdkignore +/Rakefile +/rakelib/ +/.rspec +/.rubocop.yml +/.travis.yml +/.yardopts +/spec/ +/.vscode/ diff --git a/.puppet-lint.rc b/.puppet-lint.rc index 76b42b0..cc96ece 100644 --- a/.puppet-lint.rc +++ b/.puppet-lint.rc @@ -1,4 +1 @@ ---fail-on-warnings ---no-140chars ---no-class_inherits_from_params_class-check --relative diff --git a/.rspec b/.rspec new file mode 100644 index 0000000..16f9cdb --- /dev/null +++ b/.rspec @@ -0,0 +1,2 @@ +--color +--format documentation diff --git a/.rubocop.yml b/.rubocop.yml new file mode 100644 index 0000000..5307849 --- /dev/null +++ b/.rubocop.yml @@ -0,0 +1,137 @@ +--- +require: +- rubocop-rspec +- rubocop-i18n +AllCops: + DisplayCopNames: true + TargetRubyVersion: '2.1' + Include: + - "./**/*.rb" + Exclude: + - bin/* + - ".vendor/**/*" + - "**/Gemfile" + - "**/Rakefile" + - pkg/**/* + - spec/fixtures/**/* + - vendor/**/* + - "**/Puppetfile" + - "**/Vagrantfile" + - "**/Guardfile" +Metrics/LineLength: + Description: People have wide screens, use them. + Max: 200 +GetText: + Enabled: false +GetText/DecorateString: + Description: We don't want to decorate test output. + Exclude: + - spec/**/* + Enabled: false +RSpec/BeforeAfterAll: + Description: Beware of using after(:all) as it may cause state to leak between tests. + A necessary evil in acceptance testing. + Exclude: + - spec/acceptance/**/*.rb +RSpec/HookArgument: + Description: Prefer explicit :each argument, matching existing module's style + EnforcedStyle: each +Style/BlockDelimiters: + Description: Prefer braces for chaining. Mostly an aesthetical choice. Better to + be consistent then. + EnforcedStyle: braces_for_chaining +Style/BracesAroundHashParameters: + Description: Braces are required by Ruby 2.7. Cop removed from RuboCop v0.80.0. + See https://github.com/rubocop-hq/rubocop/pull/7643 + Enabled: true +Style/ClassAndModuleChildren: + Description: Compact style reduces the required amount of indentation. + EnforcedStyle: compact +Style/EmptyElse: + Description: Enforce against empty else clauses, but allow `nil` for clarity. + EnforcedStyle: empty +Style/FormatString: + Description: Following the main puppet project's style, prefer the % format format. + EnforcedStyle: percent +Style/FormatStringToken: + Description: Following the main puppet project's style, prefer the simpler template + tokens over annotated ones. + EnforcedStyle: template +Style/Lambda: + Description: Prefer the keyword for easier discoverability. + EnforcedStyle: literal +Style/RegexpLiteral: + Description: Community preference. See https://github.com/voxpupuli/modulesync_config/issues/168 + EnforcedStyle: percent_r +Style/TernaryParentheses: + Description: Checks for use of parentheses around ternary conditions. Enforce parentheses + on complex expressions for better readability, but seriously consider breaking + it up. + EnforcedStyle: require_parentheses_when_complex +Style/TrailingCommaInArguments: + Description: Prefer always trailing comma on multiline argument lists. This makes + diffs, and re-ordering nicer. + EnforcedStyleForMultiline: comma +Style/TrailingCommaInLiteral: + Description: Prefer always trailing comma on multiline literals. This makes diffs, + and re-ordering nicer. + EnforcedStyleForMultiline: comma +Style/SymbolArray: + Description: Using percent style obscures symbolic intent of array's contents. + EnforcedStyle: brackets +RSpec/MessageSpies: + EnforcedStyle: receive +Style/Documentation: + Exclude: + - lib/puppet/parser/functions/**/* + - spec/**/* +Style/WordArray: + EnforcedStyle: brackets +Style/CollectionMethods: + Enabled: true +Style/MethodCalledOnDoEndBlock: + Enabled: true +Style/StringMethods: + Enabled: true +GetText/DecorateFunctionMessage: + Enabled: false +GetText/DecorateStringFormattingUsingInterpolation: + Enabled: false +GetText/DecorateStringFormattingUsingPercent: + Enabled: false +Layout/EndOfLine: + Enabled: false +Layout/IndentHeredoc: + Enabled: false +Metrics/AbcSize: + Enabled: false +Metrics/BlockLength: + Enabled: false +Metrics/ClassLength: + Enabled: false +Metrics/CyclomaticComplexity: + Enabled: false +Metrics/MethodLength: + Enabled: false +Metrics/ModuleLength: + Enabled: false +Metrics/ParameterLists: + Enabled: false +Metrics/PerceivedComplexity: + Enabled: false +RSpec/DescribeClass: + Enabled: false +RSpec/ExampleLength: + Enabled: false +RSpec/MessageExpectation: + Enabled: false +RSpec/MultipleExpectations: + Enabled: false +RSpec/NestedGroups: + Enabled: false +Style/AsciiComments: + Enabled: false +Style/IfUnlessModifier: + Enabled: false +Style/SymbolProc: + Enabled: false diff --git a/.travis.yml b/.travis.yml index 0264bf9..68d3e96 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,36 +1,49 @@ -sudo: false +--- +os: linux +dist: xenial language: ruby cache: bundler -bundler_args: "--without system_tests" before_install: -- sh ./.travis/setup.sh + - bundle -v + - rm -f Gemfile.lock + - "# Update system gems if requested. This is useful to temporarily workaround troubles in the test runner" + - "# See https://github.com/puppetlabs/pdk-templates/commit/705154d5c437796b821691b707156e1b056d244f for an example of how this was used" + - "# Ignore exit code of SIGPIPE'd yes to not fail with shell's pipefail set" + - '[ -z "$RUBYGEMS_VERSION" ] || (yes || true) | gem update --system $RUBYGEMS_VERSION' + - gem --version + - bundle -v script: -- bundle exec rake $CHECK -matrix: + - 'bundle exec rake $CHECK' +bundler_args: --without system_tests +rvm: + - 2.5.7 +stages: + - static + - spec + - acceptance + - + if: tag =~ ^v\d + name: deploy +jobs: fast_finish: true include: - - rvm: '2.4' - env: PUPPET_VERSION="~> 5.0" CHECK=build DEPLOY_TO_FORGE=yes - - rvm: '2.1' - env: PUPPET_VERSION="~> 4.0" CHECK=test FIXTURES_YML=.fixtures.puppet4.yml - - rvm: '2.4' - env: PUPPET_VERSION="~> 5.0" CHECK=test - - rvm: '2.5' - env: PUPPET_VERSION="~> 6.0" CHECK=test + - + env: CHECK="check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop syntax lint metadata_lint" + stage: static + - + env: PUPPET_GEM_VERSION="~> 5.0" CHECK=parallel_spec + rvm: 2.4.5 + stage: spec + - + env: PUPPET_GEM_VERSION="~> 6.0" CHECK=parallel_spec + rvm: 2.5.7 + stage: spec + - + env: DEPLOY_TO_FORGE=yes + stage: deploy branches: only: - - master - - "/^v\\d/" + - master + - /^v\d/ notifications: email: false -deploy: - provider: puppetforge - deploy: - branch: master - user: icinga - password: - secure: "hcGcjXH8v7mjP8bAVeJY/aUzciEjzzjhBsB3b8SKFytpH6R5kcNLVXzkAtTXgJi8nR4PVFSjKovku3o0Q7BzWnmsGaQ69UzJ5gz37oO2mxfNvVCm7FyiCCW86gp+IvpsMDRa+gqpswvb0CjzwK5SC+R7/+pzt60aPx2Gk/yteuU=" - on: - tags: true - all_branches: true - condition: "$DEPLOY_TO_FORGE = yes" diff --git a/.vscode/extensions.json b/.vscode/extensions.json new file mode 100644 index 0000000..2f1e4f7 --- /dev/null +++ b/.vscode/extensions.json @@ -0,0 +1,6 @@ +{ + "recommendations": [ + "puppet.puppet-vscode", + "rebornix.Ruby" + ] +} diff --git a/.yardopts b/.yardopts new file mode 100644 index 0000000..29c933b --- /dev/null +++ b/.yardopts @@ -0,0 +1 @@ +--markup markdown diff --git a/AUTHORS b/AUTHORS index 3c46e74..21a77c0 100644 --- a/AUTHORS +++ b/AUTHORS @@ -1,40 +1,46 @@ Alexandre Beche +Alexandre R Gomes Andrew Choo Benjamin Krein Bill Scheidegger Blerim Sheqa +Bram Vogelaar Bram Vogelaar CV -david.leib@barzahlen.de +Dennis Hoppe Devin Christensen +Eric Lippmann Eric Zounes Florian Baumann James Weakly Jan Collijs Johan Fleury Josh Beard +Joshua Hoblitt Khanh Ngo Lennart Betz Leo Antunes Lorenz Bischof -marco.fretz Markus Frosch Matthias Baur Michael Friedrich Nicolas Dandrimont +Ott, Jörn WI (Fa. Goetzfried) Paolo Schiro Peter Souter -plarivee Robert Waffen Rudy Gevaert Sebastian Brückner Stefan Kleindl Steven Bambling Tim Bishop Timo Goebel Tokynet Tom De Vylder Tomislav Dukaric Vladimir Smirnov XnS Zach Leslie +david.leib@barzahlen.de +marco.fretz +plarivee diff --git a/CHANGELOG.md b/CHANGELOG.md index d98e6f9..e710d16 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,265 +1,331 @@ # Change Log -## [v2.3.1](https://github.com/Icinga/puppet-icingaweb2/tree/v2.3.1) (2019-06-25) -[Full Changelog](https://github.com/Icinga/puppet-icingaweb2/compare/v2.3.0...v2.3.1) +## [v3.0.1](https://github.com/icinga/puppet-icingaweb2/tree/v3.0.1) (2020-11-16) +[Full Changelog](https://github.com/icinga/puppet-icingaweb2/compare/v3.0.0...v3.0.1) + +**Fixed bugs:** + +- add mssql, oci, oracle, ibmi and sqlite as new db\_types for resources [\#278](https://github.com/Icinga/puppet-icingaweb2/pull/278) ([lbetz](https://github.com/lbetz)) + +## [v3.0.0](https://github.com/icinga/puppet-icingaweb2/tree/v3.0.0) (2020-10-14) +[Full Changelog](https://github.com/icinga/puppet-icingaweb2/compare/v2.4.1...v3.0.0) + +**Implemented enhancements:** + +- Add new param manage\_repos to replace manage\_repo in the future [\#274](https://github.com/Icinga/puppet-icingaweb2/issues/274) +- Replace class repo with new class from module icinga [\#260](https://github.com/Icinga/puppet-icingaweb2/issues/260) + +## [v2.4.1](https://github.com/icinga/puppet-icingaweb2/tree/v2.4.1) (2020-08-31) +[Full Changelog](https://github.com/icinga/puppet-icingaweb2/compare/v2.4.0...v2.4.1) + +**Fixed bugs:** + +- Release defined resource commandtransport from private [\#264](https://github.com/Icinga/puppet-icingaweb2/issues/264) +- fix icingaweb2::module::director::service systemd::unit\_file param name error [\#273](https://github.com/Icinga/puppet-icingaweb2/pull/273) ([jhoblitt](https://github.com/jhoblitt)) +- fix travis-ci failures [\#270](https://github.com/Icinga/puppet-icingaweb2/pull/270) ([jhoblitt](https://github.com/jhoblitt)) + +**Closed issues:** + +- icingaweb2::module::director::service systemd::unit\_file param name error [\#272](https://github.com/Icinga/puppet-icingaweb2/issues/272) +- travis-ci rubocop check is failing on master [\#271](https://github.com/Icinga/puppet-icingaweb2/issues/271) +- travis-ci `check:git\_ignore` check is failing on master [\#269](https://github.com/Icinga/puppet-icingaweb2/issues/269) +- manage business process source files [\#265](https://github.com/Icinga/puppet-icingaweb2/issues/265) +- Update Package version [\#262](https://github.com/Icinga/puppet-icingaweb2/issues/262) + +## [v2.4.0](https://github.com/icinga/puppet-icingaweb2/tree/v2.4.0) (2020-07-06) +[Full Changelog](https://github.com/icinga/puppet-icingaweb2/compare/v2.3.1...v2.4.0) + +**Implemented enhancements:** + +- add pdk support [\#259](https://github.com/Icinga/puppet-icingaweb2/issues/259) +- rework documentation [\#258](https://github.com/Icinga/puppet-icingaweb2/issues/258) +- Rework to use module data [\#257](https://github.com/Icinga/puppet-icingaweb2/issues/257) +- Add Support for RHEL 8 [\#255](https://github.com/Icinga/puppet-icingaweb2/issues/255) +- Add Support for Debian 10 [\#254](https://github.com/Icinga/puppet-icingaweb2/issues/254) +- Update params for authmethod msldap [\#252](https://github.com/Icinga/puppet-icingaweb2/pull/252) ([gomesar9](https://github.com/gomesar9)) +- Add new 1.7.x dependencies [\#248](https://github.com/Icinga/puppet-icingaweb2/pull/248) ([lbetz](https://github.com/lbetz)) +- Add timeout to ldap resource [\#245](https://github.com/Icinga/puppet-icingaweb2/pull/245) ([joernott](https://github.com/joernott)) +- Add logging config option php [\#242](https://github.com/Icinga/puppet-icingaweb2/pull/242) ([lbetz](https://github.com/lbetz)) +- Document logging config option 'php' [\#241](https://github.com/Icinga/puppet-icingaweb2/pull/241) ([lippserd](https://github.com/lippserd)) +- Add parameter poold\_purge to class phpfpm [\#239](https://github.com/Icinga/puppet-icingaweb2/pull/239) ([dhoppe](https://github.com/dhoppe)) +- Update and verify acceptance tests [\#234](https://github.com/Icinga/puppet-icingaweb2/pull/234) ([lazyfrosch](https://github.com/lazyfrosch)) + +**Fixed bugs:** + +- Multiple LDAP Hosts do not work anymore [\#261](https://github.com/Icinga/puppet-icingaweb2/issues/261) +- Class ::icingaweb2::module::monitoring doesn't work with Documentation defaults [\#253](https://github.com/Icinga/puppet-icingaweb2/issues/253) +- Ensure config directory mode is set with setgid [\#251](https://github.com/Icinga/puppet-icingaweb2/pull/251) ([lazyfrosch](https://github.com/lazyfrosch)) +- git\_revision is a required parameter [\#249](https://github.com/Icinga/puppet-icingaweb2/pull/249) ([attachmentgenie](https://github.com/attachmentgenie)) +- Remove question marks of parameter db\_port [\#238](https://github.com/Icinga/puppet-icingaweb2/pull/238) ([dhoppe](https://github.com/dhoppe)) + +**Closed issues:** + +- Add new 1.7.x dependencies for director module: ipl / reactbundle / incubator [\#247](https://github.com/Icinga/puppet-icingaweb2/issues/247) + +**Merged pull requests:** + +- Remove parameter fastcgi\_script [\#243](https://github.com/Icinga/puppet-icingaweb2/pull/243) ([dhoppe](https://github.com/dhoppe)) + +## [v2.3.1](https://github.com/icinga/puppet-icingaweb2/tree/v2.3.1) (2019-06-25) +[Full Changelog](https://github.com/icinga/puppet-icingaweb2/compare/v2.3.0...v2.3.1) **Implemented enhancements:** - metadata: Raise requirements for puppetlabs modules [\#236](https://github.com/Icinga/puppet-icingaweb2/pull/236) ([lazyfrosch](https://github.com/lazyfrosch)) **Fixed bugs:** - possible regression: new cookie path parameter may break existing installs [\#235](https://github.com/Icinga/puppet-icingaweb2/issues/235) - config: Let cookie\_path be undef by default [\#237](https://github.com/Icinga/puppet-icingaweb2/pull/237) ([lazyfrosch](https://github.com/lazyfrosch)) -## [v2.3.0](https://github.com/Icinga/puppet-icingaweb2/tree/v2.3.0) (2019-05-20) -[Full Changelog](https://github.com/Icinga/puppet-icingaweb2/compare/v2.2.0...v2.3.0) +## [v2.3.0](https://github.com/icinga/puppet-icingaweb2/tree/v2.3.0) (2019-05-20) +[Full Changelog](https://github.com/icinga/puppet-icingaweb2/compare/v2.2.0...v2.3.0) **Implemented enhancements:** - Support puppet 6 [\#220](https://github.com/Icinga/puppet-icingaweb2/issues/220) - add logging facility and application to config [\#230](https://github.com/Icinga/puppet-icingaweb2/pull/230) ([costela](https://github.com/costela)) - Support Puppet 6 [\#226](https://github.com/Icinga/puppet-icingaweb2/pull/226) ([wdschei](https://github.com/wdschei)) - add config section to adjust the cookie path [\#218](https://github.com/Icinga/puppet-icingaweb2/pull/218) ([XnS](https://github.com/XnS)) **Fixed bugs:** - Parameter url of module::graphite has to be optional [\#223](https://github.com/Icinga/puppet-icingaweb2/issues/223) - Docs: icingaweb2::config::resource 'port' requires an integer, not a string [\#231](https://github.com/Icinga/puppet-icingaweb2/pull/231) ([dnsmichi](https://github.com/dnsmichi)) **Closed issues:** - support puppet/stdlib \> 5.0 [\#232](https://github.com/Icinga/puppet-icingaweb2/issues/232) - Error logging\_path needs to be Stdlib::Absolutepath, got String instead [\#224](https://github.com/Icinga/puppet-icingaweb2/issues/224) - icingaweb2::module::puppetdb tests are failing [\#216](https://github.com/Icinga/puppet-icingaweb2/issues/216) **Merged pull requests:** - Set confdir in the rspec context \(fixes \#216\) [\#217](https://github.com/Icinga/puppet-icingaweb2/pull/217) ([johanfleury](https://github.com/johanfleury)) - Avoid duplicate inisection declarations [\#215](https://github.com/Icinga/puppet-icingaweb2/pull/215) ([johanfleury](https://github.com/johanfleury)) -## [v2.2.0](https://github.com/Icinga/puppet-icingaweb2/tree/v2.2.0) (2018-05-14) -[Full Changelog](https://github.com/Icinga/puppet-icingaweb2/compare/v2.1.0...v2.2.0) +## [v2.2.0](https://github.com/icinga/puppet-icingaweb2/tree/v2.2.0) (2018-05-14) +[Full Changelog](https://github.com/icinga/puppet-icingaweb2/compare/v2.1.0...v2.2.0) **Implemented enhancements:** - 'icinga-icingaweb2' \(v2.1.0\) requires 'puppetlabs-vcsrepo' \(\>= 1.3.0 \< 2.0.0\) [\#212](https://github.com/Icinga/puppet-icingaweb2/issues/212) **Closed issues:** - Should be possible to specify a relative path for icingaweb2::module::fileshipper target [\#209](https://github.com/Icinga/puppet-icingaweb2/issues/209) **Merged pull requests:** - Add param for IDO DB charset [\#208](https://github.com/Icinga/puppet-icingaweb2/pull/208) ([marcofl](https://github.com/marcofl)) -## [v2.1.0](https://github.com/Icinga/puppet-icingaweb2/tree/v2.1.0) (2018-01-23) -[Full Changelog](https://github.com/Icinga/puppet-icingaweb2/compare/v2.0.1...v2.1.0) +## [v2.1.0](https://github.com/icinga/puppet-icingaweb2/tree/v2.1.0) (2018-01-23) +[Full Changelog](https://github.com/icinga/puppet-icingaweb2/compare/v2.0.1...v2.1.0) **Implemented enhancements:** - missing domain attribute for icingaweb2::config::authmethod [\#203](https://github.com/Icinga/puppet-icingaweb2/issues/203) - Add elasticsearch module [\#193](https://github.com/Icinga/puppet-icingaweb2/issues/193) - Add graphite module [\#192](https://github.com/Icinga/puppet-icingaweb2/issues/192) - Update apache2 example [\#191](https://github.com/Icinga/puppet-icingaweb2/issues/191) - Add default backend in groups.ini [\#188](https://github.com/Icinga/puppet-icingaweb2/issues/188) - Links to apache2 and nginx examples doesn't work [\#185](https://github.com/Icinga/puppet-icingaweb2/issues/185) - Add vSphere module [\#183](https://github.com/Icinga/puppet-icingaweb2/issues/183) - Add fileshipper module [\#182](https://github.com/Icinga/puppet-icingaweb2/issues/182) **Fixed bugs:** - Setting up icingaweb2 with postgresql on a different port than 5432 leads to an error [\#195](https://github.com/Icinga/puppet-icingaweb2/issues/195) - protected\_customvars handled incorrectly? [\#206](https://github.com/Icinga/puppet-icingaweb2/issues/206) - puppetdb: issue if host does not resolve to puppetdb [\#197](https://github.com/Icinga/puppet-icingaweb2/issues/197) **Merged pull requests:** - added domain attribute to icingaweb2::config::groupbackend [\#205](https://github.com/Icinga/puppet-icingaweb2/pull/205) ([spaolo](https://github.com/spaolo)) - added domain attribute to icingaweb2::config::authmethod [\#204](https://github.com/Icinga/puppet-icingaweb2/pull/204) ([spaolo](https://github.com/spaolo)) - Provide specific port to mysql and postgresql [\#196](https://github.com/Icinga/puppet-icingaweb2/pull/196) ([Faffnir](https://github.com/Faffnir)) - Rename default administrative user to 'icingaadmin' [\#194](https://github.com/Icinga/puppet-icingaweb2/pull/194) ([dnsmichi](https://github.com/dnsmichi)) - Add missing curly bracket and trailing commas [\#189](https://github.com/Icinga/puppet-icingaweb2/pull/189) ([rgevaert](https://github.com/rgevaert)) - Fix protected\_customvars bugs and papercuts [\#186](https://github.com/Icinga/puppet-icingaweb2/pull/186) ([olasd](https://github.com/olasd)) -## [v2.0.1](https://github.com/Icinga/puppet-icingaweb2/tree/v2.0.1) (2017-12-28) -[Full Changelog](https://github.com/Icinga/puppet-icingaweb2/compare/v2.0.0...v2.0.1) +## [v2.0.1](https://github.com/icinga/puppet-icingaweb2/tree/v2.0.1) (2017-12-28) +[Full Changelog](https://github.com/icinga/puppet-icingaweb2/compare/v2.0.0...v2.0.1) **Implemented enhancements:** - Support fcgi as example for apache [\#201](https://github.com/Icinga/puppet-icingaweb2/issues/201) **Merged pull requests:** - fix \#201 Suppoet fcgi as example for apache [\#202](https://github.com/Icinga/puppet-icingaweb2/pull/202) ([lbetz](https://github.com/lbetz)) - Fix typos on README.md [\#184](https://github.com/Icinga/puppet-icingaweb2/pull/184) ([Tokynet](https://github.com/Tokynet)) -## [v2.0.0](https://github.com/Icinga/puppet-icingaweb2/tree/v2.0.0) (2017-10-11) -[Full Changelog](https://github.com/Icinga/puppet-icingaweb2/compare/1.0.6...v2.0.0) +## [v2.0.0](https://github.com/icinga/puppet-icingaweb2/tree/v2.0.0) (2017-10-11) +[Full Changelog](https://github.com/icinga/puppet-icingaweb2/compare/1.0.6...v2.0.0) **Implemented enhancements:** - Store preferences in database [\#166](https://github.com/Icinga/puppet-icingaweb2/issues/166) - Support icinga2 API command transport [\#74](https://github.com/Icinga/puppet-icingaweb2/issues/74) - Use RSpec helper rspec-puppet-facts [\#70](https://github.com/Icinga/puppet-icingaweb2/issues/70) - Support LDAP auth\_backend [\#69](https://github.com/Icinga/puppet-icingaweb2/issues/69) - Manage icingaweb2 user [\#68](https://github.com/Icinga/puppet-icingaweb2/issues/68) - Updating graphite with more config [\#66](https://github.com/Icinga/puppet-icingaweb2/issues/66) - Adding monitoring module [\#65](https://github.com/Icinga/puppet-icingaweb2/issues/65) - \[dev.icinga.com \#9243\] add ldaps to resource\_ldap.pp [\#56](https://github.com/Icinga/puppet-icingaweb2/issues/56) - \[dev.icinga.com \#9155\] Add module generictts [\#54](https://github.com/Icinga/puppet-icingaweb2/issues/54) - Update Docs Install Icinga Web icinga2 vs icingaweb2 [\#174](https://github.com/Icinga/puppet-icingaweb2/issues/174) - Add translation module [\#169](https://github.com/Icinga/puppet-icingaweb2/issues/169) - Parameterize conf\_user [\#145](https://github.com/Icinga/puppet-icingaweb2/issues/145) - Update version in Puppet Forge [\#141](https://github.com/Icinga/puppet-icingaweb2/issues/141) - Add changelog [\#128](https://github.com/Icinga/puppet-icingaweb2/issues/128) - Add Cube module [\#127](https://github.com/Icinga/puppet-icingaweb2/issues/127) - Add Director module [\#126](https://github.com/Icinga/puppet-icingaweb2/issues/126) - Add business process module [\#125](https://github.com/Icinga/puppet-icingaweb2/issues/125) - Refactor monitoring module class [\#124](https://github.com/Icinga/puppet-icingaweb2/issues/124) - Add defined type to generally handle module installations and configuration [\#122](https://github.com/Icinga/puppet-icingaweb2/issues/122) - Rename classes to icingaweb2::module::modulename [\#121](https://github.com/Icinga/puppet-icingaweb2/issues/121) - Remove unsupported modules [\#120](https://github.com/Icinga/puppet-icingaweb2/issues/120) - Default auth mechanism [\#119](https://github.com/Icinga/puppet-icingaweb2/issues/119) - Add defined type for roles [\#118](https://github.com/Icinga/puppet-icingaweb2/issues/118) - Add defined type to handle config.ini [\#117](https://github.com/Icinga/puppet-icingaweb2/issues/117) - Add defined type to handle groups.ini [\#116](https://github.com/Icinga/puppet-icingaweb2/issues/116) - Add defined type to handle authentication.ini [\#115](https://github.com/Icinga/puppet-icingaweb2/issues/115) - Add type to handle resources.ini [\#114](https://github.com/Icinga/puppet-icingaweb2/issues/114) - Add defined type that handles Ini configurations [\#113](https://github.com/Icinga/puppet-icingaweb2/issues/113) - Update basic specs [\#112](https://github.com/Icinga/puppet-icingaweb2/issues/112) - Add release guide [\#111](https://github.com/Icinga/puppet-icingaweb2/issues/111) - Add testing guide [\#110](https://github.com/Icinga/puppet-icingaweb2/issues/110) - Add contributing guide [\#109](https://github.com/Icinga/puppet-icingaweb2/issues/109) - Add some basic examples [\#108](https://github.com/Icinga/puppet-icingaweb2/issues/108) - Basic Apache configuration with example [\#107](https://github.com/Icinga/puppet-icingaweb2/issues/107) - Add reference documentation [\#106](https://github.com/Icinga/puppet-icingaweb2/issues/106) - Update general documentation [\#105](https://github.com/Icinga/puppet-icingaweb2/issues/105) - Create parameter manage\_package [\#104](https://github.com/Icinga/puppet-icingaweb2/issues/104) - Remove deprecated parameters [\#103](https://github.com/Icinga/puppet-icingaweb2/issues/103) - General configuration [\#102](https://github.com/Icinga/puppet-icingaweb2/issues/102) - Remove git installation method for Icinga Web 2 [\#101](https://github.com/Icinga/puppet-icingaweb2/issues/101) - Ensure support for certain operating systems [\#100](https://github.com/Icinga/puppet-icingaweb2/issues/100) - Add header with inline documentation to all files [\#99](https://github.com/Icinga/puppet-icingaweb2/issues/99) - Support initialize for PostgreSQL [\#82](https://github.com/Icinga/puppet-icingaweb2/issues/82) - Acceptance tests [\#78](https://github.com/Icinga/puppet-icingaweb2/issues/78) - Adding database initialization [\#64](https://github.com/Icinga/puppet-icingaweb2/issues/64) - Updating monitoring transports [\#75](https://github.com/Icinga/puppet-icingaweb2/pull/75) ([lazyfrosch](https://github.com/lazyfrosch)) - Update module base [\#73](https://github.com/Icinga/puppet-icingaweb2/pull/73) ([lazyfrosch](https://github.com/lazyfrosch)) - Refactoring repository management [\#72](https://github.com/Icinga/puppet-icingaweb2/pull/72) ([lazyfrosch](https://github.com/lazyfrosch)) - Using rspec-puppet-facts for new spec [\#71](https://github.com/Icinga/puppet-icingaweb2/pull/71) ([lazyfrosch](https://github.com/lazyfrosch)) **Fixed bugs:** - Dependency puppetlabs/concat conflicts with puppet-icinga2 [\#165](https://github.com/Icinga/puppet-icingaweb2/issues/165) - rspec tests broken due to unintepreted facts [\#161](https://github.com/Icinga/puppet-icingaweb2/issues/161) - Can't manage multiple \[config\] sections because of duplicate resource [\#146](https://github.com/Icinga/puppet-icingaweb2/issues/146) - Fixing config files permissions [\#67](https://github.com/Icinga/puppet-icingaweb2/issues/67) - \[dev.icinga.com \#12142\] Why does initialize.pp require /root/.my.cnf on RedHat/CentOS, not Debian/Ubuntu? [\#61](https://github.com/Icinga/puppet-icingaweb2/issues/61) - \[dev.icinga.com \#11876\] Path for mysql-command is missing [\#60](https://github.com/Icinga/puppet-icingaweb2/issues/60) - \[dev.icinga.com \#11719\] Missing packages if APT::Install-Recommends "false"; [\#59](https://github.com/Icinga/puppet-icingaweb2/issues/59) - \[dev.icinga.com \#11584\] what is the standard password set by initialize.pp? [\#58](https://github.com/Icinga/puppet-icingaweb2/issues/58) - \[dev.icinga.com \#11507\] installing icinga web2 [\#57](https://github.com/Icinga/puppet-icingaweb2/issues/57) - Install dependencies by default [\#176](https://github.com/Icinga/puppet-icingaweb2/issues/176) - Logging directory is not created by module [\#172](https://github.com/Icinga/puppet-icingaweb2/issues/172) - Incorrect config directory access mode on Debian [\#85](https://github.com/Icinga/puppet-icingaweb2/issues/85) - Package managers handle dependencies. [\#87](https://github.com/Icinga/puppet-icingaweb2/pull/87) ([tdb](https://github.com/tdb)) - deployment: Correct directory management [\#76](https://github.com/Icinga/puppet-icingaweb2/pull/76) ([lazyfrosch](https://github.com/lazyfrosch)) **Closed issues:** - /etc/icingaweb2/modules isn't created [\#158](https://github.com/Icinga/puppet-icingaweb2/issues/158) - Allow muliple API Host for icingaweb2::module::monitoring [\#155](https://github.com/Icinga/puppet-icingaweb2/issues/155) - icingaweb2::module::module\_dir parameter default value should probably not be undef [\#147](https://github.com/Icinga/puppet-icingaweb2/issues/147) - Missing Configuration [\#138](https://github.com/Icinga/puppet-icingaweb2/issues/138) - Syntax error at 'resource\_name'; expected '}' [\#136](https://github.com/Icinga/puppet-icingaweb2/issues/136) - Please move development to master [\#134](https://github.com/Icinga/puppet-icingaweb2/issues/134) - Git install method is missing minified assets [\#129](https://github.com/Icinga/puppet-icingaweb2/issues/129) - Add default modules [\#123](https://github.com/Icinga/puppet-icingaweb2/issues/123) - How to enable module monitoring Via Puppet [\#95](https://github.com/Icinga/puppet-icingaweb2/issues/95) - It would be nice to have possibility to change certain file/directory permissions [\#94](https://github.com/Icinga/puppet-icingaweb2/issues/94) - Could not find declared class icingaweb2::mod::monitoring [\#93](https://github.com/Icinga/puppet-icingaweb2/issues/93) - The parameter 'ido\_db\_host' is declared more than once [\#92](https://github.com/Icinga/puppet-icingaweb2/issues/92) - missing groups.ini [\#91](https://github.com/Icinga/puppet-icingaweb2/issues/91) - Add Debian Stretch to the compatibility list? [\#89](https://github.com/Icinga/puppet-icingaweb2/issues/89) - Dependencies incorrect on Ubuntu 16.04+ [\#88](https://github.com/Icinga/puppet-icingaweb2/issues/88) - Improve Apache integration and document it [\#83](https://github.com/Icinga/puppet-icingaweb2/issues/83) - Default credentials for login [\#80](https://github.com/Icinga/puppet-icingaweb2/issues/80) - Deprecate default install method [\#77](https://github.com/Icinga/puppet-icingaweb2/issues/77) - \[dev.icinga.com \#9154\] Add module pnp4nagios [\#53](https://github.com/Icinga/puppet-icingaweb2/issues/53) - Icingaweb2::Module::Monitoring doesn't actually install the module [\#160](https://github.com/Icinga/puppet-icingaweb2/issues/160) - Add generictts module [\#154](https://github.com/Icinga/puppet-icingaweb2/issues/154) - add icingaweb2::module::puppetdb [\#152](https://github.com/Icinga/puppet-icingaweb2/issues/152) - add icingaweb2::module::doc [\#150](https://github.com/Icinga/puppet-icingaweb2/issues/150) - Icingaweb2 schema only created on second run when configured along with icinga2 [\#144](https://github.com/Icinga/puppet-icingaweb2/issues/144) - Correct documentation for authentication configuration [\#143](https://github.com/Icinga/puppet-icingaweb2/issues/143) - Align documentation for duplicate repository [\#131](https://github.com/Icinga/puppet-icingaweb2/issues/131) - Non compatible dependencies between icinga2 and Icingaweb2 latest releases [\#98](https://github.com/Icinga/puppet-icingaweb2/issues/98) - Roles setting is not up to date and is not supporting businessprocess-prefix [\#96](https://github.com/Icinga/puppet-icingaweb2/issues/96) - Resources.ini should not be world-readable [\#90](https://github.com/Icinga/puppet-icingaweb2/issues/90) - Documentation updates [\#79](https://github.com/Icinga/puppet-icingaweb2/issues/79) **Merged pull requests:** - Add example manifest for Grafana module [\#181](https://github.com/Icinga/puppet-icingaweb2/pull/181) ([druchoo](https://github.com/druchoo)) - Add 'LDAP Base DN' to 'User Backends' [\#180](https://github.com/Icinga/puppet-icingaweb2/pull/180) ([druchoo](https://github.com/druchoo)) - Removed puppetlabs-apache from dependencies [\#178](https://github.com/Icinga/puppet-icingaweb2/pull/178) ([noqqe](https://github.com/noqqe)) - Manage logging directory and file [\#173](https://github.com/Icinga/puppet-icingaweb2/pull/173) ([baurmatt](https://github.com/baurmatt)) - Add translation module [\#170](https://github.com/Icinga/puppet-icingaweb2/pull/170) ([baurmatt](https://github.com/baurmatt)) - Allow preferences to be stored in db [\#168](https://github.com/Icinga/puppet-icingaweb2/pull/168) ([baurmatt](https://github.com/baurmatt)) - Add git repository config [\#167](https://github.com/Icinga/puppet-icingaweb2/pull/167) ([tdukaric](https://github.com/tdukaric)) - Add a context per operating system [\#162](https://github.com/Icinga/puppet-icingaweb2/pull/162) ([baurmatt](https://github.com/baurmatt)) - Add modules directory [\#159](https://github.com/Icinga/puppet-icingaweb2/pull/159) ([baurmatt](https://github.com/baurmatt)) - Loosen concat version restrictions [\#156](https://github.com/Icinga/puppet-icingaweb2/pull/156) ([quixoten](https://github.com/quixoten)) - Implement puppetdb module [\#153](https://github.com/Icinga/puppet-icingaweb2/pull/153) ([rgevaert](https://github.com/rgevaert)) - Implement icingaweb2::module::doc [\#151](https://github.com/Icinga/puppet-icingaweb2/pull/151) ([rgevaert](https://github.com/rgevaert)) - Prevent duplicate resources errors [\#149](https://github.com/Icinga/puppet-icingaweb2/pull/149) ([rgevaert](https://github.com/rgevaert)) - Correct authentication configuration documentation [\#142](https://github.com/Icinga/puppet-icingaweb2/pull/142) ([rgevaert](https://github.com/rgevaert)) - Add GitHub issue template [\#137](https://github.com/Icinga/puppet-icingaweb2/pull/137) ([dnsmichi](https://github.com/dnsmichi)) - Add nginx example [\#84](https://github.com/Icinga/puppet-icingaweb2/pull/84) ([prozach](https://github.com/prozach)) - Fixing testing issues [\#81](https://github.com/Icinga/puppet-icingaweb2/pull/81) ([lazyfrosch](https://github.com/lazyfrosch)) - Update URLs to GitHub [\#62](https://github.com/Icinga/puppet-icingaweb2/pull/62) ([bobapple](https://github.com/bobapple)) - testing: Updating travis settings [\#51](https://github.com/Icinga/puppet-icingaweb2/pull/51) ([lazyfrosch](https://github.com/lazyfrosch)) - remove dependency on concat module [\#50](https://github.com/Icinga/puppet-icingaweb2/pull/50) ([lbischof](https://github.com/lbischof)) - substituting non existing parameter [\#49](https://github.com/Icinga/puppet-icingaweb2/pull/49) ([attachmentgenie](https://github.com/attachmentgenie)) - Fix permissions [\#30](https://github.com/Icinga/puppet-icingaweb2/pull/30) ([petems](https://github.com/petems)) - Change sql\_schema\_location if using git [\#29](https://github.com/Icinga/puppet-icingaweb2/pull/29) ([petems](https://github.com/petems)) - Allow multiple commandtransports [\#157](https://github.com/Icinga/puppet-icingaweb2/pull/157) ([baurmatt](https://github.com/baurmatt)) -## [1.0.6](https://github.com/Icinga/puppet-icingaweb2/tree/1.0.6) (2015-11-10) -[Full Changelog](https://github.com/Icinga/puppet-icingaweb2/compare/1.0.5...1.0.6) +## [1.0.6](https://github.com/icinga/puppet-icingaweb2/tree/1.0.6) (2015-11-10) +[Full Changelog](https://github.com/icinga/puppet-icingaweb2/compare/1.0.5...1.0.6) -## [1.0.5](https://github.com/Icinga/puppet-icingaweb2/tree/1.0.5) (2015-08-04) -[Full Changelog](https://github.com/Icinga/puppet-icingaweb2/compare/1.0.4...1.0.5) +## [1.0.5](https://github.com/icinga/puppet-icingaweb2/tree/1.0.5) (2015-08-04) +[Full Changelog](https://github.com/icinga/puppet-icingaweb2/compare/1.0.4...1.0.5) -## [1.0.4](https://github.com/Icinga/puppet-icingaweb2/tree/1.0.4) (2015-06-24) -[Full Changelog](https://github.com/Icinga/puppet-icingaweb2/compare/1.0.3...1.0.4) +## [1.0.4](https://github.com/icinga/puppet-icingaweb2/tree/1.0.4) (2015-06-24) +[Full Changelog](https://github.com/icinga/puppet-icingaweb2/compare/1.0.3...1.0.4) **Merged pull requests:** - Add support for Scientific Linux in Yum repo [\#16](https://github.com/Icinga/puppet-icingaweb2/pull/16) ([joshbeard](https://github.com/joshbeard)) -## [1.0.3](https://github.com/Icinga/puppet-icingaweb2/tree/1.0.3) (2015-05-07) -[Full Changelog](https://github.com/Icinga/puppet-icingaweb2/compare/1.0.2...1.0.3) +## [1.0.3](https://github.com/icinga/puppet-icingaweb2/tree/1.0.3) (2015-05-07) +[Full Changelog](https://github.com/icinga/puppet-icingaweb2/compare/1.0.2...1.0.3) -## [1.0.2](https://github.com/Icinga/puppet-icingaweb2/tree/1.0.2) (2015-05-07) -[Full Changelog](https://github.com/Icinga/puppet-icingaweb2/compare/1.0.1...1.0.2) +## [1.0.2](https://github.com/icinga/puppet-icingaweb2/tree/1.0.2) (2015-05-07) +[Full Changelog](https://github.com/icinga/puppet-icingaweb2/compare/1.0.1...1.0.2) -## [1.0.1](https://github.com/Icinga/puppet-icingaweb2/tree/1.0.1) (2015-05-07) -[Full Changelog](https://github.com/Icinga/puppet-icingaweb2/compare/1.0.0...1.0.1) +## [1.0.1](https://github.com/icinga/puppet-icingaweb2/tree/1.0.1) (2015-05-07) +[Full Changelog](https://github.com/icinga/puppet-icingaweb2/compare/1.0.0...1.0.1) -## [1.0.0](https://github.com/Icinga/puppet-icingaweb2/tree/1.0.0) (2015-05-07) +## [1.0.0](https://github.com/icinga/puppet-icingaweb2/tree/1.0.0) (2015-05-07) **Implemented enhancements:** - \[dev.icinga.com \#9158\] Add module graphite [\#55](https://github.com/Icinga/puppet-icingaweb2/issues/55) - \[dev.icinga.com \#9153\] Add module businessprocess [\#52](https://github.com/Icinga/puppet-icingaweb2/issues/52) - Fix authentication configuration [\#8](https://github.com/Icinga/puppet-icingaweb2/pull/8) ([lazyfrosch](https://github.com/lazyfrosch)) **Merged pull requests:** - Don't put blank host/service filters in roles.ini [\#13](https://github.com/Icinga/puppet-icingaweb2/pull/13) ([jamesweakley](https://github.com/jamesweakley)) - Moving away from templates to usign inifile from Puppetlabs/inifile [\#7](https://github.com/Icinga/puppet-icingaweb2/pull/7) ([smbambling](https://github.com/smbambling)) \* *This Change Log was automatically generated by [github_changelog_generator](https://github.com/skywinder/Github-Changelog-Generator)* \ No newline at end of file diff --git a/Gemfile b/Gemfile index e38dca9..77ff14c 100644 --- a/Gemfile +++ b/Gemfile @@ -1,24 +1,73 @@ -source 'https://rubygems.org' +source ENV['GEM_SOURCE'] || 'https://rubygems.org' -gem 'puppet', ENV.key?('PUPPET_VERSION') ? ENV['PUPPET_VERSION'].to_s : '>= 4.7' +def location_for(place_or_version, fake_version = nil) + git_url_regex = %r{\A(?(https?|git)[:@][^#]*)(#(?.*))?} + file_url_regex = %r{\Afile:\/\/(?.*)} -gem 'puppetlabs_spec_helper', '>= 0.1.0' -gem 'puppet-lint', '>= 0.3.2' -gem 'facter', '>= 1.7.0' -gem 'rspec-puppet-facts', '>= 1.6.0' -gem 'metadata-json-lint' -gem 'semantic_puppet' - -group :system_tests do - if (beaker_version = ENV['BEAKER_VERSION']) - gem 'beaker', beaker_version - end - if (beaker_rspec_version = ENV['BEAKER_RSPEC_VERSION']) - gem 'beaker-rspec', beaker_rspec_version + if place_or_version && (git_url = place_or_version.match(git_url_regex)) + [fake_version, { git: git_url[:url], branch: git_url[:branch], require: false }].compact + elsif place_or_version && (file_url = place_or_version.match(file_url_regex)) + ['>= 0', { path: File.expand_path(file_url[:path]), require: false }] else - gem 'beaker-rspec', :require => false + [place_or_version, { require: false }] + end +end + +ruby_version_segments = Gem::Version.new(RUBY_VERSION.dup).segments +minor_version = ruby_version_segments[0..1].join('.') + +group :development do + gem "fast_gettext", '1.1.0', require: false if Gem::Version.new(RUBY_VERSION.dup) < Gem::Version.new('2.1.0') + gem "fast_gettext", require: false if Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.1.0') + gem "json_pure", '<= 2.0.1', require: false if Gem::Version.new(RUBY_VERSION.dup) < Gem::Version.new('2.0.0') + gem "json", '= 1.8.1', require: false if Gem::Version.new(RUBY_VERSION.dup) == Gem::Version.new('2.1.9') + gem "json", '= 2.0.4', require: false if Gem::Requirement.create('~> 2.4.2').satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) + gem "json", '= 2.1.0', require: false if Gem::Requirement.create(['>= 2.5.0', '< 2.7.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) + gem "rb-readline", '= 0.5.5', require: false, platforms: [:mswin, :mingw, :x64_mingw] + gem "puppet-module-posix-default-r#{minor_version}", '~> 0.4', require: false, platforms: [:ruby] + gem "puppet-module-posix-dev-r#{minor_version}", '~> 0.4', require: false, platforms: [:ruby] + gem "puppet-module-win-default-r#{minor_version}", '~> 0.4', require: false, platforms: [:mswin, :mingw, :x64_mingw] + gem "puppet-module-win-dev-r#{minor_version}", '~> 0.4', require: false, platforms: [:mswin, :mingw, :x64_mingw] + gem "github_changelog_generator", '~> 1.15', require: false if Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.3.0') +end + +puppet_version = ENV['PUPPET_GEM_VERSION'] +facter_version = ENV['FACTER_GEM_VERSION'] +hiera_version = ENV['HIERA_GEM_VERSION'] + +gems = {} + +gems['puppet'] = location_for(puppet_version) + +# If facter or hiera versions have been specified via the environment +# variables + +gems['facter'] = location_for(facter_version) if facter_version +gems['hiera'] = location_for(hiera_version) if hiera_version + +if Gem.win_platform? && puppet_version =~ %r{^(file:///|git://)} + # If we're using a Puppet gem on Windows which handles its own win32-xxx gem + # dependencies (>= 3.5.0), set the maximum versions (see PUP-6445). + gems['win32-dir'] = ['<= 0.4.9', require: false] + gems['win32-eventlog'] = ['<= 0.6.5', require: false] + gems['win32-process'] = ['<= 0.7.5', require: false] + gems['win32-security'] = ['<= 0.2.5', require: false] + gems['win32-service'] = ['0.8.8', require: false] +end + +gems.each do |gem_name, gem_params| + gem gem_name, *gem_params +end + +# Evaluate Gemfile.local and ~/.gemfile if they exist +extra_gemfiles = [ + "#{__FILE__}.local", + File.join(Dir.home, '.gemfile'), +] + +extra_gemfiles.each do |gemfile| + if File.file?(gemfile) && File.readable?(gemfile) + eval(File.read(gemfile), binding) end - gem 'serverspec', :require => false - gem 'beaker-puppet_install_helper', :require => false - gem 'beaker-module_install_helper', :require => false end +# vim: syntax=ruby diff --git a/README.md b/README.md index 85ff40d..9b2e7c6 100644 --- a/README.md +++ b/README.md @@ -1,1354 +1,247 @@ [![Build Status](https://travis-ci.org/Icinga/puppet-icingaweb2.png?branch=master)](https://travis-ci.org/Icinga/puppet-icingaweb2) # Icinga Web 2 Puppet Module #### Table of Contents 1. [Overview](#overview) 2. [Module Description - What the module does and why it is useful](#module-description) 3. [Setup - The basics of getting started with Icinga Web 2](#setup) - * [What Icinga Web 2 affects](##what-icinga-web-2-affects) + * [What Icinga Web 2 affects](#what-icinga-web-2-affects) 4. [Usage - Configuration options and additional functionality](#usage) -5. [Reference - An under-the-hood peek at what the module is doing and how](#reference) - * [Public Classes](#public-classes) - * [Private Classes](#private-classes) - * [Public defined types](#public-defined-types) - * [Private defined types](#private-defined-types) +5. [Reference](#reference) 6. [Development - Guide for contributing to the module](#development) ## Overview + [Icinga Web 2] is the associated web interface for the open source monitoring tool [Icinga 2]. This module helps with installing and managing configuration of Icinga Web 2 and its modules on multiple operating systems. -## Description +### Description This module installs and configures Icinga Web 2 on your Linux host by using the official packages from [packages.icinga.com]. Dependend packages are installed as they are defined in the Icinga Web 2 package. This module can manage all configurations files of Icinga Web 2 and import an initial database schema. It can install and manage all official [modules](https://www.icinga.com/products/icinga-web-2-modules/) as well as modules developed by the community. +### What's new in version 3.0.0 + +* The current version now uses the `icinga::repos` class from the new module `icinga` for the configuration of +repositories including EPEL on RedHat and Backports on Debian. (see https://github.com/icinga/puppet-icinga) + ## Setup ### What the Icinga 2 Puppet module supports * Installation of Icinga Web 2 via packages * Configuration * MySQL / PostgreSQL database schema import * Install and manage official Icinga Web 2 modules * Install community modules ### Dependencies This module depends on +* [icinga/ciinga] >= 1.0.0 + * needed if `manage_repos` is set to `true` * [puppetlabs/stdlib] >= 4.16.0 * [puppetlabs/vcsrepo] >= 1.3.0 * [puppetlabs/concat] >= 2.0.1 -Depending on your setup the following modules may also be required: - -* [puppetlabs/apt] >= 2.0.0 -* [puppetlabs/yumrepo_core] >= 1.0.0 -* [puppet/zypprepo] >= 2.0.0 - ### Limitations This module has been tested on: -* Debian 7, 8, 9 -* CentOS/RHEL 6, 7 +* Debian 9, 10 +* CentOS/RHEL 6, 7, 8 * Requires [Software Collections Repository](https://wiki.centos.org/AdditionalResources/Repositories/SCL) -* Ubuntu 14.04, 16.04 -* SLES 12 - -* PHP >= 5.6 +* Ubuntu 16.04, 18.04, 20.04 +* SLES 12, 15 Other operating systems or versions may work but have not been tested. ## Usage -### Install Icinga Web 2 +NOTE: If you plan to use additional modules from git, the CLI `git` command has to be installed. You can manage it yourself as package resource or declare the package name in `extra_packages`. -The default class `icingaweb2` installs a basic installation of Icinga Web 2 by using the systems package manager. It -is recommended to use the official Icinga repository for the installation. +By default, your distribution's packages are used to install Icinga Web 2. -Use the `manage_repo` parameter to configure the official [packages.icinga.com] repository. +Use the `manage_repos` parameter to configure repositories by default the official and stable [packages.icinga.com]. To configure your own +repositories, or use the official testing or nightly snapshot stage, see https://github.com/icinga/puppet-icinga. ``` puppet class { '::icingaweb2': - manage_repo => true, + manage_repos => true, } ``` -**Info:** If you are using the [Icinga 2](https://github.com/icinga/puppet-icinga2) Puppet module on the same server, -make sure to disable the repository management for one of the modules! - -If you want to manage the version of Icinga Web 2, you have to disable the package management of this module and handle -packages in your own Puppet code. - -``` puppet -package { 'icingaweb2': - ensure => latest, +The usage of this module isn't simple. That depends on how Icinga Web 2 is implemented. Monitoring is here just a module in a framework. All basic stuff like authentication, logging or authorization is done by this framework. To store user and usergroups in a MySQL database, the database has to exist: +``` +mysql::db { 'icingaweb2': + user => 'icingaweb2', + password => 'supersecret', + host => 'localhost', + grant => [ 'ALL' ], } -class { '::icingaweb2': - manage_package => false, +class {'icingaweb2': + manage_repos => true, + import_schema => true, + db_type => 'mysql', + db_host => 'localhost', + db_port => 3306, + db_username => 'icingaweb2', + db_password => 'supersecret', + config_backend => 'db', + extra_packages => [ 'git' ], + require => Mysql::Db['icingaweb2'], } ``` +If you set `import_schema` to `true` an default admin user `icingaadmin` with password `icinga` will be created automatically and you're allowed to login. -Be careful with this option: Setting `manage_package` to false also means that this module will not install any -dependent packages of modules. - -Use the [monitoring](#monitoring) class to connect the web interface to Icinga 2. - -This module does not provide functionality to install and configure any web server, see the following examples how to -install Icinga Web 2 with differen web servers: - -* [Apache2](https://github.com/Icinga/puppet-icingaweb2/blob/master/examples/apache2.pp) -* [Nginx](https://github.com/Icinga/puppet-icingaweb2/blob/master/examples/nginx.pp) - -### Manage Resources -Icinga Web 2 resources are managed with the `icingaweb2::config::resource` defined type. Supported resource types -are `db` and `ldap`. Resources are used for the internal authentication mechanism and by modules. Depending on the type -of resource you are managing, different parameters may be required. - -Create a `db` resource: - -``` puppet -icingaweb2::config::resource{'my-sql': - type => 'db', - db_type => 'mysql', - host => 'localhost', - port => 3306, - db_name => 'icingaweb2', - db_username => 'root', - db_password => 'supersecret', -} +In case that `import_schema` is disabled or you'd like to use a different backend for authorization like LDAP, more work is required. At first we need a ressource with credentials to connect a LDAP server: ``` +class {'icingaweb2': + manage_repos => true, +} -Create a `ldap` resource: - -``` puppet -icingaweb2::config::resource{'my-ldap': +icingaweb2::config::resource{ 'my-ldap': type => 'ldap', host => 'localhost', port => 389, - ldap_root_dn => 'dc=users,dc=icinga,dc=com', - ldap_bind_dn => 'cn=root,dc=users,dc=icinga,dc=com', + ldap_root_dn => 'ou=users,dc=icinga,dc=com', + ldap_bind_dn => 'cn=icingaweb2,ou=users,dc=icinga,dc=com', ldap_bind_pw => 'supersecret', } ``` - -### Manage Authentication Methods -Authentication methods are created with the `icingaweb2::config:authmethod` defined type. Various authentication methods -are supported: `db`, `ldap`, `msldap` and `external`. Auth methods can be chained with the `order` parameter. - -Create a MySQL authmethod: - -``` puppet -icingaweb2::config::authmethod{'my-sql': - backend => 'db', - resource => 'my-sql', - order => '01', -} +With the help of this resource, we are now creating user and group backends. Users are permitted to login and users and groups will later be used for authorization. ``` -Create a LDAP authmethod: - -``` puppet -icingaweb2::config::authmethod {'ldap-auth': +icingaweb2::config::authmethod { 'ldap-auth': backend => 'ldap', resource => 'my-ldap', - ldap_user_class => 'myObjectClass', - ldap_filter => '(icingaaccess=true))', - ldap_user_name_attribute => 'uid', - order => '02', -} -``` - -#### DB Schema and Default User -You can choose to import the database schema for MySQL or PostgreSQL. If you set `import_schema` to `true` the module -import the corresponding schema for your `db_type`. Additionally a resource, an authentication method and a role will be -generated. - -The module does not support the creation of databases, we encourage you to use either the [puppetlabs/mysql] or the -[puppetlabs/puppetlabs-postgresql] module. - -:bulb: Default credentials are: **User:** `icingaadmin` **Password**: `icinga` - -##### MySQL -Use MySQL as backend for user authentication in Icinga Web 2: - -``` puppet -include ::mysql::server - -mysql::db { 'icingaweb2': - user => 'icingaweb2', - password => 'icingaweb2', - host => 'localhost', - grant => ['SELECT', 'INSERT', 'UPDATE', 'DELETE', 'DROP', 'CREATE VIEW', 'CREATE', 'INDEX', 'EXECUTE', 'ALTER', 'REFERENCES'], + ldap_user_class => 'user', + ldap_filter => '(memberof:1.2.840.113556.1.4.1941:=CN=monitoring,OU=groups,DC=icinga,DC=com)', + ldap_user_name_attribute => 'cn', + order => '05', } -class {'icingaweb2': - manage_repo => true, - import_schema => true, - db_type => 'mysql', - db_host => 'localhost', - db_port => 3306, - db_username => 'icingaweb2', - db_password => 'icingaweb2', - require => Mysql::Db['icingaweb2'], +icingaweb2::config::groupbackend { 'ldap-groups': + backend => 'ldap', + resource => 'my-ldap', + ldap_group_class => 'group', + ldap_group_name_attribute => 'cn', + ldap_group_member_attribute => 'member', + ldap_base_dn => 'ou=groups,dc=icinga,dc=com', + domain => 'icinga.com', } ``` - -##### PostgreSQL -Use PostgreSQL as backend for user authentication in Icinga Web 2: - -``` puppet -include ::postgresql::server - -postgresql::server::db { 'icingaweb2': - user => 'icingaweb2', - password => postgresql_password('icingaweb2', 'icingaweb2'), -} - -class {'icingaweb2': - manage_repo => true, - import_schema => true, - db_type => 'pgsql', - db_host => 'localhost', - db_port => 5432, - db_username => 'icingaweb2', - db_password => 'icingaweb2', - require => Postgresql::Server::Db['icingaweb2'], +So that a group gets admin rights a role has to manage: +``` +icingaweb2::config::role { 'default admin user': + groups => 'icingaadmins', + permissions => '*', } ``` - -#### Manage Roles -Roles are a set of permissions applied to users and groups. With filters you can limit the access to certain objects -only. Each module can add its own permissions, so it's hard to create a list of all available permissions. The following -permissions are included when the `monitoring` module is enabled: - +All available permissions for module monitoring are listed below: | Description | Value | |-------------|-------| | Allow everything | `*` | | Allow to share navigation items | `application/share/navigation` | | Allow to adjust in the preferences whether to show stacktraces | `application/stacktraces` | | Allow to view the application log | `application/log` | | Grant admin permissions, e.g. manage announcements | `admin` | | Allow config access | `config/*` | | Allow access to module doc | `module/doc` | | Allow access to module monitoring | `module/monitoring` | | Allow all commands | `monitoring/command/*` | | Allow scheduling host and service checks | `monitoring/command/schedule-check` | | Allow acknowledging host and service problems | `monitoring/command/acknowledge-problem` | | Allow removing problem acknowledgements | `monitoring/command/remove-acknowledgement` | | Allow adding and deleting host and service comments | `monitoring/command/comment/*` | | Allow commenting on hosts and services | `monitoring/command/comment/add` | | Allow deleting host and service comments | `monitoring/command/comment/delete` | | Allow scheduling and deleting host and service downtimes | `monitoring/command/downtime/*` | | Allow scheduling host and service downtimes | `monitoring/command/downtime/schedule` | | Allow deleting host and service downtimes | `monitoring/command/downtime/delete` | | Allow processing host and service check results | `monitoring/command/process-check-result` | | Allow processing commands for toggling features on an instance-wide basis | `monitoring/command/feature/instance` | | Allow processing commands for toggling features on host and service objects | `monitoring/command/feature/object/*`) | | Allow processing commands for toggling active checks on host and service objects | `monitoring/command/feature/object/active-checks` | | Allow processing commands for toggling passive checks on host and service objects | `monitoring/command/feature/object/passive-checks` | | Allow processing commands for toggling notifications on host and service objects | `monitoring/command/feature/object/notifications` | | Allow processing commands for toggling event handlers on host and service objects | `monitoring/command/feature/object/event-handler` | | Allow processing commands for toggling flap detection on host and service objects | `monitoring/command/feature/object/flap-detection` | | Allow sending custom notifications for hosts and services | `monitoring/command/send-custom-notification` | | Allow access to module setup | `module/setup` | | Allow access to module test | `module/test` | | Allow access to module translation | `module/translation` | -With the monitoring module, possible filters are: -* `application/share/users` -* `application/share/groups` -* `monitoring/filter/objects` -* `monitoring/blacklist/properties` - -Create role that allows a user to see only hosts beginning with `linux-*`: - -``` puppet -icingaweb2::config::role{'linux-user': - users => 'bob, pete', - permissions => '*', - filters => { - 'monitoring/filter/objects' => 'host_name=linux-*', - } -} -``` - -#### Manage Group Backends -Group backends store information about available groups and their members. Valid backends are `db`, `ldap` or `msldap`. -Groups backends can be combined with authentication methods. For example, users can be stored in a database, but group -definitions in LDAP. If a user is member of multiple groups, he inherits permissions of all his groups. - -Create an LDAP group backend: - -``` puppet -icingaweb2::config::groupbackend {'ldap-backend': - backend => 'ldap', - resource => 'my-ldap', - ldap_group_class => 'groupofnames', - ldap_group_name_attribute => 'cn', - ldap_group_member_attribute => 'member', - ldap_base_dn => 'ou=groups,dc=icinga,dc=com' -} -``` - -If you have imported the database schema (parameter `import_schema`), you can use this database as group backend: - -``` puppet -icingaweb2::config::groupbackend {'mysql-backend': - backend => 'db', - resource => 'mysql-icingaweb2', -} +Finally we configure the monitoring with the needed connection to the IDO to get information and an API user to send commands to Icinga 2: ``` - -### Install and Manage Modules - -#### Monitoring -This module is mandatory for almost every setup. It connects your Icinga Web interface to the Icinga 2 core. Current and -history information are queried through the IDO database. Actions such as `Check Now`, `Set Downtime` or `Acknowledge` -are send to the Icinga 2 API. - -Requirements: - -* IDO feature in Icinga 2 (MySQL or PostgreSQL) -* `ApiUser` object in Icinga 2 with proper permissions - -Example: -``` puppet class {'icingaweb2::module::monitoring': ido_host => 'localhost', + ido_db_type => 'mysql', ido_db_name => 'icinga2', ido_db_username => 'icinga2', ido_db_password => 'supersecret', commandtransports => { icinga2 => { transport => 'api', - username => 'root', - password => 'icinga', + username => 'icingaweb2', + password => 'supersecret', } } } ``` -[Monitoring module documentation](https://www.icinga.com/docs/icingaweb2/latest/modules/monitoring/doc/01-About/) - -#### Director -The Director is used to manage Icinga 2 configuration through the web interface Icinga Web 2. The module requires its -database. The module is installed by cloning the git repository, therefore you need to set `git_revision` to either a -git branch or tag, eg. `master` or `v1.3.2`. - -The Director has some dependencies that you have to fulfill manually currently: -* Icinga 2 (>= 2.6.0) -* Icinga Web 2 (>= 2.4.1) -* A MySQL or PostgreSQL database -* PHP (>= 5.4) -* php-curl - -Example: -``` puppet -class {'icingaweb2::module::director': - git_revision => 'v1.3.2', - db_host => 'localhost', - db_name => 'director', - db_username => 'director', - db_password => 'director', - import_schema => true, - kickstart => true, - endpoint => 'puppet-icingaweb2.localdomain', - api_username => 'root', - api_password => 'icinga', - require => Mysql::Db['director'] -} -``` - -[Director module documentation](https://www.icinga.com/docs/director/latest/) - -To run the kickstart mechanism, it's required to set `import_schema` to `true`. - -#### Doc -The doc module provides an interface to the Icinga 2 and Icinga Web 2 documentation. - -Example: -``` puppet -include ::icingaweb2::module::doc -``` - -To disable: -``` puppet -class {'::icingaweb2::module::doc': - ensure => absent -} -``` - -[Doc module documentation](https://www.icinga.com/docs/icingaweb2/latest/modules/doc/doc/01-About/) - -#### PuppetDB -You can configure Director to query one or more PuppetDB servers. - -Example: Set up the PuppetDB module and configure two custom SSL keys -``` puppet -$certificates = {'pupdb1' => { - :ssl_key => '-----BEGIN RSA PRIVATE KEY----- abc...', - :ssl_cacert => '-----BEGIN RSA PRIVATE KEY----- def...', }, - 'pupdb2' => { - :ssl_key => '-----BEGIN RSA PRIVATE KEY----- zyx...', - :ssl_cacert => '-----BEGIN RSA PRIVATE KEY----- wvur...', }, - } - -class {'::icingaweb2::module::puppetdb': - git_revision => 'master', - ssl => 'none', - certificates => $certificates, -} -``` - -Example: Set up the PuppetDB module and configure the hosts SSL key to connect to the PuppetDB host -``` puppet -class {'::icingaweb2::module::puppetdb': - git_revision => 'master', - ssl => 'puppet', - host => 'puppetdb.example.com', -} -``` - -[PuppetDB module documentation](https://www.icinga.com/docs/director/latest/puppetdb/doc/01-Installation/) - -#### Business Process -The Business Process module allows you to visualize and monitor business processes based on hosts and services monitored -by Icinga 2. The module is installed by cloning the git repository, therefore you need to set `git_revision` to either a -git branch or tag, eg. `master` or `v2.1.0`. - -This module has the following dependecies: -* Icinga Web 2 (>= 2.4.1) -* PHP (>= 5.3 or 7.x) - -Example: -``` puppet -class { 'icingaweb2::module::businessprocess': - git_revision => 'v2.1.0' -} -``` - -[Business Process mdoule documentation](https://www.icinga.com/docs/businessprocess/latest/) - -#### Cube -The Cube module is like a extended filtering tool. It visualizes host statistics (count and health state) grouped by -various custom variables in multiple dimensions. The module is installed by cloning the git repository, therefore you -need to set `git_revision` to either a git branch or tag, eg. `master` or `v1.0.0`. - -Example: -``` puppet -class { 'icingaweb2::module::cube': - git_revision => 'v1.0.0' -} -``` - -#### GenericTTS -The GenericTTS module matches ticket pattern and replaces them with a link to your ticketsystem. The module is installed -by cloning the git repository, therefore you need to set `git_revision` to either a git branch or tag, eg. `master` -or `v2.0.0`. - -Example: -``` puppet -class { 'icingaweb2::module::generictts': - git_revision => 'v2.0.0', - ticketsystems => { - 'my-ticket-system' => { - pattern => '/#([0-9]{4,6})/', - url => 'https://my.ticket.system/tickets/id=$1', - }, - }, -} -``` - -#### Fileshipper -The main purpose of this module is to extend Icinga Director using some of it's exported hooks. Based on them it offers -an `Import Source` able to deal with `CSV`, `JSON`, `YAML` and `XML` files. It also offers the possibility to deploy -hand-crafted Icinga 2 config files through the Icinga Director. - -The fileshipper module has some optional requirements: -* `php-xml` for optional XML file support -* `php-yaml` for optional YAML file support - -Example: -``` puppet -class { 'icingaweb2::module::fileshipper': - git_revision => 'v1.0.1', - base_directories => { - temp => '/tmp' - }, - directories => { - 'test' => { - 'source' => '/tmp/source', - 'target' => '/tmp/target', - } - } -} -``` - -[Fileshipper module documentation](https://www.icinga.com/docs/director/latest/fileshipper/doc/02-Installation/) - -#### vSphere -This module extends the Director module. It allows you to have an automated import of virtual maschines and physical -hosts from vSphere. - -The module needs some extra PHP extensions that you need to install: -* `php-posix` -* `php-soap` - -Example: -``` puppet -class { 'icingaweb2::module::vsphere': - git_revision => 'v1.1.0', -} -``` - -[vSphere module documentation](https://www.icinga.com/docs/director/latest/vsphere/doc/01-Installation/) - -#### Graphite -This module integrates an existing Graphite installation in your Icinga Web 2 frontend. - -Example: -``` puppet -class { 'icingaweb2::module::graphite': - git_revision => 'v0.9.0', - url => 'https://localhost:8080' -} -``` - -[Graphite module documentation](https://www.icinga.com/docs/graphite/latest/) - -#### Elasticsearch -The Elasticsearch module displays events from data stored in Elasticsearch. - -Example: -``` puppet -class { 'icingaweb2::module::elasticsearch': - git_revision => 'v0.9.0', - instances => { - 'elastic' => { - uri => 'http://localhost:9200', - user => 'foo', - password => 'bar', - } - }, - eventtypes => { - 'filebeat' => { - instance => 'elastic', - index => 'filebeat-*', - filter => 'beat.hostname={host.name}', - fields => 'input_type, source, message', - } - } -} -``` - -[Elasticsearch module documentation](https://www.icinga.com/docs/graphite/latest/) - ## Reference -- [**Public classes**](#public-classes) - - [Class: icingaweb2](#class-icingaweb2) - - [Class: icingaweb2::module::monitoring](#class-icingaweb2modulemonitoring) - - [Class: icingaweb2::module::director](#class-icingaweb2moduledirector) - - [Class: icingaweb2::module::doc](#class-icingaweb2moduledoc) - - [Class: icingaweb2::module::businessprocess](#class-icingaweb2modulebusinessprocess) - - [Class: icingaweb2::module::cube](#class-icingaweb2modulecube) - - [Class: icingaweb2::module::generictts](#class-icingaweb2modulegenerictts) - - [Class: icingaweb2::module::puppetdb](#class-icingaweb2modulepuppetdb) - - [Class: icingaweb2::module::fileshipper](#class-icingaweb2modulefileshipper) - - [Class: icingaweb2::module::vsphere](#class-icingaweb2modulevsphere) - - [Class: icingaweb2::module::graphite](#class-icingaweb2modulegraphite) - - [Class: icingaweb2::module::elasticsearch](#class-icingaweb2moduleelasticsearch) -- [**Private classes**](#private-classes) - - [Class: icingaweb2::config](#class-icingaweb2config) - - [Class: icingaweb2::install](#class-icingaweb2install) - - [Class: icingaweb2::params](#class-icingaweb2params) - - [Class: icingaweb2::repo](#class-icingaweb2repo) -- [**Public defined types**](#public-defined-types) - - [Defined type: icingaweb2::inisection](#defined-type-icingaweb2inisection) - - [Defined type: icingaweb2::config::resource](#defined-type-icingaweb2configresource) - - [Defined type: icingaweb2::config::authmethod](#defined-type-icingaweb2configauthmethod) - - [Defined type: icingaweb2::config::role](#defined-type-icingaweb2configrole) - - [Defined type: icingaweb2::config::groupbackend](#defined-type-icingaweb2configgroupbackend) - - [Defined type: icingaweb2::module](#defined-type-icingaweb2module) -- [**Private defined types**](#private-defined-types) - - [Defined type: icingaweb2::module::generictts::ticketsystem](#defined-type-icingaweb2modulegenericttsticketsystem) - - [Defined type: icingaweb2::module::monitoring::commandtransport](#defined-type-modulemonitoringcommandtransport) - - [Defined type: icingaweb2::module::puppetdb::certificate](#defined-type-icingaweb2modulepuppetdbcertificate) - - [Defined type: icingaweb2::module::fileshhipper::basedir](#defined-type-icingaweb2modulefileshipperbasedir) - - [Defined type: icingaweb2::module::fileshipper::directory](#defined-type-icingaweb2modulefileshipperdirectory) - - [Defined type: icingaweb2::module::elasticsearch::instance](#defined-type-icingaweb2moduleelasticsearchinstance) - - [Defined type: icingaweb2::module::elasticsearch::eventtype](#defined-type-icingaweb2moduleelasticsearcheventtype) - -### Public Classes - -#### Class: `icingaweb2` -The default class of this module. It handles the basic installation and configuration of Icinga Web 2. - -**Parameters of `icingaweb2`:** - -##### `logging` -Whether Icinga Web 2 should log to `file` or to `syslog`. Setting `none` disables logging. Defaults to `file` - -##### `logging_file` -If 'logging' is set to `file`, this is the target log file. Defaults to `/var/log/icingaweb2/icingaweb2.log`. - -##### `logging_level` -Logging verbosity. Possible values are `ERROR`, `WARNING`, `INFO` and `DEBUG`. Defaults to `INFO` - -##### `logging_facility` -Logging facilty for syslog. Allowed values are `user` and `local0` through `local7`. Defaults to `user` - -##### `logging_application` -Logging application name for syslog. Defaults to `icingaweb2` - -##### `show_stacktraces` -Whether to display stacktraces in the web interface or not. Defaults to `false` - -##### `module_path` -Path to module sources. Multiple paths must be separated by colon. Defaults to `/usr/share/icingaweb2/modules` - -##### `theme` -The default theme setting. Users may override this settings. Defaults to `icinga`. - -##### `theme_disabled` -Whether users can change themes or not. Defaults to `false`. - -##### `manage_repo` -When set to true this module will install the packages.icinga.com repository. With this official repo you can get the -latest version of Icinga Web. When set to false the operating systems default will be used. Defaults to `false` - -**NOTE**: will be ignored if manage_package is set to `false` - -##### `manage_package` -If set to false packages aren't managed. Defaults to `true` - -##### `extra_pacakges` -An array of packages to install additionally. - -##### `import_schema` -Import database scheme. Make sure you have an existing database if you use this option. Defaults to `false` - -##### `db_type` -Database type, can be either `mysql` or `pgsql`. This parameter is only used if `import_schema` is `true` or -`config_backend` is `db`. Defaults to `mysql` - -##### `db_host` -Database hostname. This parameter is only used if `import_schema` is `true` or -`config_backend` is `db`. Defaults to `localhost` - -##### `db_port` -Port of database host. This parameter is only used if `import_schema` is `true` or -`config_backend` is `db`. Defaults to `3306` - -##### `db_name` -Database name. This parameter is only used if `import_schema` is `true` or -`config_backend` is `db`. Defaults to `icingaweb2` - -##### `db_username` -Username for database access. This parameter is only used if `import_schema` is `true` or -`config_backend` is `db`. - -##### `db_password` -Password for database access. This parameter is only used if `import_schema` is `true` or -`config_backend` is `db`. - -##### `config_backend` -The global Icinga Web 2 preferences can either be stored in a database or in ini files. This parameter can either -be set to `db` or `ini`. Defaults to `ini` - -##### `conf_user` -By default this module expects Apache2 on the server. You can change the owner of the config files with this -parameter. Default is dependent on the platform - -##### `default_domain` -When using domain-aware authentication, you can set a default domain here. - -##### `cookie_path` -Set the Cookie validity path for the Icinga Web 2 sessions. - -#### Class: `icingaweb2::module::monitoring` -Manage the monitoring module. This module is mandatory for probably every setup. - -**Parameters of `icingaweb2::module::monitoring`:** - -##### `ensure` -Enable or disable module. Defaults to `present` - -##### `protected_customvars` -Custom variables in Icinga 2 may contain sensible information. Set patterns for custom variables that should be hidden -in the web interface. Defaults to `*pw*,*pass*,community` - -##### `ido_type` -Type of your IDO database. Either `mysql` or `pgsql`. Defaults to `mysql` - -##### `ido_host` -Hostname of the IDO database. - -##### `ido_port` -Port of the IDO database. Defaults to `3306` - -##### `ido_db_name` -Name of the IDO database. - -##### `ido_db_username` -Username for IDO DB connection. - -##### `ido_db_password` -Password for IDO DB connection. - -##### `ido_db_charset` -The character set to use for the database connection. - -##### `commandtransports` -A hash of command transports. - -Example: -``` puppet - commandtransports => { - icinga2 => { - transport => 'api', - username => 'root', - password => 'icinga', - } - } -``` - -#### Class: `icingaweb2::module::director` -Install and configure the director module. - -**Parameters of `icingaweb2::module::director`:** - -##### `ensure` -Enable or disable module. Defaults to `present` - -##### `git_repository` -Set a git repository URL. Defaults to github. - -##### `git_revision` -Set either a branch or a tag name, eg. `master` or `v1.3.2`. - -##### `db_type` -Type of your database. Either `mysql` or `pgsql`. Defaults to `mysql` - -##### `db_host` -Hostname of the database. - -##### `db_port` -Port of the database. Defaults to `3306` - -##### `db_name` -Name of the database. - -##### `db_username` -Username for DB connection. - -##### `db_password` -Password for DB connection. - -##### `ido_db_charset` -The character set to use for the database connection. - -##### `import_schema` -Import database schema. Defaults to `false` - -##### `kickstart` -Run kickstart command after database migration. This requires `import_schema` to be `true`. Defaults to `false` - -##### `endpoint` -Endpoint object name of Icinga 2 API. This setting is only valid if `kickstart` is `true`. - -##### `api_host` -Icinga 2 API hostname. This setting is only valid if `kickstart` is `true`. Defaults to `localhost` - -##### `api_port` -Icinga 2 API port. This setting is only valid if `kickstart` is `true`. Defaults to `5665` - -##### `api_username` -Icinga 2 API username. This setting is only valid if `kickstart` is `true`. - -##### `api_password` -Icinga 2 API password. This setting is only valid if `kickstart` is `true`. - -#### Class: `icingaweb2::module::doc` -Install and configure the doc module. - -**Parameters of `icingaweb2::module::doc`:** - -##### `ensure` -Enable or disable module. Defaults to `present` - -#### Class: `icingaweb2::module::businessprocess` -Install and enable the businessprocess module. - -**Parameters of `icingaweb2::module::businessprocess`:** - -##### `ensure` -Enable or disable module. Defaults to `present` - -##### `git_repository` -Set a git repository URL. Defaults to github. - -##### `git_revision` -Set either a branch or a tag name, eg. `master` or `v2.1.0`. - -#### Class: `icingaweb2::module::cube` -Install and configure the cube module. - -**Parameters of `icingaweb2::module::cube`:** -The cube module is installed by cloning the git repository. Set either a branch or a tag name, eg. `master` -or `v1.0.0`. - -##### `ensure` -Enable or disable module. Defaults to `present` - -##### `git_repository` -Set a git repository URL. Defaults to github. - -##### `git_revision` -Set either a branch or a tag name, eg. `master` or `v1.0.0`. - -#### Class: `icingaweb2::module::generictts` -Install and enable the generictts module. - -**Parameters of `icingaweb2::module::generictts`:** - -##### `ensure` -Enable or disable module. Defaults to `present` - -##### `git_repository` -Set a git repository URL. Defaults to github. - -##### `git_revision` -Set either a branch or a tag name, eg. `master` or `v2.0.0`. - -##### `ticketsystems` -A hash of ticketsystems. The hash expects a `patten` and a `url` for each ticketsystem. The regex pattern is to match -the ticket ID, eg. `/#([0-9]{4,6})/`. Place the ticket ID in the URL, eg. `https://my.ticket.system/tickets/id=$1` - -Example: -``` puppet -ticketsystems => { - system1 => { - pattern => '/#([0-9]{4,6})/', - url => 'https://my.ticket.system/tickets/id=$1' - } -} -``` - -##### `ensure` -Enable or disable module. Defaults to `present` - -#### Class: `icingaweb2::module::puppetdb` -Install and configure the puppetdb module. - -**Parameters of `icingaweb2::module::puppetdb`:** - -##### `ensure` -Enable or disable module. Defaults to `present` - -##### `git_repository` -Set a git repository URL. Defaults to github. - -##### `git_revision` -Set either a branch or a tag name, eg. `master` or `v1.3.2`. - -##### `ssl` -How to set up ssl certificates. To copy certificates from the local puppet installation, use `puppet`. Defaults to -`none` - -##### `host` -Hostname of the server where PuppetDB is running. The `ssl` parameter needs to be set to `puppet`. - -##### `certificates` -Hash with SSL certificates to configure. See `icingaweb2::module::puppetdb::certificate`. - - -#### Class: `icingaweb2::module::fileshipper` -The fileshipper module extends the Director. It offers import sources to deal with CSV, JSON, YAML and XML files. - -**Parameters of `icingaweb2::module::fileshipper`:** - -##### `ensure` -Enable or disable module. Defaults to `present` - -##### `base_directories` -Hash of base directories. These directories can later be selected in the import source (Director). - -##### `directories` -Deploy plain Icinga 2 configuration files through the Director to your Icinga 2 master. - -#### Class: `icingaweb2::module::vsphere` -The vSphere module extends the Director. It provides import sources for virtual machines and physical hosts from -vSphere. - -**Parameters of `icingaweb2::module::vsphere`:** - -##### `ensure` -Enable or disable module. Defaults to `present` - -#### Class: `icingaweb2::module::graphite` -The Graphite module draws graphs out of time series data stored in Graphite. - -**Parameters of `icingaweb2::module::graphite`:** - -##### `ensure` -Enable or disable module. Defaults to `present` - -##### `url` -URL to your Graphite Web - -##### `user` -A user with access to your Graphite Web via HTTP basic authentication - -##### `password` -The users password - -##### `graphite_writer_host_name_template` -The value of your Icinga 2 GraphiteWriter's attribute `host_name_template` (if specified) - -##### `graphite_writer_service_name_template` -The value of your icinga 2 GraphiteWriter's attribute `service_name_template` (if specified) - -#### Class: `icingaweb2::module::elasticsearch` -The Elasticsearch module displays events from data stored in Elasticsearch. - -**Parameters of `icingaweb2::module::elasticsearch`:** - -##### `ensure` -Enable or disable module. Defaults to `present` - -##### `instances` -A hash that configures one or more Elasticsearch instances that this module connects to. The defined type -`icingaweb2::module::elasticsearch::instance` is used to create the instance configuration. - -##### `eventtypes` -A hash oft ypes of events that should be displayed. Event types are always connected to instances. The defined type -`icingaweb2::module::elasticsearch::eventtype` is used to create the event types. - -### Private Classes - -#### Class: `icingaweb2::config` -Installs basic configuration files required to run Icinga Web 2. - -#### Class: `icingaweb2::install` -Handles the installation of the Icinga Web 2 package. - -#### Class: `icingaweb2::params` -Stores all default parameters for the Icinga Web 2 installation. - -#### Class: `icingaweb2::repo` -Installs the [packages.icinga.com] repository. Depending on your operating system and Puppet version [puppetlabs/apt], -[puppetlabs/yumrepo_core], or [puppet/zypprepo] is required. - -### Public Defined Types - -#### Defined type: `icingaweb2::inisection` -Manage settings in INI configuration files. - -**Parameters of `icingaweb2::inisection`:** - -##### `target` -Absolute path to the configuration file. - -##### `section_name` -Name of the target section. Settings are set under `[$section_name]` - -##### `settings` -A hash of settings and their settings. Single settings may be set to absent. - -##### `order` -Ordering of the INI section within a file. Defaults to `01` - -#### Defined type: `icingaweb2::config::resource` -Manage settings in INI configuration files. - -**Parameters of `icingaweb2::config::resource`:** - -##### `resource_name` -Name of the resources. Resources are referenced by their name in other configuration sections. - -##### `type` -Supported resource types are `db` and `ldap`. - -##### `host` -Connect to the database or ldap server on the given host. For using unix domain sockets, specify `localhost` for MySQL -and the path to the unix domain socket directory for PostgreSQL. When using the 'ldap' type you can also provide -multiple hosts separated by a space. - -##### `port` -Port number to use. - -##### `db_type` -Supported DB types are `mysql` and `pgsql`. Only valid when `type` is `db`. - -##### `db_name` -The database to use. Only valid if `type` is `db`. - -##### `db_username` -The username to use when connecting to the server. Only valid if `type` is `db`. - -##### `db_password` -The password to use when connecting to the server. Only valid if `type` is `db`. - -##### `db_charset` -The character set to use for the database connection. Only valid if `type` is `db`. - -##### `ldap_root_dn` -Root object of the tree, e.g. `ou=people,dc=icinga,dc=com`. Only valid if `type` is `ldap`. - -##### `ldap_bind_dn` -The user to use when connecting to the server. Only valid if `type` is `ldap`. - -##### `ldap_bind_pw` -The password to use when connecting to the server. Only valid if `type` is `ldap`. - -##### `ldap_encryption` -Type of encryption to use: `none` (default), `starttls`, `ldaps`. Only valid if `type` is `ldap`. - -#### Defined type: `icingaweb2::config::authmethod` -Manage Icinga Web 2 authentication methods. Auth methods may be chained by setting proper ordering. Some backends -require additional resources. - -**Parameters of `icingaweb2::config::authmethod`:** - -##### `backend` -Select between 'external', 'ldap', 'msldap' or 'db'. Each backend may require other settings. - -##### `resource` -The name of the resource defined in resources.ini. - -##### `ldap_user_class` -LDAP user class. Only valid if `backend` is `ldap`. - -##### `ldap_user_name_attribute` -LDAP attribute which contains the username. Only valid if `backend` is `ldap`. - -##### `ldap_filter` -LDAP search filter. Only valid if `backend` is `ldap`. - -##### `ldap_base_dn` -LDAP base DN. Only valid if `backend` is `ldap`. - -##### `domain` -Domain for domain-aware authentication. - -##### `order` -Multiple authentication methods can be chained. The order of entries in the authentication configuration determines -the order of the authentication methods. Defaults to `01` - -#### Defined type: `icingaweb2::config::role` -Roles define a set of permissions that may be applied to users or groups. - -**Parameters of `icingaweb2::config::role`:** - -##### `role_name` -Name of the role. - -##### `users` -Comma separated list of users this role applies to. - -##### `groups` -Comma separated list of groups this role applies to. - -##### `permissions` -Comma separated lsit of permissions. Each module may add it's own permissions. Examples are - -* Allow everything: `*` -* Allow config access: `config/*` -* Allow access do module monitoring: `module/monitoring` -* Allow scheduling checks: `monitoring/command/schedule-checks` -* Grant admin permissions: `admin` - -##### `filters` -Hash of filters. Modules may add new filter keys, some sample keys are: - -* `application/share/users` -* `application/share/groups` -* `monitoring/filter/objects` -* `monitoring/blacklist/properties` - -A string value is expected for each used key. For example: -* monitoring/filter/objects = `host_name!=*win*` - -#### Defined type: `icingaweb2::config::groupbackend` -Groups of users can be stored either in a database, LDAP or ActiveDirectory. This defined type configures backends that -store groups. - -**Parameters of `icingaweb2::config::groupbackend`:** - -##### `group_name` -Name of the resources. Resources are referenced by their name in other configuration sections. - -##### `backend` -Type of backend. Valide values are: `db`, `ldap` and `msldap`. Each backend supports different settings, see the -parameters for detailed information. - -##### `resource` -The resource used to connect to the backend. The resource contains connection information. - -##### `ldap_user_backend` -A group backend can be connected with an authentication method. This parameter references the auth method. Only -valid with backend `ldap` or `msldap`. - -##### `ldap_group_class` -Class used to identify group objects. Only valid with backend `ldap`. - -##### `ldap_group_filter` -Use a LDAP filter to receive only certain groups. Only valid with backend `ldap` or `msldap`. - -##### `ldap_group_name_attribute` -The group name attribute. Only valid with backend `ldap`. - -##### `ldap_group_member_attribute` -The group member attribute. Only valid with backend `ldap`. - -##### `ldap_base_dn` -Base DN that is searched for groups. Only valid with backend `ldap` with `msldap`. - -##### `ldap_nested_group_search` -Search for groups in groups. Only valid with backend `msldap`. - -##### `domain` -Domain for domain-aware authentication. - -#### Defined type: `icingaweb2::module` -Download, enable and configure Icinga Web 2 modules. This is a public defined type and is meant to be used to install -modules developed by the community as well. - -**Parameters of `icingaweb2::module`:** - -##### `ensure` -Enable or disable module. Defaults to `present` - -##### `module` -Name of the module. - -##### `module_dir` -Target directory of the module. - -##### `install_method` -Install methods are `git`, `package` and `none` is supported as installation method. Defaults to `git` - -##### `git_repository` -Git repository of the module. This setting is only valid in combination with the installation method `git`. - -##### `git_revision` -Tag or branch of the git repository. This setting is only valid in combination with the installation method `git`. - -#### `package_name` -Package name of the module. This setting is only valid in combination with the installation method `package`. - -##### `settings` -A hash with the module settings. Multiple configuration files with ini sections can be configured with this hash. The -`module_name` should be used as target directory for the configuration files. - -Example: - -``` puppet - $conf_dir = $::icingaweb2::params::conf_dir - $module_conf_dir = "${conf_dir}/modules/mymodule" - - $settings = { - 'section1' => { - 'target' => "${module_conf_dir}/config1.ini", - 'settings' => { - 'setting1' => 'value1', - 'setting2' => 'value2', - } - }, - 'section2' => { - 'target' => "${module_conf_dir}/config2.ini", - 'settings' => { - 'setting3' => 'value3', - 'setting4' => 'value4', - } - } - } -``` - -### Private Defined Types - -#### Defined type: `icingaweb2::module::generictts::ticketsystem` -Manage ticketsystem configuration for the generictts module. - -**Parameters of `icingaweb2::module::generictts::ticketsystem`:** - -##### `ticketsystem` -The name of the ticketsystem. - -##### `pattern` -A regex pattern to match ticket numbers, eg. `/#([0-9]{4,6})/` - -##### `url` -The URL to your ticketsystem. Place the ticket ID in the URL, eg. `https://my.ticket.system/tickets/id=$1` - -#### Defined type: `icingaweb2::module::monitoring::commandtransport` -Manage commandtransports for the monitoring module. - -**Parameters of `icingaweb2::module::monitoring::commandtransport`:** - -##### `commandtransport` -The name of the commandtransport. - -##### `transport` -The transport type you wish to use. Either `api` or `local`. Defaults to `api` - -##### `host` -Hostname/ip for the transport. Only needed for api transport. Defaults to `localhost` - -##### `port` -Port for the transport. Only needed for api transport. Defaults to `5665` - -##### `username` -Username for the transport. Only needed for api transport. - -##### `password` -Password for the transport. Only needed for api transport. - -##### `path` -Path for the transport. Only needed for local transport. Defaults to `/var/run/icinga2/cmd/icinga2.cmd` - -#### Defined type: `icingaweb2::module::puppetdb::certificate` - -Add extra certificates to the puppetdb module - -**Parameters of `icingaweb2::module::puppetdb::certificate`:** - -##### `ensure` -Enable or disable certificate. Defaults to `present` - -##### `ssl_key` -Contents of the combined SSL key. - -##### `ssl_cacert` -CA certificate - -#### Defined type: `icingaweb2::module::fileshipper::basedir` - -Manage base directories for the fileshipper module - -**Parameters of `icingaweb2::module::fileshipper::basedir`:** - -##### `identifier` -Identifier of the base directory - -##### `basedir` -Absolute path of a direcory - -#### Defined type: `icingaweb2::module::fileshipper::directory` - -Manage directories with plain Icinga 2 configuration files - -**Parameters of `icingaweb2::module::fileshipper::directory`:** - -##### `identifier` -Identifier of the base directory - -##### `source` -Absolute path of the source direcory - -##### `target` -Absolute path of the target direcory - -##### `extensions` -Only files with these extensions will be synced. Defaults to `.conf` - -#### Defined type: `icingaweb2::module::elasticsearch::instance` -Manage an Elasticsearch instance - -**Parameters of `icingaweb2::module::elasticsearch::instance`:** - -##### `name` -Name of the Elasticsearch instance - -##### `uri` -URI to the Elasticsearch instance - -##### `user` -The user to use for authentication - -##### `password` -The password to use for authentication - -##### `ca` -The path of the file containing one or more certificates to verify the peer with or the path to the directory -that holds multiple CA certificates. - -##### `client_certificate` -The path of the client certificates - -##### `client_private_key` -The path of the client private key - -#### Defined type: `icingaweb2::module::elasticsearch::eventtype` -Manage an Elasticsearch event type - -**Parameters of `icingaweb2::module::elasticsearch::eventtype`:** - -##### `name*] -Name of the event type. - -##### `instance*] -Elasticsearch instance to connect to. - -##### `index*] -Elasticsearch index pattern, e.g. `filebeat-*`. - -##### `filter*] -Elasticsearch filter in the Icinga Web 2 URL filter format. Host macros are evaluated if you encapsulate them in -curly braces, e.g. `host={host.name}&location={_host_location}`. - -##### `fields*] -Comma-separated list of field names to display. One or more wildcard asterisk (`*`) patterns are also accepted. -Note that the `@timestamp` field is always respected. +See [REFERENCE.md](https://github.com/Icinga/puppet-icingaweb2/blob/master/REFERENCE.md) ## Development + A roadmap of this project is located at https://github.com/Icinga/puppet-icingaweb2/milestones. Please consider this roadmap when you start contributing to the project. ### Contributing + When contributing several steps such as pull requests and proper testing implementations are required. Find a detailed step by step guide in [CONTRIBUTING.md]. ### Testing + Testing is essential in our workflow to ensure a good quality. We use RSpec as well as Serverspec to test all components of this module. For a detailed description see [TESTING.md]. -## Release Notes +### Release Notes + When releasing new versions we refer to [SemVer 1.0.0] for version numbers. All steps required when creating a new release are described in [RELEASE.md] See also [CHANGELOG.md] -## Authors +### Authors + [AUTHORS] is generated on each release. [Icinga 2]: https://www.icinga.com/products/icinga-2/ [Icinga Web 2]: https://www.icinga.com/products/icinga-web-2/ +[icinga/icinga]: https://github.com/icinga/puppet-icinga/ -[puppetlabs/apt]: https://github.com/puppetlabs/puppetlabs-apt -[puppetlabs/yumrepo_core]: https://github.com/puppetlabs/puppetlabs-yumrepo_core -[puppet/zypprepo]: https://forge.puppet.com/puppet/zypprepo [puppetlabs/stdlib]: https://github.com/puppetlabs/puppetlabs-stdlib [puppetlabs/concat]: https://github.com/puppetlabs/puppetlabs-concat [puppetlabs/vcsrepo]: https://forge.puppet.com/puppetlabs/vcsrepo [puppetlabs/mysql]: https://github.com/puppetlabs/puppetlabs-mysql [puppetlabs/puppetlabs-postgresql]: https://github.com/puppetlabs/puppetlabs-postgresql [packages.icinga.com]: https://packages.icinga.com [CHANGELOG.md]: CHANGELOG.md [AUTHORS]: AUTHORS [RELEASE.md]: RELEASE.md [TESTING.md]: TESTING.md [CONTRIBUTING.md]: CONTRIBUTING.md diff --git a/REFERENCE.md b/REFERENCE.md new file mode 100644 index 0000000..0f09770 --- /dev/null +++ b/REFERENCE.md @@ -0,0 +1,1952 @@ +# Reference + + + +## Table of Contents + +### Classes + +#### Public Classes + +* [`icingaweb2`](#icingaweb2): Installs and configures Icinga Web 2. +* [`icingaweb2::globals`](#icingaweb2globals): This class loads the default parameters by doing a hiera lookup. +* [`icingaweb2::module::businessprocess`](#icingaweb2modulebusinessprocess): Installs and enables the businessprocess module. +* [`icingaweb2::module::cube`](#icingaweb2modulecube): Installs and enables the cube module. +* [`icingaweb2::module::director`](#icingaweb2moduledirector): Installs and configures the director module. +* [`icingaweb2::module::director::service`](#icingaweb2moduledirectorservice): Installs and configures the director service. +* [`icingaweb2::module::doc`](#icingaweb2moduledoc): The doc module provides an interface to the Icinga 2 and Icinga Web 2 documentation. +* [`icingaweb2::module::elasticsearch`](#icingaweb2moduleelasticsearch): The Elasticsearch module displays events from data stored in Elasticsearch. +* [`icingaweb2::module::fileshipper`](#icingaweb2modulefileshipper): The fileshipper module extends the Director. It offers import sources to deal with CSV, JSON, YAML and XML files. +* [`icingaweb2::module::generictts`](#icingaweb2modulegenerictts): Installs and enables the generictts module. +* [`icingaweb2::module::graphite`](#icingaweb2modulegraphite): The Graphite module draws graphs out of time series data stored in Graphite. +* [`icingaweb2::module::incubator`](#icingaweb2moduleincubator): Installs and enables the incubator module. +* [`icingaweb2::module::ipl`](#icingaweb2moduleipl): Installs and enables the ipl module. +* [`icingaweb2::module::monitoring`](#icingaweb2modulemonitoring): Manages the monitoring module. This module is mandatory for probably every setup. +* [`icingaweb2::module::puppetdb`](#icingaweb2modulepuppetdb): Installs and configures the puppetdb module. +* [`icingaweb2::module::reactbundle`](#icingaweb2modulereactbundle): Installs and enables the reactbundle module. +* [`icingaweb2::module::translation`](#icingaweb2moduletranslation): Installs and configures the translation module. +* [`icingaweb2::module::vsphere`](#icingaweb2modulevsphere): The vSphere module extends the Director. It provides import sources for virtual machines and physical hosts from vSphere. + +#### Private Classes + +* `icingaweb2::config`: Configures Icinga Web 2. +* `icingaweb2::install`: Installs Icinga Web 2 and extra packages. + +### Defined types + +#### Public Defined types + +* [`icingaweb2::config::authmethod`](#icingaweb2configauthmethod): Manage Icinga Web 2 authentication methods. Auth methods may be chained by setting proper ordering. +* [`icingaweb2::config::groupbackend`](#icingaweb2configgroupbackend): Groups of users can be stored either in a database, LDAP or ActiveDirectory. This defined type configures backends +that store groups. +* [`icingaweb2::config::resource`](#icingaweb2configresource): Create and remove Icinga Web 2 resources. Resources may be referenced in other configuration sections. +* [`icingaweb2::config::role`](#icingaweb2configrole): Roles define a set of permissions that may be applied to users or groups. +* [`icingaweb2::inisection`](#icingaweb2inisection): Manage settings in INI configuration files. +* [`icingaweb2::module`](#icingaweb2module): Download, enable and configure Icinga Web 2 modules. + +#### Private Defined types + +* `icingaweb2::module::elasticsearch::eventtype`: Manages an Elasticsearch event types +* `icingaweb2::module::elasticsearch::instance`: Manages an Elasticsearch instance +* `icingaweb2::module::fileshipper::basedir`: Manages base directories for the fileshipper module. +* `icingaweb2::module::fileshipper::directory`: Manages directories with plain Icinga 2 configuration files. +* `icingaweb2::module::generictts::ticketsystem`: Manages ticketsystem configuration for the generictts module. +* `icingaweb2::module::monitoring::commandtransport`: Manages commandtransport configuration for the monitoring module. +* `icingaweb2::module::puppetdb::certificate`: Installs a certificate for the Icinga Web 2 puppetdb module. + +## Classes + +### `icingaweb2` + +Installs and configures Icinga Web 2. + +#### Examples + +##### Use MySQL as backend for user authentication: + +```puppet +include ::mysql::server + +mysql::db { 'icingaweb2': + user => 'icingaweb2', + password => 'supersecret', + host => 'localhost', + grant => [ 'ALL' ], +} + +class {'icingaweb2': + manage_repos => true, + import_schema => true, + db_type => 'mysql', + db_host => 'localhost', + db_port => 3306, + db_username => 'icingaweb2', + db_password => 'supersecret', + require => Mysql::Db['icingaweb2'], +} +``` + +##### Use PostgreSQL as backend for user authentication: + +```puppet +include ::postgresql::server + +postgresql::server::db { 'icingaweb2': + user => 'icingaweb2', + password => postgresql_password('icingaweb2', 'icingaweb2'), +} + +class {'icingaweb2': + manage_repos => true, + import_schema => true, + db_type => 'pgsql', + db_host => 'localhost', + db_port => 5432, + db_username => 'icingaweb2', + db_password => 'icingaweb2', + require => Postgresql::Server::Db['icingaweb2'], +} +``` + +#### Parameters + +The following parameters are available in the `icingaweb2` class. + +##### `logging` + +Data type: `Enum['file', 'syslog', 'php', 'none']` + +Whether Icinga Web 2 should log to 'file', 'syslog' or 'php' (web server's error log). Setting 'none' disables logging. + +Default value: `'file'` + +##### `logging_file` + +Data type: `Stdlib::Absolutepath` + +If 'logging' is set to 'file', this is the target log file. + +##### `logging_level` + +Data type: `Enum['ERROR', 'WARNING', 'INFO', 'DEBUG']` + +Logging verbosity. Possible values are 'ERROR', 'WARNING', 'INFO' and 'DEBUG'. + +Default value: `'INFO'` + +##### `logging_facility` + +Data type: `Pattern[/user|local[0-7]/]` + +Logging facility when using syslog. Possible values are 'user' or 'local0' up to 'local7'. + +Default value: `'user'` + +##### `logging_application` + +Data type: `String` + +Logging application name when using syslog. + +Default value: `'icingaweb2'` + +##### `show_stacktraces` + +Data type: `Boolean` + +Whether to display stacktraces in the web interface or not. + +Default value: ``false`` + +##### `module_path` + +Data type: `Stdlib::Absolutepath` + +Path to module sources. Multiple paths must be separated by colon. + +##### `theme` + +Data type: `String` + +The default theme setting. Users may override this settings. + +Default value: `'Icinga'` + +##### `theme_disabled` + +Data type: `Boolean` + +Whether users can change themes or not. + +Default value: ``false`` + +##### `manage_repo` + +Data type: `Boolean` + +Deprecated, use manage_repos. + +Default value: ``false`` + +##### `manage_repos` + +Data type: `Boolean` + +When set to true this module will use the module icinga/puppet-icinga to manage repositories, +e.g. the release repo on packages.icinga.com repository by default, the EPEL repository or Backports. +For more information, see http://github.com/icinga/puppet-icinga. + +Default value: ``false`` + +##### `manage_package` + +Data type: `Boolean` + +If set to `false` packages aren't managed. + +Default value: ``true`` + +##### `extra_packages` + +Data type: `Optional[Array[String]]` + +An array of packages to install additionally. + +Default value: ``undef`` + +##### `import_schema` + +Data type: `Boolean` + +Import database scheme. Make sure you have an existing database if you use this option. + +Default value: ``false`` + +##### `db_type` + +Data type: `Enum['mysql', 'pgsql']` + +Database type, can be either `mysql` or `pgsql`. This parameter is only used if `import_schema` is `true` or +`config_backend` is `db`. + +Default value: `'mysql'` + +##### `db_host` + +Data type: `Stdlib::Host` + +Database hostname. This parameter is only used if `import_schema` is `true` or +`config_backend` is `db`. + +Default value: `'localhost'` + +##### `db_port` + +Data type: `Stdlib::Port` + +Port of database host. This parameter is only used if `import_schema` is `true` or +`config_backend` is `db`. + +Default value: `3306` + +##### `db_name` + +Data type: `String` + +Database name. This parameter is only used if `import_schema` is `true` or +`config_backend` is `db`. + +Default value: `'icingaweb2'` + +##### `db_username` + +Data type: `Optional[String]` + +Username for database access. This parameter is only used if `import_schema` is `true` or +`config_backend` is `db`. + +Default value: ``undef`` + +##### `db_password` + +Data type: `Optional[String]` + +Password for database access. This parameter is only used if `import_schema` is `true` or +`config_backend` is `db`. + +Default value: ``undef`` + +##### `config_backend` + +Data type: `Enum['ini', 'db']` + +The global Icinga Web 2 preferences can either be stored in a database or in ini files. This parameter can either +be set to `db` or `ini`. + +Default value: `'ini'` + +##### `conf_user` + +Data type: `String` + +By default this module expects Apache2 on the server. You can change the owner of the config files with this +parameter. + +##### `conf_group` + +Data type: `String` + +Group membership of config files. + +##### `default_domain` + +Data type: `Optional[String]` + +When using domain-aware authentication, you can set a default domain here. + +Default value: ``undef`` + +##### `cookie_path` + +Data type: `Optional[Stdlib::Absolutepath]` + +Path to where cookies are stored. + +Default value: ``undef`` + +### `icingaweb2::globals` + +This class loads the default parameters by doing a hiera lookup. + +* **Note** This parameters depend on the os plattform. Changes maybe will break the functional capability of the supported plattforms and versions. Please only do changes when you know what you're doing. + +#### Parameters + +The following parameters are available in the `icingaweb2::globals` class. + +##### `package_name` + +Data type: `String` + + + +##### `conf_dir` + +Data type: `Stdlib::Absolutepath` + + + +##### `mysql_db_schema` + +Data type: `Stdlib::Absolutepath` + + + +##### `pgsql_db_schema` + +Data type: `Stdlib::Absolutepath` + + + +##### `gettext_package_name` + +Data type: `String` + + + +##### `icingacli_bin` + +Data type: `Stdlib::Absolutepath` + + + +### `icingaweb2::module::businessprocess` + +Installs and enables the businessprocess module. + +* **Note** If you want to use `git` as `install_method`, the CLI `git` command has to be installed. You can manage it yourself as package resource or declare the package name in icingaweb2 class parameter `extra_packages`. + +#### Examples + +##### + +```puppet +class { 'icingaweb2::module::businessprocess': + git_revision => 'v2.1.0' +} +``` + +#### Parameters + +The following parameters are available in the `icingaweb2::module::businessprocess` class. + +##### `ensure` + +Data type: `Enum['absent', 'present']` + +Enable or disable module. + +Default value: `'present'` + +##### `git_repository` + +Data type: `String` + +Set a git repository URL. + +##### `git_revision` + +Data type: `Optional[String]` + +Set either a branch or a tag name, eg. `master` or `v2.1.0`. + +Default value: ``undef`` + +### `icingaweb2::module::cube` + +Installs and enables the cube module. + +* **Note** If you want to use `git` as `install_method`, the CLI `git` command has to be installed. You can manage it yourself as package resource or declare the package name in icingaweb2 class parameter `extra_packages`. + +#### Examples + +##### + +```puppet +class { 'icingaweb2::module::cube': + git_revision => 'v1.0.0' +} +``` + +#### Parameters + +The following parameters are available in the `icingaweb2::module::cube` class. + +##### `ensure` + +Data type: `Enum['absent', 'present']` + +Enable or disable module. + +Default value: `'present'` + +##### `git_repository` + +Data type: `String` + +Set a git repository URL. + +##### `git_revision` + +Data type: `Optional[String]` + +Set either a branch or a tag name, eg. `master` or `v1.0.0`. + +Default value: ``undef`` + +### `icingaweb2::module::director` + +Installs and configures the director module. + +* **Note** If you want to use `git` as `install_method`, the CLI `git` command has to be installed. You can manage it yourself as package resource or declare the package name in icingaweb2 class parameter `extra_packages`. + +#### Examples + +##### + +```puppet +class { 'icingaweb2::module::director': + git_revision => 'v1.7.2', + db_host => 'localhost', + db_name => 'director', + db_username => 'director', + db_password => 'supersecret', + import_schema => true, + kickstart => true, + endpoint => 'puppet-icingaweb2.localdomain', + api_username => 'director', + api_password => 'supersecret', + require => Mysql::Db['director'] +} +``` + +#### Parameters + +The following parameters are available in the `icingaweb2::module::director` class. + +##### `ensure` + +Data type: `Enum['absent', 'present']` + +Enable or disable module. + +Default value: `'present'` + +##### `git_repository` + +Data type: `String` + +Set a git repository URL. + +##### `git_revision` + +Data type: `Optional[String]` + +Set either a branch or a tag name, eg. `master` or `v1.3.2`. + +Default value: ``undef`` + +##### `db_type` + +Data type: `Enum['mysql', 'pgsql']` + +Type of your database. Either `mysql` or `pgsql`. + +Default value: `'mysql'` + +##### `db_host` + +Data type: `Optional[Stdlib::Host]` + +Hostname of the database. + +Default value: ``undef`` + +##### `db_port` + +Data type: `Stdlib::Port` + +Port of the database. + +Default value: `3306` + +##### `db_name` + +Data type: `Optional[String]` + +Name of the database. + +Default value: ``undef`` + +##### `db_username` + +Data type: `Optional[String]` + +Username for DB connection. + +Default value: ``undef`` + +##### `db_password` + +Data type: `Optional[String]` + +Password for DB connection. + +Default value: ``undef`` + +##### `import_schema` + +Data type: `Boolean` + +Import database schema. + +Default value: ``false`` + +##### `kickstart` + +Data type: `Boolean` + +Run kickstart command after database migration. This requires `import_schema` to be `true`. + +Default value: ``false`` + +##### `endpoint` + +Data type: `Optional[String]` + +Endpoint object name of Icinga 2 API. This setting is only valid if `kickstart` is `true`. + +Default value: ``undef`` + +##### `api_host` + +Data type: `Stdlib::Host` + +Icinga 2 API hostname. This setting is only valid if `kickstart` is `true`. + +Default value: `'localhost'` + +##### `api_port` + +Data type: `Stdlib::Port` + +Icinga 2 API port. This setting is only valid if `kickstart` is `true`. + +Default value: `5665` + +##### `api_username` + +Data type: `Optional[String]` + +Icinga 2 API username. This setting is only valid if `kickstart` is `true`. + +Default value: ``undef`` + +##### `api_password` + +Data type: `Optional[String]` + +Icinga 2 API password. This setting is only valid if `kickstart` is `true`. + +Default value: ``undef`` + +##### `db_charset` + +Data type: `String` + + + +Default value: `'utf8'` + +### `icingaweb2::module::director::service` + +Installs and configures the director service. + +* **Note** Only systemd is supported by the Icinga Team and this module. + +#### Parameters + +The following parameters are available in the `icingaweb2::module::director::service` class. + +##### `ensure` + +Data type: `Stdlib::Ensure::Service` + +Whether the director service should be running. + +Default value: `'running'` + +##### `enable` + +Data type: `Boolean` + +Enable or disable the service. + +Default value: ``true`` + +##### `user` + +Data type: `String` + +Specifies user to run director service daemon. + +Default value: `'icingadirector'` + +##### `group` + +Data type: `String` + +Specifies primary group for user to run director service daemon. + +Default value: `'icingaweb2'` + +##### `manage_user` + +Data type: `Boolean` + +Whether to manage the server user resource. + +Default value: ``true`` + +### `icingaweb2::module::doc` + +The doc module provides an interface to the Icinga 2 and Icinga Web 2 documentation. + +#### Parameters + +The following parameters are available in the `icingaweb2::module::doc` class. + +##### `ensure` + +Data type: `Enum['absent', 'present']` + +Enable or disable module. Defaults to `present` + +Default value: `'present'` + +### `icingaweb2::module::elasticsearch` + +The Elasticsearch module displays events from data stored in Elasticsearch. + +* **Note** If you want to use `git` as `install_method`, the CLI `git` command has to be installed. You can manage it yourself as package resource or declare the package name in icingaweb2 class parameter `extra_packages`. + +#### Examples + +##### + +```puppet +class { 'icingaweb2::module::elasticsearch': + git_revision => 'v0.9.0', + instances => { + 'elastic' => { + uri => 'http://localhost:9200', + user => 'foo', + password => 'bar', + } + }, + eventtypes => { + 'filebeat' => { + instance => 'elastic', + index => 'filebeat-*', + filter => 'beat.hostname={host.name}', + fields => 'input_type, source, message', + } + } +} +``` + +#### Parameters + +The following parameters are available in the `icingaweb2::module::elasticsearch` class. + +##### `ensure` + +Data type: `Enum['absent', 'present']` + +Enable or disable module. + +Default value: `'present'` + +##### `git_repository` + +Data type: `String` + +Set a git repository URL. + +##### `git_revision` + +Data type: `Optional[String]` + +Set either a branch or a tag name, eg. `master` or `v1.3.2`. + +Default value: ``undef`` + +##### `instances` + +Data type: `Optional[Hash]` + +A hash that configures one or more Elasticsearch instances that this module connects to. The defined type +`icingaweb2::module::elasticsearch::instance` is used to create the instance configuration. + +Default value: ``undef`` + +##### `eventtypes` + +Data type: `Optional[Hash]` + +A hash oft ypes of events that should be displayed. Event types are always connected to instances. The defined type +`icingaweb2::module::elasticsearch::eventtype` is used to create the event types. + +Default value: ``undef`` + +### `icingaweb2::module::fileshipper` + +@example: + class { 'icingaweb2::module::fileshipper': + git_revision => 'v1.0.1', + base_directories => { + temp => '/var/lib/fileshipper' + }, + directories => { + 'test' => { + 'source' => '/var/lib/fileshipper/source', + 'target' => '/var/lib/fileshipper/target', + } + } + } + +* **Note** If you want to use `git` as `install_method`, the CLI `git` command has to be installed. You can manage it yourself as package resource or declare the package name in icingaweb2 class parameter `extra_packages`. + +#### Parameters + +The following parameters are available in the `icingaweb2::module::fileshipper` class. + +##### `ensure` + +Data type: `Enum['absent', 'present']` + +Enables or disables module. + +Default value: `'present'` + +##### `git_repository` + +Data type: `String` + +Set a git repository URL. + +##### `git_revision` + +Data type: `Optional[String]` + +Set either a branch or a tag name, eg. `master` or `v1.3.2`. + +Default value: ``undef`` + +##### `base_directories` + +Data type: `Hash` + +Hash of base directories. These directories can later be selected in the import source (Director). + +Default value: `{}` + +##### `directories` + +Data type: `Hash` + +Deploy plain Icinga 2 configuration files through the Director to your Icinga 2 master. + +Default value: `{}` + +### `icingaweb2::module::generictts` + +Installs and enables the generictts module. + +* **Note** If you want to use `git` as `install_method`, the CLI `git` command has to be installed. You can manage it yourself as package resource or declare the package name in icingaweb2 class parameter `extra_packages`. + +#### Examples + +##### + +```puppet +class { 'icingaweb2::module::generictts': + git_revision => 'v2.0.0', + ticketsystems => { + 'my-ticket-system' => { + pattern => '/#([0-9]{4,6})/', + url => 'https://my.ticket.system/tickets/id=$1', + }, + }, +} +``` + +#### Parameters + +The following parameters are available in the `icingaweb2::module::generictts` class. + +##### `ensure` + +Data type: `Enum['absent', 'present']` + +Enable or disable module. + +Default value: `'present'` + +##### `git_repository` + +Data type: `String` + +Set a git repository URL. + +##### `git_revision` + +Data type: `Optional[String]` + +Set either a branch or a tag name, eg. `master` or `v2.0.0`. + +Default value: ``undef`` + +##### `ticketsystems` + +Data type: `Hash` + +A hash of ticketsystems. The hash expects a `patten` and a `url` for each ticketsystem. +The regex pattern is to match the ticket ID, eg. `/#([0-9]{4,6})/`. Place the ticket ID +in the URL, eg. `https://my.ticket.system/tickets/id=$1`. + +Default value: `{}` + +### `icingaweb2::module::graphite` + +The Graphite module draws graphs out of time series data stored in Graphite. + +* **Note** If you want to use `git` as `install_method`, the CLI `git` command has to be installed. You can manage it yourself as package resource or declare the package name in icingaweb2 class parameter `extra_packages`. + +#### Examples + +##### + +```puppet +class { 'icingaweb2::module::graphite': + git_revision => 'v0.9.0', + url => 'https://localhost:8080' +} +``` + +#### Parameters + +The following parameters are available in the `icingaweb2::module::graphite` class. + +##### `ensure` + +Data type: `Enum['absent', 'present']` + +Enables or disables module. + +Default value: `'present'` + +##### `git_repository` + +Data type: `String` + +Set a git repository URL. + +##### `git_revision` + +Data type: `Optional[String]` + +Set either a branch or a tag name, eg. `master` or `v1.3.2`. + +Default value: ``undef`` + +##### `url` + +Data type: `Optional[String]` + +URL to your Graphite Web/API. + +Default value: ``undef`` + +##### `user` + +Data type: `Optional[String]` + +A user with access to your Graphite Web via HTTP basic authentication. + +Default value: ``undef`` + +##### `password` + +Data type: `Optional[String]` + +The users password. + +Default value: ``undef`` + +##### `graphite_writer_host_name_template` + +Data type: `Optional[String]` + +The value of your Icinga 2 GraphiteWriter's attribute `host_name_template` (if specified). + +Default value: ``undef`` + +##### `graphite_writer_service_name_template` + +Data type: `Optional[String]` + +The value of your icinga 2 GraphiteWriter's attribute `service_name_template` (if specified). + +Default value: ``undef`` + +### `icingaweb2::module::incubator` + +Installs and enables the incubator module. + +* **Note** If you want to use `git` as `install_method`, the CLI `git` command has to be installed. You can manage it yourself as package resource or declare the package name in icingaweb2 class parameter `extra_packages`. + +#### Parameters + +The following parameters are available in the `icingaweb2::module::incubator` class. + +##### `ensure` + +Data type: `Enum['absent', 'present']` + +Enable or disable module. Defaults to `present` + +Default value: `'present'` + +##### `git_repository` + +Data type: `String` + +Set a git repository URL. Defaults to github. + +##### `git_revision` + +Data type: `String` + +Set either a branch or a tag name, eg. `stable/0.7.0` or `v0.7.0`. + +### `icingaweb2::module::ipl` + +Installs and enables the ipl module. + +* **Note** If you want to use `git` as `install_method`, the CLI `git` command has to be installed. You can manage it yourself as package resource or declare the package name in icingaweb2 class parameter `extra_packages`. + +#### Parameters + +The following parameters are available in the `icingaweb2::module::ipl` class. + +##### `ensure` + +Data type: `Enum['absent', 'present']` + +Enable or disable module. + +Default value: `'present'` + +##### `git_repository` + +Data type: `String` + +Set a git repository URL. + +##### `git_revision` + +Data type: `String` + +Set either a branch or a tag name, eg. `stable/0.7.0` or `v0.7.0`. + +### `icingaweb2::module::monitoring` + +Requirements: + * IDO feature in Icinga 2 (MySQL or PostgreSQL) + * `ApiUser` object in Icinga 2 with proper permissions + + class {'icingaweb2::module::monitoring': + ido_host => 'localhost', + ido_db_type => 'mysql', + ido_db_name => 'icinga2', + ido_db_username => 'icinga2', + ido_db_password => 'supersecret', + commandtransports => { + icinga2 => { + transport => 'api', + username => 'icingaweb2', + password => 'supersecret', + } + } + } + +* **Note** At first have a look at the [Monitoring module documentation](https://www.icinga.com/docs/icingaweb2/latest/modules/monitoring/doc/01-About/). + +#### Examples + +##### This module is mandatory for almost every setup. It connects your Icinga Web interface to the Icinga 2 core. Current and history information are queried through the IDO database. Actions such as `Check Now`, `Set Downtime` or `Acknowledge` are send to the Icinga 2 API. + +```puppet + +``` + +#### Parameters + +The following parameters are available in the `icingaweb2::module::monitoring` class. + +##### `ensure` + +Data type: `Enum['absent', 'present']` + +Enable or disable module. + +Default value: `'present'` + +##### `protected_customvars` + +Data type: `Variant[String, Array[String]]` + +Custom variables in Icinga 2 may contain sensible information. Set patterns for custom variables +that should be hidden in the web interface. + +Default value: `['*pw*', '*pass*', 'community']` + +##### `ido_type` + +Data type: `Enum['mysql', 'pgsql']` + +Type of your IDO database. Either `mysql` or `pgsql`. + +Default value: `'mysql'` + +##### `ido_host` + +Data type: `Optional[Stdlib::Host]` + +Hostname of the IDO database. + +Default value: ``undef`` + +##### `ido_port` + +Data type: `Stdlib::Port` + +Port of the IDO database. + +Default value: `3306` + +##### `ido_db_name` + +Data type: `Optional[String]` + +Name of the IDO database. + +Default value: ``undef`` + +##### `ido_db_username` + +Data type: `Optional[String]` + +Username for IDO DB connection. + +Default value: ``undef`` + +##### `ido_db_password` + +Data type: `Optional[String]` + +Password for IDO DB connection. + +Default value: ``undef`` + +##### `ido_db_charset` + +Data type: `Optional[String]` + +The character set to use for the database connection. + +Default value: ``undef`` + +##### `commandtransports` + +Data type: `Hash` + +A hash of command transports. + +Default value: `{}` + +### `icingaweb2::module::puppetdb` + +Installs and configures the puppetdb module. + +* **Note** If you want to use `git` as `install_method`, the CLI `git` command has to be installed. You can manage it yourself as package resource or declare the package name in icingaweb2 class parameter `extra_packages`. + +#### Examples + +##### Set up the PuppetDB module and configure two custom SSL keys: + +```puppet +$certificates = { + 'pupdb1' => { + :ssl_key => '-----BEGIN RSA PRIVATE KEY----- abc...', + :ssl_cacert => '-----BEGIN RSA PRIVATE KEY----- def...', + }, + 'pupdb2' => { + :ssl_key => '-----BEGIN RSA PRIVATE KEY----- zyx...', + :ssl_cacert => '-----BEGIN RSA PRIVATE KEY----- wvur...', + }, +} + +class { '::icingaweb2::module::puppetdb': + git_revision => 'master', + ssl => 'none', + certificates => $certificates, +} +``` + +##### Set up the PuppetDB module and configure the hosts SSL key to connect to the PuppetDB host: + +```puppet +class {'::icingaweb2::module::puppetdb': + git_revision => 'master', + ssl => 'puppet', + host => 'puppetdb.example.com', +} +``` + +#### Parameters + +The following parameters are available in the `icingaweb2::module::puppetdb` class. + +##### `ensure` + +Data type: `Enum['absent', 'present']` + +Enable or disable module. + +Default value: `'present'` + +##### `git_repository` + +Data type: `String` + +Set a git repository URL. + +##### `git_revision` + +Data type: `Optional[String]` + +Set either a branch or a tag name, eg. `master` or `v1.3.2`. + +Default value: ``undef`` + +##### `ssl` + +Data type: `Enum['none', 'puppet']` + +How to set up ssl certificates. To copy certificates from the local puppet installation, use `puppet`. + +Default value: `'none'` + +##### `host` + +Data type: `Optional[Stdlib::Host]` + +Hostname of the server where PuppetDB is running. The `ssl` parameter needs to be set to `puppet`. + +Default value: ``undef`` + +##### `certificates` + +Data type: `Hash` + +Hash with icingaweb2::module::puppetdb::certificate resources. + +Default value: `{}` + +### `icingaweb2::module::reactbundle` + +Installs and enables the reactbundle module. + +* **Note** If you want to use `git` as `install_method`, the CLI `git` command has to be installed. You can manage it yourself as package resource or declare the package name in icingaweb2 class parameter `extra_packages`. + +#### Parameters + +The following parameters are available in the `icingaweb2::module::reactbundle` class. + +##### `ensure` + +Data type: `Enum['absent', 'present']` + +Enable or disable module. + +Default value: `'present'` + +##### `git_repository` + +Data type: `String` + +Set a git repository URL. + +##### `git_revision` + +Data type: `String` + +Set either a branch or a tag name, eg. `stable/0.7.0` or `v0.7.0`. + +### `icingaweb2::module::translation` + +Installs and configures the translation module. + +#### Parameters + +The following parameters are available in the `icingaweb2::module::translation` class. + +##### `ensure` + +Data type: `Enum['absent', 'present']` + +Enable or disable module. + +Default value: `'present'` + +### `icingaweb2::module::vsphere` + +The vSphere module extends the Director. It provides import sources for virtual machines and physical hosts from vSphere. + +* **Note** If you want to use `git` as `install_method`, the CLI `git` command has to be installed. You can manage it yourself as package resource or declare the package name in icingaweb2 class parameter `extra_packages`. + +#### Parameters + +The following parameters are available in the `icingaweb2::module::vsphere` class. + +##### `ensure` + +Data type: `Enum['absent', 'present']` + +Enable or disable module. + +Default value: `'present'` + +##### `git_repository` + +Data type: `String` + +Set a git repository URL. + +##### `git_revision` + +Data type: `Optional[String]` + +Set either a branch or a tag name, eg. `stable/0.7.0` or `v0.7.0`. + +Default value: ``undef`` + +## Defined types + +### `icingaweb2::config::authmethod` + +Manage Icinga Web 2 authentication methods. Auth methods may be chained by setting proper ordering. + +#### Examples + +##### Create an authentication method (db) and reference to a resource: + +```puppet +icingaweb2::config::authmethod { 'db-auth': + backend => 'db', + resource => 'my-sql', + order => 20, +} +``` + +##### Create a LDAP authmethod: + +```puppet +icingaweb2::config::authmethod { 'ldap-auth': + backend => 'ldap', + resource => 'my-ldap', + ldap_user_class => 'user', + ldap_filter => '(memberof:1.2.840.113556.1.4.1941:=CN=monitoring,OU=groups,DC=icinga,DC=com)', + ldap_user_name_attribute => 'userPrincipalName', + order => '05', +} +``` + +#### Parameters + +The following parameters are available in the `icingaweb2::config::authmethod` defined type. + +##### `backend` + +Data type: `Enum['external', 'ldap', 'msldap', 'db']` + +Select between 'external', 'ldap', 'msldap' or 'db'. Each backend may require other settings. + +Default value: ``undef`` + +##### `resource` + +Data type: `Optional[String]` + +The name of the resource defined in resources.ini. + +Default value: ``undef`` + +##### `ldap_user_class` + +Data type: `Optional[String]` + +LDAP user class. Only valid if `backend` is `ldap` or `msldap`. + +Default value: ``undef`` + +##### `ldap_user_name_attribute` + +Data type: `Optional[String]` + +LDAP attribute which contains the username. Only valid if `backend` is `ldap` or `msldap`. + +Default value: ``undef`` + +##### `ldap_filter` + +Data type: `Optional[String]` + +LDAP search filter. Only valid if `backend` is `ldap` or `msladap`. + +Default value: ``undef`` + +##### `ldap_base_dn` + +Data type: `Optional[String]` + +LDAP base DN. Only valid if `backend` is `ldap` or `msldap`. + +Default value: ``undef`` + +##### `domain` + +Data type: `Optional[String]` + +Domain for domain-aware authentication + +Default value: ``undef`` + +##### `order` + +Data type: `Variant[String, Integer]` + +Multiple authentication methods can be chained. The order of entries in the authentication +configuration determines the order of the authentication methods. + +Default value: `'01'` + +### `icingaweb2::config::groupbackend` + +Groups of users can be stored either in a database, LDAP or ActiveDirectory. This defined type configures backends +that store groups. + +#### Examples + +##### A group backend for groups stored in LDAP: + +```puppet +icingaweb2::config::groupbackend { 'ldap-groups': + backend => 'ldap', + resource => 'my-ldap', + ldap_group_class => 'group', + ldap_group_name_attribute => 'cn', + ldap_group_member_attribute => 'member', + ldap_base_dn => 'ou=groups,dc=icinga,dc=com', + domain => 'icinga.com', +} +``` + +##### If you have imported the database schema (parameter `import_schema`), this backend was also created automatically: + +```puppet +icingaweb2::config::groupbackend { 'mysql-backend': + backend => 'db', + resource => 'my-sql', +} +``` + +#### Parameters + +The following parameters are available in the `icingaweb2::config::groupbackend` defined type. + +##### `group_name` + +Data type: `String` + +Name of the resources. Resources are referenced by their name in other configuration sections. + +Default value: `$title` + +##### `backend` + +Data type: `Enum['db', 'ldap', 'msldap']` + +Type of backend. Valide values are: `db`, `ldap` and `msldap`. Each backend supports different settings, +see the parameters for detailed information. + +Default value: ``undef`` + +##### `resource` + +Data type: `String` + +The resource used to connect to the backend. The resource contains connection information. + +Default value: ``undef`` + +##### `ldap_user_backend` + +Data type: `Optional[String]` + +A group backend can be connected with an authentication method. This parameter references the auth method. +Only valid with backend `ldap` or `msldap`. + +Default value: ``undef`` + +##### `ldap_group_class` + +Data type: `Optional[String]` + +Class used to identify group objects. Only valid with backend `ldap`. + +Default value: ``undef`` + +##### `ldap_group_filter` + +Data type: `Optional[String]` + +Use a LDAP filter to receive only certain groups. Only valid with backend `ldap` or `msldap`. + +Default value: ``undef`` + +##### `ldap_group_name_attribute` + +Data type: `Optional[String]` + +The group name attribute. Only valid with backend `ldap`. + +Default value: ``undef`` + +##### `ldap_group_member_attribute` + +Data type: `Optional[String]` + +The group member attribute. Only valid with backend `ldap`. + +Default value: ``undef`` + +##### `ldap_base_dn` + +Data type: `Optional[String]` + +Base DN that is searched for groups. Only valid with backend `ldap` with `msldap`. + +Default value: ``undef`` + +##### `ldap_nested_group_search` + +Data type: `Optional[Boolean]` + +Search for groups in groups. Only valid with backend `msldap`. + +Default value: ``undef`` + +##### `domain` + +Data type: `Optional[String]` + +Domain for domain-aware authentication. + +Default value: ``undef`` + +##### `order` + +Data type: `Variant[String, Integer]` + +Multiple authentication methods can be chained. The order of entries in the authentication +configuration determines the order of the authentication methods. + +Default value: `'01'` + +### `icingaweb2::config::resource` + +Create and remove Icinga Web 2 resources. Resources may be referenced in other configuration sections. + +#### Examples + +##### Create a MySQL DB resource: + +```puppet +icingaweb2::config::resource{ 'my-sql': + type => 'db', + db_type => 'mysql', + host => 'localhost', + port => '3306', + db_name => 'icingaweb2', + db_username => 'icingaweb2', + db_password => 'supersecret', +} +``` + +##### Create a LDAP resource: + +```puppet +icingaweb2::config::resource{ 'my-ldap': + type => 'ldap', + host => 'localhost', + port => 389, + ldap_root_dn => 'ou=users,dc=icinga,dc=com', + ldap_bind_dn => 'cn=icingaweb2,ou=users,dc=icinga,dc=com', + ldap_bind_pw => 'supersecret', +} +``` + +#### Parameters + +The following parameters are available in the `icingaweb2::config::resource` defined type. + +##### `resource_name` + +Data type: `String` + +Name of the resources. Resources are referenced by their name in other configuration sections. + +Default value: `$title` + +##### `type` + +Data type: `Enum['db', 'ldap']` + +Supported resource types are `db` and `ldap`. + +##### `host` + +Data type: `Optional[String]` + +Connect to the database or ldap server on the given host. For using unix domain sockets, specify 'localhost' for +MySQL and the path to the unix domain socket directory for PostgreSQL. When using the 'ldap' type you can also +provide multiple hosts separated by a space. + +Default value: ``undef`` + +##### `port` + +Data type: `Optional[Stdlib::Port]` + +Port number to use. + +Default value: ``undef`` + +##### `db_type` + +Data type: `Optional[Enum['mysql', 'pgsql', 'mssql', 'oci', 'oracle', 'ibm', 'sqlite']]` + +Set database type to connect. + +Default value: ``undef`` + +##### `db_name` + +Data type: `Optional[String]` + +The database to use. Only valid if `type` is `db`. + +Default value: ``undef`` + +##### `db_username` + +Data type: `Optional[String]` + +The username to use when connecting to the server. Only valid if `type` is `db`. + +Default value: ``undef`` + +##### `db_password` + +Data type: `Optional[String]` + +The password to use when connecting to the server. Only valid if `type` is `db`. + +Default value: ``undef`` + +##### `db_charset` + +Data type: `Optional[String]` + +The character set to use for the database connection. Only valid if `type` is `db`. + +Default value: ``undef`` + +##### `ldap_root_dn` + +Data type: `Optional[String]` + +Root object of the tree, e.g. 'ou=people,dc=icinga,dc=com'. Only valid if `type` is `ldap`. + +Default value: ``undef`` + +##### `ldap_bind_dn` + +Data type: `Optional[String]` + +The user to use when connecting to the server. Only valid if `type` is `ldap`. + +Default value: ``undef`` + +##### `ldap_bind_pw` + +Data type: `Optional[String]` + +The password to use when connecting to the server. Only valid if `type` is `ldap`. + +Default value: ``undef`` + +##### `ldap_encryption` + +Data type: `Optional[Enum['none', 'starttls', 'ldaps']]` + +Type of encryption to use: none (default), starttls, ldaps. Only valid if `type` is `ldap`. + +Default value: `'none'` + +##### `ldap_timeout` + +Data type: `Integer` + +Timeout for the ldap connection. + +Default value: `5` + +### `icingaweb2::config::role` + +Roles define a set of permissions that may be applied to users or groups. + +* **Note** Availble permissions in module monitoring: +| Description | Value | +|-------------|-------| +| Allow everything | `*` | +| Allow to share navigation items | `application/share/navigation` | +| Allow to adjust in the preferences whether to show stacktraces | `application/stacktraces` | +| Allow to view the application log | `application/log` | +| Grant admin permissions, e.g. manage announcements | `admin` | +| Allow config access | `config/*` | +| Allow access to module doc | `module/doc` | +| Allow access to module monitoring | `module/monitoring` | +| Allow all commands | `monitoring/command/*` | +| Allow scheduling host and service checks | `monitoring/command/schedule-check` | +| Allow acknowledging host and service problems | `monitoring/command/acknowledge-problem` | +| Allow removing problem acknowledgements | `monitoring/command/remove-acknowledgement` | +| Allow adding and deleting host and service comments | `monitoring/command/comment/*` | +| Allow commenting on hosts and services | `monitoring/command/comment/add` | +| Allow deleting host and service comments | `monitoring/command/comment/delete` | +| Allow scheduling and deleting host and service downtimes | `monitoring/command/downtime/*` | +| Allow scheduling host and service downtimes | `monitoring/command/downtime/schedule` | +| Allow deleting host and service downtimes | `monitoring/command/downtime/delete` | +| Allow processing host and service check results | `monitoring/command/process-check-result` | +| Allow processing commands for toggling features on an instance-wide basis | `monitoring/command/feature/instance` | +| Allow processing commands for toggling features on host and service objects | `monitoring/command/feature/object/*`) | +| Allow processing commands for toggling active checks on host and service objects | `monitoring/command/feature/object/active-checks` | +| Allow processing commands for toggling passive checks on host and service objects | `monitoring/command/feature/object/passive-checks` | +| Allow processing commands for toggling notifications on host and service objects | `monitoring/command/feature/object/notifications` | +| Allow processing commands for toggling event handlers on host and service objects | `monitoring/command/feature/object/event-handler` | +| Allow processing commands for toggling flap detection on host and service objects | `monitoring/command/feature/object/flap-detection` | +| Allow sending custom notifications for hosts and services | `monitoring/command/send-custom-notification` | +| Allow access to module setup | `module/setup` | +| Allow access to module test | `module/test` | +| Allow access to module translation | `module/translation` | + +#### Examples + +##### Create role that allows only hosts beginning with `linux-*`: + +```puppet +icingaweb2::config::role{ 'linux-user': + groups => 'linuxer', + permissions => '*', + filters => { + 'monitoring/filter/objects' => 'host_name=linux-*' + } +} +``` + +##### Create role that allows a user to see only hosts beginning with `linux-*`: + +```puppet +icingaweb2::config::role{'linux-user': + users => 'bob, pete', + permissions => '*', + filters => { + 'monitoring/filter/objects' => 'host_name=linux-*', + } +} +``` + +#### Parameters + +The following parameters are available in the `icingaweb2::config::role` defined type. + +##### `role_name` + +Data type: `String` + +Name of the role. + +Default value: `$title` + +##### `users` + +Data type: `Optional[String]` + +Comma separated list of users this role applies to. + +Default value: ``undef`` + +##### `groups` + +Data type: `Optional[String]` + +Comma separated list of groups this role applies to. + +Default value: ``undef`` + +##### `permissions` + +Data type: `Optional[String]` + +Comma separated lsit of permissions. Each module may add it's own permissions. Examples are +- Allow everything: '*' +- Allow config access: 'config/*' +- Allow access do module monitoring: 'module/monitoring' +- Allow scheduling checks: 'monitoring/command/schedule-checks' +- Grant admin permissions: 'admin' + +Default value: ``undef`` + +##### `filters` + +Data type: `Hash` + +Hash of filters. Modules may add new filter keys, some sample keys are: +- application/share/users +- application/share/groups +- monitoring/filter/objects +- monitoring/blacklist/properties +A string value is expected for each used key. For example: +- monitoring/filter/objects = "host_name!=*win*" + +Default value: `{}` + +### `icingaweb2::inisection` + +Manage settings in INI configuration files. + +#### Examples + +##### Create the configuration file and set two settings for the section `global`: + +```puppet +include icingawebeb2 + +icingaweb2::inisection { '/path/to/config.ini': + settings => { + 'global' => { + 'setting1' => 'value', + 'setting2' => 'value', + }, + }, +} +``` + +#### Parameters + +The following parameters are available in the `icingaweb2::inisection` defined type. + +##### `target` + +Data type: `Stdlib::Absolutepath` + +Absolute path to the configuration file. + +##### `section_name` + +Data type: `String` + +Name of the target section. Settings are set under [$section_name] + +Default value: `$title` + +##### `settings` + +Data type: `Hash` + +A hash of settings and their settings. Single settings may be set to absent. + +Default value: `{}` + +##### `order` + +Data type: `Variant[String, Integer]` + +Ordering of the INI section within a file. Defaults to `01` + +Default value: `'01'` + +### `icingaweb2::module` + +Download, enable and configure Icinga Web 2 modules. + +* **Note** If you want to use `git` as `install_method`, the CLI `git` command has to be installed. You can manage it yourself as package resource or declare the package name in icingaweb2 class parameter `extra_packages`. + +#### Examples + +##### + +```puppet +$conf_dir = $::icingaweb2::globals::conf_dir +$module_conf_dir = "${conf_dir}/modules/mymodule" + +$settings = { + 'section1' => { + 'target' => "${module_conf_dir}/config1.ini", + 'settings' => { + 'setting1' => 'value1', + 'setting2' => 'value2', + } + }, + 'section2' => { + 'target' => "${module_conf_dir}/config2.ini", + 'settings' => { + 'setting3' => 'value3', + 'setting4' => 'value4', + } + } +} +``` + +#### Parameters + +The following parameters are available in the `icingaweb2::module` defined type. + +##### `ensure` + +Data type: `Enum['absent', 'present']` + +Enable or disable module. + +Default value: `'present'` + +##### `module` + +Data type: `String` + +Name of the module. + +Default value: `$title` + +##### `module_dir` + +Data type: `Stdlib::Absolutepath` + +Target directory of the module. + +Default value: `"${::icingaweb2::module_path}/${title}"` + +##### `install_method` + +Data type: `Enum['git', 'none', 'package']` + +Install methods are `git`, `package` and `none` is supported as installation method. Defaults to `git` + +Default value: `'git'` + +##### `git_revision` + +Data type: `String` + +Tag or branch of the git repository. This setting is only valid in combination with the installation method `git`. + +Default value: `'master'` + +##### `package_name` + +Data type: `Optional[String]` + +Package name of the module. This setting is only valid in combination with the installation method `package`. + +Default value: ``undef`` + +##### `settings` + +Data type: `Hash` + +A hash with the module settings. Multiple configuration files with ini sections can be configured with this hash. +The `module_name` should be used as target directory for the configuration files. + +Default value: `{}` + +##### `git_repository` + +Data type: `Optional[String]` + + + +Default value: ``undef`` + diff --git a/RELEASE.md b/RELEASE.md index 51ebbcc..b1423d5 100644 --- a/RELEASE.md +++ b/RELEASE.md @@ -1,61 +1,66 @@ # Release Workflow Before submitting a new release, make sure all relevant pull requests and local branches have been merged to the `master` branch. All tests must pass before a release is tagged. ## 1. AUTHORS Update the [AUTHORS] and [.mailmap] file ``` bash git checkout master git log --use-mailmap | grep ^Author: | cut -f2- -d' ' | sort | uniq > AUTHORS git commit -am "Update AUTHORS" ``` ## 2. Changelog Install [github-changelog-generator] ```bash gem install github_changelog_generator ``` Generate [CHANGELOG.md] ```bash -github_changelog_generator -t --future-release=v2.3.1 +github_changelog_generator -t --future-release=v2.3.1 --project=puppet-icingaweb2 --user=icinga ``` -## 3. Version +## 3. References [REFERENCE.md] +```bash +puppet strings generate --format markdown --out ./REFERENCE.md +``` + +## 4. Version Version numbers are incremented regarding the [SemVer 1.0.0] specification. Update the version number in `metadata.json`. -## 4. Git Tag +## 5. Git Tag Commit all changes to the `master` branch ``` bash VERSION=2.3.1 git commit -v -a -m "Release version $VERSION" git push ``` Tag the release ``` bash git tag -m "Version $VERSION" "v$VERSION" ``` Push tags ``` bash git push --tags ``` ## Puppet Forge The module is uploaded automatically to Puppet Forge by TravisCI when a new tag is set. [github-changelog-generator]: https://github.com/skywinder/github-changelog-generator [SemVer 1.0.0]: http://semver.org/spec/v1.0.0.html [CHANGELOG.md]: CHANGELOG.md [AUTHORS]: AUTHORS [.mailmap]: .mailmap [forge.puppet.com]: https://forge.puppet.com/ diff --git a/Rakefile b/Rakefile index f6a3482..0f8d7cd 100644 --- a/Rakefile +++ b/Rakefile @@ -1,32 +1,87 @@ +# frozen_string_literal: true + +require 'puppet_litmus/rake_tasks' if Bundler.rubygems.find_name('puppet_litmus').any? require 'puppetlabs_spec_helper/rake_tasks' -require 'puppet-lint/tasks/puppet-lint' - -PuppetLint.configuration.log_format = '%{path}:%{line}:%{check}:%{KIND}:%{message}' -PuppetLint.configuration.fail_on_warnings = true -PuppetLint.configuration.send('disable_80chars') -PuppetLint.configuration.send('disable_class_inherits_from_params_class') -PuppetLint.configuration.send('disable_selector_inside_resource') -PuppetLint.configuration.send('disable_only_variable_string') - -exclude_paths = %w( - spec/**/* - serverspec/**/* - pkg/**/* - examples/**/* - vendor/**/* - .vendor/**/* -) - -PuppetLint::RakeTask.new :lint do |config| - config.ignore_paths = exclude_paths +require 'puppet-syntax/tasks/puppet-syntax' +require 'puppet_blacksmith/rake_tasks' if Bundler.rubygems.find_name('puppet-blacksmith').any? +require 'github_changelog_generator/task' if Bundler.rubygems.find_name('github_changelog_generator').any? +require 'puppet-strings/tasks' if Bundler.rubygems.find_name('puppet-strings').any? + +def changelog_user + return unless Rake.application.top_level_tasks.include? "changelog" + returnVal = "Icinga" || JSON.load(File.read('metadata.json'))['author'] + raise "unable to find the changelog_user in .sync.yml, or the author in metadata.json" if returnVal.nil? + puts "GitHubChangelogGenerator user:#{returnVal}" + returnVal +end + +def changelog_project + return unless Rake.application.top_level_tasks.include? "changelog" + + returnVal = nil + returnVal ||= begin + metadata_source = JSON.load(File.read('metadata.json'))['source'] + metadata_source_match = metadata_source && metadata_source.match(%r{.*\/([^\/]*?)(?:\.git)?\Z}) + + metadata_source_match && metadata_source_match[1] + end + + raise "unable to find the changelog_project in .sync.yml or calculate it from the source in metadata.json" if returnVal.nil? + + puts "GitHubChangelogGenerator project:#{returnVal}" + returnVal +end + +def changelog_future_release + return unless Rake.application.top_level_tasks.include? "changelog" + returnVal = "v%s" % JSON.load(File.read('metadata.json'))['version'] + raise "unable to find the future_release (version) in metadata.json" if returnVal.nil? + puts "GitHubChangelogGenerator future_release:#{returnVal}" + returnVal end -PuppetSyntax.exclude_paths = exclude_paths +PuppetLint.configuration.send('disable_relative') -desc 'Run acceptance tests' -RSpec::Core::RakeTask.new(:acceptance) do |t| - t.pattern = 'spec/acceptance' +if Bundler.rubygems.find_name('github_changelog_generator').any? + GitHubChangelogGenerator::RakeTask.new :changelog do |config| + raise "Set CHANGELOG_GITHUB_TOKEN environment variable eg 'export CHANGELOG_GITHUB_TOKEN=valid_token_here'" if Rake.application.top_level_tasks.include? "changelog" and ENV['CHANGELOG_GITHUB_TOKEN'].nil? + config.user = "#{changelog_user}" + config.project = "#{changelog_project}" + config.future_release = "#{changelog_future_release}" + config.exclude_labels = ['maintenance'] + config.header = "# Change log\n\nAll notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org)." + config.add_pr_wo_labels = true + config.issues = false + config.merge_prefix = "### UNCATEGORIZED PRS; LABEL THEM ON GITHUB" + config.configure_sections = { + "Changed" => { + "prefix" => "### Changed", + "labels" => ["backwards-incompatible"], + }, + "Added" => { + "prefix" => "### Added", + "labels" => ["enhancement", "feature"], + }, + "Fixed" => { + "prefix" => "### Fixed", + "labels" => ["bug", "documentation", "bugfix"], + }, + } + end +else + desc 'Generate a Changelog from GitHub' + task :changelog do + raise < 1.15' + condition: "Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.3.0')" +EOM + end end -desc 'Run validate, spec, lint' -task test: %w(metadata_lint validate spec lint) diff --git a/TESTING.md b/TESTING.md index 5c8a160..2e6a08e 100644 --- a/TESTING.md +++ b/TESTING.md @@ -1,87 +1,85 @@ # TESTING ## Prerequisites -Before starting any test, you should make sure you have installed all dependent puppet modules. Find a list of all -dependencies in [README.md] or [metadata.json]. +Before starting any test, you should make sure you have installed the Puppet PDK and Bolt, +also Vagrant and VirtualBox have to be installed for acceptance tests. Required gems are installed with `bundler`: ``` -cd puppet-icingaweb2 -bundle install +cd puppet-icinga2 +pdk bundle install +``` + +Or just do an update: +``` +cd puppet-icinga2 +pdk bundle update ``` ## Validation tests Validation tests will check all manifests, templates and ruby files against syntax violations and style guides . Run validation tests: ``` -cd puppet-icingaweb2 -rake validate +cd puppet-icinga2 +pdk bundle exec rake validate ``` ## Puppet lint With puppet-lint we test if our manifests conform to the recommended style guides from Puppet. Run lint tests: ``` -cd puppet-icingaweb2 -rake lint +cd puppet-icinga2 +pdk bundle exec rake lint ``` ## Unit tests For unit testing we use [RSpec]. All classes, defined resource types and functions should have appropriate unit tests. Run unit tests: ``` -cd puppet-icingaweb2 -rake spec +cd puppet-icinga2 +pdk test unit +pdk test unit --tests=repos +``` + +Or dedicated tests: +``` +pdk test unit --tests=spec/classes/repos_spec.rb,spec/classes/redis_spec.rb ``` -## Integration tests +## Acceptance tests With integration tests this module is tested on multiple platforms to check the complete installation process. We define these tests with [ServerSpec] and run them on VMs by using [Beaker]. Run all tests: ``` -bundle exec rake acceptance +pdk bundle exec rake beaker ``` Run a single test: ``` -bundle exec rake beaker:ubuntu-server-1604-x64 +cd puppet-icingaweb2 +pdk bundle exec rake beaker:ubuntu-server-1604-x64 ``` Don't destroy VM after tests: ``` export BEAKER_destroy=no -bundle exec rake beaker:ubuntu-server-1604-x64 +pdk bundle exec rake beaker:ubuntu-server-1604-x64 ``` ### Run tests All available ServerSpec tests are listed in the `spec/acceptance/` directory. -Run all integraion tests: - -``` -cd puppet-icingaweb2 -rake beaker -``` - List all available tasks/platforms: ``` cd puppet-icingaweb2 -rake --task -``` - -Run integration tests for a single platform: -``` -cd puppet-icingaweb2 -rake beaker:centos-7 +pdk exec rake --task ``` -[README.md]: README.md [puppet-lint]: http://puppet-lint.com/ -[metadata.json]: metadata.json [RSpec]: http://rspec-puppet.com/ [Serverspec]: http://serverspec.org/ -[Beaker]: https://github.com/puppetlabs/beaker \ No newline at end of file +[Beaker]: https://github.com/puppetlabs/beaker diff --git a/appveyor.yml b/appveyor.yml new file mode 100644 index 0000000..ec38949 --- /dev/null +++ b/appveyor.yml @@ -0,0 +1,56 @@ +--- +version: 1.1.x.{build} +branches: + only: + - master + - release +skip_commits: + message: /^\(?doc\)?.*/ +clone_depth: 10 +init: + - SET + - 'mkdir C:\ProgramData\PuppetLabs\code && exit 0' + - 'mkdir C:\ProgramData\PuppetLabs\facter && exit 0' + - 'mkdir C:\ProgramData\PuppetLabs\hiera && exit 0' + - 'mkdir C:\ProgramData\PuppetLabs\puppet\var && exit 0' +environment: + matrix: + - + RUBY_VERSION: 24-x64 + CHECK: syntax lint metadata_lint check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop + - + PUPPET_GEM_VERSION: ~> 5.0 + RUBY_VERSION: 24 + CHECK: parallel_spec + - + PUPPET_GEM_VERSION: ~> 5.0 + RUBY_VERSION: 24-x64 + CHECK: parallel_spec + - + PUPPET_GEM_VERSION: ~> 6.0 + RUBY_VERSION: 25 + CHECK: parallel_spec + - + PUPPET_GEM_VERSION: ~> 6.0 + RUBY_VERSION: 25-x64 + CHECK: parallel_spec +matrix: + fast_finish: true +install: + - set PATH=C:\Ruby%RUBY_VERSION%\bin;%PATH% + - bundle install --jobs 4 --retry 2 --without system_tests + - type Gemfile.lock +build: off +test_script: + - bundle exec puppet -V + - ruby -v + - gem -v + - bundle -v + - bundle exec rake %CHECK% +notifications: + - provider: Email + to: + - nobody@nowhere.com + on_build_success: false + on_build_failure: false + on_build_status_changed: false diff --git a/data/Debian.yaml b/data/Debian.yaml new file mode 100644 index 0000000..43f95ef --- /dev/null +++ b/data/Debian.yaml @@ -0,0 +1,4 @@ +--- +icingaweb2::conf_user: www-data +icingaweb2::globals::mysql_db_schema: /usr/share/icingaweb2/etc/schema/mysql.schema.sql +icingaweb2::globals::pgsql_db_schema: /usr/share/icingaweb2/etc/schema/pgsql.schema.sql diff --git a/data/Linux-kernel.yaml b/data/Linux-kernel.yaml new file mode 100644 index 0000000..1622e2c --- /dev/null +++ b/data/Linux-kernel.yaml @@ -0,0 +1,11 @@ +--- +icingaweb2::globals::package_name: icingaweb2 +icingaweb2::globals::conf_dir: /etc/icingaweb2 +icingaweb2::globals::mysql_db_schema: /usr/share/doc/icingaweb2/schema/mysql.schema.sql +icingaweb2::globals::pgsql_db_schema: /usr/share/doc/icingaweb2/schema/pgsql.schema.sql +icingaweb2::globals::gettext_package_name: gettext +icingaweb2::globals::icingacli_bin: /usr/bin/icingacli + +icingaweb2::module_path: /usr/share/icingaweb2/modules +icingaweb2::conf_group: icingaweb2 +icingaweb2::logging_file: /var/log/icingaweb2/icingaweb2.log diff --git a/data/RedHat.yaml b/data/RedHat.yaml new file mode 100644 index 0000000..ef11c1c --- /dev/null +++ b/data/RedHat.yaml @@ -0,0 +1,2 @@ +--- +icingaweb2::conf_user: apache diff --git a/data/Suse.yaml b/data/Suse.yaml new file mode 100644 index 0000000..45cff7f --- /dev/null +++ b/data/Suse.yaml @@ -0,0 +1,3 @@ +--- +icingaweb2::conf_user: wwwrun +icingaweb2::globals::gettext_package_name: gettext-tools diff --git a/data/common.yaml b/data/common.yaml new file mode 100644 index 0000000..927ed5b --- /dev/null +++ b/data/common.yaml @@ -0,0 +1,17 @@ +--- +icingaweb2::conf_group: icingaweb2 +icingaweb2::module::businessprocess::git_repository: https://github.com/Icinga/icingaweb2-module-businessprocess.git +icingaweb2::module::cube::git_repository: https://github.com/Icinga/icingaweb2-module-cube.git +icingaweb2::module::director::git_repository: https://github.com/Icinga/icingaweb2-module-director.git +icingaweb2::module::elasticsearch::git_repository: https://github.com/Icinga/icingaweb2-module-elasticsearch.git +icingaweb2::module::fileshipper::git_repository: https://github.com/Icinga/icingaweb2-module-fileshipper.git +icingaweb2::module::generictts::git_repository: https://github.com/Icinga/icingaweb2-module-generictts.git +icingaweb2::module::graphite::git_repository: https://github.com/Icinga/icingaweb2-module-graphite.git +icingaweb2::module::incubator::git_repository: https://github.com/Icinga/icingaweb2-module-incubator.git +icingaweb2::module::incubator::git_revision: v0.5.0 +icingaweb2::module::ipl::git_repository: https://github.com/Icinga/icingaweb2-module-ipl.git +icingaweb2::module::ipl::git_revision: v0.5.0 +icingaweb2::module::puppetdb::git_repository: https://github.com/Icinga/icingaweb2-module-puppetdb.git +icingaweb2::module::reactbundle::git_repository: https://github.com/Icinga/icingaweb2-module-reactbundle.git +icingaweb2::module::reactbundle::git_revision: v0.7.0 +icingaweb2::module::vsphere::git_repository: https://github.com/Icinga/icingaweb2-module-vsphere.git diff --git a/examples/apache2.pp b/examples/apache2.pp index b69eea7..193fe0f 100644 --- a/examples/apache2.pp +++ b/examples/apache2.pp @@ -1,67 +1,67 @@ class { 'apache': mpm_module => 'prefork' } class { 'apache::mod::php': } case $::osfamily { 'redhat': { package { 'php-mysql': } file {'/etc/httpd/conf.d/icingaweb2.conf': source => 'puppet:///modules/icingaweb2/examples/apache2/icingaweb2.conf', require => Class['apache'], notify => Service['httpd'], } package { 'centos-release-scl': before => Class['icingaweb2'] } } 'debian': { class { 'apache::mod::rewrite': } file {'/etc/apache2/conf.d/icingaweb2.conf': source => 'puppet:///modules/icingaweb2/examples/apache2/icingaweb2.conf', require => Class['apache'], notify => Service['apache2'], } } default: { fail("Your plattform ${::osfamily} is not supported by this example.") } } include ::mysql::server mysql::db { 'icingaweb2': user => 'icingaweb2', password => 'icingaweb2', host => 'localhost', grant => ['SELECT', 'INSERT', 'UPDATE', 'DELETE', 'DROP', 'CREATE VIEW', 'CREATE', 'INDEX', 'EXECUTE', 'ALTER', 'REFERENCES'], } class {'icingaweb2': - manage_repo => true, + manage_repos => true, import_schema => true, db_type => 'mysql', db_host => 'localhost', db_port => 3306, db_username => 'icingaweb2', db_password => 'icingaweb2', require => Mysql::Db['icingaweb2'], } class {'icingaweb2::module::monitoring': ido_host => 'localhost', ido_db_name => 'icinga2', ido_db_username => 'icinga2', ido_db_password => 'supersecret', commandtransports => { icinga2 => { transport => 'api', username => 'root', password => 'icinga', } } -} \ No newline at end of file +} diff --git a/examples/import_schema.pp b/examples/import_schema.pp index f98921b..b23873e 100644 --- a/examples/import_schema.pp +++ b/examples/import_schema.pp @@ -1,26 +1,26 @@ include ::mysql::server mysql::db { 'icingaweb2': user => 'icingaweb2', password => 'icingaweb2', host => 'localhost', grant => ['SELECT', 'INSERT', 'UPDATE', 'DELETE', 'DROP', 'CREATE VIEW', 'CREATE', 'INDEX', 'EXECUTE', 'ALTER', 'REFERENCES'], } include ::postgresql::server postgresql::server::db { 'icingaweb2': user => 'icingaweb2', password => postgresql_password('icingaweb2', 'icingaweb2'), } class {'icingaweb2': - manage_repo => true, + manage_repos => true, import_schema => true, db_type => 'pgsql', db_host => 'localhost', db_port => 5432, db_username => 'icingaweb2', db_password => 'icingaweb2', require => [ Postgresql::Server::Db['icingaweb2'], Mysql::Db['icingaweb2'] ] -} \ No newline at end of file +} diff --git a/examples/init_repo.pp b/examples/init_repos.pp similarity index 50% rename from examples/init_repo.pp rename to examples/init_repos.pp index b43440d..3ecad43 100755 --- a/examples/init_repo.pp +++ b/examples/init_repos.pp @@ -1,3 +1,3 @@ class { 'icingaweb2': - manage_repo => true, + manage_repos => true, } diff --git a/examples/module_director.pp b/examples/module_director.pp index 958e08d..ad67d20 100644 --- a/examples/module_director.pp +++ b/examples/module_director.pp @@ -1,49 +1,49 @@ package { 'git': } include ::mysql::server mysql::db { 'director': user => 'director', password => 'director', host => 'localhost', charset => 'utf8', grant => ['SELECT', 'INSERT', 'UPDATE', 'DELETE', 'DROP', 'CREATE VIEW', 'CREATE', 'INDEX', 'EXECUTE', 'ALTER', 'REFERENCES'], } class {'icingaweb2': - manage_repo => true, + manage_repos => true, import_schema => true, db_type => 'mysql', db_host => 'localhost', db_port => 3306, db_username => 'icingaweb2', db_password => 'icingaweb2', } class {'icingaweb2::module::monitoring': ido_host => 'localhost', ido_db_name => 'icinga2', ido_db_username => 'icinga2', ido_db_password => 'supersecret', commandtransports => { icinga2 => { transport => 'api', username => 'root', password => 'icinga', } } } class {'icingaweb2::module::director': git_revision => 'v1.3.2', db_host => 'localhost', db_name => 'director', db_username => 'director', db_password => 'director', import_schema => true, kickstart => true, endpoint => 'puppet-icingaweb2.localdomain', api_username => 'root', api_password => 'icinga', require => Mysql::Db['director'] -} \ No newline at end of file +} diff --git a/examples/module_fileshipper.pp b/examples/module_fileshipper.pp index c0a87e6..188fa5b 100644 --- a/examples/module_fileshipper.pp +++ b/examples/module_fileshipper.pp @@ -1,14 +1,14 @@ include icingaweb2 class { 'icingaweb2::module::fileshipper': - git_revision => 'v1.0.1', + git_revision => 'v1.0.1', base_directories => { temp => '/tmp' }, directories => { 'test' => { - 'source' => '/tmp/source', - 'target' => '/tmp/target', + 'source' => '/tmp/source', + 'target' => '/tmp/target', } } } \ No newline at end of file diff --git a/examples/module_monitoring.pp b/examples/module_monitoring.pp index cd2c2fa..f7b42a3 100644 --- a/examples/module_monitoring.pp +++ b/examples/module_monitoring.pp @@ -1,35 +1,35 @@ include ::mysql::server mysql::db { 'icingaweb2': user => 'icingaweb2', password => 'icingaweb2', host => 'localhost', grant => ['SELECT', 'INSERT', 'UPDATE', 'DELETE', 'DROP', 'CREATE VIEW', 'CREATE', 'INDEX', 'EXECUTE', 'ALTER', 'REFERENCES'], } class {'icingaweb2': - manage_repo => true, + manage_repos => true, import_schema => true, db_type => 'mysql', db_host => 'localhost', db_port => 3306, db_username => 'icingaweb2', db_password => 'icingaweb2', require => Mysql::Db['icingaweb2'], } class {'icingaweb2::module::monitoring': - ido_host => 'localhost', - ido_db_name => 'icinga2', - ido_db_username => 'icinga2', - ido_db_password => 'supersecret', + ido_host => 'localhost', + ido_db_name => 'icinga2', + ido_db_username => 'icinga2', + ido_db_password => 'supersecret', protected_customvars => ['*pw*', '*pass*', 'community', 'testabc'], - commandtransports => { + commandtransports => { icinga2 => { transport => 'api', username => 'root', password => 'icinga', } } -} \ No newline at end of file +} diff --git a/examples/nginx.pp b/examples/nginx.pp index 30ac899..f0ad435 100644 --- a/examples/nginx.pp +++ b/examples/nginx.pp @@ -1,92 +1,92 @@ # Here is an example nginx resource for use with Slashbunny-phpfpm and the # voxpupuli-nginx module to get icingaweb2 running behind nginx. # $vhost = 'puppet-icingaweb2' include ::nginx nginx::resource::server { 'icingaweb2': server_name => [$vhost], ssl => true, ssl_cert => '/etc/ssl/certs/ssl-cert-snakeoil.pem', ssl_key => '/etc/ssl/private/ssl-cert-snakeoil.key', ssl_redirect => true, index_files => [], use_default_location => false, } nginx::resource::location { 'root': location => '/', server => 'icingaweb2', index_files => [], location_cfg_append => { rewrite => '^/(.*) https://$host/icingaweb2/$1 permanent' } } nginx::resource::location { 'icingaweb2_index': - location => '~ ^/icingaweb2/index\.php(.*)$', - server => 'icingaweb2', - ssl => true, - ssl_only => true, - index_files => [], - fastcgi => '127.0.0.1:9000', - fastcgi_index => 'index.php', - fastcgi_param => { + location => '~ ^/icingaweb2/index\.php(.*)$', + server => 'icingaweb2', + ssl => true, + ssl_only => true, + index_files => [], + fastcgi => '127.0.0.1:9000', + fastcgi_index => 'index.php', + fastcgi_param => { 'ICINGAWEB_CONFIGDIR' => '/etc/icingaweb2', 'REMOTE_USER' => '$remote_user', 'SCRIPT_FILENAME' => '/usr/share/icingaweb2/public/index.php', }, } nginx::resource::location { 'icingaweb': location => '~ ^/icingaweb2(.+)?', location_alias => '/usr/share/icingaweb2/public', try_files => ['$1', '$uri', '$uri/', '/icingaweb2/index.php$is_args$args'], index_files => ['index.php'], server => 'icingaweb2', ssl => true, ssl_only => true, } class { 'phpfpm': poold_purge => true, } phpfpm::pool { 'main': } include ::mysql::server mysql::db { 'icingaweb2': user => 'icingaweb2', password => 'icingaweb2', host => 'localhost', grant => ['SELECT', 'INSERT', 'UPDATE', 'DELETE', 'DROP', 'CREATE VIEW', 'CREATE', 'INDEX', 'EXECUTE', 'ALTER', 'REFERENCES'], } class {'icingaweb2': - manage_repo => true, + manage_repos => true, import_schema => true, db_type => 'mysql', db_host => 'localhost', db_port => 3306, db_username => 'icingaweb2', db_password => 'icingaweb2', conf_user => 'nginx', require => Mysql::Db['icingaweb2'], } class {'icingaweb2::module::monitoring': ido_host => 'localhost', ido_db_name => 'icinga2', ido_db_username => 'icinga2', ido_db_password => 'supersecret', commandtransports => { icinga2 => { transport => 'api', username => 'root', password => 'icinga', } } } diff --git a/examples/resource.pp b/examples/resource.pp index 8a25881..ed6519c 100644 --- a/examples/resource.pp +++ b/examples/resource.pp @@ -1,22 +1,22 @@ class { 'icingaweb2': - manage_repo => true, + manage_repos => true, } icingaweb2::config::resource{'my-sql': type => 'db', db_type => 'mysql', host => 'localhost', port => 3306, db_name => 'icingaweb2', db_username => 'root', db_password => 'supersecret', } icingaweb2::config::resource{'my-ldap': type => 'ldap', host => 'localhost', port => 389, ldap_root_dn => 'dc=users,dc=icinga,dc=com', ldap_bind_dn => 'cn=root,dc=users,dc=icinga,dc=com', ldap_bind_pw => 'supersecret', } diff --git a/hiera.yaml b/hiera.yaml new file mode 100644 index 0000000..24a1b99 --- /dev/null +++ b/hiera.yaml @@ -0,0 +1,16 @@ +--- +version: 5 + +defaults: + datadir: 'data' + data_hash: 'yaml_data' + +hierarchy: + - name: 'Operating System Family' + path: '%{facts.os.family}.yaml' + + - name: 'Kernel Type' + path: '%{facts.kernel}-kernel.yaml' + + - name: 'common' + path: 'common.yaml' diff --git a/manifests/config.pp b/manifests/config.pp index 0d97ef2..e832104 100644 --- a/manifests/config.pp +++ b/manifests/config.pp @@ -1,192 +1,188 @@ -# == Class: icingaweb2::config +# @summary +# Configures Icinga Web 2. # -# This class manages general configuration files of Icinga Web 2. -# -# === Parameters -# -# This class does not provide any parameters. -# -# === Examples -# -# This class is private and should not be called by others than this module. +# @api private # class icingaweb2::config { - $conf_dir = $::icingaweb2::params::conf_dir + $conf_dir = $::icingaweb2::globals::conf_dir $conf_user = $::icingaweb2::conf_user - $conf_group = $::icingaweb2::params::conf_group + $conf_group = $::icingaweb2::conf_group $logging = $::icingaweb2::logging $logging_file = $::icingaweb2::logging_file $logging_dir = dirname($::icingaweb2::logging_file) $logging_level = $::icingaweb2::logging_level $logging_facility = $::icingaweb2::logging_facility $logging_application = $::icingaweb2::logging_application $show_stacktraces = $::icingaweb2::show_stacktraces $module_path = $::icingaweb2::module_path $theme = $::icingaweb2::theme $theme_disabled = $::icingaweb2::theme_disabled $cookie_path = $::icingaweb2::cookie_path $import_schema = $::icingaweb2::import_schema - $schema_dir = $::icingaweb2::params::schema_dir + $mysql_db_schema = $::icingaweb2::globals::mysql_db_schema + $pgsql_db_schema = $::icingaweb2::globals::pgsql_db_schema $db_name = $::icingaweb2::db_name $db_host = $::icingaweb2::db_host $db_port = $::icingaweb2::db_port $db_type = $::icingaweb2::db_type $db_username = $::icingaweb2::db_username $db_password = $::icingaweb2::db_password $default_domain = $::icingaweb2::default_domain $config_backend = $::icingaweb2::config_backend $config_resource = $::icingaweb2::config_backend ? { 'ini' => undef, 'db' => "${db_type}-icingaweb2", } File { mode => '0660', owner => $conf_user, group => $conf_group } Exec { user => 'root', path => $::path, } file { $logging_dir: ensure => directory, mode => '0750', } file { $logging_file: ensure => file, mode => '0640', } icingaweb2::inisection { 'config-logging': section_name => 'logging', target => "${conf_dir}/config.ini", settings => { 'log' => $logging, 'file' => $logging_file, 'level' => $logging_level, 'facility' => $logging_facility, 'application' => $logging_application, }, } $settings = { 'show_stacktraces' => $show_stacktraces, 'module_path' => $module_path, 'config_backend' => $config_backend, 'config_resource' => $config_resource, } icingaweb2::inisection { 'config-global': section_name => 'global', target => "${conf_dir}/config.ini", settings => delete_undef_values($settings), } if $default_domain { icingaweb2::inisection { 'config-authentication': section_name => 'authentication', target => "${conf_dir}/config.ini", settings => { 'default_domain' => $default_domain, } } } icingaweb2::inisection { 'config-themes': section_name => 'themes', target => "${conf_dir}/config.ini", settings => { 'default' => $theme, 'disabled' => $theme_disabled, }, } if $cookie_path { icingaweb2::inisection {'config-cookie': section_name => 'cookie', target => "${conf_dir}/config.ini", settings => { 'path' => $cookie_path, }, } } file { "${conf_dir}/modules": - ensure => 'directory' + ensure => 'directory', + mode => '2770', } file { "${conf_dir}/enabledModules": - ensure => 'directory' + ensure => 'directory', + mode => '2770', } if $import_schema or $config_backend == 'db' { icingaweb2::config::resource { "${db_type}-icingaweb2": type => 'db', host => $db_host, port => $db_port, db_type => $db_type, db_name => $db_name, db_username => $db_username, db_password => $db_password, } } if $import_schema { icingaweb2::config::authmethod { "${db_type}-auth": backend => 'db', resource => "${db_type}-icingaweb2" } icingaweb2::config::role { 'default admin user': users => 'icingaadmin', permissions => '*', } icingaweb2::config::groupbackend { "${db_type}-group": backend => 'db', resource => "${db_type}-icingaweb2" } case $db_type { 'mysql': { exec { 'import schema': - command => "mysql -h '${db_host}' -P '${db_port}' -u '${db_username}' -p'${db_password}' '${db_name}' < '${schema_dir}/mysql.schema.sql'", + command => "mysql -h '${db_host}' -P '${db_port}' -u '${db_username}' -p'${db_password}' '${db_name}' < '${mysql_db_schema}'", unless => "mysql -h '${db_host}' -P '${db_port}' -u '${db_username}' -p'${db_password}' '${db_name}' -Ns -e 'SELECT 1 FROM icingaweb_user'", notify => Exec['create default user'], } exec { 'create default user': command => "mysql -h '${db_host}' -P '${db_port}' -u '${db_username}' -p'${db_password}' '${db_name}' -Ns -e 'INSERT INTO icingaweb_user (name, active, password_hash) VALUES (\"icingaadmin\", 1, \"\$1\$3no6eqZp\$FlcHQDdnxGPqKadmfVcCU.\")'", refreshonly => true, } } 'pgsql': { exec { 'import schema': environment => ["PGPASSWORD=${db_password}"], - command => "psql -h '${db_host}' -p '${db_port}' -U '${db_username}' -d '${db_name}' -w -f ${schema_dir}/pgsql.schema.sql", + command => "psql -h '${db_host}' -p '${db_port}' -U '${db_username}' -d '${db_name}' -w -f ${pgsql_db_schema}", unless => "psql -h '${db_host}' -p '${db_port}' -U '${db_username}' -d '${db_name}' -w -c 'SELECT 1 FROM icingaweb_user'", notify => Exec['create default user'], } exec { 'create default user': environment => ["PGPASSWORD=${db_password}"], command => "psql -h '${db_host}' -p '${db_port}' -U '${db_username}' -d '${db_name}' -w -c \"INSERT INTO icingaweb_user(name, active, password_hash) VALUES ('icingaadmin', 1, '\\\$1\\\$3no6eqZp\\\$FlcHQDdnxGPqKadmfVcCU.')\"", refreshonly => true, } } default: { fail('The database type you provided is not supported.') } } } } diff --git a/manifests/config/authmethod.pp b/manifests/config/authmethod.pp index 0dc2661..9c982ca 100644 --- a/manifests/config/authmethod.pp +++ b/manifests/config/authmethod.pp @@ -1,91 +1,94 @@ -# == Define: icingaweb2::config::authmethod +# @summary +# Manage Icinga Web 2 authentication methods. Auth methods may be chained by setting proper ordering. # -# Manage Icinga Web 2 authentication methods. Auth methods may be chained by setting proper ordering. Some backends -# require additional resources. -# -# === Parameters -# -# [*backend*] +# @param [Enum['external', 'ldap', 'msldap', 'db']] backend # Select between 'external', 'ldap', 'msldap' or 'db'. Each backend may require other settings. # -# [*resource*] +# @param [Optional[String]] resource # The name of the resource defined in resources.ini. # -# [*ldap_user_class*] -# LDAP user class. Only valid if `backend` is `ldap`. +# @param [Optional[String]] ldap_user_class +# LDAP user class. Only valid if `backend` is `ldap` or `msldap`. # -# [*ldap_user_name_attribute*] -# LDAP attribute which contains the username. Only valid if `backend` is `ldap`. +# @param [Optional[String]] ldap_user_name_attribute +# LDAP attribute which contains the username. Only valid if `backend` is `ldap` or `msldap`. # -# [*ldap_filter*] -# LDAP search filter. Only valid if `backend` is `ldap`. +# @param [Optional[String]] ldap_filter +# LDAP search filter. Only valid if `backend` is `ldap` or `msladap`. # -# [*ldap_base_dn*] -# LDAP base DN. Only valid if `backend` is `ldap`. +# @param [Optional[String]] ldap_base_dn +# LDAP base DN. Only valid if `backend` is `ldap` or `msldap`. # -# [*domain*] +# @param [Optional[String]] domain # Domain for domain-aware authentication # -# [*order*] -# Multiple authentication methods can be chained. The order of entries in the authentication configuration determines -# the order of the authentication methods. Defaults to `01` -# -# === Examples +# @param [Variant[String, Integer]] order +# Multiple authentication methods can be chained. The order of entries in the authentication +# configuration determines the order of the authentication methods. # -# Create a 'db' authentication method and reference to 'my-sql' resource: +# @example Create an authentication method (db) and reference to a resource: +# icingaweb2::config::authmethod { 'db-auth': +# backend => 'db', +# resource => 'my-sql', +# order => 20, +# } # -# icingaweb2::config::authmethod {'db-auth': -# backend => 'db', -# resource => 'my-sql', -# order => '02', -# } +# @example Create a LDAP authmethod: +# icingaweb2::config::authmethod { 'ldap-auth': +# backend => 'ldap', +# resource => 'my-ldap', +# ldap_user_class => 'user', +# ldap_filter => '(memberof:1.2.840.113556.1.4.1941:=CN=monitoring,OU=groups,DC=icinga,DC=com)', +# ldap_user_name_attribute => 'userPrincipalName', +# order => '05', +# } # define icingaweb2::config::authmethod( Enum['external', 'ldap', 'msldap', 'db'] $backend = undef, Optional[String] $resource = undef, Optional[String] $ldap_user_class = undef, Optional[String] $ldap_user_name_attribute = undef, Optional[String] $ldap_filter = undef, Optional[String] $ldap_base_dn = undef, Optional[String] $domain = undef, - Pattern[/^\d+$/] $order = '01', + Variant[String, Integer] $order = '01', ) { - $conf_dir = $::icingaweb2::params::conf_dir + $conf_dir = $::icingaweb2::globals::conf_dir case $backend { 'external': { $settings = { 'backend' => $backend, } } - 'ldap': { + 'ldap', 'msldap': { $settings = { 'backend' => $backend, 'resource' => $resource, 'user_class' => $ldap_user_class, 'user_name_attribute' => $ldap_user_name_attribute, 'filter' => $ldap_filter, 'base_dn' => $ldap_base_dn, 'domain' => $domain, } } - 'msldap', 'db': { + 'db': { $settings = { 'backend' => $backend, 'resource' => $resource, 'domain' => $domain, } } default: { fail('The backend type you provided is not supported.') } } icingaweb2::inisection { "authmethod-${title}": section_name => $title, target => "${conf_dir}/authentication.ini", settings => delete_undef_values($settings), order => $order, } } diff --git a/manifests/config/groupbackend.pp b/manifests/config/groupbackend.pp index 3d14bca..79a570d 100644 --- a/manifests/config/groupbackend.pp +++ b/manifests/config/groupbackend.pp @@ -1,121 +1,126 @@ -# == Define: icingaweb2::config::groupbackend +# @summary +# Groups of users can be stored either in a database, LDAP or ActiveDirectory. This defined type configures backends +# that store groups. # -# Groups of users can be stored either in a database, LDAP or ActiveDirectory. This defined type configures backends -# that store groups. -# -# === Parameters -# -# [*group_name*] +# @param [String] group_name # Name of the resources. Resources are referenced by their name in other configuration sections. # -# [*backend*] -# Type of backend. Valide values are: `db`, `ldap` and `msldap`. Each backend supports different settings, see the -# parameters for detailed information. +# @param [Enum['db', 'ldap', 'msldap']] backend +# Type of backend. Valide values are: `db`, `ldap` and `msldap`. Each backend supports different settings, +# see the parameters for detailed information. # -# [*resource*] +# @param [String] resource # The resource used to connect to the backend. The resource contains connection information. # -# [*ldap_user_backend*] -# A group backend can be connected with an authentication method. This parameter references the auth method. Only -# valid with backend `ldap` or `msldap`. +# @param [Optional[String]] ldap_user_backend +# A group backend can be connected with an authentication method. This parameter references the auth method. +# Only valid with backend `ldap` or `msldap`. # -# [*ldap_group_class*] +# @param [Optional[String]] ldap_group_class # Class used to identify group objects. Only valid with backend `ldap`. # -# [*ldap_group_filter*] +# @param [Optional[String]] ldap_group_filter # Use a LDAP filter to receive only certain groups. Only valid with backend `ldap` or `msldap`. # -# [*ldap_group_name_attribute*] +# @param [Optional[String]] ldap_group_name_attribute # The group name attribute. Only valid with backend `ldap`. # -# [*ldap_group_member_attribute*] +# @param [Optional[String]] ldap_group_member_attribute # The group member attribute. Only valid with backend `ldap`. # -# [*ldap_base_dn*] +# @param [Optional[String]] ldap_base_dn # Base DN that is searched for groups. Only valid with backend `ldap` with `msldap`. # -# [*ldap_nested_group_search*] +# @param [Optional[Boolean]] ldap_nested_group_search # Search for groups in groups. Only valid with backend `msldap`. # -# [*domain*] -# Domain for domain-aware authentication -# -# === Examples -# -# A group backend for groups stored in LDAP: -# -# icingaweb2::config::groupbackend {'ldap-backend': -# backend => 'ldap', -# resource => 'my-ldap', -# ldap_group_class => 'groupofnames', -# ldap_group_name_attribute => 'cn', -# ldap_group_member_attribute => 'member', -# ldap_base_dn => 'ou=groups,dc=icinga,dc=com', -# domain => 'icinga.com', -# } -# +# @param [Optional[String]] domain +# Domain for domain-aware authentication. +# +# @param [Variant[String, Integer]] order +# Multiple authentication methods can be chained. The order of entries in the authentication +# configuration determines the order of the authentication methods. +# +# @example A group backend for groups stored in LDAP: +# icingaweb2::config::groupbackend { 'ldap-groups': +# backend => 'ldap', +# resource => 'my-ldap', +# ldap_group_class => 'group', +# ldap_group_name_attribute => 'cn', +# ldap_group_member_attribute => 'member', +# ldap_base_dn => 'ou=groups,dc=icinga,dc=com', +# domain => 'icinga.com', +# } +# +# @example If you have imported the database schema (parameter `import_schema`), this backend was also created automatically: +# icingaweb2::config::groupbackend { 'mysql-backend': +# backend => 'db', +# resource => 'my-sql', +# } # define icingaweb2::config::groupbackend( String $group_name = $title, Enum['db', 'ldap', 'msldap'] $backend = undef, String $resource = undef, Optional[String] $ldap_user_backend = undef, Optional[String] $ldap_group_class = undef, Optional[String] $ldap_group_filter = undef, Optional[String] $ldap_group_name_attribute = undef, Optional[String] $ldap_group_member_attribute = undef, Optional[String] $ldap_base_dn = undef, Optional[Boolean] $ldap_nested_group_search = undef, Optional[String] $domain = undef, + Variant[String, Integer] $order = '01', ) { - $conf_dir = $::icingaweb2::params::conf_dir + $conf_dir = $::icingaweb2::globals::conf_dir case $backend { 'db': { $settings = { 'backend' => $backend, 'resource' => $resource, 'domain' => $domain, } } 'ldap': { $settings = { 'backend' => $backend, 'resource' => $resource, 'user_backend' => $ldap_user_backend, 'group_class' => $ldap_group_class, 'group_filter' => $ldap_group_filter, 'group_name_attribute' => $ldap_group_name_attribute, 'group_member_attribute' => $ldap_group_member_attribute, 'base_dn' => $ldap_base_dn, 'domain' => $domain, } } 'msldap': { $ldap_nested_group_search_as_string = $ldap_nested_group_search ? { true => '1', default => '0', } $settings = { 'backend' => $backend, 'resource' => $resource, 'user_backend' => $ldap_user_backend, 'nested_group_search' => $ldap_nested_group_search_as_string, 'group_filter' => $ldap_group_filter, 'base_dn' => $ldap_base_dn, 'domain' => $domain, } } default: { fail('The backend type you provided is not supported.') } } icingaweb2::inisection { "groupbackend-${title}": section_name => $title, target => "${conf_dir}/groups.ini", settings => delete_undef_values($settings), + order => $order, } } diff --git a/manifests/config/resource.pp b/manifests/config/resource.pp index 7327060..6506089 100644 --- a/manifests/config/resource.pp +++ b/manifests/config/resource.pp @@ -1,115 +1,123 @@ -# == Define: icingaweb2::config::resource +# @summary +# Create and remove Icinga Web 2 resources. Resources may be referenced in other configuration sections. # -# Create and remove Icinga Web 2 resources. Resources may be referenced in other configuration sections. -# -# === Parameters -# -# [*resource_name*] +# @param [String] resource_name # Name of the resources. Resources are referenced by their name in other configuration sections. # -# [*type*] +# @param [Enum['db', 'ldap']] type # Supported resource types are `db` and `ldap`. # -# [*host*] +# @param [Optional[String]] host # Connect to the database or ldap server on the given host. For using unix domain sockets, specify 'localhost' for # MySQL and the path to the unix domain socket directory for PostgreSQL. When using the 'ldap' type you can also # provide multiple hosts separated by a space. # -# [*port*] +# @param [Optional[Stdlib::Port]] port # Port number to use. # -# [*db_type*] -# Supported DB types are `mysql` and `pgsql`. +# @param [Optional[Enum['mysql', 'pgsql', 'mssql', 'oci', 'oracle', 'ibm', 'sqlite']]] db_type +# Set database type to connect. # -# [*db_name*] +# @param [Optional[String]] db_name # The database to use. Only valid if `type` is `db`. # -# [*db_username*] +# @param [Optional[String]] db_username # The username to use when connecting to the server. Only valid if `type` is `db`. # -# [*db_password*] +# @param [Optional[String]] db_password # The password to use when connecting to the server. Only valid if `type` is `db`. # -# [*db_charset*] +# @param [Optional[String]] db_charset # The character set to use for the database connection. Only valid if `type` is `db`. # -# [*ldap_root_dn*] +# @param [Optional[String]] ldap_root_dn # Root object of the tree, e.g. 'ou=people,dc=icinga,dc=com'. Only valid if `type` is `ldap`. # -# [*ldap_bind_dn*] +# @param [Optional[String]] ldap_bind_dn # The user to use when connecting to the server. Only valid if `type` is `ldap`. # -# [*ldap_bind_pw*] +# @param [Optional[String]] ldap_bind_pw # The password to use when connecting to the server. Only valid if `type` is `ldap`. # -# [*ldap_encryption*] +# @param [Optional[Enum['none', 'starttls', 'ldaps']]] ldap_encryption # Type of encryption to use: none (default), starttls, ldaps. Only valid if `type` is `ldap`. # -# === Examples -# -# Create a 'db' resource: -# -# icingaweb2::config::resource{'my-sql': -# type => 'db', -# db_type => 'mysql', -# host => 'localhost', -# port => '3306', -# db_name => 'icingaweb2', -# db_username => 'root', -# db_password => 'supersecret', -# } -# +# @param [Integer] ldap_timeout +# Timeout for the ldap connection. +# +# @example Create a MySQL DB resource: +# icingaweb2::config::resource{ 'my-sql': +# type => 'db', +# db_type => 'mysql', +# host => 'localhost', +# port => '3306', +# db_name => 'icingaweb2', +# db_username => 'icingaweb2', +# db_password => 'supersecret', +# } +# +# @example Create a LDAP resource: +# icingaweb2::config::resource{ 'my-ldap': +# type => 'ldap', +# host => 'localhost', +# port => 389, +# ldap_root_dn => 'ou=users,dc=icinga,dc=com', +# ldap_bind_dn => 'cn=icingaweb2,ou=users,dc=icinga,dc=com', +# ldap_bind_pw => 'supersecret', +# } # define icingaweb2::config::resource( - String $resource_name = $title, - Enum['db', 'ldap'] $type = undef, - String $host = undef, - Optional[Integer[1,65535]] $port = undef, - Optional[Enum['mysql', 'pgsql']] $db_type = undef, - Optional[String] $db_name = undef, - Optional[String] $db_username = undef, - Optional[String] $db_password = undef, - Optional[String] $db_charset = undef, - Optional[String] $ldap_root_dn = undef, - Optional[String] $ldap_bind_dn = undef, - Optional[String] $ldap_bind_pw = undef, - Optional[Enum['none', 'starttls', 'ldaps']] $ldap_encryption = 'none', + Enum['db', 'ldap'] $type, + String $resource_name = $title, + Optional[String] $host = undef, + Optional[Stdlib::Port] $port = undef, + Optional[Enum['mysql', 'pgsql', 'mssql', 'oci', 'oracle', 'ibm', 'sqlite']] $db_type = undef, + Optional[String] $db_name = undef, + Optional[String] $db_username = undef, + Optional[String] $db_password = undef, + Optional[String] $db_charset = undef, + Optional[String] $ldap_root_dn = undef, + Optional[String] $ldap_bind_dn = undef, + Optional[String] $ldap_bind_pw = undef, + Optional[Enum['none', 'starttls', 'ldaps']] $ldap_encryption = 'none', + Integer $ldap_timeout = 5, ) { - $conf_dir = $::icingaweb2::params::conf_dir + $conf_dir = $::icingaweb2::globals::conf_dir case $type { 'db': { $settings = { 'type' => $type, 'db' => $db_type, 'host' => $host, 'port' => $port, 'dbname' => $db_name, 'username' => $db_username, 'password' => $db_password, 'charset' => $db_charset, } } 'ldap': { $settings = { 'type' => $type, 'hostname' => $host, 'port' => $port, 'root_dn' => $ldap_root_dn, 'bind_dn' => $ldap_bind_dn, 'bind_pw' => $ldap_bind_pw, 'encryption' => $ldap_encryption, + 'timeout' => $ldap_timeout, } } default: { fail('The resource type you provided is not supported.') } } icingaweb2::inisection { "resource-${resource_name}": section_name => $resource_name, target => "${conf_dir}/resources.ini", settings => delete_undef_values($settings), } } diff --git a/manifests/config/role.pp b/manifests/config/role.pp index c653999..67a2b0c 100644 --- a/manifests/config/role.pp +++ b/manifests/config/role.pp @@ -1,66 +1,109 @@ -# == Define: icingaweb2::config::resource +# @summary +# Roles define a set of permissions that may be applied to users or groups. # -# Roles define a set of permissions that may be applied to users or groups. -# -# === Parameters -# -# [*role_name*] +# @param [String] role_name # Name of the role. # -# [*users*] +# @param [Optional[String]] users # Comma separated list of users this role applies to. # -# [*groups*] +# @param [Optional[String]] groups # Comma separated list of groups this role applies to. # -# [*permissions*] +# @param [Optional[String]] permissions # Comma separated lsit of permissions. Each module may add it's own permissions. Examples are # - Allow everything: '*' # - Allow config access: 'config/*' # - Allow access do module monitoring: 'module/monitoring' # - Allow scheduling checks: 'monitoring/command/schedule-checks' # - Grant admin permissions: 'admin' # -# [*filters*] +# @param [Hash] filters # Hash of filters. Modules may add new filter keys, some sample keys are: # - application/share/users # - application/share/groups # - monitoring/filter/objects # - monitoring/blacklist/properties # A string value is expected for each used key. For example: # - monitoring/filter/objects = "host_name!=*win*" # -# === Examples +# @example Create role that allows only hosts beginning with `linux-*`: +# icingaweb2::config::role{ 'linux-user': +# groups => 'linuxer', +# permissions => '*', +# filters => { +# 'monitoring/filter/objects' => 'host_name=linux-*' +# } +# } +# +# @note Availble permissions in module monitoring: +# | Description | Value | +# |-------------|-------| +# | Allow everything | `*` | +# | Allow to share navigation items | `application/share/navigation` | +# | Allow to adjust in the preferences whether to show stacktraces | `application/stacktraces` | +# | Allow to view the application log | `application/log` | +# | Grant admin permissions, e.g. manage announcements | `admin` | +# | Allow config access | `config/*` | +# | Allow access to module doc | `module/doc` | +# | Allow access to module monitoring | `module/monitoring` | +# | Allow all commands | `monitoring/command/*` | +# | Allow scheduling host and service checks | `monitoring/command/schedule-check` | +# | Allow acknowledging host and service problems | `monitoring/command/acknowledge-problem` | +# | Allow removing problem acknowledgements | `monitoring/command/remove-acknowledgement` | +# | Allow adding and deleting host and service comments | `monitoring/command/comment/*` | +# | Allow commenting on hosts and services | `monitoring/command/comment/add` | +# | Allow deleting host and service comments | `monitoring/command/comment/delete` | +# | Allow scheduling and deleting host and service downtimes | `monitoring/command/downtime/*` | +# | Allow scheduling host and service downtimes | `monitoring/command/downtime/schedule` | +# | Allow deleting host and service downtimes | `monitoring/command/downtime/delete` | +# | Allow processing host and service check results | `monitoring/command/process-check-result` | +# | Allow processing commands for toggling features on an instance-wide basis | `monitoring/command/feature/instance` | +# | Allow processing commands for toggling features on host and service objects | `monitoring/command/feature/object/*`) | +# | Allow processing commands for toggling active checks on host and service objects | `monitoring/command/feature/object/active-checks` | +# | Allow processing commands for toggling passive checks on host and service objects | `monitoring/command/feature/object/passive-checks` | +# | Allow processing commands for toggling notifications on host and service objects | `monitoring/command/feature/object/notifications` | +# | Allow processing commands for toggling event handlers on host and service objects | `monitoring/command/feature/object/event-handler` | +# | Allow processing commands for toggling flap detection on host and service objects | `monitoring/command/feature/object/flap-detection` | +# | Allow sending custom notifications for hosts and services | `monitoring/command/send-custom-notification` | +# | Allow access to module setup | `module/setup` | +# | Allow access to module test | `module/test` | +# | Allow access to module translation | `module/translation` | # -# Create role that allows only hosts beginning with 'linux-*': +# @note With the monitoring module, possible filters are: +# * `application/share/users` +# * `application/share/groups` +# * `monitoring/filter/objects` +# * `monitoring/blacklist/properties` # -# icingaweb2::config::role{'linux-user': -# groups => 'linuxer', -# permissions => '*', -# filters => { -# 'monitoring/filter/objects' => 'host_name=linux-*' +# @example Create role that allows a user to see only hosts beginning with `linux-*`: +# icingaweb2::config::role{'linux-user': +# users => 'bob, pete', +# permissions => '*', +# filters => { +# 'monitoring/filter/objects' => 'host_name=linux-*', +# } # } -# } # define icingaweb2::config::role( String $role_name = $title, Optional[String] $users = undef, Optional[String] $groups = undef, Optional[String] $permissions = undef, Hash $filters = {}, ) { - $conf_dir = $::icingaweb2::params::conf_dir + $conf_dir = $::icingaweb2::globals::conf_dir $settings = { 'users' => $users, 'groups' => $groups, 'permissions' => $permissions, } icingaweb2::inisection{ "role-${role_name}": section_name => $role_name, target => "${conf_dir}/roles.ini", settings => delete_undef_values(merge($settings,$filters)) } } diff --git a/manifests/globals.pp b/manifests/globals.pp new file mode 100644 index 0000000..eaef69a --- /dev/null +++ b/manifests/globals.pp @@ -0,0 +1,15 @@ +# @summary +# This class loads the default parameters by doing a hiera lookup. +# +# @note This parameters depend on the os plattform. Changes maybe will break the functional capability of the supported plattforms and versions. Please only do changes when you know what you're doing. +# +class icingaweb2::globals( + String $package_name, + Stdlib::Absolutepath $conf_dir, + Stdlib::Absolutepath $mysql_db_schema, + Stdlib::Absolutepath $pgsql_db_schema, + String $gettext_package_name, + Stdlib::Absolutepath $icingacli_bin, +) { + +} diff --git a/manifests/inisection.pp b/manifests/inisection.pp index 4cff3fc..c55888e 100644 --- a/manifests/inisection.pp +++ b/manifests/inisection.pp @@ -1,59 +1,53 @@ -# == Define: icingaweb2::inifile +# @summary +# Manage settings in INI configuration files. # -# Manage settings in INI configuration files. -# -# === Parameters -# -# [*target*] +# @param [Stdlib::Absolutepath] target # Absolute path to the configuration file. # -# [*section_name*] +# @param [String] section_name # Name of the target section. Settings are set under [$section_name] # -# [*settings*] +# @param [Hash] settings # A hash of settings and their settings. Single settings may be set to absent. # -# [*order*] +# @param [Variant[String, Integer]] order # Ordering of the INI section within a file. Defaults to `01` # -# === Examples -# -# Create the configuration file '/path/to/config.ini' and set the settings 'setting1' and 'setting2' for the section -# 'global' +# @example Create the configuration file and set two settings for the section `global`: +# include icingawebeb2 # -# include icingawebeb2 -# icingaweb2::inisection {"/path/to/config.ini": -# settings => { -# 'global' => { -# 'setting1' => 'value', -# 'setting2' => 'value', +# icingaweb2::inisection { '/path/to/config.ini': +# settings => { +# 'global' => { +# 'setting1' => 'value', +# 'setting2' => 'value', +# }, # }, -# }, -# } +# } # define icingaweb2::inisection( - Stdlib::Absolutepath $target, - String $section_name = $title, - Hash $settings = {}, - Pattern[/^\d+$/] $order = '01', + Stdlib::Absolutepath $target, + String $section_name = $title, + Hash $settings = {}, + Variant[String, Integer] $order = '01', ){ $conf_user = $::icingaweb2::conf_user - $conf_group = $::icingaweb2::params::conf_group + $conf_group = $::icingaweb2::conf_group if !defined(Concat[$target]) { concat { $target: ensure => present, warn => false, owner => $conf_user, group => $conf_group, mode => '0640', } } concat::fragment { "${title}-${section_name}-${order}": target => $target, content => template('icingaweb2/inisection.erb'), order => $order, } } diff --git a/manifests/init.pp b/manifests/init.pp index 5b9b0e4..68092d8 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -1,118 +1,171 @@ -# == Class: icingaweb2 +# @summary +# Installs and configures Icinga Web 2. # -# This module installs and configures Icinga Web 2. +# @param [Enum['file', 'syslog', 'php', 'none']] logging +# Whether Icinga Web 2 should log to 'file', 'syslog' or 'php' (web server's error log). Setting 'none' disables logging. # -# === Parameters +# @param [Stdlib::Absolutepath] logging_file +# If 'logging' is set to 'file', this is the target log file. # -# [*logging*] -# Whether Icinga Web 2 should log to 'file', 'syslog' or 'php' (web server's error log). Setting 'none' disables logging. Defaults to 'file'. +# @param [Enum['ERROR', 'WARNING', 'INFO', 'DEBUG']] logging_level +# Logging verbosity. Possible values are 'ERROR', 'WARNING', 'INFO' and 'DEBUG'. # -# [*logging_file*] -# If 'logging' is set to 'file', this is the target log file. Defaults to '/var/log/icingaweb2/icingaweb2.log'. +# @param [Pattern[/user|local[0-7]/]] logging_facility +# Logging facility when using syslog. Possible values are 'user' or 'local0' up to 'local7'. # -# [*logging_level*] -# Logging verbosity. Possible values are 'ERROR', 'WARNING', 'INFO' and 'DEBUG'. Defaults to 'INFO'. +# @param [String] logging_application +# Logging application name when using syslog. # -# [*logging_facility*] -# Logging facility when using syslog. Possible values are 'user' or 'local0' to 'local7'. +# @param [Boolean] show_stacktraces +# Whether to display stacktraces in the web interface or not. # -# [*logging_application*] -# Logging application name when using syslog. +# @param [Stdlib::Absolutepath] module_path +# Path to module sources. Multiple paths must be separated by colon. +# +# @param [String] theme +# The default theme setting. Users may override this settings. +# +# @param [Boolean] theme_disabled +# Whether users can change themes or not. +# +# @param [Boolean] manage_repo +# Deprecated, use manage_repos. # -# [*enable_stacktraces*] -# Whether to display stacktraces in the web interface or not. Defaults to 'false'. +# @param [Boolean] manage_repos +# When set to true this module will use the module icinga/puppet-icinga to manage repositories, +# e.g. the release repo on packages.icinga.com repository by default, the EPEL repository or Backports. +# For more information, see http://github.com/icinga/puppet-icinga. # -# [*module_path*] -# Path to module sources. Multiple paths must be separated by colon. Defaults to '/usr/share/icingaweb2/modules'. +# @param [Boolean] manage_package +# If set to `false` packages aren't managed. # -# [*theme*] -# The default theme setting. Users may override this settings. Defaults to 'icinga'. +# @param [Optional[Array[String]]] extra_packages +# An array of packages to install additionally. # -# [*theme_disabled*] -# Whether users can change themes or not. Defaults to `false`. +# @param [Boolean] import_schema +# Import database scheme. Make sure you have an existing database if you use this option. # -# [*manage_repo*] -# When set to true this module will install the packages.icinga.com repository. With this official repo you can get -# the latest version of Icinga Web. When set to false the operating systems default will be used. Defaults to false. -# NOTE: will be ignored if manage_package is set to false. +# @param [Enum['mysql', 'pgsql']] db_type +# Database type, can be either `mysql` or `pgsql`. This parameter is only used if `import_schema` is `true` or +# `config_backend` is `db`. # -# [*manage_package*] -# If set to `false` packages aren't managed. Defaults to `true`. +# @param [Stdlib::Host] db_host +# Database hostname. This parameter is only used if `import_schema` is `true` or +# `config_backend` is `db`. # -# [*extra_pacakges*] -# An array of packages to install additionally. +# @param [Stdlib::Port] db_port +# Port of database host. This parameter is only used if `import_schema` is `true` or +# `config_backend` is `db`. # -# [*import_schema*] -# Import database scheme. Make sure you have an existing database if you use this option. Defaults to `false` +# @param [String] db_name +# Database name. This parameter is only used if `import_schema` is `true` or +# `config_backend` is `db`. # -# [*db_type*] -# Database type, can be either `mysql` or `pgsql`. This parameter is only used if `import_schema` is `true` or -# `config_backend` is `db`. Defaults to `mysql` +# @param [Optional[String]] db_username +# Username for database access. This parameter is only used if `import_schema` is `true` or +# `config_backend` is `db`. # -# [*db_host*] -# Database hostname. This parameter is only used if `import_schema` is `true` or -# `config_backend` is `db`. Defaults to `localhost` +# @param [Optional[String]] db_password +# Password for database access. This parameter is only used if `import_schema` is `true` or +# `config_backend` is `db`. # -# [*db_port*] -# Port of database host. This parameter is only used if `import_schema` is `true` or -# `config_backend` is `db`. Defaults to `3306` +# @param [Enum['ini', 'db']] config_backend +# The global Icinga Web 2 preferences can either be stored in a database or in ini files. This parameter can either +# be set to `db` or `ini`. # -# [*db_name*] -# Database name. This parameter is only used if `import_schema` is `true` or -# `config_backend` is `db`. Defaults to `icingaweb2` +# @param [String] conf_user +# By default this module expects Apache2 on the server. You can change the owner of the config files with this +# parameter. # -# [*db_username*] -# Username for database access. This parameter is only used if `import_schema` is `true` or -# `config_backend` is `db`. +# @param [String] conf_group +# Group membership of config files. # -# [*db_password*] -# Password for database access. This parameter is only used if `import_schema` is `true` or -# `config_backend` is `db`. +# @param [Optional[String]] default_domain +# When using domain-aware authentication, you can set a default domain here. # -# [*config_backend*] -# The global Icinga Web 2 preferences can either be stored in a database or in ini files. This parameter can either -# be set to `db` or `ini`. Defaults to `ini` +# @param [Optional[Stdlib::Absolutepath]] cookie_path +# Path to where cookies are stored. # -# [*conf_user*] -# By default this module expects Apache2 on the server. You can change the owner of the config files with this -# parameter. Default is dependent on the platform +# @example Use MySQL as backend for user authentication: +# include ::mysql::server # -# [*default_domain*] -# When using domain-aware authentication, you can set a default domain here. +# mysql::db { 'icingaweb2': +# user => 'icingaweb2', +# password => 'supersecret', +# host => 'localhost', +# grant => [ 'ALL' ], +# } # -# === Examples +# class {'icingaweb2': +# manage_repos => true, +# import_schema => true, +# db_type => 'mysql', +# db_host => 'localhost', +# db_port => 3306, +# db_username => 'icingaweb2', +# db_password => 'supersecret', +# require => Mysql::Db['icingaweb2'], +# } # +# @example Use PostgreSQL as backend for user authentication: +# include ::postgresql::server +# +# postgresql::server::db { 'icingaweb2': +# user => 'icingaweb2', +# password => postgresql_password('icingaweb2', 'icingaweb2'), +# } +# +# class {'icingaweb2': +# manage_repos => true, +# import_schema => true, +# db_type => 'pgsql', +# db_host => 'localhost', +# db_port => 5432, +# db_username => 'icingaweb2', +# db_password => 'icingaweb2', +# require => Postgresql::Server::Db['icingaweb2'], +# } # class icingaweb2 ( + Stdlib::Absolutepath $module_path, + Stdlib::Absolutepath $logging_file, + String $conf_user, + String $conf_group, Enum['file', 'syslog', 'php', 'none'] $logging = 'file', - Stdlib::Absolutepath $logging_file = '/var/log/icingaweb2/icingaweb2.log', Enum['ERROR', 'WARNING', 'INFO', 'DEBUG'] $logging_level = 'INFO', Pattern[/user|local[0-7]/] $logging_facility = 'user', String $logging_application = 'icingaweb2', Boolean $show_stacktraces = false, - Stdlib::Absolutepath $module_path = $::icingaweb2::params::module_path, String $theme = 'Icinga', Boolean $theme_disabled = false, Boolean $manage_repo = false, + Boolean $manage_repos = false, Boolean $manage_package = true, Optional[Array[String]] $extra_packages = undef, Boolean $import_schema = false, Enum['mysql', 'pgsql'] $db_type = 'mysql', - String $db_host = 'localhost', - Integer[1,65535] $db_port = 3306, + Stdlib::Host $db_host = 'localhost', + Stdlib::Port $db_port = 3306, String $db_name = 'icingaweb2', Optional[String] $db_username = undef, Optional[String] $db_password = undef, Enum['ini', 'db'] $config_backend = 'ini', - String $conf_user = $icingaweb2::params::conf_user, Optional[String] $default_domain = undef, - Optional[String] $cookie_path = undef, -) inherits ::icingaweb2::params { + Optional[Stdlib::Absolutepath] $cookie_path = undef, +) { + + require ::icingaweb2::globals + + if $manage_repos or $manage_repo { + require ::icinga::repos + if $manage_repo { + deprecation('manage_repo', 'manage_repo is deprecated and will be replaced by manage_repos in the future.') + } + } - anchor { '::icingaweb2::begin': } - -> class { '::icingaweb2::repo': } - -> class { '::icingaweb2::install': } + class { '::icingaweb2::install': } -> class { '::icingaweb2::config': } - -> anchor { '::icingaweb2::end': } + contain ::icingaweb2::install + contain ::icingaweb2::config } diff --git a/manifests/install.pp b/manifests/install.pp index 4253c4f..dec7e49 100644 --- a/manifests/install.pp +++ b/manifests/install.pp @@ -1,30 +1,23 @@ -# == Class: icingaweb2::install +# @summary +# Installs Icinga Web 2 and extra packages. # -# This class handles the installation of the Icinga Web 2 package. -# -# === Parameters -# -# This class does not provide any parameters. -# -# === Examples -# -# This class is private and should not be called by others than this module. +# @api private # class icingaweb2::install { assert_private("You're not supposed to use this defined type manually.") - $package = $::icingaweb2::params::package + $package_name = $::icingaweb2::globals::package_name $manage_package = $::icingaweb2::manage_package $extra_packages = $::icingaweb2::extra_packages if $manage_package { - package { $package: + package { $package_name: ensure => installed, } } if $extra_packages { - ensure_packages($extra_packages, { 'ensure' => 'present' }) + ensure_packages($extra_packages, { 'ensure' => installed }) } } diff --git a/manifests/module.pp b/manifests/module.pp index 7474036..a13386e 100644 --- a/manifests/module.pp +++ b/manifests/module.pp @@ -1,116 +1,111 @@ -# == Define: icingaweb2::module +# @summary +# Download, enable and configure Icinga Web 2 modules. # -# Download, enable and configure Icinga Web 2 modules. This is a public defined type and is meant to be used to install -# modules developed by the community as well. +# @note If you want to use `git` as `install_method`, the CLI `git` command has to be installed. You can manage it yourself as package resource or declare the package name in icingaweb2 class parameter `extra_packages`. # -# === Parameters +# @param [Enum['absent', 'present']] ensure +# Enable or disable module. # -# [*ensure*] -# Enable or disable module. Defaults to `present` -# -# [*module*] +# @param [String] module # Name of the module. # -# [*module_dir*] +# @param [Stdlib::Absolutepath] module_dir # Target directory of the module. # -# [*install_method*] +# @param [Enum['git', 'none', 'package']] install_method # Install methods are `git`, `package` and `none` is supported as installation method. Defaults to `git` # -# [*git_repository*] -# Git repository of the module. This setting is only valid in combination with the installation method `git`. -# -# [*git_revision*] +# @param [String] git_revision # Tag or branch of the git repository. This setting is only valid in combination with the installation method `git`. # -# [*package_name*] +# @param [Optional[String]] package_name # Package name of the module. This setting is only valid in combination with the installation method `package`. # -# [*settings*] +# @param [Hash] settings # A hash with the module settings. Multiple configuration files with ini sections can be configured with this hash. # The `module_name` should be used as target directory for the configuration files. # -# Example: +# @example +# $conf_dir = $::icingaweb2::globals::conf_dir +# $module_conf_dir = "${conf_dir}/modules/mymodule" # -# $conf_dir = $::icingaweb2::params::conf_dir -# $module_conf_dir = "${conf_dir}/modules/mymodule" -# -# $settings = { -# 'section1' => { -# 'target' => "${module_conf_dir}/config1.ini", -# 'settings' => { -# 'setting1' => 'value1', -# 'setting2' => 'value2', -# } -# }, -# 'section2' => { -# 'target' => "${module_conf_dir}/config2.ini", -# 'settings' => { -# 'setting3' => 'value3', -# 'setting4' => 'value4', -# } +# $settings = { +# 'section1' => { +# 'target' => "${module_conf_dir}/config1.ini", +# 'settings' => { +# 'setting1' => 'value1', +# 'setting2' => 'value2', +# } +# }, +# 'section2' => { +# 'target' => "${module_conf_dir}/config2.ini", +# 'settings' => { +# 'setting3' => 'value3', +# 'setting4' => 'value4', # } # } +# } # define icingaweb2::module( Enum['absent', 'present'] $ensure = 'present', String $module = $title, - Stdlib::Absolutepath $module_dir = "${::icingaweb2::params::module_path}/${title}", + Stdlib::Absolutepath $module_dir = "${::icingaweb2::module_path}/${title}", Enum['git', 'none', 'package'] $install_method = 'git', Optional[String] $git_repository = undef, String $git_revision = 'master', Optional[String] $package_name = undef, Hash $settings = {}, ){ - $conf_dir = $::icingaweb2::params::conf_dir + $conf_dir = $::icingaweb2::globals::conf_dir $conf_user = $::icingaweb2::conf_user - $conf_group = $::icingaweb2::params::conf_group + $conf_group = $::icingaweb2::conf_group File { owner => $conf_user, group => $conf_group } if $ensure == 'present' { $ensure_module_enabled = 'link' $ensure_module_config_dir = 'directory' $ensure_vcsrepo = 'present' create_resources('icingaweb2::inisection', $settings) } else { $ensure_module_enabled = 'absent' $ensure_module_config_dir = 'absent' $ensure_vcsrepo = 'absent' } file {"${conf_dir}/enabledModules/${module}": ensure => $ensure_module_enabled, target => $module_dir, } file {"${conf_dir}/modules/${module}": ensure => $ensure_module_config_dir, + mode => '2770', force => true, recurse => true, } case $install_method { 'git': { vcsrepo { $module_dir: ensure => $ensure_vcsrepo, provider => 'git', source => $git_repository, revision => $git_revision, } } 'none': { } 'package': { package { $package_name: ensure => $ensure, } } default: { fail('The installation method you provided is not supported.') } } } diff --git a/manifests/module/businessprocess.pp b/manifests/module/businessprocess.pp index fffb049..e71cba7 100644 --- a/manifests/module/businessprocess.pp +++ b/manifests/module/businessprocess.pp @@ -1,37 +1,42 @@ -# == Class: icingaweb2::module::businessprocess +# @summary +# Installs and enables the businessprocess module. # -# Install and enable the businessprocess module. +# @note If you want to use `git` as `install_method`, the CLI `git` command has to be installed. You can manage it yourself as package resource or declare the package name in icingaweb2 class parameter `extra_packages`. # -# === Parameters +# @param [Enum['absent', 'present']] ensure +# Enable or disable module. # -# [*ensure*] -# Enable or disable module. Defaults to `present` +# @param [String] git_repository +# Set a git repository URL. # -# [*git_repository*] -# Set a git repository URL. Defaults to github. -# -# [*git_revision*] +# @param [Optional[String]] git_revision # Set either a branch or a tag name, eg. `master` or `v2.1.0`. # -# [*install_method*] -# Install methods are `git`, `package` and `none` is supported as installation method. Defaults to `git` +# @param [Enum['git', 'none', 'package']] install_method +# Install methods are `git`, `package` and `none` is supported as installation method. # -# [*package_name*] +# @param [String] package_name # Package name of the module. This setting is only valid in combination with the installation method `package`. -# Defaults to `icingaweb2-module-businessprocess` +# +# @note Check out the [Business Process mdoule documentation](https://www.icinga.com/docs/businessprocess/latest/) for requirements. +# +# @example +# class { 'icingaweb2::module::businessprocess': +# git_revision => 'v2.1.0' +# } # class icingaweb2::module::businessprocess( Enum['absent', 'present'] $ensure = 'present', String $git_repository = 'https://github.com/Icinga/icingaweb2-module-businessprocess.git', Optional[String] $git_revision = undef, Enum['git', 'none', 'package'] $install_method = 'git', - Optional[String] $package_name = 'icingaweb2-module-businessprocess', + String $package_name = 'icingaweb2-module-businessprocess', ){ icingaweb2::module {'businessprocess': ensure => $ensure, git_repository => $git_repository, git_revision => $git_revision, install_method => $install_method, package_name => $package_name, } } diff --git a/manifests/module/cube.pp b/manifests/module/cube.pp index df6ae05..6d40304 100644 --- a/manifests/module/cube.pp +++ b/manifests/module/cube.pp @@ -1,37 +1,40 @@ -# == Class: icingaweb2::module::cube +# @summary +# Installs and enables the cube module. # -# Install and enable the cube module. +# @note If you want to use `git` as `install_method`, the CLI `git` command has to be installed. You can manage it yourself as package resource or declare the package name in icingaweb2 class parameter `extra_packages`. # -# === Parameters +# @param [Enum['absent', 'present']] ensure +# Enable or disable module. # -# [*ensure*] -# Enable or disable module. Defaults to `present` +# @param [String] git_repository +# Set a git repository URL. # -# [*git_repository*] -# Set a git repository URL. Defaults to github. -# -# [*git_revision*] +# @param [Optional[String]] git_revision # Set either a branch or a tag name, eg. `master` or `v1.0.0`. # -# [*install_method*] -# Install methods are `git`, `package` and `none` is supported as installation method. Defaults to `git` +# @param [Enum['git', 'none', 'package']] install_method +# Install methods are `git`, `package` and `none` is supported as installation method. # -# [*package_name*] +# @param [String] package_name # Package name of the module. This setting is only valid in combination with the installation method `package`. -# Defaults to `icingaweb2-module-cube` +# +# @example +# class { 'icingaweb2::module::cube': +# git_revision => 'v1.0.0' +# } # class icingaweb2::module::cube( Enum['absent', 'present'] $ensure = 'present', String $git_repository = 'https://github.com/Icinga/icingaweb2-module-cube.git', Optional[String] $git_revision = undef, Enum['git', 'none', 'package'] $install_method = 'git', - Optional[String] $package_name = 'icingaweb2-module-cube', + String. $package_name = 'icingaweb2-module-cube', ){ icingaweb2::module {'cube': ensure => $ensure, git_repository => $git_repository, git_revision => $git_revision, install_method => $install_method, package_name => $package_name, } } diff --git a/manifests/module/director.pp b/manifests/module/director.pp index cc842c2..51d3373 100644 --- a/manifests/module/director.pp +++ b/manifests/module/director.pp @@ -1,156 +1,172 @@ -# == Class: icingaweb2::module::director +# @summary +# Installs and configures the director module. # -# Install and configure the director module. +# @note If you want to use `git` as `install_method`, the CLI `git` command has to be installed. You can manage it yourself as package resource or declare the package name in icingaweb2 class parameter `extra_packages`. # -# === Parameters +# @param [Enum['absent', 'present']] ensure +# Enable or disable module. # -# [*ensure*] -# Enable or disable module. Defaults to `present` +# @param [String] git_repository +# Set a git repository URL. # -# [*git_repository*] -# Set a git repository URL. Defaults to github. -# -# [*git_revision*] +# @param [Optional[String]] git_revision # Set either a branch or a tag name, eg. `master` or `v1.3.2`. # -# [*install_method*] -# Install methods are `git`, `package` and `none` is supported as installation method. Defaults to `git` +# @param [Enum['git', 'package', 'none']] install_method +# Install methods are `git`, `package` and `none` is supported as installation method. # -# [*package_name*] +# @param [String] package_name # Package name of the module. This setting is only valid in combination with the installation method `package`. -# Defaults to `icingaweb2-module-director` # -# [*db_type*] -# Type of your database. Either `mysql` or `pgsql`. Defaults to `mysql` +# @param [Enum['mysql', 'pgsql']] db_type +# Type of your database. Either `mysql` or `pgsql`. # -# [*db_host*] +# @param [Optional[Stdlib::Host]] db_host # Hostname of the database. # -# [*db_port*] -# Port of the database. Defaults to `3306` +# @param [Stdlib::Port] db_port +# Port of the database. # -# [*db_name*] +# @param [Optional[String]] db_name # Name of the database. # -# [*db_username*] +# @param [Optional[String]] db_username # Username for DB connection. # -# [*db_password*] +# @param [Optional[String]] db_password # Password for DB connection. # -# [*import_schema*] -# Import database schema. Defaults to `false` +# @param [Boolean] import_schema +# Import database schema. # -# [*kickstart*] -# Run kickstart command after database migration. This requires `import_schema` to be `true`. Defaults to `false` +# @param [Boolean] kickstart +# Run kickstart command after database migration. This requires `import_schema` to be `true`. # -# [*endpoint*] +# @param [Optional[String]] endpoint # Endpoint object name of Icinga 2 API. This setting is only valid if `kickstart` is `true`. # -# [*api_host*] -# Icinga 2 API hostname. This setting is only valid if `kickstart` is `true`. Defaults to `localhost` +# @param [Stdlib::Host] api_host +# Icinga 2 API hostname. This setting is only valid if `kickstart` is `true`. # -# [*api_port*] -# Icinga 2 API port. This setting is only valid if `kickstart` is `true`. Defaults to `5665` +# @param [Stdlib::Port] api_port +# Icinga 2 API port. This setting is only valid if `kickstart` is `true`. # -# [*api_username*] +# @param [Optional[String]] api_username # Icinga 2 API username. This setting is only valid if `kickstart` is `true`. # -# [*api_password*] +# @param [Optional[String]] api_password # Icinga 2 API password. This setting is only valid if `kickstart` is `true`. # +# @note Please checkout the [Director module documentation](https://www.icinga.com/docs/director/latest/) for requirements. +# +# @example +# class { 'icingaweb2::module::director': +# git_revision => 'v1.7.2', +# db_host => 'localhost', +# db_name => 'director', +# db_username => 'director', +# db_password => 'supersecret', +# import_schema => true, +# kickstart => true, +# endpoint => 'puppet-icingaweb2.localdomain', +# api_username => 'director', +# api_password => 'supersecret', +# require => Mysql::Db['director'] +# } +# class icingaweb2::module::director( Enum['absent', 'present'] $ensure = 'present', String $git_repository = 'https://github.com/Icinga/icingaweb2-module-director.git', Optional[String] $git_revision = undef, - Enum['git', 'none', 'package'] $install_method = 'git', - Optional[String] $package_name = 'icingaweb2-module-director', + Enum['git', 'package', 'none'] $install_method = 'git', + String. $package_name = 'icingaweb2-module-director', Enum['mysql', 'pgsql'] $db_type = 'mysql', Optional[String] $db_host = undef, Integer[1,65535] $db_port = 3306, Optional[String] $db_name = undef, Optional[String] $db_username = undef, Optional[String] $db_password = undef, Optional[String] $db_charset = 'utf8', Optional[Boolean] $import_schema = false, Optional[Boolean] $kickstart = false, Optional[String] $endpoint = undef, String $api_host = 'localhost', Integer[1,65535] $api_port = 5665, Optional[String] $api_username = undef, Optional[String] $api_password = undef, ){ $conf_dir = $::icingaweb2::params::conf_dir + $icingacli_bin = $::icingaweb2::globals::icingacli_bin $module_conf_dir = "${conf_dir}/modules/director" Exec { user => 'root', path => $::path, } icingaweb2::config::resource { 'icingaweb2-module-director': type => 'db', db_type => $db_type, host => $db_host, port => $db_port, db_name => $db_name, db_username => $db_username, db_password => $db_password, db_charset => $db_charset, } $db_settings = { 'module-director-db' => { 'section_name' => 'db', 'target' => "${module_conf_dir}/config.ini", 'settings' => { 'resource' => 'icingaweb2-module-director' } } } if $import_schema { ensure_packages(['icingacli'], { 'ensure' => 'present' }) exec { 'director-migration': - command => 'icingacli director migration run', - onlyif => 'icingacli director migration pending', + command => "${icingacli_bin} director migration run", + onlyif => "${icingacli_bin} director migration pending", require => [ Package['icingacli'], Icingaweb2::Module['director'] ] } if $kickstart { $kickstart_settings = { 'module-director-config' => { 'section_name' => 'config', 'target' => "${module_conf_dir}/kickstart.ini", 'settings' => { 'endpoint' => $endpoint, 'host' => $api_host, 'port' => $api_port, 'username' => $api_username, 'password' => $api_password, } } } exec { 'director-kickstart': - command => 'icingacli director kickstart run', - onlyif => 'icingacli director kickstart required', + command => "${icingacli_bin} director kickstart run", + onlyif => "${icingacli_bin} director kickstart required", require => Exec['director-migration'] } } else { $kickstart_settings = {} } } else { $kickstart_settings = {} } icingaweb2::module {'director': ensure => $ensure, git_repository => $git_repository, git_revision => $git_revision, install_method => $install_method, package_name => $package_name, settings => merge($db_settings, $kickstart_settings), } } diff --git a/manifests/module/director/service.pp b/manifests/module/director/service.pp new file mode 100644 index 0000000..2d7deec --- /dev/null +++ b/manifests/module/director/service.pp @@ -0,0 +1,51 @@ +# @summary +# Installs and configures the director service. +# +# @note Only systemd is supported by the Icinga Team and this module. +# +# @param [Stdlib::Ensure::Service] ensure +# Whether the director service should be running. +# +# @param [Boolean] enable +# Enable or disable the service. +# +# @param [String] user +# Specifies user to run director service daemon. +# +# @param [String] group +# Specifies primary group for user to run director service daemon. +# +# @param [Boolean] manage_user +# Whether to manage the server user resource. +# +class icingaweb2::module::director::service( + Stdlib::Ensure::Service $ensure = 'running', + Boolean $enable = true, + String $user = 'icingadirector', + String $group = 'icingaweb2', + Boolean $manage_user = true, +) { + + require ::icingaweb2::module::director + + $icingacli_bin = $::icingaweb2::globals::icingacli_bin + + if $manage_user { + user { $user: + ensure => present, + gid => $group, + shell => '/bin/false', + before => Systemd::Unit_file['icinga-director.service'], + } + } + + systemd::unit_file { 'icinga-director.service': + content => template('icingaweb2/icinga-director.service.erb'), + notify => Service['icinga-director'], + } + + service {'icinga-director': + ensure => $ensure, + enable => $enable, + } +} diff --git a/manifests/module/doc.pp b/manifests/module/doc.pp index f289ccb..3b99f55 100644 --- a/manifests/module/doc.pp +++ b/manifests/module/doc.pp @@ -1,30 +1,27 @@ -# == Class: icingaweb2::module::doc +# @summary +# The doc module provides an interface to the Icinga 2 and Icinga Web 2 documentation. # -# The doc module provides an interface to the Icinga 2 and Icinga Web 2 documentation. -# -# === Parameters -# -# [*ensure*] +# @param [Enum['absent', 'present']] ensure # Enable or disable module. Defaults to `present` # class icingaweb2::module::doc( - Enum['absent', 'present'] $ensure = 'present', + Enum['absent', 'present'] $ensure = 'present', ){ case $::osfamily { 'Debian': { $install_method = 'package' $package_name = 'icingaweb2-module-doc' } default: { $install_method = 'none' $package_name = undef } } icingaweb2::module { 'doc': ensure => $ensure, install_method => $install_method, package_name => $package_name, } } diff --git a/manifests/module/elasticsearch.pp b/manifests/module/elasticsearch.pp index 1793bb3..3e12841 100644 --- a/manifests/module/elasticsearch.pp +++ b/manifests/module/elasticsearch.pp @@ -1,72 +1,90 @@ -# == Class: icingaweb2::module::elasticsearch +# @summary +# The Elasticsearch module displays events from data stored in Elasticsearch. # -# The Elasticsearch module displays events from data stored in Elasticsearch. +# @note If you want to use `git` as `install_method`, the CLI `git` command has to be installed. You can manage it yourself as package resource or declare the package name in icingaweb2 class parameter `extra_packages`. # -# === Parameters +# @param [Enum['absent', 'present']] ensure +# Enable or disable module. # -# [*ensure*] -# Enable or disable module. Defaults to `present` +# @param [String] git_repository +# Set a git repository URL. # -# [*git_repository*] -# Set a git repository URL. Defaults to github. +# @param [Enum['git', 'none', 'package']] install_method +# Install methods are `git`, `package` and `none` is supported as installation method. # -# [*git_revision*] -# Set either a branch or a tag name, eg. `master` or `v1.3.2`. -# -# [*install_method*] -# Install methods are `git`, `package` and `none` is supported as installation method. Defaults to `git` -# -# [*package_name*] +# @param [String] package_name # Package name of the module. This setting is only valid in combination with the installation method `package`. -# Defaults to `icingaweb2-module-elasticsearch` # -# [*instances*] +# @param [Optional[String]] git_revision +# Set either a branch or a tag name, eg. `master` or `v1.3.2`. +# +# @param [Optional[Hash]] instances # A hash that configures one or more Elasticsearch instances that this module connects to. The defined type # `icingaweb2::module::elasticsearch::instance` is used to create the instance configuration. # -# [*eventtypes*] +# @param [Optional[Hash]] eventtypes # A hash oft ypes of events that should be displayed. Event types are always connected to instances. The defined type # `icingaweb2::module::elasticsearch::eventtype` is used to create the event types. # +# @example +# class { 'icingaweb2::module::elasticsearch': +# git_revision => 'v0.9.0', +# instances => { +# 'elastic' => { +# uri => 'http://localhost:9200', +# user => 'foo', +# password => 'bar', +# } +# }, +# eventtypes => { +# 'filebeat' => { +# instance => 'elastic', +# index => 'filebeat-*', +# filter => 'beat.hostname={host.name}', +# fields => 'input_type, source, message', +# } +# } +# } +# class icingaweb2::module::elasticsearch( Enum['absent', 'present'] $ensure = 'present', String $git_repository = 'https://github.com/Icinga/icingaweb2-module-elasticsearch.git', Optional[String] $git_revision = undef, Enum['git', 'none', 'package'] $install_method = 'git', - Optional[String] $package_name = 'icingaweb2-module-elasticsearch', + String $package_name = 'icingaweb2-module-elasticsearch', Optional[Hash] $instances = undef, Optional[Hash] $eventtypes = undef, ){ if $instances { $instances.each |$name, $setting| { icingaweb2::module::elasticsearch::instance{ $name: uri => $setting['uri'], user => $setting['user'], password => $setting['password'], ca => $setting['ca'], client_certificate => $setting['client_certificate'], client_private_key => $setting['client_private_key'], } } } if $eventtypes { $eventtypes.each |$name, $setting| { icingaweb2::module::elasticsearch::eventtype { $name: instance => $setting['instance'], index => $setting['index'], filter => $setting['filter'], fields => $setting['fields'], } } } icingaweb2::module { 'elasticsearch': ensure => $ensure, git_repository => $git_repository, git_revision => $git_revision, install_method => $install_method, package_name => $package_name, } } diff --git a/manifests/module/elasticsearch/eventtype.pp b/manifests/module/elasticsearch/eventtype.pp index 8f0651c..910e14c 100644 --- a/manifests/module/elasticsearch/eventtype.pp +++ b/manifests/module/elasticsearch/eventtype.pp @@ -1,47 +1,47 @@ -# == Define: icingaweb2::module::elasticsearch::eventtype +# @summary +# Manages an Elasticsearch event types # -# Manage an Elasticsearch event types -# -# === Parameters -# -# [*name*] +# @param [String] eventtype_name # Name of the event type. # -# [*instance*] +# @param [Optional[String]] instance # Elasticsearch instance to connect to. # -# [*index*] +# @param [Optional[String]] index # Elasticsearch index pattern, e.g. `filebeat-*`. # -# [*filter*] +# @param [Optional[String]] filter # Elasticsearch filter in the Icinga Web 2 URL filter format. Host macros are evaluated if you encapsulate them in # curly braces, e.g. `host={host.name}&location={_host_location}`. # -# [*fields*] +# @param [Optional[String]] fields # Comma-separated list of field names to display. One or more wildcard asterisk (`*`) patterns are also accepted. # Note that the `@timestamp` field is always respected. # +# @api private +# define icingaweb2::module::elasticsearch::eventtype( - String $instance = undef, - String $index = undef, - String $filter = undef, - String $fields = undef, + String $eventtype_name = $title, + Optional[String] $instance = undef, + Optional[String] $index = undef, + Optional[String] $filter = undef, + Optional[String] $fields = undef, ){ assert_private("You're not supposed to use this defined type manually.") - $conf_dir = $::icingaweb2::params::conf_dir + $conf_dir = $::icingaweb2::globals::conf_dir $module_conf_dir = "${conf_dir}/modules/elasticsearch" $eventtype_settings = { 'instance' => $instance, 'index' => $index, 'filter' => $filter, 'fields' => $fields, } - icingaweb2::inisection { "elasticsearch-eventtype-${name}": - section_name => $name, + icingaweb2::inisection { "elasticsearch-eventtype-${eventtype_name}": + section_name => $eventtype_name, target => "${module_conf_dir}/eventtypes.ini", settings => delete_undef_values($eventtype_settings) } -} \ No newline at end of file +} diff --git a/manifests/module/elasticsearch/instance.pp b/manifests/module/elasticsearch/instance.pp index 81c77f5..f9ddaa5 100644 --- a/manifests/module/elasticsearch/instance.pp +++ b/manifests/module/elasticsearch/instance.pp @@ -1,57 +1,57 @@ -# == Define: icingaweb2::module::elasticsearch::instance +# @summary +# Manages an Elasticsearch instance # -# Manage an Elasticsearch instance -# -# === Parameters -# -# [*name*] +# @param [String] instance_name # Name of the Elasticsearch instance # -# [*uri*] +# @param [String] uri # URI to the Elasticsearch instance # -# [*user*] +# @param [Optional[String]] user # The user to use for authentication # -# [*password*] +# @param [Optional[String]] password # The password to use for authentication # -# [*ca*] +# @param [Optional[Stdlib::Absolutepath]] ca # The path of the file containing one or more certificates to verify the peer with or the path to the directory # that holds multiple CA certificates. # -# [*client_certificate*] +# @param [Optional[Stdlib::Absolutepath]] client_certificate # The path of the client certificates # -# [*client_private_key*] +# @param [Optional[Stdlib::Absolutepath]] client_private_key # The path of the client private key # +# @api private # define icingaweb2::module::elasticsearch::instance( - String $uri = undef, - Optional[String] $user = undef, - Optional[String] $password = undef, - Optional[Stdlib::Absolutepath] $ca = undef, - Optional[Stdlib::Absolutepath] $client_certificate = undef, - Optional[Stdlib::Absolutepath] $client_private_key = undef, + String $instance_name = $title, + String $uri = undef, + Optional[String] $user = undef, + Optional[String] $password = undef, + Optional[Stdlib::Absolutepath] $ca = undef, + Optional[Stdlib::Absolutepath] $client_certificate = undef, + Optional[Stdlib::Absolutepath] $client_private_key = undef, ){ + assert_private("You're not supposed to use this defined type manually.") - $conf_dir = $::icingaweb2::params::conf_dir + $conf_dir = $::icingaweb2::globals::conf_dir $module_conf_dir = "${conf_dir}/modules/elasticsearch" $instance_settings = { 'uri' => $uri, 'user' => $user, 'password' => $password, 'ca' => $ca, 'client_certificate' => $client_certificate, 'client_private_key' => $client_private_key, } - icingaweb2::inisection { "elasticsearch-instance-${name}": - section_name => $name, + icingaweb2::inisection { "elasticsearch-instance-${instance_name}": + section_name => $instance_name, target => "${module_conf_dir}/instances.ini", settings => delete_undef_values($instance_settings) } -} \ No newline at end of file +} diff --git a/manifests/module/fileshipper.pp b/manifests/module/fileshipper.pp index 333d514..509f38a 100644 --- a/manifests/module/fileshipper.pp +++ b/manifests/module/fileshipper.pp @@ -1,67 +1,83 @@ -# == Class: icingaweb2::module::fileshipper +# @summary +# The fileshipper module extends the Director. It offers import sources to deal with CSV, JSON, YAML and XML files. # -# The fileshipper module extends the Director. It offers import sources to deal with CSV, JSON, YAML and XML files. +# @note If you want to use `git` as `install_method`, the CLI `git` command has to be installed. You can manage it yourself as package resource or declare the package name in icingaweb2 class parameter `extra_packages`. # -# === Parameters +# @param [Enum['absent', 'present']] ensure +# Enables or disables module. # -# [*ensure*] -# Enable or disable module. Defaults to `present` +# @param [String] git_repository +# Set a git repository URL. # -# [*git_repository*] -# Set a git repository URL. Defaults to github. +# @param [Enum['git', 'none', 'package']] install_method +# Install methods are `git`, `package` and `none` is supported as installation method. # -# [*git_revision*] -# Set either a branch or a tag name, eg. `master` or `v1.3.2`. -# -# [*install_method*] -# Install methods are `git`, `package` and `none` is supported as installation method. Defaults to `git` -# -# [*package_name*] +# @param [String] package_name # Package name of the module. This setting is only valid in combination with the installation method `package`. -# Defaults to `icingaweb2-module-fileshipper` # -# [*base_directories*] +# @param [Optional[String]] git_revision +# Set either a branch or a tag name, eg. `master` or `v1.3.2`. +# +# @param [Hash] base_directories # Hash of base directories. These directories can later be selected in the import source (Director). # -# [*directories*] +# @param [Hash] directories # Deploy plain Icinga 2 configuration files through the Director to your Icinga 2 master. # +# @note To understand this modulei, please read [Fileshipper module documentation](https://www.icinga.com/docs/director/latest/fileshipper/doc/02-Installation/). +# +# @note You've to manage source and target directories yourself. +# +# @example: +# class { 'icingaweb2::module::fileshipper': +# git_revision => 'v1.0.1', +# base_directories => { +# temp => '/var/lib/fileshipper' +# }, +# directories => { +# 'test' => { +# 'source' => '/var/lib/fileshipper/source', +# 'target' => '/var/lib/fileshipper/target', +# } +# } +# } +# class icingaweb2::module::fileshipper( Enum['absent', 'present'] $ensure = 'present', String $git_repository = 'https://github.com/Icinga/icingaweb2-module-fileshipper.git', Optional[String] $git_revision = undef, Enum['git', 'none', 'package'] $install_method = 'git', - Optional[String] $package_name = 'icingaweb2-module-fileshipper', + String $package_name = 'icingaweb2-module-fileshipper', Hash $base_directories = {}, Hash $directories = {}, ){ - $conf_dir = $::icingaweb2::params::conf_dir + $conf_dir = $::icingaweb2::globals::conf_dir $module_conf_dir = "${conf_dir}/modules/fileshipper" if $base_directories { $base_directories.each |$identifier, $directory| { icingaweb2::module::fileshipper::basedir{$identifier: basedir => $directory, } } } if $directories { $directories.each |$identifier, $settings| { icingaweb2::module::fileshipper::directory{$identifier: source => $settings['source'], target => $settings['target'], extensions => $settings['extensions'], } } } icingaweb2::module { 'fileshipper': ensure => $ensure, git_repository => $git_repository, git_revision => $git_revision, install_method => $install_method, package_name => $package_name, } } diff --git a/manifests/module/fileshipper/basedir.pp b/manifests/module/fileshipper/basedir.pp index 2cdfb8e..d068201 100644 --- a/manifests/module/fileshipper/basedir.pp +++ b/manifests/module/fileshipper/basedir.pp @@ -1,29 +1,28 @@ -# == Define: icingaweb2::module::fileshipper::basedir +# @summary +# Manages base directories for the fileshipper module. # -# Manage base directories for the fileshipper module +# @param [String] identifier +# Identifier of the base directory. # -# === Parameters +# @param [Optional[Stdlib::Absolutepath]] basedir +# Absolute path of a direcory. # -# [*identifier*] -# Identifier of the base directory -# -# [*basedir*] -# Absolute path of a direcory +# @api private # define icingaweb2::module::fileshipper::basedir( - String $identifier = $title, - Stdlib::Absolutepath $basedir = undef, + String $identifier = $title, + Optional[Stdlib::Absolutepath] $basedir = undef, ){ assert_private("You're not supposed to use this defined type manually.") - $conf_dir = $::icingaweb2::params::conf_dir + $conf_dir = $::icingaweb2::globals::conf_dir $module_conf_dir = "${conf_dir}/modules/fileshipper" icingaweb2::inisection { "fileshipper-basedir-${identifier}": section_name => $identifier, target => "${module_conf_dir}/imports.ini", settings => { 'basedir' => $basedir, } } -} \ No newline at end of file +} diff --git a/manifests/module/fileshipper/directory.pp b/manifests/module/fileshipper/directory.pp index c41c87c..3622ab2 100644 --- a/manifests/module/fileshipper/directory.pp +++ b/manifests/module/fileshipper/directory.pp @@ -1,39 +1,38 @@ -# == Define: icingaweb2::module::fileshipper::directory +# @summary +# Manages directories with plain Icinga 2 configuration files. # -# Manage directories with plain Icinga 2 configuration files +# @param [String] identifier +# Identifier of the base directory. # -# === Parameters +# @param [Optional[Stdlib::Absolutepath]] source +# Absolute path of the source direcory. # -# [*identifier*] -# Identifier of the base directory +# @param [Optional[Stdlib::Absolutepath]] target +# Absolute path of the target direcory. # -# [*source*] -# Absolute path of the source direcory -# -# [*target*] -# Absolute path of the target direcory -# -# [*extensions*] +# @param [String] extensions # Only files with these extensions will be synced. Defaults to `.conf` # +# @api private +# define icingaweb2::module::fileshipper::directory( - String $identifier = $title, - Stdlib::Absolutepath $source = undef, - Stdlib::Absolutepath $target = undef, - String $extensions = '.conf', + String $identifier = $title, + Optional[Stdlib::Absolutepath] $source = undef, + Optional[Stdlib::Absolutepath] $target = undef, + String $extensions = '.conf', ){ assert_private("You're not supposed to use this defined type manually.") - $conf_dir = $::icingaweb2::params::conf_dir + $conf_dir = $::icingaweb2::globals::conf_dir $module_conf_dir = "${conf_dir}/modules/fileshipper" icingaweb2::inisection { "fileshipper-directory-${identifier}": section_name => $identifier, target => "${module_conf_dir}/directories.ini", settings => { 'source' => $source, 'target' => $target, 'extensions' => $extensions, } } -} \ No newline at end of file +} diff --git a/manifests/module/generictts.pp b/manifests/module/generictts.pp index 9e95bda..cd9e505 100644 --- a/manifests/module/generictts.pp +++ b/manifests/module/generictts.pp @@ -1,53 +1,54 @@ -# == Class: icingaweb2::module::generictts +# @summary +# Installs and enables the generictts module. # -# Install and enable the generictts module. +# @note If you want to use `git` as `install_method`, the CLI `git` command has to be installed. You can manage it yourself as package resource or declare the package name in icingaweb2 class parameter `extra_packages`. # -# === Parameters +# @param [Enum['absent', 'present']] ensure +# Enable or disable module. # -# [*ensure*] -# Enable or disable module. Defaults to `present` +# @param [String] git_repository +# Set a git repository URL. # -# [*git_repository*] -# Set a git repository URL. Defaults to github. -# -# [*git_revision*] +# @param [Optional[String]] git_revision # Set either a branch or a tag name, eg. `master` or `v2.0.0`. # -# [*install_method*] -# Install methods are `git`, `package` and `none` is supported as installation method. Defaults to `git` +# @parame [Enum['git', 'none', 'package'][ install_method +# Install methods are `git`, `package` and `none` is supported as installation method. # -# [*package_name*] +# @param [String] package_name # Package name of the module. This setting is only valid in combination with the installation method `package`. -# Defaults to `icingaweb2-module-generictts` -# -# [*ticketsystems*] -# A hash of ticketsystems. The hash expects a `patten` and a `url` for each ticketsystem. The regex pattern is to -# match the ticket ID, eg. `/#([0-9]{4,6})/`. Place the ticket ID in the URL, eg. -# `https://my.ticket.system/tickets/id=$1` -# -# Example: -# ticketsystems => { -# system1 => { -# pattern => '/#([0-9]{4,6})/', -# url => 'https://my.ticket.system/tickets/id=$1' -# } +# +# @param [Hash] ticketsystems +# A hash of ticketsystems. The hash expects a `patten` and a `url` for each ticketsystem. +# The regex pattern is to match the ticket ID, eg. `/#([0-9]{4,6})/`. Place the ticket ID +# in the URL, eg. `https://my.ticket.system/tickets/id=$1`. +# +# @example +# class { 'icingaweb2::module::generictts': +# git_revision => 'v2.0.0', +# ticketsystems => { +# 'my-ticket-system' => { +# pattern => '/#([0-9]{4,6})/', +# url => 'https://my.ticket.system/tickets/id=$1', +# }, +# }, # } # class icingaweb2::module::generictts( Enum['absent', 'present'] $ensure = 'present', String $git_repository = 'https://github.com/Icinga/icingaweb2-module-generictts.git', Optional[String] $git_revision = undef, Enum['git', 'none', 'package'] $install_method = 'git', - Optional[String] $package_name = 'icingaweb2-module-generictts', + String $package_name = 'icingaweb2-module-generictts', Hash $ticketsystems = {}, ){ create_resources('icingaweb2::module::generictts::ticketsystem', $ticketsystems) icingaweb2::module {'generictts': ensure => $ensure, git_repository => $git_repository, git_revision => $git_revision, install_method => $install_method, package_name => $package_name, } } diff --git a/manifests/module/generictts/ticketsystem.pp b/manifests/module/generictts/ticketsystem.pp index 447ebbe..4b70075 100644 --- a/manifests/module/generictts/ticketsystem.pp +++ b/manifests/module/generictts/ticketsystem.pp @@ -1,34 +1,33 @@ -# == Define: icingaweb2::module::generictts::ticketsystem +# @summary +# Manages ticketsystem configuration for the generictts module. # -# Manage ticketsystem configuration for the generictts module. -# -# === Parameters -# -# [*ticketsystem*] +# @param [String] ticketsystem # The name of the ticketsystem. # -# [*pattern*] +# @param [Optional[String]] pattern # A regex pattern to match ticket numbers, eg. `/#([0-9]{4,6})/` # -# [*url*] +# @param [Optional[String]] url # The URL to your ticketsystem. Place the ticket ID in the URL, eg. `https://my.ticket.system/tickets/id=$1` # +# @api private +# define icingaweb2::module::generictts::ticketsystem( - String $ticketsystem = $title, - String $pattern = undef, - String $url = undef, + String $ticketsystem = $title, + Optional[String] $pattern = undef, + Optional[String] $url = undef, ){ assert_private("You're not supposed to use this defined type manually.") - $conf_dir = $::icingaweb2::params::conf_dir + $conf_dir = $::icingaweb2::globals::conf_dir $module_conf_dir = "${conf_dir}/modules/generictts" icingaweb2::inisection { "generictts-ticketsystem-${ticketsystem}": section_name => $ticketsystem, target => "${module_conf_dir}/config.ini", settings => { 'pattern' => $pattern, 'url' => $url, } } } diff --git a/manifests/module/graphite.pp b/manifests/module/graphite.pp index e62e73a..f8bcd39 100644 --- a/manifests/module/graphite.pp +++ b/manifests/module/graphite.pp @@ -1,86 +1,89 @@ -# == Class: icingaweb2::module::graphite +# @summary +# The Graphite module draws graphs out of time series data stored in Graphite. # -# The Graphite module draws graphs out of time series data stored in Graphite. +# @note If you want to use `git` as `install_method`, the CLI `git` command has to be installed. You can manage it yourself as package resource or declare the package name in icingaweb2 class parameter `extra_packages`. # -# === Parameters +# @param [Enum['absent', 'present']] ensure +# Enables or disables module. # -# [*ensure*] -# Enable or disable module. Defaults to `present` +# @param [String] git_repository +# Set a git repository URL. # -# [*git_repository*] -# Set a git repository URL. Defaults to github. +# @param [Enum['git', 'none', 'package']] install_method +# Install methods are `git`, `package` and `none` is supported as installation method. # -# [*git_revision*] -# Set either a branch or a tag name, eg. `master` or `v2.0.0`. +# @param [String] package_name +# Package name of the module. This setting is only valid in combination with the installation method `package`. # -# [*install_method*] -# Install methods are `git`, `package` and `none` is supported as installation method. Defaults to `git` +# @param [Optional[String]] url +# URL to your Graphite Web/API. # -# [*package_name*] -# Package name of the module. This setting is only valid in combination with the installation method `package`. -# Defaults to `icingaweb2-module-graphite` +# @param [Optional[String]] user +# A user with access to your Graphite Web via HTTP basic authentication. # -# [*url*] -# URL to your Graphite Web +# @param [Optional[String]] password +# The users password. # -# [*user*] -# A user with access to your Graphite Web via HTTP basic authentication +# @param [Optional[String]] graphite_writer_host_name_template +# The value of your Icinga 2 GraphiteWriter's attribute `host_name_template` (if specified). # -# [*password*] -# The users password +# @param [Optional[String]] graphite_writer_service_name_template +# The value of your icinga 2 GraphiteWriter's attribute `service_name_template` (if specified). # -# [*graphite_writer_host_name_template*] -# The value of your Icinga 2 GraphiteWriter's attribute `host_name_template` (if specified) +# @note Here the official [Graphite module documentation](https://www.icinga.com/docs/graphite/latest/) can be found. # -# [*graphite_writer_service_name_template*] -# The value of your icinga 2 GraphiteWriter's attribute `service_name_template` (if specified) +# @example +# class { 'icingaweb2::module::graphite': +# git_revision => 'v0.9.0', +# url => 'https://localhost:8080' +# } # class icingaweb2::module::graphite( Enum['absent', 'present'] $ensure = 'present', String $git_repository = 'https://github.com/Icinga/icingaweb2-module-graphite.git', Optional[String] $git_revision = undef, Enum['git', 'none', 'package'] $install_method = 'git', - Optional[String] $package_name = 'icingaweb2-module-graphite', + String $package_name = 'icingaweb2-module-graphite', Optional[String] $url = undef, Optional[String] $user = undef, Optional[String] $password = undef, Optional[String] $graphite_writer_host_name_template = undef, Optional[String] $graphite_writer_service_name_template = undef ){ - $conf_dir = $::icingaweb2::params::conf_dir + $conf_dir = $::icingaweb2::globals::conf_dir $module_conf_dir = "${conf_dir}/modules/graphite" $graphite_settings = { 'url' => $url, 'user' => $user, 'password' => $password, } $icinga_settings = { 'graphite_writer_host_name_template' => $graphite_writer_host_name_template, 'graphite_writer_service_name_template' => $graphite_writer_service_name_template, } $settings = { 'module-graphite-graphite' => { 'section_name' => 'graphite', 'target' => "${module_conf_dir}/config.ini", 'settings' => delete_undef_values($graphite_settings) }, 'module-graphite-icinga' => { 'section_name' => 'icinga', 'target' => "${module_conf_dir}/config.ini", 'settings' => delete_undef_values($icinga_settings) } } icingaweb2::module { 'graphite': ensure => $ensure, git_repository => $git_repository, git_revision => $git_revision, install_method => $install_method, package_name => $package_name, settings => $settings, } } diff --git a/manifests/module/incubator.pp b/manifests/module/incubator.pp new file mode 100644 index 0000000..7764100 --- /dev/null +++ b/manifests/module/incubator.pp @@ -0,0 +1,27 @@ +# @summary +# Installs and enables the incubator module. +# +# @note If you want to use `git` as `install_method`, the CLI `git` command has to be installed. You can manage it yourself as package resource or declare the package name in icingaweb2 class parameter `extra_packages`. +# +# @param [Enum['absent', 'present']] ensure +# Enable or disable module. Defaults to `present` +# +# @param [String] git_repository +# Set a git repository URL. Defaults to github. +# +# @param [String] git_revision +# Set either a branch or a tag name, eg. `stable/0.7.0` or `v0.7.0`. +# +class icingaweb2::module::incubator( + String $git_repository, + String $git_revision, + Enum['absent', 'present'] $ensure = 'present', +){ + + icingaweb2::module { 'incubator': + ensure => $ensure, + git_repository => $git_repository, + git_revision => $git_revision, + } + +} diff --git a/manifests/module/ipl.pp b/manifests/module/ipl.pp new file mode 100644 index 0000000..8511d89 --- /dev/null +++ b/manifests/module/ipl.pp @@ -0,0 +1,27 @@ +# @summary +# Installs and enables the ipl module. +# +# @note If you want to use `git` as `install_method`, the CLI `git` command has to be installed. You can manage it yourself as package resource or declare the package name in icingaweb2 class parameter `extra_packages`. +# +# @param [Enum['absent', 'present']] ensure +# Enable or disable module. +# +# @param [String] git_repository +# Set a git repository URL. +# +# @param [String] git_revision +# Set either a branch or a tag name, eg. `stable/0.7.0` or `v0.7.0`. +# +class icingaweb2::module::ipl( + String $git_repository, + String $git_revision, + Enum['absent', 'present'] $ensure = 'present', +){ + + icingaweb2::module { 'ipl': + ensure => $ensure, + git_repository => $git_repository, + git_revision => $git_revision, + } + +} diff --git a/manifests/module/monitoring.pp b/manifests/module/monitoring.pp index 9c05325..a562eac 100644 --- a/manifests/module/monitoring.pp +++ b/manifests/module/monitoring.pp @@ -1,109 +1,129 @@ -# == Class: icingaweb2::module::monitoring +# @summary +# Manages the monitoring module. This module is mandatory for probably every setup. # -# Manage the monitoring module. This module is mandatory for probably every setup. +# @param [Enum['absent', 'present']] ensure +# Enable or disable module. # -# === Parameters +# @param [Variant[String, Array[String]]] protected_customvars +# Custom variables in Icinga 2 may contain sensible information. Set patterns for custom variables +# that should be hidden in the web interface. # -# [*ensure*] -# Enable or disable module. Defaults to `present` +# @param [Enum['mysql', 'pgsql']] ido_type +# Type of your IDO database. Either `mysql` or `pgsql`. # -# [*protected_customvars*] -# Custom variables in Icinga 2 may contain sensible information. Set patterns for custom variables that should be -# hidden in the web interface. Defaults to `*pw*,*pass*,community` -# -# [*ido_type*] -# Type of your IDO database. Either `mysql` or `pgsql`. Defaults to `mysql` -# -# [*ido_host*] +# @param [Optional[Stdlib::Host]] ido_host # Hostname of the IDO database. # -# [*ido_port*] -# Port of the IDO database. Defaults to `3306` +# @param [Stdlib::Port] ido_port +# Port of the IDO database. # -# [*ido_db_name*] +# @param [Optional[String]] ido_db_name # Name of the IDO database. # -# [*ido_db_username*] +# @param [Optional[String]] ido_db_username # Username for IDO DB connection. # -# [*ido_db_password*] +# @param [Optional[String]] ido_db_password # Password for IDO DB connection. # -# [*ido_db_charset*] +# @param [Optional[String]] ido_db_charset # The character set to use for the database connection. # -# [*commandtransports*] +# @param [Hash] commandtransports # A hash of command transports. # +# @note At first have a look at the [Monitoring module documentation](https://www.icinga.com/docs/icingaweb2/latest/modules/monitoring/doc/01-About/). +# +# @example This module is mandatory for almost every setup. It connects your Icinga Web interface to the Icinga 2 core. Current and history information are queried through the IDO database. Actions such as `Check Now`, `Set Downtime` or `Acknowledge` are send to the Icinga 2 API. +# +# Requirements: +# * IDO feature in Icinga 2 (MySQL or PostgreSQL) +# * `ApiUser` object in Icinga 2 with proper permissions +# +# class {'icingaweb2::module::monitoring': +# ido_host => 'localhost', +# ido_db_type => 'mysql', +# ido_db_name => 'icinga2', +# ido_db_username => 'icinga2', +# ido_db_password => 'supersecret', +# commandtransports => { +# icinga2 => { +# transport => 'api', +# username => 'icingaweb2', +# password => 'supersecret', +# } +# } +# } +# class icingaweb2::module::monitoring( Enum['absent', 'present'] $ensure = 'present', Variant[String, Array[String]] $protected_customvars = ['*pw*', '*pass*', 'community'], Enum['mysql', 'pgsql'] $ido_type = 'mysql', - Optional[String] $ido_host = undef, - Integer[1,65535] $ido_port = 3306, + Optional[Stdlib::Host] $ido_host = undef, + Stdlib::Port $ido_port = 3306, Optional[String] $ido_db_name = undef, Optional[String] $ido_db_username = undef, Optional[String] $ido_db_password = undef, Optional[String] $ido_db_charset = undef, - Hash $commandtransports = undef, + Hash $commandtransports = {}, ){ - $conf_dir = $::icingaweb2::params::conf_dir + $conf_dir = $::icingaweb2::globals::conf_dir $module_conf_dir = "${conf_dir}/modules/monitoring" case $::osfamily { 'Debian': { $install_method = 'package' $package_name = 'icingaweb2-module-monitoring' } default: { $install_method = 'none' $package_name = undef } } icingaweb2::config::resource { 'icingaweb2-module-monitoring': type => 'db', db_type => $ido_type, host => $ido_host, port => $ido_port, db_name => $ido_db_name, db_username => $ido_db_username, db_password => $ido_db_password, db_charset => $ido_db_charset, } $backend_settings = { 'type' => 'ido', 'resource' => 'icingaweb2-module-monitoring', } $security_settings = { 'protected_customvars' => $protected_customvars ? { String => $protected_customvars, Array[String] => join($protected_customvars, ','), } } $settings = { 'module-monitoring-backends' => { 'section_name' => 'backends', 'target' => "${module_conf_dir}/backends.ini", 'settings' => delete_undef_values($backend_settings) }, 'module-monitoring-security' => { 'section_name' => 'security', 'target' => "${module_conf_dir}/config.ini", 'settings' => delete_undef_values($security_settings) } } create_resources('icingaweb2::module::monitoring::commandtransport', $commandtransports) icingaweb2::module {'monitoring': ensure => $ensure, install_method => $install_method, package_name => $package_name, settings => $settings, } } diff --git a/manifests/module/monitoring/commandtransport.pp b/manifests/module/monitoring/commandtransport.pp index da46230..2032fbb 100644 --- a/manifests/module/monitoring/commandtransport.pp +++ b/manifests/module/monitoring/commandtransport.pp @@ -1,68 +1,66 @@ -# == Define: icingaweb2::module::monitoring::commandtransport +# @summary +# Manages commandtransport configuration for the monitoring module. # -# Manage commandtransport configuration for the monitoring module -# -# === Parameters -# -# [*commandtransport*] +# @param [String] commandtransport # The name of the commandtransport. # -# [*transport*] -# The transport type you wish to use. Either `api` or `local`. Defaults to `api` +# @param [Enum['api', 'local']] transport +# The transport type you wish to use. Either `api` or `local`. # -# [*host*] -# Hostname/ip for the transport. Only needed for api transport. Defaults to `localhost` +# @param [Stdlib::Host] host +# Hostname/ip for the transport. Only needed for api transport. # -# [*port*] -# Port for the transport. Only needed for api transport. Defaults to `5665` +# @param [Stdlib::Port] port +# Port for the transport. Only needed for api transport. # -# [*username*] +# @param [Optional[String]] username # Username for the transport. Only needed for api transport. # -# [*password*] +# @param [Optional[String]] password # Password for the transport. Only needed for api transport. # -# [*path*] -# Path for the transport. Only needed for local transport. Defaults to `/var/run/icinga2/cmd/icinga2.cmd` +# @param [Stdlib::Absolutepath] path +# Path for the transport. Only needed for local transport. +# +# @api private # define icingaweb2::module::monitoring::commandtransport( String $commandtransport = $title, Enum['api', 'local'] $transport = 'api', - String $host = 'localhost', - Integer[1,65535] $port = 5665, + Stdlib::Host $host = 'localhost', + Stdlib::Port $port = 5665, Optional[String] $username = undef, Optional[String] $password = undef, Stdlib::Absolutepath $path = '/var/run/icinga2/cmd/icinga2.cmd', ){ - assert_private("You're not supposed to use this defined type manually.") - $conf_dir = $::icingaweb2::params::conf_dir + $conf_dir = $::icingaweb2::globals::conf_dir $module_conf_dir = "${conf_dir}/modules/monitoring" case $transport { 'api': { $commandtransport_settings = { 'transport' => $transport, 'host' => $host, 'port' => $port, 'username' => $username, 'password' => $password, } } 'local': { $commandtransport_settings = { 'transport' => $transport, 'path' => $path, } } default: { fail('The transport type you provided is not supported') } } icingaweb2::inisection { "monitoring-commandtransport-${commandtransport}": section_name => $commandtransport, target => "${module_conf_dir}/commandtransports.ini", settings => delete_undef_values($commandtransport_settings), } } diff --git a/manifests/module/puppetdb.pp b/manifests/module/puppetdb.pp index a674eb5..9087783 100644 --- a/manifests/module/puppetdb.pp +++ b/manifests/module/puppetdb.pp @@ -1,121 +1,144 @@ -# == Define: icingaweb2::module::puppetdb +# @summary +# Installs and configures the puppetdb module. # -# Install and configure the puppetdb module. It is possible to let the module -# to configure the ssl certificates to connect to one or more PuppetDBs. +# @note If you want to use `git` as `install_method`, the CLI `git` command has to be installed. You can manage it yourself as package resource or declare the package name in icingaweb2 class parameter `extra_packages`. # -# === Parameters +# @param [Enum['absent', 'present']] ensure +# Enable or disable module. # -# [*ensure*] -# Enable or disable module. Defaults to `present` +# @param [String] git_repository +# Set a git repository URL. # -# [*git_repository*] -# Set a git repository URL. Defaults to github. -# -# [*git_revision*] +# @param [Optional[String]] git_revision # Set either a branch or a tag name, eg. `master` or `v1.3.2`. # -# [*install_method*] -# Install methods are `git`, `package` and `none` is supported as installation method. Defaults to `git` +# @param [Enum['git', 'none', 'package']] install_method +# Install methods are `git`, `package` and `none` is supported as installation method. # -# [*package_name*] +# @param [String] package_name # Package name of the module. This setting is only valid in combination with the installation method `package`. -# Defaults to `icingaweb2-module-puppetdb` # -# [*ssl*] -# How to set up ssl certificates. To copy certificates from the local puppet installation, use `puppet`. Defaults to -# `none` +# @param [Enum['none', 'puppet']] ssl +# How to set up ssl certificates. To copy certificates from the local puppet installation, use `puppet`. # -# [*host*] +# @param [Optional[Stdlib::Host]] host # Hostname of the server where PuppetDB is running. The `ssl` parameter needs to be set to `puppet`. # -# [*certificates*] +# @param [Hash] certificates # Hash with icingaweb2::module::puppetdb::certificate resources. # +# @note The [PuppetDB module documentation](https://www.icinga.com/docs/director/latest/puppetdb/doc/01-Installation/). +# +# @example Set up the PuppetDB module and configure two custom SSL keys: +# $certificates = { +# 'pupdb1' => { +# :ssl_key => '-----BEGIN RSA PRIVATE KEY----- abc...', +# :ssl_cacert => '-----BEGIN RSA PRIVATE KEY----- def...', +# }, +# 'pupdb2' => { +# :ssl_key => '-----BEGIN RSA PRIVATE KEY----- zyx...', +# :ssl_cacert => '-----BEGIN RSA PRIVATE KEY----- wvur...', +# }, +# } +# +# class { '::icingaweb2::module::puppetdb': +# git_revision => 'master', +# ssl => 'none', +# certificates => $certificates, +# } +# +# @example Set up the PuppetDB module and configure the hosts SSL key to connect to the PuppetDB host: +# class {'::icingaweb2::module::puppetdb': +# git_revision => 'master', +# ssl => 'puppet', +# host => 'puppetdb.example.com', +# } +# class icingaweb2::module::puppetdb( Enum['absent', 'present'] $ensure = 'present', String $git_repository = 'https://github.com/Icinga/icingaweb2-module-puppetdb.git', Optional[String] $git_revision = undef, Enum['git', 'none', 'package'] $install_method = 'git', - Optional[String] $package_name = 'icingaweb2-module-puppetdb', + String $package_name = 'icingaweb2-module-puppetdb', Enum['none', 'puppet'] $ssl = 'none', Optional[String] $host = undef, Hash $certificates = {}, ){ - $conf_dir = "${::icingaweb2::params::conf_dir}/modules/puppetdb" + $conf_dir = "${::icingaweb2::globals::conf_dir}/modules/puppetdb" $ssl_dir = "${conf_dir}/ssl" $conf_user = $::icingaweb2::conf_user - $conf_group = $::icingaweb2::params::conf_group + $conf_group = $::icingaweb2::conf_group file { $ssl_dir: ensure => 'directory', group => $conf_group, owner => $conf_user, mode => '2740', purge => true, force => true, recurse => true, } case $ssl { 'puppet': { $puppetdb_ssldir = "${ssl_dir}/${host}" file { [$puppetdb_ssldir, "${puppetdb_ssldir}/private_keys", "${puppetdb_ssldir}/certs"]: ensure => 'directory', group => $conf_group, owner => $conf_user, mode => '2740', purge => true, force => true, recurse => true, } file { "${puppetdb_ssldir}/certs/ca.pem": ensure => 'present', group => $conf_group, owner => $conf_user, mode => '0640', source => "${::settings::ssldir}/certs/ca.pem", } $combinedkey_path = "${puppetdb_ssldir}/private_keys/${::fqdn}_combined.pem" notice($::settings::ssldir) concat { $combinedkey_path: ensure => present, warn => false, owner => $conf_user, group => $conf_group, mode => '0640', ensure_newline => true, } concat::fragment { 'private_key': target => $combinedkey_path, source => "${::settings::ssldir}/private_keys/${::fqdn}.pem", order => 1, } concat::fragment { 'public_key': target => $combinedkey_path, source => "${::settings::ssldir}/certs/${::fqdn}.pem", order => 2, } } # puppet 'none': { } default: { } } # case ssl create_resources('icingaweb2::module::puppetdb::certificate',$certificates) icingaweb2::module {'puppetdb': ensure => $ensure, git_repository => $git_repository, git_revision => $git_revision, install_method => $install_method, package_name => $package_name, } } diff --git a/manifests/module/puppetdb/certificate.pp b/manifests/module/puppetdb/certificate.pp index 20f0ff6..516070d 100644 --- a/manifests/module/puppetdb/certificate.pp +++ b/manifests/module/puppetdb/certificate.pp @@ -1,75 +1,63 @@ -# == Define: icingaweb2::module::puppetdb::certificate +# @summary +# Installs a certificate for the Icinga Web 2 puppetdb module. # -# Install a certificate for the Icinga Web 2 puppetdb module. This is a public defined type. -# -# === Parameters -# -# [*ensure*] +# @param [Enum['absent', 'present']] ensure # Enable or disable module. Defaults to `present` # -# [*ssl_key*] +# @param [String] ssl_key # The combined key in a base64 encoded string. # -# [*ssl_cacert*] +# @param [String] ssl_cacert # The CA root certificate in a base64 encoded string. # -# === Examples -# -# It is advised to read about the certiciates first at -# https://github.com/Icinga/icingaweb2-module-puppetdb/blob/master/doc/01-Installation.md -# -# You can set up indiviual certificates for the Icinga Web 2 director puppetdb module -# to talk to you director like this +# @note It is advised to read first something about the certiciates in the [documentation](https://github.com/Icinga/icingaweb2-module-puppetdb/blob/master/doc/01-Installation.md). # +# @example You can set up indiviual certificates for the Icinga Web 2 director puppetdb module to talk to you director like this: # icingaweb2::module::puppetdb::certificate { 'mypuppetdbhost.example.com': # ssl_cacert => '-----BEGIN CERTIFICATE----- ...', # ssl_key => '-----BEGIN RSA PRIVATE KEY----- ...', # } # -# That will install the following files with the specified contents -# cacert: /etc/icingaweb2/module/puppetdb/ssl/mypuppetdbhost.example.com/certs/ca.pem -# ssl_key: /etc/icingaweb2/module/puppetdb/ssl/mypuppetdbhost.example.com/private_keys/mypuppetdbhost.example.com_combined.pem -# -# Make sure you pass the contents combination of the private and key! +# @api private # define icingaweb2::module::puppetdb::certificate( String $ssl_key, String $ssl_cacert, Enum['absent', 'present'] $ensure = 'present', ){ assert_private("You're not supposed to use this defined type manually.") $certificate_dir = "${::icingaweb2::module::puppetdb::ssl_dir}/${title}" $conf_user = $::icingaweb2::conf_user - $conf_group = $::icingaweb2::params::conf_group + $conf_group = $::icingaweb2::conf_group File { owner => $conf_user, group => $conf_group, mode => '0740', } if $ensure == 'present' { $ensure_dir = 'directory' } else { $ensure_dir = 'absent' } file { [$certificate_dir, "${certificate_dir}/private_keys", "${certificate_dir}/certs"]: ensure => $ensure_dir, purge => true, force => true, recurse => true, } file {"${certificate_dir}/private_keys/${title}_combined.pem": ensure => $ensure, content => $ssl_key, } file {"${certificate_dir}/certs/ca.pem": ensure => $ensure, content => $ssl_cacert, } } diff --git a/manifests/module/reactbundle.pp b/manifests/module/reactbundle.pp new file mode 100644 index 0000000..b95e536 --- /dev/null +++ b/manifests/module/reactbundle.pp @@ -0,0 +1,28 @@ +# @summary +# Installs and enables the reactbundle module. +# +# @note If you want to use `git` as `install_method`, the CLI `git` command has to be installed. You can manage it yourself as package resource or declare the package name in icingaweb2 class parameter `extra_packages`. +# +# @param [Enum['absent', 'present']] ensure +# Enable or disable module. +# +# @param [String] git_repository +# Set a git repository URL. +# +# @param [String] git_revision +# Set either a branch or a tag name, eg. `stable/0.7.0` or `v0.7.0`. +# +class icingaweb2::module::reactbundle( + String $git_repository, + String $git_revision, + Enum['absent', 'present'] $ensure = 'present', +){ + + icingaweb2::module { 'reactbundle': + ensure => $ensure, + git_repository => $git_repository, + git_revision => $git_revision, + } + +} + diff --git a/manifests/module/translation.pp b/manifests/module/translation.pp index a1dbde0..ac97508 100644 --- a/manifests/module/translation.pp +++ b/manifests/module/translation.pp @@ -1,39 +1,37 @@ -# == Class: icingaweb2::module::translation +# @summary +# Installs and configures the translation module. # -# Install and configure the translation module. -# -# === Parameters -# -# [*ensure*] -# Enable or disable module. Defaults to `present` +# @param [Enum['absent', 'present']] ensure +# Enable or disable module. # class icingaweb2::module::translation( Enum['absent', 'present'] $ensure = 'present', ){ - $conf_dir = $::icingaweb2::params::conf_dir - $module_conf_dir = "${conf_dir}/modules/translation" + $conf_dir = $::icingaweb2::globals::conf_dir + $gettext_package_name = $icingaweb2::globals::gettext_package_name + $module_conf_dir = "${conf_dir}/modules/translation" # gettext-tools SUSE - package { $::icingaweb2::params::gettext_package_name: + package { $gettext_package_name: ensure => $ensure, } $settings = { 'module-translation' => { 'section_name' => 'translation', 'target' => "${module_conf_dir}/config.ini", 'settings' => { 'msgmerge' => '/usr/bin/msgmerge', 'xgettext' => '/usr/bin/xgettext', 'msgfmt' => '/usr/bin/msgfmt', }, }, } icingaweb2::module { 'translation': ensure => $ensure, install_method => 'none', settings => $settings, } } diff --git a/manifests/module/vsphere.pp b/manifests/module/vsphere.pp index 0cae114..d4fa6ad 100644 --- a/manifests/module/vsphere.pp +++ b/manifests/module/vsphere.pp @@ -1,40 +1,38 @@ -# == Class: icingaweb2::module::vsphere +# @summary +# The vSphere module extends the Director. It provides import sources for virtual machines and physical hosts from vSphere. # -# The vSphere module extends the Director. It provides import sources for virtual machines and physical hosts -# from vSphere. +# @note If you want to use `git` as `install_method`, the CLI `git` command has to be installed. You can manage it yourself as package resource or declare the package name in icingaweb2 class parameter `extra_packages`. # -# === Parameters +# @param [Enum['absent', 'present']] ensure +# Enable or disable module. # -# [*ensure*] -# Enable or disable module. Defaults to `present` +# @param [String] git_repository +# Set a git repository URL. # -# [*git_repository*] -# Set a git repository URL. Defaults to github. +# @param [Enum['git', 'none', 'package']] install_method +# Install methods are `git`, `package` and `none` is supported as installation method. # -# [*git_revision*] -# Set either a branch or a tag name, eg. `master` or `v1.3.2`. -# -# [*install_method*] -# Install methods are `git`, `package` and `none` is supported as installation method. Defaults to `git` -# -# [*package_name*] +# @param [String] package_name # Package name of the module. This setting is only valid in combination with the installation method `package`. -# Defaults to `icingaweb2-module-vsphere` # +# @param [Optional[String]] git_revision +# Set either a branch or a tag name, eg. `stable/0.7.0` or `v0.7.0`. +# +# @note Check out the [vSphere module documentation](https://www.icinga.com/docs/director/latest/vsphere/doc/). # class icingaweb2::module::vsphere( Enum['absent', 'present'] $ensure = 'present', String $git_repository = 'https://github.com/Icinga/icingaweb2-module-vsphere.git', Optional[String] $git_revision = undef, Enum['git', 'none', 'package'] $install_method = 'git', - Optional[String] $package_name = 'icingaweb2-module-vsphere', + String $package_name = 'icingaweb2-module-vsphere', ){ icingaweb2::module { 'vsphere': ensure => $ensure, git_repository => $git_repository, git_revision => $git_revision, install_method => $install_method, package_name => $package_name, } } diff --git a/manifests/params.pp b/manifests/params.pp deleted file mode 100644 index 8a2cb2d..0000000 --- a/manifests/params.pp +++ /dev/null @@ -1,47 +0,0 @@ -# == Class: icingaweb2::params -# -# In this class all default parameters are stored. It is inherited by other classes in order to get access to those -# parameters. -# -# === Parameters -# -# This class does not provide any parameters. -# -# === Examples -# -# This class is private and should not be called by others than this module. -# -class icingaweb2::params { - - $package = 'icingaweb2' - $conf_dir = '/etc/icingaweb2' - $module_path = '/usr/share/icingaweb2/modules' - - case $::facts['os']['family'] { - 'redhat': { - $conf_user = 'apache' - $conf_group = 'icingaweb2' - $schema_dir = '/usr/share/doc/icingaweb2/schema' - $gettext_package_name = 'gettext' - } # RedHat - - 'debian': { - $conf_user = 'www-data' - $conf_group = 'icingaweb2' - $schema_dir = '/usr/share/icingaweb2/etc/schema' - $gettext_package_name = 'gettext' - } # Debian - - 'suse': { - $conf_user = 'wwwrun' - $conf_group = 'icingaweb2' - $schema_dir = '/usr/share/doc/icingaweb2/schema' - $gettext_package_name = 'gettext-tools' - } # Suse - - default: { - fail("Your plattform ${::facts['os']['family']} is not supported, yet.") - } - } # case $::osfamily -} - diff --git a/manifests/repo.pp b/manifests/repo.pp deleted file mode 100644 index b8bebe8..0000000 --- a/manifests/repo.pp +++ /dev/null @@ -1,104 +0,0 @@ -# == Class: icingaweb2::repo -# -# This class manages the packages.icinga.com repository based on the operating system. -# -# === Parameters -# -# This class does not provide any parameters. -# To control the behaviour of this class, have a look at the parameters: -# * icingaweb2::manage_repo -# -# === Examples -# -# This class is private and should not be called by others than this module. -# -class icingaweb2::repo { - - assert_private("You're not supposed to use this defined type manually.") - - if $::icingaweb2::manage_repo and $::icingaweb2::manage_package { - - case $::facts['os']['family'] { - 'redhat': { - case $::facts['os']['name'] { - 'centos', 'redhat': { - yumrepo { 'icinga-stable-release': - baseurl => "http://packages.icinga.com/epel/${::facts['os']['release']['major']}/release/", - descr => 'ICINGA (stable release for epel)', - enabled => 1, - gpgcheck => 1, - gpgkey => 'http://packages.icinga.com/icinga.key', - } - } - default: { - fail('Your plattform is not supported to manage a repository.') - } - } - } - 'debian': { - case $::facts['os']['name'] { - 'debian': { - include ::apt, ::apt::backports - apt::source { 'icinga-stable-release': - location => 'http://packages.icinga.com/debian', - release => "icinga-${::facts['lsbdistcodename']}", - repos => 'main', - key => { - id => 'F51A91A5EE001AA5D77D53C4C6E319C334410682', - source => 'http://packages.icinga.com/icinga.key', - }; - } - } - 'ubuntu': { - include ::apt - apt::source { 'icinga-stable-release': - location => 'http://packages.icinga.com/ubuntu', - release => "icinga-${::facts['lsbdistcodename']}", - repos => 'main', - key => { - id => 'F51A91A5EE001AA5D77D53C4C6E319C334410682', - source => 'http://packages.icinga.com/icinga.key', - }; - } - } - default: { - fail('Your plattform is not supported to manage a repository.') - } - } - contain ::apt::update - } - 'suse': { - - file { '/etc/pki/GPG-KEY-icinga': - ensure => present, - source => 'http://packages.icinga.com/icinga.key', - } - - exec { 'import icinga gpg key': - path => '/bin:/usr/bin:/sbin:/usr/sbin', - command => 'rpm --import /etc/pki/GPG-KEY-icinga', - unless => "rpm -q gpg-pubkey-`echo $(gpg --throw-keyids < /etc/pki/GPG-KEY-icinga) | cut --characters=11-18 | tr [A-Z] [a-z]`", - require => File['/etc/pki/GPG-KEY-icinga'], - logoutput => 'on_failure', - } - - case $::facts['os']['name'] { - 'SLES': { - zypprepo { 'icinga-stable-release': - baseurl => "http://packages.icinga.com/SUSE/${::facts['os']['release']['full']}/release/", - enabled => 1, - gpgcheck => 1, - require => Exec['import icinga gpg key'] - } - } - default: { - fail('Your plattform is not supported to manage a repository.') - } - } - } - default: { - fail('Your plattform is not supported to manage a repository.') - } - } - } # if $::icinga::manage_repo -} diff --git a/metadata.json b/metadata.json index fb7ab9a..f46de43 100644 --- a/metadata.json +++ b/metadata.json @@ -1,60 +1,87 @@ { "name": "icinga-icingaweb2", - "version": "2.3.1", - "author": "Icinga Development Team", + "version": "3.0.1", + "author": "Icinga Team", "summary": "Icinga Web 2 Puppet Module", "license": "Apache-2.0", - "source": "https://github.com/Icinga/puppet-icingaweb2.git", + "source": "git://github.com/Icinga/puppet-icingaweb2", "project_page": "https://github.com/Icinga/puppet-icingaweb2", "issues_url": "https://github.com/Icinga/puppet-icingaweb2/issues", - "requirements": [ - { "name": "puppet", "version_requirement": ">= 4.7.0 < 7.0.0" } - ], "dependencies": [ - { "name": "puppetlabs/stdlib", "version_requirement": ">= 4.16.0 < 7.0.0" }, - { "name": "puppetlabs/concat", "version_requirement": ">= 2.0.1 < 7.0.0" }, - { "name": "puppetlabs/vcsrepo", "version_requirement": ">= 1.3.0 < 4.0.0" } - ], - "tags": [ - "icinga", - "icinga2", - "icingaweb2", - "monitoring" + { + "name": "puppetlabs/stdlib", + "version_requirement": ">= 4.16.0 < 7.0.0" + }, + { + "name": "puppetlabs/concat", + "version_requirement": ">= 2.0.1 < 7.0.0" + }, + { + "name": "icinga/icinga", + "version_requirement": ">= 1.0.0 < 2.0.0" + }, + { + "name": "puppetlabs/vcsrepo", + "version_requirement": ">= 1.3.0 < 4.0.0" + }, + { + "name": "camptocamp/systemd", + "version_requirement": ">= 1.1.1 < 3.0.0" + } ], "operatingsystem_support": [ { "operatingsystem": "Debian", "operatingsystemrelease": [ - "8", - "9" + "9", + "10" ] }, { "operatingsystem": "RedHat", "operatingsystemrelease": [ "6", - "7" + "7", + "8" ] }, { "operatingsystem": "CentOS", "operatingsystemrelease": [ "6", - "7" + "7", + "8" ] }, { "operatingsystem": "Ubuntu", "operatingsystemrelease": [ "16.04", - "18.04" + "18.04", + "20.04" ] }, { "operatingsystem": "SLES", "operatingsystemrelease": [ - "12" + "12", + "15" ] } - ] + ], + "requirements": [ + { + "name": "puppet", + "version_requirement": ">= 4.7.0 < 7.0.0" + } + ], + "tags": [ + "icinga", + "icinga2", + "icingaweb2", + "monitoring" + ], + "pdk-version": "1.18.1", + "template-url": "pdk-default#1.18.1", + "template-ref": "tags/1.18.1-0-g3d2e75c" } diff --git a/spec/acceptance/apache2_spec.rb b/spec/acceptance/apache2_spec.rb deleted file mode 100644 index 319dc9d..0000000 --- a/spec/acceptance/apache2_spec.rb +++ /dev/null @@ -1,59 +0,0 @@ -#! /usr/bin/env ruby -S rspec -require 'spec_helper_acceptance' - -describe 'icingaweb2 with apache2' do - it 'with basic settings and apache2' do - pp = " - class { 'apache': - mpm_module => 'prefork' - } - - class { 'apache::mod::php': } - - case $::osfamily { - 'redhat': { - file {'/etc/httpd/conf.d/icingaweb2.conf': - source => 'puppet:///modules/icingaweb2/examples/apache2/icingaweb2.conf', - require => Class['apache'], - notify => Service['httpd'], - } - - package { 'centos-release-scl': - before => Class['icingaweb2'] - } - } - 'debian': { - class { 'apache::mod::rewrite': } - - file {'/etc/apache2/conf.d/icingaweb2.conf': - source => 'puppet:///modules/icingaweb2/examples/apache2/icingaweb2.conf', - require => Class['apache'], - notify => Service['apache2'], - } - } - } - - class {'icingaweb2': - manage_repo => true, - } - " - - apply_manifest(pp, catch_failures: true) - end - - if fact('osfamily') == 'Debian' - describe service('apache2') do - it { is_expected.to be_running } - end - end - - if fact('osfamily') == 'RedHat' - describe service('httpd') do - it { is_expected.to be_running } - end - end - - describe command('curl -I http://localhost/icingaweb2/') do - its(:stdout) { should match(%r{302 Found}) } - end -end diff --git a/spec/acceptance/class_spec.rb b/spec/acceptance/class_spec.rb index 004b28c..ef9f27c 100644 --- a/spec/acceptance/class_spec.rb +++ b/spec/acceptance/class_spec.rb @@ -1,33 +1,174 @@ -#! /usr/bin/env ruby -S rspec require 'spec_helper_acceptance' describe 'icingaweb2 class:' do - it 'runs successfully' do - pp = " - case $::osfamily { - 'redhat': { - package { 'centos-release-scl': - before => Class['icingaweb2'] + describe 'icingaweb2 with defaults' do + let(:pp) do + <<-MANIFEST + case $::osfamily { + 'redhat': { + if $facts['os']['name'] == 'centos' and Integer($facts['os']['release']['major']) < 8 { + package { 'centos-release-scl': } + + $php_globals = { + php_version => 'rh-php71', + rhscl_mode => 'rhscl', + } + } else { + $php_globals = {} + } + + $php_extensions = { + mbstring => { ini_prefix => '20-' }, + json => { ini_prefix => '20-' }, + ldap => { ini_prefix => '20-' }, + gd => { ini_prefix => '20-' }, + xml => { ini_prefix => '20-' }, + intl => { ini_prefix => '20-' }, + mysqlnd => { ini_prefix => '20-' }, + pgsql => { ini_prefix => '20-' }, + } + $web_conf_user = 'apache' + } # RedHat + + 'debian': { + $php_globals = {} + $php_extensions = { + mbstring => {}, + json => {}, + ldap => {}, + gd => {}, + xml => {}, + intl => {}, + mysql => {}, + pgsql => {}, + } + $web_conf_user = 'www-data' + } # Debian + + default: { + fail("'Your operatingsystem ${::operatingsystem} is not supported.'") } } - } - class { '::icingaweb2': - manage_repo => true, - } - " + # + # PHP + # + class { '::php::globals': + * => $php_globals, + } - apply_manifest(pp, catch_failures: true) - end + class { '::php': + ensure => installed, + manage_repos => false, + apache_config => false, + fpm => true, + extensions => $php_extensions, + dev => false, + composer => false, + pear => false, + phpunit => false, + require => Class['::php::globals'], + } - describe package('icingaweb2') do - it { is_expected.to be_installed } - end + # + # Apache + # + class { '::apache': + default_mods => false, + default_vhost => false, + mpm_module => 'worker', + } - describe file('/etc/icingaweb2/config.ini') do - it { is_expected.to be_file } - it { is_expected.to contain '[global]' } - it { is_expected.to contain '[logging]' } - end + apache::listen { '80': } + + include ::apache::mod::alias + include ::apache::mod::status + include ::apache::mod::dir + include ::apache::mod::env + include ::apache::mod::rewrite + include ::apache::mod::proxy + include ::apache::mod::proxy_fcgi + + apache::custom_config { 'icingaweb2': + ensure => present, + source => 'puppet:///modules/icingaweb2/examples/apache2/for-mod_proxy_fcgi.conf', + verify_config => false, + priority => false, + } + + # + # Icinga Web 2 + # + include ::mysql::server + mysql::db { 'icingaweb2': + user => 'icingaweb2', + password => 'icingaweb2', + host => 'localhost', + grant => ['SELECT', 'INSERT', 'UPDATE', 'DELETE', 'DROP', 'CREATE VIEW', 'CREATE', 'INDEX', 'EXECUTE', 'ALTER', 'REFERENCES'], + before => Class['icingaweb2'], + } + + Package['icingaweb2'] + -> Class['apache'] + + class { 'icingaweb2': + manage_repo => true, + conf_user => $web_conf_user, + db_type => 'mysql', + db_host => 'localhost', + db_port => 3306, + db_username => 'icingaweb2', + db_password => 'icingaweb2', + import_schema => true, + } + MANIFEST + end + + it_behaves_like 'a idempotent resource' + + describe package('icingaweb2') do + it { is_expected.to be_installed } + end + + describe file('/etc/icingaweb2/config.ini') do + it { is_expected.to be_file } + it { is_expected.to contain '[global]' } + it { is_expected.to contain '[logging]' } + end + + describe command('curl -I http://localhost/icingaweb2/') do + its(:stdout) { is_expected.to match(%r{302 Found}) } + end + + describe file('/etc/icingaweb2/resources.ini') do + it { is_expected.to be_file } + it { is_expected.to contain '[mysql-icingaweb2]' } + it { is_expected.to contain 'type = "db"' } + it { is_expected.to contain 'db = "mysql"' } + it { is_expected.to contain 'host = "localhost"' } + it { is_expected.to contain 'port = "3306"' } + it { is_expected.to contain 'dbname = "icingaweb2"' } + it { is_expected.to contain 'username = "icingaweb2"' } + it { is_expected.to contain 'password = "icingaweb2"' } + end + + describe file('/etc/icingaweb2/authentication.ini') do + it { is_expected.to be_file } + it { is_expected.to contain '[mysql-auth]' } + it { is_expected.to contain 'backend = "db"' } + it { is_expected.to contain 'resource = "mysql-icingaweb2"' } + end + + describe file('/etc/icingaweb2/roles.ini') do + it { is_expected.to be_file } + it { is_expected.to contain '[default admin user]' } + it { is_expected.to contain 'users = "icingaadmin"' } + it { is_expected.to contain 'permissions = "*"' } + end + + describe command('mysql -e "select name from icingaweb2.icingaweb_user"') do + its(:stdout) { is_expected.to match(%r{icingaadmin}) } + end + end end diff --git a/spec/acceptance/icingaweb2_director_spec.rb b/spec/acceptance/icingaweb2_director_spec.rb deleted file mode 100644 index bfd04eb..0000000 --- a/spec/acceptance/icingaweb2_director_spec.rb +++ /dev/null @@ -1,103 +0,0 @@ -#! /usr/bin/env ruby -S rspec -require 'spec_helper_acceptance' - -describe 'icingaweb2::module::director class:' do - it 'runs successfully' do - pp = " - case $::osfamily { - 'redhat': { - package { 'centos-release-scl': - before => Class['icingaweb2'] - } - } - } - - package { 'git': } - - include ::mysql::server - - mysql::db { 'icingaweb2': - user => 'icingaweb2', - password => 'icingaweb2', - host => 'localhost', - grant => ['SELECT', 'INSERT', 'UPDATE', 'DELETE', 'DROP', 'CREATE VIEW', 'CREATE', 'INDEX', 'EXECUTE', 'ALTER', 'REFERENCES'], - } - - mysql::db { 'director': - user => 'director', - password => 'director', - host => 'localhost', - charset => 'utf8', - grant => ['SELECT', 'INSERT', 'UPDATE', 'DELETE', 'DROP', 'CREATE VIEW', 'CREATE', 'INDEX', 'EXECUTE', 'ALTER', 'REFERENCES'], - } - - class {'icingaweb2': - manage_repo => true, - import_schema => true, - db_type => 'mysql', - db_host => 'localhost', - db_port => 3306, - db_username => 'icingaweb2', - db_password => 'icingaweb2', - require => Mysql::Db['icingaweb2'], - } - - class {'icingaweb2::module::monitoring': - ido_host => 'localhost', - ido_db_name => 'icinga2', - ido_db_username => 'icinga2', - ido_db_password => 'supersecret', - commandtransports => { - icinga2 => { - transport => 'api', - username => 'root', - password => 'icinga', - } - } - } - - class {'icingaweb2::module::director': - git_revision => 'v1.3.2', - db_host => 'localhost', - db_name => 'director', - db_username => 'director', - db_password => 'director', - import_schema => true, - kickstart => false, - endpoint => 'puppet-icingaweb2.localdomain', - api_username => 'root', - api_password => 'icinga', - require => Mysql::Db['director'] - } - " - - apply_manifest(pp, catch_failures: true) - end - - describe file('/etc/icingaweb2/enabledModules/director') do - it { is_expected.to be_symlink } - end - - describe file('/etc/icingaweb2/modules/director/config.ini') do - it { is_expected.to be_file } - it { is_expected.to contain '[db]' } - it { is_expected.to contain 'resource = "icingaweb2-module-director"' } - end - - describe file('/etc/icingaweb2/resources.ini') do - it { is_expected.to be_file } - it { is_expected.to contain '[icingaweb2-module-director]' } - it { is_expected.to contain 'type = "db"' } - it { is_expected.to contain 'db = "mysql"' } - it { is_expected.to contain 'host = "localhost"' } - it { is_expected.to contain 'port = "3306"' } - it { is_expected.to contain 'dbname = "director"' } - it { is_expected.to contain 'username = "director"' } - it { is_expected.to contain 'password = "director"' } - it { is_expected.to contain 'charset = "utf8"' } - end - - #describe command('mysql -e "select object_name from director.icinga_apiuser"') do - # its(:stdout) { should match(%r{root}) } - #end -end diff --git a/spec/acceptance/icingaweb2_monitoring_spec.rb b/spec/acceptance/icingaweb2_monitoring_spec.rb deleted file mode 100644 index 3bab531..0000000 --- a/spec/acceptance/icingaweb2_monitoring_spec.rb +++ /dev/null @@ -1,118 +0,0 @@ -#! /usr/bin/env ruby -S rspec -require 'spec_helper_acceptance' - -describe 'icingaweb2::module::monitoring class:' do - it 'runs successfully' do - pp = " - case $::osfamily { - 'redhat': { - package { 'centos-release-scl': - before => Class['icingaweb2'] - } - } - } - - include ::mysql::server - - mysql::db { 'icingaweb2': - user => 'icingaweb2', - password => 'icingaweb2', - host => 'localhost', - grant => ['SELECT', 'INSERT', 'UPDATE', 'DELETE', 'DROP', 'CREATE VIEW', 'CREATE', 'INDEX', 'EXECUTE', 'ALTER', 'REFERENCES'], - } - - class {'icingaweb2': - manage_repo => true, - import_schema => true, - db_type => 'mysql', - db_host => 'localhost', - db_port => 3306, - db_username => 'icingaweb2', - db_password => 'icingaweb2', - require => Mysql::Db['icingaweb2'], - } - - class {'icingaweb2::module::monitoring': - ido_host => 'localhost', - ido_db_name => 'icinga2', - ido_db_username => 'icinga2', - ido_db_password => 'supersecret', - commandtransports => { - icinga2 => { - transport => 'api', - username => 'root', - password => 'icinga', - } - } - } - " - - apply_manifest(pp, catch_failures: true) - end - - describe file('/etc/icingaweb2/enabledModules/monitoring') do - it { is_expected.to be_symlink } - end - - describe file('/etc/icingaweb2/modules/monitoring/config.ini') do - it { is_expected.to be_file } - it { is_expected.to contain '[security]' } - it { is_expected.to contain 'protected_customvars = "*pw*,*pass*,community"' } - end - - describe file('/etc/icingaweb2/modules/monitoring/backends.ini') do - it { is_expected.to be_file } - it { is_expected.to contain '[backends]' } - it { is_expected.to contain 'type = "ido"' } - it { is_expected.to contain 'resource = "icingaweb2-module-monitoring"' } - end - - describe file('/etc/icingaweb2/modules/monitoring/commandtransports.ini') do - it { is_expected.to be_file } - it { is_expected.to contain '[icinga2]' } - it { is_expected.to contain 'transport = "api"' } - it { is_expected.to contain 'host = "localhost"' } - it { is_expected.to contain 'port = "5665"' } - it { is_expected.to contain 'username = "root"' } - it { is_expected.to contain 'password = "icinga"' } - end - - describe file('/etc/icingaweb2/resources.ini') do - it { is_expected.to be_file } - it { is_expected.to contain '[icingaweb2-module-monitoring]' } - it { is_expected.to contain 'type = "db"' } - it { is_expected.to contain 'db = "mysql"' } - it { is_expected.to contain 'host = "localhost"' } - it { is_expected.to contain 'port = "3306"' } - it { is_expected.to contain 'dbname = "icinga2"' } - it { is_expected.to contain 'username = "icinga2"' } - it { is_expected.to contain 'password = "supersecret"' } - it { is_expected.to contain '[mysql-icingaweb2]' } - it { is_expected.to contain 'type = "db"' } - it { is_expected.to contain 'db = "mysql"' } - it { is_expected.to contain 'host = "localhost"' } - it { is_expected.to contain 'port = "3306"' } - it { is_expected.to contain 'dbname = "icingaweb2"' } - it { is_expected.to contain 'username = "icingaweb2"' } - it { is_expected.to contain 'password = "icingaweb2"' } - end - - describe file('/etc/icingaweb2/authentication.ini') do - it { is_expected.to be_file } - it { is_expected.to contain '[mysql-auth]' } - it { is_expected.to contain 'backend = "db"' } - it { is_expected.to contain 'resource = "mysql-icingaweb2"' } - - end - - describe file('/etc/icingaweb2/roles.ini') do - it { is_expected.to be_file } - it { is_expected.to contain '[default admin user]' } - it { is_expected.to contain 'users = "icingaadmin"' } - it { is_expected.to contain 'permissions = "*"' } - end - - describe command('mysql -e "select name from icingaweb2.icingaweb_user"') do - its(:stdout) { should match(%r{icingaadmin}) } - end -end diff --git a/spec/acceptance/nodesets/centos-6-x64.yml b/spec/acceptance/nodesets/centos-6-x64.yml index 0c07fe7..66613af 100644 --- a/spec/acceptance/nodesets/centos-6-x64.yml +++ b/spec/acceptance/nodesets/centos-6-x64.yml @@ -1,10 +1,10 @@ --- HOSTS: - centos-6-x64: + iw2centos6: roles: - master platform: el-6-x86_64 box: bento/centos-6 hypervisor: vagrant CONFIG: - type: aio \ No newline at end of file + type: aio diff --git a/spec/acceptance/nodesets/centos-8-x64.yml b/spec/acceptance/nodesets/centos-8-x64.yml new file mode 100644 index 0000000..4cbb5d6 --- /dev/null +++ b/spec/acceptance/nodesets/centos-8-x64.yml @@ -0,0 +1,11 @@ +--- +HOSTS: + iw2centos8: + roles: + - agent + - default + platform: el-8-x86_64 + hypervisor: vagrant + box: bento/centos-8 +CONFIG: + type: aio diff --git a/spec/acceptance/nodesets/debian-7-x64.yml b/spec/acceptance/nodesets/debian-7-x64.yml deleted file mode 100644 index 5007535..0000000 --- a/spec/acceptance/nodesets/debian-7-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ ---- -HOSTS: - debian-7-x64: - roles: - - master - platform: debian-7-amd64 - box: bento/debian-7 - hypervisor: vagrant -CONFIG: - type: foss \ No newline at end of file diff --git a/spec/acceptance/nodesets/debian-8-x64.yml b/spec/acceptance/nodesets/debian-8-x64.yml deleted file mode 100644 index 0a7c8b6..0000000 --- a/spec/acceptance/nodesets/debian-8-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ ---- -HOSTS: - debian-8-x64: - roles: - - master - platform: debian-8-amd64 - box: bento/debian-8 - hypervisor: vagrant -CONFIG: - type: foss \ No newline at end of file diff --git a/spec/acceptance/nodesets/debian-9-x64.yml b/spec/acceptance/nodesets/debian-9-x64.yml deleted file mode 100644 index 6297be9..0000000 --- a/spec/acceptance/nodesets/debian-9-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ ---- -HOSTS: - debian-9-x64: - roles: - - master - platform: debian-9-amd64 - box: bento/debian-9 - hypervisor: vagrant -CONFIG: - type: foss \ No newline at end of file diff --git a/spec/acceptance/nodesets/debian-buster-amd.yml b/spec/acceptance/nodesets/debian-buster-amd.yml new file mode 100644 index 0000000..96e9cf6 --- /dev/null +++ b/spec/acceptance/nodesets/debian-buster-amd.yml @@ -0,0 +1,12 @@ +--- +HOSTS: + iw2debian10: + roles: + - agent + - default + platform: debian-buster-amd + hypervisor: vagrant + box: bento/debian-10 + vagrant_memsize: 1024 +CONFIG: + type: aio diff --git a/spec/acceptance/nodesets/debian-stretch-amd.yml b/spec/acceptance/nodesets/debian-stretch-amd.yml new file mode 100644 index 0000000..3bed4c6 --- /dev/null +++ b/spec/acceptance/nodesets/debian-stretch-amd.yml @@ -0,0 +1,12 @@ +--- +HOSTS: + iw2debian: + roles: + - agent + - default + platform: debian-stretch-amd + hypervisor: vagrant + box: bento/debian-9 + vagrant_memsize: 1024 +CONFIG: + type: aio diff --git a/spec/acceptance/nodesets/centos-7-x64.yml b/spec/acceptance/nodesets/default.yml similarity index 72% rename from spec/acceptance/nodesets/centos-7-x64.yml rename to spec/acceptance/nodesets/default.yml index 111ddb3..7fe87ed 100644 --- a/spec/acceptance/nodesets/centos-7-x64.yml +++ b/spec/acceptance/nodesets/default.yml @@ -1,10 +1,11 @@ --- HOSTS: - centos-7-x64: + iw2centos7: roles: - - master + - agent + - default platform: el-7-x86_64 - box: bento/centos-7 hypervisor: vagrant + box: bento/centos-7 CONFIG: type: aio diff --git a/spec/acceptance/nodesets/ubuntu-bionic-amd.yml b/spec/acceptance/nodesets/ubuntu-bionic-amd.yml new file mode 100644 index 0000000..557ee18 --- /dev/null +++ b/spec/acceptance/nodesets/ubuntu-bionic-amd.yml @@ -0,0 +1,11 @@ +--- +HOSTS: + iw2ubuntu18: + roles: + - agent + - default + platform: ubuntu-18.04-amd64 + box: bento/ubuntu-18.04 + hypervisor: vagrant +CONFIG: + type: aio diff --git a/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml b/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml deleted file mode 100644 index 21c3f8c..0000000 --- a/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ ---- -HOSTS: - ubuntu-server-1404-x64: - roles: - - master - platform: ubuntu-14.04-amd64 - box: bento/ubuntu-14.04 - hypervisor: vagrant -CONFIG: - type: foss \ No newline at end of file diff --git a/spec/acceptance/nodesets/ubuntu-server-1604-x64.yml b/spec/acceptance/nodesets/ubuntu-xenial-amd.yml similarity index 66% rename from spec/acceptance/nodesets/ubuntu-server-1604-x64.yml rename to spec/acceptance/nodesets/ubuntu-xenial-amd.yml index 1fe894e..90a8d39 100644 --- a/spec/acceptance/nodesets/ubuntu-server-1604-x64.yml +++ b/spec/acceptance/nodesets/ubuntu-xenial-amd.yml @@ -1,10 +1,11 @@ --- HOSTS: - ubuntu-server-1604-x64: + iw2ubuntu16: roles: - - master + - agent + - default platform: ubuntu-16.04-amd64 box: bento/ubuntu-16.04 hypervisor: vagrant CONFIG: - type: foss \ No newline at end of file + type: aio diff --git a/spec/classes/businessprocess_spec.rb b/spec/classes/businessprocess_spec.rb index d216b5d..bf16bb1 100644 --- a/spec/classes/businessprocess_spec.rb +++ b/spec/classes/businessprocess_spec.rb @@ -1,24 +1,27 @@ require 'spec_helper' -describe('icingaweb2::module::businessprocess', :type => :class) do - let(:pre_condition) { [ - "class { 'icingaweb2': }" - ] } +describe('icingaweb2::module::businessprocess', type: :class) do + let(:pre_condition) do + [ + "class { 'icingaweb2': }", + ] + end on_supported_os.each do |os, facts| context "on #{os}" do let :facts do facts end context "#{os} with git_revision 'v2.1.0'" do - let(:params) { { :git_revision => 'v2.1.0', } } + let(:params) { { git_revision: 'v2.1.0' } } - it { is_expected.to contain_icingaweb2__module('businessprocess') - .with_install_method('git') - .with_git_revision('v2.1.0') + it { + is_expected.to contain_icingaweb2__module('businessprocess') + .with_install_method('git') + .with_git_revision('v2.1.0') } end end end end diff --git a/spec/classes/config_spec.rb b/spec/classes/config_spec.rb index 4bb6c3d..747d05b 100644 --- a/spec/classes/config_spec.rb +++ b/spec/classes/config_spec.rb @@ -1,104 +1,109 @@ require 'spec_helper' -describe('icingaweb2::config', :type => :class) do +describe('icingaweb2::config', type: :class) do on_supported_os.each do |os, facts| context "on #{os}" do let :facts do facts end context 'with default parameters' do let :pre_condition do "class { 'icingaweb2': }" end it { is_expected.to contain_icingaweb2__inisection('config-logging') } - it { is_expected.to contain_icingaweb2__inisection('config-global') - .with_settings({ 'show_stacktraces' => false, 'module_path' => '/usr/share/icingaweb2/modules', 'config_backend' => 'ini' }) + it { + is_expected.to contain_icingaweb2__inisection('config-global') + .with_settings('show_stacktraces' => false, 'module_path' => '/usr/share/icingaweb2/modules', 'config_backend' => 'ini') } it { is_expected.to contain_icingaweb2__inisection('config-themes') } it { is_expected.not_to contain_icingaweb2__inisection('config-cookie') } - it { is_expected.to contain_file('/var/log/icingaweb2') - .with_ensure('directory') - .with_mode('0750') + it { + is_expected.to contain_file('/var/log/icingaweb2') + .with_ensure('directory') + .with_mode('0750') } - it { is_expected.to contain_file('/var/log/icingaweb2/icingaweb2.log') - .with_ensure('file') - .with_mode('0640') + it { + is_expected.to contain_file('/var/log/icingaweb2/icingaweb2.log') + .with_ensure('file') + .with_mode('0640') } end context 'with import_schema => true and db_type => mysql' do let :pre_condition do "class { 'icingaweb2': import_schema => true, db_type => 'mysql'}" end - it { is_expected.to contain_icingaweb2__config__resource('mysql-icingaweb2')} - it { is_expected.to contain_icingaweb2__config__authmethod('mysql-auth')} - it { is_expected.to contain_icingaweb2__config__role('default admin user')} + it { is_expected.to contain_icingaweb2__config__resource('mysql-icingaweb2') } + it { is_expected.to contain_icingaweb2__config__authmethod('mysql-auth') } + it { is_expected.to contain_icingaweb2__config__role('default admin user') } it { is_expected.to contain_exec('import schema') } it { is_expected.to contain_exec('create default user') } end context 'with import_schema => true and db_type => pgsql' do let :pre_condition do "class { 'icingaweb2': import_schema => true, db_type => 'pgsql'}" end - it { is_expected.to contain_icingaweb2__config__resource('pgsql-icingaweb2')} - it { is_expected.to contain_icingaweb2__config__authmethod('pgsql-auth')} - it { is_expected.to contain_icingaweb2__config__role('default admin user')} + it { is_expected.to contain_icingaweb2__config__resource('pgsql-icingaweb2') } + it { is_expected.to contain_icingaweb2__config__authmethod('pgsql-auth') } + it { is_expected.to contain_icingaweb2__config__role('default admin user') } it { is_expected.to contain_exec('import schema') } it { is_expected.to contain_exec('create default user') } end context 'with import_schema => true and invalid db_type' do let :pre_condition do "class { 'icingaweb2': import_schema => true, db_type => 'foobar'}" end - it { is_expected.to raise_error(Puppet::Error, /expects a match for Enum\['mysql', 'pgsql'\]/) } + it { is_expected.to raise_error(Puppet::Error, %r{expects a match for Enum\['mysql', 'pgsql'\]}) } end context 'with import_schema => false' do let :pre_condition do "class { 'icingaweb2': import_schema => false }" end - it { is_expected.not_to contain_exec('import schema')} - it { is_expected.not_to contain_exec('create default user')} - it { is_expected.not_to contain_icingaweb2__config__role('default admin user')} + it { is_expected.not_to contain_exec('import schema') } + it { is_expected.not_to contain_exec('create default user') } + it { is_expected.not_to contain_icingaweb2__config__role('default admin user') } end context 'with config_backend => db' do let :pre_condition do "class { 'icingaweb2': config_backend => 'db' }" end - it { is_expected.to contain_icingaweb2__inisection('config-global') - .with_settings({ 'show_stacktraces' => false, 'module_path' => '/usr/share/icingaweb2/modules', 'config_backend' => 'db', 'config_resource' => 'mysql-icingaweb2' }) + it { + is_expected.to contain_icingaweb2__inisection('config-global') + .with_settings('show_stacktraces' => false, 'module_path' => '/usr/share/icingaweb2/modules', 'config_backend' => 'db', 'config_resource' => 'mysql-icingaweb2') } - it { is_expected.to contain_icingaweb2__config__resource('mysql-icingaweb2')} + it { is_expected.to contain_icingaweb2__config__resource('mysql-icingaweb2') } end context 'with cookie_path => /' do let :pre_condition do "class { 'icingaweb2': cookie_path => '/' }" end - it { is_expected.to contain_icingaweb2__inisection('config-cookie') - .with_settings({ 'path' => '/' }) + it { + is_expected.to contain_icingaweb2__inisection('config-cookie') + .with_settings('path' => '/') } end context 'with invalid config_backend' do let :pre_condition do "class { 'icingaweb2': config_backend => 'foobar' }" end - it { is_expected.to raise_error(Puppet::Error, /expects a match for Enum\['db', 'ini'\]/) } + it { is_expected.to raise_error(Puppet::Error, %r{expects a match for Enum\['db', 'ini'\]}) } end end end end diff --git a/spec/classes/cube_spec.rb b/spec/classes/cube_spec.rb index 32c8c7f..4538a9b 100644 --- a/spec/classes/cube_spec.rb +++ b/spec/classes/cube_spec.rb @@ -1,24 +1,27 @@ require 'spec_helper' -describe('icingaweb2::module::cube', :type => :class) do - let(:pre_condition) { [ - "class { 'icingaweb2': }" - ] } +describe('icingaweb2::module::cube', type: :class) do + let(:pre_condition) do + [ + "class { 'icingaweb2': }", + ] + end on_supported_os.each do |os, facts| context "on #{os}" do let :facts do facts end context "#{os} with git_revision 'v1.0.0'" do - let(:params) { { :git_revision => 'v1.0.0', } } + let(:params) { { git_revision: 'v1.0.0' } } - it { is_expected.to contain_icingaweb2__module('cube') - .with_install_method('git') - .with_git_revision('v1.0.0') + it { + is_expected.to contain_icingaweb2__module('cube') + .with_install_method('git') + .with_git_revision('v1.0.0') } end end end end diff --git a/spec/classes/director_service_spec.rb b/spec/classes/director_service_spec.rb new file mode 100644 index 0000000..c69791c --- /dev/null +++ b/spec/classes/director_service_spec.rb @@ -0,0 +1,41 @@ +require 'spec_helper' + +describe('icingaweb2::module::director::service', type: :class) do + let(:pre_condition) do + [ + "class { 'icingaweb2': }", + "class { 'icingaweb2::module::director': }", + ] + end + + on_supported_os.each do |os, facts| + context "on #{os}" do + let :facts do + facts + end + + context "#{os} with defaults" do + it do + is_expected.to contain_user('icingadirector') + .with( + 'ensure' => 'present', + 'gid' => 'icingaweb2', + 'shell' => '/bin/false', + ).that_comes_before('Systemd::Unit_file[icinga-director.service]') + end + it do + is_expected.to contain_systemd__unit_file('icinga-director.service').with( + content: %r{[Unit]}, + ).that_notifies('Service[icinga-director]') + end + it do + is_expected.to contain_service('icinga-director') + .with( + 'ensure' => 'running', + 'enable' => true, + ) + end + end + end + end +end diff --git a/spec/classes/director_servicespec.rb b/spec/classes/director_servicespec.rb new file mode 100644 index 0000000..c7198fa --- /dev/null +++ b/spec/classes/director_servicespec.rb @@ -0,0 +1,31 @@ +require 'spec_helper' + +describe('icingaweb2::module::director::service', type: :class) do + let(:pre_condition) do + [ + "class { 'icingaweb2': }", + "class { 'icingaweb2::module::director': }", + ] + end + + on_supported_os.each do |os, facts| + context "on #{os}" do + let :facts do + facts + end + + context "#{os} with defaults" do + it { + is_expected.to contain_user('icingadirector') + .with('ensure' => 'present', 'gid' => 'icingaweb2', 'shell' => '/bin/false').that_comes_before('Systemd::Unit_file[icinga-director.service]') + } + it { is_expected.to contain_systemd__unit_file('icinga-director.service').that_notifies('Service[icinga-director]') } + it { + is_expected.to contain_service('icinga-director') + .with('ensure' => 'running', + 'enable' => true) + } + end + end + end +end diff --git a/spec/classes/director_spec.rb b/spec/classes/director_spec.rb index 75073b0..34909c8 100644 --- a/spec/classes/director_spec.rb +++ b/spec/classes/director_spec.rb @@ -1,103 +1,112 @@ require 'spec_helper' -describe('icingaweb2::module::director', :type => :class) do - let(:pre_condition) { [ - "class { 'icingaweb2': }" - ] } +describe('icingaweb2::module::director', type: :class) do + let(:pre_condition) do + [ + "class { 'icingaweb2': }", + ] + end on_supported_os.each do |os, facts| context "on #{os}" do let :facts do facts end context "#{os} with kickstart 'true'" do - let(:params) { { :git_revision => 'foobar', - :db_host => 'localhost', - :db_name => 'director', - :db_username => 'director', - :db_password => 'director', - :import_schema => true, - :kickstart => true, - :endpoint => 'foobar', - :api_username => 'root', - :api_password => 'secret' } } + let(:params) do + { git_revision: 'foobar', + db_host: 'localhost', + db_name: 'director', + db_username: 'director', + db_password: 'director', + import_schema: true, + kickstart: true, + endpoint: 'foobar', + api_username: 'root', + api_password: 'secret' } + end - it { is_expected.to contain_icingaweb2__config__resource('icingaweb2-module-director') - .with_type('db') - .with_db_type('mysql') - .with_host('localhost') - .with_port('3306') - .with_db_name('director') - .with_db_username('director') - .with_db_password('director') - .with_db_charset('utf8') + it { + is_expected.to contain_icingaweb2__config__resource('icingaweb2-module-director') + .with_type('db') + .with_db_type('mysql') + .with_host('localhost') + .with_port('3306') + .with_db_name('director') + .with_db_username('director') + .with_db_password('director') + .with_db_charset('utf8') } - it { is_expected.to contain_icingaweb2__module('director') - .with_install_method('git') - .with_git_revision('foobar') - .with_module_dir('/usr/share/icingaweb2/modules/director') - .with_settings( { - 'module-director-db'=>{ - 'section_name'=>'db', - 'target'=>'/etc/icingaweb2/modules/director/config.ini', - 'settings'=>{ - 'resource'=>'icingaweb2-module-director'} - }, - 'module-director-config'=>{ - 'section_name'=>'config', - 'target'=>'/etc/icingaweb2/modules/director/kickstart.ini', - 'settings'=>{ - 'endpoint'=>'foobar', - 'host'=>'localhost', - 'port'=>'5665', - 'username'=>'root', - 'password'=>'secret'} - } - } - )} + it { + is_expected.to contain_icingaweb2__module('director') + .with_install_method('git') + .with_git_revision('foobar') + .with_module_dir('/usr/share/icingaweb2/modules/director') + .with_settings('module-director-db' => { + 'section_name' => 'db', + 'target' => '/etc/icingaweb2/modules/director/config.ini', + 'settings' => { + 'resource' => 'icingaweb2-module-director', + }, + }, + 'module-director-config' => { + 'section_name' => 'config', + 'target' => '/etc/icingaweb2/modules/director/kickstart.ini', + 'settings' => { + 'endpoint' => 'foobar', + 'host' => 'localhost', + 'port' => '5665', + 'username' => 'root', + 'password' => 'secret', + }, + }) + } it { is_expected.to contain_exec('director-migration') } it { is_expected.to contain_exec('director-kickstart') } end context "#{os} with import_schema 'false'" do - let(:params) { { :git_revision => 'foobar', - :db_host => 'localhost', - :db_name => 'director', - :db_username => 'director', - :db_password => 'director', - :import_schema => false } } + let(:params) do + { git_revision: 'foobar', + db_host: 'localhost', + db_name: 'director', + db_username: 'director', + db_password: 'director', + import_schema: false } + end - it { is_expected.to contain_icingaweb2__config__resource('icingaweb2-module-director') - .with_type('db') - .with_db_type('mysql') - .with_host('localhost') - .with_port('3306') - .with_db_name('director') - .with_db_username('director') - .with_db_password('director') - .with_db_charset('utf8') + it { + is_expected.to contain_icingaweb2__config__resource('icingaweb2-module-director') + .with_type('db') + .with_db_type('mysql') + .with_host('localhost') + .with_port('3306') + .with_db_name('director') + .with_db_username('director') + .with_db_password('director') + .with_db_charset('utf8') } - it { is_expected.to contain_icingaweb2__module('director') - .with_install_method('git') - .with_git_revision('foobar') - .with_module_dir('/usr/share/icingaweb2/modules/director') - .with_settings( { - 'module-director-db'=>{ - 'section_name'=>'db', - 'target'=>'/etc/icingaweb2/modules/director/config.ini', - 'settings'=>{ - 'resource'=>'icingaweb2-module-director'} } - } - )} + it { + is_expected.to contain_icingaweb2__module('director') + .with_install_method('git') + .with_git_revision('foobar') + .with_module_dir('/usr/share/icingaweb2/modules/director') + .with_settings('module-director-db' => { + 'section_name' => 'db', + 'target' => '/etc/icingaweb2/modules/director/config.ini', + 'settings' => { + 'resource' => 'icingaweb2-module-director', + }, + }) + } it { is_expected.not_to contain_exec('director-migration') } it { is_expected.not_to contain_exec('director-kickstart') } end end end end - diff --git a/spec/classes/doc_spec.rb b/spec/classes/doc_spec.rb index ac01d99..ab1fd5d 100644 --- a/spec/classes/doc_spec.rb +++ b/spec/classes/doc_spec.rb @@ -1,64 +1,64 @@ require 'spec_helper' -describe('icingaweb2::module::doc', :type => :class) do - let(:pre_condition) { [ - "class { 'icingaweb2': }" - ] } +describe('icingaweb2::module::doc', type: :class) do + let(:pre_condition) do + [ + "class { 'icingaweb2': }", + ] + end on_supported_os.each do |os, facts| context "on #{os}" do let :facts do facts end case facts[:osfamily] - when 'Debian' - before(:all) do - @install_method = 'package' - @package_name = 'icingaweb2-module-doc' - end - else - before(:all) do - @install_method = 'none' - @package_name = nil - end + when 'Debian' + let(:install_method) { 'package' } + let(:package_name) { 'icingaweb2-module-doc' } + else + let(:install_method) { 'none' } + let(:package_name) { nil } end - context "with ensure present" do - let(:params) { { :ensure => 'present', } } + context 'with ensure present' do + let(:params) { { ensure: 'present' } } - it { is_expected.to contain_icingaweb2__module('doc') - .with_install_method(@install_method) - .with_package_name(@package_name) - .with_module_dir('/usr/share/icingaweb2/modules/doc') - .with_ensure('present') - } + it { + is_expected.to contain_icingaweb2__module('doc') + .with_install_method(install_method) + .with_package_name(package_name) + .with_module_dir('/usr/share/icingaweb2/modules/doc') + .with_ensure('present') + } if facts[:osfamily] == 'Debian' - it { is_expected.to contain_package('icingaweb2-module-doc').with({ 'ensure' => 'present' }) } + it { is_expected.to contain_package('icingaweb2-module-doc').with('ensure' => 'present') } end end - context "with ensure absent" do - let(:params) { { :ensure => 'absent', } } + context 'with ensure absent' do + let(:params) { { ensure: 'absent' } } - it { is_expected.to contain_icingaweb2__module('doc') - .with_install_method(@install_method) - .with_package_name(@package_name) - .with_module_dir('/usr/share/icingaweb2/modules/doc') - .with_ensure('absent') - } + it { + is_expected.to contain_icingaweb2__module('doc') + .with_install_method(install_method) + .with_package_name(package_name) + .with_module_dir('/usr/share/icingaweb2/modules/doc') + .with_ensure('absent') + } if facts[:osfamily] == 'Debian' - it { is_expected.to contain_package('icingaweb2-module-doc').with({ 'ensure' => 'absent' }) } + it { is_expected.to contain_package('icingaweb2-module-doc').with('ensure' => 'absent') } end end - context "with ensure foobar" do - let(:params) { { :ensure => 'foobar' } } + context 'with ensure foobar' do + let(:params) { { ensure: 'foobar' } } - it { is_expected.to raise_error(Puppet::Error, /expects a match for Enum\['absent', 'present'\]/) } + it { is_expected.to raise_error(Puppet::Error, %r{expects a match for Enum\['absent', 'present'\]}) } end end end end diff --git a/spec/classes/elasticsearch_spec.rb b/spec/classes/elasticsearch_spec.rb index 90b5cb3..9c5ec10 100644 --- a/spec/classes/elasticsearch_spec.rb +++ b/spec/classes/elasticsearch_spec.rb @@ -1,100 +1,113 @@ require 'spec_helper' -describe('icingaweb2::module::elasticsearch', :type => :class) do - let(:pre_condition) { [ - "class { 'icingaweb2': }" - ] } +describe('icingaweb2::module::elasticsearch', type: :class) do + let(:pre_condition) do + [ + "class { 'icingaweb2': }", + ] + end on_supported_os.each do |os, facts| context "on #{os}" do let :facts do facts end context "#{os} with git_revision 'v0.9.0'" do - let(:params) { { :git_revision => 'v0.9.0', } } + let(:params) { { git_revision: 'v0.9.0' } } - it { is_expected.to contain_icingaweb2__module('elasticsearch') - .with_install_method('git') - .with_git_revision('v0.9.0') + it { + is_expected.to contain_icingaweb2__module('elasticsearch') + .with_install_method('git') + .with_git_revision('v0.9.0') } end context "#{os} with an instance" do - let(:params) { { - :git_revision => 'v0.9.0', - :instances => { - 'elastic' => { - 'uri' => 'http://localhost:9200', - 'user' => 'user', - 'password' => 'password', - 'ca' => '/tmp/ca', - 'client_certificate' => '/tmp/client_certificate', - 'client_private_key' => '/tmp/client_private_key', - } - } - } } + let(:params) do + { + git_revision: 'v0.9.0', + instances: { + 'elastic' => { + 'uri' => 'http://localhost:9200', + 'user' => 'user', + 'password' => 'password', + 'ca' => '/tmp/ca', + 'client_certificate' => '/tmp/client_certificate', + 'client_private_key' => '/tmp/client_private_key', + }, + }, + } + end - it { is_expected.to contain_icingaweb2__module('elasticsearch') - .with_install_method('git') - .with_git_revision('v0.9.0') + it { + is_expected.to contain_icingaweb2__module('elasticsearch') + .with_install_method('git') + .with_git_revision('v0.9.0') } - it { is_expected.to contain_icingaweb2__module__elasticsearch__instance('elastic') - .with_uri('http://localhost:9200') - .with_user('user') - .with_password('password') - .with_ca('/tmp/ca') - .with_client_certificate('/tmp/client_certificate') - .with_client_private_key('/tmp/client_private_key') + it { + is_expected.to contain_icingaweb2__module__elasticsearch__instance('elastic') + .with_uri('http://localhost:9200') + .with_user('user') + .with_password('password') + .with_ca('/tmp/ca') + .with_client_certificate('/tmp/client_certificate') + .with_client_private_key('/tmp/client_private_key') } - it { is_expected.to contain_icingaweb2__inisection('elasticsearch-instance-elastic') - .with_section_name('elastic') - .with_target('/etc/icingaweb2/modules/elasticsearch/instances.ini') - .with_settings( { 'uri' => 'http://localhost:9200', - 'user' => 'user', - 'password' => 'password', - 'ca' => '/tmp/ca', - 'client_certificate' => '/tmp/client_certificate', - 'client_private_key' => '/tmp/client_private_key'} ) + it { + is_expected.to contain_icingaweb2__inisection('elasticsearch-instance-elastic') + .with_section_name('elastic') + .with_target('/etc/icingaweb2/modules/elasticsearch/instances.ini') + .with_settings('uri' => 'http://localhost:9200', + 'user' => 'user', + 'password' => 'password', + 'ca' => '/tmp/ca', + 'client_certificate' => '/tmp/client_certificate', + 'client_private_key' => '/tmp/client_private_key') } end context "#{os} with an event type" do - let(:params) { { - :git_revision => 'v0.9.0', - :eventtypes => { - 'filebeat' => { - 'instance' => 'my-instance', - 'index' => 'my-index', - 'filter' => 'my-filter', - 'fields' => 'my-fields', - } - } - } } + let(:params) do + { + git_revision: 'v0.9.0', + eventtypes: { + 'filebeat' => { + 'instance' => 'my-instance', + 'index' => 'my-index', + 'filter' => 'my-filter', + 'fields' => 'my-fields', + }, + }, + } + end - it { is_expected.to contain_icingaweb2__module('elasticsearch') - .with_install_method('git') - .with_git_revision('v0.9.0') + it { + is_expected.to contain_icingaweb2__module('elasticsearch') + .with_install_method('git') + .with_git_revision('v0.9.0') } - it { is_expected.to contain_icingaweb2__module__elasticsearch__eventtype('filebeat') - .with_instance('my-instance') - .with_index('my-index') - .with_filter('my-filter') - .with_fields('my-fields') + it { + is_expected.to contain_icingaweb2__module__elasticsearch__eventtype('filebeat') + .with_instance('my-instance') + .with_index('my-index') + .with_filter('my-filter') + .with_fields('my-fields') } - it { is_expected.to contain_icingaweb2__inisection('elasticsearch-eventtype-filebeat') - .with_section_name('filebeat') - .with_target('/etc/icingaweb2/modules/elasticsearch/eventtypes.ini') - .with_settings( { 'instance' => 'my-instance', - 'index' => 'my-index', - 'filter' => 'my-filter', - 'fields' => 'my-fields' } ) + it { + is_expected.to contain_icingaweb2__inisection('elasticsearch-eventtype-filebeat') + .with_section_name('filebeat') + .with_target('/etc/icingaweb2/modules/elasticsearch/eventtypes.ini') + .with_settings('instance' => 'my-instance', + 'index' => 'my-index', + 'filter' => 'my-filter', + 'fields' => 'my-fields') } end end end -end \ No newline at end of file +end diff --git a/spec/classes/fileshipper_spec.rb b/spec/classes/fileshipper_spec.rb index 4f72260..55d1677 100644 --- a/spec/classes/fileshipper_spec.rb +++ b/spec/classes/fileshipper_spec.rb @@ -1,78 +1,91 @@ require 'spec_helper' -describe('icingaweb2::module::fileshipper', :type => :class) do - let(:pre_condition) { [ - "class { 'icingaweb2': }" - ] } +describe('icingaweb2::module::fileshipper', type: :class) do + let(:pre_condition) do + [ + "class { 'icingaweb2': }", + ] + end on_supported_os.each do |os, facts| context "on #{os}" do let :facts do facts end context "#{os} with git_revision 'v1.0.0'" do - let(:params) { { :git_revision => 'v1.0.0', } } + let(:params) { { git_revision: 'v1.0.0' } } - it { is_expected.to contain_icingaweb2__module('fileshipper') - .with_install_method('git') - .with_git_revision('v1.0.0') + it { + is_expected.to contain_icingaweb2__module('fileshipper') + .with_install_method('git') + .with_git_revision('v1.0.0') } end context "#{os} with a base directory" do - let(:params) { { - :git_revision => 'v1.0.0', - :base_directories => { - 'temp' => '/tmp' - } - } } + let(:params) do + { + git_revision: 'v1.0.0', + base_directories: { + 'temp' => '/tmp', + }, + } + end - it { is_expected.to contain_icingaweb2__module('fileshipper') - .with_install_method('git') - .with_git_revision('v1.0.0') + it { + is_expected.to contain_icingaweb2__module('fileshipper') + .with_install_method('git') + .with_git_revision('v1.0.0') } - it { is_expected.to contain_icingaweb2__module__fileshipper__basedir('temp') - .with_basedir('/tmp') + it { + is_expected.to contain_icingaweb2__module__fileshipper__basedir('temp') + .with_basedir('/tmp') } - it { is_expected.to contain_icingaweb2__inisection('fileshipper-basedir-temp') - .with_section_name('temp') - .with_target('/etc/icingaweb2/modules/fileshipper/imports.ini') - .with_settings( {'basedir' => '/tmp'} ) + it { + is_expected.to contain_icingaweb2__inisection('fileshipper-basedir-temp') + .with_section_name('temp') + .with_target('/etc/icingaweb2/modules/fileshipper/imports.ini') + .with_settings('basedir' => '/tmp') } end context "#{os} with a directory" do - let(:params) { { - :git_revision => 'v1.0.0', - :directories => { - 'test' => { - 'source' => '/tmp/source', - 'target' => '/tmp/target', - 'extensions' => '.foobar' - } - } - } } + let(:params) do + { + git_revision: 'v1.0.0', + directories: { + 'test' => { + 'source' => '/tmp/source', + 'target' => '/tmp/target', + 'extensions' => '.foobar', + }, + }, + } + end - it { is_expected.to contain_icingaweb2__module('fileshipper') - .with_install_method('git') - .with_git_revision('v1.0.0') + it { + is_expected.to contain_icingaweb2__module('fileshipper') + .with_install_method('git') + .with_git_revision('v1.0.0') } - it { is_expected.to contain_icingaweb2__module__fileshipper__directory('test') - .with_source('/tmp/source') - .with_target('/tmp/target') - .with_extensions('.foobar') + it { + is_expected.to contain_icingaweb2__module__fileshipper__directory('test') + .with_source('/tmp/source') + .with_target('/tmp/target') + .with_extensions('.foobar') } - it { is_expected.to contain_icingaweb2__inisection('fileshipper-directory-test') - .with_section_name('test') - .with_target('/etc/icingaweb2/modules/fileshipper/directories.ini') - .with_settings( {'source' => '/tmp/source', 'target' => '/tmp/target', 'extensions' => '.foobar'} ) + it { + is_expected.to contain_icingaweb2__inisection('fileshipper-directory-test') + .with_section_name('test') + .with_target('/etc/icingaweb2/modules/fileshipper/directories.ini') + .with_settings('source' => '/tmp/source', 'target' => '/tmp/target', 'extensions' => '.foobar') } end end end -end \ No newline at end of file +end diff --git a/spec/classes/generictts_spec.rb b/spec/classes/generictts_spec.rb index 569f584..4dd0c9c 100644 --- a/spec/classes/generictts_spec.rb +++ b/spec/classes/generictts_spec.rb @@ -1,52 +1,60 @@ require 'spec_helper' -describe('icingaweb2::module::generictts', :type => :class) do - let(:pre_condition) { [ - "class { 'icingaweb2': }" - ] } +describe('icingaweb2::module::generictts', type: :class) do + let(:pre_condition) do + [ + "class { 'icingaweb2': }", + ] + end on_supported_os.each do |os, facts| context "on #{os}" do let :facts do facts end context "#{os} with git_revision 'v2.0.0'" do - let(:params) { { :git_revision => 'v2.0.0', } } + let(:params) { { git_revision: 'v2.0.0' } } - it { is_expected.to contain_icingaweb2__module('generictts') - .with_install_method('git') - .with_git_revision('v2.0.0') + it { + is_expected.to contain_icingaweb2__module('generictts') + .with_install_method('git') + .with_git_revision('v2.0.0') } end context "#{os} with a ticketsystem" do - let(:params) { { - :git_revision => 'v2.0.0', - :ticketsystems => { - 'foo' => { - 'pattern' => 'foobar', - 'url' => 'barfoo' - } - } - } } - - it { is_expected.to contain_icingaweb2__module__generictts__ticketsystem('foo') - .with_pattern('foobar') - .with_url('barfoo') + let(:params) do + { + git_revision: 'v2.0.0', + ticketsystems: { + 'foo' => { + 'pattern' => 'foobar', + 'url' => 'barfoo', + }, + }, + } + end + + it { + is_expected.to contain_icingaweb2__module__generictts__ticketsystem('foo') + .with_pattern('foobar') + .with_url('barfoo') } - it { is_expected.to contain_icingaweb2__inisection('generictts-ticketsystem-foo') - .with_section_name('foo') - .with_target('/etc/icingaweb2/modules/generictts/config.ini') - .with_settings( {'pattern' => 'foobar', 'url' => 'barfoo'} ) + it { + is_expected.to contain_icingaweb2__inisection('generictts-ticketsystem-foo') + .with_section_name('foo') + .with_target('/etc/icingaweb2/modules/generictts/config.ini') + .with_settings('pattern' => 'foobar', 'url' => 'barfoo') } - it { is_expected.to contain_icingaweb2__module('generictts') - .with_install_method('git') - .with_git_revision('v2.0.0') + it { + is_expected.to contain_icingaweb2__module('generictts') + .with_install_method('git') + .with_git_revision('v2.0.0') } end end end end diff --git a/spec/classes/graphite_spec.rb b/spec/classes/graphite_spec.rb index 51e82d8..114e9e0 100644 --- a/spec/classes/graphite_spec.rb +++ b/spec/classes/graphite_spec.rb @@ -1,59 +1,68 @@ require 'spec_helper' -describe('icingaweb2::module::graphite', :type => :class) do - let(:pre_condition) { [ - "class { 'icingaweb2': }" - ] } +describe('icingaweb2::module::graphite', type: :class) do + let(:pre_condition) do + [ + "class { 'icingaweb2': }", + ] + end on_supported_os.each do |os, facts| context "on #{os}" do let :facts do facts end context "#{os} with git_revision 'v0.9.0'" do - let(:params) { { :git_revision => 'v0.9.0', :url => 'http://localhost' } } + let(:params) { { git_revision: 'v0.9.0', url: 'http://localhost' } } - it { is_expected.to contain_icingaweb2__module('graphite') - .with_install_method('git') - .with_git_revision('v0.9.0') + it { + is_expected.to contain_icingaweb2__module('graphite') + .with_install_method('git') + .with_git_revision('v0.9.0') } - it { is_expected.to contain_icingaweb2__inisection('module-graphite-graphite') - .with_section_name('graphite') - .with_target('/etc/icingaweb2/modules/graphite/config.ini') - .with_settings( {'url' => 'http://localhost'} ) + it { + is_expected.to contain_icingaweb2__inisection('module-graphite-graphite') + .with_section_name('graphite') + .with_target('/etc/icingaweb2/modules/graphite/config.ini') + .with_settings('url' => 'http://localhost') } end context "#{os} with all parameters set" do - let(:params) { { - :git_revision => 'v0.9.0', - :url => 'http://localhost', - :user => 'foo', - :password => 'bar', - :graphite_writer_host_name_template => 'foobar', - :graphite_writer_service_name_template => 'barfoo' - } } - - it { is_expected.to contain_icingaweb2__module('graphite') - .with_install_method('git') - .with_git_revision('v0.9.0') + let(:params) do + { + git_revision: 'v0.9.0', + url: 'http://localhost', + user: 'foo', + password: 'bar', + graphite_writer_host_name_template: 'foobar', + graphite_writer_service_name_template: 'barfoo', + } + end + + it { + is_expected.to contain_icingaweb2__module('graphite') + .with_install_method('git') + .with_git_revision('v0.9.0') } - it { is_expected.to contain_icingaweb2__inisection('module-graphite-graphite') - .with_section_name('graphite') - .with_target('/etc/icingaweb2/modules/graphite/config.ini') - .with_settings( {'url' => 'http://localhost', 'user' => 'foo', 'password' => 'bar'} ) + it { + is_expected.to contain_icingaweb2__inisection('module-graphite-graphite') + .with_section_name('graphite') + .with_target('/etc/icingaweb2/modules/graphite/config.ini') + .with_settings('url' => 'http://localhost', 'user' => 'foo', 'password' => 'bar') } - it { is_expected.to contain_icingaweb2__inisection('module-graphite-icinga') - .with_section_name('icinga') - .with_target('/etc/icingaweb2/modules/graphite/config.ini') - .with_settings( {'graphite_writer_host_name_template' => 'foobar', - 'graphite_writer_service_name_template' => 'barfoo'} ) + it { + is_expected.to contain_icingaweb2__inisection('module-graphite-icinga') + .with_section_name('icinga') + .with_target('/etc/icingaweb2/modules/graphite/config.ini') + .with_settings('graphite_writer_host_name_template' => 'foobar', + 'graphite_writer_service_name_template' => 'barfoo') } end end end -end \ No newline at end of file +end diff --git a/spec/classes/init_spec.rb b/spec/classes/init_spec.rb index e34cd2e..e912bdb 100644 --- a/spec/classes/init_spec.rb +++ b/spec/classes/init_spec.rb @@ -1,43 +1,28 @@ require 'spec_helper' -describe 'icingaweb2', :type => :class do +describe 'icingaweb2', type: :class do on_supported_os.each do |os, facts| context "on #{os}" do let :facts do facts end - before(:all) do - @conf_dir = '/etc/icingaweb2' - end + let(:conf_dir) { '/etc/icingaweb2' } context 'with all default parameters' do it { is_expected.to compile } it { is_expected.to contain_class('icingaweb2::config') } it { is_expected.to contain_class('icingaweb2::install') } - it { is_expected.to contain_class('icingaweb2::params') } - it { is_expected.to contain_class('icingaweb2::repo') } - - it { is_expected.to contain_package('icingaweb2').with({ 'ensure' => 'installed' }) } - - - case facts[:osfamily] - when 'Debian' - it { is_expected.not_to contain_apt__source('icinga-stable-release') } - when 'RedHat' - it { is_expected.not_to contain_yumrepo('icinga-stable-release') } - when 'Suse' - it { is_expected.not_to contain_zypprepo('icinga-stable-release') } - end + it { is_expected.to contain_package('icingaweb2').with('ensure' => 'installed') } context "#{os} with manage_package => false" do - let(:params) { {:manage_package => false} } + let(:params) { { manage_package: false } } - it { is_expected.not_to contain_package('icinga2').with({ 'ensure' => 'installed' }) } + it { is_expected.not_to contain_package('icinga2').with('ensure' => 'installed') } end end end end end diff --git a/spec/classes/monitoring_spec.rb b/spec/classes/monitoring_spec.rb index 7c6282a..c9f8391 100644 --- a/spec/classes/monitoring_spec.rb +++ b/spec/classes/monitoring_spec.rb @@ -1,173 +1,178 @@ require 'spec_helper' -describe('icingaweb2::module::monitoring', :type => :class) do - let(:pre_condition) { [ - "class { 'icingaweb2': }" - ] } +describe('icingaweb2::module::monitoring', type: :class) do + let(:pre_condition) do + [ + "class { 'icingaweb2': }", + ] + end on_supported_os.each do |os, facts| context "on #{os}" do let :facts do facts end case facts[:osfamily] - when 'Debian' - before(:all) do - @install_method = 'package' - @package_name = 'icingaweb2-module-monitoring' - end - else - before(:all) do - @install_method = 'none' - @package_name = nil - end + when 'Debian' + let(:install_method) { 'package' } + let(:package_name) { 'icingaweb2-module-monitoring' } + else + let(:install_method) { 'none' } + let(:package_name) { nil } end context "#{os} with ido_type 'mysql' and commandtransport 'api'" do - let(:params) { { :ido_type => 'mysql', - :ido_host => 'localhost', - :ido_db_name => 'icinga2', - :ido_db_username => 'icinga2', - :ido_db_password => 'icinga2', - :commandtransports => { - 'foo' => { - 'username' => 'root', - 'password' => 'foobar', - } - } } } - - - it { is_expected.to contain_icingaweb2__module('monitoring') - .with_install_method(@install_method) - .with_package_name(@package_name) - .with_module_dir('/usr/share/icingaweb2/modules/monitoring') - .with_settings({ - 'module-monitoring-backends'=>{ - 'section_name' => 'backends', - 'target'=>'/etc/icingaweb2/modules/monitoring/backends.ini', - 'settings'=>{ - 'type'=>'ido', - 'resource'=>'icingaweb2-module-monitoring' - } + let(:params) do + { ido_type: 'mysql', + ido_host: 'localhost', + ido_db_name: 'icinga2', + ido_db_username: 'icinga2', + ido_db_password: 'icinga2', + commandtransports: { + 'foo' => { + 'username' => 'root', + 'password' => 'foobar', + }, + } } + end + + it { + is_expected.to contain_icingaweb2__module('monitoring') + .with_install_method(install_method) + .with_package_name(package_name) + .with_module_dir('/usr/share/icingaweb2/modules/monitoring') + .with_settings('module-monitoring-backends' => { + 'section_name' => 'backends', + 'target' => '/etc/icingaweb2/modules/monitoring/backends.ini', + 'settings' => { + 'type' => 'ido', + 'resource' => 'icingaweb2-module-monitoring', }, - 'module-monitoring-security'=>{ - 'section_name' => 'security', - 'target'=>'/etc/icingaweb2/modules/monitoring/config.ini', - 'settings'=>{ - 'protected_customvars'=>'*pw*,*pass*,community' - } - } - }) } - - it { is_expected.to contain_icingaweb2__config__resource('icingaweb2-module-monitoring') - .with_type('db') - .with_db_type('mysql') - .with_host('localhost') - .with_port('3306') - .with_db_name('icinga2') - .with_db_username('icinga2') - .with_db_password('icinga2') + }, + 'module-monitoring-security' => { + 'section_name' => 'security', + 'target' => '/etc/icingaweb2/modules/monitoring/config.ini', + 'settings' => { + 'protected_customvars' => '*pw*,*pass*,community', + }, + }) } + + it { + is_expected.to contain_icingaweb2__config__resource('icingaweb2-module-monitoring') + .with_type('db') + .with_db_type('mysql') + .with_host('localhost') + .with_port('3306') + .with_db_name('icinga2') + .with_db_username('icinga2') + .with_db_password('icinga2') } - it { is_expected.to contain_icingaweb2__module__monitoring__commandtransport('foo') - .with_username('root') - .with_password('foobar') + it { + is_expected.to contain_icingaweb2__module__monitoring__commandtransport('foo') + .with_username('root') + .with_password('foobar') } end context "#{os} with ido_type 'pgsql' and commandtransport 'local'" do - let(:params) { { :ido_type => 'pgsql', - :ido_host => 'localhost', - :ido_port => 5432, - :ido_db_name => 'icinga2', - :ido_db_username => 'icinga2', - :ido_db_password => 'icinga2', - :commandtransports => { - 'foo' => { - 'transport' => 'local', - } - } } } - - it { is_expected.to contain_icingaweb2__module('monitoring') - .with_install_method(@install_method) - .with_package_name(@package_name) - .with_module_dir('/usr/share/icingaweb2/modules/monitoring') - .with_settings({ - 'module-monitoring-backends'=>{ - 'section_name' => 'backends', - 'target'=>'/etc/icingaweb2/modules/monitoring/backends.ini', - 'settings'=>{ - 'type'=>'ido', - 'resource'=>'icingaweb2-module-monitoring' - } + let(:params) do + { ido_type: 'pgsql', + ido_host: 'localhost', + ido_port: 5432, + ido_db_name: 'icinga2', + ido_db_username: 'icinga2', + ido_db_password: 'icinga2', + commandtransports: { + 'foo' => { + 'transport' => 'local', + }, + } } + end + + it do + is_expected.to contain_icingaweb2__module('monitoring') + .with_install_method(install_method) + .with_package_name(package_name) + .with_module_dir('/usr/share/icingaweb2/modules/monitoring') + .with_settings('module-monitoring-backends' => { + 'section_name' => 'backends', + 'target' => '/etc/icingaweb2/modules/monitoring/backends.ini', + 'settings' => { + 'type' => 'ido', + 'resource' => 'icingaweb2-module-monitoring', }, - 'module-monitoring-security'=>{ - 'section_name' => 'security', - 'target'=>'/etc/icingaweb2/modules/monitoring/config.ini', - 'settings'=>{ - 'protected_customvars'=>'*pw*,*pass*,community' - } - } - }) } - - it { is_expected.to contain_icingaweb2__config__resource('icingaweb2-module-monitoring') - .with_type('db') - .with_db_type('pgsql') - .with_host('localhost') - .with_port(5432) - .with_db_name('icinga2') - .with_db_username('icinga2') - .with_db_password('icinga2') + }, + 'module-monitoring-security' => { + 'section_name' => 'security', + 'target' => '/etc/icingaweb2/modules/monitoring/config.ini', + 'settings' => { + 'protected_customvars' => '*pw*,*pass*,community', + }, + }) + end + + it { + is_expected.to contain_icingaweb2__config__resource('icingaweb2-module-monitoring') + .with_type('db') + .with_db_type('pgsql') + .with_host('localhost') + .with_port(5432) + .with_db_name('icinga2') + .with_db_username('icinga2') + .with_db_password('icinga2') } if facts[:osfamily] == 'Debian' - it { is_expected.to contain_package('icingaweb2-module-monitoring').with({ 'ensure' => 'present' }) } + it { is_expected.to contain_package('icingaweb2-module-monitoring').with('ensure' => 'present') } end - it { is_expected.to contain_icingaweb2__module__monitoring__commandtransport('foo') - .with_transport('local') + it { + is_expected.to contain_icingaweb2__module__monitoring__commandtransport('foo') + .with_transport('local') } end context "#{os} with invalid ido_type" do - let(:params) { { :ido_type => 'foobar' } } + let(:params) { { ido_type: 'foobar' } } - it { is_expected.to raise_error(Puppet::Error, /expects a match for Enum\['mysql', 'pgsql'\]/) } + it { is_expected.to raise_error(Puppet::Error, %r{expects a match for Enum\['mysql', 'pgsql'\]}) } end context "#{os} with array protected_customvars" do - let(:params) { { :ido_type => 'mysql', - :ido_host => 'localhost', - :ido_db_name => 'icinga2', - :ido_db_username => 'icinga2', - :ido_db_password => 'icinga2', - :commandtransports => { - 'foo' => { - 'transport' => 'local', - } - }, - :protected_customvars => ['foo', 'bar', '*baz*'] } } - - it { is_expected.to contain_icingaweb2__module('monitoring') - .with_settings({ - 'module-monitoring-backends'=>{ - 'section_name' => 'backends', - 'target'=>'/etc/icingaweb2/modules/monitoring/backends.ini', - 'settings'=>{ - 'type'=>'ido', - 'resource'=>'icingaweb2-module-monitoring' - } + let(:params) do + { ido_type: 'mysql', + ido_host: 'localhost', + ido_db_name: 'icinga2', + ido_db_username: 'icinga2', + ido_db_password: 'icinga2', + commandtransports: { + 'foo' => { + 'transport' => 'local', + }, + }, + protected_customvars: ['foo', 'bar', '*baz*'] } + end + + it { + is_expected.to contain_icingaweb2__module('monitoring') + .with_settings('module-monitoring-backends' => { + 'section_name' => 'backends', + 'target' => '/etc/icingaweb2/modules/monitoring/backends.ini', + 'settings' => { + 'type' => 'ido', + 'resource' => 'icingaweb2-module-monitoring', + }, + }, + 'module-monitoring-security' => { + 'section_name' => 'security', + 'target' => '/etc/icingaweb2/modules/monitoring/config.ini', + 'settings' => { + 'protected_customvars' => 'foo,bar,*baz*', }, - 'module-monitoring-security'=>{ - 'section_name' => 'security', - 'target'=>'/etc/icingaweb2/modules/monitoring/config.ini', - 'settings'=>{ - 'protected_customvars'=>'foo,bar,*baz*' - } - } - }) } + }) } end end end end diff --git a/spec/classes/puppetdb_spec.rb b/spec/classes/puppetdb_spec.rb index 6025f53..df14132 100644 --- a/spec/classes/puppetdb_spec.rb +++ b/spec/classes/puppetdb_spec.rb @@ -1,198 +1,221 @@ require 'spec_helper' -describe('icingaweb2::module::puppetdb', :type => :class) do - let(:pre_condition) { [ - "class { 'icingaweb2': }" - ] } +describe('icingaweb2::module::puppetdb', type: :class) do + let(:pre_condition) do + [ + "class { 'icingaweb2': }", + ] + end on_supported_os.each do |os, facts| context "on #{os}" do let :facts do facts end - context "with ensure present, git_revision, ssl and certificates to their defaults" do - let(:params) { { :ensure => 'present', } } + context 'with ensure present, git_revision, ssl and certificates to their defaults' do + let(:params) { { ensure: 'present' } } - it { is_expected.to contain_icingaweb2__module('puppetdb') - .with_ensure('present') - .with_install_method('git') - .with_git_repository('https://github.com/Icinga/icingaweb2-module-puppetdb.git') - .with_git_revision('master') - .with_module_dir('/usr/share/icingaweb2/modules/puppetdb') - } + it { + is_expected.to contain_icingaweb2__module('puppetdb') + .with_ensure('present') + .with_install_method('git') + .with_git_repository('https://github.com/Icinga/icingaweb2-module-puppetdb.git') + .with_git_revision('master') + .with_module_dir('/usr/share/icingaweb2/modules/puppetdb') + } - it { is_expected.to contain_file('/etc/icingaweb2/modules/puppetdb/ssl') - .with_ensure('directory') - } + it { + is_expected.to contain_file('/etc/icingaweb2/modules/puppetdb/ssl') + .with_ensure('directory') + } it { is_expected.to have_icingaweb2__module__puppetdb__certificate_resource_count(0) } end - context "with ensure absent" do - let(:params) { { :ensure => 'absent', } } + context 'with ensure absent' do + let(:params) { { ensure: 'absent' } } - it { is_expected.to contain_icingaweb2__module('puppetdb') - .with_ensure('absent') - } + it { + is_expected.to contain_icingaweb2__module('puppetdb') + .with_ensure('absent') + } end - context "with ensure foo" do - let(:params) { { :ensure => 'foo' } } + context 'with ensure foo' do + let(:params) { { ensure: 'foo' } } - it { is_expected.to raise_error(Puppet::Error, /expects a match for Enum\['absent', 'present'\]/) } + it { is_expected.to raise_error(Puppet::Error, %r{expects a match for Enum\['absent', 'present'\]}) } end - context "with ensure absent" do - let(:params) { { :ensure => 'absent', } } + context 'with ensure absent' do + let(:params) { { ensure: 'absent' } } - it { is_expected.to contain_icingaweb2__module('puppetdb') - .with_ensure('absent') - } + it { + is_expected.to contain_icingaweb2__module('puppetdb') + .with_ensure('absent') + } - it { is_expected.to contain_file('/etc/icingaweb2/modules/puppetdb/ssl') - .with_ensure('directory') - } + it { + is_expected.to contain_file('/etc/icingaweb2/modules/puppetdb/ssl') + .with_ensure('directory') + } it { is_expected.not_to contain_file('/etc/icingaweb2/modules/puppetdb/ssl/puppetdb') } - end - context "with git_revision set to 123" do - let(:params) { { :git_revision => '123', } } + context 'with git_revision set to 123' do + let(:params) { { git_revision: '123' } } - it { is_expected.to contain_icingaweb2__module('puppetdb') - .with_ensure('present') - .with_git_revision('123') - } + it { + is_expected.to contain_icingaweb2__module('puppetdb') + .with_ensure('present') + .with_git_revision('123') + } end - context "with ssl set to none" do - let(:params) { { :ssl => 'none', } } + context 'with ssl set to none' do + let(:params) { { ssl: 'none' } } it { is_expected.to contain_icingaweb2__module('puppetdb') } - it { is_expected.to contain_file('/etc/icingaweb2/modules/puppetdb/ssl') - .with_ensure('directory') - } + it { + is_expected.to contain_file('/etc/icingaweb2/modules/puppetdb/ssl') + .with_ensure('directory') + } it { is_expected.not_to contain_file('/etc/icingaweb2/modules/puppetdb/ssl/puppetdb') } end - context "with ssl set to none and two certificates" do - let(:params) { { :ssl => 'none', - :certificates => { 'pupdb1' => - { 'ssl_key' => 'mysslkey1', 'ssl_cacert' => 'mycacert1'}, - 'pupdb2' => - { 'ssl_key' => 'mysslkey2', 'ssl_cacert' => 'mycacert2'}, - } - } } + context 'with ssl set to none and two certificates' do + let(:params) do + { ssl: 'none', + certificates: { 'pupdb1' => + { 'ssl_key' => 'mysslkey1', 'ssl_cacert' => 'mycacert1' }, + 'pupdb2' => + { 'ssl_key' => 'mysslkey2', 'ssl_cacert' => 'mycacert2' } } } + end it { is_expected.to contain_icingaweb2__module('puppetdb') } - it { is_expected.to contain_file('/etc/icingaweb2/modules/puppetdb/ssl') - .with_ensure('directory') - } + it { + is_expected.to contain_file('/etc/icingaweb2/modules/puppetdb/ssl') + .with_ensure('directory') + } it { is_expected.to have_icingaweb2__module__puppetdb__certificate_resource_count(2) } - it { is_expected.to contain_icingaweb2__module__puppetdb__certificate('pupdb1') - .with_ssl_key('mysslkey1') - .with_ssl_cacert('mycacert1') - } - it { is_expected.to contain_icingaweb2__module__puppetdb__certificate('pupdb2') - .with_ssl_key('mysslkey2') - .with_ssl_cacert('mycacert2') - } + it { + is_expected.to contain_icingaweb2__module__puppetdb__certificate('pupdb1') + .with_ssl_key('mysslkey1') + .with_ssl_cacert('mycacert1') + } + it { + is_expected.to contain_icingaweb2__module__puppetdb__certificate('pupdb2') + .with_ssl_key('mysslkey2') + .with_ssl_cacert('mycacert2') + } end - context "with ssl set to puppet and host to puppetdb.example.com" do - let(:params) { { :ssl => 'puppet', :host => 'puppetdb.example.com' } } - let(:facts) { facts.merge({ :fqdn => 'puppetdb' }) } + context 'with ssl set to puppet and host to puppetdb.example.com' do + let(:params) { { ssl: 'puppet', host: 'puppetdb.example.com' } } + let(:facts) { facts.merge(fqdn: 'puppetdb') } it { is_expected.to contain_icingaweb2__module('puppetdb') } - it { is_expected.to contain_file('/etc/icingaweb2/modules/puppetdb/ssl') - .with_ensure('directory') - } - it { is_expected.to contain_file('/etc/icingaweb2/modules/puppetdb/ssl/puppetdb.example.com') - .with_ensure('directory') - } - it { is_expected.to contain_file('/etc/icingaweb2/modules/puppetdb/ssl/puppetdb.example.com/private_keys') - .with_ensure('directory') - } - it { is_expected.to contain_file('/etc/icingaweb2/modules/puppetdb/ssl/puppetdb.example.com/certs') - .with_ensure('directory') - } - - it { is_expected.to contain_file('/etc/icingaweb2/modules/puppetdb/ssl/puppetdb.example.com/certs/ca.pem') - .with_ensure('present') - .with_mode('0640') - .with_source("#{Puppet.settings['ssldir']}/certs/ca.pem") - } + it { + is_expected.to contain_file('/etc/icingaweb2/modules/puppetdb/ssl') + .with_ensure('directory') + } + it { + is_expected.to contain_file('/etc/icingaweb2/modules/puppetdb/ssl/puppetdb.example.com') + .with_ensure('directory') + } + it { + is_expected.to contain_file('/etc/icingaweb2/modules/puppetdb/ssl/puppetdb.example.com/private_keys') + .with_ensure('directory') + } + it { + is_expected.to contain_file('/etc/icingaweb2/modules/puppetdb/ssl/puppetdb.example.com/certs') + .with_ensure('directory') + } + + it { + is_expected.to contain_file('/etc/icingaweb2/modules/puppetdb/ssl/puppetdb.example.com/certs/ca.pem') + .with_ensure('present') + .with_mode('0640') + .with_source("#{Puppet.settings['ssldir']}/certs/ca.pem") + } it { is_expected.to have_icingaweb2__module__puppetdb__certificate_resource_count(0) } - it { is_expected.to contain_concat('/etc/icingaweb2/modules/puppetdb/ssl/puppetdb.example.com/private_keys/puppetdb_combined.pem') - .with_ensure('present') - .with_warn('false') - .with_mode('0640') - .with_ensure_newline(true) - } - - it { is_expected.to contain_concat__fragment('private_key') - .with_target('/etc/icingaweb2/modules/puppetdb/ssl/puppetdb.example.com/private_keys/puppetdb_combined.pem') - .with_source("#{Puppet.settings['ssldir']}/private_keys/puppetdb.pem") - .with_order('1') - } - - it { is_expected.to contain_concat__fragment('public_key') - .with_target('/etc/icingaweb2/modules/puppetdb/ssl/puppetdb.example.com/private_keys/puppetdb_combined.pem') - .with_source("#{Puppet.settings['ssldir']}/certs/puppetdb.pem") - .with_order('2') - } + it { + is_expected.to contain_concat('/etc/icingaweb2/modules/puppetdb/ssl/puppetdb.example.com/private_keys/puppetdb_combined.pem') + .with_ensure('present') + .with_warn('false') + .with_mode('0640') + .with_ensure_newline(true) + } + + it { + is_expected.to contain_concat__fragment('private_key') + .with_target('/etc/icingaweb2/modules/puppetdb/ssl/puppetdb.example.com/private_keys/puppetdb_combined.pem') + .with_source("#{Puppet.settings['ssldir']}/private_keys/puppetdb.pem") + .with_order('1') + } + + it { + is_expected.to contain_concat__fragment('public_key') + .with_target('/etc/icingaweb2/modules/puppetdb/ssl/puppetdb.example.com/private_keys/puppetdb_combined.pem') + .with_source("#{Puppet.settings['ssldir']}/certs/puppetdb.pem") + .with_order('2') + } end - context "with ssl set to puppet and one extra certificate" do - let(:params) { { :ssl => 'puppet', - :host => 'puppetdb.example.com', - :certificates => { 'pupdb1' => - { 'ssl_key' => 'mysslkey1', 'ssl_cacert' => 'mycacert1'}, - }, - } } + context 'with ssl set to puppet and one extra certificate' do + let(:params) do + { ssl: 'puppet', + host: 'puppetdb.example.com', + certificates: { 'pupdb1' => + { 'ssl_key' => 'mysslkey1', 'ssl_cacert' => 'mycacert1' } } } + end - let(:facts) { facts.merge({ :fqdn => 'puppetdb' }) } + let(:facts) { facts.merge(fqdn: 'puppetdb') } it { is_expected.to contain_icingaweb2__module('puppetdb') } - it { is_expected.to contain_file('/etc/icingaweb2/modules/puppetdb/ssl') - .with_ensure('directory') - } + it { + is_expected.to contain_file('/etc/icingaweb2/modules/puppetdb/ssl') + .with_ensure('directory') + } it { is_expected.to have_icingaweb2__module__puppetdb__certificate_resource_count(1) } - it { is_expected.to contain_icingaweb2__module__puppetdb__certificate('pupdb1') - .with_ssl_key('mysslkey1') - .with_ssl_cacert('mycacert1') - } - - it { is_expected.to contain_concat('/etc/icingaweb2/modules/puppetdb/ssl/puppetdb.example.com/private_keys/puppetdb_combined.pem') - .with_ensure('present') - .with_warn('false') - .with_mode('0640') - .with_ensure_newline(true) - } - - it { is_expected.to contain_concat__fragment('private_key') - .with_target('/etc/icingaweb2/modules/puppetdb/ssl/puppetdb.example.com/private_keys/puppetdb_combined.pem') - .with_order('1') - } - - it { is_expected.to contain_concat__fragment('public_key') - .with_target('/etc/icingaweb2/modules/puppetdb/ssl/puppetdb.example.com/private_keys/puppetdb_combined.pem') - .with_order('2') - } + it { + is_expected.to contain_icingaweb2__module__puppetdb__certificate('pupdb1') + .with_ssl_key('mysslkey1') + .with_ssl_cacert('mycacert1') + } + + it { + is_expected.to contain_concat('/etc/icingaweb2/modules/puppetdb/ssl/puppetdb.example.com/private_keys/puppetdb_combined.pem') + .with_ensure('present') + .with_warn('false') + .with_mode('0640') + .with_ensure_newline(true) + } + + it { + is_expected.to contain_concat__fragment('private_key') + .with_target('/etc/icingaweb2/modules/puppetdb/ssl/puppetdb.example.com/private_keys/puppetdb_combined.pem') + .with_order('1') + } + + it { + is_expected.to contain_concat__fragment('public_key') + .with_target('/etc/icingaweb2/modules/puppetdb/ssl/puppetdb.example.com/private_keys/puppetdb_combined.pem') + .with_order('2') + } end - context "with ssl set to foo" do - let(:params) { { :ssl => 'foo' } } + context 'with ssl set to foo' do + let(:params) { { ssl: 'foo' } } - it { is_expected.to raise_error(Puppet::Error, /expects a match for Enum\['none', 'puppet'\]/) } + it { is_expected.to raise_error(Puppet::Error, %r{expects a match for Enum\['none', 'puppet'\]}) } end end end end - diff --git a/spec/classes/repo_spec.rb b/spec/classes/repo_spec.rb deleted file mode 100644 index 893ac32..0000000 --- a/spec/classes/repo_spec.rb +++ /dev/null @@ -1,44 +0,0 @@ -require 'spec_helper' - -describe('icingaweb2::repo', :type => :class) do - on_supported_os.each do |os, facts| - context "on #{os}" do - let :facts do - facts - end - - context 'with manage_repo => true' do - let :pre_condition do - "class { 'icingaweb2': manage_repo => true}" - end - - case facts[:osfamily] - when 'Debian' - it { is_expected.to contain_apt__source('icinga-stable-release') } - when 'RedHat' - it { is_expected.to contain_yumrepo('icinga-stable-release') } - when 'Suse' - it { is_expected.to contain_zypprepo('icinga-stable-release') } - end - end - - context 'with manage_repo => false' do - let :pre_condition do - "class { 'icingaweb2': manage_repo => false}" - end - - case facts[:osfamily] - when 'Debian' - it { is_expected.not_to contain_apt__source('icinga-stable-release') } - it { is_expected.not_to contain_zypprepo('icinga-stable-release') } - when 'RedHat' - it { is_expected.not_to contain_yumrepo('icinga-stable-release') } - it { is_expected.not_to contain_zypprepo('icinga-stable-release') } - when 'Suse' - it { is_expected.not_to contain_yumrepo('icinga-stable-release') } - it { is_expected.not_to contain_apt__source('icinga-stable-release') } - end - end - end - end -end diff --git a/spec/classes/translation_spec.rb b/spec/classes/translation_spec.rb index 3cd26a3..f9b8256 100644 --- a/spec/classes/translation_spec.rb +++ b/spec/classes/translation_spec.rb @@ -1,68 +1,67 @@ require 'spec_helper' -describe('icingaweb2::module::translation', :type => :class) do - let(:pre_condition) { [ - "class { 'icingaweb2': }" - ] } +describe('icingaweb2::module::translation', type: :class) do + let(:pre_condition) do + [ + "class { 'icingaweb2': }", + ] + end on_supported_os.each do |os, facts| context "on #{os}" do let :facts do facts end - context "with ensure present" do - let(:params) { { :ensure => 'present', } } + context 'with ensure present' do + let(:params) { { ensure: 'present' } } - it { is_expected.to contain_icingaweb2__module('translation') - .with_ensure('present') - .with_install_method('none') - .with_module_dir('/usr/share/icingaweb2/modules/translation') - .with_settings({ 'module-translation'=>{ - 'section_name' => 'translation', - 'target'=>'/etc/icingaweb2/modules/translation/config.ini', - 'settings'=>{ - 'msgmerge' => '/usr/bin/msgmerge', - 'xgettext' => '/usr/bin/xgettext', - 'msgfmt' => '/usr/bin/msgfmt', - } - } - }) } + it { + is_expected.to contain_icingaweb2__module('translation') + .with_ensure('present') + .with_install_method('none') + .with_module_dir('/usr/share/icingaweb2/modules/translation') + .with_settings('module-translation' => { + 'section_name' => 'translation', + 'target' => '/etc/icingaweb2/modules/translation/config.ini', + 'settings' => { + 'msgmerge' => '/usr/bin/msgmerge', + 'xgettext' => '/usr/bin/xgettext', + 'msgfmt' => '/usr/bin/msgfmt', + }, + }) } case facts[:osfamily] - when 'Debian' - it { is_expected.to contain_package('gettext').with({ 'ensure' => 'present' }) } - when 'RedHat' - it { is_expected.to contain_package('gettext').with({ 'ensure' => 'present' }) } - when 'Suse' - it { is_expected.to contain_package('gettext-tools').with({ 'ensure' => 'present' }) } + when 'Debian', 'RedHat' + it { is_expected.to contain_package('gettext').with('ensure' => 'present') } + when 'Suse' + it { is_expected.to contain_package('gettext-tools').with('ensure' => 'present') } end end - context "with ensure absent" do - let(:params) { { :ensure => 'absent', } } + context 'with ensure absent' do + let(:params) { { ensure: 'absent' } } - it { is_expected.to contain_icingaweb2__module('translation') - .with_ensure('absent') - .with_install_method('none') - .with_module_dir('/usr/share/icingaweb2/modules/translation') - } + it { + is_expected.to contain_icingaweb2__module('translation') + .with_ensure('absent') + .with_install_method('none') + .with_module_dir('/usr/share/icingaweb2/modules/translation') + } case facts[:osfamily] - when 'Debian' - it { is_expected.to contain_package('gettext').with({ 'ensure' => 'absent' }) } - when 'RedHat' - it { is_expected.to contain_package('gettext').with({ 'ensure' => 'absent' }) } - when 'Suse' - it { is_expected.to contain_package('gettext-tools').with({ 'ensure' => 'absent' }) } + when 'Debian', 'RedHat' + it { is_expected.to contain_package('gettext').with('ensure' => 'absent') } + when 'Suse' + it { is_expected.to contain_package('gettext-tools').with('ensure' => 'absent') } end end - context "with ensure foobar" do - let(:params) { { :ensure => 'foobar' } } + context 'with ensure foobar' do + let(:params) { { ensure: 'foobar' } } - it { is_expected.to raise_error(Puppet::Error, /expects a match for Enum\['absent', 'present'\]/) } + it { is_expected.to raise_error(Puppet::Error, %r{expects a match for Enum\['absent', 'present'\]}) } end end end end diff --git a/spec/classes/vsphere_spec.rb b/spec/classes/vsphere_spec.rb index a1fb06d..e8cd7e3 100644 --- a/spec/classes/vsphere_spec.rb +++ b/spec/classes/vsphere_spec.rb @@ -1,24 +1,27 @@ require 'spec_helper' -describe('icingaweb2::module::vsphere', :type => :class) do - let(:pre_condition) { [ - "class { 'icingaweb2': }" - ] } +describe('icingaweb2::module::vsphere', type: :class) do + let(:pre_condition) do + [ + "class { 'icingaweb2': }", + ] + end on_supported_os.each do |os, facts| context "on #{os}" do let :facts do facts end context "#{os} with git_revision 'v1.1.0'" do - let(:params) { { :git_revision => 'v1.1.0', } } + let(:params) { { git_revision: 'v1.1.0' } } - it { is_expected.to contain_icingaweb2__module('vsphere') - .with_install_method('git') - .with_git_revision('v1.1.0') + it { + is_expected.to contain_icingaweb2__module('vsphere') + .with_install_method('git') + .with_git_revision('v1.1.0') } end end end -end \ No newline at end of file +end diff --git a/spec/default_facts.yml b/spec/default_facts.yml index 62697d1..f777abf 100644 --- a/spec/default_facts.yml +++ b/spec/default_facts.yml @@ -1 +1,8 @@ -concat_basedir: "/tmp" +# Use default_module_facts.yml for module specific facts. +# +# Facts specified here will override the values provided by rspec-puppet-facts. +--- +ipaddress: "172.16.254.254" +ipaddress6: "FE80:0000:0000:0000:AAAA:AAAA:AAAA" +is_pe: false +macaddress: "AA:AA:AA:AA:AA:AA" diff --git a/spec/defines/authmethod_spec.rb b/spec/defines/authmethod_spec.rb index 0a58ab6..be116b9 100644 --- a/spec/defines/authmethod_spec.rb +++ b/spec/defines/authmethod_spec.rb @@ -1,59 +1,68 @@ require 'spec_helper' -describe('icingaweb2::config::authmethod', :type => :define) do +describe('icingaweb2::config::authmethod', type: :define) do let(:title) { 'myauthmethod' } - let(:pre_condition) { [ - "class { 'icingaweb2': }" - ] } + let(:pre_condition) do + [ + "class { 'icingaweb2': }", + ] + end on_supported_os.each do |os, facts| context "on #{os}" do let :facts do facts end context "#{os} with backend 'external'" do - let(:params) { { :backend => 'external', :order => '10' } } - - it { is_expected.to contain_icingaweb2__inisection('authmethod-myauthmethod') - .with_target('/etc/icingaweb2/authentication.ini') - .with_settings({'backend'=>'external'}) - .with_order('10')} + let(:params) { { backend: 'external', order: '10' } } + it { + is_expected.to contain_icingaweb2__inisection('authmethod-myauthmethod') + .with_target('/etc/icingaweb2/authentication.ini') + .with_settings('backend' => 'external') + .with_order('10') + } end context "#{os} with backend 'ldap'" do - let(:params) { { :backend => 'ldap', :resource => 'myresource', :ldap_user_class => 'users', :ldap_user_name_attribute => 'uid', :ldap_filter => 'foobar', :domain => 'icinga.com', :order => '10' } } + let(:params) { { backend: 'ldap', resource: 'myresource', ldap_user_class: 'users', ldap_user_name_attribute: 'uid', ldap_filter: 'foobar', domain: 'icinga.com', order: '10' } } - it { is_expected.to contain_icingaweb2__inisection('authmethod-myauthmethod') - .with_target('/etc/icingaweb2/authentication.ini') - .with_settings({'backend'=>'ldap', 'resource'=>'myresource', 'user_class'=>'users', 'user_name_attribute'=>'uid', 'filter'=>'foobar', 'domain'=>'icinga.com' }, ) - .with_order('10')} + it { + is_expected.to contain_icingaweb2__inisection('authmethod-myauthmethod') + .with_target('/etc/icingaweb2/authentication.ini') + .with_settings('backend' => 'ldap', 'resource' => 'myresource', 'user_class' => 'users', 'user_name_attribute' => 'uid', 'filter' => 'foobar', 'domain' => 'icinga.com') + .with_order('10') + } end context "#{os} with backend 'msldap'" do - let(:params) { { :backend => 'msldap', :resource => 'myresource', :order => '10' } } + let(:params) { { backend: 'msldap', resource: 'myresource', order: '10' } } - it { is_expected.to contain_icingaweb2__inisection('authmethod-myauthmethod') - .with_target('/etc/icingaweb2/authentication.ini') - .with_settings({'backend'=>'msldap', 'resource'=>'myresource'}) - .with_order('10')} + it { + is_expected.to contain_icingaweb2__inisection('authmethod-myauthmethod') + .with_target('/etc/icingaweb2/authentication.ini') + .with_settings('backend' => 'msldap', 'resource' => 'myresource') + .with_order('10') + } end context "#{os} with backend 'db'" do - let(:params) { { :backend => 'db', :resource => 'myresource', :order => '10' } } + let(:params) { { backend: 'db', resource: 'myresource', order: '10' } } - it { is_expected.to contain_icingaweb2__inisection('authmethod-myauthmethod') - .with_target('/etc/icingaweb2/authentication.ini') - .with_settings({'backend'=>'db', 'resource'=>'myresource'}) - .with_order('10')} + it { + is_expected.to contain_icingaweb2__inisection('authmethod-myauthmethod') + .with_target('/etc/icingaweb2/authentication.ini') + .with_settings('backend' => 'db', 'resource' => 'myresource') + .with_order('10') + } end context "#{os} with invalid backend" do - let(:params) { { :backend => 'foobar' } } + let(:params) { { backend: 'foobar' } } - it { is_expected.to raise_error(Puppet::Error, /expects a match for Enum\['db', 'external', 'ldap', 'msldap'\]/) } + it { is_expected.to raise_error(Puppet::Error, %r{expects a match for Enum\['db', 'external', 'ldap', 'msldap'\]}) } end end end end diff --git a/spec/defines/groupbackend_spec.rb b/spec/defines/groupbackend_spec.rb index 16cc81c..83dddc4 100644 --- a/spec/defines/groupbackend_spec.rb +++ b/spec/defines/groupbackend_spec.rb @@ -1,47 +1,80 @@ require 'spec_helper' -describe('icingaweb2::config::groupbackend', :type => :define) do +describe('icingaweb2::config::groupbackend', type: :define) do let(:title) { 'mygroupbackend' } - let(:pre_condition) { [ - "class { 'icingaweb2': }" - ] } + let(:pre_condition) do + [ + "class { 'icingaweb2': }", + ] + end on_supported_os.each do |os, facts| context "on #{os}" do let :facts do facts end context "#{os} with backend 'db'" do - let(:params) { { :backend => 'db', :resource => 'my-ldap' } } - - it { is_expected.to contain_icingaweb2__inisection('groupbackend-mygroupbackend') - .with_target('/etc/icingaweb2/groups.ini') - .with_settings({'backend'=>'db', 'resource' => 'my-ldap'})} + let(:params) { { backend: 'db', resource: 'my-ldap' } } + it { + is_expected.to contain_icingaweb2__inisection('groupbackend-mygroupbackend') + .with_target('/etc/icingaweb2/groups.ini') + .with_settings('backend' => 'db', 'resource' => 'my-ldap') + } end context "#{os} with backend 'ldap'" do - let(:params) { { :backend => 'ldap', :resource => 'my-ldap', :ldap_group_class => 'groupofnames', :ldap_group_name_attribute => 'cn', :ldap_group_member_attribute => 'member', :ldap_base_dn => 'foobar', :domain => 'icinga.com' } } + let(:params) do + { + backend: 'ldap', + resource: 'my-ldap', + ldap_group_class: 'groupofnames', + ldap_group_name_attribute: 'cn', + ldap_group_member_attribute: 'member', + ldap_base_dn: 'foobar', + domain: 'icinga.com', + } + end - it { is_expected.to contain_icingaweb2__inisection('groupbackend-mygroupbackend') - .with_target('/etc/icingaweb2/groups.ini') - .with_settings({'backend'=>'ldap', 'resource'=>'my-ldap', 'group_class'=>'groupofnames', 'group_name_attribute'=>'cn', 'group_member_attribute'=>'member', 'base_dn'=>'foobar', 'domain' => 'icinga.com'})} + it { + is_expected.to contain_icingaweb2__inisection('groupbackend-mygroupbackend') + .with_target('/etc/icingaweb2/groups.ini') + .with_settings( + 'backend' => 'ldap', + 'resource' => 'my-ldap', + 'group_class' => 'groupofnames', + 'group_name_attribute' => 'cn', + 'group_member_attribute' => 'member', + 'base_dn' => 'foobar', + 'domain' => 'icinga.com', + ) + } end context "#{os} with backend 'msldap'" do - let(:params) { { :backend => 'msldap', :resource => 'my-msldap', :ldap_user_backend => 'ad1', :ldap_nested_group_search => true, :ldap_group_filter => 'baz', :ldap_base_dn => 'foobar', :domain => 'icinga.com' } } + let(:params) { { backend: 'msldap', resource: 'my-msldap', ldap_user_backend: 'ad1', ldap_nested_group_search: true, ldap_group_filter: 'baz', ldap_base_dn: 'foobar', domain: 'icinga.com' } } - it { is_expected.to contain_icingaweb2__inisection('groupbackend-mygroupbackend') - .with_target('/etc/icingaweb2/groups.ini') - .with_settings({'backend'=>'msldap', 'resource'=>'my-msldap', 'user_backend'=>'ad1', 'nested_group_search'=>'1', 'group_filter'=>'baz', 'base_dn'=>'foobar', 'domain' => 'icinga.com' })} + it { + is_expected.to contain_icingaweb2__inisection('groupbackend-mygroupbackend') + .with_target('/etc/icingaweb2/groups.ini') + .with_settings( + 'backend' => 'msldap', + 'resource' => 'my-msldap', + 'user_backend' => 'ad1', + 'nested_group_search' => '1', + 'group_filter' => 'baz', + 'base_dn' => 'foobar', + 'domain' => 'icinga.com', + ) + } end context "#{os} with invalid backend" do - let(:params) { { :backend => 'foobar' } } + let(:params) { { backend: 'foobar' } } - it { is_expected.to raise_error(Puppet::Error, /expects a match for Enum\['db', 'ldap', 'msldap'\]/) } + it { is_expected.to raise_error(Puppet::Error, %r{expects a match for Enum\['db', 'ldap', 'msldap'\]}) } end end end end diff --git a/spec/defines/inisection_spec.rb b/spec/defines/inisection_spec.rb index eb9616b..eca7d46 100644 --- a/spec/defines/inisection_spec.rb +++ b/spec/defines/inisection_spec.rb @@ -1,27 +1,31 @@ require 'spec_helper' -describe('icingaweb2::inisection', :type => :define) do +describe('icingaweb2::inisection', type: :define) do let(:title) { 'foo' } - let(:pre_condition) { [ - "class { 'icingaweb2': }" - ] } + let(:pre_condition) do + [ + "class { 'icingaweb2': }", + ] + end on_supported_os.each do |os, facts| context "on #{os}" do let :facts do facts end context "#{os} with valid params" do - let(:params) { {:target => '/foo/bar', :section_name => 'test', :settings => {'setting1' => 'value1', 'setting2' => 'value2'} } } + let(:params) { { target: '/foo/bar', section_name: 'test', settings: { 'setting1' => 'value1', 'setting2' => 'value2' } } } it { is_expected.to contain_concat('/foo/bar') } - it { is_expected.to contain_concat__fragment('foo-test-01') - .with_target('/foo/bar') - .with_order('01') - .with_content(/\[test\]\nsetting1 = \"value1\"\nsetting2 = \"value2\"\n\n/) } + it { + is_expected.to contain_concat__fragment('foo-test-01') + .with_target('/foo/bar') + .with_order('01') + .with_content(%r{\[test\]\nsetting1 = \"value1\"\nsetting2 = \"value2\"\n\n}) + } end end end end diff --git a/spec/defines/module_spec.rb b/spec/defines/module_spec.rb index 6451009..ea63f3e 100644 --- a/spec/defines/module_spec.rb +++ b/spec/defines/module_spec.rb @@ -1,81 +1,99 @@ require 'spec_helper' -describe('icingaweb2::module', :type => :define) do +describe('icingaweb2::module', type: :define) do let(:title) { 'mymodule' } - let(:pre_condition) { [ - "class { 'icingaweb2': }" - ] } + let(:pre_condition) do + [ + "class { 'icingaweb2': }", + ] + end on_supported_os.each do |os, facts| context "on #{os}" do let :facts do facts end context "#{os} with install_method 'none'" do - let(:params) { { :module => 'foo', - :module_dir => '/usr/local/icingaweb2-modules/foo', - :install_method => 'none', - :settings => {'section1' => { 'target' => '/foo/bar', 'settings' => {'setting1' => 'value1', 'setting2' => 'value2' } } } } } + let(:params) do + { module: 'foo', + module_dir: '/usr/local/icingaweb2-modules/foo', + install_method: 'none', + settings: { 'section1' => { 'target' => '/foo/bar', 'settings' => { 'setting1' => 'value1', 'setting2' => 'value2' } } } } + end it { is_expected.to contain_file('/etc/icingaweb2/enabledModules') } it { is_expected.to contain_file('/etc/icingaweb2/enabledModules/foo') } it { is_expected.to contain_file('/etc/icingaweb2/modules') } it { is_expected.to contain_file('/etc/icingaweb2/modules/foo') } - it { is_expected.to contain_icingaweb2__inisection('section1') - .with_target('/foo/bar') - .with_settings({'setting1' => 'value1', 'setting2' => 'value2'})} + it { + is_expected.to contain_icingaweb2__inisection('section1') + .with_target('/foo/bar') + .with_settings('setting1' => 'value1', 'setting2' => 'value2') + } end context "#{os} with install_method 'git'" do - let(:params) { { :module => 'foo', - :module_dir => '/usr/local/icingaweb2-modules/foo', - :git_repository => 'https://github.com/icinga/foo.git', - :git_revision => 'master', - :settings => {'section1' => { 'target' => '/foo/bar', 'settings' => {'setting1' => 'value1', 'setting2' => 'value2' } } } } } + let(:params) do + { module: 'foo', + module_dir: '/usr/local/icingaweb2-modules/foo', + git_repository: 'https://github.com/icinga/foo.git', + git_revision: 'master', + settings: { 'section1' => { 'target' => '/foo/bar', 'settings' => { 'setting1' => 'value1', 'setting2' => 'value2' } } } } + end it { is_expected.to contain_file('/etc/icingaweb2/enabledModules') } it { is_expected.to contain_file('/etc/icingaweb2/enabledModules/foo') } it { is_expected.to contain_file('/etc/icingaweb2/modules') } it { is_expected.to contain_file('/etc/icingaweb2/modules/foo') } - it { is_expected.to contain_vcsrepo('/usr/local/icingaweb2-modules/foo') - .with_provider('git') - .with_source('https://github.com/icinga/foo.git') - .with_revision('master')} + it { + is_expected.to contain_vcsrepo('/usr/local/icingaweb2-modules/foo') + .with_provider('git') + .with_source('https://github.com/icinga/foo.git') + .with_revision('master') + } - it { is_expected.to contain_icingaweb2__inisection('section1') - .with_target('/foo/bar') - .with_settings({'setting1' => 'value1', 'setting2' => 'value2'})} + it { + is_expected.to contain_icingaweb2__inisection('section1') + .with_target('/foo/bar') + .with_settings('setting1' => 'value1', 'setting2' => 'value2') + } end context "#{os} with install_method 'package'" do - let(:params) { { :module => 'foo', - :module_dir => '/usr/local/icingaweb2-modules/foo', - :install_method => 'package', - :package_name => 'foo', - :settings => {'section1' => { 'target' => '/foo/bar', 'settings' => {'setting1' => 'value1', 'setting2' => 'value2' } } } } } + let(:params) do + { module: 'foo', + module_dir: '/usr/local/icingaweb2-modules/foo', + install_method: 'package', + package_name: 'foo', + settings: { 'section1' => { 'target' => '/foo/bar', 'settings' => { 'setting1' => 'value1', 'setting2' => 'value2' } } } } + end it { is_expected.to contain_file('/etc/icingaweb2/enabledModules') } it { is_expected.to contain_file('/etc/icingaweb2/enabledModules/foo') } it { is_expected.to contain_file('/etc/icingaweb2/modules') } it { is_expected.to contain_file('/etc/icingaweb2/modules/foo') } - it { is_expected.to contain_package('foo').with({ 'ensure' => 'present' }) } + it { is_expected.to contain_package('foo').with('ensure' => 'present') } - it { is_expected.to contain_icingaweb2__inisection('section1') - .with_target('/foo/bar') - .with_settings({'setting1' => 'value1', 'setting2' => 'value2'})} + it { + is_expected.to contain_icingaweb2__inisection('section1') + .with_target('/foo/bar') + .with_settings('setting1' => 'value1', 'setting2' => 'value2') + } end context "#{os} with invalid installation_method" do - let(:params) { { :module => 'foor', - :module_dir => '/usr/local/icingaweb2-modules/foo', - :install_method => 'foobar' } } + let(:params) do + { module: 'foor', + module_dir: '/usr/local/icingaweb2-modules/foo', + install_method: 'foobar' } + end - it { is_expected.to raise_error(Puppet::Error, /expects a match for Enum\['git', 'none', 'package'\]/) } + it { is_expected.to raise_error(Puppet::Error, %r{expects a match for Enum\['git', 'none', 'package'\]}) } end end end end diff --git a/spec/defines/resource_spec.rb b/spec/defines/resource_spec.rb index 102a9cd..557875f 100644 --- a/spec/defines/resource_spec.rb +++ b/spec/defines/resource_spec.rb @@ -1,56 +1,107 @@ require 'spec_helper' -describe('icingaweb2::config::resource', :type => :define) do +describe('icingaweb2::config::resource', type: :define) do let(:title) { 'myresource' } - let(:pre_condition) { [ - "class { 'icingaweb2': }" - ] } + let(:pre_condition) do + [ + "class { 'icingaweb2': }", + ] + end on_supported_os.each do |os, facts| context "on #{os}" do let :facts do facts end context "#{os} with type db" do - let(:params) { { - :type => 'db', - :host => 'localhost', - :port => 3306, - :db_type => 'mysql', - :db_name => 'foo', - :db_username => 'bar', - :db_password => 'secret' } } - - it { is_expected.to contain_icingaweb2__inisection('resource-myresource') - .with_target('/etc/icingaweb2/resources.ini') - .with_settings({'type'=>'db', 'db'=>'mysql', 'host'=>'localhost', 'port'=>'3306', 'dbname'=>'foo', 'username'=>'bar', 'password'=>'secret'}) } + let(:params) do + { + type: 'db', + host: 'localhost', + port: 3306, + db_type: 'mysql', + db_name: 'foo', + db_username: 'bar', + db_password: 'secret', + } + end + it { + is_expected.to contain_icingaweb2__inisection('resource-myresource') + .with_target('/etc/icingaweb2/resources.ini') + .with_settings('type' => 'db', 'db' => 'mysql', 'host' => 'localhost', 'port' => '3306', 'dbname' => 'foo', 'username' => 'bar', 'password' => 'secret') + } end context "#{os} with type ldap" do - let(:params) { { - :type => 'ldap', - :host => 'localhost', - :port => 389, - :ldap_root_dn => 'cn=foo,dc=bar', - :ldap_bind_dn => 'cn=root,dc=bar', - :ldap_bind_pw => 'secret' } } - - it { is_expected.to contain_icingaweb2__inisection('resource-myresource') - .with_target('/etc/icingaweb2/resources.ini') - .with_settings({'type'=>'ldap', 'hostname'=>'localhost', 'port'=>'389', 'root_dn'=>'cn=foo,dc=bar', 'bind_dn'=>'cn=root,dc=bar', 'bind_pw'=>'secret', 'encryption'=>'none'})} + let(:params) do + { + type: 'ldap', + host: 'localhost', + port: 389, + ldap_root_dn: 'cn=foo,dc=bar', + ldap_bind_dn: 'cn=root,dc=bar', + ldap_bind_pw: 'secret', + } + end + + it { + is_expected.to contain_icingaweb2__inisection('resource-myresource') + .with_target('/etc/icingaweb2/resources.ini') + .with_settings( + 'type' => 'ldap', + 'hostname' => 'localhost', + 'port' => '389', + 'root_dn' => 'cn=foo,dc=bar', + 'bind_dn' => 'cn=root,dc=bar', + 'bind_pw' => 'secret', + 'encryption' => 'none', + 'timeout' => '5', + ) + } + end + + context "#{os} with type ldap and changed ldap timeout" do + let(:params) do + { + type: 'ldap', + host: 'localhost', + port: 389, + ldap_root_dn: 'cn=foo,dc=bar', + ldap_bind_dn: 'cn=root,dc=bar', + ldap_bind_pw: 'secret', + ldap_timeout: 60, + } + end + it { + is_expected.to contain_icingaweb2__inisection('resource-myresource') + .with_target('/etc/icingaweb2/resources.ini') + .with_settings( + 'type' => 'ldap', + 'hostname' => 'localhost', + 'port' => '389', + 'root_dn' => 'cn=foo,dc=bar', + 'bind_dn' => 'cn=root,dc=bar', + 'bind_pw' => 'secret', + 'encryption' => 'none', + 'timeout' => '60', + ) + } end context "#{os} with invalid type" do - let(:params) { { - :type => 'foobar', - :host => 'localhost', - :port => 3306 } } + let(:params) do + { + type: 'foobar', + host: 'localhost', + port: 3306, + } + end - it { is_expected.to raise_error(Puppet::Error, /expects a match for Enum\['db', 'ldap'\]/) } + it { is_expected.to raise_error(Puppet::Error, %r{expects a match for Enum\['db', 'ldap'\]}) } end end end end diff --git a/spec/defines/role_spec.rb b/spec/defines/role_spec.rb index 5152720..6b66ba6 100644 --- a/spec/defines/role_spec.rb +++ b/spec/defines/role_spec.rb @@ -1,34 +1,38 @@ require 'spec_helper' -describe('icingaweb2::config::role', :type => :define) do +describe('icingaweb2::config::role', type: :define) do let(:title) { 'myrole' } - let(:pre_condition) { [ - "class { 'icingaweb2': }" - ] } + let(:pre_condition) do + [ + "class { 'icingaweb2': }", + ] + end on_supported_os.each do |os, facts| context "on #{os}" do let :facts do facts end context "#{os} with users => 'bob, pete' and permissions => '*'" do - let(:params) { { :users => 'bob, pete', :permissions => '*' } } - - it { is_expected.to contain_icingaweb2__inisection('role-myrole') - .with_target('/etc/icingaweb2/roles.ini') - .with_settings({'users'=>'bob, pete', 'permissions' => '*'}) } + let(:params) { { users: 'bob, pete', permissions: '*' } } + it { + is_expected.to contain_icingaweb2__inisection('role-myrole') + .with_target('/etc/icingaweb2/roles.ini') + .with_settings('users' => 'bob, pete', 'permissions' => '*') + } end context "#{os} with users => 'bob, pete', permissions => 'module/monitoring', filters => {'monitoring/filter/objects' => 'host_name=linux-*'}" do - let(:params) { { :users => 'bob, pete', :permissions => 'module/monitoring', :filters => {'monitoring/filter/objects' => 'host_name=linux-*'} } } - - it { is_expected.to contain_icingaweb2__inisection('role-myrole') - .with_target('/etc/icingaweb2/roles.ini') - .with_settings({'users'=>'bob, pete', 'permissions'=>'module/monitoring', 'monitoring/filter/objects'=>'host_name=linux-*'}) } + let(:params) { { users: 'bob, pete', permissions: 'module/monitoring', filters: { 'monitoring/filter/objects' => 'host_name=linux-*' } } } + it { + is_expected.to contain_icingaweb2__inisection('role-myrole') + .with_target('/etc/icingaweb2/roles.ini') + .with_settings('users' => 'bob, pete', 'permissions' => 'module/monitoring', 'monitoring/filter/objects' => 'host_name=linux-*') + } end end end end diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index fcb21f1..b367fde 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -1,14 +1,61 @@ +# frozen_string_literal: true + +RSpec.configure do |c| + c.mock_with :rspec +end + require 'puppetlabs_spec_helper/module_spec_helper' require 'rspec-puppet-facts' + +require 'spec_helper_local' if File.file?(File.join(File.dirname(__FILE__), 'spec_helper_local.rb')) + include RspecPuppetFacts +default_facts = { + puppetversion: Puppet.version, + facterversion: Facter.version, +} + +default_fact_files = [ + File.expand_path(File.join(File.dirname(__FILE__), 'default_facts.yml')), + File.expand_path(File.join(File.dirname(__FILE__), 'default_module_facts.yml')), +] + +default_fact_files.each do |f| + next unless File.exist?(f) && File.readable?(f) && File.size?(f) + + begin + default_facts.merge!(YAML.safe_load(File.read(f), [], [], true)) + rescue => e + RSpec.configuration.reporter.message "WARNING: Unable to load #{f}: #{e}" + end +end + +# read default_facts and merge them over what is provided by facterdb +default_facts.each do |fact, value| + add_custom_fact fact, value +end + RSpec.configure do |c| - default_facts = { - puppetversion: Puppet.version, - facterversion: Facter.version - } - default_facts.merge!(YAML.load(File.read(File.expand_path('../default_facts.yml', __FILE__)))) if File.exist?(File.expand_path('../default_facts.yml', __FILE__)) - default_facts.merge!(YAML.load(File.read(File.expand_path('../default_module_facts.yml', __FILE__)))) if File.exist?(File.expand_path('../default_module_facts.yml', __FILE__)) c.default_facts = default_facts - c.confdir = '/etc/puppet' + c.before :each do + # set to strictest setting for testing + # by default Puppet runs at warning level + Puppet.settings[:strict] = :warning + Puppet.settings[:strict_variables] = true + end + c.filter_run_excluding(bolt: true) unless ENV['GEM_BOLT'] + c.after(:suite) do + end +end + +# Ensures that a module is defined +# @param module_name Name of the module +def ensure_module_defined(module_name) + module_name.split('::').reduce(Object) do |last_module, next_module| + last_module.const_set(next_module, Module.new) unless last_module.const_defined?(next_module, false) + last_module.const_get(next_module, false) + end end + +# 'spec_overrides' from sync.yml will appear below this line diff --git a/spec/spec_helper_acceptance.rb b/spec/spec_helper_acceptance.rb index 6bca3bc..48e63b9 100644 --- a/spec/spec_helper_acceptance.rb +++ b/spec/spec_helper_acceptance.rb @@ -1,28 +1,50 @@ require 'beaker-rspec' require 'beaker/puppet_install_helper' -require 'beaker/module_install_helper' -run_puppet_install_helper +# Install Puppet on all hosts +install_puppet_agent_on(hosts, puppet_collection: 'puppet5') RSpec.configure do |c| - proj_root = File.expand_path(File.join(File.dirname(__FILE__), '..')) + module_root = File.expand_path(File.join(File.dirname(__FILE__), '..')) c.formatter = :documentation - install_module_from_forge('puppetlabs-vcsrepo', '>= 1.3.0 <= 3.0.0') - install_module_from_forge('puppetlabs-mysql', '>= 2.2.0 <= 5.0.0') - install_module_from_forge('puppetlabs-apache', '>= 1.11.0 <= 3.0.0') - install_module_from_forge('puppet-zypprepo', '>= 2.0.0 <= 3.0.0') - install_module_from_forge('puppetlabs-apt', '>= 2.0.0 <= 3.0.0') - install_module_from_forge('puppetlabs-yumrepo_core', '>= 1.0.0 <= 2.0.0') - c.before :suite do + # Install module to all hosts hosts.each do |host| - copy_module_to(host, source: proj_root, module_name: 'icingaweb2') - if fact('osfamily') == 'RedHat' - # Soft dep on epel for Passenger - install_package(host, 'epel-release') + install_dev_puppet_module_on(host, source: module_root, module_name: 'icingaweb2', + target_module_path: '/etc/puppetlabs/code/modules') + + # Install dependencies + on(host, puppet('module', 'install', 'puppetlabs-stdlib')) + on(host, puppet('module', 'install', 'puppetlabs-concat')) + on(host, puppet('module', 'install', 'puppetlabs-vcsrepo')) + + # Install additional modules + on(host, puppet('module', 'install', 'puppetlabs-mysql')) + on(host, puppet('module', 'install', 'puppetlabs-postgresql')) + on(host, puppet('module', 'install', 'puppetlabs-apache')) + on(host, puppet('module', 'install', 'puppet-php')) + + if fact('osfamily') == 'Debian' + on(host, puppet('module', 'install', 'puppetlabs-apt')) + end + + if fact('osfamily') == 'Suse' + on(host, puppet('module', 'install', 'puppet-zypprepo')) end + + # Add more setup code as needed end end end + +shared_examples 'a idempotent resource' do + it 'applies with no errors' do + apply_manifest(pp, catch_failures: true) + end + + it 'applies a second time without changes', :skip_pup_5016 do + apply_manifest(pp, catch_changes: true) + end +end diff --git a/templates/icinga-director.service.erb b/templates/icinga-director.service.erb new file mode 100644 index 0000000..915b472 --- /dev/null +++ b/templates/icinga-director.service.erb @@ -0,0 +1,21 @@ +[Unit] +Description=Icinga Director - Monitoring Configuration +Documentation=https://icinga.com/docs/director/latest/ +Wants=network.target + +[Service] +EnvironmentFile=-/etc/default/icinga-director +EnvironmentFile=-/etc/sysconfig/icinga-director +ExecStart=<%= @icingacli_bin %> director daemon run +ExecReload=/bin/kill -HUP ${MAINPID} +User=<%= @user %> +SyslogIdentifier=icingadirector +Type=notify + +NotifyAccess=main +WatchdogSec=10 +RestartSec=30 +Restart=always + +[Install] +WantedBy=multi-user.target