initial: no secrets

2026-06-20 06:12:37 +02:00 · 2024-02-12 17:01:18 +01:00
commit cf9efd55b5
186 changed files with 8697 additions and 0 deletions
@@ -0,0 +1,2 @@
+{{ event_dispatcher_user }}
+{{ event_dispatcher_pass }}
@@ -0,0 +1,14 @@
+[icingaweb2]
+backend = "db"
+resource = "icingaweb_db"
+
+[autologin]
+backend    = "external"
+
+[ldap_users]
+backend             = ldap
+resource            = ldap_auth
+group_backend       = "ldap_groups"
+user_class          = inetOrgPerson
+user_name_attribute = uid
+#filter              = "memberOf=cn=icinga,cn=groups,cn=accounts,dc=icinga,dc=org"
@@ -0,0 +1,10 @@
+[global]
+show_stacktraces = "1"
+show_application_state_messages = "1"
+config_backend = "db"
+config_resource = "icingaweb_db"
+
+[logging]
+log = "file"
+level = "INFO"
+file = "/var/log/icingaweb2.log"
@@ -0,0 +1,12 @@
+[icingaweb2]
+backend = "db"
+resource = "icingaweb_db"
+
+[ldap_groups]
+backend = "ldap"
+resource = "ldap_groups_auth"
+group_class = "groupOfNames"
+group_name_attribute = "cn"
+user_name_attribute = "uid"
+user_backend = "ldap_users"
+user_class = "inetOrgPerson"
@@ -0,0 +1,41 @@
+[icingaweb_db]
+type = "db"
+db = "pgsql"
+host = "localhost"
+port = "5432"
+dbname = "icinga_web"
+username = "icinga_web"
+password = ""
+charset = ""
+use_ssl = "0"
+
+[icinga_ido]
+type = "db"
+db = "pgsql"
+host = "localhost"
+port = "5432"
+dbname = "icinga2"
+username = "icinga2"
+password = ""
+charset = ""
+use_ssl = "0"
+
+[ldap_auth]
+type = "ldap"
+hostname = "{{ ldap_server }}"
+port = "389"
+encryption = "none"
+root_dn = "{{ ldap_user_dn }}"
+bind_dn = "{{ ldap_bind_dn }}"
+bind_pw = "{{ ldap_password }}"
+timeout = "5"
+
+[ldap_groups_auth]
+type = "ldap"
+hostname = "{{ ldap_server }}"
+port = "389"
+encryption = "none"
+root_dn = "{{ ldap_group_dn }}"
+bind_dn = "{{ ldap_bind_dn }}"
+bind_pw = "{{ ldap_password }}"
+timeout = "5"
@@ -0,0 +1,15 @@
+[Administrators]
+users = "sheppy"
+permissions = "*"
+groups = "Administrators"
+
+[icinga]
+users = "*"
+groups = "icinga"
+monitoring/filter/objects = "_service_owner=$user:local_name$"
+permissions = "module/monitoring,monitoring/*"
+
+[sheppy]
+users = "sheppy"
+monitoring/filter/objects = "*"
+permissions = "module/monitoring,monitoring/*"
@@ -0,0 +1,25 @@
+apply Notification "mail-icingaadmin" to Host {
+  import "mail-host-notification"
+
+  user_groups = host.vars.notification.mail.groups
+  users = host.vars.notification.mail.users
+
+  interval = 7d
+
+  vars.notification_logtosyslog = true
+  vars.notification_from = "Icinga <{{ smtp_service_user }}@atlantishq.de>"
+
+  assign where host.vars.notification.mail
+}
+
+apply Notification "mail-icingaadmin" to Service {
+  import "mail-service-notification"
+
+  user_groups = host.vars.notification.mail.groups
+  users = host.vars.notification.mail.users
+
+  interval = 7d
+  vars.notification_logtosyslog = true
+  vars.notification_from = "Icinga <{{ smtp_service_user }}@atlantishq.de>"
+  assign where host.vars.notification.mail
+}
@@ -0,0 +1,13 @@
+# Set username and password
+smtp_sasl_password_maps = static:{{ smtp_service_user }}:{{ smtp_service_pass }}
+smtp_sasl_security_options = noanonymous
+
+# Turn on tls encryption 
+# smtp_tls_security_level = encrypt
+header_size_limit = 4096000
+
+# Set external SMTP relay host here IP or hostname accepted along with a port number. 
+relayhost = {{ smtp_internal_host }}:25
+
+# accept email from our web-server only (adjust to match your VPC/VLAN etc)
+inet_interfaces = 127.0.0.1
@@ -0,0 +1,3 @@
+CREATE USER telegraf WITH PASSWORD {{ influxdb_telegraf_password }} WITH ALL PRIVILEGES
+CREATE DATABASE telegraf
+CREATE RETENTION POLICY "4Weeks" ON "telegraf" DURATION 4w REPLICATION 1 DEFAULT
@@ -0,0 +1,4 @@
+[[outputs.influxdb]]
+  database = "telegraf"
+  username = "telegraf"
+  password = "{{ influxdb_telegraf_password }}"
@@ -0,0 +1,2 @@
+[[inputs.syslog]]
+  server = "tcp://localhost:6514"