sheppy/no-secrets-athq-ansible
1
0
Fork 0
mirror of https://github.com/FAUSheppy/no-secrets-athq-ansible synced 2025-12-10 11:38:34 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

feat: icingaweb2 auth config

Browse Source
This commit is contained in:
Johnathen Sheppard
2023-07-07 10:37:20 +00:00
parent f7fbbe0565
commit daaf6c173a
6 changed files with 101 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
roles/monitoring-master/tasks/icinga.yaml
View File

@@ -165,3 +165,17 @@
mode: 0755 mode: 0755
notify: notify:
- restart nginx - restart nginx
- name: Copy icingaweb2-config
template:
src: "icingaweb2/{{ item }}"
dest: "/etc/icingaweb2/{{ item }}"
mode: 0660
owner: root
group: icingaweb2
with_items:
- resources.ini
- roles.ini
- config.ini
- authentication.ini
- groups.ini

14
roles/monitoring-master/templates/icingaweb2/authentication.ini Normal file
View File

@@ -0,0 +1,14 @@
[icingaweb2]
backend = "db"
resource = "icingaweb_db"
[autologin]
backend = "external"
[ldap_users]
backend = ldap
resource = ldap_auth
group_backend = "ldap_groups"
user_class = inetOrgPerson
user_name_attribute = uid
#filter = "memberOf=cn=icinga,cn=groups,cn=accounts,dc=icinga,dc=org"

10
roles/monitoring-master/templates/icingaweb2/config.ini Normal file
View File

@@ -0,0 +1,10 @@
[global]
show_stacktraces = "1"
show_application_state_messages = "1"
config_backend = "db"
config_resource = "icingaweb_db"
[logging]
log = "file"
level = "INFO"
file = "/var/log/icingaweb2.log"

12
roles/monitoring-master/templates/icingaweb2/groups.ini Normal file
View File

@@ -0,0 +1,12 @@
[icingaweb2]
backend = "db"
resource = "icingaweb_db"
[ldap_groups]
backend = "ldap"
resource = "ldap_groups_auth"
group_class = "groupOfNames"
group_name_attribute = "cn"
user_name_attribute = "uid"
user_backend = "ldap_users"
user_class = "inetOrgPerson"

41
roles/monitoring-master/templates/icingaweb2/resources.ini Normal file
View File

@@ -0,0 +1,41 @@
[icingaweb_db]
type = "db"
db = "pgsql"
host = "localhost"
port = "5432"
dbname = "icinga_web"
username = "icinga_web"
password = "HISTORY_PURGED_SECRET"
charset = ""
use_ssl = "0"
[icinga_ido]
type = "db"
db = "pgsql"
host = "localhost"
port = "5432"
dbname = "icinga2"
username = "icinga2"
password = "HISTORY_PURGED_SECRET"
charset = ""
use_ssl = "0"
[ldap_auth]
type = "ldap"
hostname = "{{ ldap_server }}"
port = "389"
encryption = "none"
root_dn = "{{ ldap_user_dn }}"
bind_dn = "{{ ldap_bind_dn }}"
bind_pw = "{{ ldap_password }}"
timeout = "5"
[ldap_groups_auth]
type = "ldap"
hostname = "{{ ldap_server }}"
port = "389"
encryption = "none"
root_dn = "{{ ldap_group_dn }}"
bind_dn = "{{ ldap_bind_dn }}"
bind_pw = "{{ ldap_password }}"
timeout = "5"

10
roles/monitoring-master/templates/icingaweb2/roles.ini Normal file
View File

@@ -0,0 +1,10 @@
[Administrators]
users = "sheppy"
permissions = "*"
groups = "Administrators"
[icinga]
users = "*"
groups = "icinga"
monitoring/filter/objects = "host_name=$user:local_name$"
permissions = "module/monitoring,monitoring/*"