jonny/x86_64-centos-icinga2
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge pull request 'centos7' (#1) from centos7 into master

Browse Source 
Reviewed-on: #1
This commit is contained in:
Jonny Ervine 2020-07-21 14:43:08 +00:00
commit c1670ab9cb
9 changed files with 435 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
Dockerfile Normal file
View File

@ -0,0 +1,26 @@
FROM centos:7
MAINTAINER Jonathan Ervine <jon.ervine@gmail.com>
RUN yum update -y -x setup && yum clean all && \
yum install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm && \
rpm --import http://packages.icinga.org/icinga.key && \
curl -L http://packages.icinga.org/epel/ICINGA-release.repo > /etc/yum.repos.d/ICINGA-release.repo && \
rpm -e --nodeps iputils && \
yum install -y iputils && \
yum makecache && \
yum install -y centos-release-scl icinga2 nagios-plugins-all git icinga2-ido-mysql httpd php php-intl php-theseer-fDOMDocument php-gd php-pecl-imagick php-pdo php-ZendFramework-Db-Adapter-Pdo-Mysql supervisor && \
/usr/lib/icinga2/prepare-dirs /etc/sysconfig/icinga2 && \
usermod -a -G icingacmd apache && \
yum install -y icingaweb2 icingacli
VOLUME ["/etc/icinga2", "/etc/icingaweb2", "/var/lib/mysql", "/var/lib/icinga2"]
ADD start.sh /sbin/start.sh
ADD apache.ini /etc/supervisord.d/apache.ini
ADD icinga2.ini /etc/supervisord.d/icinga2.ini
ADD php-fm.ini /etc/supervisord.d/php-fm.ini
ADD supervisord.conf /etc/supervisord.conf
EXPOSE 80 443 5665 9001
ENTRYPOINT ["/sbin/start.sh"]

34
Jenkinsfile vendored Normal file
View File

@ -0,0 +1,34 @@
podTemplate(yaml: """
kind: Pod
spec:
containers:
- name: kaniko
image: gcr.io/kaniko-project/executor:debug-539ddefcae3fd6b411a95982a830d987f4214251
imagePullPolicy: Always
command:
- /busybox/cat
tty: true
volumeMounts:
- name: jenkins-docker-cfg
mountPath: /kaniko/.docker
volumes:
- name: jenkins-docker-cfg
projected:
sources:
- secret:
name: regcred
items:
- key: .dockerconfigjson
path: config.json
"""
) {
node(POD_LABEL) {
stage('Build with Kaniko') {
git url: 'ssh://git@git.ervine.org/jonny/x86_64-centos-icinga2.git', credentialsId: 'jenkins-to-git'
container('kaniko') {
sh '/kaniko/executor -f `pwd`/Dockerfile -c `pwd` --cache=true --destination=harbor.ervine.dev/library/x86_64/centos/icinga2:7'
}
}
}
}

2
apache.ini Normal file
View File

@ -0,0 +1,2 @@
[program:httpd]
command=/usr/sbin/httpd -DFOREGROUND

51
hosts.conf Normal file
View File

@ -0,0 +1,51 @@
/*
* Host definitions with object attributes
* used for apply rules for Service, Notification,
* Dependency and ScheduledDowntime objects.
*
* Tip: Use `icinga2 object list --type Host` to
* list all host objects after running
* configuration validation (`icinga2 daemon -C`).
*/
/*
* This is an example host based on your
* local host's FQDN. Specify the NodeName
* constant in `constants.conf` or use your
* own description, e.g. "db-host-1".
*/
object Host NodeName {
/* Import the default host template defined in `templates.conf`. */
import "generic-host"
/* Specify the address attributes for checks e.g. `ssh` or `http`. */
address = "127.0.0.1"
address6 = "::1"
/* Set custom attribute `os` for hostgroup assignment in `groups.conf`. */
vars.os = "Linux"
/* Define http vhost attributes for service apply rules in `services.conf`. */
//vars.http_vhosts["http"] = {
// http_uri = "/"
//}
/* Uncomment if you've sucessfully installed Icinga Web 2. */
vars.http_vhosts["Icinga Web 2"] = {
http_uri = "/icingaweb2"
}
/* Define disks and attributes for service apply rules in `services.conf`. */
//vars.disks["disk"] = {
/* No parameters. */
//}
vars.disks["disk /"] = {
disk_partitions = "/"
}
/* Define notification mail attributes for notification apply rules in `notifications.conf`. */
vars.notification["mail"] = {
/* The UserGroup `icingaadmins` is defined in `users.conf`. */
groups = [ "icingaadmins" ]
}
}

2
icinga2.ini Normal file
View File

@ -0,0 +1,2 @@
[program:icinga2]
command=/usr/sbin/icinga2 daemon -e /var/log/icinga2/error.log

2
php-fm.ini Normal file
View File

@ -0,0 +1,2 @@
[program:php-fm]
command=/opt/rh/rh-php71/root/usr/sbin/php-fpm --nodaemonize

115
services.conf Normal file
View File

@ -0,0 +1,115 @@
/*
* Service apply rules.
*
* The CheckCommand objects `ping4`, `ping6`, etc
* are provided by the plugin check command templates.
* Check the documentation for details.
*
* Tip: Use `icinga2 object list --type Service` to
* list all service objects after running
* configuration validation (`icinga2 daemon -C`).
*/
/*
* This is an example host based on your
* local host's FQDN. Specify the NodeName
* constant in `constants.conf` or use your
* own description, e.g. "db-host-1".
*/
/*
* These are generic `ping4` and `ping6`
* checks applied to all hosts having the
* `address` resp. `address6` attribute
* defined.
*/
apply Service "ping4" {
import "generic-service"
check_command = "ping4"
assign where host.address
}
apply Service "ping6" {
import "generic-service"
check_command = "ping6"
assign where host.address6
}
/*
* Apply the `ssh` service to all hosts
* with the `address` attribute defined and
* the custom attribute `os` set to `Linux`.
*/
apply Service "ssh" {
import "generic-service"
check_command = "ssh"
assign where (host.address || host.address6) && host.vars.os == "Linux"
ignore where host.address == "127.0.0.1" /* for upgrade safety */
}
apply Service for (http_vhost => config in host.vars.http_vhosts) {
import "generic-service"
check_command = "http"
vars += config
}
apply Service for (disk => config in host.vars.disks) {
import "generic-service"
check_command = "disk"
vars += config
}
apply Service "icinga" {
import "generic-service"
check_command = "icinga"
assign where host.name == NodeName
}
apply Service "load" {
import "generic-service"
check_command = "load"
/* Used by the ScheduledDowntime apply rule in `downtimes.conf`. */
vars.backup_downtime = "02:00-03:00"
assign where host.name == NodeName
}
apply Service "procs" {
import "generic-service"
check_command = "procs"
assign where host.name == NodeName
}
apply Service "swap" {
import "generic-service"
check_command = "swap"
assign where host.name == NodeName
}
apply Service "users" {
import "generic-service"
check_command = "users"
assign where host.name == NodeName
}

74
start.sh Executable file
View File

@ -0,0 +1,74 @@
#!/bin/bash
##
## Start up script for Icinga2 on CentOS docker container
##
## Initialise any variables being called:
# Set the correct timezone for PHP
PHP_TZ=${TZ:-UTC}
PHP_TZ_CONT=`echo $PHP_TZ | awk 'BEGIN { FS="/" } { print $1 }'`
PHP_TZ_CITY=`echo $PHP_TZ | awk 'BEGIN { FS="/" } { print $2 }'`
setup=/config/.setup
## The remaining initialisation is contained in an if condition. When the initialisation completes an empty /etc/icinga2/.setup file is created. If this exists the initialisation is skipped. By deleting this file, the initialisation can be restarted.
if [ ! -f "${setup}" ]; then
## Set up basic Icinga2 configuration/features
# Enable feature: ido-mysql
if [[ -L /etc/icinga2/features-enabled/ido-mysql.conf ]]; then
echo "Symlink for /etc/icinga2/features-enabled/ido-mysql.conf exists already...skipping"
else
ln -s /etc/icinga2/features-available/ido-mysql.conf /etc/icinga2/features-enabled/ido-mysql.conf
fi
# Enable feature: checker
if [[ -L /etc/icinga2/features-enabled/checker.conf ]]; then
echo "Symlink for /etc/icinga2/features-enabled/checker.conf exists already... skipping"
else
ln -s /etc/icinga2/features-available/checker.conf /etc/icinga2/features-enabled/checker.conf
fi
# Enable feature: mainlog
if [[ -L /etc/icinga2/features-enabled/mainlog.conf ]]; then
echo "Symlink for /etc/icinga2/features-enabled/mainlog.conf exists already... skipping"
else
ln -s /etc/icinga2/features-available/mainlog.conf /etc/icinga2/features-enabled/mainlog.conf
fi
# Enable feature: command >> /dev/null
if [[ -L /etc/icinga2/features-enabled/command.conf ]]; then
echo "Symlink for /etc/icinga2/features-enabled/command.conf exists already...skipping"
else
ln -s /etc/icinga2/features-available/command.conf /etc/icinga2/features-enabled/command.conf
fi
# Enable feature: livestatus >> /dev/null
if [[ -L /etc/icinga2/features-enabled/livestatus.conf ]]; then
echo "Symlink for /etc/icinga2/features-enabled/livestatus.conf exists already...skipping"
else
ln -s /etc/icinga2/features-available/livestatus.conf /etc/icinga2/features-enabled/livestatus.conf
fi
## Initialising the icingaweb2 configuration
# if [[ -L /etc/icingaweb2 ]]; then
# echo "Icinga2 web configuration directory already exists...skipping"
# else
# cd /usr/share/icingaweb2
# icingacli setup config directory
# icingacli setup token create
# fi
# Configure the PHP timezone correctly:
if [ "$PHP_TZ_CITY" = "" ]; then
sed -i "s/;date.timezone =/date.timezone = ${PHP_TZ_CONT}/" /etc/opt/rh/rh-php71/php.ini
else
sed -i "s/;date.timezone =/date.timezone = ${PHP_TZ_CONT}\/${PHP_TZ_CITY}/" /etc/opt/rh/rh-php71/php.ini
fi
# Mark the setup as complete
touch /config/.setup
fi
## Start up icinga2 and apache web server daemons via supervisord
/usr/bin/supervisord -n -c /etc/supervisord.conf

129
supervisord.conf Normal file
View File

@ -0,0 +1,129 @@
; Sample supervisor config file.
[unix_http_server]
file=/var/tmp/supervisor.sock ; (the path to the socket file)
chmod=0700 ; sockef file mode (default 0700)
chown=nobody:nobody ; socket file uid:gid owner
;username=user ; (default is no username (open server))
;password=123 ; (default is no password (open server))
[inet_http_server] ; inet (TCP) server disabled by default
port=*:9001 ; (ip_address:port specifier, *:port for all iface)
username=admin ; (default is no username (open server))
password=admin ; (default is no password (open server))
[supervisord]
logfile=/var/log/supervisor/supervisord.log ; (main log file;default $CWD/supervisord.log)
logfile_maxbytes=50MB ; (max main logfile bytes b4 rotation;default 50MB)
logfile_backups=10 ; (num of main logfile rotation backups;default 10)
loglevel=info ; (log level;default info; others: debug,warn,trace)
pidfile=/var/run/supervisord.pid ; (supervisord pidfile;default supervisord.pid)
nodaemon=false ; (start in foreground if true;default false)
minfds=1024 ; (min. avail startup file descriptors;default 1024)
minprocs=200 ; (min. avail process descriptors;default 200)
;umask=022 ; (process file creation umask;default 022)
;user=chrism ; (default is current user, required if root)
;identifier=supervisor ; (supervisord identifier, default is 'supervisor')
;directory=/tmp ; (default is not to cd during start)
;nocleanup=true ; (don't clean up tempfiles at start;default false)
;childlogdir=/tmp ; ('AUTO' child log dir, default $TEMP)
;environment=KEY=value ; (key value pairs to add to environment)
;strip_ansi=false ; (strip ansi escape codes in logs; def. false)
; the below section must remain in the config file for RPC
; (supervisorctl/web interface) to work, additional interfaces may be
; added by defining them in separate rpcinterface: sections
[rpcinterface:supervisor]
supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface
[supervisorctl]
serverurl=unix:///var/tmp/supervisor.sock ; use a unix:// URL for a unix socket
;serverurl=http://127.0.0.1:9001 ; use an http:// url to specify an inet socket
;username=chris ; should be same as http_username if set
;password=123 ; should be same as http_password if set
;prompt=mysupervisor ; cmd line prompt (default "supervisor")
;history_file=~/.sc_history ; use readline history if available
; The below sample program section shows all possible program subsection values,
; create one or more 'real' program: sections to be able to control them under
; supervisor.
;[program:theprogramname]
;command=/bin/cat ; the program (relative uses PATH, can take args)
;process_name=%(program_name)s ; process_name expr (default %(program_name)s)
;numprocs=1 ; number of processes copies to start (def 1)
;directory=/tmp ; directory to cwd to before exec (def no cwd)
;umask=022 ; umask for process (default None)
;priority=999 ; the relative start priority (default 999)
;autostart=true ; start at supervisord start (default: true)
;autorestart=true ; retstart at unexpected quit (default: true)
;startsecs=10 ; number of secs prog must stay running (def. 1)
;startretries=3 ; max # of serial start failures (default 3)
;exitcodes=0,2 ; 'expected' exit codes for process (default 0,2)
;stopsignal=QUIT ; signal used to kill process (default TERM)
;stopwaitsecs=10 ; max num secs to wait b4 SIGKILL (default 10)
;user=chrism ; setuid to this UNIX account to run the program
;redirect_stderr=true ; redirect proc stderr to stdout (default false)
;stdout_logfile=/a/path ; stdout log path, NONE for none; default AUTO
;stdout_logfile_maxbytes=1MB ; max # logfile bytes b4 rotation (default 50MB)
;stdout_logfile_backups=10 ; # of stdout logfile backups (default 10)
;stdout_capture_maxbytes=1MB ; number of bytes in 'capturemode' (default 0)
;stdout_events_enabled=false ; emit events on stdout writes (default false)
;stderr_logfile=/a/path ; stderr log path, NONE for none; default AUTO
;stderr_logfile_maxbytes=1MB ; max # logfile bytes b4 rotation (default 50MB)
;stderr_logfile_backups=10 ; # of stderr logfile backups (default 10)
;stderr_capture_maxbytes=1MB ; number of bytes in 'capturemode' (default 0)
;stderr_events_enabled=false ; emit events on stderr writes (default false)
;environment=A=1,B=2 ; process environment additions (def no adds)
;serverurl=AUTO ; override serverurl computation (childutils)
; The below sample eventlistener section shows all possible
; eventlistener subsection values, create one or more 'real'
; eventlistener: sections to be able to handle event notifications
; sent by supervisor.
;[eventlistener:theeventlistenername]
;command=/bin/eventlistener ; the program (relative uses PATH, can take args)
;process_name=%(program_name)s ; process_name expr (default %(program_name)s)
;numprocs=1 ; number of processes copies to start (def 1)
;events=EVENT ; event notif. types to subscribe to (req'd)
;buffer_size=10 ; event buffer queue size (default 10)
;directory=/tmp ; directory to cwd to before exec (def no cwd)
;umask=022 ; umask for process (default None)
;priority=-1 ; the relative start priority (default -1)
;autostart=true ; start at supervisord start (default: true)
;autorestart=unexpected ; restart at unexpected quit (default: unexpected)
;startsecs=10 ; number of secs prog must stay running (def. 1)
;startretries=3 ; max # of serial start failures (default 3)
;exitcodes=0,2 ; 'expected' exit codes for process (default 0,2)
;stopsignal=QUIT ; signal used to kill process (default TERM)
;stopwaitsecs=10 ; max num secs to wait b4 SIGKILL (default 10)
;user=chrism ; setuid to this UNIX account to run the program
;redirect_stderr=true ; redirect proc stderr to stdout (default false)
;stdout_logfile=/a/path ; stdout log path, NONE for none; default AUTO
;stdout_logfile_maxbytes=1MB ; max # logfile bytes b4 rotation (default 50MB)
;stdout_logfile_backups=10 ; # of stdout logfile backups (default 10)
;stdout_events_enabled=false ; emit events on stdout writes (default false)
;stderr_logfile=/a/path ; stderr log path, NONE for none; default AUTO
;stderr_logfile_maxbytes=1MB ; max # logfile bytes b4 rotation (default 50MB)
;stderr_logfile_backups ; # of stderr logfile backups (default 10)
;stderr_events_enabled=false ; emit events on stderr writes (default false)
;environment=A=1,B=2 ; process environment additions
;serverurl=AUTO ; override serverurl computation (childutils)
; The below sample group section shows all possible group values,
; create one or more 'real' group: sections to create "heterogeneous"
; process groups.
;[group:thegroupname]
;programs=progname1,progname2 ; each refers to 'x' in [program:x] definitions
;priority=999 ; the relative start priority (default 999)
; The [include] section can just contain the "files" setting. This
; setting can list multiple files (separated by whitespace or
; newlines). It can also contain wildcards. The filenames are
; interpreted as relative to this file. Included files *cannot*
; include files themselves.
[include]
files = supervisord.d/*.ini