fi
while true; do
- echo -n "Upstream Icinga instance name: "
- if ! read UPSTREAM; then
+ echo -n "Are you setting up a new master instance? [n] "
+ if ! read master; then
exit 1
fi
- if [ -n "$UPSTREAM" ]; then
+ if [ "$master" = "y" -o "$master" = "n" -o -z "$master" ]; then
break
fi
+
+ echo "Please enter 'y' or 'n'."
+ done
+
+ if [ -z "$master" ]; then
+ master=n
+ fi
+
+ upstream_name=""
+
+ if [ "$master" = "n" ]; then
+ while true; do
+ echo -n "Upstream Icinga instance name: "
+ if ! read upstream_name; then
+ exit 1
+ fi
+
+ if [ -n "$upstream_name" ]; then
+ break
+ fi
+
+ echo "Please enter an instance name."
+ done
+ fi
+
+ while true; do
+ echo -n "Do you want this agent instance to listen on a TCP port? [y] "
+ if ! read listener; then
+ exit 1
+ fi
+
+ if [ "$listener" = "y" -o "$listener" = "n" -o -z "$listener" ]; then
+ break
+ fi
+
+ echo "Please enter 'y' or 'n'."
+ done
+
+ if [ -z "$listener" ]; then
+ listener=y
+ fi
+
+ listener_port=""
+
+ if [ "$listener" = "y" ]; then
+ while true; do
+ echo -n "Which TCP port should the agent listen on? [8483] "
+ if ! read listener_port; then
+ exit 1
+ fi
+
+ break
+ done
+
+ if [ -z "$listener_port" ]; then
+ listener_port=8483
+ fi
+ fi
+
+ while true; do
+ echo -n "Do you want this agent instance to connect to the upstream instance? [y] "
+ if ! read upstream_connect; then
+ exit 1
+ fi
+
+ if [ "$upstream_connect" = "y" -o "$upstream_connect" = "n" -o -z "$upstream_connect" ]; then
+ break
+ fi
+
+ echo "Please enter 'y' or 'n'."
done
+ if [ -z "$upstream_connect" ]; then
+ upstream_connect=y
+ fi
+
+ if [ "$upstream_connect" = "y" ]; then
+ while true; do
+ echo -n "Upstream IP address/hostname: "
+ if ! read upstream_host; then
+ exit 1
+ fi
+
+ if [ -n "$upstream_host" ]; then
+ break
+ fi
+
+ echo "Please enter the upstream instance's hostname."
+ done
+
+ while true; do
+ echo -n "Upstream port: "
+ if ! read upstream_port; then
+ exit 1
+ fi
+
+ if [ -n "$upstream_port" ]; then
+ break
+ fi
+
+ echo "Please enter the upstream instance's port."
+ done
+ fi
+
echo "Installing the certificate bundle..."
- tar -C $ICINGA2CONFIG/pki/agent/ -xf "$1"
+ tar -C $ICINGA2CONFIG/pki/agent/ -zxf "$1" || exit 1
chown @ICINGA2_USER@:@ICINGA2_GROUP@ $ICINGA2CONFIG/pki/agent/* || exit 1
echo "Setting up agent configuration..."
cert_path = SysconfDir + "/icinga2/pki/agent/agent.crt"
key_path = SysconfDir + "/icinga2/pki/agent/agent.key"
ca_path = SysconfDir + "/icinga2/pki/agent/ca.crt"
+AGENT
+
+ if [ "$master" = "n" ]; then
+ cat >>$ICINGA2CONFIG/features-available/agent.conf <<AGENT
+ upstream_name = "$upstream_name"
+
+AGENT
+ fi
- upstream_name = "$UPSTREAM"
+ if [ "$listener" = "y" ]; then
+ cat >>$ICINGA2CONFIG/features-available/agent.conf <<AGENT
+ bind_port = "$listener_port"
+
+AGENT
+ fi
+
+ if [ "$upstream_connect" = "y" ]; then
+ cat >>$ICINGA2CONFIG/features-available/agent.conf <<AGENT
+ upstream_host = "$upstream_host"
+ upstream_port = "$upstream_port"
+
+AGENT
+ fi
- bind_port = 7000
+ cat >>$ICINGA2CONFIG/features-available/agent.conf <<AGENT
}
AGENT
REQ_COMMON_NAME="$name" KEY_DIR="$ICINGA2CONFIG/pki/agent" openssl req -config $ICINGA2PKIDIR/openssl-quiet.cnf -new -newkey rsa:4096 -keyform PEM -keyout $ICINGA2CONFIG/pki/agent/agent.key -outform PEM -out $ICINGA2CONFIG/pki/agent/agent.csr -nodes && \
chmod 600 $ICINGA2CONFIG/pki/agent/agent.key
-echo "Please sign the following X509 CSR using the Agent CA:"
+echo "Please sign the following CSR using the Agent CA:"
echo ""
cat $ICINGA2CONFIG/pki/agent/agent.csr
[ -f $ICINGA_CA/vars ] && source $ICINGA_CA/vars
-openssl x509 -days "$REQ_DAYS" -CA $ICINGA_CA/ca.crt -CAkey $ICINGA_CA/ca.key -req -in $ICINGA_CA/$csrfile -outform PEM -out $ICINGA_CA/$csrfile.tmp -CAserial $ICINGA_CA/serial && \
- openssl x509 -in $ICINGA_CA/$csrfile.tmp -text > $ICINGA_CA/$pubkfile.crt && \
- rm -f $ICINGA_CA/$csrfile.tmp
+openssl x509 -days "$REQ_DAYS" -CA $ICINGA_CA/ca.crt -CAkey $ICINGA_CA/ca.key -req -in $ICINGA_CA/$csrfile -outform PEM -out $ICINGA_CA/$pubkfile.crt -CAserial $ICINGA_CA/serial
# Make an agent bundle file
mkdir -p $ICINGA_CA/agent
cp $ICINGA_CA/$pubkfile.crt $ICINGA_CA/agent/agent.crt
cp $ICINGA_CA/ca.crt $ICINGA_CA/agent/ca.crt
-tar cf $ICINGA_CA/$pubkfile.bundle -C $ICINGA_CA/agent/ ca.crt agent.crt
+tar cz -C $ICINGA_CA/agent/ ca.crt agent.crt | base64 > $ICINGA_CA/$pubkfile.bundle
rm -rf $ICINGA_CA/agent
echo "Done. $pubkfile.crt and $pubkfile.bundle files were written."
projects / icinga2 / commitdiff