From: Michael Friedrich Date: Sun, 13 Oct 2013 15:15:35 +0000 (+0200) Subject: Vagrant: Use puppet provisioning. WIP X-Git-Tag: v0.0.3~152 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=0afb0d1d419606f0f64396a3ba7043b25d733213;p=icinga2 Vagrant: Use puppet provisioning. WIP --- diff --git a/.vagrant-puppet/files/etc/httpd/conf.d/icinga2-doc.conf b/.vagrant-puppet/files/etc/httpd/conf.d/icinga2-doc.conf new file mode 100644 index 000000000..ece268944 --- /dev/null +++ b/.vagrant-puppet/files/etc/httpd/conf.d/icinga2-doc.conf @@ -0,0 +1,5 @@ +Alias /icinga2-doc "/usr/share/doc/icinga2" + +RewriteEngine On +RewriteRule ^/$ /icinga2-doc/#vagrant [NE,L,R=301] + diff --git a/.vagrant-puppet/files/etc/init.d/.gitignore b/.vagrant-puppet/files/etc/init.d/.gitignore new file mode 100644 index 000000000..e69de29bb diff --git a/.vagrant-puppet/files/etc/motd b/.vagrant-puppet/files/etc/motd new file mode 100644 index 000000000..c9a8daf65 --- /dev/null +++ b/.vagrant-puppet/files/etc/motd @@ -0,0 +1,10 @@ + ______ ___ +/\__ _\ __ /'___`\ +\/_/\ \/ ___ /\_\ ___ __ __ /\_\ /\ \ + \ \ \ /'___\/\ \ /' _ `\ /'_ `\ /'__`\ \/_/// /__ + \_\ \__/\ \__/\ \ \/\ \/\ \/\ \L\ \/\ \L\.\_ // /_\ \ + /\_____\ \____\\ \_\ \_\ \_\ \____ \ \__/.\_\ /\______/ + \/_____/\/____/ \/_/\/_/\/_/\/___L\ \/__/\/_/ \/_____/ + /\____/ + \_/__/ + diff --git a/.vagrant-puppet/files/etc/pki/rpm-gpg/RPM-GPG-KEY-ICINGA b/.vagrant-puppet/files/etc/pki/rpm-gpg/RPM-GPG-KEY-ICINGA new file mode 100644 index 000000000..4e21ab282 --- /dev/null +++ b/.vagrant-puppet/files/etc/pki/rpm-gpg/RPM-GPG-KEY-ICINGA @@ -0,0 +1,52 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: GnuPG v2.0.19 (GNU/Linux) + +mQINBFIXR/oBEAC9wCg+/FRCALSeoZFZt95K8bYMZ3wHXrvs5KcFevD3Ip1NnG47 +OS6qBXRZs9RsSurWlsAE1al0rKh8iZvy6M9lASqDxqw8DUaX+bDd8FlYrV5Ni2hH +HTe4LmJ3xSGYS5l9/HsyPA/xHDMIKZTk3IyEPVKKPn1LYIrLRu/dS2uAjdQAMa9q +FjEbLy4w9qW7KQLh3qqJGsvB6n5USISA4GQ1yRpvjXaerr9INjgW8e3TeqZMuqiu +WHLlH3zNtcuaL53wzQb11iX/NDsGizU4wDmCvpiQSKRNQTLXcFhAx04glKaFTmnw +Lhnv/f2ITDjXZGtFFYn1VZFF0bIwtQVxfqnlzxWBHMyjbgLKX7ykAwP+IrQ3pn/N +jOkIgl/Qt5ZJMQdwEFIns+o+ThgbfTdxyyC/JGDK93tumNHeL7jyFXLmJNhEA0l2 +hWYAWuB+8aaAcd2c2gYJFQIVXAJNbRfewjx0LeAYPuDLDtvSh/R8qUib3r+BjPqf +VVwKICDZSkjSEe49/nnWBtxdU1KQ8M0jwssp9BJux1GEGTnyJ+H1hiErcAJuLVbp +gv/LgUCm73JcP506tLIV9WoYtwuQP866hgBoONNHhPhKvx6RrBBNKTEO9y0nyOtd +LhvhOzLwV/7uGgAh4fyrDums2WnHgcnslILBOh+F12K7p2JsEbqU8hiBQwARAQAB +tD1JY2luZ2EgT3BlbiBTb3VyY2UgTW9uaXRvcmluZyAoQnVpbGRzZXJ2ZXIpIDxp +bmZvQGljaW5nYS5vcmc+iQI5BBMBAgAjBQJSF0f6AhsDBwsJCAcDAgEGFQgCCQoL +BBYCAwECHgECF4AACgkQDeimrGmcLfOd9A/9GKQacfGXiMZUv6jvBIX0Z/IV5B4v +p9iKoIlgGWM9/YybF1vPWGbC1eR8LAFuQLfwwa+0GSIQ2EkM85dYdQeZdeXRn1f3 +gXrxEwdqmZSGFRH4ahYrEqZ3QlwgkV71hn5YKG0XC6nqgEU5GbR2MJ7Zba8+5h2D +JYCKCpW4IUMdWVP6ii37s49GerKXlIK88DaTgFuIagdWz8H7VWgWGDvjzUhqGW7K +/+LeUElF4y0ZFMt2v1fiDOjyZhjlmV6GTKNlm9Z5p/Fl9qumG0s7pXppGAP9U/Vq +PZZcqw2jAgVMHYo8poR5zsz8ab7ma27UQ1dp3cvSMuB75p3Ad3war/JeGxBfs1co +wVrbsM/ImRY5KMjggfRAc668jP7Xn07XuBvM4jY6efJEp0QtibAi8ATLWWod774Y +K3HABdO8CFTR+lIDCs4zGL7Adx6uMmpcaF7zgrclr8uswAIoBHFVFsepM+Ulp+2r +gaKI5zgnmWiIlbLj984hSF0hZUxYYuArtbpSaabzbmE2RX1t8vKcf1nibG6CLxPG +by41d2FcWn7EvExEON430WgWMYoiNdRg4SCgllm+pkGnogzhEt7/0HZBmkgstZao +O3mbq74Z9t8xjXfp1e7rxjDePluGT8WFTVajN48KysqASo7BpbVujm7v0UHnFepV +sxeR3Y+dc/Q5CSa5Ag0EUhdH+gEQAJ6lf0Y0mdMwaZfdDOKy7bXQS45y55j4cCF+ +1kxgUse6ndQmsmPPm4sBl6z1y30sG43gsLWVybj15Tw/AQE5JoU+l0SGmeU1PHf0 +aXa92ac51Sudi4a32gOu5IhQ7FOCQ4yl5lfklRA/Y96dYgydBne/B1s4HtJR6Gyt +M0UKVlvmRpzAvkrZH6iDnXx+yWofFXHx4Ln+KXJqI94sxiAja5aX1ogriz2A/R+o +Q6WcGput79ejEOmPfyqpLST0+ztJ6CTvS7rLeSf07IPNJQMpQjF9m8wo5PgYBSX3 +WsEypr15nGUIjvv3p36N3HAPd27nPglh1oQRXzX+Cs7Yo00MYEnTmE5sM97y/r3z +mwFFQmj7WU7oTCdXXP8DUie5UeVPYIOEtXGFkkbO5U7F1guqkqv+OJ6HMsQ/T+LM +j/ikdgdsFsWnuVB5nj8TgQ0AUq4F/BBHRsX+xNDVKgose62DKp6ohYzLSeJwUDF1 +ZJoXdWLHlqbRM2SaBUW446E3p31+zFpuVbJ+RpZNWIQqEfIMgKiZKMFQGXRwTUg2 +mEYPAoqKoxbhd9VYwD9eXZWTqcNJoaAzmWHFhbV9P0UAizllQud0rTp6VolE0XIk +iCmwTr1yaohCgBNen75PVb0u6t4XiFg1vuqqiVTpXOj5uHj8AMPrv9BtlQyu2dkN +eNtOc241ABEBAAGJAh8EGAECAAkFAlIXR/oCGwwACgkQDeimrGmcLfNvLA//WT9o +gjz8WIACkGRomytEOZq2cArwbQ/tOTCyvWJ6G6szTd3pqGl39zb/mucrYH2Jt9tr +LcsgF84KjGeNlVcHkjixDTdxq2YgUbEfw0oNRzqDb04n4PB8AgRrFcL8TF1HRsks +A8NaOdFZAcQEEZNfn8aNrmn1KB23/PrrAuvsz57py2JL9cK75sxFA94wR3YmYd8n +hLtr/0zY+L5IFH9RHEKH64b3CzAjvgs5IUtriLDqmUlBjh3BY4miSZQEgmtXTozq +4aMHgkj7TkJiFSFHgELnLKOipJACL++JJq15Ck+C3GC+wphVUv5du4OVMPW7QDFu +0nkCd0HO1XAd8GrTJpWqfdWVxv0JdGO3qlyzOHEJrAwtvcazrY8YNrHpOQMdN3r+ +8TfOaxKS45E+zkwwmSW2sqb5OF059lilFxvzQaSWHqWEAAkO1e3VHiiJ/22nmg3E +2zjVUn7C6eoHOWa61keyzzw/bt9P3tRKpt3VEAKyaDOq2wPZRYnc4PLHKJ7I4V+C +hL4kQDm6lXfTmOUlok2r0zjQMKEOx7uoi3TMtzGq0zCZqv4cJebquNMmT8nyCvZ8 +oejV5UhtQIEcjvVKcVLdFrSRGzcqh4QbSfbyfu23UJuhcBbnZthSVKWaNEGp/cPH +wmZDea1TKYdka4nSxkX9Zn12w28VPTNBsplWQJ0= +=qkcX +-----END PGP PUBLIC KEY BLOCK----- diff --git a/.vagrant-puppet/files/etc/profile.d/env.sh b/.vagrant-puppet/files/etc/profile.d/env.sh new file mode 100644 index 000000000..6e41e8f2d --- /dev/null +++ b/.vagrant-puppet/files/etc/profile.d/env.sh @@ -0,0 +1 @@ +export PATH="$PATH:/usr/local/bin" diff --git a/.vagrant-puppet/files/usr/local/bin/.gitignore b/.vagrant-puppet/files/usr/local/bin/.gitignore new file mode 100644 index 000000000..e69de29bb diff --git a/.vagrant-puppet/manifests/default.pp b/.vagrant-puppet/manifests/default.pp new file mode 100644 index 000000000..259a82378 --- /dev/null +++ b/.vagrant-puppet/manifests/default.pp @@ -0,0 +1,136 @@ +include apache +include mysql +include pgsql +include epel +include icinga-rpm-snapshot + +Exec { path => '/bin:/usr/bin:/sbin:/usr/sbin' } + + +exec { 'create-mysql-icinga2-ido-db': + unless => 'mysql -uicinga -picinga icinga', + command => 'mysql -uroot -e "CREATE DATABASE icinga; \ + GRANT ALL ON icinga.* TO icinga@localhost \ + IDENTIFIED BY \'icinga\';"', + require => Service['mysqld'] +} + +#exec { 'create-pgsql-icinga2-ido-db': +# unless => 'sudo -u postgres psql -tAc "SELECT 1 FROM pg_roles WHERE rolname=\'icinga\'" | grep -q 1', +# command => 'sudo -u postgres psql -c "CREATE ROLE icinga WITH LOGIN PASSWORD \'icinga\';" && \ +# sudo -u postgres createdb -O icinga -E UTF8 icinga && \ +# sudo -u postgres createlang plpgsql icinga', +# require => Service['postgresql'] +#} + + +php::extension { ['php-mysql', 'php-pgsql']: + require => [ Class['mysql'], Class['pgsql'] ] +} + +group { 'icinga-cmd': + ensure => present +} + +user { 'icinga': + ensure => present, + groups => 'icinga-cmd', + managehome => false +} + +user { 'apache': + groups => ['icinga-cmd', 'vagrant'], + require => [ Class['apache'], Group['icinga-cmd'] ] +} + +cmmi { 'icinga-plugins': + url => 'https://www.nagios-plugins.org/download/nagios-plugins-1.5.tar.gz', + output => 'nagios-plugins-1.5.tar.gz', + flags => '--prefix=/usr/lib64/nagios/plugins \ + --with-nagios-user=icinga --with-nagios-group=icinga \ + --with-cgiurl=/icinga-mysql/cgi-bin', + creates => '/usr/lib64/nagios/plugins/libexec', + make => 'make && make install', + require => User['icinga'] +} + +file { '/etc/profile.d/env.sh': + source => 'puppet:////vagrant/.vagrant-puppet/files/etc/profile.d/env.sh' +} + + +exec { 'install nodejs': + command => 'yum -d 0 -e 0 -y --enablerepo=epel install npm', + unless => 'rpm -qa | grep ^npm', + require => Class['epel'] +} + + +# for development only, not rpms +$icinga2_dev_packages = [ 'doxygen', 'openssl-devel', + 'gcc-c++', 'libstdc++-devel', + 'automake', 'autoconf', + 'libtool', 'flex', 'bison', + 'boost-devel', 'boost-program-options', + 'boost-signals', 'boost-system', + 'boost-test', 'boost-thread' ] +package { $icinga2_dev_packages: ensure => installed } + +#package { 'nagios-plugins-all': +# ensure => installed +#} + +$icinga2_packages = [ 'icinga2', 'icinga2-doc', 'icinga2-ido-mysql', 'icinga2-classicui-config' ] +$icinga1_packages = [ 'icinga-gui' ] + +package { $icinga2_packages: + ensure => installed, + require => Class['icinga-rpm-snapshot'] +} +package { $icinga1_packages: + ensure => installed, + require => Class['icinga-rpm-snapshot'] +} + + +exec { 'iptables-allow-http': + unless => 'grep -Fxqe "-A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT" /etc/sysconfig/iptables', + command => 'iptables -I INPUT 5 -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT && iptables-save > /etc/sysconfig/iptables' +} + +file { '/etc/httpd/conf.d/icinga2-doc.conf': + source => 'puppet:////vagrant/.vagrant-puppet/files/etc/httpd/conf.d/icinga2-doc.conf', + require => [ Package['apache'], Package['icinga2-doc'] ], + notify => Service['apache'] +} + +file { '/etc/motd': + source => 'puppet:////vagrant/.vagrant-puppet/files/etc/motd', + owner => root, + group => root +} + +user { 'vagrant': + groups => 'icinga-cmd', + require => Group['icinga-cmd'] +} + +service { 'icinga2': + enable => true, + ensure => running, + require => Package['icinga2'] +} + +exec { 'Enable Icinga 2 features': + command => 'i2enfeature statusdat; \ + i2enfeature compat-log; + i2enfeature command;', + require => Package['icinga2'], +} + +file { "/etc/icinga2/features-enabled/*": + notify => Service['icinga2'] +} + + + diff --git a/.vagrant-puppet/manifests/finalize.sh b/.vagrant-puppet/manifests/finalize.sh new file mode 100644 index 000000000..58c637619 --- /dev/null +++ b/.vagrant-puppet/manifests/finalize.sh @@ -0,0 +1,3 @@ +#!/bin/bash + +echo "The Icinga 2 Vagrant VM has finished installing. See http://localhost:8080/ for more details." diff --git a/.vagrant-puppet/modules/apache/manifests/init.pp b/.vagrant-puppet/modules/apache/manifests/init.pp new file mode 100644 index 000000000..e328ff95f --- /dev/null +++ b/.vagrant-puppet/modules/apache/manifests/init.pp @@ -0,0 +1,32 @@ +# Class: apache +# +# This class installs the apache server. +# +# Parameters: +# +# Actions: +# +# Requires: +# +# Sample Usage: +# +# include apache +# +class apache { + + $apache = $::operatingsystem ? { + /(Debian|Ubuntu)/ => 'apache2', + /(RedHat|CentOS|Fedora)/ => 'httpd' + } + + package { $apache: + ensure => installed, + alias => 'apache' + } + + service { $apache: + ensure => running, + alias => 'apache', + require => Package['apache'] + } +} diff --git a/.vagrant-puppet/modules/cmmi/manifests/init.pp b/.vagrant-puppet/modules/cmmi/manifests/init.pp new file mode 100644 index 000000000..e7586a666 --- /dev/null +++ b/.vagrant-puppet/modules/cmmi/manifests/init.pp @@ -0,0 +1,79 @@ +# Define: cmmi +# +# This module downloads, extracts, builds and installs tar.gz archives using +# wget, tar and the autotools stack. Build directory is always /usr/local/src. +# +# *Note* make sure to install build essentials before running cmmi. +# +# Parameters: +# [*url*] - fetch archive via wget from this url. +# [*output*] - filename to fetch the archive into. +# [*flags*] - configure options. +# [*creates*] - target directory the software will install to. +# [*make* ] - command to make and make install the software. +# [*make_timeout* ] - timeout for the make command. +# +# Actions: +# +# Requires: +# +# Sample Usage: +# +# cmmi { 'example-software': +# url => 'http://example-software.com/download/', +# output => 'example-software.tar.gz', +# flags => '--prefix=/opt/example-software', +# creates => '/opt/example-software', +# make => 'make && make install' +# make_timeout => 600 +# } +# +define cmmi( + $url, + $output, + $flags, + $creates, + $make, + $make_timeout=300 +) { + + Exec { path => '/bin:/usr/bin' } + + $cwd = '/usr/local/src' + + include wget + + exec { "download-${name}": + cwd => $cwd, + command => "wget -q \"${url}\" -O ${output}", + creates => "${cwd}/${output}", + require => Class['wget'] + } + + $tld = inline_template('<%= File.basename(output, ".tar.gz") %>') + $src = "${cwd}/${name}/${tld}" + + exec { "extract-${name}": + cwd => $cwd, + command => "mkdir -p ${name}/${tld} && tar --no-same-owner \ + --no-same-permissions -xzf ${output} -C ${name}/${tld} \ + --strip-components 1", + creates => $src, + require => Exec["download-${name}"] + } + + exec { "configure-${name}": + cwd => $src, + command => "sh ./configure ${flags}", + creates => "${src}/Makefile", + require => Exec["extract-${name}"] + } + + exec { "make-${name}": + cwd => $src, + command => $make, + creates => $creates, + require => Exec["configure-${name}"], + timeout => $make_timeout + } +} diff --git a/.vagrant-puppet/modules/cpan/manifests/init.pp b/.vagrant-puppet/modules/cpan/manifests/init.pp new file mode 100644 index 000000000..9cbdaf8b0 --- /dev/null +++ b/.vagrant-puppet/modules/cpan/manifests/init.pp @@ -0,0 +1,49 @@ +# Define: cpan +# +# Download and install Perl modules from the Perl Archive Network, the canonical location for Perl code and modules. +# +# Parameters: +# [*creates*] - target directory the software will install to. +# [*timeout* ] - timeout for the CPAN command. +# +# Actions: +# +# Requires: +# +# Perl +# +# Sample Usage: +# +# cpan { 'perl-module': +# creates => '/usr/local/share/perl5/perl-module', +# timeout => 600 +# } +# +define cpan( + $creates, + $timeout +) { + + Exec { path => '/usr/bin' } + + package { 'perl-CPAN': + ensure => installed + } + + file { [ '/root/.cpan/', '/root/.cpan/CPAN/' ]: + ensure => directory + } + + file { '/root/.cpan/CPAN/MyConfig.pm': + content => template('cpan/MyConfig.pm.erb'), + require => [ Package['perl-CPAN'], + File[[ '/root/.cpan/', '/root/.cpan/CPAN/' ]] ] + } + + exec { "cpan-${name}": + command => "sudo perl -MCPAN -e 'install ${name}'", + creates => $creates, + require => File['/root/.cpan/CPAN/MyConfig.pm'], + timeout => $timeout + } +} diff --git a/.vagrant-puppet/modules/cpan/templates/MyConfig.pm.erb b/.vagrant-puppet/modules/cpan/templates/MyConfig.pm.erb new file mode 100644 index 000000000..da410a188 --- /dev/null +++ b/.vagrant-puppet/modules/cpan/templates/MyConfig.pm.erb @@ -0,0 +1,68 @@ +$CPAN::Config = { + 'applypatch' => q[], + 'auto_commit' => q[0], + 'build_cache' => q[100], + 'build_dir' => q[/root/.cpan/build], + 'build_dir_reuse' => q[0], + 'build_requires_install_policy' => q[ask/yes], + 'bzip2' => q[/usr/bin/bzip2], + 'cache_metadata' => q[1], + 'check_sigs' => q[0], + 'commandnumber_in_prompt' => q[1], + 'connect_to_internet_ok' => q[1], + 'cpan_home' => q[/root/.cpan], + 'curl' => q[/usr/bin/curl], + 'ftp' => q[], + 'ftp_passive' => q[1], + 'ftp_proxy' => q[], + 'getcwd' => q[cwd], + 'gpg' => q[/usr/bin/gpg], + 'gzip' => q[/bin/gzip], + 'halt_on_failure' => q[0], + 'histfile' => q[/root/.cpan/histfile], + 'histsize' => q[100], + 'http_proxy' => q[], + 'inactivity_timeout' => q[0], + 'index_expire' => q[1], + 'inhibit_startup_message' => q[0], + 'keep_source_where' => q[/root/.cpan/sources], + 'load_module_verbosity' => q[v], + 'lynx' => q[], + 'make' => q[/usr/bin/make], + 'make_arg' => q[], + 'make_install_arg' => q[], + 'make_install_make_command' => q[/usr/bin/make], + 'makepl_arg' => q[INSTALLDIRS=site], + 'mbuild_arg' => q[], + 'mbuild_install_arg' => q[], + 'mbuild_install_build_command' => q[./Build], + 'mbuildpl_arg' => q[--installdirs site], + 'ncftp' => q[], + 'ncftpget' => q[], + 'no_proxy' => q[], + 'pager' => q[/usr/bin/less], + 'patch' => q[], + 'perl5lib_verbosity' => q[v], + 'prefer_installer' => q[MB], + 'prefs_dir' => q[/root/.cpan/prefs], + 'prerequisites_policy' => q[follow], + 'scan_cache' => q[atstart], + 'shell' => q[/bin/bash], + 'show_unparsable_versions' => q[0], + 'show_upload_date' => q[0], + 'show_zero_versions' => q[0], + 'tar' => q[/bin/tar], + 'tar_verbosity' => q[v], + 'term_is_latin' => q[1], + 'term_ornaments' => q[1], + 'test_report' => q[0], + 'trust_test_report_history' => q[0], + 'unzip' => q[/usr/bin/unzip], + 'urllist' => [], + 'use_sqlite' => q[0], + 'wget' => q[/usr/bin/wget], + 'yaml_load_code' => q[0], + 'yaml_module' => q[YAML], +}; +1; +__END__ diff --git a/.vagrant-puppet/modules/epel/manifests/init.pp b/.vagrant-puppet/modules/epel/manifests/init.pp new file mode 100644 index 000000000..65e0a2603 --- /dev/null +++ b/.vagrant-puppet/modules/epel/manifests/init.pp @@ -0,0 +1,24 @@ +# Class: epel +# +# Configure EPEL repository. +# +# Parameters: +# +# Actions: +# +# Requires: +# +# Sample Usage: +# +# include epel +# +class epel { + + yumrepo { 'epel': + mirrorlist => "http://mirrors.fedoraproject.org/mirrorlist?repo=epel-6&arch=${::architecture}", + enabled => '0', + gpgcheck => '0', + descr => "Extra Packages for Enterprise Linux 6 - ${::architecture}" + } +} + diff --git a/.vagrant-puppet/modules/icinga-rpm-snapshot/manifests/init.pp b/.vagrant-puppet/modules/icinga-rpm-snapshot/manifests/init.pp new file mode 100644 index 000000000..e32e7335f --- /dev/null +++ b/.vagrant-puppet/modules/icinga-rpm-snapshot/manifests/init.pp @@ -0,0 +1,40 @@ +# Class: icinga-rpm-snapshot +# +# Configure Icinga repositories. +# +# Parameters: +# +# Actions: +# +# Requires: +# +# Sample Usage: +# +# include icinga-rpm-snapshot +# +class icinga-rpm-snapshot { + + yumrepo { 'icinga-rpm-snapshot': + mirrorlist => "http://packages.icinga.org/epel/6/snapshot/ICINGA-snapshot.repo", + # baseurl is required, otherwise mirrorlist errors by yum + baseurl => "http://packages.icinga.org/epel/6/snapshot/", + enabled => '1', + gpgcheck => '1', + gpgkey => 'file:///etc/pki/rpm-gpg/RPM-GPG-KEY-ICINGA', + descr => "Icinga Snapshot Packages for Enterprise Linux 6 - ${::architecture}" + } + + file { "/etc/pki/rpm-gpg/RPM-GPG-KEY-ICINGA": + ensure => present, + owner => 'root', + group => 'root', + mode => '0644', + source => "puppet:////vagrant/.vagrant-puppet/files/etc/pki/rpm-gpg/RPM-GPG-KEY-ICINGA" + } + + icinga-rpm-snapshot::key { "RPM-GPG-KEY-ICINGA": + path => "/etc/pki/rpm-gpg/RPM-GPG-KEY-ICINGA", + before => Yumrepo['icinga-rpm-snapshot'] + } +} + diff --git a/.vagrant-puppet/modules/icinga-rpm-snapshot/manifests/key.pp b/.vagrant-puppet/modules/icinga-rpm-snapshot/manifests/key.pp new file mode 100644 index 000000000..16a736153 --- /dev/null +++ b/.vagrant-puppet/modules/icinga-rpm-snapshot/manifests/key.pp @@ -0,0 +1,13 @@ + + +# inspired by https://github.com/stahnma/puppet-module-epel/blob/master/manifests/rpm_gpg_key.pp + +define icinga-rpm-snapshot::key($path) { + exec { "import-key-${name}": + path => '/bin:/usr/bin:/sbin:/usr/sbin', + command => "rpm --import ${path}", + unless => "rpm -q gpg-pubkey-$(echo $(gpg --throw-keyids < ${path}) | cut --characters=11-18 | tr '[A-Z]' '[a-z]')", + require => File[$path], + logoutput => 'on_failure' + } +} diff --git a/.vagrant-puppet/modules/icinga/templates/ido2db-mysql.cfg.erb b/.vagrant-puppet/modules/icinga/templates/ido2db-mysql.cfg.erb new file mode 100644 index 000000000..bd1b808b8 --- /dev/null +++ b/.vagrant-puppet/modules/icinga/templates/ido2db-mysql.cfg.erb @@ -0,0 +1,353 @@ +##################################################################### +# IDO2DB DAEMON CONFIG FILE +##################################################################### + + + +# LOCK FILE +# This is the lockfile that IDO2DB will use to store its PID number +# in when it is running in daemon mode. + +lock_file=/usr/local/icinga-mysql/var/ido2db.lock + + + +# USER/GROUP PRIVILIGES +# These options determine the user/group that the daemon should run as. +# You can specify a number (uid/gid) or a name for either option. + +ido2db_user=icinga +ido2db_group=icinga + + + +# SOCKET TYPE +# This option determines what type of socket the daemon will create +# an accept connections from. +# Value: +# unix = Unix domain socket (default) +# tcp = TCP socket + +socket_type=unix +#socket_type=tcp + + + +# SOCKET NAME +# This option determines the name and path of the UNIX domain +# socket that the daemon will create and accept connections from. +# This option is only valid if the socket type specified above +# is "unix". + +socket_name=/usr/local/icinga-mysql/var/ido.sock + + + +# SOCKET PERMISSIONS +# This option determines the permissions of the Unix domain +# socket. This option is only valid if the socket type specified +# above is "unix". Default permissions are set to 0755. + +socket_perm=0755 + + + + +# TCP PORT +# This option determines what port the daemon will listen for +# connections on. This option is only vlaid if the socket type +# specified above is "tcp". + +tcp_port=5668 + + + +# ENCRYPTION +# This option determines if the ido2db daemon will accept SSL to encrypt the +# network traffic between module and ido2db daemon. +# Both sides have to enable this feature which depends on SSL Libraries +# like openssl or kerberos +# This option is only valid if the output type +# option specified above is "tcpsocket". +# +# A value of '1' will enable this feature + +use_ssl=0 + + + +# LIBDBI DRIVER DIRECTORY !!!EXPERIMENTAL!!! +# This option is only valid when using libdbi as database abstraction layer +# (so not oracle) on compile time. By default, libdbi will figure out the +# correct path itsself. If you want to change it, enable and change the value. +# +# Default: not in use, enable and change to e.g. /usr/local/lib/dbd + +#libdbi_driver_dir=/usr/local/lib/dbd + + + +# DATABASE SERVER TYPE +# This option determines what type of DB server the daemon should +# connect to. +# Values: +# mysql = MySQL +# pgsql = PostgreSQL +# db2 = DB2 +# firebird = Firebird +# freetds = FreeTDS +# ingres = Ingres +# msql = MSSQL +# oracle = Oracle +# sqlite = SQLite +# sqlite3 = SQLite3 +# Currently supported: +# libdbi: mysql, pgsql +# ocilib: oracle + + +db_servertype=mysql + + + +# DATABASE HOST +# This option specifies what host the DB server is running on. +# Note: Oracle will ignore this setting + +db_host=localhost + + + +# DATABASE PORT +# This option specifies the port that the DB server is running on. +# Values: +# 3306 = Default MySQL port +# 5432 = Default PostgreSQL port +# 1521 = Default Oracle port +# +# Note: ocilib will ignore this, you have to modify your tnsnames.ora + +db_port=3306 + + +# DATABASE SOCKET +# Optional db_socket allows to specify a different socket location. +# This will be passed to libdbi MySQL as mysql_unix_socket, while +# PostgeSQL overrides the port, ocilib Oracle ignores this setting. +# +# Note: This setting overrules db_port, making it useless! + +#db_socket=/var/lib/mysql/mysql.sock + + + +# DATABASE NAME +# This option specifies the name of the database that should be used. +# +# Note: Oracle with ocilib requires tnsnames.ora filled with host, port +# and database information. you can use the SID then with ocilib and +# one of the following: +# //DBSERVER/SID +# SID + +db_name=icinga + + + +# DATABASE TABLE PREFIX +# Determines the prefix (if any) that should be prepended to table names. +# If you modify the table prefix, you'll need to modify the SQL script for +# creating the database! +# +# Note: Oracle will ignore this prefix since the tablename length will exceed +# 30 characters. + +db_prefix=icinga_ + + + +# DATABASE USERNAME/PASSWORD +# This is the username/password that will be used to authenticate to the DB. +# The user needs at least SELECT, INSERT, UPDATE, and DELETE privileges on +# the database. + +db_user=icinga +db_pass=icinga + + + +## TABLE TRIMMING OPTIONS +# Several database tables containing Icinga event data can become quite large +# over time. Most admins will want to trim these tables and keep only a +# certain amount of data in them. The options below are used to specify the +# age (in MINUTES) that data should be allowd to remain in various tables +# before it is deleted. Using a value of zero (0) for any value means that +# that particular table should NOT be automatically trimmed. +# +# Remember: There are no optimized settings, it depends on your rdbm install, +# number/checkinterval of host/service-checks and your desired time of data +# savings - historical vs live-data. Please keep in mind that low delete +# intervals may interfere with insert/update data from Icinga. + +# ***DEFAULT*** + +# Keep timed events for 1 hour +max_timedevents_age=60 + +# Keep system commands for 1 day +max_systemcommands_age=1440 + +# Keep service checks for 1 day +max_servicechecks_age=1440 + +# Keep host checks for 1 day +max_hostchecks_age=1440 + +# Keep event handlers for 1 week +max_eventhandlers_age=10080 + +# Keep external commands for 1 week +max_externalcommands_age=10080 + +# Keep logentries for 31 days +max_logentries_age=44640 + +# Keep acknowledgements for 31 days +max_acknowledgements_age=44640 + +# Keep notifications for 31 days +max_notifications_age=44640 + +# Keep contactnotifications for 31 days +max_contactnotifications_age=44640 + +# Keep contactnotificationmethods for 31 days +max_contactnotificationmethods_age=44640 + + +## CLEAN REALTIME TABLES AT CORE STARTUP !!!EXPERIMENTAL!!! +# If you don't want to clean all those tables, set this option to 0. +# This can be useful if the deletes slow down the normal data +# processing. +# Values: 0 - don't clean +# 1 - clean (default) + +clean_realtime_tables_on_core_startup=1 + + +## CLEAN CONFIG TABLES AT CORE STARTUP !!!EXPERIMENTAL!!! +# If you don't want to clean all those tables, set this option to 0. +# This can be useful if the deletes slow down the normal data +# processing. +# Furthermore if you need to keep e.g. the state of customvariables +# or any other tables not directly linked to the objects table. +# Values: 0 - don't clean +# 1 - clean (default) + +clean_config_tables_on_core_startup=1 + + +# ***EXPERIMENTAL*** DB TRIMMING INTERVAL +# ido2db default db trimming interval is set to 3600 SECONDS. +# Some environments will require higher or lower values. This setting is +# highly experimental!!! +# Modify at your own risk to set the interval DB trimming interval +# to an appropriate value. If left blank, it defaults to 3600 seconds. + +trim_db_interval=3600 + + +# DB TRIMMING THREAD DELAY ON STARTUP +# ido2db spawns a thread for parallel db trimming. This option can be +# modified to extend/minimize the initial wait delay at startup. +# Default is set to 300 seconds in order to allow startup routines. +# 300 seconds is also the minimum value, lower ones will be overwritten. + +housekeeping_thread_startup_delay=300 + + + +# DEBUG LEVEL +# This option determines how much (if any) debugging information will +# be written to the debug file. OR values together to log multiple +# types of information. +# Values: -1 = Everything +# 0 = Nothing +# 1 = Process info +# 2 = SQL queries + +debug_level=0 + + + +# DEBUG VERBOSITY +# This option determines how verbose the debug log out will be. +# Values: 0 = Brief output +# 1 = More detailed +# 2 = Very detailed + +debug_verbosity=2 + + + +# DEBUG FILE +# This option determines where the daemon should write debugging information. + +debug_file=/usr/local/icinga-mysql/var/ido2db.debug + + + +# MAX DEBUG FILE SIZE +# This option determines the maximum size (in bytes) of the debug file. If +# the file grows larger than this size, it will be renamed with a .old +# extension. If a file already exists with a .old extension it will +# automatically be deleted. This helps ensure your disk space usage doesn't +# get out of control when debugging. + +# 100M +max_debug_file_size=100000000 + + + +# DEBUG READABLE TIMESTAMP +# This option will allow you to set a readable timestamp instead of the +# default unix timestamp. +# Values: 0 = disabled, 1 = enabled + +debug_readable_timestamp=0 + + + +# OCI ERRORS TO SYSLOG +# ido2db registers an error handler in ocilib which spits all msg +# into debug and syslog by default. Setting this option to 0, +# syslog output will be disabled, only debug log will be used (if +# appropriate debug_level is set). + +oci_errors_to_syslog=1 + + + +# ORACLE TRACE LEVEL +# This setting activates oracle session trace for each ido2db connection using trace event +# Level value must be one of the currently supported values (1,4,8,12) or 0 for off +# this requires explicit "alter session" privilege +# select rights to v$session and v$process are recommanded +# 0 - pseudo level TRACE OFF +# 1 – standard SQL trace, no wait events, or bind variables. +# 4 – Bind variables only +# 8 – Wait events only +# 12 – Bind Variables and Wait Events + +oracle_trace_level=0 + + + +# ENABLE SLA - DEPRECATED! +# This setting enables collection of SLA data in the slahistory table +# Values: 0 = disabled, 1 = enabled +# +# WARNING: This setting will be deprecated in 1.9 and not developed +# anymore, as it has never been used by any Icinga application. + +enable_sla=0 diff --git a/.vagrant-puppet/modules/icinga/templates/ido2db-pgsql.cfg.erb b/.vagrant-puppet/modules/icinga/templates/ido2db-pgsql.cfg.erb new file mode 100644 index 000000000..fcbc384d8 --- /dev/null +++ b/.vagrant-puppet/modules/icinga/templates/ido2db-pgsql.cfg.erb @@ -0,0 +1,353 @@ +##################################################################### +# IDO2DB DAEMON CONFIG FILE +##################################################################### + + + +# LOCK FILE +# This is the lockfile that IDO2DB will use to store its PID number +# in when it is running in daemon mode. + +lock_file=/usr/local/icinga-pgsql/var/ido2db.lock + + + +# USER/GROUP PRIVILIGES +# These options determine the user/group that the daemon should run as. +# You can specify a number (uid/gid) or a name for either option. + +ido2db_user=icinga +ido2db_group=icinga + + + +# SOCKET TYPE +# This option determines what type of socket the daemon will create +# an accept connections from. +# Value: +# unix = Unix domain socket (default) +# tcp = TCP socket + +socket_type=unix +#socket_type=tcp + + + +# SOCKET NAME +# This option determines the name and path of the UNIX domain +# socket that the daemon will create and accept connections from. +# This option is only valid if the socket type specified above +# is "unix". + +socket_name=/usr/local/icinga-pgsql/var/ido.sock + + + +# SOCKET PERMISSIONS +# This option determines the permissions of the Unix domain +# socket. This option is only valid if the socket type specified +# above is "unix". Default permissions are set to 0755. + +socket_perm=0755 + + + + +# TCP PORT +# This option determines what port the daemon will listen for +# connections on. This option is only vlaid if the socket type +# specified above is "tcp". + +tcp_port=5668 + + + +# ENCRYPTION +# This option determines if the ido2db daemon will accept SSL to encrypt the +# network traffic between module and ido2db daemon. +# Both sides have to enable this feature which depends on SSL Libraries +# like openssl or kerberos +# This option is only valid if the output type +# option specified above is "tcpsocket". +# +# A value of '1' will enable this feature + +use_ssl=0 + + + +# LIBDBI DRIVER DIRECTORY !!!EXPERIMENTAL!!! +# This option is only valid when using libdbi as database abstraction layer +# (so not oracle) on compile time. By default, libdbi will figure out the +# correct path itsself. If you want to change it, enable and change the value. +# +# Default: not in use, enable and change to e.g. /usr/local/lib/dbd + +#libdbi_driver_dir=/usr/local/lib/dbd + + + +# DATABASE SERVER TYPE +# This option determines what type of DB server the daemon should +# connect to. +# Values: +# mysql = MySQL +# pgsql = PostgreSQL +# db2 = DB2 +# firebird = Firebird +# freetds = FreeTDS +# ingres = Ingres +# msql = MSSQL +# oracle = Oracle +# sqlite = SQLite +# sqlite3 = SQLite3 +# Currently supported: +# libdbi: mysql, pgsql +# ocilib: oracle + + +db_servertype=pgsql + + + +# DATABASE HOST +# This option specifies what host the DB server is running on. +# Note: Oracle will ignore this setting + +db_host=127.0.0.1 + + + +# DATABASE PORT +# This option specifies the port that the DB server is running on. +# Values: +# 3306 = Default MySQL port +# 5432 = Default PostgreSQL port +# 1521 = Default Oracle port +# +# Note: ocilib will ignore this, you have to modify your tnsnames.ora + +db_port=5432 + + +# DATABASE SOCKET +# Optional db_socket allows to specify a different socket location. +# This will be passed to libdbi MySQL as mysql_unix_socket, while +# PostgeSQL overrides the port, ocilib Oracle ignores this setting. +# +# Note: This setting overrules db_port, making it useless! + +#db_socket=/var/lib/mysql/mysql.sock + + + +# DATABASE NAME +# This option specifies the name of the database that should be used. +# +# Note: Oracle with ocilib requires tnsnames.ora filled with host, port +# and database information. you can use the SID then with ocilib and +# one of the following: +# //DBSERVER/SID +# SID + +db_name=icinga + + + +# DATABASE TABLE PREFIX +# Determines the prefix (if any) that should be prepended to table names. +# If you modify the table prefix, you'll need to modify the SQL script for +# creating the database! +# +# Note: Oracle will ignore this prefix since the tablename length will exceed +# 30 characters. + +db_prefix=icinga_ + + + +# DATABASE USERNAME/PASSWORD +# This is the username/password that will be used to authenticate to the DB. +# The user needs at least SELECT, INSERT, UPDATE, and DELETE privileges on +# the database. + +db_user=icinga +db_pass=icinga + + + +## TABLE TRIMMING OPTIONS +# Several database tables containing Icinga event data can become quite large +# over time. Most admins will want to trim these tables and keep only a +# certain amount of data in them. The options below are used to specify the +# age (in MINUTES) that data should be allowd to remain in various tables +# before it is deleted. Using a value of zero (0) for any value means that +# that particular table should NOT be automatically trimmed. +# +# Remember: There are no optimized settings, it depends on your rdbm install, +# number/checkinterval of host/service-checks and your desired time of data +# savings - historical vs live-data. Please keep in mind that low delete +# intervals may interfere with insert/update data from Icinga. + +# ***DEFAULT*** + +# Keep timed events for 1 hour +max_timedevents_age=60 + +# Keep system commands for 1 day +max_systemcommands_age=1440 + +# Keep service checks for 1 day +max_servicechecks_age=1440 + +# Keep host checks for 1 day +max_hostchecks_age=1440 + +# Keep event handlers for 1 week +max_eventhandlers_age=10080 + +# Keep external commands for 1 week +max_externalcommands_age=10080 + +# Keep logentries for 31 days +max_logentries_age=44640 + +# Keep acknowledgements for 31 days +max_acknowledgements_age=44640 + +# Keep notifications for 31 days +max_notifications_age=44640 + +# Keep contactnotifications for 31 days +max_contactnotifications_age=44640 + +# Keep contactnotificationmethods for 31 days +max_contactnotificationmethods_age=44640 + + +## CLEAN REALTIME TABLES AT CORE STARTUP !!!EXPERIMENTAL!!! +# If you don't want to clean all those tables, set this option to 0. +# This can be useful if the deletes slow down the normal data +# processing. +# Values: 0 - don't clean +# 1 - clean (default) + +clean_realtime_tables_on_core_startup=1 + + +## CLEAN CONFIG TABLES AT CORE STARTUP !!!EXPERIMENTAL!!! +# If you don't want to clean all those tables, set this option to 0. +# This can be useful if the deletes slow down the normal data +# processing. +# Furthermore if you need to keep e.g. the state of customvariables +# or any other tables not directly linked to the objects table. +# Values: 0 - don't clean +# 1 - clean (default) + +clean_config_tables_on_core_startup=1 + + +# ***EXPERIMENTAL*** DB TRIMMING INTERVAL +# ido2db default db trimming interval is set to 3600 SECONDS. +# Some environments will require higher or lower values. This setting is +# highly experimental!!! +# Modify at your own risk to set the interval DB trimming interval +# to an appropriate value. If left blank, it defaults to 3600 seconds. + +trim_db_interval=3600 + + +# DB TRIMMING THREAD DELAY ON STARTUP +# ido2db spawns a thread for parallel db trimming. This option can be +# modified to extend/minimize the initial wait delay at startup. +# Default is set to 300 seconds in order to allow startup routines. +# 300 seconds is also the minimum value, lower ones will be overwritten. + +housekeeping_thread_startup_delay=300 + + + +# DEBUG LEVEL +# This option determines how much (if any) debugging information will +# be written to the debug file. OR values together to log multiple +# types of information. +# Values: -1 = Everything +# 0 = Nothing +# 1 = Process info +# 2 = SQL queries + +debug_level=0 + + + +# DEBUG VERBOSITY +# This option determines how verbose the debug log out will be. +# Values: 0 = Brief output +# 1 = More detailed +# 2 = Very detailed + +debug_verbosity=2 + + + +# DEBUG FILE +# This option determines where the daemon should write debugging information. + +debug_file=/usr/local/icinga-pgsql/var/ido2db.debug + + + +# MAX DEBUG FILE SIZE +# This option determines the maximum size (in bytes) of the debug file. If +# the file grows larger than this size, it will be renamed with a .old +# extension. If a file already exists with a .old extension it will +# automatically be deleted. This helps ensure your disk space usage doesn't +# get out of control when debugging. + +# 100M +max_debug_file_size=100000000 + + + +# DEBUG READABLE TIMESTAMP +# This option will allow you to set a readable timestamp instead of the +# default unix timestamp. +# Values: 0 = disabled, 1 = enabled + +debug_readable_timestamp=0 + + + +# OCI ERRORS TO SYSLOG +# ido2db registers an error handler in ocilib which spits all msg +# into debug and syslog by default. Setting this option to 0, +# syslog output will be disabled, only debug log will be used (if +# appropriate debug_level is set). + +oci_errors_to_syslog=1 + + + +# ORACLE TRACE LEVEL +# This setting activates oracle session trace for each ido2db connection using trace event +# Level value must be one of the currently supported values (1,4,8,12) or 0 for off +# this requires explicit "alter session" privilege +# select rights to v$session and v$process are recommanded +# 0 - pseudo level TRACE OFF +# 1 – standard SQL trace, no wait events, or bind variables. +# 4 – Bind variables only +# 8 – Wait events only +# 12 – Bind Variables and Wait Events + +oracle_trace_level=0 + + + +# ENABLE SLA - DEPRECATED! +# This setting enables collection of SLA data in the slahistory table +# Values: 0 = disabled, 1 = enabled +# +# WARNING: This setting will be deprecated in 1.9 and not developed +# anymore, as it has never been used by any Icinga application. + +enable_sla=0 diff --git a/.vagrant-puppet/modules/mysql/manifests/init.pp b/.vagrant-puppet/modules/mysql/manifests/init.pp new file mode 100644 index 000000000..f0cab3fdb --- /dev/null +++ b/.vagrant-puppet/modules/mysql/manifests/init.pp @@ -0,0 +1,36 @@ +# Class: mysql +# +# This class installs the mysql server and client software. +# +# Parameters: +# +# Actions: +# +# Requires: +# +# Sample Usage: +# +# include mysql +# +class mysql { + + Exec { path => '/usr/bin' } + + package { + 'mysql': + ensure => installed; + 'mysql-server': + ensure => installed; + } + + service { 'mysqld': + ensure => running, + require => Package['mysql-server'] + } + + file { '/etc/my.cnf': + content => template('mysql/my.cnf.erb'), + require => Package['mysql-server'], + notify => Service['mysqld'] + } +} diff --git a/.vagrant-puppet/modules/mysql/templates/my.cnf.erb b/.vagrant-puppet/modules/mysql/templates/my.cnf.erb new file mode 100644 index 000000000..d26583ee3 --- /dev/null +++ b/.vagrant-puppet/modules/mysql/templates/my.cnf.erb @@ -0,0 +1,133 @@ +[mysqld] +datadir=/var/lib/mysql +socket=/var/lib/mysql/mysql.sock +user=mysql +# Disabling symbolic-links is recommended to prevent assorted security risks +symbolic-links=0 + +# This permits the application to give the threads system a hint for the +# desired number of threads that should be run at the same time. This +# value only makes sense on systems that support the thread_concurrency() +# function call (Sun Solaris, for example). +# You should try [number of CPUs]*(2..4) for thread_concurrency +thread_concurrency = 8 + +# The number of open tables for all threads. Increasing this value +# increases the number of file descriptors that mysqld requires. +# Therefore you have to make sure to set the amount of open files +# allowed to at least thread_concurrency * table_open_cache in the variable "open-files-limit" in +# section [mysqld_safe] +table_open_cache = 256 + +# Size of the buffer used for doing full table scans. +# Allocated per thread, if a full scan is needed. +read_buffer_size = 1M + +# When reading rows in sorted order after a sort, the rows are read +# through this buffer to avoid disk seeks. You can improve ORDER BY +# performance a lot, if set this to a high value. +# Allocated per thread, when needed. +read_rnd_buffer_size = 4M + +# Sort buffer is used to perform sorts for some ORDER BY and GROUP BY +# queries. If sorted data does not fit into the sort buffer, a disk +# based merge sort is used instead - See the "Sort_merge_passes" +# status variable. Allocated per thread if sort is needed. +sort_buffer_size = 1M + +# The maximum size of a query packet the server can handle as well as +# maximum query size server can process (Important when working with +# large BLOBs). enlarged dynamically, for each connection. +max_allowed_packet = 16M + +# Query cache is used to cache SELECT results and later return them +# without actual executing the same query once again. Having the query +# cache enabled may result in significant speed improvements, if your +# have a lot of identical queries and rarely changing tables. See the +# "Qcache_lowmem_prunes" status variable to check if the current value +# is high enough for your load. +# Note: In case your tables change very often or if your queries are +# textually different every time, the query cache may result in a +# slowdown instead of a performance improvement. +query_cache_size = 16M + +# *** INNODB Specific options *** + +innodb_data_home_dir = /var/lib/mysql + +# InnoDB, unlike MyISAM, uses a buffer pool to cache both indexes and +# row data. The bigger you set this the less disk I/O is needed to +# access data in tables. On a dedicated database server you may set this +# parameter up to 80% of the machine physical memory size. Do not set it +# too large, though, because competition of the physical memory may +# cause paging in the operating system. Note that on 32bit systems you +# might be limited to 2-3.5G of user level memory per process, so do not +# set it too high. +innodb_buffer_pool_size = 256M + +# InnoDB stores data in one or more data files forming the tablespace. +# If you have a single logical drive for your data, a single +# autoextending file would be good enough. In other cases, a single file +# per device is often a good choice. You can configure InnoDB to use raw +# disk partitions as well - please refer to the manual for more info +# about this. +innodb_data_file_path = ibdata1:10M:autoextend + +# If set to 1, InnoDB will flush (fsync) the transaction logs to the +# disk at each commit, which offers full ACID behavior. If you are +# willing to compromise this safety, and you are running small +# transactions, you may set this to 0 or 2 to reduce disk I/O to the +# logs. Value 0 means that the log is only written to the log file and +# the log file flushed to disk approximately once per second. Value 2 +# means the log is written to the log file at each commit, but the log +# file is only flushed to disk approximately once per second. +innodb_flush_log_at_trx_commit = 2 + +# The size of the buffer InnoDB uses for buffering log data. As soon as +# it is full, InnoDB will have to flush it to disk. As it is flushed +# once per second anyway, it does not make sense to have it very large +# (even with long transactions). +innodb_log_buffer_size = 8M + +# Total number of files in the log group. A value of 2-3 is usually good +# enough. +innodb_log_files_in_group = 3 + +# The flush method InnoDB will use for Log. The tablespace always uses +# doublewrite flush logic. The default value is "fdatasync", another +# option is "O_DSYNC". +innodb_flush_method = O_DIRECT + +innodb_support_xa = 0 +innodb_file_per_table +# 25 % of buffer pool size +innodb_log_file_size = 64M + +[mysqld_safe] +log-error=/var/log/mysqld.log +pid-file=/var/run/mysqld/mysqld.pid + +# Increase the amount of open files allowed per process. Warning: Make +# sure you have set the global system limit high enough! The high value +# is required for a large number of opened tables +open-files-limit = 2048 + +[mysqldump] +# Do not buffer the whole result set in memory before writing it to +# file. Required for dumping very large tables +quick +max_allowed_packet = 16M + +[mysql] +no-auto-rehash + +[myisamchk] +key_buffer_size = 128M +sort_buffer_size = 128M +read_buffer = 2M +write_buffer = 2M + +[mysqlhotcopy] +interactive-timeout + + diff --git a/.vagrant-puppet/modules/pear/manifests/init.pp b/.vagrant-puppet/modules/pear/manifests/init.pp new file mode 100644 index 000000000..0c748f2bc --- /dev/null +++ b/.vagrant-puppet/modules/pear/manifests/init.pp @@ -0,0 +1,43 @@ +# Class: pear +# +# This class installs pear. +# +# Parameters: +# +# Actions: +# +# Requires: +# +# php +# +# Sample Usage: +# +# include pear +# +class pear { + + Exec { path => '/usr/bin:/bin' } + + include php + + package { 'php-pear': + ensure => installed, + require => Class['php'] + } + + exec { 'pear upgrade': + command => 'pear upgrade', + require => Package['php-pear'] + } + + exec { 'pear update-channels': + command => 'pear update-channels', + require => Package['php-pear'] + } + + exec { 'pear auto discover channels': + command => 'pear config-set auto_discover 1', + unless => 'pear config-get auto_discover | grep 1', + require => Package['php-pear'] + } +} diff --git a/.vagrant-puppet/modules/pear/manifests/package.pp b/.vagrant-puppet/modules/pear/manifests/package.pp new file mode 100644 index 000000000..ed004d139 --- /dev/null +++ b/.vagrant-puppet/modules/pear/manifests/package.pp @@ -0,0 +1,41 @@ +# Define: pear::package +# +# Install additional PEAR packages +# +# Parameters: +# +# Actions: +# +# Requires: +# +# pear +# +# Sample Usage: +# +# pear::package { 'phpunit': } +# +define pear::package( + $channel +) { + + Exec { path => '/usr/bin' } + + include pear + + if $::require { + $require_ = [Class['pear'], $::require] + } else { + $require_ = Class['pear'] + } + + exec { "pear install ${name}": + command => "pear install --alldeps ${channel}", + creates => "/usr/bin/${name}", + require => $require_ + } + + exec { "pear upgrade ${name}": + command => "pear upgrade ${channel}", + require => Exec["pear install ${name}"] + } +} diff --git a/.vagrant-puppet/modules/pgsql/manifests/init.pp b/.vagrant-puppet/modules/pgsql/manifests/init.pp new file mode 100644 index 000000000..36e12bb11 --- /dev/null +++ b/.vagrant-puppet/modules/pgsql/manifests/init.pp @@ -0,0 +1,43 @@ +# Class: pgsql +# +# This class installs the postgresql server and client software. +# Further it configures pg_hba.conf to trus the local icinga user. +# +# Parameters: +# +# Actions: +# +# Requires: +# +# Sample Usage: +# +# include pgsql +# +class pgsql { + + Exec { path => '/sbin:/bin:/usr/bin' } + + package { + 'postgresql': + ensure => installed; + 'postgresql-server': + ensure => installed; + } + + exec { 'initdb': + creates => '/var/lib/pgsql/data/pg_xlog', + command => 'service postgresql initdb', + require => Package['postgresql-server'] + } + + service { 'postgresql': + ensure => running, + require => [Package['postgresql-server'], Exec['initdb']] + } + + file { '/var/lib/pgsql/data/pg_hba.conf': + content => template('pgsql/pg_hba.conf.erb'), + require => [Package['postgresql-server'], Exec['initdb']], + notify => Service['postgresql'] + } +} diff --git a/.vagrant-puppet/modules/pgsql/templates/pg_hba.conf.erb b/.vagrant-puppet/modules/pgsql/templates/pg_hba.conf.erb new file mode 100644 index 000000000..f6fb19ebf --- /dev/null +++ b/.vagrant-puppet/modules/pgsql/templates/pg_hba.conf.erb @@ -0,0 +1,89 @@ +# PostgreSQL Client Authentication Configuration File +# =================================================== +# +# Refer to the "Client Authentication" section in the +# PostgreSQL documentation for a complete description +# of this file. A short synopsis follows. +# +# This file controls: which hosts are allowed to connect, how clients +# are authenticated, which PostgreSQL user names they can use, which +# databases they can access. Records take one of these forms: +# +# local DATABASE USER METHOD [OPTIONS] +# host DATABASE USER CIDR-ADDRESS METHOD [OPTIONS] +# hostssl DATABASE USER CIDR-ADDRESS METHOD [OPTIONS] +# hostnossl DATABASE USER CIDR-ADDRESS METHOD [OPTIONS] +# +# (The uppercase items must be replaced by actual values.) +# +# The first field is the connection type: "local" is a Unix-domain socket, +# "host" is either a plain or SSL-encrypted TCP/IP socket, "hostssl" is an +# SSL-encrypted TCP/IP socket, and "hostnossl" is a plain TCP/IP socket. +# +# DATABASE can be "all", "sameuser", "samerole", a database name, or +# a comma-separated list thereof. +# +# USER can be "all", a user name, a group name prefixed with "+", or +# a comma-separated list thereof. In both the DATABASE and USER fields +# you can also write a file name prefixed with "@" to include names from +# a separate file. +# +# CIDR-ADDRESS specifies the set of hosts the record matches. +# It is made up of an IP address and a CIDR mask that is an integer +# (between 0 and 32 (IPv4) or 128 (IPv6) inclusive) that specifies +# the number of significant bits in the mask. Alternatively, you can write +# an IP address and netmask in separate columns to specify the set of hosts. +# +# METHOD can be "trust", "reject", "md5", "password", "gss", "sspi", "krb5", +# "ident", "pam", "ldap" or "cert". Note that "password" sends passwords +# in clear text; "md5" is preferred since it sends encrypted passwords. +# +# OPTIONS are a set of options for the authentication in the format +# NAME=VALUE. The available options depend on the different authentication +# methods - refer to the "Client Authentication" section in the documentation +# for a list of which options are available for which authentication methods. +# +# Database and user names containing spaces, commas, quotes and other special +# characters must be quoted. Quoting one of the keywords "all", "sameuser" or +# "samerole" makes the name lose its special character, and just match a +# database or username with that name. +# +# This file is read on server startup and when the postmaster receives +# a SIGHUP signal. If you edit the file on a running system, you have +# to SIGHUP the postmaster for the changes to take effect. You can use +# "pg_ctl reload" to do that. + +# Put your actual configuration here +# ---------------------------------- +# +# If you want to allow non-local connections, you need to add more +# "host" records. In that case you will also need to make PostgreSQL listen +# on a non-local interface via the listen_addresses configuration parameter, +# or via the -i or -h command line switches. +# + + + +# TYPE DATABASE USER CIDR-ADDRESS METHOD + +# icinga +local icinga icinga trust +host icinga icinga 127.0.0.1/32 trust +host icinga icinga ::1/128 trust + +# icinga_unittest +local icinga_unittest icinga_unittest trust +host icinga_unittest icinga_unittest 127.0.0.1/32 trust +host icinga_unittest icinga_unittest ::1/128 trust + +# icingaweb +local icingaweb icingaweb trust +host icingaweb icingaweb 127.0.0.1/32 trust +host icingaweb icingaweb ::1/128 trust + +# "local" is for Unix domain socket connections only +local all all ident +# IPv4 local connections: +host all all 127.0.0.1/32 ident +# IPv6 local connections: +host all all ::1/128 ident diff --git a/.vagrant-puppet/modules/php/manifests/extension.pp b/.vagrant-puppet/modules/php/manifests/extension.pp new file mode 100644 index 000000000..23cfe6029 --- /dev/null +++ b/.vagrant-puppet/modules/php/manifests/extension.pp @@ -0,0 +1,34 @@ +# define: php::extension +# +# Install additional PHP modules. +# +# Parameters: +# +# Actions: +# +# Requires: +# +# Sample Usage: +# +# php::extension { 'php-ldap': } +# php::extension { ['php-mysql'], ['php-pgsql']: } +# +define php::extension( + $ensure=installed +) { + + include apache + include php + + if $::require { + $require_ = [Package['apache'], Class['php'], $::require] + } else { + $require_ = [Package['apache'], Class['php']] + } + + package { $name: + ensure => $ensure, + require => $require_, + notify => Service['apache'] + } +} diff --git a/.vagrant-puppet/modules/php/manifests/init.pp b/.vagrant-puppet/modules/php/manifests/init.pp new file mode 100644 index 000000000..1a8e31746 --- /dev/null +++ b/.vagrant-puppet/modules/php/manifests/init.pp @@ -0,0 +1,38 @@ +# Class: php +# +# This class installs php. +# +# Parameters: +# +# Actions: +# +# Requires: +# +# apache +# +# Sample Usage: +# +# include php +# +class php { + + include apache + + package { 'php': + ensure => installed, + require => Package['apache'], + notify => Service['apache'] + } + + file { '/etc/php.d/error_reporting.ini': + content => template('php/error_reporting.ini.erb'), + require => Package['php'], + notify => Service['apache'] + } + + file { '/etc/php.d/xdebug_settings.ini': + content => template('php/xdebug_settings.ini.erb'), + require => Package['php'], + notify => Service['apache'] + } +} diff --git a/.vagrant-puppet/modules/php/templates/error_reporting.ini.erb b/.vagrant-puppet/modules/php/templates/error_reporting.ini.erb new file mode 100644 index 000000000..d37dcd415 --- /dev/null +++ b/.vagrant-puppet/modules/php/templates/error_reporting.ini.erb @@ -0,0 +1,4 @@ +error_reporting = E_ALL | E_STRICT +display_errors = On +display_startup_errors = On +html_errors = On diff --git a/.vagrant-puppet/modules/php/templates/xdebug_settings.ini.erb b/.vagrant-puppet/modules/php/templates/xdebug_settings.ini.erb new file mode 100644 index 000000000..99ecba993 --- /dev/null +++ b/.vagrant-puppet/modules/php/templates/xdebug_settings.ini.erb @@ -0,0 +1,5 @@ +xdebug.var_display_max_children = 128 +xdebug.var_display_max_data = 1024 +xdebug.var_display_max_depth = 5 +xdebug.remote_enable = 1 +xdebug.remote_connect_back = 1 diff --git a/.vagrant-puppet/modules/wget/manifests/init.pp b/.vagrant-puppet/modules/wget/manifests/init.pp new file mode 100644 index 000000000..560e10b2f --- /dev/null +++ b/.vagrant-puppet/modules/wget/manifests/init.pp @@ -0,0 +1,20 @@ +# Class: wget +# +# This class installs wget. +# +# Parameters: +# +# Actions: +# +# Requires: +# +# Sample Usage: +# +# include wget +# +class wget { + + package { 'wget': + ensure => installed, + } +} diff --git a/Vagrantfile b/Vagrantfile index c95a76394..396832bdd 100644 --- a/Vagrantfile +++ b/Vagrantfile @@ -4,8 +4,94 @@ VAGRANTFILE_API_VERSION = "2" Vagrant.configure(VAGRANTFILE_API_VERSION) do |config| - config.vm.box = "centos64" - config.vm.box_url = "http://boxes.icinga.org/centos-64-x64-vbox4212.box" - config.vm.network :forwarded_port, guest: 80, host: 8080 - config.vm.provision :shell, :path => "tools/vagrant-bootstrap.sh" + # All Vagrant configuration is done here. The most common configuration + # options are documented and commented below. For a complete reference, + # please see the online documentation at vagrantup.com. + + # Every Vagrant virtual environment requires a box to build off of. + config.vm.box = "centos-6.4-x64-vbox" + + # The url from where the 'config.vm.box' box will be fetched if it + # doesn't already exist on the user's system. + config.vm.box_url = "http://vagrant-boxes.icinga.org/centos-64-x64-vbox4212.box" + + # Create a forwarded port mapping which allows access to a specific port + # within the machine from a port on the host machine. In the example below, + # accessing "localhost:8080" will access port 80 on the guest machine. + config.vm.network :forwarded_port, guest: 80, host: 8080, + # Port collision auto-correction must be manually enabled for each forwarded port, + # since it is often surprising when it occurs and can lead the Vagrant user to + # think that the port wasn't properly forwarded. During a vagrant up or vagrant reload, + # Vagrant will output information about any collisions detections and auto corrections made, + # so you can take notice and act accordingly. + auto_correct: true + + # Create a private network, which allows host-only access to the machine + # using a specific IP. + # config.vm.network :private_network, ip: "192.168.33.10" + + # Create a public network, which generally matched to bridged network. + # Bridged networks make the machine appear as another physical device on + # your network. + # config.vm.network :public_network + + # If true, then any SSH connections made will enable agent forwarding. + # Default value: false + # config.ssh.forward_agent = true + + # Share an additional folder to the guest VM. The first argument is + # the path on the host to the actual folder. The second argument is + # the path on the guest to mount the folder. And the optional third + # argument is a set of non-required options. + # config.vm.synced_folder "./config", "/vagrant/config" + # config.vm.synced_folder "./var/log", "/vagrant/var/log" + + # Provider-specific configuration so you can fine-tune various + # backing providers for Vagrant. These expose provider-specific options. + # Example for VirtualBox: + # + # config.vm.provider :virtualbox do |vb| + # # Don't boot with headless mode + # vb.gui = true + # + # # Use VBoxManage to customize the VM. For example to change memory: + # vb.customize ["modifyvm", :id, "--memory", "1024"] + # end + # + # View the documentation for the provider you're using for more + # information on available options. + config.vm.provider "virtualbox" do |vb| + vb.customize ["setextradata", :id, "VBoxInternal2/SharedFoldersEnableSymlinksCreate//vagrant/config", "1"] + end + + # Enable provisioning with Puppet stand alone. Puppet manifests + # are contained in a directory path relative to this Vagrantfile. + # You will need to create the manifests directory and a manifest in + # the file base.pp in the manifests_path directory. + # + # An example Puppet manifest to provision the message of the day: + # + # # group { "puppet": + # # ensure => "present", + # # } + # # + # # File { owner => 0, group => 0, mode => 0644 } + # # + # # file { '/etc/motd': + # # content => "Welcome to your Vagrant-built virtual machine! + # # Managed by Puppet.\n" + # # } + # + # config.vm.provision :puppet do |puppet| + # puppet.manifests_path = "manifests" + # puppet.manifest_file = "init.pp" + # end + config.vm.provision :puppet do |puppet| + puppet.module_path = ".vagrant-puppet/modules" + puppet.manifests_path = ".vagrant-puppet/manifests" + # puppet.options = "-v -d" + end + + config.vm.provision :shell, :path => ".vagrant-puppet/manifests/finalize.sh" end +