From be3a235915294bc0c9c8805db4e56801a1b01de8 Mon Sep 17 00:00:00 2001 From: Pascal Liehne Date: Sat, 7 Dec 2019 21:49:38 +0100 Subject: [PATCH 1/3] correct pkg install order, as expected --- icinga2/icinga-web2-core.sls | 2 ++ 1 file changed, 2 insertions(+) diff --git a/icinga2/icinga-web2-core.sls b/icinga2/icinga-web2-core.sls index ef79bd8..17bea4f 100644 --- a/icinga2/icinga-web2-core.sls +++ b/icinga2/icinga-web2-core.sls @@ -11,6 +11,8 @@ icinga2-web2-required-packages: icinga2-web2: pkg.installed: - pkgs: {{ icinga2.icinga_web2.pkgs | json }} + - require: + - pkg: icinga2-web2-required-packages {%- for name, enable in icinga2.icinga_web2.features.items() %} {{ feature(name, enable) }} From 349014a2af150caa714aed08beaa5b7d77682dab Mon Sep 17 00:00:00 2001 From: Pascal Liehne Date: Sat, 7 Dec 2019 21:50:10 +0100 Subject: [PATCH 2/3] configure icinga2web database with initial structure and first user --- icinga2/defaults.yaml | 5 +++++ icinga2/icinga-web2-database.sls | 11 +++++++++++ 2 files changed, 16 insertions(+) diff --git a/icinga2/defaults.yaml b/icinga2/defaults.yaml index 00108e1..5c5aca4 100644 --- a/icinga2/defaults.yaml +++ b/icinga2/defaults.yaml @@ -34,6 +34,11 @@ icinga2: password: host: 127.0.0.1 port: 5432 + login: + username: admin + # None => lets the state fail which is desired! + password: + schema_path: /usr/share/icingaweb2/etc/schema/pgsql.schema.sql pkgs: - icingaweb2 - icingaweb2-module-doc diff --git a/icinga2/icinga-web2-database.sls b/icinga2/icinga-web2-database.sls index 1e4b535..d9b0256 100644 --- a/icinga2/icinga-web2-database.sls +++ b/icinga2/icinga-web2-database.sls @@ -4,8 +4,10 @@ is-icinga2web-password-set: test.check_pillar: - present: - 'icinga2:lookup:icinga_web2:db:password' + - 'icinga2:lookup:icinga_web2:login:password' - string: - 'icinga2:lookup:icinga_web2:db:password' + - 'icinga2:lookup:icinga_web2:login:password' #Create an empty database which will be populated later icinga2web-db-setup: @@ -29,3 +31,12 @@ icinga2web-db-setup: - require: - test: is-icinga2web-password-set - postgres_user: icinga2web-db-setup + cmd.run: + - name: ( cat {{ icinga2.icinga_web2.schema_path }}; echo "INSERT INTO icingaweb_user (name, active, password_hash) VALUES ('{{ icinga2.icinga_web2.login.username }}', 1, '$(php -r 'echo password_hash("{{ icinga2.icinga_web2.login.password }}", PASSWORD_DEFAULT);')');" ) | psql -U "{{ icinga2.icinga_web2.db.user }}" -d "{{ icinga2.icinga_web2.db.name }}" -h "{{ icinga2.icinga_web2.db.host }}" + - env: + - PGPASSWORD: "{{ icinga2.icinga_web2.db.password }}" + - onchanges: + - postgres_database: icinga2web-db-setup + - require: + - postgres_database: icinga2web-db-setup + - postgres_user: icinga2web-db-setup From f18911b4901420dd0b28af84e43d4217e5b9730d Mon Sep 17 00:00:00 2001 From: Pascal Liehne Date: Sun, 8 Dec 2019 22:44:41 +0100 Subject: [PATCH 3/3] update pillar.exampe for webui user password --- pillar.example | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/pillar.example b/pillar.example index b4d5a1d..27a9141 100644 --- a/pillar.example +++ b/pillar.example @@ -12,6 +12,10 @@ icinga2: db: # MUST BE SET when using icinga2.icinga-web2-database password: AnotherSecurePassword + login: + username: admin + # MUST BE SET for UI user "admin" + password: pkgs: - ... required_pkgs: