Skip to content

Latest commit

 

History

History
4434 lines (2639 loc) · 133 KB

REFERENCE.md

File metadata and controls

4434 lines (2639 loc) · 133 KB

Reference

Table of Contents

Classes

Public Classes

Private Classes

  • icingaweb2::config: Configures Icinga Web 2.
  • icingaweb2::install: Installs Icinga Web 2 and extra packages.
  • icingaweb2::module::director::config: Configure the director module.
  • icingaweb2::module::director::install: Install the director module.
  • icingaweb2::module::director::kickstart: Import or update the database schema. Also start the initial kickstart run if required.
  • icingaweb2::module::director::service: Manage the director service.
  • icingaweb2::module::icingadb::config: Configure the icingadb module.
  • icingaweb2::module::icingadb::install: Install the icingadb module.
  • icingaweb2::module::monitoring::config: Configure the monitoring module.
  • icingaweb2::module::monitoring::install: Installs the monitoring module.
  • icingaweb2::module::reporting::config: Configure the reporting module.
  • icingaweb2::module::reporting::install: Install the reporting module.
  • icingaweb2::module::reporting::service: Manage the reporting service.
  • icingaweb2::module::vspheredb::config: Configure the VSphereDB module
  • icingaweb2::module::vspheredb::install: Install the VSphereDB module
  • icingaweb2::module::vspheredb::service: Manage the vspheredb service.
  • icingaweb2::module::x509::config: Configure the x509 module
  • icingaweb2::module::x509::install: Install the x509 module
  • icingaweb2::module::x509::service: Manage the x509 job scheduler.

Defined types

Public Defined types

Private Defined types

  • icingaweb2::module::elasticsearch::eventtype: Manages an Elasticsearch event types
  • icingaweb2::module::elasticsearch::instance: Manages an Elasticsearch instance
  • icingaweb2::module::fileshipper::basedir: Manages base directories for the fileshipper module.
  • icingaweb2::module::fileshipper::directory: Manages directories with plain Icinga 2 configuration files.
  • icingaweb2::module::generictts::ticketsystem: Manages ticketsystem configuration for the generictts module.
  • icingaweb2::module::icingadb::commandtransport: Manages commandtransport configuration for the icingadb module.
  • icingaweb2::module::monitoring::commandtransport: Manages commandtransport configuration for the monitoring module.
  • icingaweb2::module::puppetdb::certificate: Installs a certificate for the Icinga Web 2 puppetdb module.

Functions

Data types

Classes

icingaweb2

oracle, mssql, ibm, oci, sqlite goes to icingaweb2::resource::database.

Examples

Use MySQL as backend for user authentication:
include ::mysql::server

mysql::db { 'icingaweb2':
  user     => 'icingaweb2',
  password => Sensitive('supersecret'),
  host     => 'localhost',
  grant    => [ 'ALL' ],
}

class { 'icingaweb2':
  manage_repos  => true,
  import_schema => true,
  db_type       => 'mysql',
  db_host       => 'localhost',
  db_port       => 3306,
  db_username   => 'icingaweb2',
  db_password   => Sensitive('supersecret'),
  require       => Mysql::Db['icingaweb2'],
}
Use PostgreSQL as backend for user authentication:
include ::postgresql::server

postgresql::server::db { 'icingaweb2':
  user     => 'icingaweb2',
  password => postgresql_password('icingaweb2', Sensitive('icingaweb2')),
}

class { 'icingaweb2':
  manage_repos  => true,
  import_schema => true,
  db_type       => 'pgsql',
  db_host       => 'localhost',
  db_port       => 5432,
  db_username   => 'icingaweb2',
  db_password   => 'icingaweb2',
  require       => Postgresql::Server::Db['icingaweb2'],
}
Icinga Web 2 with an additional resource of type ldap, e.g. for authentication:
class { 'icingaweb2':
  resources       => {
    'my-ldap' => {
      type    => 'ldap',
      host    => 'localhost',
      port    => 389,
      root_dn => 'ou=users,dc=icinga,dc=com',
      bind_dn => 'cn=icingaweb2,ou=users,dc=icinga,dc=com',
      bind_pw => Sensitive('supersecret'),
    }
  },
  user_backends   => {
    'ldap-auth' => {
      backend                  => 'ldap',
      resource                 => 'my-ldap',
      ldap_user_class          => 'user',
      ldap_filter              => '(memberof:1.2.840.113556.1.4.1941:=CN=monitoring,OU=groups,DC=icinga,DC=com)',
      ldap_user_name_attribute => 'userPrincipalName',
      order                    => '05',
    },
  },
  group_backends => {
    'ldap-auth' => {
      backend                     => 'ldap',
      resource                    => 'my-ldap',
      ldap_group_class            => 'group',
      ldap_group_name_attribute   => 'cn',
      ldap_group_member_attribute => 'member',
      ldap_base_dn                => 'ou=groups,dc=icinga,dc=com',
      domain                      => 'icinga.com',
      order                       => '05',
    },
  },
}

Parameters

The following parameters are available in the icingaweb2 class:

logging

Data type: Enum['file', 'syslog', 'php', 'none']

Whether Icinga Web 2 should log to 'file', 'syslog' or 'php' (web server's error log). Setting 'none' disables logging.

logging_file

Data type: Stdlib::Absolutepath

If 'logging' is set to 'file', this is the target log file.

logging_level

Data type: Enum['ERROR', 'WARNING', 'INFO', 'DEBUG']

Logging verbosity. Possible values are 'ERROR', 'WARNING', 'INFO' and 'DEBUG'.

logging_facility

Data type: Pattern[/user|local[0-7]/]

Logging facility when using syslog. Possible values are 'user' or 'local0' up to 'local7'.

logging_application

Data type: String[1]

Logging application name when using syslog.

show_stacktraces

Data type: Boolean

Whether to display stacktraces in the web interface or not.

module_path

Data type:

Optional[Variant[Stdlib::Absolutepath,
  Array[Stdlib::Absolutepath]]]

Additional path to module sources. Multiple paths must be separated by colon.

Default value: undef

theme

Data type: String[1]

The default theme setting. Users may override this settings.

theme_disabled

Data type: Boolean

Whether users can change themes or not.

manage_repos

Data type: Boolean

When set to true this module will use the module icinga/puppet-icinga to manage repositories, e.g. the release repo on packages.icinga.com repository by default, the EPEL repository or Backports. For more information, see http://github.com/icinga/puppet-icinga.

manage_package

Data type: Boolean

If set to false packages aren't managed.

extra_packages

Data type: Optional[Array[String[1]]]

An array of packages to install additionally.

Default value: undef

import_schema

Data type: Optional[Icingaweb2::ImportSchema]

Whether to import the MySQL schema or not. New options mariadb and mysql, both means true. With mariadb its cli options are used for the import, whereas with mysql its different options.

Default value: undef

db_type

Data type: Enum['mysql', 'pgsql']

Database type, can be either mysql or pgsql.

db_resource_name

Data type: String[1]

Name for the icingaweb2 database resource.

db_host

Data type: Stdlib::Host

Database hostname.

db_port

Data type: Optional[Stdlib::Port]

Port to connect on the database host.

Default value: undef

db_name

Data type: String[1]

Database name.

db_username

Data type: String[1]

Username for database access.

db_password

Data type: Optional[Icinga::Secret]

Password for database access.

Default value: undef

use_tls

Data type: Optional[Boolean]

Either enable or disable TLS encryption to the database. Other TLS parameters are only affected if this is set to 'true'.

Default value: undef

tls_key_file

Data type: Optional[Stdlib::Absolutepath]

Location of the private key for client authentication. Only valid if tls is enabled.

Default value: undef

tls_cert_file

Data type: Optional[Stdlib::Absolutepath]

Location of the certificate for client authentication. Only valid if tls is enabled.

Default value: undef

tls_cacert_file

Data type: Optional[Stdlib::Absolutepath]

Location of the ca certificate. Only valid if tls is enabled.

Default value: undef

tls_key

Data type: Optional[Icinga::Secret]

The private key to store in spicified tls_key_file file. Only valid if tls is enabled.

Default value: undef

tls_cert

Data type: Optional[String[1]]

The certificate to store in spicified tls_cert_file file. Only valid if tls is enabled.

Default value: undef

tls_cacert

Data type: Optional[String[1]]

The ca certificate to store in spicified tls_cacert_file file. Only valid if tls is enabled.

Default value: undef

tls_capath

Data type: Optional[Stdlib::Absolutepath]

The file path to the directory that contains the trusted SSL CA certificates, which are stored in PEM format. Only available for the mysql database.

Default value: undef

tls_noverify

Data type: Optional[Boolean]

Disable validation of the server certificate.

Default value: undef

tls_cipher

Data type: Optional[String[1]]

Cipher to use for the encrypted database connection.

Default value: undef

conf_user

Data type: String[1]

By default this module expects Apache2 on the server. You can change the owner of the config files with this parameter.

conf_group

Data type: String[1]

Group membership of config files.

default_domain

Data type: Optional[String[1]]

When using domain-aware authentication, you can set a default domain here.

Default value: undef

cookie_path

Data type: Optional[Stdlib::Absolutepath]

Path to where cookies are stored.

Default value: undef

use_strict_csp

Data type: Optional[Boolean]

Enable the inclusion of Content Security Policy (CSP) headers in application responses.

Default value: undef

admin_role

Data type: Variant[Icingaweb2::AdminRole, Boolean[false]]

Manage a role for admin access.

default_admin_username

Data type: String[1]

Default username for initial admin access. This parameter is only used if import_schema is set to true and only during the import itself.

default_admin_password

Data type: Icinga::Secret

Default password for initial admin access. This parameter is only used if import_schema is set to true and only during the import itself.

resources

Data type: Hash[String[1], Hash[String[1], Any]]

Additional resources. Option type has to be set as hash key. Type of ldap declares a define resource of icingaweb2::resource::ldap, a type of mysql, pgsql,

default_auth_backend

Data type: Variant[String[1], Boolean[false]]

Name of the user and group backend authentication of the icingaweb2 resource. If set to false the default authentication method is deactivated.

user_backends

Data type: Hash[String[1], Hash[String[1], Any]]

Additional user backends for access control. See icingaweb2::config::authmethod.

group_backends

Data type: Hash[String[1], Hash[String[1], Any]]

Additional group backends for access control. See icingaweb2::config::groupbackend.

icingaweb2::globals

This class loads the default parameters by doing a hiera lookup.

  • Note This parameters depend on the os plattform. Changes maybe will break the functional capability of the supported plattforms and versions. Please only do changes when you know what you're doing.

Parameters

The following parameters are available in the icingaweb2::globals class:

package_name

Data type: String[1]

Package to install.

conf_dir

Data type: Stdlib::Absolutepath

Path to the config files.

state_dir

Data type: Stdlib::Absolutepath

Path to variable application data.

data_dir

Data type: Stdlib::Absolutepath

Location of PHP data files.

role_replace

Data type: Boolean

Specifies whether to overwrite the roles.ini file if it already exists.

comp_db_schema_dir

Data type: Stdlib::Absolutepath

For compatibility, since in Icinga Web 2 2.11.4 the schema files have been moved.

default_module_path

Data type: Stdlib::Absolutepath

Location of the modules.

mysql_db_schema

Data type: Stdlib::Absolutepath

Location of the database schema for MySQL/MariaDB.

pgsql_db_schema

Data type: Stdlib::Absolutepath

Location of the database schema for PostgreSQL.

mysql_vspheredb_schema

Data type: Stdlib::Absolutepath

Location of the vspheredb database schema for MySQL/MariaDB.

pgsql_vspheredb_schema

Data type: Stdlib::Absolutepath

Location of the vspheredb database schema for PostgreSQL.

mysql_reporting_schema

Data type: Stdlib::Absolutepath

Location of the reporting database schema for MySQL/MariaDB.

pgsql_reporting_schema

Data type: Stdlib::Absolutepath

Location of the reporting database schema for PostgreSQL.

mysql_idoreports_slaperiods

Data type: Stdlib::Absolutepath

Location of the slaperiods database extension for MySQL.

mysql_idoreports_sla_percent

Data type: Stdlib::Absolutepath

Location of the get_sla_ok_percent database extension for MySQL.

pgsql_idoreports_slaperiods

Data type: Stdlib::Absolutepath

Location of the slaperiods database extension for PostgreSQL.

pgsql_idoreports_sla_percent

Data type: Stdlib::Absolutepath

Location of the get_sla_ok_percent database extension for PostgreSQL.

mysql_x509_schema

Data type: Stdlib::Absolutepath

Location of the x509 database schema for MySQL/MariaDB.

pgsql_x509_schema

Data type: Stdlib::Absolutepath

Location of the x509 database schema for PostgreSQL.

gettext_package_name

Data type: String[1]

Package name gettext tool belongs to.

icingacli_bin

Data type: Stdlib::Absolutepath

Path to `icingacli' comand line tool.

icingaweb2::module::audit

Installs and enables the audit module.

  • Note If you want to use git as install_method, the CLI git command has to be installed.

Examples

class { 'icingaweb2::module::audit':
  git_revision => 'v1.0.2',
  log_type     => 'syslog',
  log_facility => 'authpriv',
}

Parameters

The following parameters are available in the icingaweb2::module::audit class:

ensure

Data type: Enum['absent', 'present']

Enable or disable module.

module_dir

Data type: Stdlib::Absolutepath

Target directory of the module.

Default value: "${icingaweb2::globals::default_module_path}/audit"

git_repository

Data type: Stdlib::HTTPUrl

Set a git repository URL.

git_revision

Data type: Optional[String[1]]

Set either a branch or a tag name, eg. master or v1.0.2.

Default value: undef

install_method

Data type: Enum['git', 'none', 'package']

Install methods are git, package and none is supported as installation method.

package_name

Data type: String[1]

Package name of the module. This setting is only valid in combination with the installation method package.

log_type

Data type: Enum['file', 'syslog', 'none']

Logging type to use.

log_file

Data type: Optional[Stdlib::Absolutepath]

Location of the log file. Only valid if log_type is set to file.

Default value: undef

log_ident

Data type: Optional[String]

Logging prefix ident. Only valid if log_type is set to syslog.

Default value: undef

log_facility

Data type:

Variant[
    Enum['auth', 'user', 'authpriv'],
    Pattern[/^local[0-7]$/]
  ]

Facility to log to. Only valid if log_type is set to syslog.

stream_format

Data type: Enum['json', 'none']

Set to json to stream in JSON format. Disabled by setting to none.

stream_file

Data type: Optional[Stdlib::Absolutepath]

Path to the stream destination.

Default value: undef

icingaweb2::module::businessprocess

Installs and enables the businessprocess module.

  • Note If you want to use git as install_method, the CLI git command has to be installed. You can manage it yourself as package resource or declare the package name in icingaweb2 class parameter extra_packages.

Examples

class { 'icingaweb2::module::businessprocess':
  git_revision => 'v2.1.0'
}

Parameters

The following parameters are available in the icingaweb2::module::businessprocess class:

ensure

Data type: Enum['absent', 'present']

Enable or disable module.

module_dir

Data type: Stdlib::Absolutepath

Target directory of the module.

Default value: "${icingaweb2::globals::default_module_path}/businessprocess"

git_repository

Data type: Stdlib::HTTPUrl

Set a git repository URL.

git_revision

Data type: Optional[String[1]]

Set either a branch or a tag name, eg. master or v2.1.0.

Default value: undef

install_method

Data type: Enum['git', 'none', 'package']

Install methods are git, package and none is supported as installation method.

package_name

Data type: String[1]

Package name of the module. This setting is only valid in combination with the installation method package.

icingaweb2::module::cube

Installs and enables the cube module.

  • Note If you want to use git as install_method, the CLI git command has to be installed. You can manage it yourself as package resource or declare the package name in icingaweb2 class parameter extra_packages.

Examples

class { 'icingaweb2::module::cube':
  git_revision => 'v1.0.0'
}

Parameters

The following parameters are available in the icingaweb2::module::cube class:

ensure

Data type: Enum['absent', 'present']

Enable or disable module.

module_dir

Data type: Stdlib::Absolutepath

Target directory of the module.

Default value: "${icingaweb2::globals::default_module_path}/cube"

git_repository

Data type: Stdlib::HTTPUrl

Set a git repository URL.

git_revision

Data type: Optional[String[1]]

Set either a branch or a tag name, eg. master or v1.0.0.

Default value: undef

install_method

Data type: Enum['git', 'none', 'package']

Install methods are git, package and none is supported as installation method.

package_name

Data type: String[1]

Package name of the module. This setting is only valid in combination with the installation method package.

icingaweb2::module::director

Install and configure the director module.

  • Note If you want to use git as install_method, the CLI git command has to be installed. You can manage it yourself as package resource or declare the package name in icingaweb2 class parameter extra_packages.

Examples

class { 'icingaweb2::module::director':
  git_revision  => 'v1.7.2',
  db_host       => 'localhost',
  db_name       => 'director',
  db_username   => 'director',
  db_password   => 'supersecret',
  import_schema => true,
  kickstart     => true,
  endpoint      => 'puppet-icingaweb2.localdomain',
  api_username  => 'director',
  api_password  => 'supersecret',
  require       => Mysql::Db['director']
}

Parameters

The following parameters are available in the icingaweb2::module::director class:

ensure

Data type: Enum['absent', 'present']

Enable or disable module.

module_dir

Data type: Stdlib::Absolutepath

Target directory of the module.

Default value: "${icingaweb2::globals::default_module_path}/director"

git_repository

Data type: Stdlib::HTTPUrl

Set a git repository URL.

git_revision

Data type: Optional[String[1]]

Set either a branch or a tag name, eg. master or v1.3.2.

Default value: undef

install_method

Data type: Enum['git', 'package', 'none']

Install methods are git, package and none is supported as installation method.

package_name

Data type: String[1]

Package name of the module. This setting is only valid in combination with the installation method package.

db_type

Data type: Enum['mysql', 'pgsql']

Type of your database. Either mysql or pgsql.

db_resource_name

Data type: String[1]

Name for the director database resource.

db_host

Data type: Stdlib::Host

Hostname of the database.

db_port

Data type: Optional[Stdlib::Port]

Port of the database.

Default value: undef

db_name

Data type: String[1]

Name of the database.

db_username

Data type: String[1]

Username for DB connection.

db_password

Data type: Optional[Icinga::Secret]

Password for DB connection.

Default value: undef

db_charset

Data type: Optional[String[1]]

Character set to use for the database.

Default value: undef

use_tls

Data type: Optional[Boolean]

Either enable or disable TLS encryption to the database. Other TLS parameters are only affected if this is set to 'true'.

Default value: undef

tls_key_file

Data type: Optional[Stdlib::Absolutepath]

Location of the private key for client authentication. Only valid if tls is enabled.

Default value: undef

tls_cert_file

Data type: Optional[Stdlib::Absolutepath]

Location of the certificate for client authentication. Only valid if tls is enabled.

Default value: undef

tls_cacert_file

Data type: Optional[Stdlib::Absolutepath]

Location of the ca certificate. Only valid if tls is enabled.

Default value: undef

tls_key

Data type: Optional[Icinga::Secret]

The private key to store in spicified tls_key_file file. Only valid if tls is enabled.

Default value: undef

tls_cert

Data type: Optional[String[1]]

The certificate to store in spicified tls_cert_file file. Only valid if tls is enabled.

Default value: undef

tls_cacert

Data type: Optional[String[1]]

The ca certificate to store in spicified tls_cacert_file file. Only valid if tls is enabled.

Default value: undef

tls_capath

Data type: Optional[Stdlib::Absolutepath]

The file path to the directory that contains the trusted SSL CA certificates, which are stored in PEM format. Only available for the mysql database.

Default value: undef

tls_noverify

Data type: Optional[Boolean]

Disable validation of the server certificate.

Default value: undef

tls_cipher

Data type: Optional[String[1]]

Cipher to use for the encrypted database connection.

Default value: undef

import_schema

Data type: Optional[Boolean]

Import database schema.

Default value: undef

kickstart

Data type: Boolean

Run kickstart command after database migration. This requires import_schema to be true.

endpoint

Data type: Optional[String[1]]

Endpoint object name of Icinga 2 API. This setting is only valid if kickstart is true.

Default value: undef

api_host

Data type: Stdlib::Host

Icinga 2 API hostname. This setting is only valid if kickstart is true.

api_port

Data type: Stdlib::Port

Icinga 2 API port. This setting is only valid if kickstart is true.

api_username

Data type: Optional[String[1]]

Icinga 2 API username. This setting is only valid if kickstart is true.

Default value: undef

api_password

Data type: Optional[Icinga::Secret]

Icinga 2 API password. This setting is only valid if kickstart is true.

Default value: undef

manage_service

Data type: Boolean

If set to true the service (daemon) is managed.

service_ensure

Data type: Stdlib::Ensure::Service

Wether the service is running or stopped.

service_enable

Data type: Boolean

Whether the service should be started at boot time.

service_user

Data type: String[1]

The user as which the service is running. Only valid if install_method is set to git.

icingaweb2::module::doc

The doc module provides an interface to the Icinga 2 and Icinga Web 2 documentation.

Parameters

The following parameters are available in the icingaweb2::module::doc class:

ensure

Data type: Enum['absent', 'present']

Enable or disable module. Defaults to present

icingaweb2::module::elasticsearch

The Elasticsearch module displays events from data stored in Elasticsearch.

  • Note If you want to use git as install_method, the CLI git command has to be installed. You can manage it yourself as package resource or declare the package name in icingaweb2 class parameter extra_packages.

Examples

class { 'icingaweb2::module::elasticsearch':
  git_revision => 'v0.9.0',
  instances    => {
    'elastic'  => {
      uri      => 'http://localhost:9200',
      user     => 'foo',
      password => 'bar',
    }
  },
  eventtypes   => {
    'filebeat' => {
      instance => 'elastic',
      index    => 'filebeat-*',
      filter   => 'beat.hostname={host.name}',
      fields   => 'input_type, source, message',
    }
  }
}

Parameters

The following parameters are available in the icingaweb2::module::elasticsearch class:

ensure

Data type: Enum['absent', 'present']

Enable or disable module.

module_dir

Data type: Stdlib::Absolutepath

Target directory of the module.

Default value: "${icingaweb2::globals::default_module_path}/elasticsearch"

git_repository

Data type: Stdlib::HTTPUrl

Set a git repository URL.

install_method

Data type: Enum['git', 'none', 'package']

Install methods are git, package and none is supported as installation method.

package_name

Data type: String[1]

Package name of the module. This setting is only valid in combination with the installation method package.

git_revision

Data type: Optional[String[1]]

Set either a branch or a tag name, eg. master or v1.3.2.

Default value: undef

instances

Data type: Optional[Hash]

A hash that configures one or more Elasticsearch instances that this module connects to. The defined type icingaweb2::module::elasticsearch::instance is used to create the instance configuration.

Default value: undef

eventtypes

Data type: Optional[Hash]

A hash oft ypes of events that should be displayed. Event types are always connected to instances. The defined type icingaweb2::module::elasticsearch::eventtype is used to create the event types.

Default value: undef

icingaweb2::module::fileshipper

@example: class { 'icingaweb2::module::fileshipper': git_revision => 'v1.0.1', base_directories => { temp => '/var/lib/fileshipper' }, directories => { 'test' => { 'source' => '/var/lib/fileshipper/source', 'target' => '/var/lib/fileshipper/target', } } }

  • Note If you want to use git as install_method, the CLI git command has to be installed. You can manage it yourself as package resource or declare the package name in icingaweb2 class parameter extra_packages.

Parameters

The following parameters are available in the icingaweb2::module::fileshipper class:

ensure

Data type: Enum['absent', 'present']

Enables or disables module.

module_dir

Data type: Stdlib::Absolutepath

Target directory of the module.

Default value: "${icingaweb2::globals::default_module_path}/fileshipper"

git_repository

Data type: Stdlib::HTTPUrl

Set a git repository URL.

install_method

Data type: Enum['git', 'none', 'package']

Install methods are git, package and none is supported as installation method.

package_name

Data type: String[1]

Package name of the module. This setting is only valid in combination with the installation method package.

git_revision

Data type: Optional[String[1]]

Set either a branch or a tag name, eg. master or v1.3.2.

Default value: undef

base_directories

Data type: Hash

Hash of base directories. These directories can later be selected in the import source (Director).

directories

Data type: Hash

Deploy plain Icinga 2 configuration files through the Director to your Icinga 2 master.

icingaweb2::module::generictts

Installs and enables the generictts module.

  • Note If you want to use git as install_method, the CLI git command has to be installed. You can manage it yourself as package resource or declare the package name in icingaweb2 class parameter extra_packages.

Examples

class { 'icingaweb2::module::generictts':
  git_revision  => 'v2.0.0',
  ticketsystems => {
    'my-ticket-system' => {
      pattern => '/#([0-9]{4,6})/',
      url     => 'https://my.ticket.system/tickets/id=$1',
    },
  },
}

Parameters

The following parameters are available in the icingaweb2::module::generictts class:

ensure

Data type: Enum['absent', 'present']

Enable or disable module.

module_dir

Data type: Stdlib::Absolutepath

Target directory of the module.

Default value: "${icingaweb2::globals::default_module_path}/generictts"

git_repository

Data type: Stdlib::HTTPUrl

Set a git repository URL.

git_revision

Data type: Optional[String[1]]

Set either a branch or a tag name, eg. master or v2.0.0.

Default value: undef

install_method

Data type: Enum['git', 'none', 'package']

Install methods are git, package and none is supported as installation method.

package_name

Data type: String[1]

Package name of the module. This setting is only valid in combination with the installation method package.

ticketsystems

Data type: Hash

A hash of ticketsystems. The hash expects a patten and a url for each ticketsystem. The regex pattern is to match the ticket ID, eg. /#([0-9]{4,6})/. Place the ticket ID in the URL, eg. https://my.ticket.system/tickets/id=$1.

icingaweb2::module::graphite

The Graphite module draws graphs out of time series data stored in Graphite.

  • Note If you want to use git as install_method, the CLI git command has to be installed. You can manage it yourself as package resource or declare the package name in icingaweb2 class parameter extra_packages.

Examples

class { 'icingaweb2::module::graphite':
  git_revision => 'v0.9.0',
  url          => 'https://localhost:8080'
}

Parameters

The following parameters are available in the icingaweb2::module::graphite class:

ensure

Data type: Enum['absent', 'present']

Enables or disables module.

module_dir

Data type: Stdlib::Absolutepath

Target directory of the module.

Default value: "${icingaweb2::globals::default_module_path}/graphite"

git_repository

Data type: Stdlib::HTTPUrl

Set a git repository URL.

git_revision

Data type: Optional[String[1]]

Set either a branch or a tag name, eg. master or v1.3.2.

Default value: undef

install_method

Data type: Enum['git', 'none', 'package']

Install methods are git, package and none is supported as installation method.

package_name

Data type: String[1]

Package name of the module. This setting is only valid in combination with the installation method package.

url

Data type: Optional[Stdlib::HTTPUrl]

URL to your Graphite Web/API.

Default value: undef

insecure

Data type: Optional[Boolean]

Do not verify the TLS certificate.

Default value: undef

user

Data type: Optional[String[1]]

A user with access to your Graphite Web via HTTP basic authentication.

Default value: undef

password

Data type: Optional[Icinga::Secret]

The users password.

Default value: undef

graphite_writer_host_name_template

Data type: Optional[String[1]]

The value of your Icinga 2 GraphiteWriter's attribute host_name_template (if specified).

Default value: undef

graphite_writer_service_name_template

Data type: Optional[String[1]]

The value of your icinga 2 GraphiteWriter's attribute service_name_template (if specified).

Default value: undef

customvar_obscured_check_command

Data type: Optional[String[1]]

The Icinga custom variable with the actual check command obscured by e.g. check_by_ssh.

Default value: undef

default_time_range_unit

Data type:

Optional[Enum[
      'minutes', 'hours', 'days',
      'weeks', 'months', 'years'
  ]]

Set unit for the time range.

Default value: undef

default_time_range

Data type: Optional[Integer[1]]

Set the displayed time range.

Default value: undef

disable_no_graphs

Data type: Optional[Boolean]

Do not display empty graphs.

Default value: undef

icingaweb2::module::icingadb

Manages the icingadb module. This module is still optional at the moment.

Parameters

The following parameters are available in the icingaweb2::module::icingadb class:

ensure

Data type: Enum['absent', 'present']

Enable or disable module.

package_name

Data type: String[1]

IicngaDB-Web module package name.

db_type

Data type: Enum['mysql', 'pgsql']

Type of your IDO database. Either mysql or pgsql.

db_resource_name

Data type: String[1]

Name for the icingadb database resource.

db_host

Data type: Stdlib::Host

Hostname of the IcingaDB database.

db_port

Data type: Optional[Stdlib::Port]

Port of the IcingaDB database.

Default value: undef

db_name

Data type: String[1]

Name of the IcingaDB database.

db_username

Data type: String[1]

Username for IcingaDB database connection.

db_password

Data type: Optional[Icinga::Secret]

Password for IcingaDB database connection.

Default value: undef

db_charset

Data type: Optional[String[1]]

The character set to use for the IcingaDB database connection.

Default value: undef

db_use_tls

Data type: Optional[Boolean]

Either enable or disable TLS encryption to the database. Other TLS parameters are only affected if this is set to 'true'.

Default value: undef

db_tls_cert_file

Data type: Optional[Stdlib::Absolutepath]

Location of the certificate for client authentication. Only valid if db_use_tls is enabled.

Default value: undef

db_tls_key_file

Data type: Optional[Stdlib::Absolutepath]

Location of the private key for client authentication. Only valid if db_use_tls is enabled.

Default value: undef

db_tls_cacert_file

Data type: Optional[Stdlib::Absolutepath]

Location of the CA root certificate. Only valid if db_use_tls is enabled.

Default value: undef

db_tls_cert

Data type: Optional[String]

The client certificate in PEM format. Only valid if db_use_tls is enabled.

Default value: undef

db_tls_key

Data type: Optional[Icinga::Secret]

The client private key in PEM format. Only valid if db_use_tls is enabled.

Default value: undef

db_tls_cacert

Data type: Optional[String[1]]

The CA root certificate in PEM format. Only valid if db_use_tls is enabled.

Default value: undef

db_tls_capath

Data type: Optional[Stdlib::Absolutepath]

The file path to the directory that contains the trusted SSL CA certificates, which are stored in PEM format. Only available for the mysql database.

Default value: undef

db_tls_noverify

Data type: Optional[Boolean]

Disable validation of the server certificate.

Default value: undef

db_tls_cipher

Data type: Optional[String[1]]

Cipher to use for the encrypted database connection.

Default value: undef

redis_host

Data type: Stdlib::Host

Redis host to connect.

redis_port

Data type: Optional[Stdlib::Port]

Connect redis_host om this port.

Default value: undef

redis_password

Data type: Optional[Icinga::Secret]

Password for Redis connection.

Default value: undef

redis_primary_host

Data type: Stdlib::Host

Alternative parameter to use for redis_host. Useful for high availability environments.

Default value: $redis_host

redis_primary_port

Data type: Optional[Stdlib::Port]

Alternative parameter to use for redis_port. Useful for high availability environments.

Default value: $redis_port

redis_primary_password

Data type: Optional[Icinga::Secret]

Alternative parameter to use for redis_passwod. Useful for high availability environments.

Default value: $redis_password

redis_secondary_host

Data type: Optional[Stdlib::Host]

Fallback Redis host to connect if the first one fails.

Default value: undef

redis_secondary_port

Data type: Optional[Stdlib::Port]

Port to connect on the fallback Redis server.

Default value: undef

redis_secondary_password

Data type: Optional[Icinga::Secret]

Password for the second Redis server.

Default value: undef

redis_use_tls

Data type: Optional[Boolean]

Use tls encrypt connection for Redis. All Credentials are applied for both connections in a high availability environments.

Default value: undef

redis_tls_cert

Data type: Optional[String[1]]

Client certificate in PEM format to authenticate to Redis. Only valid if redis_use_tls is enabled.

Default value: undef

redis_tls_key

Data type: Optional[Icinga::Secret]

Client private key in PEM format. Only valid if redis_use_tls is enabled.

Default value: undef

redis_tls_cacert

Data type: Optional[String[1]]

The CA certificate in PEM format. Only valid if redis_use_tls is enabled.

Default value: undef

redis_tls_cert_file

Data type: Optional[Stdlib::Absolutepath]

Location of the client certificate. Only valid if redis_use_tls is enabled.

Default value: undef

redis_tls_key_file

Data type: Optional[Stdlib::Absolutepath]

Location of the private key. Only valid if redis_use_tls is enabled.

Default value: undef

redis_tls_cacert_file

Data type: Optional[Stdlib::Absolutepath]

Location of the CA certificate. Only valid if redis_use_tls is enabled.

Default value: undef

settings

Data type: Hash[String[1], Any]

General configuration of module icingadb. See official Icinga documentation

commandtransports

Data type: Hash[String[1], Hash]

A hash of command transports.

icingaweb2::module::idoreports

Installs, configures and enables the idoreports module. The module is deprecated.

  • Note If you want to use git as install_method, the CLI git command has to be installed. You can manage it yourself as package resource or declare the package name in icingaweb2 class parameter extra_packages.

Examples

class { 'icingaweb2::module::idoreports':
  git_revision  => 'v0.10.0',
}

Parameters

The following parameters are available in the icingaweb2::module::idoreports class:

ensure

Data type: Enum['absent', 'present']

Enable or disable module.

module_dir

Data type: Stdlib::Absolutepath

Target directory of the module.

Default value: "${icingaweb2::globals::default_module_path}/idoreports"

git_repository

Data type: Stdlib::HTTPUrl

Set a git repository URL.

git_revision

Data type: Optional[String[1]]

Set either a branch or a tag name, eg. master or v2.1.0.

Default value: undef

install_method

Data type: Enum['git', 'none', 'package']

Install methods are git, package and none is supported as installation method.

package_name

Data type: String[1]

Package name of the module. This setting is only valid in combination with the installation method package.

import_schema

Data type: Optional[Icingaweb2::ImportSchema]

The IDO database needs some extensions for reorting. Whether to import the database extensions or not. Options mariadb and mysql, both means true. With mariadb its cli options are used for the import, whereas with mysql its different options.

Default value: undef

icingaweb2::module::monitoring

Requirements:

  • IDO feature in Icinga 2 (MySQL or PostgreSQL)
  • ApiUser object in Icinga 2 with proper permissions

class {'icingaweb2::module::monitoring': ido_host => 'localhost', ido_type => 'mysql', ido_db_name => 'icinga2', ido_db_username => 'icinga2', ido_db_password => 'supersecret', commandtransports => { icinga2 => { transport => 'api', username => 'icingaweb2', password => 'supersecret', } } }

Examples

This module is mandatory for almost every setup. It connects your Icinga Web interface to the Icinga 2 core. Current and history information are queried through the IDO database. Actions such as Check Now, Set Downtime or Acknowledge are send to the Icinga 2 API.

Parameters

The following parameters are available in the icingaweb2::module::monitoring class:

ensure

Data type: Enum['absent', 'present']

Enable or disable module.

protected_customvars

Data type: Variant[String[1], Array[String[1]]]

Custom variables in Icinga 2 may contain sensible information. Set patterns for custom variables that should be hidden in the web interface.

ido_type

Data type: Enum['mysql', 'pgsql']

Type of your IDO database. Either mysql or pgsql.

ido_host

Data type: Stdlib::Host

Hostname of the IDO database.

ido_port

Data type: Optional[Stdlib::Port]

Port of the IDO database.

Default value: undef

ido_resource_name

Data type: String

Resource name for the IDO database.

ido_db_name

Data type: String

Name of the IDO database.

ido_db_username

Data type: String

Username for IDO DB connection.

ido_db_password

Data type: Optional[Icinga::Secret]

Password for IDO DB connection.

Default value: undef

ido_db_charset

Data type: Optional[String[1]]

The character set to use for the database connection.

Default value: undef

use_tls

Data type: Optional[Boolean]

Either enable or disable TLS encryption to the database. Other TLS parameters are only affected if this is set to 'true'.

Default value: undef

tls_key_file

Data type: Optional[Stdlib::Absolutepath]

Location of the private key for client authentication. Only valid if tls is enabled.

Default value: undef

tls_cert_file

Data type: Optional[Stdlib::Absolutepath]

Location of the certificate for client authentication. Only valid if tls is enabled.

Default value: undef

tls_cacert_file

Data type: Optional[Stdlib::Absolutepath]

Location of the ca certificate. Only valid if tls is enabled.

Default value: undef

tls_key

Data type: Optional[Icinga::Secret]

The private key to store in spicified tls_key_file file. Only valid if tls is enabled.

Default value: undef

tls_cert

Data type: Optional[String[1]]

The certificate to store in spicified tls_cert_file file. Only valid if tls is enabled.

Default value: undef

tls_cacert

Data type: Optional[String[1]]

The ca certificate to store in spicified tls_cacert_file file. Only valid if tls is enabled.

Default value: undef

tls_capath

Data type: Optional[Stdlib::Absolutepath]

The file path to the directory that contains the trusted SSL CA certificates, which are stored in PEM format. Only available for the mysql database.

Default value: undef

tls_noverify

Data type: Optional[Boolean]

Disable validation of the server certificate.

Default value: undef

tls_cipher

Data type: Optional[String[1]]

Cipher to use for the encrypted database connection.

Default value: undef

settings

Data type: Hash[String[1], Any]

General configuration of module monitoring. See official Icinga documentation

commandtransports

Data type: Hash

A hash of command transports.

icingaweb2::module::pdfexport

Installs, configures and enables the pdfexport module.

  • Note If you want to use git as install_method, the CLI git command has to be installed. You can manage it yourself as package resource or declare the package name in icingaweb2 class parameter extra_packages.

Examples

class { 'icingaweb2::module::pdfexport':
  git_revision  => 'v0.10.0',
  chrome_binary => '/usr/bin/chromium-browser',
}

Parameters

The following parameters are available in the icingaweb2::module::pdfexport class:

ensure

Data type: Enum['absent', 'present']

Enable or disable module.

module_dir

Data type: Stdlib::Absolutepath

Target directory of the module.

Default value: "${icingaweb2::globals::default_module_path}/pdfexport"

git_repository

Data type: Stdlib::HTTPUrl

Set a git repository URL.

git_revision

Data type: Optional[String[1]]

Set either a branch or a tag name, eg. master or v2.1.0.

Default value: undef

install_method

Data type: Enum['git', 'none', 'package']

Install methods are git, package and none is supported as installation method.

package_name

Data type: String[1]

Package name of the module. This setting is only valid in combination with the installation method package.

chrome_binary

Data type: Optional[Stdlib::Absolutepath]

Path of the chrome or Chrome/Chromium binary.

Default value: undef

force_temp_storage

Data type: Optional[Boolean]

Force using of local temp storage.

Default value: undef

remote_host

Data type: Optional[Stdlib::Host]

Connect a remote running Chrome/Chromium.

Default value: undef

remote_port

Data type: Optional[Stdlib::Port]

Port to connect the remote running Chrome/Chromium.

Default value: undef

icingaweb2::module::puppetdb

Installs and configures the puppetdb module.

  • Note If you want to use git as install_method, the CLI git command has to be installed. You can manage it yourself as package resource or declare the package name in icingaweb2 class parameter extra_packages.

Examples

Set up the PuppetDB module and configure two custom SSL keys:
$certificates = {
  'pupdb1' => {
    :ssl_key => '-----BEGIN RSA PRIVATE KEY----- abc...',
    :ssl_cacert => '-----BEGIN RSA PRIVATE KEY----- def...',
   },
  'pupdb2' => {
    :ssl_key => '-----BEGIN RSA PRIVATE KEY----- zyx...',
    :ssl_cacert => '-----BEGIN RSA PRIVATE KEY----- wvur...',
  },
}

class { '::icingaweb2::module::puppetdb':
  git_revision => 'master',
  ssl          => 'none',
  certificates => $certificates,
}
Set up the PuppetDB module and configure the hosts SSL key to connect to the PuppetDB host:
class {'::icingaweb2::module::puppetdb':
  git_revision => 'master',
  ssl          => 'puppet',
  host         => 'puppetdb.example.com',
}

Parameters

The following parameters are available in the icingaweb2::module::puppetdb class:

ensure

Data type: Enum['absent', 'present']

Enable or disable module.

module_dir

Data type: Stdlib::Absolutepath

Target directory of the module.

Default value: "${icingaweb2::globals::default_module_path}/puppetdb"

git_repository

Data type: Stdlib::HTTPUrl

Set a git repository URL.

git_revision

Data type: Optional[String[1]]

Set either a branch or a tag name, eg. master or v1.3.2.

Default value: undef

install_method

Data type: Enum['git', 'none', 'package']

Install methods are git, package and none is supported as installation method.

package_name

Data type: String[1]

Package name of the module. This setting is only valid in combination with the installation method package.

ssl

Data type: Enum['none', 'puppet']

How to set up ssl certificates. To copy certificates from the local puppet installation, use puppet.

host

Data type: Optional[Stdlib::Host]

Hostname of the server where PuppetDB is running. The ssl parameter needs to be set to puppet.

Default value: undef

certificates

Data type: Hash

Hash with icingaweb2::module::puppetdb::certificate resources.

icingaweb2::module::reporting

Installs the reporting module

Examples

class { 'icingaweb2::module::reporting':
  ensure       => present,
  git_revision => 'v0.9.0',
  db_host      => 'localhost',
  db_name      => 'reporting',
  db_username  => 'reporting',
  db_password  => 'supersecret',
}

Parameters

The following parameters are available in the icingaweb2::module::reporting class:

ensure

Data type: Enum['absent', 'present']

Ensures the state of the reporting module.

module_dir

Data type: Stdlib::Absolutepath

Target directory of the module.

Default value: "${icingaweb2::globals::default_module_path}/reporting"

git_repository

Data type: Stdlib::HTTPUrl

The upstream module repository.

git_revision

Data type: Optional[String[1]]

The version of the module that needs to be used.

Default value: undef

install_method

Data type: Enum['git', 'none', 'package']

Install methods are git, package and none is supported as installation method.

package_name

Data type: String[1]

Package name of the module. This setting is only valid in combination with the installation method package.

db_type

Data type: Enum['mysql', 'pgsql']

The database type. Either mysql or postgres.

db_resource_name

Data type: String[1]

Name for the reporting database resource.

db_host

Data type: Stdlib::Host

The host where the reporting database will be running

db_port

Data type: Optional[Stdlib::Port]

The port on which the database is accessible.

Default value: undef

db_name

Data type: String[1]

The name of the database this module should use.

db_username

Data type: String[1]

The username needed to access the database.

db_password

Data type: Optional[Icinga::Secret]

The password needed to access the database.

Default value: undef

db_charset

Data type: Optional[String[1]]

The charset the database is set to.

Default value: undef

use_tls

Data type: Optional[Boolean]

Either enable or disable TLS encryption to the database. Other TLS parameters are only affected if this is set to 'true'.

Default value: undef

tls_key_file

Data type: Optional[Stdlib::Absolutepath]

Location of the private key for client authentication. Only valid if tls is enabled.

Default value: undef

tls_cert_file

Data type: Optional[Stdlib::Absolutepath]

Location of the certificate for client authentication. Only valid if tls is enabled.

Default value: undef

tls_cacert_file

Data type: Optional[Stdlib::Absolutepath]

Location of the ca certificate. Only valid if tls is enabled.

Default value: undef

tls_key

Data type: Optional[Icinga::Secret]

The private key to store in spicified tls_key_file file. Only valid if tls is enabled.

Default value: undef

tls_cert

Data type: Optional[String[1]]

The certificate to store in spicified tls_cert_file file. Only valid if tls is enabled.

Default value: undef

tls_cacert

Data type: Optional[String[1]]

The ca certificate to store in spicified tls_cacert_file file. Only valid if tls is enabled.

Default value: undef

tls_capath

Data type: Optional[Stdlib::Absolutepath]

The file path to the directory that contains the trusted SSL CA certificates, which are stored in PEM format. Only available for the mysql database.

Default value: undef

tls_noverify

Data type: Optional[Boolean]

Disable validation of the server certificate.

Default value: undef

tls_cipher

Data type: Optional[String[1]]

Cipher to use for the encrypted database connection.

Default value: undef

import_schema

Data type: Optional[Icingaweb2::ImportSchema]

Whether to import the database schema or not. Options mariadb and mysql, both means true. With mariadb its cli options are used for the import, whereas with mysql its different options.

Default value: undef

mail

Data type: Optional[String[1]]

Mails are sent with this sender address.

Default value: undef

manage_service

Data type: Boolean

If set to true the service (daemon) is managed.

service_ensure

Data type: Stdlib::Ensure::Service

Wether the service is running or stopped.

service_enable

Data type: Boolean

Whether the service should be started at boot time.

service_user

Data type: String[1]

The user as which the service is running. Only valid if install_method is set to git.

icingaweb2::module::translation

Installs and configures the translation module.

Parameters

The following parameters are available in the icingaweb2::module::translation class:

ensure

Data type: Enum['absent', 'present']

Enable or disable module.

icingaweb2::module::vspheredb

Installs the vsphereDB plugin

Examples

class { 'icingaweb2::module::vspheredb':
  ensure       => 'present',
  git_revision => 'v1.1.0',
  db_host      => 'localhost',
  db_name      => 'vspheredb',
  db_username  => 'vspheredb',
  db_password  => 'supersecret',
}

Parameters

The following parameters are available in the icingaweb2::module::vspheredb class:

ensure

Data type: Enum['absent', 'present']

Ensur es the state of the vspheredb module.

module_dir

Data type: Stdlib::Absolutepath

Target directory of the module.

Default value: "${icingaweb2::globals::default_module_path}/vspheredb"

git_repository

Data type: Stdlib::HTTPUrl

The upstream module repository.

git_revision

Data type: Optional[String[1]]

The version of the module that needs to be used.

Default value: undef

install_method

Data type: Enum['git', 'none', 'package']

Install methods are git, package and none is supported as installation method.

package_name

Data type: String[1]

Package name of the module. This setting is only valid in combination with the installation method package.

db_type

Data type: Enum['mysql']

The database type. Either mysql or postgres.

db_resource_name

Data type: String[1]

Name for the vspheredb database resource.

db_host

Data type: Stdlib::Host

The host where the vspheredb-database will be running

db_port

Data type: Optional[Stdlib::Port]

The port on which the database is accessible.

Default value: undef

db_name

Data type: String[1]

The name of the database this module should use.

db_username

Data type: String[1]

The username needed to access the database.

db_password

Data type: Optional[Icinga::Secret]

The password needed to access the database.

Default value: undef

db_charset

Data type: Optional[String[1]]

The charset the database is set to.

Default value: undef

use_tls

Data type: Optional[Boolean]

Either enable or disable TLS encryption to the database. Other TLS parameters are only affected if this is set to 'true'.

Default value: undef

tls_key_file

Data type: Optional[Stdlib::Absolutepath]

Location of the private key for client authentication. Only valid if tls is enabled.

Default value: undef

tls_cert_file

Data type: Optional[Stdlib::Absolutepath]

Location of the certificate for client authentication. Only valid if tls is enabled.

Default value: undef

tls_cacert_file

Data type: Optional[Stdlib::Absolutepath]

Location of the ca certificate. Only valid if tls is enabled.

Default value: undef

tls_key

Data type: Optional[Icinga::Secret]

The private key to store in spicified tls_key_file file. Only valid if tls is enabled.

Default value: undef

tls_cert

Data type: Optional[String[1]]

The certificate to store in spicified tls_cert_file file. Only valid if tls is enabled.

Default value: undef

tls_cacert

Data type: Optional[String[1]]

The ca certificate to store in spicified tls_cacert_file file. Only valid if tls is enabled.

Default value: undef

tls_capath

Data type: Optional[Stdlib::Absolutepath]

The file path to the directory that contains the trusted SSL CA certificates, which are stored in PEM format. Only available for the mysql database.

Default value: undef

tls_noverify

Data type: Optional[Boolean]

Disable validation of the server certificate.

Default value: undef

tls_cipher

Data type: Optional[String[1]]

Cipher to use for the encrypted database connection.

Default value: undef

import_schema

Data type: Optional[Icingaweb2::ImportSchema]

Whether to import the database schema or not. New options mariadb and mysql, both means true. With mariadb its cli options are used for the import, whereas with mysql its different options.

Default value: undef

manage_service

Data type: Boolean

If set to true the service (daemon) is managed.

service_ensure

Data type: Stdlib::Ensure::Service

Wether the service is running or stopped.

service_enable

Data type: Boolean

Whether the service should be started at boot time.

service_user

Data type: String[1]

The user as which the service is running. Only valid if install_method is set to git.

icingaweb2::module::x509

Installs the x509 module

Examples

class { 'icingaweb2::module::x509':
  ensure       => present,
  git_revision => 'v1.2.1',
  db_host      => 'localhost',
  db_name      => 'x509',
  db_username  => 'x509',
  db_password  => Sensitive('supersecret'),
}

Parameters

The following parameters are available in the icingaweb2::module::x509 class:

ensure

Data type: Enum['absent', 'present']

Ensures the state of the x509 module.

module_dir

Data type: Stdlib::Absolutepath

Target directory of the module.

Default value: "${icingaweb2::globals::default_module_path}/x509"

git_repository

Data type: Stdlib::HTTPUrl

The upstream module repository.

git_revision

Data type: Optional[String[1]]

The version of the module that needs to be used.

Default value: undef

install_method

Data type: Enum['git', 'none', 'package']

Install methods are git, package and none is supported as installation method.

package_name

Data type: String[1]

Package name of the module. This setting is only valid in combination with the installation method package.

db_type

Data type: Enum['mysql', 'pgsql']

The database type. Either mysql or pgsql.

db_resource_name

Data type: String[1]

Name for the x509 database resource.

db_host

Data type: Stdlib::Host

The host where the database will be running

db_port

Data type: Optional[Stdlib::Port]

The port on which the database is accessible.

Default value: undef

db_name

Data type: String[1]

The name of the database this module should use.

db_username

Data type: String[1]

The username needed to access the database.

db_password

Data type: Optional[Icinga::Secret]

The password needed to access the database.

Default value: undef

db_charset

Data type: Optional[String[1]]

The charset the database is set to.

Default value: undef

use_tls

Data type: Optional[Boolean]

Either enable or disable TLS encryption to the database. Other TLS parameters are only affected if this is set to 'true'.

Default value: undef

tls_key_file

Data type: Optional[Stdlib::Absolutepath]

Location of the private key for client authentication. Only valid if tls is enabled.

Default value: undef

tls_cert_file

Data type: Optional[Stdlib::Absolutepath]

Location of the certificate for client authentication. Only valid if tls is enabled.

Default value: undef

tls_cacert_file

Data type: Optional[Stdlib::Absolutepath]

Location of the ca certificate. Only valid if tls is enabled.

Default value: undef

tls_key

Data type: Optional[Icinga::Secret]

The private key to store in spicified tls_key_file file. Only valid if tls is enabled.

Default value: undef

tls_cert

Data type: Optional[String[1]]

The certificate to store in spicified tls_cert_file file. Only valid if tls is enabled.

Default value: undef

tls_cacert

Data type: Optional[String[1]]

The ca certificate to store in spicified tls_cacert_file file. Only valid if tls is enabled.

Default value: undef

tls_capath

Data type: Optional[Stdlib::Absolutepath]

The file path to the directory that contains the trusted SSL CA certificates, which are stored in PEM format. Only available for the mysql database.

Default value: undef

tls_noverify

Data type: Optional[Boolean]

Disable validation of the server certificate.

Default value: undef

tls_cipher

Data type: Optional[String[1]]

Cipher to use for the encrypted database connection.

Default value: undef

import_schema

Data type: Optional[Icingaweb2::ImportSchema]

Whether to import the database schema or not. Options mariadb and mysql, both means true. With mariadb its cli options are used for the import, whereas with mysql its different options.

Default value: undef

manage_service

Data type: Boolean

If set to true the service (daemon) is managed.

service_ensure

Data type: Stdlib::Ensure::Service

Wether the service is running or stopped.

service_enable

Data type: Boolean

Whether the service should be started at boot time.

service_user

Data type: String[1]

The user as which the service is running. Only valid if install_method is set to git.

Defined types

icingaweb2::config::authmethod

Manage Icinga Web 2 authentication methods. Auth methods may be chained by setting proper ordering.

Examples

Create an authentication method (db) and reference to a resource:
icingaweb2::config::authmethod { 'db-auth':
  backend  => 'db',
  resource => 'my-sql',
  order    => 20,
}
Create a LDAP authmethod:
icingaweb2::config::authmethod { 'ldap-auth':
  backend                  => 'ldap',
  resource                 => 'my-ldap',
  ldap_user_class          => 'user',
  ldap_filter              => '(memberof:1.2.840.113556.1.4.1941:=CN=monitoring,OU=groups,DC=icinga,DC=com)',
  ldap_user_name_attribute => 'userPrincipalName',
  order                    => '05',
}

Parameters

The following parameters are available in the icingaweb2::config::authmethod defined type:

backend

Data type: Enum['external', 'ldap', 'msldap', 'db']

Select between 'external', 'ldap', 'msldap' or 'db'. Each backend may require other settings.

resource

Data type: Optional[String]

The name of the resource defined in resources.ini.

Default value: undef

ldap_user_class

Data type: Optional[String]

LDAP user class. Only valid if backend is ldap or msldap.

Default value: undef

ldap_user_name_attribute

Data type: Optional[String]

LDAP attribute which contains the username. Only valid if backend is ldap or msldap.

Default value: undef

ldap_filter

Data type: Optional[String]

LDAP search filter. Only valid if backend is ldap or msladap.

Default value: undef

ldap_base_dn

Data type: Optional[String]

LDAP base DN. Only valid if backend is ldap or msldap.

Default value: undef

domain

Data type: Optional[String]

Domain for domain-aware authentication

Default value: undef

order

Data type: Variant[String, Integer]

Multiple authentication methods can be chained. The order of entries in the authentication configuration determines the order of the authentication methods.

Default value: '30'

icingaweb2::config::dashboard

Manage a dashboard.

Examples

Create a new Dashboard:
icingaweb2::config::dashboard { 'icingaadmin-NewDashboard':
  owner     => 'icingaadmin',
  dashboard => 'New Dashboard',
}

Parameters

The following parameters are available in the icingaweb2::config::dashboard defined type:

owner

Data type: String

Owner of the dashboard.

dashboard

Data type: String

Title of the dashboard.

icingaweb2::config::dashlet

Manage a dashlet.

Examples

Create a new Dashboard with a Dashlet:
icingaweb2::config::dashboard { 'icingaadmin-NewDashboard':
  owner     => 'icingaadmin',
  dashboard => 'New Dashboard',
}

icingaweb2::config::dashlet { 'icingaadmin-NewDashboard':
  owner     => 'icingaadmin',
  dashboard => 'New Dashboard',
  dashlet   => 'New Dashlet',
  url       => 'monitoring/list/hosts',
}
Add new Dashlet to an existing default dashboard:
icingaweb2::config::dashlet { 'icingaadmin-Overdue-NewDashlet':
  owner     => 'icingaadmin',
  dashboard => 'Overdue',
  dashlet   => 'New Dashlet',
  url       => 'monitoring/list/hosts',
}

Parameters

The following parameters are available in the icingaweb2::config::dashlet defined type:

owner

Data type: String

Owner of the dashlet.

dashboard

Data type: String

Dashboard to which the dashlet belongs.

dashlet

Data type: String

Name of the dashlet.

url

Data type: String

URL of the dashlet.

icingaweb2::config::groupbackend

Groups of users can be stored either in a database, LDAP or ActiveDirectory. This defined type configures backends that store groups.

Examples

A group backend for groups stored in LDAP:
icingaweb2::config::groupbackend { 'ldap-groups':
  backend                     => 'ldap',
  resource                    => 'my-ldap',
  ldap_group_class            => 'group',
  ldap_group_name_attribute   => 'cn',
  ldap_group_member_attribute => 'member',
  ldap_base_dn                => 'ou=groups,dc=icinga,dc=com',
  domain                      => 'icinga.com',
}
If you have imported the database schema (parameter import_schema), this backend was also created automatically:
icingaweb2::config::groupbackend { 'mysql-backend':
  backend  => 'db',
  resource => 'my-sql',
}

Parameters

The following parameters are available in the icingaweb2::config::groupbackend defined type:

group_name

Data type: String

Name of the resources. Resources are referenced by their name in other configuration sections.

Default value: $title

backend

Data type: Enum['db', 'ldap', 'msldap']

Type of backend. Valide values are: db, ldap and msldap. Each backend supports different settings, see the parameters for detailed information.

resource

Data type: String

The resource used to connect to the backend. The resource contains connection information.

ldap_user_backend

Data type: Optional[String]

A group backend can be connected with an authentication method. This parameter references the auth method. Only valid with backend ldap or msldap.

Default value: undef

ldap_group_class

Data type: Optional[String]

Class used to identify group objects. Only valid with backend ldap.

Default value: undef

ldap_group_filter

Data type: Optional[String]

Use a LDAP filter to receive only certain groups. Only valid with backend ldap or msldap.

Default value: undef

ldap_group_name_attribute

Data type: Optional[String]

The group name attribute. Only valid with backend ldap.

Default value: undef

ldap_group_member_attribute

Data type: Optional[String]

The group member attribute. Only valid with backend ldap.

Default value: undef

ldap_base_dn

Data type: Optional[String]

Base DN that is searched for groups. Only valid with backend ldap with msldap.

Default value: undef

ldap_nested_group_search

Data type: Optional[Boolean]

Search for groups in groups. Only valid with backend msldap.

Default value: undef

domain

Data type: Optional[String]

Domain for domain-aware authentication.

Default value: undef

order

Data type: Variant[String, Integer]

Multiple authentication methods can be chained. The order of entries in the authentication configuration determines the order of the authentication methods.

Default value: '30'

icingaweb2::config::navigation

Navigate defines a menu entry, host- or service action.

Parameters

The following parameters are available in the icingaweb2::config::navigation defined type:

item_name

Data type: String

Name of the menu entry, host- or service action.

Default value: $title

owner

Data type: String

Owner of the navigation item.

type

Data type:

Enum[
    'menu-item',
    'host-action',
    'service-action'
  ]

Type of the navigation item.

Default value: 'menu-item'

shared

Data type: Boolean

Creates a shared navigation item.

Default value: false

users

Data type: Optional[Array[String]]

List of users who have access to the element. Only valid if shared.

Default value: undef

groups

Data type: Optional[Array[String]]

List of user groups that have access to the element. Only valid if shared.

Default value: undef

parent

Data type: Optional[String]

The name of the a parent item. Only valid for menu entries. Important: shared has to set if the parent entry is also shared.

Default value: undef

target

Data type: Enum['_blank', '_main']

The target to view the content.

Default value: '_main'

url

Data type: String

Url to the content of the navigation item.

icon

Data type: Optional[String]

Location of an icon for the navigation item.

Default value: undef

filter

Data type: Optional[String]

Filter to restrict the result of the content. Only valid for actions.

Default value: undef

icingaweb2::config::role

Roles define a set of permissions that may be applied to users or groups.

Examples

Create role that allows only hosts beginning with linux-*:
icingaweb2::config::role{ 'linux-user':
  groups      => 'linuxer',
  permissions => '*',
  filters     => {
    'monitoring/filter/objects' => 'host_name=linux-*'
  }
}

Parameters

The following parameters are available in the icingaweb2::config::role defined type:

role_name

Data type: String

Name of the role.

Default value: $title

users

Data type: Optional[String]

Comma separated list of users this role applies to.

Default value: undef

groups

Data type: Optional[String]

Comma separated list of groups this role applies to.

Default value: undef

parent

Data type: Optional[String]

The name of the role from which to inherit privileges.

Default value: undef

permissions

Data type: Optional[String]

Comma separated lsit of permissions. Each module may add it's own permissions. Examples are

  • Allow everything: '*'
  • Allow config access: 'config/*'
  • Allow access do module icingadb: 'module/icingadb'
  • Allow scheduling checks: 'icingadb/command/schedule-checks'
  • Grant admin permissions: 'admin'

Default value: undef

refusals

Data type: Optional[String]

Refusals are used to deny access. So they’re the exact opposite of permissions.

Default value: undef

unrestricted

Data type: Optional[Boolean]

If set to true, owners of this role are not restricted in any way.

Default value: undef

filters

Data type: Hash

Hash of filters. Modules may add new filter keys, some sample keys are:

  • application/share/users
  • application/share/groups
  • icingadb/filter/objects A string value is expected for each used key. For example:
  • icingadb/filter/objects = "host_name!=win"

Default value: {}

icingaweb2::inisection

Manage settings in INI configuration files.

Examples

Create the configuration file and set two settings for the section global:
include icingawebeb2

icingaweb2::inisection { '/path/to/config.ini':
  settings => {
    'global' => {
      'setting1' => 'value',
      'setting2' => 'value',
    },
  },
}

Parameters

The following parameters are available in the icingaweb2::inisection defined type:

target

Data type: Stdlib::Absolutepath

Absolute path to the configuration file.

section_name

Data type: String[1]

Name of the target section. Settings are set under [$section_name]

Default value: $title

settings

Data type: Hash

A hash of settings and their settings. Single settings may be set to absent.

Default value: {}

order

Data type: Variant[String[1], Integer[1]]

Ordering of the INI section within a file. Defaults to 01

Default value: '01'

replace

Data type: Boolean

Specifies whether to overwrite the destination file if it already exists.

Default value: true

icingaweb2::module

Download, enable and configure Icinga Web 2 modules.

  • Note If you want to use git as install_method, the CLI git command has to be installed. You can manage it yourself as package resource or declare the package name in icingaweb2 class parameter extra_packages.

Examples

$conf_dir        = $icingaweb2::globals::conf_dir
$module_conf_dir = "${conf_dir}/modules/mymodule"

$settings = {
  'section1' => {
    'target'   => "${module_conf_dir}/config1.ini",
    'settings' => {
      'setting1' => 'value1',
      'setting2' => 'value2',
    }
  },
  'section2' => {
    'target'   => "${module_conf_dir}/config2.ini",
    'settings' => {
      'setting3' => 'value3',
      'setting4' => 'value4',
    }
  }
}

Parameters

The following parameters are available in the icingaweb2::module defined type:

ensure

Data type: Enum['absent', 'present']

Enable or disable module.

Default value: 'present'

module

Data type: String[1]

Name of the module.

Default value: $title

module_dir

Data type: Stdlib::Absolutepath

Target directory of the module. Defaults to first item of module_path.

Default value: "${icingaweb2::globals::default_module_path}/${title}"

install_method

Data type: Enum['git', 'none', 'package']

Install methods are git, package and none is supported as installation method. Defaults to git

Default value: 'git'

git_repository

Data type: Optional[String[1]]

The git repository. This setting is only valid in combination with the installation method git.

Default value: undef

git_revision

Data type: String

Tag or branch of the git repository. This setting is only valid in combination with the installation method git.

Default value: 'master'

package_name

Data type: Optional[String[1]]

Package name of the module. This setting is only valid in combination with the installation method package.

Default value: undef

settings

Data type: Hash[String[1], Any]

A hash with the module settings. Multiple configuration files with ini sections can be configured with this hash. The module_name should be used as target directory for the configuration files.

Default value: {}

icingaweb2::resource::database

Create and remove Icinga Web 2 database resources.

Examples

Create a MySQL DB resource:
icingaweb2::resource::database { 'mysql':
  type     => 'mysql',
  host     => 'localhost',
  port     => '3306',
  database => 'icingaweb2',
  username => 'icingaweb2',
  password => 'supersecret',
}

Parameters

The following parameters are available in the icingaweb2::resource::database defined type:

resource_name

Data type: String[1]

Name of the resources. Resources are referenced by their name in other configuration sections.

Default value: $title

type

Data type:

Enum['mysql', 'pgsql', 'mssql',
  'oci', 'oracle', 'ibm', 'sqlite']

Set database type to connect.

host

Data type: Optional[Stdlib::Host]

Connect to the database on the given host. For using unix domain sockets, specify 'localhost' for MySQL and the path to the unix domain socket and the directory for PostgreSQL.

Default value: undef

port

Data type: Optional[Stdlib::Port]

Port number to use.

Default value: undef

database

Data type: String[1]

The database to use.

username

Data type: Optional[String[1]]

The username to use when connecting to the server.

Default value: undef

password

Data type: Optional[Icinga::Secret]

The password to use when connecting the database.

Default value: undef

charset

Data type: Optional[String[1]]

The character set to use for the database connection.

Default value: undef

use_tls

Data type: Optional[Boolean]

Either enable or disable TLS encryption to the database. Other TLS parameters are only affected if this is set to 'true'.

Default value: undef

tls_noverify

Data type: Optional[Boolean]

Disable validation of the server certificate.

Default value: undef

tls_key

Data type: Optional[Stdlib::Absolutepath]

Location of the private key for client authentication. Only valid if tls is enabled.

Default value: undef

tls_cert

Data type: Optional[Stdlib::Absolutepath]

Location of the certificate for client authentication. Only valid if tls is enabled.

Default value: undef

tls_cacert

Data type: Optional[Stdlib::Absolutepath]

Location of the ca certificate. Only valid if tls is enabled.

Default value: undef

tls_capath

Data type: Optional[Stdlib::Absolutepath]

The file path to the directory that contains the trusted SSL CA certificates, which are stored in PEM format. Only available for the mysql database.

Default value: undef

tls_cipher

Data type: Optional[String[1]]

Chipher to use for the encrypted database connection.

Default value: undef

icingaweb2::resource::ldap

Create and remove Icinga Web 2 resources. Resources may be referenced in other configuration sections.

Examples

Create a LDAP resource:
icingaweb2::resource::ldap{ 'my-ldap':
  host    => 'localhost',
  port    => 389,
  root_dn => 'ou=users,dc=icinga,dc=com',
  bind_dn => 'cn=icingaweb2,ou=users,dc=icinga,dc=com',
  bind_pw => Sensitive('supersecret'),
}

Parameters

The following parameters are available in the icingaweb2::resource::ldap defined type:

resource_name

Data type: String[1]

Name of the resources. Resources are referenced by their name in other configuration sections.

Default value: $title

host

Data type: String[1]

Connect to the database or ldap server on the given host. For using unix domain sockets, specify 'localhost' for MySQL and the path to the unix domain socket directory for PostgreSQL. When using the 'ldap' type you can also provide multiple hosts separated by a space.

Default value: 'localhost'

port

Data type: Optional[Stdlib::Port]

Port number to use.

Default value: undef

root_dn

Data type: Optional[String[1]]

Root object of the tree, e.g. 'ou=people,dc=icinga,dc=com'.

Default value: undef

bind_dn

Data type: Optional[String[1]]

The user to use when connecting to the server.

Default value: undef

bind_pw

Data type: Optional[Icinga::Secret]

The password to use when connecting to the server.

Default value: undef

encryption

Data type: Enum['none', 'starttls', 'ldaps']

Type of encryption to use: none (default), starttls, ldaps.

Default value: 'none'

timeout

Data type: Integer

Timeout for the ldap connection.

Default value: 5

Functions

icingaweb2::pick

Type: Puppet Language

This function returns first parameter if set.

icingaweb2::pick(Any $arg1, Any $arg2)

The icingaweb2::pick function.

Returns: Any One of the two parameters.

arg1

Data type: Any

arg2

Data type: Any

Data types

Icingaweb2::AdminRole

A strict type for the default admin role

Alias of

Struct[{
    name   => String,
    users  => Optional[Array[String[1]]],
    groups => Optional[Array[String[1]]],
}]

Icingaweb2::ImportSchema

A type for setting import database schemata

Alias of Variant[Boolean, Enum['mariadb', 'mysql']]