作为后续问题如何在不使用 CLI 向导的情况下设置 Icinga2 远程客户端?,我想以自动化的方式设置主机。
答案1
示例脚本用于解决上述问题。尽情享受吧!
HOSTNAME=`cat /etc/hostname`
icinga2 pki new-ca
chown nagios:nagios /etc/icinga2/pki
icinga2 pki new-cert --cn ${HOSTNAME} --key /etc/icinga2/pki/${HOSTNAME}.key --csr /etc/icinga2/pki/${HOSTNAME}.csr --cert /etc/icinga2/pki/${HOSTNAME}.crt
icinga2 pki sign-csr --csr /etc/icinga2/pki/${HOSTNAME}.csr --cert /etc/icinga2/pki/${HOSTNAME}.crt # typo fixed :)
cp -vR --preserve=all /var/lib/icinga2/ca/ca.crt /etc/icinga2/pki
cat >/etc/icinga2/zones.conf << EOFZONECONF
/**
* Generated by $0.
*/
object Endpoint "${HOSTNAME}" {
}
object Zone "master" {
//this is the local node master named = "master"
endpoints = [ "${HOSTNAME}" ]
}
EOFZONECONF
icinga2 feature enable api
# The next three lines modify the NodeName and TicketSalt assignments
sed -i "s/\/\/const NodeName.*/const NodeName = \"${HOSTNAME}\"/" /etc/icinga2/constants.conf
SALT=`cat /dev/urandom | tr -dc 'a-z0-9' | fold -w 16 | head -n 1`
sed -i "s/const TicketSalt.*/const TicketSalt = \"${SALT}\"/" /etc/icinga2/constants.conf
service icinga2 restart