mirror of
https://github.com/bashclub/zamba-lxc-toolbox
synced 2026-01-02 16:56:22 +00:00
add bashclub-cmk
This commit is contained in:
Thorsten Spille
39
src/bashclub-cmk/constants-service.conf
Normal file
39
src/bashclub-cmk/constants-service.conf
Normal file
@@ -0,0 +1,39 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
# Authors:
|
||||||
|
# (C) 2021 Idea an concept by Christian Zengel <christian@sysops.de>
|
||||||
|
# (C) 2021 Script design and prototype by Markus Helmke <m.helmke@nettwarker.de>
|
||||||
|
# (C) 2021 Script rework and documentation by Thorsten Spille <thorsten@spille-edv.de>
|
||||||
|
|
||||||
|
# This file contains the project constants on service level
|
||||||
|
|
||||||
|
# Debian Version, which will be installed
|
||||||
|
LXC_TEMPLATE_VERSION="debian-13-standard"
|
||||||
|
|
||||||
|
|
||||||
|
# Create sharefs mountpoint
|
||||||
|
LXC_MP=1
|
||||||
|
# Defines the mountpoint of the filesystem shared by Zamba inside your LXC container (default: tank)
|
||||||
|
LXC_SHAREFS_MOUNTPOINT="var/lib/cmk-push-agent"
|
||||||
|
# Defines the recordsize of mp0
|
||||||
|
LXC_MP_RECORDSIZE="16K"
|
||||||
|
|
||||||
|
# Create unprivileged container
|
||||||
|
LXC_UNPRIVILEGED="1"
|
||||||
|
|
||||||
|
# enable nesting feature
|
||||||
|
LXC_NESTING="1"
|
||||||
|
|
||||||
|
# enable keyctl feature
|
||||||
|
LXC_KEYCTL="0"
|
||||||
|
|
||||||
|
# checkmk version
|
||||||
|
CMK_VERSION=2.4.0p18
|
||||||
|
# build number of the debian package (needs to start with underscore)
|
||||||
|
CMK_BUILD=_0
|
||||||
|
|
||||||
|
# Sets the minimum amount of RAM the service needs for operation
|
||||||
|
LXC_MEM_MIN=2048
|
||||||
|
|
||||||
|
# service dependent meta tags
|
||||||
|
SERVICE_TAGS="apache2"
|
||||||
86
src/bashclub-cmk/install-service.sh
Normal file
86
src/bashclub-cmk/install-service.sh
Normal file
@@ -0,0 +1,86 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
# Authors:
|
||||||
|
# (C) 2021 Idea an concept by Christian Zengel <christian@sysops.de>
|
||||||
|
# (C) 2021 Script design and prototype by Markus Helmke <m.helmke@nettwarker.de>
|
||||||
|
# (C) 2021 Script rework and documentation by Thorsten Spille <thorsten@spille-edv.de>
|
||||||
|
|
||||||
|
set -euo pipefail
|
||||||
|
|
||||||
|
source /root/functions.sh
|
||||||
|
source /root/zamba.conf
|
||||||
|
source /root/constants-service.conf
|
||||||
|
|
||||||
|
wget -O - https://apt.bashclub.org/gpg/bashclub.pub | gpg --dearmor > /usr/share/keyrings/bashclub-keyring.gpg
|
||||||
|
echo "deb [signed-by=/usr/share/keyrings/bashclub-keyring.gpg] https://apt.bashclub.org/testing $(lsb_release -cs) main" > /etc/apt/sources.list.d/bashclub.list
|
||||||
|
apt update
|
||||||
|
|
||||||
|
cd /tmp
|
||||||
|
wget https://download.checkmk.com/checkmk/$CMK_VERSION/check-mk-$CMK_EDITION-$CMK_VERSION$CMK_BUILD.$(lsb_release -cs)_amd64.deb
|
||||||
|
DEBIAN_FRONTEND=noninteractive DEBIAN_PRIORITY=critical apt -y -qq install ./check-mk-$CMK_EDITION-$CMK_VERSION$CMK_BUILD.$(lsb_release -cs)_amd64.deb
|
||||||
|
omd create --admin-password $CMK_ADMIN_PW $CMK_INSTANCE
|
||||||
|
|
||||||
|
cat << EOF > /etc/apache2/sites-available/000-default.conf
|
||||||
|
<VirtualHost *:80>
|
||||||
|
RewriteEngine On
|
||||||
|
RewriteCond %{HTTPS} !=on
|
||||||
|
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$CMK_INSTANCE [R,L]
|
||||||
|
</VirtualHost>
|
||||||
|
EOF
|
||||||
|
|
||||||
|
cat << EOF > /etc/apache2/sites-available/default-ssl.conf
|
||||||
|
<VirtualHost *:443>
|
||||||
|
RewriteEngine On
|
||||||
|
RewriteCond %{REQUEST_URI} !^/$CMK_INSTANCE
|
||||||
|
RewriteRule ^/(.*) https://%{HTTP_HOST}/$CMK_INSTANCE/\$1 [R=301,L]
|
||||||
|
|
||||||
|
ServerAdmin webmaster@localhost
|
||||||
|
|
||||||
|
DocumentRoot /var/www/html
|
||||||
|
|
||||||
|
ErrorLog \${APACHE_LOG_DIR}/error.log
|
||||||
|
CustomLog \${APACHE_LOG_DIR}/access.log combined
|
||||||
|
|
||||||
|
SSLEngine on
|
||||||
|
|
||||||
|
SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
|
||||||
|
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
|
||||||
|
|
||||||
|
#SSLCertificateChainFile /etc/apache2/ssl.crt/server-ca.crt
|
||||||
|
|
||||||
|
#SSLCACertificatePath /etc/ssl/certs/
|
||||||
|
#SSLCACertificateFile /etc/apache2/ssl.crt/ca-bundle.crt
|
||||||
|
|
||||||
|
#SSLCARevocationPath /etc/apache2/ssl.crl/
|
||||||
|
#SSLCARevocationFile /etc/apache2/ssl.crl/ca-bundle.crl
|
||||||
|
|
||||||
|
#SSLVerifyClient require
|
||||||
|
#SSLVerifyDepth 10
|
||||||
|
|
||||||
|
#SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire
|
||||||
|
<FilesMatch "\.(?:cgi|shtml|phtml|php)\$">
|
||||||
|
SSLOptions +StdEnvVars
|
||||||
|
</FilesMatch>
|
||||||
|
<Directory /usr/lib/cgi-bin>
|
||||||
|
SSLOptions +StdEnvVars
|
||||||
|
</Directory>
|
||||||
|
|
||||||
|
</VirtualHost>
|
||||||
|
EOF
|
||||||
|
|
||||||
|
a2enmod ssl
|
||||||
|
a2enmod rewrite
|
||||||
|
a2ensite default-ssl
|
||||||
|
|
||||||
|
systemctl restart apache2.service
|
||||||
|
|
||||||
|
omd start $CMK_INSTANCE
|
||||||
|
|
||||||
|
# install matrix notification plugin
|
||||||
|
|
||||||
|
wget -O /opt/omd/sites/$CMK_INSTANCE/local/share/check_mk/notifications/matrix.py https://github.com/bashclub/check_mk_matrix_notifications/raw/master/matrix.py
|
||||||
|
chmod +x /opt/omd/sites/$CMK_INSTANCE/local/share/check_mk/notifications/matrix.py
|
||||||
|
chown $CMK_INSTANCE /opt/omd/sites/$CMK_INSTANCE/local/share/check_mk/notifications/matrix.py
|
||||||
|
|
||||||
|
|
||||||
|
DEBIAN_FRONTEND=noninteractive DEBIAN_PRIORITY=critical apt -y -qq install cmk-push-server
|
||||||
Reference in New Issue
Block a user