Hey lovely icinga2-community,
I have a easy question:
It is possible to install and configure a new and fresh linux system (based on ubuntu/debian) via script to get monitored by icinga?
My windows-systems gets imported and created in the icinga2-director automatically via api key (of a host-template) and the “IcingaForWindows.ps1” powershellscript with a big line of arguments in the parameter “Install-Command”. Thats works perfect! Just execute the powershell script on all servers that I want and boom, finished. Windows-servers doing self-registering.
Is there something similiar for linux? I want a script for all linux-server, that register them in the director and installs icinga2…
Best regards,
Philipp
you can use this one and adapt it for icinga director selfservice features.
there is some work from neteye:
2 Likes
Many thanks!
I edit the neteye config to my own.
Works perfectly on a new and fresh debian 12.
Just run the script, it installs and configures the client fully automatic and register the agent on the director. On the director I have only to apply the new configuration (new host).
#!/bin/bash
#turn on debug mode
set -x
#turn off ipv6
echo 'net.ipv6.conf.all.disable_ipv6 = 1' >> /etc/sysctl.conf
systemctl restart NetworkManager
systemctl restart networking
#install icinga2 and some dependieces
apt-get update --allow-insecure-repositories
apt install apt-transport-https -y
apt install wget -y
apt install gnupg -y
apt install curl -y
apt install jq -y
apt install icinga2 -y
apt install monitoring-plugins -y
systemctl restart icinga2
#set variables (director api root, parent zone could be master or a satellite)
user="root / icinga_api user"
password="api_password"
HOST_DIRECTOR_FQDN="fqdn of your director server"
API_KEY="api key of your host-template"
PARENTZONE="master oder satellite zone"
PARENTNAME="master oder satellite hostname"
AGENTNAME=$(hostname)".your.domain.lab"
AGENTZONE=$(hostname)".your.domain.lab"
#api command
curl -k -s -u $user:$password -H 'Accept: application/json' -X POST 'https://'$HOST_DIRECTOR_FQDN'/icingaweb2/director/self-service/register-host?name='$AGENTNAME'&key='$API_KEY -d '{ "display_name": "'$AGENTNAME'", "address": "'$AGENTNAME'" }'
#generate ticket for agent
TICKET=$(curl -k -s -u $user:$password -H 'Accept: application/json' -X POST 'https://'$HOST_DIRECTOR_FQDN':5665/v1/actions/generate-ticket' -d '{ "cn":"'$AGENTNAME'", "pretty": true }' | jq -r ".results[0].ticket" )
#set user permissions and creates cert folder
mkdir -p /var/lib/icinga2/certs
chown -R nagios:nagios /var/lib/icinga2/certs
#generate/build command with variable as parameteres
new_cert="icinga2 pki new-cert --cn "
new_cert+=$AGENTNAME
new_cert+=" --key /var/lib/icinga2/certs/"
new_cert+=$AGENTNAME
new_cert+=".key --cert /var/lib/icinga2/certs/"
new_cert+=$AGENTNAME
new_cert+=".crt"
$new_cert
save_cert="icinga2 pki save-cert --key /var/lib/icinga2/certs/"
save_cert+=$AGENTNAME
save_cert+=".key --cert /var/lib/icinga2/certs/"
save_cert+=$AGENTNAME
save_cert+=".crt --trustedcert /var/lib/icinga2/certs/trusted-parent.crt --host "
save_cert+=$PARENTNAME
$save_cert
node_setup="icinga2 node setup --ticket "
node_setup+=$TICKET
node_setup+=" --cn "
node_setup+=$AGENTNAME
node_setup+=" --endpoint "
node_setup+=$PARENTNAME
node_setup+=" --zone "
node_setup+=$AGENTZONE
node_setup+=" --parent_zone "
node_setup+=$PARENTZONE
node_setup+=" --parent_host "
node_setup+=$PARENTNAME
node_setup+=" --trustedcert /var/lib/icinga2/certs/trusted-parent.crt --accept-commands --accept-config --disable-confd"
$node_setup
systemctl restart icinga2.service
Hope it helps someone. 