Coder Social home page Coder Social logo

icingaweb2-module-ca's Introduction

CA Module for Icinga Web 2

Icinga Logo

  1. About
  2. Requirements
  3. License
  4. Getting Started
  5. Contributing

About

The Certificate Authority Module for Icinga Web 2 allows the user to manage the local Icinga Certification Authority.

Requirements

  • Icinga Web 2 version 2.5.1+
  • PHP version 5.6.x or 7.x

License

The CA Module for Icinga Web 2 is licensed under the terms of the GNU General Public License Version 2, you will find a copy of this license in the COPYING file included in the source package.

Getting Started

Nothing special. As with every Icinga Web 2 module, drop this to one of your modules folders and make sure that the folder name is ca. Because the web server doesn't run as icinga user, we need to allow for the sudo operations:

Installation

  1. Download the latest version as tarball
  2. Extract the tarball in the Icinga Web 2 modules directory
  3. Make sure the CA module folder is named ca

For Developers only

Clone the repository via Git to your Icinga Web 2 modules directory.

Configuration

# vi /etc/sudoers.d/apache

Cmnd_Alias      CA_CMDS = /usr/sbin/icinga2 ca list, /usr/sbin/icinga2 ca sign *, /usr/sbin/icinga2 ca list --all
Cmnd_Alias      APACHE_COMMANDS = CA_CMDS
User_Alias      APACHEUSERS = apache

Defaults:APACHEUSERS        !requiretty
APACHEUSERS   ALL = (icinga) NOPASSWD: APACHE_COMMANDS

# vi /etc/icingaweb2/modules/ca/config.ini

[config]
icinga2 = "/usr/sbin/icinga2"
sudo = "/usr/bin/sudo"
runas = "icinga"

Screenshots

Sign Screenshot CA - Sign Menu

Module Information Screenshot CA - Module Info

Module Config Screenshot CA - Module Config

Contributing

There are many ways to contribute to Icinga -- whether it be sending patches, testing, reporting bugs, or reviewing and updating the documentation. Every contribution is appreciated!

icingaweb2-module-ca's People

Contributors

araujorm avatar mcktr avatar nunofernandes avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar

Forkers

mcktr bluemutedwisdom moreamazingnick araujorm

icingaweb2-module-ca's Issues

Address changes in Icinga 2 2.11

I want to make you aware of an upcoming change in Icinga 2 2.11 which will affect your module.

Expected Behavior

Handle the new behaviour coming with 2.11:

  • icinga2 ca list will only list unsigned requests.
  • icinga2 ca list --all will list all requests.
  • Icinga 2 will cleanup unsigned requests after 1 week.

Current Behavior

Without addressing the changes the module will only show unsigned requests.

Possible Solution

Just add --all to the command or add a config option for it.

Context

Icinga 2 2.11 coming later this year.

Module is not able to parse output

Expected Behavior

Module shows output of icinga2 ca list

Current Behavior

Modules shows following error:
ca_error_web2

Possible Solution

As workaround unset first six lines.

Steps to Reproduce (for bugs)

  1. Install as it is in instruction described
  2. su - apache -s /bin/bash
  3. /usr/bin/sudo -u icinga /usr/sbin/icinga2 ca list
  4. Produce following output:
[2018-12-05 14:03:51 +0100] warning/Application: Failed to adjust resource limit for open file handles (RLIMIT_NOFILE) with error "Operation not permitted"
[2018-12-05 14:03:51 +0100] warning/Application: Failed adjust resource limit for number of processes (RLIMIT_NPROC) with error "Operation not permitted"
[2018-12-05 14:03:51 +0100] warning/Application: Failed to adjust resource limit for open file handles (RLIMIT_NOFILE) with error "Operation not permitted"
[2018-12-05 14:03:51 +0100] warning/Application: Failed adjust resource limit for number of processes (RLIMIT_NPROC) with error "Operation not permitted"
Fingerprint                                                      | Timestamp                | Signed | Subject
-----------------------------------------------------------------|--------------------------|--------|--------

Context

Your Environment

  • Icinga Web 2 version and modules (System - About):
ca | 1.0.0
monitoring | 2.6.2
  • Version used (icinga2 --version):
    icinga2 | r2.10.2-1
  • Operating System and version:
    CentOS Linux release 7.5.1804 (Core)
  • Enabled features (icinga2 feature list):
    api checker ido-mysql mainlog notification
  • Config validation (icinga2 daemon -C):
[2018-12-05 14:27:02 +0100] information/cli: Icinga application loader (version: r2.10.2-1)
[2018-12-05 14:27:02 +0100] information/cli: Loading configuration file(s).
[2018-12-05 14:27:02 +0100] information/ConfigItem: Committing config item(s).
[2018-12-05 14:27:02 +0100] information/ApiListener: My API identity: localhost.local
[2018-12-05 14:27:02 +0100] information/ConfigItem: Instantiated 900 Services.
[2018-12-05 14:27:02 +0100] information/ConfigItem: Instantiated 1 IcingaApplication.
[2018-12-05 14:27:02 +0100] information/ConfigItem: Instantiated 31 Hosts.
[2018-12-05 14:27:02 +0100] information/ConfigItem: Instantiated 1 FileLogger.
[2018-12-05 14:27:02 +0100] information/ConfigItem: Instantiated 2 NotificationCommands.
[2018-12-05 14:27:02 +0100] information/ConfigItem: Instantiated 1 NotificationComponent.
[2018-12-05 14:27:02 +0100] information/ConfigItem: Instantiated 5 HostGroups.
[2018-12-05 14:27:02 +0100] information/ConfigItem: Instantiated 1 ApiListener.
[2018-12-05 14:27:02 +0100] information/ConfigItem: Instantiated 1 CheckerComponent.
[2018-12-05 14:27:02 +0100] information/ConfigItem: Instantiated 5 Zones.
[2018-12-05 14:27:02 +0100] information/ConfigItem: Instantiated 2 Endpoints.
[2018-12-05 14:27:02 +0100] information/ConfigItem: Instantiated 2 ApiUsers.
[2018-12-05 14:27:02 +0100] information/ConfigItem: Instantiated 1 IdoMysqlConnection.
[2018-12-05 14:27:02 +0100] information/ConfigItem: Instantiated 215 CheckCommands.
[2018-12-05 14:27:02 +0100] information/ScriptGlobal: Dumping variables to file '/var/cache/icinga2/icinga2.vars'
[2018-12-05 14:27:02 +0100] information/cli: Finished validating the configuration file(s).

Module CA's menu entry not visible any longer

Describe the bug

The module CA has had a menu entry below System, but this is no longer visible with current version of Icinga Web 2 (likely since 2.10 as it introduced the change to the menu entries).

To Reproduce

  1. Install the module
  2. Do not find the menu entry
  3. Directly access the url /icingaweb2/ca to see the module is still working fine

Expected behavior

See the module entry again allowing to navigate to the URL

Your Environment

Include as many relevant details about the environment you experienced the problem in

Icinga Web 2 version and modules (System - About): 2.11.2
Web browser used: Edge
Icinga 2 version used (icinga2 --version): 2.13.2
PHP version used (php --version): 7.4
Server operating system and version: RHEL 8

Additional context

Issue at the Icinga Web 2: Icinga/icingaweb2#4951

Doesn't work with Ubuntu 16.04

No Information is shown in the webinterface.

Expected Behavior

Pending certificates should be shown.

Current Behavior

I can't see the actual pending certificate requests.

Possible Solution

Maybe the username oder path is not correct.

Steps to Reproduce (for bugs)

Use the configuration shown in the readme.

Context

I tried to figure out, if the pathes oder usernames are different on Ubuntu, but I can't solve the problem.

Your Environment

  • Icinga Web 2 version and modules (System - About):
  • Version used (icinga2 --version): r2.8.2-1
  • Operating System and version: Ubuntu 16.04.4 LTS
  • Enabled features (icinga2 feature list): Enabled features: api checker command graphite ido-mysql mainlog notification
  • Config validation (icinga2 daemon -C): information/cli: Icinga application loader (version: r2.8.2-1)
    information/cli: Loading configuration file(s).
    information/ConfigItem: Committing config item(s).
    information/ApiListener: My API identity: icinga2.myhome.local
    information/ConfigItem: Instantiated 1 ApiListener.
    information/ConfigItem: Instantiated 105 Zones.
    information/ConfigItem: Instantiated 104 Endpoints.
    information/ConfigItem: Instantiated 1 FileLogger.
    information/ConfigItem: Instantiated 2 ApiUsers.
    information/ConfigItem: Instantiated 2408 Notifications.
    information/ConfigItem: Instantiated 12 NotificationCommands.
    information/ConfigItem: Instantiated 246 CheckCommands.
    information/ConfigItem: Instantiated 1 Downtime.
    information/ConfigItem: Instantiated 22 HostGroups.
    information/ConfigItem: Instantiated 1 IcingaApplication.
    information/ConfigItem: Instantiated 1 EventCommand.
    information/ConfigItem: Instantiated 120 Hosts.
    information/ConfigItem: Instantiated 1 Comment.
    information/ConfigItem: Instantiated 1 UserGroup.
    information/ConfigItem: Instantiated 8 Users.
    information/ConfigItem: Instantiated 3 TimePeriods.
    information/ConfigItem: Instantiated 1032 Services.
    information/ConfigItem: Instantiated 30 ServiceGroups.
    information/ConfigItem: Instantiated 1 ScheduledDowntime.
    information/ConfigItem: Instantiated 1 CheckerComponent.
    information/ConfigItem: Instantiated 1 ExternalCommandListener.
    information/ConfigItem: Instantiated 1 GraphiteWriter.
    information/ConfigItem: Instantiated 1 IdoMysqlConnection.
    information/ConfigItem: Instantiated 1 NotificationComponent.
    information/ScriptGlobal: Dumping variables to file '/var/cache/icinga2/icinga2.vars'
    information/cli: Finished validating the configuration file(s).

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.