69 lines
1.7 KiB
Bash
Executable File
69 lines
1.7 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
# If parent CN is not specified, default it to the parent host.
|
|
# If the zone is not specified, default it to the CN of the satellite/agent.
|
|
# Use the default port if none is specified.
|
|
|
|
if [ -z "$PARENTCN" ]; then
|
|
PARENTCN="$PARENTHOST"
|
|
fi
|
|
|
|
if [ -z "$ZONE" ]; then
|
|
ZONE="$CN"
|
|
fi
|
|
|
|
if [ -z "$PARENTPORT" ]; then
|
|
PARENTPORT=5665
|
|
fi
|
|
|
|
# Set accept config and accept commands (defaults to no)
|
|
if [ "$ACCEPT_CONFIG" == "y" ]; then
|
|
ACCEPT_CONF="--accept-config"
|
|
else
|
|
ACCEPT_CONF=" "
|
|
fi
|
|
|
|
if [ "$ACCEPT_COMMANDS" == "y" ]; then
|
|
ACCEPT_COMM="--accept-commands"
|
|
else
|
|
ACCEPT_COMM=" "
|
|
fi
|
|
|
|
# Support for ticket via secrets for Docker Swarm
|
|
if [ ! -z "$TICKET_PATH" ]; then
|
|
TICKET=$(cat $TICKET_PATH)
|
|
fi
|
|
|
|
# Defaults to disable conf.d (so use "n" or anything else other than "y"
|
|
# to enable inclusion of conf.d directory)
|
|
if [ -z "$DISABLE_CONFD" ] || [ "$DISABLE_CONFD" == "y" ]; then
|
|
DISABLE_CONF="--disable-confd"
|
|
else
|
|
DISABLE_CONF=" "
|
|
fi
|
|
|
|
# Set the local timezone
|
|
if [ ! -z "$LOCAL_TIMEZONE" ]; then
|
|
ln -sf /usr/share/zoneinfo/"$LOCAL_TIMEZONE" /etc/localtime
|
|
fi
|
|
|
|
icinga2 pki new-cert --cn "$CN" \
|
|
--key /var/lib/icinga2/certs/"${CN}".key \
|
|
--cert /var/lib/icinga2/certs/"${CN}".crt
|
|
|
|
icinga2 pki save-cert --key /var/lib/icinga2/certs/"${CN}".key \
|
|
--cert /var/lib/icinga2/certs/"${CN}".crt \
|
|
--trustedcert /var/lib/icinga2/certs/"${PARENTCN}".crt \
|
|
--host "${PARENTHOST}"
|
|
|
|
icinga2 node setup --ticket "$TICKET" \
|
|
--cn "$CN" \
|
|
--endpoint "${PARENTCN}","${PARENTHOST}","${PARENTPORT}" \
|
|
--zone "$ZONE" \
|
|
--parent_zone "$PARENTZONE" \
|
|
--parent_host "$PARENTHOST" \
|
|
--trustedcert /var/lib/icinga2/certs/"${PARENTCN}".crt \
|
|
$ACCEPT_CONF \
|
|
$ACCEPT_COMM \
|
|
$DISABLE_CONF
|