Ansible Role icingaweb2¶
This role installs and configures IcingaWeb2.
Available since LFOps 2.0.0.
Dependent Roles¶
Any LFOps playbook that installs this role runs these for you. Optional ones can be disabled via the playbook’s skip variables.
MariaDB must be installed, with a database and a user for it (role: linuxfabrik.lfops.mariadb_server).
PHP >= 7.3 must be installed (role: linuxfabrik.lfops.php).
Requirements¶
Optional: the
mbstring,GDandImagickPHP modules are required for PDF exports.Optional: an LDAP PHP library is required when using Active Directory or LDAP for authentication.
Manual steps:
Deploy a web server (for example Apache httpd) with a virtual host for IcingaWeb2 by running the apache_httpd playbook (role: linuxfabrik.lfops.apache_httpd).
Mandatory Role Variables¶
icingaweb2__api_user_login
The account for accessing the Icinga2 API.
Type: Dictionary.
icingaweb2__database_login
The user account for accessing the SQL database. Currently, only MySQL is supported.
Type: Dictionary.
icingaweb2__url_host
The host part of the URL for IcingaWeb2. Will be used for the Apache HTTPd vHost.
Type: String.
Example:
# mandatory
icingaweb2__api_user_login:
username: 'icingaweb2-api-user'
password: 'linuxfabrik'
icingaweb2__database_login:
username: 'icingaweb2_user'
password: 'linuxfabrik'
icingaweb2__url_host: 'monitoring.example.com'
Optional Role Variables¶
icingaweb2__authentications__host_var / icingaweb2__authentications__group_var
A list of dictionaries defining the authentication backends (e.g. database) for IcingaWeb2. Have a look at https://icinga.com/docs/icinga-web-2/latest/doc/05-Authentication/.
For the usage in
host_vars/group_vars(can only be used in one group at a time).Type: List of dictionaries.
Default: IcingaWeb2 Database
Subkeys:
name:Mandatory. The name of the authentication backend.
Type: String.
free-form:
Optional. Will be used as the key-value pair in the resulting ini file.
Type: String.
icingaweb2__database_host
The host on which the SQL database is reachable.
Type: String.
Default:
'localhost'
icingaweb2__database_login_host
The Host-part of the SQL database user.
Type: String.
Default:
'localhost'
icingaweb2__database_name
The name of the SQL database.
Type: String.
Default:
'icingaweb2'
icingaweb2__default_theme
The application-wide default theme for the web interface.
Type: String.
Default:
'linuxfabrik/linuxfabrik'
icingaweb2__groups__host_var / icingaweb2__groups__group_var
A list of dictionaries defining the available user groups for IcingaWeb2. Have a look at https://icinga.com/docs/icinga-web-2/latest/doc/05-Authentication/#groups.
For the usage in
host_vars/group_vars(can only be used in one group at a time).Type: List of dictionaries.
Default:
[]Subkeys:
name:Mandatory. The name of the user group.
Type: String.
free-form:
Optional. Will be used as the key-value pair in the resulting ini file.
Type: String.
icingaweb2__navigation_host_actions_entries__host_var / icingaweb2__navigation_host_actions_entries__group_var
A list of dictionaries defining additional actions entries in the deprecated IcingaWeb2 Monitoring host view. Use
icingaweb2__navigation_icingadb_host_actions_entries__*_varwith IcingaDB.For the usage in
host_vars/group_vars(can only be used in one group at a time).Type: List of dictionaries.
Default:
[]Subkeys:
name:Mandatory. The name of the action.
Type: String.
free-form:
Optional. Will be used as the key-value pair in the resulting ini file.
Type: String.
icingaweb2__navigation_icingadb_host_actions_entries__host_var / icingaweb2__navigation_icingadb_host_actions_entries__group_var
A list of dictionaries defining additional actions entries in the IcingaWeb2 IcingaDB host view.
For the usage in
host_vars/group_vars(can only be used in one group at a time).Type: List of dictionaries.
Default:
[]Subkeys:
name:Mandatory. The name of the action.
Type: String.
free-form:
Optional. Will be used as the key-value pair in the resulting ini file.
Type: String.
icingaweb2__navigation_icingadb_service_actions_entries__host_var / icingaweb2__navigation_icingadb_service_actions_entries__group_var
A list of dictionaries defining additional actions entries in the IcingaWeb2 IcingaDB service view.
For the usage in
service_vars/group_vars(can only be used in one group at a time).Type: List of dictionaries.
Default:
[]Subkeys:
name:Mandatory. The name of the action.
Type: String.
free-form:
Optional. Will be used as the key-value pair in the resulting ini file.
Type: String.
icingaweb2__navigation_menu_entries__host_var / icingaweb2__navigation_menu_entries__group_var
A list of dictionaries defining additional menu entries in the IcingaWeb2 navigation bar.
For the usage in
host_vars/group_vars(can only be used in one group at a time).Type: List of dictionaries.
Default: IcingaWeb2 Database
Subkeys:
name:Mandatory. The name of the navigation entry.
Type: String.
free-form:
Optional. Will be used as the key-value pair in the resulting ini file.
Type: String.
icingaweb2__navigation_service_actions_entries__host_var / icingaweb2__navigation_service_actions_entries__group_var
A list of dictionaries defining additional actions entries in the IcingaWeb2 service view. Use
icingaweb2__navigation_icingadb_service_actions_entries__*_varwith IcingaDB.For the usage in
service_vars/group_vars(can only be used in one group at a time).Type: List of dictionaries.
Default:
[]Subkeys:
name:Mandatory. The name of the action.
Type: String.
free-form:
Optional. Will be used as the key-value pair in the resulting ini file.
Type: String.
icingaweb2__resources__host_var / icingaweb2__resources__group_var
A list of dictionaries defining the resources for IcingaWeb2 (entities that provide data to IcingaWeb2). Have a look at https://icinga.com/docs/icinga-web-2/latest/doc/04-Resources/#resources.
For the usage in
host_vars/group_vars(can only be used in one group at a time).Type: List of dictionaries.
Default:
[]Subkeys:
name:Mandatory. The name of the resource.
Type: String.
free-form:
Optional. Will be used as the key-value pair in the resulting ini file.
Type: String.
icingaweb2__roles__host_var / icingaweb2__roles__group_var
A list of dictionaries defining the user roles for IcingaWeb2. Have a look at https://icinga.com/docs/icinga-web-2/latest/doc/06-Security/#security-roles.
For the usage in
host_vars/group_vars(can only be used in one group at a time).Type: List of dictionaries.
Default:
[]Subkeys:
name:Mandatory. The name of the user role.
Type: String.
free-form:
Optional. Will be used as the key-value pair in the resulting ini file.
Type: String.
icingaweb2__url_port
The port of the URL for IcingaWeb2. Will be used for the Apache HTTPd vHost.
Type: Number.
Default:
80
icingaweb2__users__host_var / icingaweb2__users__group_var
A list of dictionaries containing the IcingaWeb2 users.
For the usage in
host_vars/group_vars(can only be used in one group at a time).Type: List of dictionaries.
Default:
[]Subkeys:
username:Mandatory. The username of the IcingaWeb2 user.
Type: String.
password:Mandatory. The password of the IcingaWeb2 user. Note that it is only set once, so the user can change it themselves.
Type: String.
state:Optional. State of the user. Either
present(insert only, no update),updated(changes the password, but not idempotent) orabsent.Type: String.
Default:
'present'
Example:
# optional
icingaweb2__authentications__host_var:
- name: 'AD'
resource: 'ldap'
backend: 'msldap'
- name: 'autologin'
backend: 'external'
icingaweb2__authentications__group_var: []
icingaweb2__database_host: 'localhost'
icingaweb2__database_login_host: 'localhost'
icingaweb2__database_name: 'icingaweb2'
icingaweb2__default_theme: 'Icinga'
icingaweb2__groups__host_var:
- name: 'AD_groups'
backend: 'msldap'
resource: 'ldap'
nested_group_search: '1'
base_dn: 'DC=ad,DC=example,DC=com'
icingaweb2__navigation_host_actions_entries__host_var:
- name: 'vSphereDB VM'
type: 'host-action'
target: '_next'
url: 'vspheredb/vm?uuid=$_host_uuid$'
filter: '_host_uuid!='
users: '*'
groups: '*'
owner: 'admin-user'
- name: 'vSphereDB Host'
type: 'host-action'
target: '_next'
url: 'vspheredb/host?uuid=$_host_esx_uuid$'
filter: '_host_esx_uuid!='
users: '*'
groups: '*'
owner: 'admin-user'
- name: 'LibreNMS'
type: 'host-action'
target: '_blank'
url: 'https://librenms.example.com/device/$_host_librenms_device_id$'
filter: '_host_librenms_device_id!='
icon: 'librenms-alerts.png'
users: '*'
groups: '*'
owner: 'admin-user'
icingaweb2__navigation_icingadb_host_actions_entries__host_var:
- name: 'vSphereDB VM'
type: 'icingadb-host-action'
target: '_next'
url: 'vspheredb/vm?uuid=$host.vars.uuid$'
filter: 'host.vars.uuid~*'
icon: 'cloud'
users: '*'
groups: '*'
owner: 'admin-user'
- name: 'vSphereDB Host'
type: 'icingadb-host-action'
target: '_next'
url: 'vspheredb/host?uuid=$host.vars.esx_uuid$'
filter: 'host.vars.esx_uuid~*'
icon: 'cloud'
users: '*'
groups: '*'
owner: 'admin-user'
- name: 'LibreNMS'
type: 'icingadb-host-action'
target: '_blank'
url: 'https://librenms.example.com/device/$host.vars.librenms_device_id$'
filter: 'host.vars.librenms_device_id~*'
icon: 'librenms-alerts.png'
users: '*'
groups: '*'
owner: 'admin-user'
icingaweb2__navigation_icingadb_service_actions_entries__host_var:
- name: 'vSphereDB VM'
type: 'icingadb-service-action'
target: '_next'
url: 'vspheredb/vm?uuid=$host.vars.uuid$'
filter: 'host.vars.uuid~*'
icon: 'cloud'
users: '*'
groups: '*'
owner: 'admin-user'
- name: 'vSphereDB Host'
type: 'icingadb-service-action'
target: '_next'
url: 'vspheredb/host?uuid=$host.vars.esx_uuid$'
filter: 'host.vars.esx_uuid~*'
icon: 'cloud'
users: '*'
groups: '*'
owner: 'admin-user'
- name: 'LibreNMS'
type: 'icingadb-service-action'
target: '_blank'
url: 'https://librenms.example.com/device/$host.vars.librenms_device_id$'
filter: 'host.vars.librenms_device_id~*'
icon: 'librenms-alerts.png'
users: '*'
groups: '*'
owner: 'admin-user'
icingaweb2__navigation_menu_entries__host_var:
- name: 'New link'
users: '*'
groups: '*'
type: 'menu-item'
target: '_main'
url: 'https://example.com/'
icon: 'globe'
owner: 'admin-user'
icingaweb2__navigation_service_actions_entries__host_var:
- name: 'vSphereDB VM'
type: 'service-action'
target: '_next'
url: 'vspheredb/vm?uuid=$_host_uuid$'
icon: 'icon-cloud'
filter: '_host_uuid!='
users: '*'
groups: '*'
owner: 'admin-user'
- name: 'vSphereDB Host'
type: 'service-action'
target: '_next'
url: 'vspheredb/host?uuid=$_host_esx_uuid$'
filter: '_host_esx_uuid!='
users: '*'
groups: '*'
owner: 'admin-user'
- name: 'LibreNMS'
type: 'service-action'
target: '_blank'
url: 'https://librenms.example.com/device/$_host_librenms_device_id$'
filter: '_host_librenms_device_id!='
icon: 'librenms-alerts.png'
users: '*'
groups: '*'
owner: 'admin-user'
icingaweb2__navigation_menu_entries__group_var: []
icingaweb2__resources__host_var: []
icingaweb2__resources__group_var:
- name: 'ldap'
type: 'ldap'
hostname: 'ad.example.com'
port: '389'
base_dn: 'DC=ad,DC=example,DC=com'
bind_dn: 'ldap-user'
bind_pw: 'linuxfabrik'
icingaweb2__roles__host_var:
- name: 'Administrators'
users: 'admin-user'
permissions: '*'
groups: 'Administrators'
icingaweb2__roles__group_var: []
icingaweb2__url_port: 81
icingaweb2__users__host_var:
- username: 'admin-user'
password: 'linuxfabrik'
icingaweb2__users__group_var: []