Ansible Role icingaweb2
This role installs and configures IcingaWeb2.
Runs on
RHEL 8 (and compatible)
Mandatory Requirements
Install MariaDB, and create a database and a user for said database. This can be done using the linuxfabrik.lfops.mariadb-server role.
Install a web server (for example Apache httpd), and configure a virtual host for IcingaWeb2. This can be done using the linuxfabrik.lfops.apache_httpd role.
Install PHP version >= 7.3. This can be done using the linuxfabrik.lfops.php role.
Optional Requirements
For exports to PDF also the following PHP modules are required: mbstring, GD, Imagick.
LDAP PHP library when using Active Directory or LDAP for authentication.
Mandatory Role Variables
Variable |
Description |
|---|---|
|
The account for accessing the Icinga2 API. |
|
The user account for accessing the SQL database. Currently, only MySQL is supported. |
|
The host part of the URL for IcingaWeb2. Will be used for the Apache HTTPd vHost. |
Example:
# mandatory
icingaweb2__api_user_login:
username: 'icingaweb2-api-user'
password: 'linuxfabrik'
icingaweb2__database_login:
username: 'icingaweb2_user'
password: 'linuxfabrik'
icingaweb2__url_host: 'monitoring.example.com'
Optional Role Variables
Variable |
Description |
Default Value |
|---|---|---|
|
A list of dictionaries defining the authentication backends (e.g. database) for IcingaWeb2. Have a look at https://icinga.com/docs/icinga-web-2/latest/doc/05-Authentication/. Subkeys: |
IcingaWeb2 Database |
|
The host on which the SQL database is reachable. |
|
|
The Host-part of the SQL database user. |
|
|
The name of the SQL database. |
|
|
The application-wide default theme for the web interface. |
|
|
A list of dictionaries defining the available user groups for IcingaWeb2. Have a look at https://icinga.com/docs/icinga-web-2/latest/doc/05-Authentication/#groups. Subkeys: |
|
|
A list of dictionaries defining additional menu entries in the IcingaWeb2 navigation bar. Subkeys: |
IcingaWeb2 Database |
|
A list of dictionaries defining the resources for IcingaWeb2 (entities that provide data to IcingaWeb2). Have a look at https://icinga.com/docs/icinga-web-2/latest/doc/04-Resources/#resources. Subkeys: |
|
|
A list of dictionaries defining the user roles for IcingaWeb2. Have a look at https://icinga.com/docs/icinga-web-2/latest/doc/06-Security/#security-roles. Subkeys: |
|
|
The port of the URL for IcingaWeb2. Will be used for the Apache HTTPd vHost. |
|
|
A list of dictionaries containing the IcingaWeb2 users. Note that they are only created once, and not updated. Subkeys: |
|
Example:
# optional
icingaweb2__authentications__host_var:
- name: 'AD'
resource: 'ldap'
backend: 'msldap'
- name: 'autologin'
backend: 'external'
icingaweb2__authentications__group_var: []
icingaweb2__database_host: 'localhost'
icingaweb2__database_login_host: 'localhost'
icingaweb2__database_name: 'icingaweb2'
icingaweb2__default_theme: 'Icinga'
icingaweb2__groups__host_var:
- name: 'AD_groups'
backend: 'msldap'
resource: 'ldap'
nested_group_search: '1'
base_dn: 'DC=ad,DC=example,DC=com'
icingaweb2__groups__group_var: []
icingaweb2__navigation_menu_entries__host_var:
- name: 'New link'
users: '*'
groups: '*'
type: 'menu-item'
target: '_main'
url: 'https://example.com/'
icon: 'globe'
owner: 'admin-user'
icingaweb2__navigation_menu_entries__group_var: []
icingaweb2__resources__host_var: []
icingaweb2__resources__group_var:
- name: 'ldap'
type: 'ldap'
hostname: 'ad.example.com'
port: '389'
base_dn: 'DC=ad,DC=example,DC=com'
bind_dn: 'ldap-user'
bind_pw: 'linuxfabrik'
icingaweb2__roles__host_var:
- name: 'Administrators'
users: 'admin-user'
permissions: '*'
groups: 'Administrators'
icingaweb2__roles__group_var: []
icingaweb2__url_port: 81
icingaweb2__users__host_var:
- username: 'admin-user'
password: 'linuxfabrik'
icingaweb2__users__group_var: []