Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Rework behavior of TLS, new default location of keys and certs #380

Merged
merged 14 commits into from
Nov 12, 2023

Conversation

lbetz
Copy link
Contributor

@lbetz lbetz commented Nov 6, 2023

  • new location of keys and certs:
    icingaweb2 in /var/lib/icingaweb2/certs
    module: monitoring, icingadb, director, reporting, idoreports, vspheredb
    in each case in /var/lib/icingaweb2//certs
    Only TLS cacert_file, noverify, cipher, capath taken from icingaweb2 by default.

  • icingaweb2:
    Parameter db_type is required now.

  • director, reporting, x509 and vspheredb module:
    Parameter db_type is required now.
    The service class now is private and will be declared bei the module class and contains to it.
    New parameters to handle the service: manage_service, service_ensure, service_enable and service_user.
    A user (service_user) now is handled if the 'install_method' ist set to 'git' or package. Systemd unit is managed only via git, for package instead a systemd dropin is handled.

  • idoreports module:
    Parameter db_type is required now.
    lost all db credentials including TLS, all credentials now are taken from the monitoring module itself.

@lbetz lbetz added this to the v4.0.0 milestone Nov 6, 2023
@cla-bot cla-bot bot added the cla/signed label Nov 6, 2023
@lbetz lbetz merged commit ed1751f into main Nov 12, 2023
3 checks passed
@lbetz lbetz deleted the enhancement/tls-icingaweb2 branch November 12, 2023 18:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant