mysql/icinga fixesHEADmaster

2 files changed, 9 insertions, 4 deletions

diff --git a/scripts/hostclass/icinga_server/10-icingadb b/scripts/hostclass/icinga_server/10-icingadb
index e6084c6..1004d72 100644
--- a/scripts/hostclass/icinga_server/10-icingadb
+++ b/scripts/hostclass/icinga_server/10-icingadb
@@ -38,12 +38,11 @@ ldap_add "$icinga_dn" <<EOF
 objectClass: account
 objectClass: simpleSecurityObject
 uid: ${icinga_username}
-userPassword: {SSHA-512}
+userPassword: {SASL}${icinga_username}@${realm}
 EOF
-ldap_passwd "$icinga_dn" "$icinga_password"
-add_principal -nokey -x "dn=${icinga_dn}" "$icinga_username"
+add_principal -pw "$icinga_password" -x "dn=${icinga_dn}" "$icinga_username"
 
-ktadd -k "$icingaweb_client_keytab" "$icinga_username"
+ktadd -k "$icingaweb_client_keytab" -norandkey "$icinga_username"
 chgrp "$nginx_user" "$icingaweb_client_keytab"
 chmod 640 "$icingaweb_client_keytab"
 nginx_uid=$(id -u "$nginx_user")
diff --git a/scripts/hostclass/mysql_server b/scripts/hostclass/mysql_server
index d8edad6..33edded 100644
--- a/scripts/hostclass/mysql_server
+++ b/scripts/hostclass/mysql_server
@@ -61,7 +61,13 @@ install_template -m 0644 "${mysql_conf_dir}/conf.d/server.cnf"
 sysrc -v mysql_enable=YES
 service mysql-server restart
 
+# Create the boxconf superuser.
 cat <<EOF | mysql --batch
 CREATE USER IF NOT EXISTS '${boxconf_username}' IDENTIFIED VIA pam;
 GRANT ALL PRIVILEGES ON *.* to '${boxconf_username}' WITH GRANT OPTION;
 EOF
+
+# Create icinga user.
+cat <<EOF | mysql --batch
+CREATE USER IF NOT EXISTS '${icinga_username}' IDENTIFIED VIA pam;
+EOF