3 files changed, 34 insertions, 0 deletions

diff --git a/files/var/spool/icinga2/.ssh/config.icinga_server b/files/var/spool/icinga2/.ssh/config.icinga_server
new file mode 100644
index 0000000..8d02483
--- /dev/null
+++ b/files/var/spool/icinga2/.ssh/config.icinga_server
@@ -0,0 +1,16 @@
+PubkeyAuthentication yes
+PasswordAuthentication no
+GSSAPIAuthentication no
+GSSAPIDelegateCredentials no
+KbdInteractiveAuthentication no
+PreferredAuthentications publickey
+CanonicalizeHostname no
+IdentitiesOnly yes
+IdentityFile ~/.ssh/id_ed25519
+StrictHostKeyChecking no
+UserKnownHostsFile /dev/null
+KnownHostsCommand none
+LogLevel ERROR
+ControlMaster auto
+ControlPersist 10m
+ControlPath ~/.ssh/sockets/%r@%h:%p
diff --git a/files/var/spool/icinga2/eap-tls.conf.icinga_server b/files/var/spool/icinga2/eap-tls.conf.icinga_server
new file mode 100644
index 0000000..f90ef96
--- /dev/null
+++ b/files/var/spool/icinga2/eap-tls.conf.icinga_server
@@ -0,0 +1,9 @@
+network={
+  ssid="_"
+  key_mgmt=WPA-EAP
+  eap=TLS
+  identity="${icinga_username}"
+  ca_cert="${site_cacert_path}"
+  client_cert="${icinga_tls_client_cert}"
+  private_key="${icinga_tls_client_key}"
+}
diff --git a/files/var/spool/icinga2/eap-ttls-pap.conf.icinga_server b/files/var/spool/icinga2/eap-ttls-pap.conf.icinga_server
new file mode 100644
index 0000000..2579284
--- /dev/null
+++ b/files/var/spool/icinga2/eap-ttls-pap.conf.icinga_server
@@ -0,0 +1,9 @@
+network={
+  ssid="_"
+  key_mgmt=WPA-EAP
+  eap=TTLS
+  identity="${icinga_username}"
+  password="${icinga_password}"
+  phase2="auth=PAP"
+  ca_cert="${site_cacert_path}"
+}