From 6e2a5993ce470341bed0e0c6ba8e44de3712d50e Mon Sep 17 00:00:00 2001
From: Cullum Smith <cullum@sacredheartsc.com>
Date: Sat, 26 Oct 2024 00:07:03 -0400
Subject: more icinga stuff

---
 files/var/spool/icinga2/.ssh/config.icinga_server       | 16 ++++++++++++++++
 files/var/spool/icinga2/eap-tls.conf.icinga_server      |  9 +++++++++
 files/var/spool/icinga2/eap-ttls-pap.conf.icinga_server |  9 +++++++++
 3 files changed, 34 insertions(+)
 create mode 100644 files/var/spool/icinga2/.ssh/config.icinga_server
 create mode 100644 files/var/spool/icinga2/eap-tls.conf.icinga_server
 create mode 100644 files/var/spool/icinga2/eap-ttls-pap.conf.icinga_server

(limited to 'files/var')

diff --git a/files/var/spool/icinga2/.ssh/config.icinga_server b/files/var/spool/icinga2/.ssh/config.icinga_server
new file mode 100644
index 0000000..8d02483
--- /dev/null
+++ b/files/var/spool/icinga2/.ssh/config.icinga_server
@@ -0,0 +1,16 @@
+PubkeyAuthentication yes
+PasswordAuthentication no
+GSSAPIAuthentication no
+GSSAPIDelegateCredentials no
+KbdInteractiveAuthentication no
+PreferredAuthentications publickey
+CanonicalizeHostname no
+IdentitiesOnly yes
+IdentityFile ~/.ssh/id_ed25519
+StrictHostKeyChecking no
+UserKnownHostsFile /dev/null
+KnownHostsCommand none
+LogLevel ERROR
+ControlMaster auto
+ControlPersist 10m
+ControlPath ~/.ssh/sockets/%r@%h:%p
diff --git a/files/var/spool/icinga2/eap-tls.conf.icinga_server b/files/var/spool/icinga2/eap-tls.conf.icinga_server
new file mode 100644
index 0000000..f90ef96
--- /dev/null
+++ b/files/var/spool/icinga2/eap-tls.conf.icinga_server
@@ -0,0 +1,9 @@
+network={
+  ssid="_"
+  key_mgmt=WPA-EAP
+  eap=TLS
+  identity="${icinga_username}"
+  ca_cert="${site_cacert_path}"
+  client_cert="${icinga_tls_client_cert}"
+  private_key="${icinga_tls_client_key}"
+}
diff --git a/files/var/spool/icinga2/eap-ttls-pap.conf.icinga_server b/files/var/spool/icinga2/eap-ttls-pap.conf.icinga_server
new file mode 100644
index 0000000..2579284
--- /dev/null
+++ b/files/var/spool/icinga2/eap-ttls-pap.conf.icinga_server
@@ -0,0 +1,9 @@
+network={
+  ssid="_"
+  key_mgmt=WPA-EAP
+  eap=TTLS
+  identity="${icinga_username}"
+  password="${icinga_password}"
+  phase2="auth=PAP"
+  ca_cert="${site_cacert_path}"
+}
-- 
cgit v1.2.3