| Scroll Ignore | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ||||||||||||||||
|
Concept
Le fichier de configuration des paramètres du démon Synchronizer pouvant être modifiés par les commandes Shinken, il est préférable d'ajuster les paramètres nécessaires dans le fichier suivant : /etc/shinken-user/configuration/daemons/synchronizers/synchronizer_cfg_overload.cfg
Gestion de l'historique des modifications
Les paramètres définis dans ce fichier vont écraser ceux dans les fichiers de configuration du Synchronizer ( voir la page Paramètres globaux ( synchronizer.cfg ) ).
Exemple: Surcharge de la configuration de l'interface Web
| Code Block | ||||||
|---|---|---|---|---|---|---|
| ||||||
# ─────────────────────────────────────────────────────────────────────────────────────────────────────── #
# This comment is used by Shinken to recognize this file, please do not edit or remove it.
# If done so, several parts of Shinken, like sanitize, may not work properly.
# __OVERRIDE_TYPE__ synchronizer_cfg_overload
# ─────────────────────────────────────────────────────────────────────────────────────────────────────── #
# ┌─────────────────────────────────────────────────────────────────────────────────────────────────────┐ #
# │ ────────────────────────────────── DAEMON LOGS PARAMETERS ─────────────────────────────────── │ #
# └─────────────────────────────────────────────────────────────────────────────────────────────────────┘ #
# ─── The synchronizer daemon log ───
# ─── ───
# local_log=/var/log/shinken/synchronizerd.log
# ─── If you disable, the timestamp will be an epoch integer instead of a human date ───
# ───
# ... : 0 => timestamp ───
# ... : 1 => human date ───
# ─── ───
# human_timestamp_log=1
# ─── Set logging level for the Synchronizer daemon. ───
# ───
# ... : accepted values: DEBUG,INFO,WARNING,ERROR,CRITICAL ───
# Default : INFO ( info, warning and error logs will be shown ) ───
# ─── ───
# log_level=INFO
# ┌─────────────────────────────────────────────────────────────────────────────────────────────────────┐ #
# │ ────────────────────────── EXTERNAL AUTHENTICATION LOGS PARAMETERS ────────────────────────── │ #
# └─────────────────────────────────────────────────────────────────────────────────────────────────────┘ #
# ─── Log the synchronizer authentication and Session history in a file ───
# ───
# ... : 1 => Enable ───
# Default : 0 => Disable ───
# ─── ───
# synchronizer__log_users__enabled=0
# ─── File use for log authentication and Session history ───
# ─── ───
# synchronizer__log_users__file_path=/var/log/shinken/synchronizer/log_users.log
# ─── Add user name to log ───
# ───
# ... : 1 => Enable ───
# Default : 0 => Disable ───
# ─── ───
# synchronizer__log_users__add_user_name=0
# ─── The logs files will be daily rotated up to the number of configurated days. ───
# ─── All log files older than the configured number of days will be deleted automatically. ───
# ───
# Default : 7 (days) ───
# ─── ───
# synchronizer__log_users__logs_rotation__nb_days_before_deletion=7
# ┌─────────────────────────────────────────────────────────────────────────────────────────────────────┐ #
# │ ──────────────────────────────────── SYSTEM AND SECURITY ──────────────────────────────────── │ #
# └─────────────────────────────────────────────────────────────────────────────────────────────────────┘ #
# ── System daemon parameters (user, group, pid, ...) ───────────────────────────────────────────────── #
# ─── Run or not the daemon ───
# ───
# ... : 0 => Disable ───
# ... : 1 => Enable ───
# ─── ───
# daemon_enabled=1
# ─── Lock file (with pid) for the synchronizer daemon ───
# ─── ───
# lock_file=/var/run/shinken/synchronizerd.pid
# ─── User used by the synchronizer ───
# ─── ───
# shinken_user=shinken
# ─── ───
# shinken_group=shinken
# ─── The path to the modules directory ───
# ─── ───
# modules_dir=/var/lib/shinken/modules
# ─── The path to the share files ───
# ─── ───
# share_dir=/var/lib/shinken/share
# ───────────── Listening address (daemon) ──────────────────────────────────────────────────────────── #
# ─── Which HTTP backend to start the listening daemon with. ───
# ─── Currently only auto is managed ───
# ─── ───
# http_backend=auto
# ─── Which address to bind for the synchronizer daemon. ───
# ───
# Default : 0.0.0.0 => (all interfaces) ───
# ─── ───
# bind_addr=0.0.0.0
# ─── Enable HTTPS. ───
# ───
# ... : 1 => Use HTTPS ───
# Default : 0 => Use HTTP ───
# ─── ───
# use_ssl=0
# ─── Paths to pem/cert and key files ───
# ─── Note: default pem/cert and key files are for sample only. You need to generate ───
# ─── your own with your PKI. ───
# ─── ───
# ca_cert=/etc/shinken/certs/ca.pem
# ─── ───
# server_cert=/etc/shinken/certs/server.cert
# ─── ───
# server_key=/etc/shinken/certs/server.key
# ─── Force the HTTPS certificates name checks by the synchronizer connections ───
# ─── If enabled and a distant certificate is not the same as the daemon address, then ───
# ─── the connection will be refused. ───
# ───
# ... : 0 => Disable ───
# Default : 1 => Enable ───
# ─── ───
# hard_ssl_name_check=0
# ┌─────────────────────────────────────────────────────────────────────────────────────────────────────┐ #
# │ ──────────────────────────────── MONGODB DATABASE CONNECTION ──────────────────────────────── │ #
# └─────────────────────────────────────────────────────────────────────────────────────────────────────┘ #
# ─── Database type. currently only mongodb is managed. ───
# ─── ───
# data_backend=mongodb
# ─── mongodb uri definition for connecting to the mongodb database. You can find the mongodb uri ───
# ─── syntax at https://docs.mongodb.com/manual/reference/connection-string/ ───
# ─── ───
# mongodb_uri=mongodb://localhost/?safe=false
# ─── Mongodb database to use for this daemon. ───
# ─── ───
# mongodb_database=synchronizer
# ─── username/password to authenticate to MongoDB. ───
# ─── Both parameters must be provided for authentication to function correctly. ───
# ─── ───
# synchronizer__database__username=
# ─── ───
# synchronizer__database__password=
# ─── Secure your mongodb connection ───
# ─── enable the ssh that will ───
# ─── allow all mongodb to be encrypted & authenticated with SSH ───
# ───
# ... : 1 => Enable ───
# Default : 0 => Disable ───
# ─── ───
# mongodb_use_ssh_tunnel=0
# ─── If the SSH connection goes wrong, ───
# ─── then retry use_ssh_retry_failure time ───
# ───
# ... : 0 => Disable ───
# Default : 1 => Enable ───
# ─── ───
# mongodb_use_ssh_retry_failure=1
# ─── SSH user/keyfile in order to connect to the mongodb server ───
# ─── ───
# mongodb_ssh_user=shinken
# ─── ───
# mongodb_ssh_keyfile=~shinken/.ssh/id_rsa
# ─── SSH Timeout used to test if the SSH tunnel is viable or not, in seconds ───
# ───
# Default : 2 (in seconds) ───
# ─── ───
# mongodb_ssh_tunnel_timeout=2
# ─── By default bailout the synchronizer if cannot contact mongodb for more than 120s ───
# ───
# Default : 120 (in seconds) ───
# ─── ───
# mongodb_retry_timeout=120
# ─── Each database request will be tried X times before considering it as an error and abort ───
# ───
# Default : 15 (in seconds) ───
# ─── ───
# synchronizer__database__retry_connection_X_times_before_considering_an_error=15
# ─── We will wait X seconds between each try or any database request ───
# ───
# Default : 5 (in seconds) ───
# ─── ───
# synchronizer__database__wait_X_seconds_before_reconnect=5
# ─── The time the history will be kept for synchronizations into database ───
# ───
# Default : 1440 (in minutes) ───
# ─── ───
# sync_history_lifespan=1440
# ┌─────────────────────────────────────────────────────────────────────────────────────────────────────┐ #
# │ ─────────────────────────────────── ADDRESS AND SECURITY ──────────────────────────────────── │ #
# └─────────────────────────────────────────────────────────────────────────────────────────────────────┘ #
# ──── Listening address (Configuration interface) ──────────────────────────────────────────────────── #
# ─── Http(s) port to listen the Configuration interface. ───
# ─── ───
# http_port=7766
# ─── set the Configuration interface into HTTPs or not (disabled by default). ───
# ───
# ... : 1 => Use HTTPS ───
# Default : 0 => Use HTTP ───
# ─── ───
# http_use_ssl=0
# ─── Mandatory is SSL is enabled: server key and certificate. ───
# ─── ───
# http_ssl_cert=/etc/shinken/certs/server.cert
# ─── ───
# http_ssl_key=/etc/shinken/certs/server.key
# ──────────────────── Cypher keys ──────────────────────────────────────────────────────────────────── #
# ─── Cookie secret password. Is used to crypt cookies. ───
# ─── ───
# auth_secret=TO_CHANGE
# ─── Master key for CLI access. ───
# ─── ───
# master_key=TO_CHANGE
# ───────────────── SSO authentication ──────────────────────────────────────────────────────────────── #
# ─── Remote application authentication. ───
# ───
# ... : 1 => allow the user to be load from a HTTP Header ───
# Default : 0 => Disable ───
# ─── ───
# http_remote_user_enable=0
# ─── From which HTTP header get user name if remote_user_enable is 1. ───
# ─── ───
# http_remote_user_variable=X-Remote-User
# ─── Case sensitivity of login if remote_user_enable is 1. ───
# ───
# ... : 0 => disable case check on remote user login ───
# Default : 1 => enable case check on remote user login ───
# ─── ───
# http_remote_user_case_sensitive=1
# ┌─────────────────────────────────────────────────────────────────────────────────────────────────────┐ #
# │ ──────────────────────────── INTERFACE CONFIGURATION PARAMETERS ───────────────────────────── │ #
# └─────────────────────────────────────────────────────────────────────────────────────────────────────┘ #
# ────────────────────── Language ───────────────────────────────────────────────────────────────────── #
# ─── Select the lang that will be used by default on the UIs. ───
# ─── Currently managed: ───
# ───
# ... : en => (english) ───
# ... : fr => (francais) ───
# ─── ───
# lang=fr
# ────────────────────── Sources ────────────────────────────────────────────────────────────────────── #
# ─── On source page, some errors or warnings may concern many elements. ───
# ─── A summary is shown for this error and you can set the number ───
# ─── of message who are in this summary. ───
# ─── ───
# number_of_message_in_source_summary=5
# ────────────────── Production page ────────────────────────────────────────────────────────────────── #
# ─── Timeout for the Arbiter to load a new configuration ───
# ─── ───
# synchronizer__production__apply_new_configuration_timeout=30
|
L'historique des modifications apporté aux éléments est enregistré dans la base Mongo. Cet historique est enregistré à des fins de diagnostique et n'est pas accessible au sein de l'interface de configuration.
Néanmoins, cet historique peut faire grossir la base de données Mongo et il est alors souhaitable de réduire la durée de conservation des données. Le paramètre suivant permet de choisir le nombre de jours d'historique qui seront conservé :
| Code Block | ||
|---|---|---|
| ||
synchronizer_staging_elements_nb_stored_days_of_history=2 |