185 lines
5 KiB
Python
185 lines
5 KiB
Python
from hashlib import sha3_256
|
|
|
|
defaults = {
|
|
'apt': {
|
|
'packages': {
|
|
'php-ldap': {},
|
|
'php-json': {},
|
|
'php-intl': {},
|
|
'php-xml': {},
|
|
'php-gd': {},
|
|
'php-imagick': {},
|
|
'php-pgsql': {},
|
|
'icingaweb2': {},
|
|
#'icingaweb2-module-monitoring': {}, # ?
|
|
},
|
|
'sources': {
|
|
'icinga': {
|
|
'types': {
|
|
'deb',
|
|
'deb-src',
|
|
},
|
|
'urls': {
|
|
'https://packages.icinga.com/debian',
|
|
},
|
|
'suites': {
|
|
'icinga-{codename}',
|
|
},
|
|
'components': {
|
|
'main',
|
|
},
|
|
},
|
|
},
|
|
},
|
|
'icingaweb2': {
|
|
'authentication.ini': {
|
|
'icingaweb2': {
|
|
'backend': 'db',
|
|
'resource': 'icingaweb2_db',
|
|
},
|
|
},
|
|
'config.ini': {
|
|
'global': {
|
|
'show_stacktraces': '1',
|
|
'show_application_state_messages': '1',
|
|
'module_path': '/usr/share/icingaweb2/modules',
|
|
'config_backend': 'db',
|
|
'config_resource': 'icingaweb2_db',
|
|
},
|
|
'logging': {
|
|
'log': 'syslog',
|
|
'level': 'INFO',
|
|
'application': 'icingaweb2',
|
|
'facility': 'user',
|
|
},
|
|
},
|
|
'groups.ini': {
|
|
'icingaweb2': {
|
|
'backend': 'db',
|
|
'resource': 'icingaweb2_db',
|
|
},
|
|
},
|
|
'resources.ini': {
|
|
'icingaweb2_db': {
|
|
'type': 'db',
|
|
'db': 'pgsql',
|
|
'host': 'localhost',
|
|
'port': '5432',
|
|
'dbname': 'icingaweb2',
|
|
'username': 'icingaweb2',
|
|
'password': str(repo.vault.password_for(f'psql icingaweb2 on {node.name}')),
|
|
'charset': '',
|
|
'use_ssl': '0',
|
|
},
|
|
'icinga_ido': {
|
|
'type': 'db',
|
|
'db': 'pgsql',
|
|
'host': 'localhost',
|
|
'port': '5432',
|
|
'dbname': 'icinga2',
|
|
'username': 'icinga2',
|
|
'charset': '',
|
|
'use_ssl': '0',
|
|
},
|
|
},
|
|
'roles.ini': {
|
|
'Administrators': {
|
|
'users': 'root',
|
|
'permissions': '*',
|
|
'groups': 'Administrators',
|
|
},
|
|
},
|
|
'monitoring': {
|
|
'config.ini': {
|
|
'security': {
|
|
'protected_customvars': '*pw*,*pass*,community',
|
|
},
|
|
},
|
|
'backends.ini': {
|
|
'icinga2': {
|
|
'type': 'ido',
|
|
'resource': 'icinga_ido',
|
|
},
|
|
},
|
|
'commandtransports.ini': {
|
|
'icinga2': {
|
|
'transport': 'api',
|
|
'host': 'localhost',
|
|
'port': '5665',
|
|
'username': 'root',
|
|
},
|
|
},
|
|
},
|
|
},
|
|
'postgresql': {
|
|
'databases': {
|
|
'icingaweb2': {
|
|
'owner': 'icingaweb2',
|
|
},
|
|
},
|
|
'roles': {
|
|
'icingaweb2': {
|
|
'password': str(repo.vault.password_for(f'psql icingaweb2 on {node.name}')),
|
|
},
|
|
},
|
|
},
|
|
'redis': {
|
|
'icingaweb2': {},
|
|
},
|
|
}
|
|
|
|
|
|
@metadata_reactor.provides(
|
|
'icingaweb2/hostname',
|
|
'icingaweb2/resources.ini/icinga_ido/password',
|
|
'icingaweb2/monitoring/commandtransports.ini/icinga2/password',
|
|
)
|
|
def stuff(metadata):
|
|
return {
|
|
'icingaweb2': {
|
|
'hostname': metadata.get('icinga2/hostname'),
|
|
'resources.ini': {
|
|
'icinga_ido': {
|
|
'password': str(metadata.get('postgresql/roles/icinga2/password')),
|
|
},
|
|
},
|
|
'monitoring': {
|
|
'commandtransports.ini': {
|
|
'icinga2': {
|
|
'password': str(metadata.get('icinga2/api_users/root/password')),
|
|
},
|
|
},
|
|
},
|
|
},
|
|
}
|
|
|
|
|
|
@metadata_reactor.provides(
|
|
'icingaweb2/setup_token',
|
|
'icingaweb2/root_password',
|
|
)
|
|
def setup_token(metadata):
|
|
return {
|
|
'icingaweb2': {
|
|
'setup_token': sha3_256(metadata.get('id').encode()).hexdigest()[:16],
|
|
'root_password': str(repo.vault.password_for(f"icingaweb2 root user on {metadata.get('id')}")),
|
|
},
|
|
}
|
|
|
|
|
|
@metadata_reactor.provides(
|
|
'nginx/vhosts',
|
|
)
|
|
def nginx(metadata):
|
|
return {
|
|
'nginx': {
|
|
'vhosts': {
|
|
metadata.get('icingaweb2/hostname'): {
|
|
'content': 'icingaweb2/vhost.conf',
|
|
'context': {
|
|
'php_version': metadata.get('php/version'),
|
|
},
|
|
},
|
|
},
|
|
},
|
|
}
|