2020-11-14 13:05:28 +00:00
|
|
|
defaults = {
|
|
|
|
'apt': {
|
|
|
|
'packages': {
|
|
|
|
'netdata': {},
|
|
|
|
},
|
|
|
|
},
|
2020-12-21 08:50:15 +00:00
|
|
|
'icinga2_api': {
|
|
|
|
'netdata': {
|
|
|
|
'services': {
|
|
|
|
'NETDATA PROCESS': {
|
|
|
|
'command_on_monitored_host': '/usr/lib/nagios/plugins/check_procs -C netdata -c 1:',
|
|
|
|
},
|
|
|
|
},
|
|
|
|
},
|
|
|
|
},
|
2020-11-14 13:05:28 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
2021-01-07 17:44:38 +00:00
|
|
|
@metadata_reactor.provides(
|
|
|
|
'iptables/bundle_rules/netdata',
|
|
|
|
)
|
2020-11-14 13:05:28 +00:00
|
|
|
def iptables(metadata):
|
2021-02-15 13:16:35 +00:00
|
|
|
identifiers = metadata.get('netdata/restrict-to', set())
|
|
|
|
rules = set()
|
2020-11-14 13:05:28 +00:00
|
|
|
|
2021-02-15 13:16:35 +00:00
|
|
|
if identifiers:
|
|
|
|
for identifier in sorted(identifiers):
|
|
|
|
resolved = repo.libs.tools.resolve_identifier(repo, identifier)
|
2020-11-14 13:05:28 +00:00
|
|
|
|
2021-02-15 13:16:35 +00:00
|
|
|
for address in resolved['ipv4']:
|
|
|
|
rules.add(f'iptables -A INPUT -p tcp -s {address} --dport 19999 -j ACCEPT')
|
2020-11-14 13:05:28 +00:00
|
|
|
else:
|
2021-02-15 13:16:35 +00:00
|
|
|
rules.add('iptables -A INPUT -p tcp --dport 19999 -j ACCEPT')
|
2020-11-14 13:05:28 +00:00
|
|
|
|
|
|
|
return {
|
|
|
|
'iptables': {
|
|
|
|
'bundle_rules': {
|
2021-02-15 13:16:35 +00:00
|
|
|
'netdata': list(sorted(rules)),
|
2020-11-14 13:05:28 +00:00
|
|
|
},
|
|
|
|
},
|
|
|
|
}
|