kunsi/bundlewrap
1
0
Fork 0
Code Issues 1 Pull requests 1 Releases Activity

bundles/icinga2: allow limiting permissions for api users

Browse source
This commit is contained in:
Franzi 2020-12-20 09:33:17 +01:00
parent 374ba3c16a
commit 0b52f8e7e6
Signed by: kunsi
GPG key ID: 12E3D2136B818350
2 changed files with 9 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
bundles/icinga2/files/icinga2/api-users.conf
View file

@ -1,7 +1,7 @@
% for user, password in sorted(node.metadata.get('icinga2', {}).get('api_users', {}).items()): % for user, config in sorted(node.metadata.get('icinga2', {}).get('api_users', {}).items()):
object ApiUser "${user}" { object ApiUser "${user}" {
password = "${password}" password = "${config['password']}"
permissions = [ "*" ] permissions = [ "${'", "'.join(sorted(config['permissions']))}" ]
} }
% endfor % endfor

7
bundles/icinga2/metadata.py
View file

@ -30,7 +30,12 @@ defaults = {
}, },
'icinga2': { 'icinga2': {
'api_users': { 'api_users': {
'root': repo.vault.password_for(f'{node.name} icinga2 api root'), 'root': {
'password': repo.vault.password_for(f'{node.name} icinga2 api root'),
'permissions': {
'*',
},
},
}, },
}, },
'icinga2_api': { 'icinga2_api': {