bundles/icinga2: generate icinga_users from users.json
Some checks failed
bundlewrap/pipeline/head There was a failure building this commit

This commit is contained in:
Franzi 2020-11-21 21:46:41 +01:00
parent c77856f97a
commit 12cf03e03f
Signed by: kunsi
GPG key ID: 12E3D2136B818350
4 changed files with 38 additions and 7 deletions

View file

@ -2,13 +2,20 @@ object UserGroup "on-call_sms" {
display_name = "On-Call Support" display_name = "On-Call Support"
} }
% for username in sorted(node.metadata.get('icinga2', {}).get('icinga_users', {})): % for username, config in sorted(node.metadata.get('icinga2', {}).get('icinga_users', {}).items()):
object User "${username}" { object User "${username}" {
display_name = "${username}" display_name = "${username}"
enable_notifications = true enable_notifications = true
period = "24x7" # Is overwritten in notifications.conf period = "24x7"
states = [ OK, Critical, Up, Down ] states = [ OK, Critical, Up, Down ]
types = [ Problem, Recovery ] types = [ Problem, Recovery ]
% if config['is_admin']:
groups = [ "on-call_sms" ]
% endif
email = "${config['email']}"
vars.mobile = "${config['phone']}"
} }
% endfor % endfor

View file

@ -1,3 +1,6 @@
from json import loads
from os.path import join
defaults = { defaults = {
'apt': { 'apt': {
'repos': { 'repos': {
@ -46,3 +49,27 @@ defaults = {
}, },
}, },
} }
@metadata_reactor
def add_users_from_json(metadata):
with open(join(repo.path, 'users.json'), 'r') as f:
json = loads(f.read())
users = {}
for uname, config in json.items():
users[uname] = {
'email': '',
'phone': '',
'is_admin': config.get('is_admin', False),
}
if 'email' in config:
users[uname]['email'] = repo.vault.decrypt(config['email'])
if 'phone' in config:
users[uname]['phone'] = repo.vault.decrypt(config['phone'])
return {
'icinga2': {
'icinga_users': users,
},
}

View file

@ -26,11 +26,6 @@ nodes['ovh.icinga2'] = {
'php-imagick': {}, 'php-imagick': {},
}, },
}, },
'icinga2': {
'icinga_users': {
'kunsi',
},
},
'nginx': { 'nginx': {
'vhosts': { 'vhosts': {
'icingaweb': { 'icingaweb': {

View file

@ -3,6 +3,8 @@
"ssh_pubkey": [ "ssh_pubkey": [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC+ja1z5VRQzaKCCePsUM14qMr9QR94qlWc7Je5Poki9UmC1t/TyxRVzcCBL1ZdIfBGx6QKtfkEbvhgb3nxVt3PvXjoJrc6wwGLmNrVsU6B88y35g7nzupQiPKYJwkNzJ9j6Dmkgj1F5Q+aY2SitDaX6vqICLJ4Al/ZFw2IQxVJfC7JXRJ9jRMG5o9gWoE3gWDYEAmw+HU2mNzyeuaD12qJw9DHUimAlgkOWzll3gh9WclsYnnXGrCCn5fyHFUCJl+XXAIy519z7YTpKih02rsIOw5dnaGClBZD/YQu2ZKVFZiwIVH7aBiqHOmtgRyWTQgjbh/fMpIN0ar2f/iZsWYUjd6et48TOmXZYIPCQ5FivXNvxt9oo1XZfq76UHBwlmypLJIWROMbz375n2M6hr3hECuxuPjKEUXAv05KiC1aJ4xc6pFoVhqwAR99hvHw5U4o7/ko2NVjNpTu6Jr5DT5VaQLIdDDjC/93kUjMpdD/8P72bEn7454+WexU6OE6uvNiHj1fetrptr2UAuzVfnCoaV8pBqY7X95gk+lnSENdpr8ltJYMg8s0Z7Pzz0OxsZtzzDY5VmWfC9TCdJkN5lT8IbnaixsYlWdjQl1lMmZGElmelfU3K7YQLAbZiHmHKe4hTl9ZoCcWdTQ3d4y2t1DBos+N2HZNdtFCyOS8esDdMw== cardno:000609506971" "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC+ja1z5VRQzaKCCePsUM14qMr9QR94qlWc7Je5Poki9UmC1t/TyxRVzcCBL1ZdIfBGx6QKtfkEbvhgb3nxVt3PvXjoJrc6wwGLmNrVsU6B88y35g7nzupQiPKYJwkNzJ9j6Dmkgj1F5Q+aY2SitDaX6vqICLJ4Al/ZFw2IQxVJfC7JXRJ9jRMG5o9gWoE3gWDYEAmw+HU2mNzyeuaD12qJw9DHUimAlgkOWzll3gh9WclsYnnXGrCCn5fyHFUCJl+XXAIy519z7YTpKih02rsIOw5dnaGClBZD/YQu2ZKVFZiwIVH7aBiqHOmtgRyWTQgjbh/fMpIN0ar2f/iZsWYUjd6et48TOmXZYIPCQ5FivXNvxt9oo1XZfq76UHBwlmypLJIWROMbz375n2M6hr3hECuxuPjKEUXAv05KiC1aJ4xc6pFoVhqwAR99hvHw5U4o7/ko2NVjNpTu6Jr5DT5VaQLIdDDjC/93kUjMpdD/8P72bEn7454+WexU6OE6uvNiHj1fetrptr2UAuzVfnCoaV8pBqY7X95gk+lnSENdpr8ltJYMg8s0Z7Pzz0OxsZtzzDY5VmWfC9TCdJkN5lT8IbnaixsYlWdjQl1lMmZGElmelfU3K7YQLAbZiHmHKe4hTl9ZoCcWdTQ3d4y2t1DBos+N2HZNdtFCyOS8esDdMw== cardno:000609506971"
], ],
"email": "encrypt$gAAAAABfuXj1DQ3yUn0rEdN2koT1hzgHwCwNp00a0KkWoT_FTsild1zIBpfIiI07AmgIZ5FpyhKH5bSdCVLKc0p4rQuxLrLWpw==",
"phone": "encrypt$gAAAAABfuXkP2GetSvTd9JJFz4V2v5r5NubihFRg2AB91mtvXpUVUiflzy1VHQJ_qbp6Rke5LEXbtlluNkAa3OOAr_c9L6Pstw==",
"is_admin": true "is_admin": true
}, },
"sophie": { "sophie": {