bundlewrap/bundles/icinga2/metadata.py

142 lines
3.7 KiB
Python

from json import loads
from os.path import join
from bundlewrap.metadata import atomic
defaults = {
'apt': {
'repos': {
'icinga2': {
'items': {
'deb http://packages.icinga.com/{os} icinga-{os_release} main',
'deb-src http://packages.icinga.com/{os} icinga-{os_release} main',
},
},
},
'packages': {
'icinga2': {},
'icinga2-ido-pgsql': {},
'icingaweb2': {},
'python3-easysnmp': {},
'python3-flask': {},
'snmp': {},
}
},
'icinga2': {
'api_users': {
'root': {
'password': repo.vault.password_for(f'{node.name} icinga2 api root'),
'permissions': {
'*',
},
},
},
},
'icinga2_api': {
'icinga2': {
'services': {
'SIPGATE ACCOUNT BALANCE': {
'check_command': 'check_sipgate_account_balance',
'check_interval': '30m',
'vars.notification.mail': True,
},
'IDO-PGSQL': {
'check_command': 'ido',
'vars.ido_type': 'IdoPgsqlConnection',
'vars.ido_name': 'ido-pgsql',
'vars.ido_pending_queries_warning': 25,
'vars.ido_pending_queries_critical': 50,
},
},
},
},
'icingaweb2': {
'setup-token': repo.vault.password_for(f'{node.name} icingaweb2 setup-token'),
},
'php': {
'version': '8.2',
'packages': {
'curl',
'gd',
'intl',
'imagick',
'ldap',
'mysql',
'opcache',
'pgsql',
'readline',
'xml',
},
},
'postgresql': {
'roles': {
'icinga2': {
'password': repo.vault.password_for(f'{node.name} postgresql icinga2'),
},
},
'databases': {
'icingaweb2': {
'owner': 'icinga2',
},
'icinga2': {
'owner': 'icinga2',
},
},
},
}
@metadata_reactor.provides(
'icinga2/icinga_users',
)
def add_users_from_json(metadata):
with open(join(repo.path, 'users.json'), 'r') as f:
json = loads(f.read())
users = {}
for uname, config in json.items():
users[uname] = {
'email': '',
'phone': '',
'is_admin': config.get('is_admin', False),
}
if 'email' in config:
users[uname]['email'] = repo.vault.decrypt(config['email'])
if 'phone' in config:
users[uname]['phone'] = repo.vault.decrypt(config['phone'])
return {
'icinga2': {
'icinga_users': users,
},
}
@metadata_reactor.provides(
'nginx/vhosts/icingaweb2',
'nginx/vhosts/icinga_statusmonitor',
)
def nginx(metadata):
if not node.has_bundle('nginx'):
raise DoNotRunAgain
return {
'nginx': {
'vhosts': {
'icingaweb2': {
'domain': metadata.get('icinga2/web_domain'),
'webroot': '/usr/share/icingaweb2/public',
'locations': {
'/api/': {
'target': 'https://127.0.0.1:5665/',
},
'/statusmonitor/': {
'target': 'http://127.0.0.1:5000/',
},
},
'extras': True,
},
},
},
}