diff --git a/manifests/feature/gelf.pp b/manifests/feature/gelf.pp index bd7fd2a..1439e21 100644 --- a/manifests/feature/gelf.pp +++ b/manifests/feature/gelf.pp @@ -1,201 +1,201 @@ # @summary # Configures the Icinga 2 feature gelf. # # @param [Enum['absent', 'present']] ensure # Set to present enables the feature gelf, absent disables it. # # @param [Optional[Stdlib::Host]] host # GELF receiver host address. # # @param [Optional[Stdlib::Port::Unprivileged]] port # GELF receiver port. # # @param [Optional[String]] source # Source name for this instance. # # @param [Boolean] enable_ssl # Either enable or disable SSL/TLS. Other SSL parameters are only affected if this is set to 'true'. # # @param [Optional[Stdlib::Absolutepath]] ssl_key_path # Location of the private key. Only valid if ssl is enabled. # # @param [Optional[Stdlib::Absolutepath]] ssl_cert_path # Location of the certificate. Only valid if ssl is enabled. # # @param [Optional[Stdlib::Absolutepath]] ssl_cacert_path # Location of the CA certificate. Only valid if ssl is enabled. # # @param [Optional[Stdlib::Base64]] ssl_key # The private key in a base64 encoded string to store in spicified ssl_key_path file. # Only valid if ssl is enabled. # # @param [Optional[Stdlib::Base64]] ssl_cert # The certificate in a base64 encoded string to store in spicified ssl_cert_path file. # Only valid if ssl is enabled. # # @param [Optional[Stdlib::Base64]] ssl_cacert # The CA root certificate in a base64 encoded string to store in spicified ssl_cacert_path file. # Only valid if ssl is enabled. # # @param [Optional[Boolean]] ssl_noverify # Disable TLS peer verification. # # @param [Optional[Boolean]] enable_send_perfdata # Enable performance data for 'CHECK RESULT' events. # # @param [Optional[Boolean]] enable_ha # Enable the high availability functionality. Only valid in a cluster setup. # class icinga2::feature::gelf( Enum['absent', 'present'] $ensure = present, Optional[Stdlib::Host] $host = undef, Optional[Stdlib::Port::Unprivileged] $port = undef, Optional[String] $source = undef, Boolean $enable_ssl = false, Optional[Stdlib::Absolutepath] $ssl_key_path = undef, Optional[Stdlib::Absolutepath] $ssl_cert_path = undef, Optional[Stdlib::Absolutepath] $ssl_cacert_path = undef, Optional[Stdlib::Base64] $ssl_key = undef, Optional[Stdlib::Base64] $ssl_cert = undef, Optional[Stdlib::Base64] $ssl_cacert = undef, Optional[Boolean] $ssl_noverify = undef, Optional[Boolean] $enable_send_perfdata = undef, Optional[Boolean] $enable_ha = undef, ) { if ! defined(Class['::icinga2']) { fail('You must include the icinga2 base class before using any icinga2 feature class!') } $owner = $::icinga2::globals::user $group = $::icinga2::globals::group $conf_dir = $::icinga2::globals::conf_dir $ssl_dir = $::icinga2::globals::cert_dir $_ssl_key_mode = $::facts['os']['family'] ? { 'windows' => undef, default => '0600', } $_notify = $ensure ? { 'present' => Class['::icinga2::service'], default => undef, } File { owner => $owner, group => $group, } if $enable_ssl { # Set defaults for certificate stuff if $ssl_key { if $ssl_key_path { $_ssl_key_path = $ssl_key_path } else { $_ssl_key_path = "${ssl_dir}/GelfWriter_gelf.key" } - + $_ssl_key = $::facts['os']['family'] ? { 'windows' => regsubst($ssl_key, '\n', "\r\n", 'EMG'), default => $ssl_key, } - + file { $_ssl_key_path: ensure => file, mode => $_ssl_key_mode, content => $ssl_key, tag => 'icinga2::config::file', } } else { $_ssl_key_path = $ssl_key_path } - + if $ssl_cert { if $ssl_cert_path { $_ssl_cert_path = $ssl_cert_path } else { $_ssl_cert_path = "${ssl_dir}/GelfWriter_gelf.crt" } - + $_ssl_cert = $::facts['os']['family'] ? { 'windows' => regsubst($ssl_cert, '\n', "\r\n", 'EMG'), default => $ssl_cert, } - + file { $_ssl_cert_path: ensure => file, content => $ssl_cert, tag => 'icinga2::config::file', } } else { $_ssl_cert_path = $ssl_cert_path } - + if $ssl_cacert { if $ssl_cacert_path { $_ssl_cacert_path = $ssl_cacert_path } else { $_ssl_cacert_path = "${ssl_dir}/GelfWriter_gelf_ca.crt" } - + $_ssl_cacert = $::facts['os']['family'] ? { 'windows' => regsubst($ssl_cacert, '\n', "\r\n", 'EMG'), default => $ssl_cacert, } - + file { $_ssl_cacert_path: ensure => file, content => $ssl_cacert, tag => 'icinga2::config::file', } } else { $_ssl_cacert_path = $ssl_cacert_path } $attrs_ssl = { enable_tls => $enable_ssl, insecure_noverify => $ssl_noverify, ca_path => $_ssl_cacert_path, cert_path => $_ssl_cert_path, key_path => $_ssl_key_path, } } # enable_ssl else { $attrs_ssl = { enable_tls => $enable_ssl } } # compose attributes $attrs = { host => $host, port => $port, source => $source, enable_send_perfdata => $enable_send_perfdata, enable_ha => $enable_ha, } # create object icinga2::object { 'icinga2::object::GelfWriter::gelf': object_name => 'gelf', object_type => 'GelfWriter', attrs => delete_undef_values(merge($attrs, $attrs_ssl)), attrs_list => keys($attrs), target => "${conf_dir}/features-available/gelf.conf", order => 10, notify => $_notify, } # import library 'perfdata' concat::fragment { 'icinga2::feature::gelf': target => "${conf_dir}/features-available/gelf.conf", content => "library \"perfdata\"\n\n", order => '05', } # manage feature icinga2::feature { 'gelf': ensure => $ensure, } } diff --git a/manifests/object/icingaapplication.pp b/manifests/object/icingaapplication.pp index eae8698..d501fce 100644 --- a/manifests/object/icingaapplication.pp +++ b/manifests/object/icingaapplication.pp @@ -1,90 +1,90 @@ # @summary # Manage Icinga 2 IcingaApplication objects. # # @param [Enum['absent', 'present']] ensure # Set to present enables the object, absent disables it. # # @param [String] app_name # Set the Icinga 2 name of the IcingaApplication object. # # @param [Optional[Boolean]] enable_notifications # Whether notifications are globally enabled. # # @param [Optional[Boolean]] enable_event_handlers # Whether event handlers are globally enabled. # # @param [Optional[Boolean]] enable_flapping # Whether flap detection is globally enabled. # # @param [Optional[Boolean]] enable_host_checks # Whether active host checks are globally enabled. # # @param [Optional[Boolean]] enable_service_checks # Whether active service checks are globally enabled. # # @param [Optional[Boolean]] enable_perfdata # Whether performance data processing is globally enabled. # # @param [Optional[Icinga2::CustomAttributes]] vars # A dictionary containing custom attributes that are specific to this service, # a string to do operations on this dictionary or an array for multiple use # of custom attributes. # @param [Optional[String]] environment # Specify the Icinga environment. This overrides the Environment constant # specified in the configuration or on the CLI with --define. # # @param [Optional[Stdlib::Absolutepath]] target # Destination config file to store in this object. File will be declared at the # first time. # # @param [Variant[String, Integer]] order # String or integer to control the position in the target file, sorted alpha numeric. # define icinga2::object::icingaapplication( Enum['absent', 'present'] $ensure = present, - String $app_mame = $title, + String $app_name = $title, Optional[Boolean] $enable_notifications = undef, Optional[Boolean] $enable_event_handlers = undef, Optional[Boolean] $enable_flapping = undef, Optional[Boolean] $enable_host_checks = undef, Optional[Boolean] $enable_service_checks = undef, Optional[Boolean] $enable_perfdata = undef, Optional[Icinga2::CustomAttributes] $vars = undef, Optional[String] $environment = undef, Optional[Stdlib::Absolutepath] $target = undef, Variant[String, Integer] $order = 5, ) { $conf_dir = $::icinga2::globals::conf_dir # set defaults if $target { $_target = $target } else { $_target = "${conf_dir}/app.conf" } # compose the attributes $attrs = { enable_notifications => $enable_notifications, enable_event_handlers => $enable_event_handlers, enable_flapping => $enable_flapping, enable_host_checks => $enable_host_checks, enable_service_checks => $enable_service_checks, enable_perfdata => $enable_perfdata, vars => $vars, environment => $environment, } # create object icinga2::object { "icinga2::object::IcingaApplication::${title}": ensure => $ensure, object_name => $app_name, object_type => 'IcingaApplication', attrs => delete_undef_values($attrs), attrs_list => keys($attrs), target => $_target, order => $order, } } diff --git a/spec/classes/influxdb2_spec.rb b/spec/classes/influxdb2_spec.rb index b828293..87c770f 100644 --- a/spec/classes/influxdb2_spec.rb +++ b/spec/classes/influxdb2_spec.rb @@ -1,145 +1,145 @@ require 'spec_helper' describe('icinga2::feature::influxdb2', type: :class) do let(:pre_condition) do [ "class { 'icinga2': features => [], constants => {'NodeName' => 'host.example.org'} }", ] end on_supported_os.each do |os, facts| context "on #{os}" do let(:facts) do facts end case facts[:kernel] when 'windows' let(:icinga2_conf_dir) { 'C:/ProgramData/icinga2/etc/icinga2' } let(:icinga2_pki_dir) { 'C:/ProgramData/icinga2/var/lib/icinga2/certs' } let(:icinga2_sslkey_mode) { nil } let(:icinga2_user) { nil } let(:icinga2_group) { nil } when 'FreeBSD' let(:icinga2_conf_dir) { '/usr/local/etc/icinga2' } let(:icinga2_pki_dir) { '/var/lib/icinga2/certs' } let(:icinga2_sslkey_mode) { '0600' } let(:icinga2_user) { 'icinga' } let(:icinga2_group) { 'icinga' } else let(:icinga2_conf_dir) { '/etc/icinga2' } let(:icinga2_pki_dir) { '/var/lib/icinga2/certs' } let(:icinga2_sslkey_mode) { '0600' } case facts[:os]['family'] when 'Debian' let(:icinga2_user) { 'nagios' } let(:icinga2_group) { 'nagios' } else let(:icinga2_user) { 'icinga' } let(:icinga2_group) { 'icinga' } end end - context "with all defaults" do + context 'with all defaults' do let(:params) do { organization: 'ICINGA', bucket: 'icinga2', auth_token: 'supersecret', } end it { is_expected.to contain_icinga2__feature('influxdb2').with({ 'ensure' => 'present' }) } it { is_expected.to contain_concat__fragment('icinga2::object::Influxdb2Writer::influxdb2').with( { 'target' => "#{icinga2_conf_dir}/features-available/influxdb2.conf" }, ).that_notifies('Class[icinga2::service]') } end context 'with ensure => absent' do let(:params) do { ensure: 'absent', organization: 'ICINGA', bucket: 'icinga2', auth_token: 'supersecret', } end it { is_expected.to contain_icinga2__feature('influxdb2').with({ 'ensure' => 'absent' }) } end context "with enable_ssl = true, ssl_key => 'foo', ssl_cert => 'bar', ssl_cacert => 'baz'" do let(:params) do { ensure: 'absent', organization: 'ICINGA', bucket: 'icinga2', auth_token: 'supersecret', enable_ssl: true, ssl_key: 'foo', ssl_cert: 'bar', ssl_cacert: 'baz', } end it { is_expected.to contain_file("#{icinga2_pki_dir}/Influxdb2Writer_influxdb2.key").with( { 'owner' => icinga2_user, 'group' => icinga2_group, 'mode' => icinga2_sslkey_mode, }, ).with_content(%r{^foo$}) } it { is_expected.to contain_file("#{icinga2_pki_dir}/Influxdb2Writer_influxdb2.crt").with( { 'owner' => icinga2_user, 'group' => icinga2_group, }, ).with_content(%r{^bar$}) } it { is_expected.to contain_file("#{icinga2_pki_dir}/Influxdb2Writer_influxdb2_ca.crt").with( { 'owner' => icinga2_user, 'group' => icinga2_group, }, ).with_content(%r{^baz$}) } end context 'with enable_ssl = true, ssl_key_path, ssl_cert_path and ssl_cacert_path set' do let(:params) do { ensure: 'absent', organization: 'ICINGA', bucket: 'icinga2', auth_token: 'supersecret', enable_ssl: true, ssl_key_path: "#{icinga2_pki_dir}/Influxdb2Writer_influxdb2.key", ssl_cert_path: "#{icinga2_pki_dir}/Influxdb2Writer_influxdb2.crt", ssl_cacert_path: "#{icinga2_pki_dir}/Influxdb2Writer_influxdb2_ca.crt", } end it { is_expected.to contain_concat__fragment('icinga2::object::Influxdb2Writer::influxdb2').with_content(%r{ssl_key = "#{icinga2_pki_dir}/Influxdb2Writer_influxdb2.key"}) } it { is_expected.to contain_concat__fragment('icinga2::object::Influxdb2Writer::influxdb2').with_content(%r{ssl_cert = "#{icinga2_pki_dir}/Influxdb2Writer_influxdb2.crt"}) } it { is_expected.to contain_concat__fragment('icinga2::object::Influxdb2Writer::influxdb2').with_content(%r{ssl_ca_cert = "#{icinga2_pki_dir}/Influxdb2Writer_influxdb2_ca.crt"}) } end end end end diff --git a/spec/classes/windowseventlog_spec.rb b/spec/classes/windowseventlog_spec.rb index e873be8..bce8440 100644 --- a/spec/classes/windowseventlog_spec.rb +++ b/spec/classes/windowseventlog_spec.rb @@ -1,44 +1,44 @@ require 'spec_helper' describe('icinga2::feature::windowseventlog', type: :class) do let(:pre_condition) do [ "class { 'icinga2': features => [] }", ] end on_supported_os.each do |os, facts| context "on #{os}" do let(:facts) do facts end case facts[:kernel] when 'windows' let(:icinga2_conf_dir) { 'C:/ProgramData/icinga2/etc/icinga2' } context 'with defaults' do it { is_expected.to contain_icinga2__feature('windowseventlog').with({ 'ensure' => 'present' }) } - + it { is_expected.to contain_icinga2__object('icinga2::object::WindowsEventLogLogger::windowseventlog').with( { 'target' => "#{icinga2_conf_dir}/features-available/windowseventlog.conf" }, ).that_notifies('Class[icinga2::service]') } end else it { is_expected.to raise_error(Puppet::Error, %r{only supported on Windows platforms}) } end context 'with ensure => absent' do let(:params) do { ensure: 'absent', } end it { is_expected.to contain_icinga2__feature('windowseventlog').with({ 'ensure' => 'absent' }) } end end end end diff --git a/types/logfacility.pp b/types/logfacility.pp index 68f8577..e238f9e 100644 --- a/types/logfacility.pp +++ b/types/logfacility.pp @@ -1,2 +1,16 @@ # A strict type of syslog facilities -type Icinga2::LogFacility = Variant[Enum['LOG_AUTH', 'LOG_AUTHPRIV', 'LOG_CRON', 'LOG_DAEMON', 'LOG_FTP', 'LOG_KERN', 'LOG_LPR', 'LOG_MAIL', 'LOG_NEWS', 'LOG_SYSLOG', 'LOG_USER', 'LOG_UUCP'], Pattern[/^LOG_LOCAL[0-7]$/]] +type Icinga2::LogFacility = Variant[ + Enum[ + 'LOG_AUTH', + 'LOG_AUTHPRIV', + 'LOG_CRON', + 'LOG_DAEMON', + 'LOG_FTP', + 'LOG_KERN', + 'LOG_LPR', + 'LOG_MAIL', + 'LOG_NEWS', + 'LOG_SYSLOG', + 'LOG_USER', + 'LOG_UUCP' + ], Pattern[/^LOG_LOCAL[0-7]$/]]