add files control - https://gitlab.confdroid.com/internal/confdroid_management/-/issues/260

2025-10-18 13:08:50 +02:00
parent c2eca38b93
commit 4f61a39c40
5 changed files with 30 additions and 6 deletions
--- a/.vscode/settings.json
+++ b/.vscode/settings.json
@@ -1,5 +1,6 @@
 {
    "cSpell.words": [
+        "changeme",
        "reqpackage",
        "rpms",
        "sslcacert",
--- a/manifests/main/files.pp
+++ b/manifests/main/files.pp
@@ -6,4 +6,16 @@
 class prometheus_cd::main::files (
 ) inherits prometheus_cd::params {
  require prometheus_cd::main::dirs
+  file { $ps_main_file:
+    ensure   => file,
+    owner    => 'root',
+    group    => 'root',
+    mode     => '0644',
+    selrange => s0,
+    selrole  => object_r,
+    seltype  => etc_t,
+    seluser  => system_u,
+    content  => template('prometheus_cd/prometheus.yml.erb'),
+    notify   => Service[ps_prom_service],
+  }
 }
--- a/manifests/main/service.pp
+++ b/manifests/main/service.pp
@@ -8,7 +8,7 @@ class prometheus_cd::main::service (
  require prometheus_cd::main::files
  require prometheus_cd::firewall::iptables
  if  ($ps_prom_host == $fqdn) and ($manage_prometheus == true) {
-    service { 'prometheus':
+    service { $ps_prom_service:
      ensure     => running,
      hasstatus  => true,
      hasrestart => true,
@@ -16,7 +16,7 @@ class prometheus_cd::main::service (
    }
  }
  if $manage_node_exporter == true {
-    service { 'node_exporter':
+    service { $ps_ne_service:
      ensure     => running,
      hasstatus  => true,
      hasrestart => true,
--- a/manifests/params.pp
+++ b/manifests/params.pp
@@ -11,6 +11,8 @@
 # @param [String] ps_prom_host the fqdn of the prometheus server
 # @param [String] ps_fw_prefix the firewall rule prefix
 # @param [String] ps_main_port the firewall main port for prometheus
+# @param [String] ps_auth_user the username for authentication
+# @param [String] ps_auth_user the password for authentication
 ##############################################################################
 class prometheus_cd::params (

@@ -29,6 +31,10 @@ class prometheus_cd::params (
  String $ps_fw_prefix          = '50',
  String $ps_main_port          = '9090',

+  # auth
+  String $ps_auth_user          = 'changeme',
+  String $ps_auth_pass          = 'changeme',
+
 ) {
  # defaults
  $fqdn                   = $facts['networking']['fqdn']
@@ -39,6 +45,11 @@ class prometheus_cd::params (
  # dirs
  $ps_main_dir            = '/etc/prometheus'

+  # files
+
+  # services
+  $ps_prom_service        = 'prometheus'
+  $ps_ne_service          = 'node_exporter'
  # includes must be last
  include prometheus_cd::main::config
 }
--- a/templates/prometheus.yml.erb
+++ b/templates/prometheus.yml.erb
@@ -25,10 +25,10 @@ scrape_configs:
  - targets:
    - localhost:9090
  basic_auth:
-      username_file: /etc/prometheus/secrets/prometheus-auth/username
-      password_file: /etc/prometheus/secrets/prometheus-auth/password
+    username: <%= @ps_auth_user %>
+    password: <%= @ps_auth_pass %>
 remote_write:
  - url: "http://localhost:9090/api/v1/write"
    basic_auth:
-      username_file: /etc/prometheus/secrets/prometheus-auth/username
-      password_file: /etc/prometheus/secrets/prometheus-auth/password
+      username: <%= @ps_auth_user %>
+      password: <%= @ps_auth_pass %>