Puppet Class: icingaweb2::module::reporting

Defined in:
manifests/module/reporting.pp

Summary

Installs the reporting module

Overview

Examples:

class { 'icingaweb2::module::reporting':
  ensure       => present,
  git_revision => 'v0.9.0',
  db_host      => 'localhost',
  db_name      => 'reporting',
  db_username  => 'reporting',
  db_password  => 'supersecret',
}

Parameters:

  • ensure (Enum['absent', 'present'])

    Ensures the state of the reporting module.

  • module_dir (Optional[Stdlib::Absolutepath]) (defaults to: undef)

    Target directory of the module.

  • git_repository (String)

    The upstream module repository.

  • git_revision (Optional[String]) (defaults to: undef)

    The version of the module that needs to be used.

  • install_method (Enum['git', 'none', 'package'])

    Install methods are ‘git`, `package` and `none` is supported as installation method.

  • package_name (String)

    Package name of the module. This setting is only valid in combination with the installation method ‘package`.

  • db_type (Enum['mysql', 'pgsql']) (defaults to: 'mysql')

    The database type. Either mysql or postgres.

  • db_host (Stdlib::Host) (defaults to: 'localhost')

    The host where the reporting database will be running

  • db_port (Optional[Stdlib::Port]) (defaults to: undef)

    The port on which the database is accessible.

  • db_name (String) (defaults to: 'reporting')

    The name of the database this module should use.

  • db_username (String) (defaults to: 'reporting')

    The username needed to access the database.

  • db_password (Optional[Icingaweb2::Secret]) (defaults to: undef)

    The password needed to access the database.

  • db_charset (Optional[String]) (defaults to: undef)

    The charset the database is set to.

  • use_tls (Optional[Boolean]) (defaults to: undef)

    Either enable or disable TLS encryption to the database. Other TLS parameters are only affected if this is set to ‘true’.

  • tls_key_file (Optional[Stdlib::Absolutepath]) (defaults to: undef)

    Location of the private key for client authentication. Only valid if tls is enabled.

  • tls_cert_file (Optional[Stdlib::Absolutepath]) (defaults to: undef)

    Location of the certificate for client authentication. Only valid if tls is enabled.

  • tls_cacert_file (Optional[Stdlib::Absolutepath]) (defaults to: undef)

    Location of the ca certificate. Only valid if tls is enabled.

  • tls_key (Optional[Icingaweb2::Secret]) (defaults to: undef)

    The private key to store in spicified ‘tls_key_file` file. Only valid if tls is enabled.

  • tls_cert (Optional[String]) (defaults to: undef)

    The certificate to store in spicified ‘tls_cert_file` file. Only valid if tls is enabled.

  • tls_cacert (Optional[String]) (defaults to: undef)

    The ca certificate to store in spicified ‘tls_cacert_file` file. Only valid if tls is enabled.

  • tls_capath (Optional[Stdlib::Absolutepath]) (defaults to: undef)

    The file path to the directory that contains the trusted SSL CA certificates, which are stored in PEM format. Only available for the mysql database.

  • tls_noverify (Optional[Boolean]) (defaults to: undef)

    Disable validation of the server certificate.

  • tls_cipher (Optional[String]) (defaults to: undef)

    Cipher to use for the encrypted database connection.

  • import_schema (Variant[Boolean, Enum['mariadb', 'mysql']]) (defaults to: false)

    Whether to import the database schema or not. Options ‘mariadb` and `mysql`, both means true. With mariadb its cli options are used for the import, whereas with mysql its different options.

  • mail (Optional[String]) (defaults to: undef)

    Mails are sent with this sender address.



92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
 
# File 'manifests/module/reporting.pp', line 92

class icingaweb2::module::reporting (
  Enum['absent', 'present']                  $ensure,
  Enum['git', 'none', 'package']             $install_method,
  String                                     $git_repository,
  String                                     $package_name,
  Optional[Stdlib::Absolutepath]             $module_dir      = undef,
  Optional[String]                           $git_revision    = undef,
  Enum['mysql', 'pgsql']                     $db_type         = 'mysql',
  Stdlib::Host                               $db_host         = 'localhost',
  Optional[Stdlib::Port]                     $db_port         = undef,
  String                                     $db_name         = 'reporting',
  String                                     $db_username     = 'reporting',
  Optional[Icingaweb2::Secret]               $db_password     = undef,
  Optional[String]                           $db_charset      = undef,
  Variant[Boolean, Enum['mariadb', 'mysql']] $import_schema   = false,
  Optional[Boolean]                          $use_tls         = undef,
  Optional[Stdlib::Absolutepath]             $tls_key_file    = undef,
  Optional[Stdlib::Absolutepath]             $tls_cert_file   = undef,
  Optional[Stdlib::Absolutepath]             $tls_cacert_file = undef,
  Optional[Stdlib::Absolutepath]             $tls_capath      = undef,
  Optional[Icingaweb2::Secret]               $tls_key         = undef,
  Optional[String]                           $tls_cert        = undef,
  Optional[String]                           $tls_cacert      = undef,
  Optional[Boolean]                          $tls_noverify    = undef,
  Optional[String]                           $tls_cipher      = undef,
  Optional[String]                           $mail            = undef,
) {
  icingaweb2::assert_module()

  $conf_dir               = $icingaweb2::globals::conf_dir
  $mysql_reporting_schema = $icingaweb2::globals::mysql_reporting_schema
  $pgsql_reporting_schema = $icingaweb2::globals::pgsql_reporting_schema
  $module_conf_dir        = "${conf_dir}/modules/reporting"
  $_db_port               = pick($db_port, $icingaweb2::globals::port[$db_type])

  $_db_charset = if $db_charset {
    $db_charset
  } else {
    if $db_type == 'mysql' {
      'utf8mb4'
    } else {
      'UTF8'
    }
  }

  $tls = merge(delete($icingaweb2::config::tls, ['key', 'cert', 'cacert']), delete_undef_values(merge(icingaweb2::cert::files(
          'client',
          $module_conf_dir,
          $tls_key_file,
          $tls_cert_file,
          $tls_cacert_file,
          $tls_key,
          $tls_cert,
          $tls_cacert,
        ), {
          capath   => $tls_capath,
          noverify => $tls_noverify,
          cipher   => $tls_cipher,
  })))

  Exec {
    user     => 'root',
    path     => $facts['path'],
    provider => 'shell',
    require  => [Icingaweb2::Module['reporting'], Icingaweb2::Tls::Client['icingaweb2::module::reporting tls client config']],
  }

  icingaweb2::tls::client { 'icingaweb2::module::reporting tls client config':
    args => $tls,
  }

  icingaweb2::resource::database { 'reporting':
    type         => $db_type,
    host         => $db_host,
    port         => $_db_port,
    database     => $db_name,
    username     => $db_username,
    password     => $db_password,
    charset      => $_db_charset,
    use_tls      => $use_tls,
    tls_noverify => $tls['noverify'],
    tls_key      => $tls['key_file'],
    tls_cert     => $tls['cert_file'],
    tls_cacert   => $tls['cacert_file'],
    tls_capath   => $tls['capath'],
    tls_cipher   => $tls['cipher'],
  }

  icingaweb2::module { 'reporting':
    ensure         => $ensure,
    git_repository => $git_repository,
    git_revision   => $git_revision,
    install_method => $install_method,
    module_dir     => $module_dir,
    package_name   => $package_name,
    settings       => {
      'icingaweb2-module-reporting-backend' => {
        'section_name' => 'backend',
        'target'       => "${module_conf_dir}/config.ini",
        'settings'     => {
          'resource' => 'reporting',
        },
      },
      'icingaweb2-module-reporting-mail'    => {
        'section_name' => 'mail',
        'target'       => "${module_conf_dir}/config.ini",
        'settings'     => delete_undef_values({
            'from' => $mail,
        }),
      },
    },
  }

  if $import_schema {
    $real_db_type = if $import_schema =~ Boolean {
      if $db_type == 'pgsql' { 'pgsql' } else { 'mariadb' }
    } else {
      $import_schema
    }
    $db_cli_options = icingaweb2::db::connect({
        type => $real_db_type,
        name => $db_name,
        host => $db_host,
        port => $_db_port,
        user => $db_username,
        pass => $db_password,
    }, $tls, $use_tls)

    case $db_type {
      'mysql': {
        exec { 'import icingaweb2::module::reporting schema':
          command => "mysql ${db_cli_options} < '${mysql_reporting_schema}'",
          unless  => "mysql ${db_cli_options} -Ns -e 'SELECT * FROM report'",
        }
      }
      'pgsql': {
        $_db_password = icingaweb2::unwrap($db_password)
        exec { 'import icingaweb2::module::reporting schema':
          environment => ["PGPASSWORD=${_db_password}"],
          command     => "psql '${db_cli_options}' -w -f ${pgsql_reporting_schema}",
          unless      => "psql '${db_cli_options}' -w -c 'SELECT * FROM report'",
        }
      } # pgsql (not supported)
      default: {
        fail('The database type you provided is not supported.')
      }
    }
  } # schema import
}