Updated chef-vault usage to 100% completion

This commit is contained in:
Eric Renfro 2017-02-13 00:06:00 -05:00
parent 66ae4ce460
commit e535a6047b
No known key found for this signature in database
GPG key ID: 9A949323CBE78F97
7 changed files with 31 additions and 40 deletions

View file

@ -58,25 +58,6 @@ remote_directory "/etc/zabbix/trap.d" do
action :create
end
if node['recipes'].include?('mongodb') or node['tags'].include?('mongodb')
template "/etc/zabbix/trap.d/mongo26.config" do
owner "root"
group "root"
mode "0700"
source "mongo26.config.erb"
sensitive true
credentials = Chef::EncryptedDataBagItem.load("odhp_credentials", "credentials")
variables({
:users => credentials['mongo']['users'][node.chef_environment]
})
end
else
file "/etc/zabbix/trap.d/mongo26.config" do
action :delete
end
end
# Link live agents to node
node['zabbix']['trap_scripts']['live']['add'].each do |script|
link "/etc/zabbix/trap.d/live/#{script}" do

View file

@ -27,9 +27,7 @@ end
template "/etc/zabbix/zabbix_proxy.conf" do
credentials = chef_vault_item("secrets", "zabbix")
variables({
:DBUsername => credentials['username'],
:DBPassword => credentials['password'],
:DBDatabase => credentials['database']
:credentials => credentials
})
source %W{
zabbix/#{node['zabbix']['version']}/#{node['platform']}-#{node['platform_version'].to_i}/zabbix_proxy.conf.erb

View file

@ -51,9 +51,7 @@ end
template "/etc/zabbix/zabbix_server.conf" do
credentials = chef_vault_item("secrets", "zabbix")
variables({
:DBUsername => credentials['username'],
:DBPassword => credentials['password'],
:DBDatabase => credentials['database']
:credentials => credentials
})
source %W{
zabbix/#{node['zabbix']['version']}/#{node['platform']}-#{node['platform_version'].to_i}/zabbix_server.conf.erb
@ -91,9 +89,7 @@ end
template "/etc/zabbix/web/zabbix.conf.php" do
credentials = chef_vault_item("secrets", "zabbix")
variables({
:DBUsername => credentials['username'],
:DBPassword => credentials['password'],
:DBDatabase => credentials['database']
:credentials => credentials
})
source %W{
zabbix/#{node['zabbix']['version']}/#{node['platform']}-#{node['platform_version'].to_i}/zabbix.conf.php.erb

View file

@ -7,6 +7,8 @@
# Eric Renfro <psi-jack@linux-help.org>
#
include_recipe 'chef-vault'
node.override['zabbix']['trap_scripts']['live']['add'] = []
node.override['zabbix']['trap_scripts']['live']['del'] = []
node.override['zabbix']['trap_scripts']['daily']['add'] = []
@ -39,10 +41,25 @@ end
# MongoDB
#
if node['recipes'].include?('mongodb') or node.tags.include?('mongodb')
node.override['zabbix']['trap_scripts']['live']['add'] += ['mongo26.sh', 'ssl_check_mongo.sh']
node.override['zabbix']['agent_meta'] += ['MongoDB']
node.override['zabbix']['trap_scripts']['live']['add'] += ['mongo26.sh', 'ssl_check_mongo.sh']
node.override['zabbix']['agent_meta'] += ['MongoDB']
template "/etc/zabbix/trap.d/mongo26.config" do
owner "root"
group "root"
mode "0700"
source "mongo26.config.erb"
sensitive true
credentials = chef_vault_item("secrets", "mongodb")
variables({
:credentials => credentials
})
end
else
node.override['zabbix']['trap_scripts']['live']['del'] += ['mongo26.sh', 'ssl_check_mongo.sh']
node.override['zabbix']['trap_scripts']['live']['del'] += ['mongo26.sh', 'ssl_check_mongo.sh']
file "/etc/zabbix/trap.d/mongo26.config" do
action :delete
end
end
###########################################################

View file

@ -1,3 +1,2 @@
mongoUser="<%= @users['mmsagent']['username'] %>"
mongoPass="<%= @users['mmsagent']['password'] %>"
mongoUser="<%= @credentials['username'] %>"
mongoPass="<%= @credentials['password'] %>"

View file

@ -7,9 +7,9 @@ global $DB;
$DB['TYPE'] = 'POSTGRESQL';
$DB['SERVER'] = 'localhost';
$DB['PORT'] = '0';
$DB['DATABASE'] = '<%= @DBDatabase %>';
$DB['USER'] = '<%= @DBUsername %>';
$DB['PASSWORD'] = '<%= @DBPassword %>';
$DB['DATABASE'] = '<%= @credentials['database'] %>';
$DB['USER'] = '<%= @credentials['username'] %>';
$DB['PASSWORD'] = '<%= @credentials['password'] %>';
// Schema name. Used for IBM DB2 and PostgreSQL.
$DB['SCHEMA'] = '';

View file

@ -81,7 +81,7 @@ PidFile=/var/run/zabbix/zabbix_server.pid
# Default:
# DBName=
DBName=<%= @DBDatabase %>
DBName=<%= @credentials['database'] %>
### Option: DBSchema
# Schema name. Used for IBM DB2 and PostgreSQL.
@ -97,7 +97,7 @@ DBName=<%= @DBDatabase %>
# Default:
# DBUser=
DBUser=<%= @DBUsername %>
DBUser=<%= @credentials['username'] %>
### Option: DBPassword
# Database password. Ignored for SQLite.
@ -105,7 +105,7 @@ DBUser=<%= @DBUsername %>
#
# Mandatory: no
# Default:
DBPassword=<%= @DBPassword %>
DBPassword=<%= @credentials['password'] %>
### Option: DBSocket
# Path to MySQL socket.